Re: Configuration Nightmare

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Configuration Nightmare

From:	Mohamed Eldesoky
Subject:	Re: Configuration Nightmare
Date:	Wed, 26 May 2004 11:21:28 +0300
User-agent:	KMail/1.6.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think you forgot the CfRunCommand in cfservd.conf
Also, you need to admit access to it.

Regards
Mohamed Eldesoky

On Tuesday 25 May 2004 5:41 pm, Cory Omand wrote:
> Hello,
>
> I'm attempting to set up a (relatively) small set of servers using
> cfengine, and am having some (relatively) great difficulty in getting
> the configuration to work as expected.
>
> I followed through the two articles on ONLamp, and got the basic files
> set up.  I also went through the official cfengine tutorial, and saw a
> great many things that were not addressed in the ONLamp article.  I
> actually managed to get the basic configuration off the ground using the
> tutorial, but when I tried to recreate the same configuration using the
> ONLamp examples, nothing works anymore -- at least nothing that requires
> the cfengine_server group.
>
> My primary issue at the moment is the following group definition, as
> described in the ONLamp article:
>
> # cfservd.conf
> groups:
>       cfengine_server = ( server )
>
> control:
>       cfengine_server::
>               AllowConnectionsFrom = (
>                       <ip range>
>               )
>               TrustKeysFrom = (
>                       <ip range>
>               )
> ...
>
> The article does say that it is difficult to tell which variables are
> user set, and which are standard cfengine variables.  It does not
> describe whether 'server' is one of these internal variables, or whether
> it is something I'd need to set accordingly.  I set it accordingly to my
> server's FQDN:
>
> groups:
>       cfengine_server = ( my.server.fqdn )
>
>
> No matter if I leave it as 'server' or if I leave it as 'my.host.fqdn',
> any control or actions are ignored on all servers, including the actual
> cfengine_server machine.  I've enabled the most insane debug level, and
> it still gives me no clear clue as to why this variable is not matching
> whatever it's trying to match...
>
> Secondary issues:
>
> 1) I'm not clear, after having read through the tutorial, reference
> guide, and the ONLamp articles, how the configurations are handled.  If
> I set a class like cfengine_server in cfservd.conf, is it automatically
> made available to cfagent.conf and update.conf?  The ONLamp article uses
> the cfengine_server class across cfagent/cfservd/update.conf files...
>
> This is cfengine 2.1.3 on Solaris 9.  I am using the following config:
>
> #
> # update.conf
> #
>
> control:
>     actionsequence = ( copy directories links tidy )
>
>     domain = ( ExecResult(/usr/bin/domainname) )
>
>     TrustKeysFrom  = ( 192.168.1.1 )
>     !cfengine_server::
>         SplayTime  = ( 5 )
>
>     any::
>         workdir    = ( /var/cfengine )
>         configroot = ( /cfengine )
>         server     = ( my.server.fqdn )
>
> copy:
>     $(configroot)/config/cfengine   dest=$(workdir)
>                                     recurse=inf
>                                     ignore=CVS
>                                     server=$(server)
>
> directories:
>     $(workdir)/bin
>
> links:
>     $(workdir)/bin/cfagent -> /usr/local/tools/sbin/cfagent
>
> tidy:
>     $(workdir)/outputs pattern=* age=7
>
> #
> # cfservd.conf
> #
>
> groups:
>     cfengine_server = ( my.server.fqdn )
>
> control:
>     cfengine_server::
>         AllowConnectionsFrom = (
>             192.168.1.0/24
>         )
>         TrustKeysFrom = (
>             192.168.1.0/24
>         )
>
> admit:
>
>     /var/cfengine/ppkeys/localhost.pub      *
>
>     cfengine_server::
>         /cfengine                           *
>
>
> #
> # cfagent.conf
> #
>
> control:
>     domain = ( ExecResult(/usr/bin/domainname) )
>     workdir = ( /var/cfengine )
>     configroot = ( /cfengine )
>
> import:
>     cfengine_server::
>         cvs.cf
>     any::
>         stdproc.cf
>
> # cvs.cf
> control:
>     actionseqeuence = ( shellcommands )
>
> shellcommands:
>     "/bin/sh -c 'cd /cfengine; cvs update -d >/dev/null 2>/dev/null'"
>
> # stdproc.cf
> control:
>     actionsequence = ( processes editfiles )
>
> processes:
>     "cfservd" restart "/usr/local/tools/sbin/cfservd"
>     "cfexecd" restart "/usr/local/tools/sbin/cfexecd"
>
> editfiles:
>     { /var/spool/cron/crontabs/root
>         AppendIfNoSuchLine "0 * * * * /usr/local/tools/sbin/cfexecd -F"
>     }
>     { /etc/services
>         AppendIfNoSuchLine "cfengine        5308/tcp"
>     }
>
>
> ##### END OF FILES #####
>
> Any assistance is greatly appreciated!
>
> Regards,
> C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAtFOK2FHsOWMJBKMRAiLQAJ9FONfF1SwKh96OEJ/eiYQu1D8V+ACff17B
rj3ky9vTPWaU4KmkYdYHTes=
=fE8i
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

Configuration Nightmare, Cory Omand, 2004/05/25
- Re: Configuration Nightmare, Mohamed Eldesoky <=
- Re: Configuration Nightmare, Luke A. Kanies, 2004/05/26
  - Configuration now working... [Was Re: Configuration Nightmare], Cory Omand, 2004/05/26
    - Re: Configuration now working... [Was Re: Configuration Nightmare], Luke A. Kanies, 2004/05/27
  - Re: Configuration Nightmare, Ed Brown, 2004/05/27
  - Re: Configuration Nightmare, Ed Brown, 2004/05/28

Prev by Date: Configuration Nightmare
Next by Date: Re: Configuration Nightmare
Previous by thread: Configuration Nightmare
Next by thread: Re: Configuration Nightmare
Index(es):
- Date
- Thread