Bcfg2 collaborative work

Print Friendly, PDF & Email

Dan and I had a conversation about how we work with Bcfg2 in production.

We need to allow for some level of automated updates on servers. We’d like to turn on hourly automatic updates for servers in the “development” deployment-status group.

For “production” and “pilot” we could have a method for the cronjob to do a remote check that it is OK to run. The OK flag would be set centrally on the bcfg2 server and would be queried via a simple lightweight protocol, like a http GET or rpc or maybe just hitting a port successfully. Whatever, the method it should be easy for us to turn it off in a showstopper situation.

Generally we also want to easily trigger updates across a collection or all servers in a forceful fashion. It would then be ideal to make use of the SSH based agent with a combination of the bcfg2 whitelist/blacklist files and/or combination of -b options. This is in addition to manual interactive -I sessions when rolling out non-standard changes. An alternative to this is we could simply make use of the options used in /etc/default/bcfg2 for the cron. We could trigger the update of the cron configuration via the agent or have the just the bcfg defaults file updated regularly, when we want a change to be made in the schedule or what we control. I am currently triggering multiple updates using cssh. I imagine it may also be worth looking at fabric to trigger updates as well. Ed would be happy about this.

In order to make changes without stepping on each others toes or to make longer staged tests and deployments we need to get away from working directly on the PROD_STABLE tag. We need to build a bcfg2-test server and setup bcfg2 instances which live under our own control. We make branches of trunk or PROD_STABLE and work against that instance. When we want to test a change against a live server we use the -S option on the client to point it to our test instance. We then make our modifications and when were happy we commit it back to trunk or PROD_STABLE. We may find the ability to quickly run up multiple instances useful.

About this entry