Hey guys - So, keeping track of what updates are needed on a Drupal site isn't too bad, but what about if you're running 50 sites? I've looked around a few times over the last few months, but I've never found any good discussion on this topic.
I'm building out a new secure Drupal hosting service, and while I'll be able to manage this for the first few months by hand, presuming things go well, it will quickly become more work than I'd like to do, just keeping inventory of the sites, figuring which sites have security patches, etc.
I've been slowly designing and writing code for a pair of Drupal modules - one will return a list of installed modules to an authenticated user over a REST interface, and the other will run on a central Drupal master, authenticating to and inventorying sites, and then comparing this information against update information for those packages, displaying where security or "normal" updates are available (In theory, the second module could interface with Aegir instead of querying individual sites).
Does something like this really not exist yet, or am I just not looking in the right places?
John
Comments
So, I spent some more time
So, I spent some more time tonight looking through drupal modules tagged with security, and I found two potentials for this -
Update Status Aggregator - this sounds like a similar architecture to what I was thinking of - 2 modules, one client, one server. Client sends to server, server aggregates. Has promise...haven't gotten it to work yet, but will tinker some more after sleep. :)
Droptor - this is a client module for Droptor.com - They seem to be offering a low cost (free for one site, $2/month per additional) service that monitors your updates and also tells you a bunch of stuff about your site. Also looks interesting, and I'll play with it, but for my needs I want this running on my own server...
Will update as my hunt continues. :)
Protected Industries
Drush & Aegir
I think the two big solutions folks are using for this are Drush and Aegir.
If you are managing sites on other servers you may need to use site aliases (I'm not sure how well that is supported in Aegir).
There is also the sentry project http://drupal.org/project/sentry_server which seems to do some or all of what you are looking for. And, if it doesn't, it might be a good place to add what you need.
knaddison blog | Morris Animal Foundation
OS/File
At the OS and file level, I use puppet for configuration management across many systems and platforms. It's excellent and my drupal environment is synched up with it across both prod and staging sites.
http://www.puppetlabs.com/
Guys - sorry I missed your
Guys - sorry I missed your posts over the holidays. Greg - think Sentry looks like it's moving in the right direction. I was scared at first when I saw just 16 sites were using it, but I've got the client on 2 test sites now and it seems to be a good start.
I've got a good amount of experience with Aegir - running around 10 sites through multi-server setup. While it does get a list of modules installed on a site, it doesn't do any comparison for updates (that I'm aware of...). Added a sentry server into a test aegir setup - I've got a few things to work out, but so far, so good.
Robert - I haven't drank the Puppet Kool Aid yet, but have several friends who have - it's on my list to check out in time, although I'm leaning towards SpaceWalk for OS/patch management part.
Thanks for the ideas - I'll try to post another update as I get a few more battle scars...
John
Protected Industries