[ale] ssh for automated management

Mike Murphy mike at tyderia.net
Fri Dec 17 12:18:55 EST 2004 

depending on what sort of stuff you are doing, how big any stuff you are 
pushing is, and how fast the network links are, 10000+ nodes is a lot of 
nodes to admin, no matter what the technique (but if you have 10000+ 
nodes, I'm sure you know that).

I guess its all a question of what exactly you're up to. If you were to 
try to ssh to each machine in series to do something (say echo "some 
param" into /etc/somefile), you might still be surprised by how much 
time that takes. Certainly, if you are thinking of ssh to replace some 
other terminal-like administration solution, like doing stuff in scripts 
over rsh, or over telnet with expect or something, its probably worth 
the extra overhead of encryption for added security though.

I can tell you that I've found that even fully managing about 900 hosts 
has brought up some interesting problems. In this example, we use rsync 
to keep various configuration files, etc. in sync accross all the hosts. 
Once an hour, they each visit a dedicated rsync server to look for 
updates. Even using rsync with a server (instead of rsync over ssh), 
which is very efficient, we're starting to find that we might want to 
inject a second tier here. So, it looks like this:

master server -> n number of "staging" servers -> x number of working hosts

A real recommendation would be impossible without more specifics, but 
there was a lot of interesting material in the systems configuration 
area at LISA this year, you might want to check out some of the slides 
and materials: http://www.usenix.org/events/lisa04/tech/

Mike


David Corbin wrote:
> We are considering using ssh as part of a solution for automated remote 
> managment of 10000+ node network, distributed at over 500 sites.  The nodes 
> being managed are NOT "standard desktop machines" (in terms of software 
> etc.), but more like "appliances".
> 
> Ideally all the management would be done from one machine. 
> 
> Anyone want to suggest any likely problems we might encounter, scale-wize?  
> 
> Thanks
> David
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

-- 

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Mike Murphy
781 Inman Mews Drive Atlanta GA 30307
Landline: 404-653-1070
Mobile: 404-545-6234
Email: mike at tyderia.net
AIM: mmichael453
JDAM: 33:45:14.0584N  84:21:43.038W
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

More information about the Ale mailing list