Hi

> I'm starting to put together a portage/stable server configuration for a large
> number of gentoo VM's that will eventually be hosted on a VMware ESX 4.1U1
> cluster - with the goal of limiting major changes to once/year and otherwise
> only applying security/minimum necessary updates.  I doubt it will be easy but
> I'm doing my best at it :)

This sounds very interesting.  I haven't yet plugged through your blog, 
but just to chime in:

I maintain a, likely much smaller, number of VMs using linux vservers.  
The approach here is to almost cut each machine down to a chroot that 
runs only one (or thereabouts) interesting service.  To do this I have 
found customised portage profiles to be the under-plugged secret since 
they allow you to basically push a set of packages which should be 
installed and control "per type of vm" use flags and package keywords 
(eg I have www-nginx, www-apache, mail, proxy, mysql, ftp, etc 
profiles).  Additionally I have a small overlay of local ebuilds that 
sit in the same tree

Up until now I haven't really made any effort to sync this whole tree 
across multiple physical machines and it's a bit of an ad-hoc process.  
Using something like git would probably be perfect

The still missing step is configuration management across the machine 
types, eg I want to upgrade all my "Apache-WWW" class machines and merge 
in all changes in /etc in a certain way... At the moment I just run 
dispatch-conf across all machines, but it can be quite boring merging 20 
instances of sshd.conf...  Seems like Puppet/Chef could be a solution 
here, but the step up and investment to make it work seems pretty large?



It does appear like managing large numbers of virtual machines is one 
are that gentoo could score very well?  Interested to see any chatter on 
how others solve this problem, or any general advocacy?  Probably we 
should start a new thread though...

Regards

Ed W