Jeff Larsen wrote:
We are using the free VMware Server on CentOS 4. Almost all of our VMs are CentOS 4 as well. We have 7 VMware hosts with about 40 total virtual machines. It's been a very successful architecture for us.
I'm wondering how the rest of the community is managing updates of root (and other local account) passwords in a virtual sprawl environment (or a physical environment with lots of hosts).
I have read about things like expect, puttycs, centralize with kerberos, etc.
But I'm not looking for "options" here, I want to hear actual experiences! What has worked for you, what hasn't worked? Or do you feel that the chance for failure is to great and the results too catastrophic?
Puppet can control user attributes like passwords quite easily, provided you set it up right. http://www.reductivelabs.com/trac/puppet/wiki/PuppetRedHatCentos
CFengine can as well but not so elegantly as puppet which implements a provider model (users, group, packages, cronjobs etc)