Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Linux - Centralized Patch Management System

  • 18-10-2012 3:13pm
    #1
    Standard Toaster
    Registered Users, Registered Users 2 Posts: 10,288 ✭✭✭✭


    I'm running a small (but growing!) Linux environment comprising of about 21 Linux servers

    The environment I mainly look after consists of CentOS 5 & 6 and Red Hat 6.
    All of these are patched individually via their appropriate yum repos.

    Can anyone suggest a method of centralising patch management for these servers? I've heard that Puppet is often used to do this but I've never used it myself, and would be interested in hearing from other system administrators.

    Support for Solaris and Windows would be a bonus....and open-source!

    Cheers


Comments

  • #2
    Stuxnet
    Registered Users, Registered Users 2 Posts: 3,739 ✭✭✭Stuxnet


    We use BigFix at work, dont think its free or os tho :(
    doesnt help I know :-p


  • #3
    madhatter76
    Registered Users, Registered Users 2 Posts: 91 ✭✭madhatter76


    Have a look at http://spacewalk.redhat.com/ it would sort your Centos needs.

    For Redhat Channels there is a similar product called RHN Satellite which will cost you $$$$


  • #4
    ld50
    Registered Users, Registered Users 2 Posts: 36 ld50


    Puppet is excellent. It's open-source and Solaris is also supported. I've only used for debian and osx management. Both server and desktop. It's a very powerful tool and will make managing servers an ease.

    I think there are management modules for windows now. So happy days.


  • #5
    Standard Toaster
    Registered Users, Registered Users 2 Posts: 10,288 ✭✭✭✭Standard Toaster


    Cheers all, decided today we're going to trial run Puppet. I'll post back my findings.


  • #6
    laugh
    Registered Users, Registered Users 2 Posts: 3,745 ✭✭✭laugh


    Take precautions against automagically installing something bad, we updated all our servers to a version of puppet that had a bug that broke our use case, we had to manually downgrade puppet on a lot of servers. A dodgy version of our backup software also made it onto servers.

    We came up with our own system to promote rpms to the repos used by our production servers after they have been tested.


  • Advertisement
  • #7
    Feelgood
    Registered Users, Registered Users 2 Posts: 2,191 ✭✭✭Feelgood


    You could give CFENGINE a whirl, its not strictly for patch management but can be used as such.


  • #8
    Standard Toaster
    Registered Users, Registered Users 2 Posts: 10,288 ✭✭✭✭Standard Toaster


    Went with a combo setup of Puppet/Foreman/Spacewalk in the end. Now to play with them! >.< :)


Advertisement