Patrick
2009-Apr-05 17:53 UTC
[Puppet Users] softwareinventory with different preinstalled Linuxmachines / patch management
We have a grown linux environment, which are different in
hardware/distribution/installed software.
The clients are mainly maintained by our users, but sometimes we need
to ensure that certain updates are installed.
1)
We would like to gather the information about the softwarereleases
installed on our clients. This could be done with
aptitude search -F ''%p%v'' ~i
or
rpm -qa --qf "%{NAME},%{VERSION}\n"
Can puppet gather information about installed software/versions and
send it to a central server? Does somebody have a recipe to accomplish
that?
2) Updates / Patch management
Are there any best-practices about "Patch management with puppet"?
For example, we want to upgrade a package only if an earlier version
currently exist on the client.
When I use "ensure => latest", a package would be updated to the
latest package. It would also be installed even a earlier version was
not installed before.
Are there maybe better tools for our case?
Patrick
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
Mike Renfro
2009-Apr-06 01:29 UTC
[Puppet Users] Re: softwareinventory with different preinstalled Linuxmachines / patch management
Patrick wrote:> 2) Updates / Patch management Are there any best-practices about > "Patch management with puppet"? For example, we want to upgrade a > package only if an earlier version currently exist on the client.> When I use "ensure => latest", a package would be updated to the > latest package. It would also be installed even a earlier version was > not installed before.At least for Debian, a cron job of ''apt-get update; apt-get -y upgrade'' with a private repository of known good security updates and other patches would do this. Let puppet create an entry for your private repository, then install the packages you want with ''ensure => present'', and finally let the cron job take care of later upgrades. There should be an equivalent feature for other distributions'' package managers, but I''m not familiar with those. -- Mike Renfro / R&D Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- renfro@tntech.edu --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---