autoinstall - the "forest"

truniger@mt.com (Othmar Truniger):
PS: regarding the question why setting up an install server even in a very
small environment: I like the idea to put all the knowhow and the
specific configurations into the install config environment. Everything
is set up automatically from the second installation on and when I'm off
the only thing one need to know in a case of emergency: boot net - install
Also I never upgrade a client. Why should I? A new installation is much
faster and safer.

In short, autoinstall facilities such as those used at UCI truly remove Unix from the "mainframe model of support", and serve to significantly reduce what is coming to be commonly referred to as "data rot", in system admin circles.
In somewhat sweeping terms, the benefits are:

Autoinstall (especially when used in conjunction with run-after) provides exceptionally high consistency, from machine to machine. Configurations are built by the same automated process, so machines don't end up with nearly as many (sometimes quite significantly, but needlessly, different!) variations, as they would if configured by hand.
Autoinstall builds in high security - the best security we know how to provide, at the moment a machine is installed. In the past, machines were configured with as much security as we had time for - which sometimes meant "only what the vendor included in the base OS". Obviously, this was a less than ideal situation. Some of the security modifications supplied by autoinstall, come from the vendor, while others come from the NACS members' knowledge of security, in large part as garnered from close watch kept on a number of security-related and platform-specific newsgroups.
Autoinstall provides a high level of specificity, while also maximizing commonality. That is, most autoinstall-supplied changes are made on all autoinstalled systems (this is the default), but many have indications of what subsets of the hosts at UCI, should receive a given modification. These can be keyed off of a YP domainname, a DNS domain, a list of hostnames, a single host, or anything else one may care to determine from a shell script.
Because all changes for a specific domain can be coded into autoinstall, a degree of freedom is realized. An admin needn't know (or try to recall) every last small customization that the users in a domain expect, when their machines are configured - autoinstall, when configured properly, remembers every last detail, and takes care of those details for you. The job of machine configuration becomes relatively delegatable, and service can remain high-quality even when a domain's admin leaves UCI.

Click here, to move on to the trees. You can always just skim them.
http://www.nacs.uci.edu/support/dcs/automation/forest.html