configuration management - How to setup dynamic pillar data available to minions in a saltstack deployment?

I want to setup the salt pillar to make key value pairs available to a particular instance in a dynamic way. It appears that ext_pillar (which can be used to generate key pairs dynamically) cannot restrict access to particular minions. In my scenario minions can be destroyed and new ones can join automatically.In this situation, one solution for my problem (which seems quite tedious and inefficient) is:When a new minion is accepted on the Salt Master, via a script, generate the private data for that minion, and create a YAML file with this info...Read more

configuration management - How to get a list of all salt minions in a template?

Basically I am creating a Salt state describing Munin server configuration and I need to get a list of all minions known to the master, something like this:{% for host in pillar['munin_clients'] %}[{{ host.fqdn }}] address {{ host.ip }} use_node_name yes{% endfor %}The only difference is that I don't want to use pillar for that, I need this list to be populated dynamically. ret.get_minions seems to be relevant but I can't make it work for some reason. What are my options?...Read more

Official definition of CSCI (Computer Software Configuration Item)

I'm looking for the most official definition of CSCI / Configuration Item - not just what it is but what we have to deliver / can expect when a contract defines subsystems which shall be developed as configuration items.I spend some time with my famous search tool and found a lot of explanations for CSCI (wikipedia, acronym directories, ...) but I haven't found a standard or a pointer to a standard (like ISO-xxx) yet which tells (1) what it is and (2) what has to be done from a QM/CM point of view.I just ask, because a contractors QM representa...Read more

configuration management - Unable to upgrade MID Server

Our ServiceNOW instance recently got upgraded from Eureka to Geneva.MID Server status became down and the version does not match the Build number in the stats.I was told that the MID Server will auto upgrade which didn't happened. I am using a proxy server to connect, when I tried communicating with the instance through the server it is working however I assume the service or application installed is not able to communicate with the instance.I created a new service and it worked perfectly for 1 min however after that the status of it became dow...Read more

Configuration Management for Installation of OS

I was looking for a uniform configuration management tool for remote installation of OS on remote servers(similar to puppet/chef) having wide range of platform support. I think we can use PXE/kickstart for remote installation. I am not sure that can be used to install OS on multiple servers in parallel? Other way to spin up the EC2 instance from AWS and pay amazon for the usage. I was wondering is there any other best option for this requirement?RegardsBubunia...Read more

Best approach to perform a CMMI Physical Configuration Audit?

The organization I currently work for an organization that is moving into the whole CMMI world of documenting everything. I was assigned (along with one other individual) the title of Configuration Manager. Congratulations to me right. Part of the duties is to perform on a regular basis (they are still defining regular basis, it will either by quarterly or monthly) a physical configuration audit. This is basically a check of source code versions deployed in production to what we believe to be the source code versions in production. Our project ...Read more

apache zookeeper - Provisioning millions of configuration objects to network devices

I have a sort of unique configuration management problem. I don't quite think that zookeper is built to solve it, but I could be wrong.The system will be provisioning configuration to multiple devicesin a network. The configuration itself is comprised of tens of millions of configuration objects.If a device hasn't been provisioned yet, it needs to read the current version of the entire config (tens of millions of objects).Once a device has been provisioned, it needs to receive versionedchanges to the config. Changes are only occuring the order ...Read more

Migrating system configurations

Are there any tools like the Django South database migration app, but for migrating entire server configurations?I manage several server configurations entirely from source control. Django app code, Apache configuration, load balancer configuration, Ubuntu package lists, everything is listed in a configuration file and deployable via Fabric commands. However, I still need to manually determine what's changed, and decide which deployment commands to run in sequence to make the server match my configuration files.Ideally, I'd like to manage my se...Read more

configuration management - How to avoid repeating myself in Salt states?

We have two different environments, dev and production, managed by a single Salt server.Something like this:base: 'dev-*': - users-dev 'prod-*': - users-produser-dev and users-prod states are pretty much the same, like this:{% for user, data in pillar['users-dev'].items() %}{{ user }}-user: user.present: < ...something... >{{ user }}_ssh_auth: ssh_auth.present: < ...something... >{% endfor %}We did not want to duplicate the code so our initial idea was to do something like this:{% users = pillar['users'].items() %}in...Read more

chef - Performance cost of automated config management

I am learning about tools like Chef/Puppet/etc for the first time and was wondering how well (or poorly) they integrate with applications deployed on the cloud:Why use Chef when there are vendor-specific APIs out there, as well as frameworks like JCloud which abstract even those APIs?Is there a performance cost to using these configuration tools, or (once configured) do the nodes/machines just operate like any other (non-managed) machine on the cloud?Can Chef be used to configure any technology thats out there, or does it provide a list of "sup...Read more

Managing complex configurations

I would like to ask you for your opinion on the best practices of managing big numbers of complex (for example xml, .properties, custom formats etc) configuration files as nowadays every more complex project consist of way to many to count.How not to get lost in such a mess? How to reuse those in best ways? Any good tool that can help (maybe some Eclipse based)?...Read more

Remove computer from Configuration Manager (System Center 2012 R2) with script/batch/programatically?

We are having trouble with the Config Manager client randomly getting corrupted during installation on new computers. We are currently rebuilding our image, but in the meantime, we are implementing a short term solution where we simply completely uninstall Config Manager Client, remove the computer object from the Config Manager console, and then reinstall the client.In an effort to reduce the "clicks" that our help desk techs would have to preform, I would like to write a simple script/batch/program/whatever to just do it in one fell swoop. ...Read more

continuous delivery - Configuration Settings Service/Repository: Are They Used in a Real World

I’m currently enjoying reading "Continuous Delivery: Reliable Software Releases Through Build, Test, and Deployment Automation" and the part that caught my attention is that on managing configuration settings for applications.What's proposed in the book is that all configuration settings are externalized and centralized in a repository of some sort, be it an LDAP directory, ESCAPE Server or somesuch and then retrieved from there.This sounds really compelling to me as this approach can provide a number of tangible benefits, but after Googling ar...Read more