multiple questions re: bridge, managing multiple systems, etc

Gregory Orange gregory.orange at calorieking.com
Thu May 19 02:40:12 UTC 2016


Hi Ty,

On 19/05/16 09:15, Littlefield, Tyler wrote:
> First, I'm curious what all of you prefer for health monitoring. I was
> looking at Nagios, but if there's something else I'm all ears.
> Second, I need a solution that will allow me to monitor logs for
> anything out of the oardenary (if this is possible) and notify me,
> rather than sending the daily logs every day.
> Third, I need to know when updates are available to BSD and when
> packages are vulnorable.

I'd also like to hear about ideas for both of these things. We're 
experimenting with the ELK stack (http://elastic.co/) but it doesn't do 
all of the above - or perhaps will with some extra work and customisation.

I do look at the daily and security log emails from our systems, as well 
as being subscribed to security-advisories at freebsd.org, as well as 
running 'freebsd-update cron' every night, which only sends an email if 
there are updates available.

> Along with this, I'd also be interested in knowing how people tend to
> deploy multiple systems with extensive reconfiguration. The base of my
> systems look mostly the same, so I was hoping there might be a good
> way to do this.

This sounds like a job for configuration management. We use Puppet, but 
you could equally use Salt, Ansible, Chef or others.

You might start with simple scripts to get started with automation, 
especially if a full CM package is overkill for your situation. You've 
done the first step of documenting your steps, so writing scripts to 
automate a bit could be your next step.

The approach here is this: Install vanilla FreeBSD, do the bare minimum 
configuration necessary to get it ready to run Puppet (e.g. ensure 
networking is active, install Puppet), then let Puppet do the rest. All 
as automated as possible.

HTH,
Greg.


More information about the freebsd-questions mailing list