BSDCan2011 - Final (with audio).5

BSDCan 2011
The Technical BSD Conference

Tom Judge
Day Talks - 2 - 2011-05-14
Room DMS 1150
Start time 13:30
Duration 01:00
ID 225
Event type Lecture
Track System Administration
Language used for presentation English

Role based package management for FreeBSD

Rubber stamp package deployment

This tutorial will cover setting up a package build system for binary, role-based package deployment in enterprise networks. A server (physical or virtual) usually provides one or more services, each of which requires a set of packages to operate. This package set is treated as a role. Once a role is configured in the build system, the packages for that role are automatically built and deployed to all systems in that role.

Managing packages on a large number of systems can be a very daunting task and there are a number of problems to overcome: * You don't want to waste CPU time to build a package multiple times when you can build it once. * You need to be able to build a package with non-default options, as often the defaults will not meet your requirements. * Services deployed in different environments may require different sets of packages and options.

The solution to this is a system that has the ability to create binary packages in a central location and deploy the final results automatically to all systems that require them.

The system is designed to encompass four key items: * Ports trees - Definitions for packages to be build * Builds - Definition of the host system for which a package should be built. * Servers - Physical or virtual systems on which packages are to be installed. * Roles – A named (e.g. “Web Server” or “Database Server”) collection of packages to be deployed on a set of Servers.

By building a role, i.e. a "Web Server", you will be able to deploy that package set to any number of servers in a repeatable fashion. Once the role is in production, if you need to add a package you can, and it will be automatically built and deployed to all systems in that role.