The Strengths and Weakness of Fedora/RHEL OS management

Shane Stixrud shane at geeklords.org
Thu Mar 30 01:40:32 UTC 2006 

On Wed, 29 Mar 2006, David Lutterkort wrote:

>> In fact it resembles very much what I have with my Cisco equipment +
>> management software.
>
> Interesting. Any pointers where I can look at docs ?

Well not comprehensive docs per say, but I can outline how it works.

Here is an example of an active config state on a cisco device:

http://geeklords.org/~shane/cisco.cfg

It is important to note from a admin perspective the configuration 
directives in the above file IS equal to the function that device has been 
instructed to perform.

Now I am not proposing this type of configuration interface would work 
for Linux, Cisco has much less to consider and even so there are 
things about their configuration process I think could be improved.  But 
their semi-standardized plain text directives allows their 
management software (cisco resource manager) to easily track system 
changes, apply system changes and revert system changes across multiple 
platforms using the same "command directives" that the end user would 
manually enter.

Being able to easily do the following on Linux would be very nice.

1) Show all configuration directives that are not at their default values 
i.e.:

cfg_report -keys -nondefaults /system/dhcpd

system/dhcpd/option/domain-name/
system/dhcpd/option/domain-name-servers/
system/dhcpd/subnet/172.20.0.0 netmask 255.255.255.0/
system/dhcpd/subnet/172.20.64.0 netmask 255.255.254.0/
etc...


2) Save/restore keys and values

cfg_mgr -export .ini,xml,tar -nodefaults / >/root/changes.tar
cfg_mgr -import /root/changes.tar /

cfg_mgr -export file / >/root/hostname.cfg (very large path/key/value text 
file)

cfg_mgr -import /root/dhcpd.tar /system/dhcpd

3) Display and edit all ntpd's configuration keys/values a standard editor

cfg_edit -export plaintext -editor <editor> /system/ntpd

*note* this would include /etc/ntp/keys /etc/ntp/step-tickers etc..

4) revert dhcpd to a specific date/time

cfg_mgr -revert 03/05/2006 /system/dhcpd


If/when the above is possible centralized config policy management 
becomes a no brainer.  We just create a cron job where we can optionally 
sync changed keys/values prior to downloading the devices new/active 
directives.

cfg_mgr -push -pull -server host.domain.top

Cheers,
Shane

More information about the fedora-devel-list mailing list