What's the best way to handle many servers?

Forum Moderators: bakedjake

Message Too Old, No Replies

What's the best way to handle many servers?

Shenron

12:22 am on Aug 10, 2006 (gmt 0)

Hello,

My website is running with 3 servers and all of them are exactly the same. What I mean is they have same softwares installed.

So here's my question. What's the best way to handle this 3 servers the most efficiently? Right now, if a security fix must be applied for apache for example, then I need to re-install apache 3 times and it's kind of annoying :D

I think there is a better way to do that? At leat I hope so.

Thanks

webdoctor

6:56 pm on Aug 10, 2006 (gmt 0)

Right now, if a security fix must be applied for apache for example, then I need to re-install apache 3 times

What distro are you using? Is there a reason you aren't using the inbuilt package-management tools?

I've got all my linux boxes set to auto-update, so I never have to re-install anything by hand. Can't you do this?

Shenron

7:43 pm on Aug 10, 2006 (gmt 0)

i use debian? do you mean apt-get?

with apt-get, i do not have the latest release :/

webdoctor

7:57 pm on Aug 10, 2006 (gmt 0)

i do not have the latest release

In my experience, on a production box, you should NOT work with the latest release, you should work with the latest patched release of the ORIGINAL version of the package that shipped with your distro.

For example, I've got one particular production server which runs SuSE 10.0. It's currently running 'apache2-2.0.54-10.5' which is the latest patched apache2 that comes from SuSE for SuSE 10.0 boxes.

I'm aware that I could go and get either a source tarball of version 2.2.3 or 2.0.59 direct from httpd.apache.org - but why bother? SuSE's advisory [novell.com] tells me that, to fix the security hole, the version I need is 2.0.54-10.5.

The best bit? YaST does all the patching for me while I'm doing something far more interesting... and in fact by the time I'd read the mod_rewrite security advisory, this particular box had patched itself. Can't beat that :-)

Shenron

12:20 pm on Aug 11, 2006 (gmt 0)

but I want to use mysqli with php instead of mysql. Can i do that with apt-get?

wheel

4:00 am on Aug 13, 2006 (gmt 0)

Webdoctor is correct. Use your package manager for your distribution to update your packages. Whether or not two packages need to be installed is an entirely different matter. I'm not familiar with mysqli, but if it's a common package you should be able to install it with your distro's package manager as well. Use the package manager where ever possible - it'll make your updating and security installs very straightforward.

As for updating 3 servers, that's minimal if you use the package managers. I use mandriva's built in gui once a week on all my machines to install all new bugfixes and security updates. Takes me about 3 minutes to start up the automated process on 4 seperate machines. Mandriva has a 'show all bugfixes and security updates available' feature, I'm sure other distro's do as well.