0

this is a general question about deploying and maintaining nodes. I am not a sysadmin.

I am considering the following 'naive' strategy:

  1. Pick a linux flavor and stick to it.
  2. Create an image with my linux flavor.
  3. Install my application, scripts and all packages on the image.
  4. Strip all unnecessary packages and applications.
  5. Configure security (blocking ports, monitoring tools).
  6. Backup my image.
  7. Copy my image on each new node when necessary.
  8. Install security updates (eventually create an updated version of my image).
  9. Run set-up scripts + configuration.

Is that common practice? Is there a better strategy? Are there any additional angles I should think about?

Jérôme Verstrynge
  • 4,747
  • 7
  • 23
  • 34

3 Answers3

2

It sounds like you are a prime candidate for a cloud-based computing solution. I would investigate using something like Amazon's EC2, which automates all of the steps you listed down to the click of a button. And don't restrict yourself to just EC2, there are plenty of competitors out there.

But yes, in short, that is a fairly common practice.

David Bishop
  • 336
  • 1
  • 2
1

You might revise step 1. You are limiting your customer base. You could limit the set of distributions supported, but I wouldn't go for just one.

For application distribution I would provide packages in a format native to the OS of the nodes. Application update would be a simple package update then, which is as easy on sysadmin as it can be.

If you want to prepare a whole environment, from the OS level up, you have 2 options. You might prepare a VM file in a chosen format (or formats). Then you would have to prepare the whole environment, from the OS up.

Or you might prepare an automated-install system/image (using the distributions native non-interactive installation system, or combine it with e.g. xCat), which would deploy a complete OS, configure it, and then load your application on top.

Paweł Brodacki
  • 6,451
  • 19
  • 23
  • About step 1, my idea is that if I stick with one linux flavor, I reduce complexity. If the system fails, it will always fail the same way with this OS. My end users don't have access to the image, this is only for internal deployment. – Jérôme Verstrynge May 12 '11 at 12:34
1

You could try tools like SystemImager which supports PXE Multicast distribution and even bittorent protocol to disitrbute changes. If you need to spawn many nodes at a time bittorent is tempting but beware, you could bring some switches/routers to their knees if you don't pay attention.

Add puppet or Chef to the mix to manage packages/config files/websites and you should be fine.

Shadok
  • 623
  • 5
  • 10