[Infrastructures] How do you manage 1000+ systems
Bob Proulx
bob@proulx.com
Sun, 12 Jun 2005 10:16:12 -0600
Rodrick Brown wrote:
> In my current organization as we grow more and more its becoming a
> problem trying to manage all of our users, systems and keep track of
> everything in a smoothly matter so one thing I'm looking to do deploy
> is a authorization and authentication mechanism with single sign on,
> so the first thing that comes to mind is Kerberos, LDAP, and
> auto-mount across our environment, which consists of 350 servers,
> made of Solaris, AIX, and Linux that span 3 data centers, this summer
> alone we plan to add another 100 or so servers so I need something
> that can scale very well, in 3 years alone we will have grown to 500+
> Unix servers, so I'm just looking to hear what most people think of
> Kerberos in general I'm not even sure if there are any alternatives to
> Kerberos in a pure UNIX environment.
We are using NIS/YP in my work environment with several thousand
machines. With slave servers it scales well to a large number.
There are actually many aspects of system management beyond the login
part. I would say the login system for me is probably the simplest
part. I have my own homebrew system for doing the rest unfortunately
works for me but not in a good state to share.
But you might want to look at these two references. I can't vouch for
them as I am not using them but they are fairly well documented. On
my short list of things to look at in detail that appears to do good stuff.
http://www.onlamp.com/pub/a/onlamp/2004/04/15/cfengine.html
http://www.onlamp.com/pub/a/onlamp/2004/05/13/distributed_cfengine.html
Bob