Introductory to CFEngine session slides

CFEngine 1

  1. Introduction
  2. Short look at FAI (Fully Automated Installation)
  3. CFEngine
    1. Why to use
    2. How it works
  4. An Example
  5. CFEngine and networks

CFEngine 2

Task : maintain a network

  • install machines
  • configuration machines
  • change configuration
  • reinstall machines
  • document configuration

Solution well defined method & values

  • Instatllation via FAI
  • configuration via CFEngine
  • maintain config value via :
    • text file
    • X.500 (ldap)

CFEngine 3 (fai Example 1)

Server

  1. Install fai.
  2. FAI setup :
    1. debootstrap nfs root
    2. base.tgz
    3. additional software
    4. add user fai
  3. Configure fai
  • package group :
    • base
    • server
    • X11
    • KDE
    • Router
  • disc config : server -> wks1 router -> wks2
  • profiles :
    • server : base,server
    • wks : base,X11,KDE
  • resolve profiles :
    • srv_.* --> Server.
    • wks1_.* --> wks1.
    • router_.* --> Router.

4. DHCP

  • MAC1 = srv_myserver
  • MAC2...n = wks_1 ....wks1_n
  • MACx... = rtr_myrouter

CFEngine 4 (fai Example 2)

Client

  • booting
  • mounting nfs root
  • resolve valid profiles
  • partition disks
  • untar base.tgz
  • install software
  • configure mahine
  • reboot

  • installation 10-20 minutes .
  • parallel installation .
  • full automatic.
  • well defined values.
  • create installation.

CFEngine 5 (Advantages)

  • different hardware.
  • different os.
  • diffrerent distributions.
  • different configurations.

  • easy to maintain
  • easy to document.

CFEngine 6

CFEngine runs local.

Actions :

  • Files
  • editfiles
  • copy
  • shellcommands

Classes:

  • Any
  • Build in
  • Set defined
    • by modules
    • inside cfengine

modules :

  • self written
  • can defined
    • classes
    • variable

CFEngine 7

Example :

  • /etc/cfengine/cfagent.conf

generate configuration .

  • /etc/cfengine/cf.cairo

code to push values to target files

  • /etc/cfcairo/cairomodules.pl

module to export our values for cfengine

  • /etc/cfcairo/cairovar

our values for configuration.

CFEngine 8

  1. cfservd.con
  • which server to trust
  • which network is allowed to connect
  • how to handle keys
  1. update.conf

perform actions before regular cfagent run

like : copy new value files. copy new cf code.

  1. cfrun host_1 host_2 host_3
  • check key
  • call cfagent on each host