Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Is gentoo more expensive than red hat?
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
Maedhros
Bodhisattva
Bodhisattva


Joined: 14 Apr 2004
Posts: 5511
Location: Durham, UK

PostPosted: Tue Apr 25, 2006 4:05 pm    Post subject: Reply with quote

instance wrote:
Does anyone know of something out there that's even close to this? As a back-burner project it may be a while before I can work on it some more.

I think libconf is a project that could allow you to do something like this: http://libconf.net/.
_________________
No-one's more important than the earthworm.


Last edited by Maedhros on Tue Apr 25, 2006 4:07 pm; edited 2 times in total
Back to top
View user's profile Send private message
ty
n00b
n00b


Joined: 17 Feb 2004
Posts: 9
Location: Corte Madera, CA USA

PostPosted: Tue Apr 25, 2006 4:05 pm    Post subject: Support for bleeding edge apps Reply with quote

Another important consideration is support for current versions of various apps.

I run gentoo, debian, centos, rhel, suse, and freebsd servers for several clients. I work mostly for software developers, so often times apps need to be at current release revision or higher (like apache22, mysql51, etc). I inevitably end up doing some tweaking to get things working just right. Then when it's time to do an update, well, sometimes they break. In this case gentoo really pulls ahead due to the forums. 90% of the time someone else has fixed the problem and described it here.

RedHat and suse support are great if you are running an app straight out of their disribution with no changes. If it's something that you had to custom build to get a more recent version, oh well, not their problem.

Debian is OK as well, but the help that is available is not concentrated like it is here.

I always start with the apps I need to run on a server and see how recent they are, how well maintained they appear to be on various distros, and then choose a distro based on which group of developers is most active. Often gentoo wins this analysis.
Back to top
View user's profile Send private message
Syntaxis
Guru
Guru


Joined: 28 Apr 2002
Posts: 511
Location: London, UK

PostPosted: Tue Apr 25, 2006 4:30 pm    Post subject: Reply with quote

reversefold wrote:
Upgrading to a new major version of Debian or RedHat was always a huge pain (and continues to be by what I hear).

Debian has officially supported upgrading from one stable release to the next since at least 1998 (Bo --> Hamm). Unlike Gentoo, it'll also migrate your config for you.

reversefold wrote:
In addition to that Gentoo has dispatch-conf, which is a huge time saver. It's very easy to quickly glance over changes and simply let the new versions override the old ones for anything I've never touched (and it usually does this for me) and it's generally not hard to use its simple merging capabilities for the files that I do edit.

Again, other distributions have had this functionality for years. In Debian, for instance:

Code:
Configuration file \`$dest_file'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
    3 or T  : show a thre way difference between current, older,
              and new versions of the file
      M     : Do a 3 way merge between current, older,
              and new versions of the file [Very Experimental]
      Z     : start a new shell to examine the situation
 The default action is to keep your current version.

_________________
The Debian User Forums - help them grow!
Back to top
View user's profile Send private message
letoff
Apprentice
Apprentice


Joined: 04 Mar 2004
Posts: 163
Location: root in Paris, windsurfer in Brest

PostPosted: Tue Apr 25, 2006 4:56 pm    Post subject: Reply with quote

drakkan wrote:
With glep19 gentoo will be the best distro out of there ..., however this is only my point of view

And it's mine too. 8)

Headrush wrote:
As someone already said, just because a newer version is marked stable, you are no obligation to make this upgrade.

This is simply not true. Take Apache for example. There was a pretty big change in the layout 6 months ago. Now what happen if you've not emerged this new version and need to do it now because of a security flaw? And this is also true for a lot of packages on a server. The only way to deal with a version of a soft without installing a new one when a glsa is out, is to maintain your own overlay and to apply patches by yourself wich is a lot of work and the exact purpose of GLEP 19. With Debian, all this work is done by the developpers.
Now feel free to disagree. :)
_________________
Gentoo won't be suitable for server's use until GLEP 19 is alive.
Back to top
View user's profile Send private message
Joseph_sys
Advocate
Advocate


Joined: 08 Jun 2004
Posts: 2405
Location: Edmonton, AB

PostPosted: Tue Apr 25, 2006 7:08 pm    Post subject: Reply with quote

Ast0r wrote:
Ok, there are a few major problems with your arguement.

