Ask Slashdot: How Do You Install Ubuntu On 30 Laptops and Keep Them In Sync? 202
New submitter spadadot writes "I am setting up a new event in France (Open du Web), where between 15 and 30 laptops running Ubuntu Linux will be available. They came with Windows preinstalled and it must stay for other purposes. I'd like to take care of only one of them (resize the hard drive, install Ubuntu, add additional software and apply custom settings) and effortlessly replicate everything to the others including hard drive resizing (unattended installation). After replicating, what should I do if I need to install new software or change some settings without manually repeating the same task on each one of them? Should I look into FAI, iPXE, Clonezilla, OCS Inventory NG? Other configuration management software? I would also like to reset the laptops to the original environment after the event."
Puppet (Score:5, Informative)
http://puppetlabs.com/ [puppetlabs.com]
Configuration management + install server (Score:5, Informative)
Puppet [puppetlabs.com] combined with either Foreman [theforeman.org] or Cobbler [fedorahosted.org]
Re:Puppet (Score:4, Informative)
http://puppetlabs.com/ [puppetlabs.com]
LOL this is the weekly ask /. where the questioner describes the perfect application for Puppet and then asks what to use.
My only other addition is install and set up torque and dish.
Torque is a decent queuing system. Everybody queue up a job to do "something" as quickly as possible, but strictly one at a time.
The DISH distributed shell lets you run a single command line (which could be a script...) on all machines right now. Simultaneously or whatever.
There are better sites for this question (Score:4, Informative)
Ubuntu Software center sync option (Score:5, Informative)
Are they going to be fixed in place? (Score:5, Informative)
If so, you may want to consider yanking the drives and iSCSI booting them. I know at least with Fedora and RHEL/CentOS you can do this, I presume Ubuntu can as well. Set root-path in dhcp in accordance with rfc4173 and boot iPXE. From there take any PXE-capable deployment mechanism and you can proceed without removing or resizing the partitions.
If only 30 and you lack the experience in this area, you may elect to hand tweak an autoinstall situation. I'm not sure if you need to be particularly picky about 'cloning'. In MS it's almost mandatory as so much of the value of an install is in third-party applications. In the ubuntu case all the packages you want are likely already in the distro and debian-installer is really all you need.
All this said, Live usb key is probably the easiest thing. Stock Ubuntu probably suffices...
FAI (Score:4, Informative)
Debian (and thus Ubuntu) comes with a Fully Automated Installer (shortened as FAI). Take a look at synaptic, and at its manual.
Simplest solution (Score:5, Informative)
Boot from a CD (live CD distro), allow user-owned USB drives for persistent storage.
Optionally, customize the live CD to your needs, installing and removing packages to suit the task.
Red
Chef (Score:4, Informative)
simple - chef:
http://www.opscode.com/chef/ [opscode.com]
Re:There are better sites for this question (Score:2, Informative)
This isn't rocket science and a ton of sysadmins read slashdot (still). There's 2 parts to this: deployment (foreman or cobbler to handle the pxe and kickstart configs) and then configuration management (stuff like puppet, chef or cfenine).
Why not VMs? (Score:5, Informative)
Re:Partimage and just SSH (Score:4, Informative)
> Just set up a passwordless SSH key for root
No. If you worked for me and I caught you doing this, I would first write you up for a direct security violation, and if I caught you doing it again I would fire you. Passphrase free keys leave your deployed network vulnerable to anyone who can steal the key from the hacked server, backup, or anyone who manages to walk off with that key by other means. Doing this is as bad, if not worse, than putting a post-it note with the rude password on your desktop monitor.
Setting up an ssh-agent to passphrase wrap such a remote root access key is a basic step. Restricting remote access to the designated management server is another basic step in protecting such a network from root key theft. Throwing such unprotected keys around is unfortunately, a very common practice among systems people who believe that "if they're inside our network, we have much bigger problems". Since these machines are laptops, they will be walking into and out of the network, and it's reasonable to assume that the network will be attacked from a machine inside. Basic security practices, such as system updates, password expiration, and access key handling should all get some attention to protect the network.
Re:Puppet (Score:5, Informative)
Here is the link to Ubuntu's custom install CD article: https://help.ubuntu.com/community/InstallCDCustomization [ubuntu.com]. Create your own custom installer, and use that to image all the laptops.