Filesystem Management: Mastering Radmind and RsyncX
Kevin Boyd and Richard Glaser just got done with a session on Radmind and RsyncX, basically talking about how you can use the two either separately or in conjunction to handle computer lab environments. It's also worthy of note that both are Steering Members of Macosxlabs.org project. The presentation covered all manner of things relating to each, including a preview of the pending release of RsyncX 2.0.
Session 253 Filesystem Management - Mastering Radmind and RsyncX
Kevin Boyd, University of Michigan
Richard Glaser, The University of Utah
Kevin Boyd -
Developer of RsyncX
Steering Member of macosxlabs Project
2.0 v. of RsyncX is out today
Richard Glaser -
Long time radmind admin
Steering Member macosxlabs Project
Macosxlabs.org's mission is to Document comunicate & collaborate on challenges of deploying Mac OS X in a lab environment. They're joint efforts with Apple, Higher Ed and anyone else who is interestied. They do webcasts, documentation and forums
RsyncX is a Suite of Tools to Manage Machines
The new interfaces are designed for local backups, bootable firewire drives to deploy lab environment or the RsyncX server. You can now make firewire drives fully bootable as backups. It's all schedulable and you can merge multiple volumes, as well.
You can now create an rsyncd using RsyncX's GUI. you can now configure Meta Users for the Rsync servers only, so you don't have to give real access to anyone. You can set the server to be read only on the volume that it is retrieving from. Once you are there, you can then create scripts using the Script Maker to handle the rest.
RsyncX Introduction
The idea behind RsyncX is a three step processes. You have a server with files, a CD with scripts to pull to the machine, then you run those and it works. There are a lot of combinations you can use this for, to modify and update machines, etc.
Firewire Installation:
Create a script to send loadset from Firewire drives to volume mounted once you're booted as that drive.
Network Installation:
Create loadset, push loadset to the server, boot from a non primary device on the old machine, then run that script.
CD Installation:
RsyncXCD can be used as a bootable non-primary, then you can push things out to a very blank machine.
Using the Package Tools:
Simple GUI to move small subsets of files to many machines.
Mastering Radmind
Background
Radmind is developed at UofM, and they maintain all the docs and lists.
You can get it from radmind.org and there are OS X iInstallers and Source Code, and a Radmind Assistant as well as iHook for Radmind.
What's it do?
It's a suite of CL tools that run on clients and servers. Runs on many platforms, just not windows.
Requires 10.2 or later.
The Basic Concepts:
Radmind can run as a tripwire. Detects file system mods, that you can then reverse. You can restore a system to its managed state very easily.
Client asks for the management description
Server gives the client the file system description and the client stores that file, and then Radmind does a quick scan of the drive and compares it against the file, and creates a differences transcript. It deletes things that don't belong, and retrieves things from the server that shouldn't have been deleted.
Network/Server usage:
Few files are transferred, so it saves bandwidths.
It scans only locally.
DHCP is not required, all you need is an IP address.
Manage by Certificate: Allows client & server ident/verification via SSL certificates. Makes IP irrelevant.
One file on server to manage file systems of multiple machines of the same config. It's easy to switch who gets what.
Software Tracking
Tracks all the software and OS installations, has built in support for tracking individuals.
Distribution:
you can give it out to one, a few, or all of your machines. Very easy to handle.
It will help find or modify a "Crappy App" or installers. Many software developers make their programs write stuff where it doesn't belong. It's easy to remove those things with radmind, since it audits and tracks everything.
How do you deploy it?
Planning and Prep:
File System Management Fundamentals
Every file and folder cannot be managed
some shouldn't be managed
so you should focus.
What should you manage? Well, that depends on the OS you're using. It also depends on how you want to manage it.
Some areas of the OS shouldn't be managed:
/Library/Caches
/dev
/mach.sym
In a student Lab, you might want to manage as much as possible for cleanup purposes.
Radmind does come with some templates for 10.2 and 10.3
How do you set up a managed file system?
One big description? It's not as granular. But it's easy
Partial File System? OS and Global Apps aren't mucked with by users
Small File System? too touchy feely.
You can also stack descriptions to create different profiles as well.
Updating is very flexible. They're UNIX tools, so they're scriptable like the rest. You can use Radmind Assistant to help you cue up the tools as well. You can run it on login with a special login or on logout, or in the background.
Running it through cron will warn a user that is logged in, thankfully.
You can also handle it with ARD or TB2
THe Glossary
Transcript: A description of the file system, it's a list of files, links and directories, has all of the unix identifiers as well.
Positive Transcript: All of the file systems that MUST exists.
Negative Transcript: This lists items that must exist but aren't managed.
Loadset: transcript and its associated files.
Baseload: primary file system loadset usually a large transcript & associated files. Could just be the OS and the Apps, or just the Apps.
Overload: another loadset Used with the baseload for the machine deployed file system (ie updates! or extra apps)
Command File: machine's managed file system. All of the loadsets and files.
Apply-able Transcript: defines difference on the client and this is what's used to update the client.
Create-able Transcript: a transcript containing the additions to the client but they're not on the managed file system.
CLI Tools:
fsdiff compares the file systems.
lcreate uploads a transcript and associated files to the server.
lapply modifies the local file system as described by the fsdiff result.
ktcheck gets the transcripts from abroad
lcksum does a loadset checksum.
lmerge combines two or more transcripts and corresponding files into one loadset
The GUI tools:
There are three: Radmind Assistant, Randmind Transcript Editor and Radmind Server Manager.
Assistant updates clients, creates File Systems Descriptions, uses authent/encrypt Enables some automation of your process.
Transcript Editor
Can now edit file system descriptions and deal better with crappy apps.
Used to edit Owner and Group Perms, Comment and Uncomment the Apps, or display/hide file system stuff. You can also search for paths, or owners, or permissions and change.
Server Manager
Allows you to control the config based on who gets what, either via MAC address or IP address, etc. Also controls the various scripts that go out to the machines, as well as the transcripts and loadsets as part of the whole CVS check-in process.
Comments:
It's http://www.radmind.org, not .com.
Posted by Todd McDaniel on January 9, 2004 — 4:18 PM
The presentation slides are available at:
http://www.macosxlabs.org/presentations/2004-macworld_sf/04-MWSF_Radmind&RsyncX.pdf
Posted by Richard Glaser on January 12, 2004 — 4:34 AM