Best practice for network configuration
Robert Brockway
robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Fri Jul 1 00:08:54 UTC 2011
On Mon, 27 Jun 2011, Christopher Browne wrote:
> But that being said, I don't like the idea terribly much.
Me either. If you want to centralise management of your servers something
like puppet is probably a better idea. At least it fails safe - ie if
puppet falls over then you just can't update your servers until you
restart it but they will continue to function in the mean time.
I note that you mentioned cfengine laster in your post.
> Of course, this might be a moot point if the death of DHCP means that
> there aren't any clients coherently connected to the network.
This argument can be generalised as "Functioning of these servers at this
time is irrelevant as their principal reason for being does not currently
apply".
People sometimes use it as a justificiation for not properly separating
nameservers too.
I've never liked this argument. I think this argument has some flaws:
(1) That you fully understand every function this server performs. You
haven't forgotten any of them.
(2) Failure or partial-failure of this server won't have worse outcomes
than if it continued to run without anyone using it.
I know you're not endorsing this. It was just a fine time to mention what
I consider to be a logical trap that many sysadmins and architects are
falling in to :)
Cheers,
Rob
--
Email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Contributing member of Software in the Public Interest (http://spi-inc.org/)
Open Source: The revolution that silently changed the world
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list