[lug] CM for a small sysadmin.

[Rob Nagler]

>
> Maybe, except most shell scripts aren't idempotent and a CM system is.
>

Docker is idempotent, which is the cool part. There's no need to think
about uninstall or upgrades. With Docker, sysadmin is more akin to
compiling code than CM. You have a code-build-test loop just like
programming.

Ansible playbooks are probably just as much effort as a shell script.


I've done both, and looked at Chef, Puppet, Salt, and our own (extensive)
CM automation at Bivio. Even without Docker, you can still provision VMs
with shell scripts in a code-test loop. There's no learning curve for
someone who has been hand configuring systems, because those commands are
the same. Our build scripts work both for Vagrant and Docker so it allows
us to do kernel level configuration testing before deploying to production
servers.

For the curious, here's our little configuration environment for building
containers at RadiaSoft:

https://github.com/radiasoft/containers

It's more complex than setting up mailman, because we have lots of complex
physics codes to build and install, and we are building containers for 3rd
party downloads by physicists on Macs and PCs as well as our servers so we
spend some energy on cleaning out the container before serializing it.

We also are building out a general curl installer, which I think has some
unique features:

https://github.com/radiasoft/download

To answer David's question, if you are just starting out, I would
definitely recommend Docker or another containerization technology. Even if
you end up with Ansible, it lets you get your playbooks right before
deploying on production. If you are deploying on Linux only, then Docker is
definitely a big win, because it decouples core operating system (security)
dependencies from application dependencies.

Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20151028/41a8f0f5/attachment.html>