An example configuration rollout for Cfengine2
Introduction
Cfengine is a Configuration Managment System for several platforms.At this page we describe how to set up a basic configuration, and provide initial configuration files.
Our configuration rollout is adapted to the way Cfengine2 is installed on the Gnu/Debian operating system.
Overview
We decide to use one (1) server as "policyhost". The configuration of all other servers is managed from and stored at this computer. Our network concept always includes a Network Monitor and Supervise - Server, which is no involved in the functionality of the services offered by the network. Since Cfengine runs standalone on each computer the policyhost approach combines well with the network managment concept. All other computers fetch the Cfengine specific configuration from the policyhost via the update.conf mechanism. In cfagent.conf (which is updated by the first step) other configuration files can be listed to be fetched from the policyhost.Filesystem Layout
- /var/lib/cfengine2/files
-
This is the repository where all configuration files are
stored. The repository es devided into several subdirectories.
You can think of the repository like a spares copy of the /etc directory on Unix systems. If you need to configure a service at /etc/foo you rather configure it at repository/foo, and cfengine takes care to copy it where it belongs.
- cfengine
- This directory is used by update.conf to fetch the Cfengine configuration files for all computers. The policyhost is an exception: she fetches only cfagent.conf and update.conf from this directory. Reason: the other files determine copy permissions and are different on the policyhost and the "policyclients".
Contributed Files
By now, just create the repository on the policyhost and copy the directory cfengine into it.Copy all files in the directory policyhost into /etc/cfengine, also on the policyhost.
The rest is configuration and startup.