On 11/04/2005, Matthew Schumacher wrote:
> I'm not interested in compiling all of my software on each host so the
> ports tree is out, I need package management.
They're not mutually exclusive, I think. You can certainly use the
-P option to portupgrade to tell it to prefer packages over ports,
and you can tell portupgrade.conf to check your own local package
repository for packages. Hit the portupgrade man pages.
> I looked at those pages and there isn't a single word about upgrading.
> I'll probably have to download and test, but the package management
> looks pretty weak.
That handbook section is about making your own ports. The information
necessary to make your own port is the same information necessary to
roll your own packages from scratch -- whether or not you want to take
advantage of all the knobs that are there to make the dependency tracking
easy.
> I don't need anything real fancy, and can manage my own dependancies, I
> just need something to keep track of my binaries.
If you cheat off of the existing dependency knowledge encoded in the
portupgrade system and then augment it with any of your own knowledge
that isn't already represented, you get the best of both worlds, IMO.
>>I'm also looking forward to trying out CARP, which was imported from
>>OpenBSD:
>>
>> http://www.freebsd.org/cgi/man.cgi?query=carp
>>
>>This, coupled with pfsync, can get you easy failover for your firewall
>>without losing state (when coupled with pfsync):
>
> That does look interesting for firewall use, but I'm not sure it would
> be useful for fail over servcies, since the failed to service wouldn't
> know what to do with the tcp session.
Its primary usefulness does appear to be for firewalls. Without
a widget to sync other types of state, you're right that the new
server destination would be confused.
I'm not sure what other products would provide the level of failover
it sounds like you want, though -- except for the relatively expensive
switches that (IIRC) cache and play back interrupted sessions.
For most uses, I'd be perfectly happy with just having the other box
kick in.
>>The OpenBSD guys have their failver firewalls set up on a random,
>>staggered reboot schedule ... and no one ever notices. I'd love to
>>set something like that up but haven't made the time yet.
>
> Is this really needed? I'm trying to figure out why you would want that
> (other than the fail over).
By 'OpenBSD guys', I mean the core developers themselves. They're
just showing off -- "eating their own dog food" and demonstrating that
the failover is uber-seamless by being willing to have their firewall
reboot semi-randomly without it affecting their work in any way.
-royce
-- Royce D. Williams - IP Engineering, ACS personal: [first]@alaska.net - PGP: 3FC087DB/1776A531 work: [first.last]@acsalaska.net - http://www.tycho.org/royce/ --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Fri Nov 4 13:09:30 2005
This archive was generated by hypermail 2.1.8 : Fri Nov 04 2005 - 13:09:30 AKST