Large Scale Sysadmin stuff
Whiteboard: Life cycle management
Birth -> Death
- PXE
Scripted Install http://planet.freebsd.org/brd/2012/05/08/scripted-install-of-freebsd-9/ (This link is broken)
- Management (puppet, Chef, CFEngine, Perl)
- Central auth (kerberos)
- Upgrades
- Packages / Bulk builds (pgkng/poudriere)
Brad explains what he does and comments/discussions
- Never do anything only once, everything should be a repeatable process
- bsdinstall not there yet for scripted install; just using a 100lines shell script
- puppet, interest at PC-BSD side
- pkgng to update the base system (binary patches, whatever, ..)
- a bit of security on jail updating
puppet self-update -> no
puppet patches -> port -> upstream (github pull requests)
- kerberos (TODO: docs missing, sparse, needs updated, ...) vs. puppet users setup
- freebsd-udpate works fairly well; scripting freebsd-update; see ezjail-admin; PC-BSD as well; should fix freebsd-update; des: forks for sha256, .., simon: maybe just optimize; maybe just optimize parts and work; etcmerge; error handling is missing; Someone other than Colin should touch it
- build packages in jails for sets of machines; poudriere needs ZFS; rebuilds everything; the pkg upgrade; pkg update
- Need sub-packages for pkg options; PC-BSD builds from source; need a way to build more options; split things up into lots of individual parts instead of all of it in one package
How to manage PXE environments? Have different versions set; PC-BSD 9 has a utility to setup the pxe server, pc-sysinstall config, options to setup, setups NFS, etc.; UoOslo provisioning infos
- pxeboot hangs on nfs_root; timeouts?; no sophisticated error handling; permission denied for example;
- uEFI and IPv6? Not yet an issue with either; pxe still works fine
- PC-BSD what other requests: puppet (see above), truenas, AD/nss_ldap, ZFS boot environments (snapshots in ports tree)/in PC-BSD 9 special boot environments, pc-sysinstall supports it, now supports installing linux into jails
TrueOS, targeting linux users, meet them half-way, ..
- Cambridge: Xen, kerb for auth is fine, krb5 for amd is missing
iX working on NFS v4 things, XinLi maybe doing it, coordinate!