Hello everyone. First timer here. Without getting into all the details we are going to be spinning up quite a number of Linux boxes running Centos 7.

We want our security apps installed as part of the OS deployment. I am more familiar with OSD for Windows. To prevent from having to update the gold images frequently in Windows we leave the core images as is and can install applications on the fly as part of the scripted OS deployment. By the time the system is ready to be logged into for the first time, all of the apps are installed.

I'm wondering if there is a similar process that can be utilized to do the same in Linux. That way when a new version is released we simply replace the source files for the apps.

Short answer: yes, easily.
Longer answer: yes, but it depends on your needs as to how.

If you're in a development environment, and need to spin up a dozen dev boxes to let programmers play, and want to destroy/rebuild regularly, then you can put your custom packages/scripts/whatever as part of your kickstart build.

Otherwise, it's fairly easy to take whatever you want, be it shell scripts, files, programs, etc., and make your OWN RPM file, and version it. Point your boxes back to your central repository, and the system will treat it just like any other upgrade, or just copy the RPM to another system, and run a yum command to update it manually. Lots of options, but they depend on where these systems are (i.e. internal, at customer-sites, etc.), and other variables.

1 members found this post helpful.

Appreciate the feedback. These are going to be AWS hosts that spin up and down based on the workload and performance parameters. The OS images are going to be updated pretty frequently. I think the decision will be based on the time it takes for the systems to be ready for use once they are brought online.