Success (Was: anyone running cfengine2 on debian sarge?)

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Success (Was: anyone running cfengine2 on debian sarge?)

From:	Karsten Heymann
Subject:	Success (Was: anyone running cfengine2 on debian sarge?)
Date:	Sat, 03 Jul 2004 17:42:09 +0200
User-agent:	KNode/0.7.7

Hello,

I now have a working cfengine2 setup. Thank you all for your pointers! Now I
can begin to learn cfagent.conf syntax. Expect many questions to come ;-)

To give something back, I post the script which now prepares cfengine2 on
our servers after install plus the basic config files (with some minor
anonymizations and without the comments).

For the record: This is for Debian Sarge systems as on 2004-07-03 to turn
then into something usable after installation of cfengine2 (say yes to all
services when asked during installation).

<<<spread_update.conf, run from the policy server>>>
#!/bin/bash
SERVERS="server1 server2" # these are the client servers
MASTER_UPDATE_CONF=/srv/cfengine/masterfiles/update.conf
TARGET_UPDATE_CONF=/var/lib/cfengine2/inputs
for SERVER in $SERVERS
do
  echo -n $SERVER:\
  ssh $SERVER rm -f /var/lib/cfengine2/inputs
  ssh $SERVER mkdir /var/lib/cfengine2/inputs
  scp $MASTER_UPDATE_CONF $SERVER://$TARGET_UPDATE_CONF
  ssh $SERVER cfagent -q -v

<<<update.conf>>>
control:
 actionsequence  = ( copy tidy )  # Keep this simple and constant
 domain          = ( MYDOMAIN )
 workdir         = ( /var/lib/cfengine2 )
 policyhost      = ( MYPOLICYHOST.MYDOMAIN )
 master_cfinput  = ( /srv/cfengine/masterfiles )

copy:
     $(master_cfinput)            dest=$(workdir)/inputs
                                  r=inf
                                  mode=700
                                  type=binary
                                  exclude=*.lst
                                  exclude=*~
                                  exclude=#*
                                  server=$(policyhost)
                                  trustkey=true

tidy:
     $(workdir)/outputs pattern=* age=7

<<<cfservd.conf>>>
control:
  domain = ( MYDOMAIN )
  AllowUsers = ( root )
  cfrunCommand = ( "/usr/sbin/cfagent" )
  TrustKeysFrom = ( MYDOMAINS_IPS )
  AllowMultipleConnectionsFrom = ( MYDOMAIN_IPS )
  AllowConnectionsFrom = ( MYDOMAIN_IPS )
  forceipv4 = ( true )
  MaxConnections = ( 10 )
  LogAllConnections = ( true )

admit:
  /srv/cfengine/masterfiles *.MYDOMAIN
  /usr/sbin/cfagent *.MYDOMAIN
<<< End of listings >>>

hth,

Karsten

Karsten Heymann wrote:

> I'm trying to deploy cfengine2 on Debian Sarge and am having some
> questions about the install-defaults of the debian package. Especially I
> am wondering wether its default filesystem layout - workdir
> is  /var/lib/cfeninge2, /var/lib/cfengine2/inputs is a symlink
> to /etc/cfengine and /var/lib/cfengine2/bin is a symlink to /usr/sbin --
> makes any sense.
> 
> I have a lot of questions, if there is someone who is using cfengine2 on
> debian I'd be glad to exchange experiences.
> 
> Regards,
> Karsten

[Prev in Thread]

Current Thread

[Next in Thread]

Success (Was: anyone running cfengine2 on debian sarge?), Karsten Heymann <=

Prev by Date: Re: How to restart daemons on redhat|fedora??
Next by Date: Re: How to restart daemons on redhat|fedora??
Previous by thread: How to restart daemons on redhat|fedora??
Next by thread: how do you combine cfengine and rcs/cvs/subversion?
Index(es):
- Date
- Thread