Re: best software for managing multiple freebsd & linux machines ?

From: David Christensen <dpchrist_at_holgerdanske.com>
Date: Sun, 10 Oct 2021 21:49:23 UTC
On 10/10/21 13:40, tech-lists wrote:
> On Sun, Oct 10, 2021 at 12:20:29PM -0700, David Christensen wrote:
> 
>> I have a SOHO network that I administer using SSH, Vim, CVS, various
>> userland tools, and homebrew scripts (Bourne, Bash, and Perl).  The most
>> important element is a networked version control system.
>>
>> If and when I need to administer many machines, I will learn a
>> configuration management tool (most likely Ansible, because it is
>> recommended by MWL).
> 
> Thanks for this. After looking at puppet for an hr or so, it's looking
> to me like it's a tad too complex for my needs right now. But it might
> be useful in eg having to restart a load of servers without logging into
> each one via ssh.
> 
> I'm looking at sshfs atm - could make a dir for each machine and sshfs
> into each from the host using keys. At least the sshfs way is not having
> to run servers that would not otherwise be run. I can't restart services
> this way though.


I use sshfs(1) to mount LAN machine filesystems (read-only) onto a 
sysadmin workstation (Debian 9), when I want to burn files to optical 
disk (e.g. archives).


I can see how mounting multiple host filesystems with sshfs(1) would be 
useful for comparing configuration settings (e.g. files).


But, I do not use sshfs(1) for administration (e.g. editing system 
configuration files).  I use SSH, Vim, and a networked version control 
system (CVS):

1.  On each machine, I create a CVS project named after the host:

	dipsy.tracy.holgerdanske.com

2.  I check out a CVS working directory under root's home directory:

	/root/dipsy.tracy.holgerdanske.com

3.  Inside the working directory, I create a plaintext log file for my 
notes, console sessions, etc., and check it in:

	/root/dipsy.tracy.holgerdanske.com/log.txt

4.  I also create a plaintext file listing all of the packages I have 
installed, and check it in:

	/root/dipsy.tracy.holgerdanske.com/packages

5.  I can create additional child directories as required, add content, 
etc., and check them in.

6.  I must be careful to choose CVS working directory file and directory 
names that do not conflict with anything in the host root directory.

7.  When I want to edit or delete a system configuration file (for 
example, /etc/hosts), I copy the live file into a parallel directory in 
the CVS working directory, and check in the file:

	/root/dipsy.tracy.holgerdanske.com/etc/hosts

8.  When I am done working on the file, I check in the final copy. 
Similarly, I check in any created files.

9.  I can use diff(1) to verify that the live system configuration files 
and the CVS project working directory files have identical contents:

	2021-10-10 14:27:39 root@dipsy ~/dipsy.tracy.holgerdanske.com
	# diff -r / . | grep -v Only


I am using the tools at a basic level, which means minimum learning 
curve, minimum typing, etc., but I am getting a lot of benefit.  :-)


The above workflow is a huge improvement over my previous ad-hoc 
processes using rsync(1), scp(1), cp(1), sneakernet, etc..  Most 
notably, the former processes were error-prone.  The most obvious 
challenge with using a networked version controls system is "what do you 
do when the network and/or the version control server go down?".


David