[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Configuration Nightmare
From: |
Luke A. Kanies |
Subject: |
Re: Configuration Nightmare |
Date: |
Wed, 26 May 2004 16:50:47 -0500 (CDT) |
On Tue, 25 May 2004, Cory Omand wrote:
My primary issue at the moment is the following group definition, as
described in the ONLamp article:
# cfservd.conf
groups:
cfengine_server = ( server )
control:
cfengine_server::
AllowConnectionsFrom = (
<ip range>
)
TrustKeysFrom = (
<ip range>
)
...
The article does say that it is difficult to tell which variables are
user set, and which are standard cfengine variables. It does not
describe whether 'server' is one of these internal variables, or whether
it is something I'd need to set accordingly. I set it accordingly to my
server's FQDN:
groups:
cfengine_server = ( my.server.fqdn )
The article mentions that it assumes your server's name is 'server'.
Thus, when it uses 'server' above, you should replace it with your
server's real name.
However (and I probably should have covered this in the article; live and
learn), you must use the server's short name; cfengine treats the '.'
character as an AND, so in the above snippet, 'cfengine_server' only gets
set if 'my' and 'server' and 'fqdn' is set.
Thus, you should have:
groups:
cfengine_server = ( hostname )
where 'hostname' is the short, unqualified name of your server. This name
is automatically set as a class by cfengine; if you run cfagent in verbose
mode you will see a list of classes set at parse time, and your hostname
should be one of them. Use that hostname in the above test.
1) I'm not clear, after having read through the tutorial, reference
guide, and the ONLamp articles, how the configurations are handled. If
I set a class like cfengine_server in cfservd.conf, is it automatically
made available to cfagent.conf and update.conf? The ONLamp article uses
the cfengine_server class across cfagent/cfservd/update.conf files...
One of the mistakes I made in the article was leaving out some of the
cfengine_server settings; I'm trying to get that corrected. In the
meantime...
cfagent and cfservd are separate processes and neither parses the other's
config file; thus, all necessary information must be duplicated between
cfservd.conf and cfagent.conf, although you can now import within
cfservd.conf (starting around 2.1.3, I think), so you could do all group
definitions in an imported file.
update.conf is parsed by cfagent prior to its parsing cfagent.conf, but
all information from update.conf is expunged before parsing cfagent.conf,
so again information must be duplicated. This is a generally unclear
process anyway, but I did mention it in the article.
Please let me know if you have any further questions; feel free to email
me personally.
Luke
--
"What is the sound of Perl? Is it not the sound of a wall that
people have stopped banging their heads against?"
--Larry Wall in <1992Aug26.184221.29627@netlabs.com>
---------------------------------------------------------------------
Luke Kanies | http://abstractive.org | http://reductiveconsulting.com