[rancid] Re: manual config adds
Mike Ashcraft
mashcraft at omniture.com
Tue Nov 6 17:57:13 UTC 2007
The short answer is "yes".
The F5 BigIP support I hacked could be easily modified to pull these
items from a linux server via ssh by just changing the command list and
using the ConfFile function to process the output. For example:
('iptables -L' => 'ConfFile'), ('cat /var/named/somedomain.db' =>
'ConfFile'). This would require a custom device type and custom rancid
script for each but would give you the Rancid automation you may be
looking for.
I would recommend a more standard implementation but it would require
learning CVS:
You can create a new project in your CVS repository and manually check
files in/out of this project as you mentioned.
This is really a CVS question so I recommend you go to the CVS
documentation for details on setting this up. There is also a great CVS
quick reference card available in pdf format. You can 'cheat' a little
by using rancid-cvs to setup your project and sourcing rancid.conf to
setup your environment but not understanding what these do could limit
your abilities to expand the scope.
Once you have the project setup, you can schedule a cron jobs on the
server where the iptables, zone files etc, live that checks the current
versions into the CVS repository over the network.
If you follow the CVS model for your zone files, you would edit and test
them in a sandbox (test server), check them in to CVS and then check
them out on the live server as your deployment method.
Good luck,
Mike
-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Gregory W
Zill
Sent: Tuesday, November 06, 2007 9:51 AM
To: rancid-discuss
Subject: [rancid] manual config adds
Can I manually add some one-off systems into the rancid CVS? A linux
iptables config, or some DNS zone files, or other process config files
for example? Using some CVS UPDATE commands I imagine, but then some
manual tickling of the rancid stuff to update the versioning since
rancid itself won't be talking to these one-off devices. Sorry I am such
a CVS noob. Any thoughts appreciated.
--
gregory w zill, mba, cissp
Information Security Engineer
Managed Devices Team
-----------------------------
Solutionary, Inc.
Making Security Manageable
v: 402-361-3066
More information about the Rancid-discuss
mailing list