Mass deployment

This topic provides a high-level overview of mass deployment of ESET Endpoint Antivirus for Linux via Puppet, Chef and Ansible. The code blocks below contain only basic examples of how packages could be installed. They might differ per linux distribution.

Package selection

Before you start the mass deployment of ESET Endpoint Antivirus for Linux, you have to decide which package to use. ESET Endpoint Antivirus for Linux is distributed as a .bin package. However, you can obtain deb/rpm package by running the ESET distribution script with "-n" command-line argument.

 

Puppet

Precondition

bin or deb/rpm package available on puppet-master

puppet-agent connected to puppet-master

Bin package

Deployment steps:

copy the bin installation package to the desired machines

run the bin installation package

 

example

Puppet manifest sample

node default {

    file {"/tmp/eea-7.0.1081.0.x86_64.bin":

           mode => "0700",

           owner => "root",

           group => "root",

           source => "puppet:///modules/eea/eea-7.0.1081.0.x86_64.bin"

         }

    exec {"Execute bin package installation":

           command => '/tmp/eea-7.0.1081.0.x86_64.bin -y -f'

         }

}

 

Deb/rpm package

Deployment steps:

copy deb/rpm installation package according to distribution family to the desired machines

run the deb/rpm installation package

note

Dependencies

Dependencies have to be resolved before starting the installation

 

example

Puppet manifest sample

node default {

if $osfamily == 'Debian' {

        file {"/tmp/eea-7.0.1081.0.x86_64.deb":

               mode => "0700",

               owner => "root",

               group => "root",

               source => "puppet:///modules/eea/eea-7.0.1081.0.x86_64.deb"

             }

        package {"eea":

               ensure => "installed",

               provider => 'dpkg',

               source => "/tmp/eea-7.0.1081.0.x86_64.deb"

             }

 }

if $osfamily == RedHat {

        file {"/tmp/eea-7.0.1081.0.x86_64.rpm":

               mode => "0700",

               owner => "root",

               group => "root",

               source => "puppet:///modules/eea/eea-7.0.1081.0.x86_64.rpm"

             }

        package {"eea":

               ensure => "installed",

               provider => 'rpm',

               source => "/tmp/eea-7.0.1081.0.x86_64.rpm"

             }

 }

}

 

Chef

Precondition

bin or deb/rpm package available on Chef server

Chef client connected to Chef server

Bin package

Deployment steps:

copy the bin installation package to the desired machines

run the bin installation package

 

example

Chef recipe sample

cookbook_file '/tmp/eea-7.0.1084.0.x86_64.bin' do

        source 'eea-7.0.1084.0.x86_64.bin'

        owner 'root'

        group 'root'

        mode '0700'

        action :create

end

 

execute 'package_install' do

        command '/tmp/eea-7.0.1084.0.x86_64.bin -y -f'

end

 

Deb/rpm package

Deployment steps:

copy deb/rpm installation package according to distribution family to the desired machines

run the deb/rpm installation package

note

Dependencies

Dependencies have to be resolved before starting the installation

 

example

Chef recipe sample

cookbook_file '/tmp/eea-7.0.1084.0.x86_64.deb' do

        source 'eea-7.0.1084.0.x86_64.deb'

        owner 'root'

        group 'root'

        mode '0700'

        action :create

        only_if { node['platform_family'] == 'debian'}

end

 

cookbook_file '/tmp/eea-7.0.1084.0.x86_64.rpm' do

                source 'eea-7.0.1084.0.x86_64.rpm'

                owner 'root'

                group 'root'

                mode '0700'

                action :create

                only_if { node['platform_family'] == 'rhel'}

 

dpkg_package 'eea' do

        source '/tmp/eea-7.0.1084.0.x86_64.deb'

        action :install

        only_if { node['platform_family'] == 'debian'}

end

 

rpm_package 'eea' do

        source '/tmp/eea-7.0.1084.0.x86_64.rpm'

        action :install

        only_if { node['platform_family'] == 'rhel'}

end

 

Ansible

Precondition

bin or deb/rpm package available on Ansible server

ssh access to target machines

Bin package

Deployment steps:

copy the bin installation package to the desired machines

run the bin installation package

 

example

Playbook task sample

....

- name: "INSTALL: Copy configuration json files"

  copy:

    src: eea-7.0.1084.0.x86_64.bin

    dest: /home/ansible/

 

- name : "Install product bin package"

  shell: bash ./eea-7.0.1084.0.x86_64.bin -y -f -g

.....

 

Deb/rpm package

Deployment steps:

copy deb/rpm installation package according to distribution family to the desired machines

run the deb/rpm installation package

 

example

Playbook task sample

....

      - name: "Copy deb package to VM"

        copy:

          src: ./eea-7.0.1085.0.x86_64.deb

          dest: /home/ansible/eea-7.0.1085.0.x86_64.deb

          owner: ansible

          mode: a+r

        when:

          - ansible_os_family == "Debian"

 

      - name: "Copy rom package to VM"

        copy:

          src: ./eea-7.0.1085.0.x86_64.rpm

          dest: /home/ansible/eea-7.0.1085.0.x86_64.rpm

          owner: ansible

          mode: a+r

        when:

          - ansible_os_family == "RedHat"

 

      - name: "Install deb package"

        apt:

          deb: /home/ansible/eea-7.0.1085.0.x86_64.deb

          state: present

        when:

          - ansible_os_family == "Debian"

 

      - name: "Install rpm package"

        apt:

          deb: /home/ansible/eea-7.0.1085.0.x86_64.rpm

          state: present

        when:

          - ansible_os_family == "RedHat"

....