1.) Trying to argue configuration and version incompatibility as a Gentoo issue is ridiculous. Incompatibilities between Mysql 4.0 and 4.1 are a Mysql issue, not a Gentoo one. Also, just because RHEL doesn't tell you that you need to merge your config files doesn't mean that you don't need to. Often, installing from an RPM will wipe your config files completely and replace them with the new ones. In that respect, Gentoo is "smart".
[snip]


That is the main reason I switched to Gentoo from Mandrake etc. With any other major distro they work fine between major upgrades. But to do a major upgrade most of them need new re-install and it was very time consuming especially when you are running a package that need custom configuration. In order to make it work smooth sometime the only option was to backup your date and reinstall from scratch.
With Gentoo there is no such thing, any major package upgrade be it Apache, PHP etc is a snap; well described in documentaion-howto, not to mention Gentoo has one of the best forum support from ALL DISTROS.
_________________
#Joseph
Back to top
View user's profile Send private message
Ast0r
Guru
Guru


Joined: 11 Apr 2006
Posts: 404
Location: Dallas, Tx - USA

PostPosted: Tue Apr 25, 2006 8:15 pm    Post subject: Reply with quote

letoff wrote:
This is simply not true. Take Apache for example. There was a pretty big change in the layout 6 months ago. Now what happen if you've not emerged this new version and need to do it now because of a security flaw? And this is also true for a lot of packages on a server. The only way to deal with a version of a soft without installing a new one when a glsa is out, is to maintain your own overlay and to apply patches by yourself wich is a lot of work and the exact purpose of GLEP 19.

I don't recall Apache breaking or failing to upgrade on any of my servers 6 months ago; are you sure it hasn't been longer? Apache2 maybe?
Back to top
View user's profile Send private message
ping-uino
n00b
n00b


Joined: 19 Nov 2005
Posts: 40
Location: Italy

PostPosted: Tue Apr 25, 2006 9:26 pm    Post subject: Reply with quote

Gentoo is distibution of choises, then you have to choose in which way you want to mantain your servers...

Personally i got a few servers and everyone of this server is unique in configuration and software installed; without use flags i should compile packages myself with a lot more of effort.
I tried RedHat but when you need particular configuration there's no luck you need the old way: compiling.
Debian? The stable tree is stable, sure, but not very updated (and sometimes new features resolve many problems) if you switched to testing tree you got the problems of testing packages.
Then?
The choise for me is one: Gentoo.
With Gentoo i finally have the automation to choose what is right for me.
And i prefer little step every day (update packages) than a big jump one day (upgrade entire enviroment).

I agree with some of you when you say that some work have to be done...
* GLEP19 is a good idea
* etc-update is not very smart
* a common way to deploy configuration it would be nice
* many init files haven't the "reload" feature
* sometimes configuration of application differs from the original one (the old apache style is an example)
* some use_flags are obscure and undocumented (and don't post the useless link of the list of use flags)
* and others things


Well, it's only my humble opinion. :-)
_________________
#ping -Ui 1 -n 0
(sorry for my bad english... my italian is far better!)
Back to top
View user's profile Send private message
Aperculum
n00b
n00b


Joined: 25 Aug 2005
Posts: 34
Location: N 64° 58', E 25° 19'

PostPosted: Tue Apr 25, 2006 11:20 pm    Post subject: Reply with quote

How about a use flag which tells if you want conf files to be updated too

I hate it when baselayout update erases all my confs like hostname and clock settings :/

I like Gentoo anyway :)
_________________
(\ /)
(O.o)
(> <)
This is Bunny. Copy Bunny into your signature to help him on his way to world domination
Back to top
View user's profile Send private message
daemonflower
Apprentice
Apprentice


Joined: 17 Jul 2004
Posts: 290

PostPosted: Wed Apr 26, 2006 8:30 am    Post subject: Reply with quote

It's not exactly a constructive argument about Gentoo I have to make, but:

If you want Gentoo's flexibility combined with the stability of enterprise-oriented distros, you can use FreeBSD.

