On to Puppet. I’ve not yet factored everything about the new server out into separate modules or classes; that’ll come later. But things that will either get reused on other systems (e.g., Active Directory ties) or things that need to be generated consistently and repeatedly (e.g., Amanda configurations) have been factored out. The new server’s …
Category Archives: Debian
The New File Server: Preseeding and LVM
Remember that no one cares if you can back up — only if you can restore. — Amanda 2.5.2 Documentation So we’ve got a new file server in the middle of initial installation and configuration. The file server is one of our most mission-critical systems — if mail goes down, a half-dozen people care. If …
My Own Private Debian Repository
So now that I’ve got all these .deb files made from non-free commercial software packages, and some more packages from unstable (since ANSYS depends on libopenmotif, and I needed a more current version of puppet), and a deb package of Torque based off the work of the nice folks at SARA, I need a place …
Making Debian Packages from Commercial Software
One of my main goals for a managed infrastructure is to make sure I have consistent versions of end-user applications installed everywhere. My users aren’t too picky about the version of xemacs installed, but they’ve got pretty stringent requirements on having a particular version of ANSYS, Abaqus, Fluent, Maple, Matlab, and other large non-free/no-source-available software …
Continue reading “Making Debian Packages from Commercial Software”
Client OS Update
(Original post here.) For the moment, I’m working on Debian GNU/Linux. Everything bought new (since sometime last fall) has the current stable release (4.0r0, or “etch”) installed, and everything older has the previous stable release (3.1r6, or “sarge”). Assuming that I keep apt sources for both the primary Debian archives and their security updates, the …
Ad Hoc Change Tools
Most of the cost of desktop ownership is labor [gartner], and using ad hoc change tools increases entropy in an infrastructure, requiring proportionally increased labor. If the increased labor is applied using ad hoc tools, this increases entropy further, and so on — it’s a positive-feedback cycle. Carry on like this for a short time …
Authentication Servers
The whole point of an authentication service is that it allows the client to prove itself to be trustworthy, or at least to prove itself to be the same nefarious character it claims. — Infrastructures.org I want to make our existing Active Directory the source for all the following: Lists of users allowed to log …
Client Application Management (Part 1, for .deb packages)
(Original infrastructures.org writeup here.) Wow, this part has been a learning experience. The things I’ve picked up out of this stage: aptitude is not apt-get. Obvious, yes. But how different they are was not apparent until this weekend. pkgsync is great, and does exactly what it claims, but read its claims very carefully, since it …
Continue reading “Client Application Management (Part 1, for .deb packages)”
Time Synchronization
Time synchronization makes lots of things work better, including: make Kerberos tar syslog We’ve got a central NTP server on campus, and I’m using that to sync from. Puppet handles ntp and ntpdate configuration on the managed systems. Components of that setup: ntp.pp and ntpdate.pp classes imported from puppet/classes Virtualization-detecting facter recipe (originally from here, …
Abaqus 6.6 on Debian Etch (amd64 port)
Q. Why does the condemned man get a last cigarette, instead of one of those through-the-skin stick-on nicotine thingies? A. Don’t patch the executable. — rec.humor.funny Bad Abaqus! Or more properly, bad ZeroG InstallAnywhere! This post indicates that AMD64 Java doesn’t have NPTL problems you keep checking for. And then, when I comment out the …