[Ask OBSDJ] Rapidly deploying OpenBSD servers?

What's the point of a website like this if it is just to ask people to email the solutions directly to the person asking? Post your answers, and then email a copy if you must, but I can imagine this information helping more than one person (if not myself at the moment).
And I agree that creating a .tgz of the whole harddrive after OpenBSD has been setup sounds easiest, but I suppose there might be some sort of computer specific stuff that is important to setup, so anybody know of some sort of ready-made script for installing OpenBSD and setting up various things on a per-computer basis?
Oh, and that link is to your https server. Is that intentional, or did you just put it in by mistake? You are trying to spread your certificate as much as possible by "accidentally" slipping in links to the https server every now and then, aren't you :P.

Instead of making a huge ass baseXX.tgz
Make a tarball with just the changed files and call it localconfig.tgz or something and add it to a distro cd (by making a personal copy of course). When it asks if you want to add more packages you say yes and tell it to use localconfig.tgz this way you can use any version of openbsd and apply your platform|site specific changes to it.

Of course I'm thinking in the long term.

I'm also interested in trying to figure out what is MINIMALLY needed for a machine install and how it makes the hard drive bootable. This way you could replicate machines with a bootable cd and little to no interaction (aka faster).

And since I'm on the topic of cd's it would be even better to put the final base on a non rewritiable media (aka CDR) and mount everything except home and /tmp (ram drive) and then do a union mount of things that could possibly change like /usr/bin or whatnot... this way you can have a secure base to start from and still add to it if you need to (aka mount /etc unioned and scp passwd dbases from a master controller at boot).

Of course if you were that mad you would probably deal with bootp and since we're cheap and don't want to buy boot roms get yourself a decent network card (aka fxp) and PXE boot. :)

Whoo hoo more off topic you could use the previous method to make pop toasters, web server farms, etc with the help of a switch and a net-app. Should you need more horse power you just throw together any type of box pop in an fxp plug into switch; power on and instant scaleablility. :) [doing that was the most fun I ever had... of course i was nudged in this direction by a previous co-worker]

Create a tgz named localhost.tgz as mentioned in a previous post, then create a shell script to automatically edit all base.tgz specif files

For example, have it go and change hostname, ipaddress, etc...

Setup properly like this you can deploy a fully funcationly OpenBSD box in less than an hour or so (quicker if you have a faster computer).

One of the most helpfully things is have a "standard" hardware configuation so you don't have to much around with hardware specif issuses. For example all sparc station 20's or all PC buildt the exact same way. (this way you can also release a customed compiled kernel also)

Also don't forget to patch before you create the base.tgz! :) If a new patches come out, update you base.tgz just in case it has to be deployed on short notice.

Also helpfully if you have the exact same arch, get a file server for /usr/src and /usr/obj, compile it on one machine and deploy it to all the rest of the machines by a simple `make install` then each machine doesn't have to keep src/obj local and doesn't have to waste time/hard disk/cpu building patches. Same goes for ports/packages.

If you have enough workstations to install that makes it workwhile, it may be a good idea to customize the sysinst boot disk. For example, with NetBSD, I have forced it to not prompt for answers and it automatically uses dhcp to gather network info and uses the defaults for installs. (Then just make sure it also installs this customized localhost.tgz set). Then once you have a customized install floppy, and a local dhcp server and FTP server with the install sets, you can install each station in just a one or two minutes of your time. (The install itself may take ten or 15 minutes; of course, depending on other factors.)

http://ugweb.cs.ualberta.ca/~jmartin/copybeast.html
Naturally the web form completely mangled my post.
I just have no luck with these web discussion
gizmos. If this attempt gets mangled too, just
check the URL above.

A very similar question came up on the openbsd-misc mailing list recently.
What follows is basically what I sent that person.

This is what we do to install OpenBSD on whole labs full of machines at the
University of Alberta Department of Computing Science.

1. Setup a template box. Install OpenBSD, configure it for our needs,
install additional third party software.
2. Turn on rsh and give root a .rhosts files so root on the other lab machines
will be able to access the template box.
3. Drop this script into root's home dir (we call it "copybeast"):

#!/bin/sh
#
# Call this script as ``$0 ''
cd /
mv /tmp /otmp
ln -s /mnt/tmp /tmp
# start dumping filesystems
cd /mnt/var
rsh $1 "dump 0f - /dev/wd0h" | restore rf -
rm restoresymtable
cd /mnt/usr
rsh $1 "dump 0f - /dev/wd0g" | restore rf -
rm restoresymtable
cd /mnt
rsh $1 "dump 0f - /dev/wd0a" | restore rf -
rm restoresymtable
cd /
# change a few key files
echo $2 > /mnt/etc/myname
echo $2.cs.ualberta.ca > /mnt/var/local/qmail/control/me
echo "inet $2 255.255.255.0 NONE" > /mnt/etc/hostname.xl0
# install the boot block
echo "installing boot block"
/usr/mdec/installboot -v /mnt/boot /usr/mdec/biosboot wd0
echo "done"

4. Boot a batch (how big the batch is depends on the speed of your disks and
net) of target machine with an OpenBSD CD. Take them through the
install process until it asks for root's password (so disks will be
partitioned and net configured). Drop to command line.
5. rsh template-box-ip "cat copybeast" > copybeast; chmod 700 copybeast
6. ./copybeast template-box-ip whatever-my-name-is
7. Reboot when they are done.
8. Repeat for the next batch of machines. Obviously you now have a larger
pool of templates and can do more target machines per batch (provided your
network allows it).
9. Remove the ~root/.rhosts, turn off rsh, and do any other final securing
(eg. turning off CD booting and password protecting the BIOS) when
completely done.

Obviously the script needs to be tuned for your particular setup. You could
probably do away with the .rhosts file too. We use it because we can then
get lesser admins (not priviledged with root's password) to help.

You might want to take a look at something from the OpenBSD mailing lists... see http://www.sigmasoft.com/~openbsd/archive/openbsd-misc/200012/msg01458.html and also this follow-up: http://www.sigmasoft.com/~openbsd/archive/openbsd-misc/200012/msg01588.html .

Basically, create a tarball named site29.tgz (for 2.9) and drop it in the install directory. site.tgz will show up with the standard package list. The tarball will be exploded at / and /install.site will automatically be run in a chrooted environment. The process is somewhat more flexible than the single base.tgz method, since you can use >

I have used this to fully install & customize systems in less than 15 minutes.

...that should be, you can use "make release" to upgrade the base OS and local customization (IP Address and such) is easier, because it can be done at install time.

If you're going to clone systems, there's some products out there that can make your life easier.

Invest in some IDE hard drive carriers. They make cloning drives easy, as well as swaping out systems if something fails. Cost about USD $50 per machine. Well worth it.