I've used it for years, and never (OK, almost never) had any trouble with software upgrades.

Granted, the ports system is not quite as clever as portage. But the only downside I experience is that upgrades take longer (portupgrade's way of collecting port info is quite braindead, and portmanager handles them only marginally better - compared with emerge they suck badly).

Last not least, FreeBSD has over a decade of use as enterprise server OS. More than any of those Linux Enterprise Editions.

Just my 2 cents. Of course I'd prefer making Gentoo ready for the server, but as long as that isn't an option...
Back to top
View user's profile Send private message
letoff
Apprentice
Apprentice


Joined: 04 Mar 2004
Posts: 163
Location: root in Paris, windsurfer in Brest

PostPosted: Wed Apr 26, 2006 11:29 am    Post subject: Reply with quote

Ast0r wrote:
I don't recall Apache breaking or failing to upgrade on any of my servers 6 months ago; are you sure it hasn't been longer? Apache2 maybe?

Yes, it was Apache2, 7 or 8 months ago.
_________________
Gentoo won't be suitable for server's use until GLEP 19 is alive.
Back to top
View user's profile Send private message
IlonaGarland
n00b
n00b


Joined: 02 Sep 2003
Posts: 10
Location: Vienna, Austria

PostPosted: Wed Apr 26, 2006 1:04 pm    Post subject: Reply with quote

I'm using Gentoo since ~4 years, did setup and run in sum approx. 10 servers, next to ~5 Windows Machines and 2 RedHat Servers (no more tho).

Regarding the Question if Gentioo more expensive than RedHat.

Yes:

The packages of RedHat are well done and really stable, support is ok. You have way less work to integrate updates, the config file etc-update can be a nightmare sometimes (I only use graphical diff tools for bigger updates, like apache or postfix).

If you run a REAL mission critical software there's no way to avoid an OS with tight support contacts. That doesn't mean you can only go for RedHat or Windows, but you need a Company that does a great Support job.


No:

The two RedHat Servers I did run were after 4 years so bloody outdated that I didn't trust them anymore. I would have to update across two RedHat Versions.. which I didn't like.

So.. there's this Gentoo Server.. 5 years old.. in perfect shape and uptodate. Or let me put it like this: As for me I want to be uptodate and feel secure, I don't want to install an fullscale OS upgrade 'over an older version'. I only want to use CDs when there's a new hardware and it's time to replace the machine itself.

If you run a server which can go down once in a while for a few mins and you got the time to review every update Gentoo is perfect.


I believe on the real long run Gentoo pays back. During the past 5 years I learned so many Linux things, simply by the transparent update processes and the ability to use the USE Flags to add new features quickly. Once Portage is faster, A brief report (the *-Messages) will be stored in a logfile for review (after a -upD world) and you can revert updates (in case php didn't compile correctly) I'm as happy as I can be - for a Sysop :)


ps: the Gentoo community is worth more than every commercial license I had to pay.

best,
Ilona
_________________
graphics artist / co-sysop of Console++
[http://serialkiller.org/]
Back to top
View user's profile Send private message
fugutux
n00b
n00b


Joined: 26 Apr 2006
Posts: 1

PostPosted: Wed Apr 26, 2006 1:57 pm    Post subject: re: is gentoo more expensive than red hat? Reply with quote

*** for us that want to use gentoo in enterprise environment, (min. 50 server units or more):

how about having something like for example ACCEPT_KEYWORDS=$ARCH-SOMETHING where SOMETHING is something like server, secure, security og "whatever_suitable" which makes the "emerge update" task more attractive for us enterprise sysadms that have responsibility for hundreds og serverunits.
Back to top
View user's profile Send private message
Maedhros
Bodhisattva
Bodhisattva


