Finally, the moment we’ve been waiting for. Lets take a crack at promises.cf and what we have defined. $ cat -n /var/cfengine/inputs/promises.cf 1 # promises.cf — clients only 2 3 body common control 4 { 5 bundlesequence => { 6 “update”, 7 “garbage_collection”, 8 “smf_update”, 9 “verify_root”, 10 “general_global_configs”, 11 }; 12 13 inputs => [...]
As stated in part 1 of this tutorial series, normal client-side operations of CFEngine is for cf-agent to: 1. Execute against /var/cfengine/inputs/failsafe.cf (which calls update.cf) 2. Execute against /var/cfengine/inputs/promises.cf We stated that we dont want to break failsafe.cf or update.cf. When we write new CFEngine policies to implement, we import and call them from promises.cf. [...]
So up to this point, we’ve had a high level 10,000ft introduction to how CFEngine works. Hopefully we’ve gotten the needed bits built and packaged up to bootstrap our infrastructure. As any other programming language begins, lets look at the most basic “Hello World” type policy. /var/tmp $ cat /var/tmp/hello_world.cf 1 body common control 2 [...]
CFEngine and dependencies Building OpenSSL $ echo $PATH /usr/bin:/usr/sbin:/sbin:/bin:/usr/sfw/bin:/usr/local/bin:/usr/ccs/bin /var/tmp/openssl-1.0.0 $ ./Configure solaris-x86-gcc shared –prefix=/usr/local/ssl –openssldir=/usr/local/ssl /var/tmp/openssl-1.0.0 $ gmake /var/tmp/openssl-1.0.0 $ gmake install Building PCRE /var/tmp/pcre-8.02 $ echo $LDFLAGS -L/usr/sfw/lib -L/usr/sfw/lib /var/tmp/pcre-8.02 $ ./configure –disable-cpp CFLAGS=”-g -O3″ CC=gcc –enable-utf8 –enable-unicode-properties /var/tmp/pcre-8.02 $ gmake /var/tmp/pcre-8.02 $ sudo gmake install Building CFEngine Note: I modify the Makefile [...]
I recently stood up a CFengine 3 configuration management infrastructure and took notes during the process to share with my team. This was my first attempt at using CFengine, so hopefully this multi-part overview will help others trying to bootstrap their environments as well. Many of these notes were taken from the CFengine 3 reference [...]
