0

We have a growing number of instances on rackspace cloud. A mix of about 2/3 windows (2008 and 2012) and 1/3 linux.

Managing all the logins discretely is a pita.

Is there a straightforward way, even just for the win servers, to centralize login & pw?

Is there a way that can be set up in, say, 30 minutes? (e.g. solutions that take 4-20 hours to set up usually don't get set up...).

To address the gut response "use active directory!" The answer is: AD does not work in cloud environments. Consider: a) You join your server to AD, then clone 3 more of them... AD doesn't like that. b) You leave your servers unjoined... and want to make clones, spin them up and auto join to AD ... to my knowledge, this is not possible

AD does have the overhead of needing an AD server, but such is life. It appears that linux boxes join AD, so AD is a possible answer for Linux.... but how do you spin up and down instances (win and linux) and make it all just work?

Jonesome Reinstate Monica
  • 5,347
  • 9
  • 54
  • 80
  • 5
    Um, Active Directory? – Michael Hampton May 22 '13 at 00:01
  • @MichaelHampton , my understanding is that AD is not a fit in a cloud environment. The reasons are: When you clone an image, AD gags when multiple servers come up cloned from the same base. Further, if you spin up non AD servers, there is no automatic way to join them to the domain at boot up time.... And I believe there are other issues as well. – Jonesome Reinstate Monica May 22 '13 at 01:53
  • I understand there's a way to adjust your cloud images to fix that issue. I don't have it handy though (I'm a Linux shop). – Michael Hampton May 22 '13 at 01:55
  • @MichaelHampton I would be interested to know it. In my research so far, there is no clean solution. If you have a solve for the linux side, interested in that also! (Interested in anything that helps move this issue along) TIA – Jonesome Reinstate Monica May 22 '13 at 02:01
  • Aha, found it. [How do I add a cloned VM to Active Directory without conflicting with other clones?](http://serverfault.com/q/12518/126632) – Michael Hampton May 22 '13 at 02:26
  • Server 2012 supports cloned DCs if you follow the right steps. – MDMarra May 22 '13 at 10:56
  • These servers are not DCs, just worker bees.... (stand alone servers) – Jonesome Reinstate Monica Oct 17 '13 at 16:36

1 Answers1

2

Use Active Directory to run a Windows domain for your cloud instances.

Use sysprep to change the SID on your Windows cloud instances and join the domain when you start them for the first time.

Use winbind on your Linux instances to join them to the Windows domain; set a unique hostname for each instance when you start it for the first time and before you join it to the domain.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • Mike, Does that allow new win and linux instances to spin up and auto join to domain, or does this method require interaction with the instance after it spins up? – Jonesome Reinstate Monica May 22 '13 at 02:32
  • You should already be using something like cloud-init on your Linux instances to do their initial setup. For Windows, again you'd use sysprep to set up the joining to the domain. – Michael Hampton May 22 '13 at 02:39
  • Thanks! We will explore this direction! (Seems like RS should have a kb on all this?) – Jonesome Reinstate Monica May 22 '13 at 02:40
  • @samsmith If you populate your `sysprep.xml` with the appropriate Specialize pass data, they'll autojoin. You can do much more than just that though with `sysprep`. – jscott May 22 '13 at 02:41