chroot + ssh concerns
Bob Proulx
bob at proulx.com
Thu Jan 1 08:54:34 EST 2004
Lev Lvovsky wrote:
> Scott Burch wrote:
> > http://www.usenix.org/publications/library/proceedings/lisa2000/full_papers/ressman/ressman.pdf
>
> The decision to go with a pull system instead of a push system is
> something we'd discussed. However, since the outage of the push server
> in our case wouldn't be catasrophic, and would allow for simpler
> administration, we've decided to at least go in that direction in the
> beginning.
If you are just now walking down the path of building an
infrastructure to manage your systems then I highly recommend the
following paper. I administer a large number of machines (is greater
than 2000 HP-UX and Linux hosts a large number?) and had independently
discovered the benefits of the pull method. But Steve Traugott
discusses it very well here. I wish I had read it before because it
would have saved me time learning the lesson.
http://www.infrastructures.org/papers/bootstrap/bootstrap.html
http://www.infrastructures.org/bootstrap/pushpull.shtml
What I do is "push" a "pull" when I want something to happen right
now. That retains the best of both worlds.
Previous to knowing about these references I had implemented scripts
to check for being out of network resources, retrying dead hosts,
forking and running in parallel, etc. Upon reading these references
later (after converting to a pull system myself) I was sure the author
had been a fly on the wall of my lab during the push times because the
convergence of problems and solutions was uncanny.
You might want to read the mailing list archives at the location below
and possibly strike up a discussion about infrastructure management on
that list.
http://mailman.terraluna.org/pipermail/infrastructures/
Bob
More information about the openssh-unix-dev
mailing list