Joined: 14 Apr 2004
Posts: 5511
Location: Durham, UK

PostPosted: Wed Apr 26, 2006 2:01 pm    Post subject: Re: re: is gentoo more expensive than red hat? Reply with quote

fugutux wrote:
how about having something like for example ACCEPT_KEYWORDS=$ARCH-SOMETHING where SOMETHING is something like server, secure, security og "whatever_suitable" which makes the "emerge update" task more attractive for us enterprise sysadms that have responsibility for hundreds og serverunits.

This is pretty much GLEP 0019, but it's been around for a while and doesn't seem any closer to happening. There are discussions about it all over the place though (including this thread :wink: ).
_________________
No-one's more important than the earthworm.
Back to top
View user's profile Send private message
qnetjoe
n00b
n00b


Joined: 04 Mar 2005
Posts: 3
Location: Colorado

PostPosted: Wed Apr 26, 2006 6:06 pm    Post subject: Reply with quote

This conversation if one that never ends, but lets focus our energy toward improving gentoo of we don’t have to complain that this distro does this.

As for the stability subject, if you know what you are doing it should not be an issue. We have used gentoo since the 1.2 release on our servers and our clusters are approaching 4 years of uptime with the oldest hardware in the clusters being less than two years old. The cluster and all the other gentoo boxes are rock solid. If you delta phase your roll outs stability should never be a problem.

I am personally reasonable for 38 servers and ~160 workstations all running gentoo. There are another 60 servers (all running gentoo), ~600 Win NT/2000/XP Workstations shared between myself and three others. Here are some of my coworkers and mine ideas for improving the portage system.

1.) Portage Upgrades

The following upgrades to portage would be really nice to help us enterprise admins.

1-a) Scp support for make.conf

It would be really nice to have some parameters (PORTAGE_OVERLAY)in make.conf to be able to grab directories from other machines. Example: (from make.conf

PORTAGE_OVERLAY=”host:/path/to/overlays/”

1-b) Database support for make.conf

It would be really nice to store parameters (use flags) in make.conf in a database.

1-c) Config File revision support

After being blindsided by the apache2 config file change over. It would be nice if the files in /etc/conf.d/ have some sort of config_revision_standard=”x”. That way many of us running the older configs could change this to the standard we were on without having to redo our configs at that exact time.

1-d) Routine Maintenance parameters.

The size of /usr/portage/distfiles and /var/tmp/portage grows at an amazing rate. A parameter of max_distfile_size and max_portage_tmp_size would be nice. I use an nfs mount across my network for these directories. I cleared them out the other day and it cleared ~400GB from the array!

2.) Network Portage App.

A network app to compliment portage would be great. This app could help remove some of the really ugly scripts from my home dir. Here are some of the ideas I have for it. Based on experience, a web based solution is the easiest to roll out and work with.

2-a) Machine management.

Have this app store info about the machines like /proc/cpuinfo. If it did things like graph load averages, that would be even better. Boot, shutdown and restart from lan would make it a killer app.

2-b) System groupings

It would be awesome if this could group some of the servers and/or workstations together and enforce system images across groups.

Right now, I have a system/scripts that does a stage 1 install and emerges every app installed on every workstation and makes a system image. When the image is complete I image every workstation. Combine this with scripts that try to keep the same packages every on every workstation. I have a ghetto solution, but an app that does this same thing gracefully would make every enterprise admin really happy.

2-c) Configuration Management with database/cvs support.

Having the system store config files in a database would be really nice. Global config options would be nice (i.e. have the same file or parameter across a group(s) ). If it had a way to parse the configs from the database so we can use global files and parameters like “hostname” or “system_eth0_ip” in the configs would be really nice. Combine this sort of cvs system and we have new gentoo’s killer app.


