• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 978
  • Last Modified:

Looking for an automated Linux patching solution for RHEL and Ubuntu

We have around 100 Linux servers here 90% virtual in VMware and about 50 Ubuntu, 25 RHEL 5 & 6, 12 CentOS and a few other stray items like a Solaris box etc.

We are looking for some type of an automated patch management product for these - ideally one that can handle all the various OS types - and hopefully not Tivoli due to cost and complexity to maintain.

What's out there either OpenSource or commercial that's good & reliable but not a huge time sink to keep running?? We need to be PCI compliant and doing this by hand is obviously terribly time and resource intensive. We DON'T want to go the automated OS patching route unless we can control what gets patched and when without touching every box (once on setup I one thing but to continually revisit each server is another).

Thanks,
George Kasica
Sr. Systems Administrator
Connecture.com
Brookfield WI
0
George R. Kasica
Asked:
George R. Kasica
  • 3
  • 2
1 Solution
 
Joseph GanSystem AdminCommented:
For RHEL servers patching you can use Red Hat Satellite management tool.
0
 
Joseph GanSystem AdminCommented:
There is an open source of Satellite called Spacewalk, which could support for CentOS as well.
0
 
George R. KasicaSr. Systems AdministratorAuthor Commented:
OK. I've seen that as well as Chef and one called puppet but know nothing of any of them. I'll take a look
+
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
George R. KasicaSr. Systems AdministratorAuthor Commented:
It doesn't look like Satellite will do the Ubuntu servers which are the largest portion of what we have and most of our production servers.
0
 
Phil DavidsonCommented:
You could use Puppet or Chef.  

If you don't want to implement a CM tool, you could have an internal server for the Ubuntu updates and update the /etc/apt/sources.list files on the servers, and a RedHat satellite server internally for the RedHat server patches.  You could have cron jobs to run apt-get install on Ubuntu and yum on RedHat servers.
0
 
George R. KasicaSr. Systems AdministratorAuthor Commented:
We initially went with the internal repository and modifying the sources files but finally given the low cost on the Ubuntu and that it comes with 24/7 support as well we're using their landscape product. All but 6 of our servers are Ubuntu so the 6 centOS are manageable manually and getting converted over as well so it will soon be a non issue. Thank you for to reply we were looking at both chef and puppet.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now