For drift control i've found most CM systems to be lacking. I've always used something like tripwire/aide to detect file changes and correlate that with the proper configuration updates. Puppet and other 'resident' systems seemsgood for this but they run every Nminutes doing a lot of work to verify things, instead of using something like inotify to trigger immediate response from a passive kenrel hook (via fam deamon or something as simple as incron). This ends up being a LOT more efficient and avoids a lot of useless processing.
-- ---------- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7e7L_4mCsjTXxW7aK0TpastFRmZ3sobo7aCc6%3Dhtk83jA%40mail.gmail.com.
