[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Best Practices for configuration management with cn=config?

--On Friday, February 03, 2012 9:14 PM +0100 Michael StrÃder <michael@stroeder.com> wrote:

Quanah Gibson-Mount wrote:
--On Friday, February 03, 2012 12:27 PM -0700 Chris Jacobs
<Chris.Jacobs@apollogrp.edu> wrote:

We use puppet here... for openldap, it's ONLY useful for initial config.
For modifications of openldap config, there's no mechanism to enable
that, and any mechanism that DID exist would have to be aware of the
current state.

@ Zimbra we wrote our own state engine that queries the current cn=config
values, and compares them to a set of variables that user can modify. If
they differ, it updates cn=config to match the user variables. We don't
use puppet at all however.

And where is the "set of variables that user can modify" stored?

In a utility local to the system. Most end clients do not know or understand how to modify LDAP or any number of the software programs shipped with Zimbra, so it allows them the ability to configure LDAP, Postfix, etc, in a simple way.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration