[Infrastructures] Radmind vs. Isconf ?

[Wesley Craig]

On 06 Apr 2005, at 14:40, Chris Kacoroski wrote:
> It can also apply multiple change sets to the extent that the  
> change sets do not modify the same file in different ways.  For  
> example set A modifies file 1 and then set B modfifies the same  
> file.  If you just put set A or just put set B on a machine you are  
> fine.  If you put set A and B on the machine you have a problem.   
> The solution is to create a change set called set AB so file 1 will  
> have both modifications.

This behavior may or may not be a problem.  The point should  
certainly be made that radmind doesn't itself *edit* files.  One can  
leverage radmind for the editing of files, however.  A common  
approach is to convert file 1, in the above example, into a  
directory, directory 1.  The startup script that would normally  
reference file 1 instead references directory 1/* to create file 1.   
Some daemons, e.g., xinetd, httpd, etc, have adopted this idea  
directly, eliminating the need for intermediate scripts.

> The other issue we have with Radmind vs cfengine is that Radmind  
> has no concept of processes or what is in a file (as near as I can  
> tell).  This means that if you want to restart a process or make  
> changes to a single file you cannot do it from Radmind where you  
> can from cfengine.  Again, in a controlled environment where you  
> build the machines up from scratch and you know what is in each  
> file (like our Labs), this works fine; but in an uncontrolled  
> environment where a file may have be customized for that particular  
> machine and all you want to do is to add a line to it (e.g.  
> crontab), Radmind will not work.

Radmind ships with a tool (ra.sh) that allows the admin to execute  
triggers based what will/has been changed.  This works well for cases  
like updating the a config file and restarting daemons.

:wes