Cfengine

From techdocs
Revision as of 20:24, 27 Haziran 2022 by Plinich (talk | contribs)
Jump to navigation Jump to search
cfplaypen is a CSE server running a stripped-down
execute-alike implementation of cfengine
which can be used to learn about cfengine's
operation and promises files.

cfengine is the configuration management tool used in New World.

Here is cfengine's website where you can find full documentation.

cfengine is a standard Debian package so it is auto-updated along with all other packages on New World systems.

Here are the main differences between cfengine and Old World's conform:

  • cfengine, as used in New World, does not install software packages. Instead, it mainly installs configuration files (mostly in /etc) and provides lists of desired Debian packages to each host which are then subsequently installed by separate scripts.
  • cfengine is a well- and widely-supported set of tools, rather than a custom CSE-only jobbie.
  • cfengine works on what could be described as a successive-approximation model, where each run gradually moves a host towards a fully-convergent state in line with a CSG-supplied set of "promises" (of what needs to be configured). Implicit in this is that some individual promises may not necessarily be kept straight away but that cfengine will keep trying to fulfill them each time it is run.
  • cfengine runs every five minutes rather than nightly (as does conform).

cfengine components

Rather than being one single program, as is conform, cfengine consists of a number of components or tools.

Tool/program Description
cf-agent This is the part of cfengine which does the actual work of installing configuration files, copying over other files and package lists from the cfengine hub and running any scripts or programs specified in the promises. It runs on the host-to-be-configured either manually or at regular intervals by cf-execd (see below).
cf-execd This is cfengine's equivalent of crond. It runs cf-agent according to a schedule which, by default, is once every five minutes 24/7. cf-execd will only run one instance of cf-agent at a time. cf-execd runs on each cfengine-managed host.
cf-serverd A glorified file server with client-host authentication and access control, cf-serverd runs on the cfengine hub and serves files to clients. These can be promises or any other files which need to be installed on a client.
cf-monitord Unused in CSE, this program can be run on cfengine-managed hosts to collect local data and make it available to other hosts.

Configuration of cfengine

  • Promises
  • Supplied promises setup is not used. The whole lot is replaced by a stripped-down, CSE-specific promises framework.
Retrieved from ‘https://techdocs.cseunsw.tech/mediawiki/index.php?title=Cfengine&oldid=257