Those are my ideas. Go Gentoo!
_________________
Joe Daily
+=====================+
| May the Source be with you ... |
+=====================+
Back to top
View user's profile Send private message
namo
n00b
n00b


Joined: 29 Jun 2004
Posts: 28
Location: Berkeley

PostPosted: Thu Apr 27, 2006 7:40 am    Post subject: Reply with quote

Disclaimer: I am not a sysadmin :)

It seems to me that 1-d) can easily be done with a script+cronjob. Probably 1-a) too.

And 2-a) seems completely out of portage's scope.

Most of these ideas are interesting, but I fear they need very motivated Gentoo hackers or a company backing them.
Back to top
View user's profile Send private message
massctrl
Apprentice
Apprentice


Joined: 19 Mar 2004
Posts: 156

PostPosted: Fri Apr 28, 2006 9:51 am    Post subject: Reply with quote

qnetjoe have a look at:
http://www.openqrm.org/
http://www.cfengine.org/
Those two apps meet some features you are looking for.

What would be nice IMHO:

    Portage sitting in a mysql environment officially supported by the gentoo development team.
    Adoption of the gentoo project by an university or another educational financial healthy institute. (yeah yeah, I'm gonna get shot for this one :roll: ) Licensing stays the same of course.
    An emerge parameter that skips packages which need a manual intervention to make them work.

Just my 2 cents
Back to top
View user's profile Send private message
Santiago_de_Mayo
n00b
n00b


Joined: 10 Oct 2003
Posts: 23

PostPosted: Fri Apr 28, 2006 7:27 pm    Post subject: Reply with quote

I'll weight in my my 2 cents. I've been running around 20-25 servers the oldest of which has 959 days. On all of them I use strictly glsa-check -f new. It has worked pretty well. There are hiccups, yeah, but they are usually package hiccups, like mysql or openldap (bane of my existence, really), most of my packages are very very old, and most of them are no longer even in portage. That's cool though, because, I just want the thing to work like it was originally installed, but cover packages that have security vulnerabilities, no feature adds until the hardware wears out, then it's upgrade time. So basically for me, one install of gentoo works for the life of the hardware.

So far so good. I sleep easily at night, and like I said, I've only had client issues with openldap which seems to break every other week.
Back to top
View user's profile Send private message
Syntaxis
Guru
Guru


Joined: 28 Apr 2002
Posts: 511
Location: London, UK

PostPosted: Fri Apr 28, 2006 9:29 pm    Post subject: Reply with quote

Santiago_de_Mayo wrote:
That's cool though, because, I just want the thing to work like it was originally installed

Gentoo maintainers generally leave managing their software's config up to the admin, unlike Debian, RHEL, CentOS et al. Software may have its default behaviour changed between even minor revisions, its configuration options changed/merged/renamed/deprecated, etc.

Santiago_de_Mayo wrote:
but cover packages that have security vulnerabilities

You're most likely not covered, since you say that many of your packages are ancient and aren't in portage any more. If there's a security bug that affects only your older version and not the one in the portage tree, you're screwed. The Gentoo security team won't release a GLSA about it since it no longer affects Gentoo proper.

Santiago_de_Mayo wrote:
no feature adds until the hardware wears out

GLSA-check doesn't give you this functionality. Security updates aren't backported; you get the fix and every other change in the diff between the installed version and the latest in portage. If your packages are as old as you claim, this diff is likely to be massive, and some of those changes are bound to be "feature adds".

Don't get me wrong - I'm sure Gentoo is good enough for your needs despite these shortcomings, but it makes sense to tout it on its actual strengths rather than areas where it's weaker than the competition.
_________________
The Debian User Forums - help them grow!
Back to top
View user's profile Send private message
Santiago_de_Mayo
n00b
n00b


Joined: 10 Oct 2003
Posts: 23

PostPosted: Sat Apr 29, 2006 11:31 am    Post subject: Reply with quote

I just re-read you post, and I think I understand what you're saying: Let me see if I get this straight. I have a version foo-1.0 in my gentoo distro. foo is still in portage, but my foo-1.0 has rolled off the back end of portage without a security problem. foo-2.0 and up have not had any security issues, but suddenly a year later someone discovers a problem with foo-1.0, but since it's not in portage, no one does anything. I'd say this is more of an end of life issue than anything else. Also, most security problems discovered are ancient and appear in recent versions as well. Hence, most likely the vulnerability would affect foo-2.0 as well so an upgrade foo-1.0 to at least foo-3.0, and glsa-check would still catch it even if my version was old.

