server configuration management

server configuration management

Post by Zahid Naqv » Thu, 03 Sep 1998 04:00:00



I work in a multiple server(around 50 SUN-Ultra SPARCs) development
environment which is supported by a pool of sys admins, ie sys admins
are not dedicated to specific servers. I am trying to create a
standarization process where configuration of each server is documented
(preferrably on the web) and each of the sys admins is able to update
these documents to report any changes made in the configuration.
If any one is aware of ready made tools which assist in this
functionality I will appreciate this information, sharing of any
experiences in standardizing a large environment as well as suggestions
are also welcome.

thanks in advance
Zahid
P.S. Server configuration management is different from software
configuration management, which is more development focused.

 
 
 

server configuration management

Post by Timothy J. L » Fri, 04 Sep 1998 04:00:00


|I work in a multiple server(around 50 SUN-Ultra SPARCs) development
|environment which is supported by a pool of sys admins, ie sys admins
|are not dedicated to specific servers. I am trying to create a
|standarization process where configuration of each server is documented
|(preferrably on the web) and each of the sys admins is able to update
|these documents to report any changes made in the configuration.
|If any one is aware of ready made tools which assist in this
|functionality I will appreciate this information, sharing of any
|experiences in standardizing a large environment as well as suggestions
|are also welcome.

One methodology involves creating a duplicate of the "system" directories
for each server, except that the duplicates only contain files changed
from or added to the OS distribution files.  Put these duplicates on
a filesystem that is part of your normal backups.  That way, if a reinstall
or OS upgrade is necessary, one will know exactly what needs to be changed
to get the server back to its desired configuration.  When a system
administrator changes a computer's system files, s/he should copy the
changed files into the duplicate area for that computer.

Some tools that might be of interest:

1.  Solaris Jumpstart:  great for being able to easily rebuild a computer
    if it gets trashed, or configure a new computer just like an existing
    computer.
2.  RCS or SCCS:  useful for recording changes in files.
3.  cron:  can be used to auto-copy specific system files from your
    computers into the duplicate area and check them into RCS or SCCS
    in case the system administrator forgets to do so.

--
------------------------------------------------------------------------

Unsolicited bulk or commercial email is not welcome.             netcom.com
No warranty of any kind is provided with this message.

 
 
 

server configuration management

Post by Jim Mellande » Fri, 04 Sep 1998 04:00:00



> I work in a multiple server(around 50 SUN-Ultra SPARCs) development
> environment which is supported by a pool of sys admins, ie sys admins
> are not dedicated to specific servers. I am trying to create a
> standarization process where configuration of each server is documented
> (preferrably on the web) and each of the sys admins is able to update
> these documents to report any changes made in the configuration.
> If any one is aware of ready made tools which assist in this
> functionality I will appreciate this information, sharing of any
> experiences in standardizing a large environment as well as suggestions
> are also welcome.

> thanks in advance
> Zahid
> P.S. Server configuration management is different from software
> configuration management, which is more development focused.

Unless your organization is much more organized than average, there will
be some changed files which slip thru the cracks.  IMO, you should have
an automated way of detecting if any configuration files changed.  What
I would suggest is to investigate 'tripwire'.  It maintains a database
of file checkcodes & flags if any one of them has changed.  It is
primarily designed to find changed files due to hacker action, but could
just as easily be used to track authorized modifications.