Wednesday, February 10, 2010

Open source config management and AV

I have a new engineer on my team this week, and a couple of the first projects he's working on are open source config mgmt. (for basic config files) as well as open source AV.

On the config management front, we're leaning towards Puppet. I have a good friend who uses cfengine on a big server farm, and he loves it. From what I've read Puppet seems to be a newer more modern version, and we don't have a huge farm to manage so I think it would work perfectly for us. Looking forward to learning and implementing it!


With AV we are runnin some tests with Clamwin, and we'll see how well it can pickup incoming viruses uploaded via our Resin application servers. We shall see.

Next project will be bringing a CentOS yum repo locally and patching over the LAN versus the internet, another project I've wanted to get done, but haven't yet completed.


Ant said...

I wouldn't believe everything you read. The Puppet guys seems mainly good at self-promotion. Cfengine 3 has been around for a while now and it is way cool. Check out the Facebook group for CFengine, or the website and you'll see some pretty interesting stuff. In my experience Puppet has tried to steal CFengine's show but they Puppet can't do half the stuff the cfengine can do native, and they're not real strong on technology. If you dig into the "recipes" they have, they're pretty much smoke and mirrors, embedded perl scripts or real trivial stuff. Cfengine now has a community library which seems to be active and has solutions. I think it still needs work, but it's still ahead of Puppet. See also the interesting stats on Cfengine 3 being 25x faster!! More modern version? I'd say Puppet was a step backwards.

Anonymous said...

Ant, you are spot on!

Puppet is like any Microsoft product - a lot of advertisement noise around it, but the technology is extremely bloated and barely works.