Anyway, here was my original post.

I think you misunderstand me. "Packages not in portage" means that a particular _version_ installed is not in portage. The software is in portage, but my version is old. A glsa-check would have upgraded it if it had any issues. For example, I have an old version of foo, but every version of foo-2.0 and below has a security vulnerability. A glsa-check would say, upgrade foo to at least foo-3.0. My version gets upgraded. Generally, it wouldn't require any other dependencies so just that little package gets upgraded. If foo-3.0 introduces instability in my system because now bar-2.0 doesn't run, well that's up to me to fix (and like I said, it HAS happened... not frequently, but it has).

As far as being backported, from my understanding, glsa-check generally just installs the most recent package without the vulnerability. There is no actual need to backport. Since everything is source, I can happily compile against my existing libraries and just upgrade the package in question without breaking the whole system.

I suppose backporting is important for things like kernels and packages where you have a very specific need for a particular version. In the case of the kernel you may need a particular proprietary vendor module to run a specific piece of hardware. A security problem would have to be backported to your kernel version so that you may keep running your slow moving proprietary module. If it's a software package, say your custom php front end, and it relies on a specific functionality of ldap 2.1 that breaks in 2.2 (as happened to me). I was SOL because, you're right, there's no backport of security patches to 2.1. I cursed, I screamed, I cried, but I rolled with the punches, made the required changes to my application and just moved on. All said, I'd still choose gentoo over redhat, centos, and anything else, even though gentoo has a lot of room to improve.

As long as you do a glsa-check every day barring actual errors on the part of the community, you're not going to miss anything as you go along, but as always, make sure you lock and load and watch your lane for targets.


Last edited by Santiago_de_Mayo on Sat Apr 29, 2006 9:39 pm; edited 1 time in total
Back to top
View user's profile Send private message
Hrk
Tux's lil' helper
Tux's lil' helper


Joined: 24 May 2003
Posts: 88
Location: Rome, Italy

PostPosted: Sat Apr 29, 2006 5:15 pm    Post subject: Reply with quote

IlonaGarland wrote:
[...]Once Portage is faster, A brief report (the *-Messages) will be stored in a logfile for review (after a -upD world) and you can revert updates (in case php didn't compile correctly) I'm as happy as I can be - for a Sysop :)


I second that.
And I third that.
And I fourth that.
And you can go on as long as you want to count, I'll agree with what I quoted.

Portage's 50-52% nightmare, critical messages like "hey, this ebuild screwed your conf, be sure to call some_unknown_command with_parameter_you_wont_guess and_another_secret_parameter_lol" appearing at the end of "emerge xxx (1 of 60)" are what makes me feel ill (the latter more than the former).

What makes it worse is that they've been an issue for portage since I first installed Gentoo years ago, yet, they're still there. But, hey!, we got funny sentences in place of the boring "|/-\" spinning thing...

Regarding the reverted updates... I think that may not be really easy. It can be done manually, by making a binary package of your currently installed package, but what about the configuration? A tbz2 of /etc, just in case? :-)

There could be a FEATURE (people, please, don't mess USE flags and FEATURES!) which automatically builds a binary package of the currently installed package, plus all of the currently existing configuration files (not the prebuilt ones).
You could go back anytime or do a manual emerge "--clean-revertables" to delete such packages.

