Mass deployment
This topic provides a high-level overview of mass deployment of ESET Server Security for Linux via Puppet, Chef and Ansible. The code blocks below contain only basic examples of how packages could be installed. They might differ per linux distribution.
Package selection
Before you start the mass deployment of ESET Server Security for Linux, you have to decide which package to use. ESET Server Security for Linux is distributed as a .bin package. However, you can obtain deb/rpm package by running the ESET distribution script with "-n" command line argument.
Puppet
Precondition
•bin or deb/rpm package available on puppet-master
•puppet-agent connected to puppet-master
Bin package
Deployment steps:
•copy the bin installation package to the desired machines
•run the bin installation package
Puppet manifest sample node default { file {"/tmp/efs-8.0.1081.0.x86_64.bin": mode => "0700", owner => "root", group => "root", source => "puppet:///modules/efs/efs-8.0.1081.0.x86_64.bin" } exec {"Execute bin package installation": command => '/tmp/efs-8.0.1081.0.x86_64.bin -y -f' } } |
Deb/rpm package
Deployment steps:
•copy deb/rpm installation package according to distribution family to the desired machines
•run the deb/rpm installation package
Dependencies Dependencies have to be resolved before starting the installation |
Puppet manifest sample node default { if $osfamily == 'Debian' { file {"/tmp/efs-8.0.1081.0.x86_64.deb": mode => "0700", owner => "root", group => "root", source => "puppet:///modules/efs/efs-8.0.1081.0.x86_64.deb" } package {"efs": ensure => "installed", provider => 'dpkg', source => "/tmp/efs-8.0.1081.0.x86_64.deb" } } if $osfamily == 'RedHat' {
file {"/tmp/efs-8.0.1081.0.x86_64.rpm": mode => "0700", owner => "root", group => "root", source => "puppet:///modules/efs/efs-8.0.1081.0.x86_64.rpm" }
package {"efs": ensure => "installed", provider => 'rpm', source => "/tmp/efs-8.0.1081.0.x86_64.rpm" } } } |
Chef
Precondition
•bin or deb/rpm package available on Chef server
•Chef client connected to Chef server
Bin package
Deployment steps:
•copy the bin installation package to the desired machines
•run the bin installation package
Chef recipe sample cookbook_file '/tmp/efs-8.0.1084.0.x86_64.bin' do source 'efs-7.0.1084.0.x86_64.bin' owner 'root' group 'root' mode '0700' action :create end
execute 'package_install' do command '/tmp/efs-8.0.1084.0.x86_64.bin -y -f' end |
Deb/rpm package
Deployment steps:
•copy deb/rpm installation package according to distribution family to the desired machines
•run the deb/rpm installation package
Dependencies Dependencies have to be resolved before starting the installation |
Chef recipe sample cookbook_file '/tmp/efs-8.0.1084.0.x86_64.deb' do source 'efs-8.0.1084.0.x86_64.deb' owner 'root' group 'root' mode '0700' action :create only_if { node['platform_family'] == 'debian'} end
cookbook_file '/tmp/efs-8.0.1084.0.x86_64.rpm' do source 'efs-8.0.1084.0.x86_64.rpm' owner 'root' group 'root' mode '0700' action :create only_if { node['platform_family'] == 'rhel'}
dpkg_package 'efsu' do source '/tmp/efs-8.0.1084.0.x86_64.deb' action :install only_if { node['platform_family'] == 'debian'} end
rpm_package 'efsu' do source '/tmp/efs-8.0.1084.0.x86_64.rpm' action :install only_if { node['platform_family'] == 'rhel'} end |
Ansible
Precondition
•bin or deb/rpm package available on Ansible server
•ssh access to target machines
Bin package
Deployment steps:
•copy the bin installation package to the desired machines
•run the bin installation package
Playbook task sample .... - name: "INSTALL: Copy configuration json files" copy: src: efs-8.0.1084.0.x86_64.bin dest: /home/ansible/
- name : "Install product bin package" shell: bash ./efs-8.0.1084.0.x86_64.bin -y -f -g ..... |
Deb/rpm package
Deployment steps:
•copy deb/rpm installation package according to distribution family to the desired machines
•run the deb/rpm installation package
Playbook task sample .... - name: "Copy deb package to VM" copy: src: ./efs-8.0.1085.0.x86_64.deb dest: /home/ansible/efs-8.0.1085.0.x86_64.deb owner: ansible mode: a+r when: - ansible_os_family == "Debian"
- name: "Copy rpm package to VM" copy: src: ./efs-8.0.1085.0.x86_64.rpm dest: /home/ansible/efs-8.0.1085.0.x86_64.rpm owner: ansible mode: a+r when: - ansible_os_family == "RedHat"
- name: "Install deb package" apt: deb: /home/ansible/efs-8.0.1085.0.x86_64.deb state: present when: - ansible_os_family == "Debian"
- name: "Install rpm package" yum: name: /home/ansible/efs-8.0.1085.0.x86_64.rpm state: present when: - ansible_os_family == "RedHat" .... |