Cfengine: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
| Line 27: | Line 27: | ||
!Description | !Description | ||
|- | |- | ||
|<code>cf-agent</code> | |style="white-space: nowrap;"|<code>cf-agent</code> | ||
|This is the part of cfengine which does the actual work of installing configuration files, copying over other files and package lists from the [[cfengine hub]] and running any scripts or programs specified in the promises. It runs on the host-to-be-configured either manually or at regular intervals by <code>cf-execd</code> (see below). | |This is the part of cfengine which does the actual work of installing configuration files, copying over other files and package lists from the [[cfengine hub]] and running any scripts or programs specified in the promises. It runs on the host-to-be-configured either manually or at regular intervals by <code>cf-execd</code> (see below). | ||
|- | |- | ||
|<code>cf-execd</code> | |style="white-space: nowrap;"|<code>cf-execd</code> | ||
|This is cfengine's equivalent of <code>crond</code>. It runs <code>cf-agent</code> according to a schedule which, by default, is once every five minutes 24/7. <code>cf-execd</code> will only run one instance of <code>cf-agent</code> at a time. <code>cf-execd</code> runs on each cfengine-managed host. | |This is cfengine's equivalent of <code>crond</code>. It runs <code>cf-agent</code> according to a schedule which, by default, is once every five minutes 24/7. <code>cf-execd</code> will only run one instance of <code>cf-agent</code> at a time. <code>cf-execd</code> runs on each cfengine-managed host. | ||
|- | |- | ||
|<code>cf-serverd</code> | |style="white-space: nowrap;"|<code>cf-serverd</code> | ||
|A glorified file server with client-host authentication and access control, <code>cf-serverd</code> runs on the cfengine hub and serves files to clients. These can be promises or any other files which need to be installed on a client. | |A glorified file server with client-host authentication and access control, <code>cf-serverd</code> runs on the cfengine hub and serves files to clients. These can be promises or any other files which need to be installed on a client. | ||
|- | |- | ||
|<code>cf-monitord</code> | |style="white-space: nowrap;"|<code>cf-monitord</code> | ||
|Unused in CSE, this program can be run on cfengine-managed hosts to collect local data and make it available to other hosts. | |Unused in CSE, this program can be run on cfengine-managed hosts to collect local data and make it available to other hosts. | ||
|} | |} | ||
Revision as of 12:18, 28 Haziran 2022
| cfplaypen is a CSE server running a stripped-down execute-alike implementation of cfengine which can be used to learn about cfengine's operation and promises files. |
cfengine is the configuration management tool used in New World.
Here is cfengine's website where you can find full documentation.
cfengine is a standard Debian package so it is auto-updated along with all other packages on New World systems.
Here are the main differences between cfengine and Old World's conform:
- cfengine, as used in New World, does not install software packages. Instead, it mainly installs configuration files (mostly in
/etc) and provides lists of desired Debian packages to each host which are then subsequently installed by separate scripts.
- cfengine is a well- and widely-supported set of tools, rather than a custom CSE-only jobbie.
- cfengine works on what could be described as a successive-approximation model, where each run gradually moves a host towards a fully-convergent state in line with a CSG-supplied set of "promises" (of what needs to be configured). Implicit in this is that some individual promises may not necessarily be kept straight away but that cfengine will keep trying to fulfill them each time it is run.
- cfengine runs every five minutes rather than nightly (as does conform).
cfengine components
Rather than being one single program, as is conform, cfengine consists of a number of components or tools.
| Tool/program | Description |
|---|---|
cf-agent
|
This is the part of cfengine which does the actual work of installing configuration files, copying over other files and package lists from the cfengine hub and running any scripts or programs specified in the promises. It runs on the host-to-be-configured either manually or at regular intervals by cf-execd (see below).
|
cf-execd
|
This is cfengine's equivalent of crond. It runs cf-agent according to a schedule which, by default, is once every five minutes 24/7. cf-execd will only run one instance of cf-agent at a time. cf-execd runs on each cfengine-managed host.
|
cf-serverd
|
A glorified file server with client-host authentication and access control, cf-serverd runs on the cfengine hub and serves files to clients. These can be promises or any other files which need to be installed on a client.
|
cf-monitord
|
Unused in CSE, this program can be run on cfengine-managed hosts to collect local data and make it available to other hosts. |
Configuration of cfengine
- Promises
- Supplied promises setup is not used. The whole lot is replaced by a stripped-down, CSE-specific promises framework.