On Sat, 31 Mar 2012 14:25:35 -0600 Stephen John Smoogen <smooge@xxxxxxxxx> wrote: > On 30 March 2012 17:17, Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > Greetings. > > > > Just had a talk with tflink on IRC about the management of the qa > > network machines. Long ago when we setup those machines we were > > thinking we could use them as a testbed for bcfg2 to see if we > > wanted to start using it or if it worked ok, etc. I setup a bcfg2 > > server to try this with, but sadly have never found the time to > > even start configuring it. > > > > Machines involved: > > > > virthost-comm01.qa (real hardware) > > autoqa01.qa (guest) > > autoqa-stg01.qa (guest) > > lockbox-comm01.qa (guest) > > bastion-comm01.qa (guest) > > (someday we may add a sign-bridge-comm01 and sign-vault-comm01 to > > allow secondary archs like ppc and arm to sign packages). > > > > Options: > > > > - Try and push forward with a bcfg2 setup on lockbox-comm01.qa and > > evaluate it. This would be nice, but I'm really not sure anyone has > > the time to do it. > > Actually I think I do have the time to do this. I can start on this > after I get back from recovery.. late next week early week after. > > > - Just add all the above machines to our puppet repo and configure > > them there and call it done. This would mean they wouldn't be > > seperate from us and we just update and configure and monitor them > > like any other machine. > > > > - Try and work out some setup with ansible or the like to see if it > > could manage them. Again, this would be a learning and tweaking > > curve, so not sure we have the time. > > I actually would like to pursue this over bcfg. I don't think we have > any bcfg experts but we do have ansible experts. > > So > > a) I give bcfg2 a go and see how it looks. Report back by end of 3rd > week of april. > b) I then work on ansible. and see if it is better/harder/easier than > bcfg2. > > or > > a) I just go for ansible and give bcfg2 the heave ho? > One concern I have with bcfg2 is lack of momentum. Since, for all intents and purposes it is just puppet but in python. One of the reasons I've been looking so hard at ansible is simple - it doesn't require a client-side. It's all push-based. From a logging and quietness-standpoint it should be significantly better especially for our environment where if a host cannot reach lockbox01 we know we cannot do anything else. -sv _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure