help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Configuration Nightmare


From: Luke A. Kanies
Subject: Re: Configuration Nightmare
Date: Wed, 26 May 2004 16:50:47 -0500 (CDT)

On Tue, 25 May 2004, Cory Omand wrote:

My primary issue at the moment is the following group definition, as
described in the ONLamp article:

# cfservd.conf
groups:
        cfengine_server = ( server )

control:
        cfengine_server::
                AllowConnectionsFrom = (
                        <ip range>
                )
                TrustKeysFrom = (
                        <ip range>
                )
...

The article does say that it is difficult to tell which variables are
user set, and which are standard cfengine variables.  It does not
describe whether 'server' is one of these internal variables, or whether
it is something I'd need to set accordingly.  I set it accordingly to my
server's FQDN:

groups:
        cfengine_server = ( my.server.fqdn )

The article mentions that it assumes your server's name is 'server'. Thus, when it uses 'server' above, you should replace it with your server's real name.

However (and I probably should have covered this in the article; live and learn), you must use the server's short name; cfengine treats the '.' character as an AND, so in the above snippet, 'cfengine_server' only gets set if 'my' and 'server' and 'fqdn' is set.

Thus, you should have:

groups:
        cfengine_server = ( hostname )

where 'hostname' is the short, unqualified name of your server. This name is automatically set as a class by cfengine; if you run cfagent in verbose mode you will see a list of classes set at parse time, and your hostname should be one of them. Use that hostname in the above test.

1) I'm not clear, after having read through the tutorial, reference
guide, and the ONLamp articles, how the configurations are handled.  If
I set a class like cfengine_server in cfservd.conf, is it automatically
made available to cfagent.conf and update.conf?  The ONLamp article uses
the cfengine_server class across cfagent/cfservd/update.conf files...

One of the mistakes I made in the article was leaving out some of the cfengine_server settings; I'm trying to get that corrected. In the meantime...

cfagent and cfservd are separate processes and neither parses the other's config file; thus, all necessary information must be duplicated between cfservd.conf and cfagent.conf, although you can now import within cfservd.conf (starting around 2.1.3, I think), so you could do all group definitions in an imported file.

update.conf is parsed by cfagent prior to its parsing cfagent.conf, but all information from update.conf is expunged before parsing cfagent.conf, so again information must be duplicated. This is a generally unclear process anyway, but I did mention it in the article.

Please let me know if you have any further questions; feel free to email me personally.

Luke

--
    "What is the sound of Perl?  Is it not the sound of a wall that
     people have stopped banging their heads against?"
                --Larry Wall in <1992Aug26.184221.29627@netlabs.com>
---------------------------------------------------------------------
Luke Kanies | http://abstractive.org | http://reductiveconsulting.com




reply via email to

[Prev in Thread] Current Thread [Next in Thread]