Hey everyone! I'm reaching out for some insights and validation on my plan for refreshing our Linux PC fleet. I'm mainly a Windows administrator, but I also manage a set of Linux machines that are currently running on Debian 8.6, which is definitely outdated. We deploy these using Clonezilla and DRBL, updating the images as needed.
I'm thinking about moving towards a more modern setup using a recent Debian ISO with preseed and PXE for deployment. My plan is to configure the necessary packages during the installation process through preseed, leaving the ISO untouched and applying machine configurations afterward in a simple manner.
I initially considered using Ansible for configuration management, but I'm not an expert in Linux, and this project is turning out to be more complex than I'd hoped. I want to ensure a logical, simple, and widely adopted approach that fits the needs of Linux fleet managers.
Some key points I need help with include:
- Basic security hardening
- Restricting user session capabilities
- Managing OS updates
- Deploying custom packages
I also thought about using a GLPI agent for inventory and deployment, managing configurations and updates with dynamic grouping.
Thanks for any advice or personal experiences you can share!
4 Answers
You should definitely check out WAPT for your deployment needs. It could match your vision for an automated workflow!
Have you considered using Puppet or OpenVox along with Foreman? Foreman sets up the PXE booting and registers the nodes to Puppet, making it a robust option. One advantage of Puppet compared to Ansible is its ability to maintain your desired configuration state, which is super helpful if users start messing around with settings. Just a heads-up, if you're overwhelmed by Ansible, you might find Puppet similarly challenging as it also requires a bit of a learning curve! Also, if you're open to exploring options outside of Debian, Ubuntu with Landscape might be worth checking out for management and support.
Quick question for others: is there anything like Autopilot for Linux? Something that could do everything from deployment to user sign-in, fully automated, just like in Windows? I mean, that's what we'd love to see for Linux users!
Honestly, sticking with such an old version like Debian 8.6 has probably caused more headaches than it’s worth. Updating your fleet will be beneficial in the long run. Your approach using the stock ISO sounds solid. However, with Ansible, you might want to think about switching to a pull-based configuration management tool as it's usually more suited for client machines compared to push-based like Ansible. Maybe look into alternatives like Salt or Cfengine if you need a pull-based system. Ansible AWX is an option, but keep in mind it also upholds that push model you're trying to move away from.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures