Les Mikesell wrote:
nate wrote:
Yes, but if you have to manage the details anyway I'm having trouble seeing the value of an abstraction - and having to understand both the details and the abstraction. Do the tools give you an easy way to reliably repeat someone else's detailed process without having to understand it?
It's kind of hard to put into words I admit. This article may help
http://www.linux-magazine.com/w3/issue/101/Cfengine.pdf
As far as repeating someone else's detailed process, you have to convert the process into the cfengine(or puppet) language.
You can see an example here, this is a pretty old config from my last company - http://portal.aphroland.org/~aphro/oracle_server.conf
and another: http://portal.aphroland.org/~aphro/mysql_server.conf
My configurations have advanced significantly since -
http://portal.aphroland.org/~aphro/redhat.conf (the above config is automatically applied if the system is detected as being redhat based be it fedora, centos, rhel)
You can probably get the idea that trying to accomplish something similar using the basic traditional methods winds up becoming unmanageable pretty quickly.
CFengine(and puppet I'm sure) define many classes on the fly allowing you to do dynamic things like configs based on IP subnet, host name, domain, time of day, day of week, other date parameters, tons of variations on the OS type, 32/64-bit etc.
I think scaling is the general topic here. I don't scale well enough to deal with learning a new language/protocol/toolset for every single configuration setting - and especially with variations per vendor. But those are the real-world configuration problems.
Which is probably why it's pretty common for organizations to standardize on a subset of infrastructure vendors for exactly the problems you raise. And often times there are different people or teams responsible for different operating systems, linux/unix folk often don't touch windows and vise versa. Bigiron people often don't touch either.
Myself I am focused on linux of course, I support 5 different systems at the moment, centos 4,5 32 and 64bit and fedora 8 32-bit(NTP servers only). I haven't deployed any new Centos 4 systems in a while. But I still need to make sure all of the software I push that is important at least has 4 or 5 different versions and the appropriate version is installed depending on the OS.
At my last company I supported about 8 different flavors, combine that with the fact they ran Ruby on rails and I had to custom build a couple of dozen Ruby modules into RPMs, that was a headache. And no I didn't trust to use the Ruby auto installer stuff, I wanted to ensure the same version was installed everywhere. Too many times the developers relied on the community stuff and the site would be down on occasion or they would get automatically upgraded which broke stuff etc.
I have 107 source rpms at the moment that I build for all of my systems.
I feel for ya if you have to support both windows and linux, I used to have to do that myself, but fortunately got out of that rut years ago. People don't even come to me with windows questions anymore because I'm so out of touch with it. Only so many brain cells and I'd rather spend them on more valuable things(networking, storage, virtualization, HA, scalability etc)
nate