The perfSONAR Toolkit by default has enabled automatic updates via the yum tool. This setting can be toggled via the Enabled Services configuration screen on the node. More information can be found here: http://docs.perfsonar.net/manage_update.html#automatic-updates
Allowing yum to handle automated updates comes with positive and negative aspects:
- With this service running in the background, new software will be downloaded and installed once per day. This can be used ot ensure critical updates are received and installed; note that items that are released after the normal runtime may not be installed for a full cycle.
- Software from perfSONAR, and upstream, repositories may not always install cleanly or operate as expected. Applying updates as they become available comes with risks for broken software.
- This automation does not reboot, and some software requires a reboot (or at a minimum, a restart) of software for things to be operational
Automated updates are not a replacement for system administration, and are really just a tool to make things easier to manage. Always maintain your perfSONAR nodes like any other campus server. This means using a sensible access and security policy, and remaining up to date on software patching.
There are many forms of configuration management used for server management, including:
The perfSONAR project does not recommend any specific variety of configuration management, and the choice of one is often made for reasons specific to a site. The following sections are contributed by community members with experience in specific tools.
Puppet is another form of automation tool.
- Texas A&M has contributed a Puppet module for yum-cron that can be used on perfSONAR Toolkit nodes, as well as a Puppet module for managing the perfSONAR repository. More files for use in puppet can be found here: https://github.com/treydock/puppet-perfsonar/
- The WLCG has provided a puppet module to control perfSONAR instances.
While not a full form of configuration management, ClusterSSH makes life much easier when trying to manage a large number of perfSONAR machines.
Ansible is a tool that works well for bulk configuration and configuration documentation.