Thanks to everyone for their very fast replies.
Basically we were looking for:
a) The ability to have an install server set up, and be able to make
modifications to that install server (patches, security mods, etc.)
before installing other systems using that reference system;
b) Tools for centralized system maintenance once the systems are installed.
It seems the only "stock" solution to (a) is to use pre- and post-install
methods to apply changes to systems installed using the install server,
using Jumpstart with an install/boot server. A but disappointing given that
Linux provides very convenient utilities for implementing such reference
systems, along with the ability to install systems remotely and in parallel.
As for (b), I received the following recommendations:
1. Use NIS/NIS+ or LDAP and NFS with automounter, allowing you to
centralize databases (hosts, auto.{direct,home}, etc.) and enable
access to home directories on all hosts.
We currently are using this...it would be silly to try to manage
multiple systems without it. Currently looking into using LDAP
as a more secure alternative to NIS.
2. Use CVS to keep track of system modifications on a "Gold server"
and have your production boxes sync up with the CVS server on
a periodic basis. Interesting solution, and perhaps a bit more
secure than the rdist/rsync solution.
3. Use rsync;rdist to keep systems in sync with a reference system.
Install patches on remote systems using rsh. All effective but
relatively insecure options.
4. Use Tivoli (www.tivoli.com)
"Tivoli makes a very slick piece of software for doing this..most all
unix flavors as well as M$ OSes. It will push and install packages as
well as patches and make changes across multiple hosts. You can collect
them into groups and perform the action on a group item, then it
propagates to all hosts belonging to that group. Very slick. Their
main rival is Computer Associates which I have never touched. Tivoli
uses kerberos for the auth scheme and can scale to global
infrastructure."
5. HP Open View. For groups with 500+ machines. Way beyond our scope
and way out of our price range.
6. Install and modify a reference system. Then make a dump of the
system partition(s) and restore on other systems to duplicate
the system. Then run installboot. Bill Fay provided commands
to do this.
7. Several recommendations for CFENGINE. A large group at our
University uses this, so we will be looking into this option.
8. An unnamed product from Computer Associates was suggested.
9. Check out archives at SYSADM.COM (SysAdmin Magazine), they
have had articles on this.
10. A product called WSA from Fujitsu Siemens. Administer Solaris
and Reliant UNIX servers, using a Java Explorer-like interface.
Thanks to:
gosselinm@netscout.com
Andrew Sit
Shriman Gurung
ddaugherty@point-one.net
Bill Hebert
Michael Hill
Bill Fay
Jeff Kennedy
Sullivan, Richard
Bertrand HUTIN
>
> I am told this am that our group is having a meeting in 2 hours, and I
> am to give a summary of options for centralized management of
> MULTIPLE (many) Solaris SPARC systems.
>
> I already have a pretty good handle on automated and standardized
> installation of the systems using Jumpstart, but can you build
> a reference system and then use that to install others hosts?
>
> What software options are there for centralized sysadmin? Is it
> possible to have a "reference system" and have that system image
> duplicated to the other hosts? What tools are there for centralized
> system updates, and can these updates be applied easily to all hosts?
>
> Such enterprise-wide system admin is my next learning curve, and
> unfortunately I only have a few hours after which I need to sound
> somewhat intelligent about it. Any pointers, info, and even just
> keywords to search on would be greatly appreciated.
>
> Dave Foster
<< All opinions expressed are mine, not the University's -- duh >>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
David Foster National Center for Microscopy and Imaging Research
Programmer/Analyst University of California, San Diego
dfoster@ucsd.edu Department of Neuroscience, Mail 0608
(858) 534-4583 http://www-ncmir.ucsd.edu/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
S
U BEFORE POSTING please READ the FAQ located at
N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
. and the list POLICY statement located at
M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
A To submit questions/summaries to this list send your email message to:
N sun-managers@sunmanagers.ececs.uc.edu
A To unsubscribe from this list please send an email message to:
G majordomo@sunmanagers.ececs.uc.edu
E and in the BODY type:
R unsubscribe sun-managers
S Or
. unsubscribe sun-managers original@subscription.address
L To view an archive of this list please visit:
I http://www.latech.edu/sunman.html
S
T
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:18 CDT