Could it work? Is it already covered in a GLEP?
Back to top
View user's profile Send private message
loki99
Advocate
Advocate


Joined: 10 Oct 2003
Posts: 2056
Location: Vienna, €urope

PostPosted: Sat Apr 29, 2006 7:06 pm    Post subject: Reply with quote

Hrk wrote:

Portage's 50-52% nightmare, critical messages like "hey, this ebuild screwed your conf, be sure to call some_unknown_command with_parameter_you_wont_guess and_another_secret_parameter_lol" appearing at the end of "emerge xxx (1 of 60)" are what makes me feel ill (the latter more than the former).


Take a look at version 2.1.x of portage.
Back to top
View user's profile Send private message
PT_LAmb
Guru
Guru


Joined: 22 Apr 2002
Posts: 332
Location: Lisboa (Lisbon), Portugal

PostPosted: Tue May 02, 2006 8:45 am    Post subject: Reply with quote

There's a new project in town to help configure, install and replicate Gentoo machines, Scire. Check it out! Could be usefull for enterprise admins.
_________________
SETI@Home - http://setiathome.ssl.berkeley.edu/
Back to top
View user's profile Send private message
simishag
n00b
n00b


Joined: 22 Apr 2005
Posts: 4

PostPosted: Fri May 05, 2006 7:30 pm    Post subject: Reply with quote

drakkan wrote:

Yes I do so for long time compile package such as glibc and gcc, however a compilation machine is a cost in the business world actually the compilation machine is my home pc,

I think isn't a good idea have a busy mailserver or database server compile for hours


This is a red herring. You've already stated that you manage 20 servers. Are you really going to tell us you can't justify ONE extra server, as a stable build environment that you aren't running production services on? We're talking about, at most, an additional 5% cost, perhaps much less if you strip down the compilation machine to the essentials (all you really need is the same CPU type). This is a cost that should really be figured in up front. It seems a little silly to spend your entire budget on production servers and then complain when you have no money left over for your test environment. If you don't include this cost, you'll pay for it anyway in the form of greater downtime as you're forced to test changes on your live servers.

I have a server farm of 15 basically identical Gentoo servers, for the explicit purpose of research into infrastructure management. One server is the build server, while all the rest are "live" (production) servers. If I need to install a package, I emerge it on the build machine, then I run a script that ssh's to each real machine and runs "emerge -K". All this requires is a shared portage setup and "buildpkg". Config management & post-install commands are only slightly more complex. Figure it out on the build server, then write a script that can make the changes on each real server. Put the script on an NFS share and ssh to each host to run the script. Larger stuff like Apache configs is stored in SVN, with perhaps an associated "fixup" script to insert hostnames or IP addresses.

Managing large infrastructures requires some attention to detail, as well as auxiliary systems to manage the main infrastructure. I won't comment on other distros but Gentoo is quite usable in this area, and in fact provides extensive features (use of alternate/additional portage trees, binary packages, /etc/portage) that allow system configs to be tightly controlled, which is essential to infrastructure management.
Back to top
View user's profile Send private message
simishag
n00b
n00b


Joined: 22 Apr 2005
Posts: 4

PostPosted: Fri May 05, 2006 7:45 pm    Post subject: infrastructures.org Reply with quote

While I'm thinking about it...

Anyone who manages a large infrastructure (10+ servers) needs to read:

http://www.infrastructures.org/

Excellent theoretical overview of infrastructure management.
Back to top
View user's profile Send private message
instance
n00b
n00b


Joined: 22 Jun 2004
Posts: 27
Location: Toronto, Canada

PostPosted: Tue Jun 13, 2006 5:18 am    Post subject: Reply with quote

Thanks, Maedhros for the link to libconf.net... it was... a start. I have, however, decided to put my coding where my wish list is and have just released an alpha version of ConfigPatch. It's Python code that reads Apache or INI sytyle configurations, uses a crude command language to make changes to the configuration, and writes it back out again. So far I have it handling my configuration changes for Apache, PHP, and MySQL. It's not the most elegant piece of code, but it's getting the job done. More information at http://www.abivia.com/oss/configpatch/. Feedback (and contributions!) welcomed.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum