qa machine management

seth vidal skvidal at
Sat Mar 31 21:29:37 UTC 2012

On Sat, 31 Mar 2012 14:25:35 -0600
Stephen John Smoogen <smooge at> wrote:

> On 30 March 2012 17:17, Kevin Fenzi <kevin at> wrote:
> > Greetings.
> >
> > Just had a talk with tflink on IRC about the management of the qa
> > network machines. Long ago when we setup those machines we were
> > thinking we could use them as a testbed for bcfg2 to see if we
> > wanted to start using it or if it worked ok, etc. I setup a bcfg2
> > server to try this with, but sadly have never found the time to
> > even start configuring it.
> >
> > Machines involved:
> >
> > (real hardware)
> > (guest)
> > (guest)
> > (guest)
> > (guest)
> > (someday we may add a sign-bridge-comm01 and sign-vault-comm01 to
> > allow secondary archs like ppc and arm to sign packages).
> >
> > Options:
> >
> > - Try and push forward with a bcfg2 setup on and
> >  evaluate it. This would be nice, but I'm really not sure anyone has
> >  the time to do it.
> Actually I think I do have the time to do this. I can start on this
> after I get back from recovery.. late next week early week after.
> > - Just add all the above machines to our puppet repo and configure
> > them there and call it done. This would mean they wouldn't be
> > seperate from us and we just update and configure and monitor them
> > like any other machine.
> >
> > - Try and work out some setup with ansible or the like to see if it
> >  could manage them. Again, this would be a learning and tweaking
> >  curve, so not sure we have the time.
> I actually would like to pursue this over bcfg. I don't think we have
> any bcfg experts but we do have ansible experts.
> So
> a) I give bcfg2 a go and see how it looks. Report back by end of 3rd
> week of april.
> b) I then work on ansible. and see if it is better/harder/easier than
> bcfg2.
> or
> a) I just go for ansible and give bcfg2 the heave ho?

One concern I have with bcfg2 is lack of momentum. Since, for all
intents and purposes it is just puppet but in python.

One of the reasons I've been looking so hard at ansible is simple - it
doesn't require a client-side. It's all push-based. From a logging and
quietness-standpoint it should be significantly better especially for
our environment where if a host cannot reach lockbox01 we know we
cannot do anything else.


More information about the infrastructure mailing list