[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Help with cfengine architecture
|
From: |
christian pearce |
|
Subject: |
Re: Help with cfengine architecture |
|
Date: |
Mon, 11 Dec 2006 09:36:14 -0500 |
I have two sets of groups,
Policy groups and Organization groups populated in a cf.groups file.
A policy group for example would look like this:
pol_syslog
Then have have an extensive organization structure
org_t1,org_t2,org_t3 then under that org_t1_unix, org_t1_web, org_t1_db, etc.
Then I have imports based on policy.
pol_syslog::
cf.pol_syslog
Then anything that is specific to a platform gets coded inside the
cf.pol_syslog file. If I need to I will further separate the policy
into multiple platform scripts. For example
pol_syslog might look like this if needed:
import:
sunos::
cf.pol_syslog_sunos
redhat::
cf.pol_syslog_redhat
Though I never had to go that far usually I just use variables do
define selection different packages or configuration files and the
rest of the policy looks generic.
#
# Define variables
#
control:
# Output directory for awstats
awstats_output = ( "$(sysnav_static_path)/awstats/$(snid)" )
# Solaris product versions
solaris::
awstats_major_version = ( "6" )
awstats_minor_version = ( "4" )
awstats_platform = ( "SunOS5.8-all-CSW" )
# Package definition
awstats_package_unc = (
"awstats-$(awstats_major_version).$(awstats_minor_version)-$(awstats_platform).pkg"
)
awstats_package = ( "$(awstats_package_unc).gz" )
awstats_bin = (
"/opt/csw/awstats/wwwroot/cgi-bin/awstats.pl" )
redhat_as_3|redhat_es_3::
awstats_release_version = ( "1.1.el3.rf" )
redhat_9::
awstats_release_version = ( "1.0.rh9.rf" )
fedora_1::
awstats_release_version = ( "1.1.fc1.rf" )
fedora_2::
awstats_release_version = ( "1.1.fc2.rf" )
fedora_3::
awstats_release_version = ( "1.1.fc3.rf" )
linux::
awstats_major_version = ( "6.4" )
awstats_package = (
"awstats-$(awstats_major_version)-$(awstats_release_version).noarch.rpm"
)
awstats_bin = ( "/var/www/awstats/awstats.pl" )
# Virtual Host per snid
#
#
# Build groups for installation/upgrading and configuration
#
groups:
# Symbolic link indicative of our install
awstats_installed = ( ReturnsZero(${pkginfo} -q CSWawstats)
ReturnsZero(${rpm} -q --quiet awstats) )
old_awstats_install = ( ReturnsZero(${pkginfo} -q COMMawsts) )
awstats_upgraded = ( ReturnsZero(${pkginfo} -q -v
${awstats_major_version}.${awstats_minor_version} CSWawstats)
ReturnsZero(${rpm} -q --quiet
awstats-${awstats_major_version}-${awstats_release_version}) )
awstats_data_dir_exists = ( IsDir(${sysnav_data_path}/awstats/${snid}) )
# Check to see if this host has any configurations defined. If
not we don't try to run anything.
awstats_hosts_defined = ( IsDefined(awstats_hosts) )
#
# Copy down cfengine configuration files, product packages, and awstats
# configuration files
#
copy:
# Copy the awstats package
(!awstats_installed|!awstats_upgraded)::
$(proxy_pack_path)/$(platform)/$(awstats_package)
dest=$(sysnav_rep_path)/$(awstats_package)
server=$(parent_ip)
owner=root
group=root
type=checksum
encrypt=true
trustkey=true
verify=true
# Grab the latest awstats configuration files
any.awstats_installed::
$(proxy_conf_path)/awstats/$(snid)/
dest=$(sysnav_conf_path)/awstats/
server=$(parent_ip)
owner=root
group=root
include=awstats.*.conf
type=checksum
encrypt=true
trustkey=true
verify=true
recurse=1
#download CommNav static content generating file
any::
$(proxy_bin_path)/awstats/static.sh
dest=$(sysnav_bin_path)/awstats/static.sh
server=$(parent_ip)
owner=root
group=root
type=checksum
encrypt=true
trustkey=true
verify=true
#
# Install various software products, run awstats
#
shellcommands:
# Install Awstats
(!awstats_installed|!awstats_upgraded).linux::
"$(rpm) -Uvh $(sysnav_rep_path)/$(awstats_package)"
!old_awstats_install.solaris::
"$(pkgrm) -a /var/pkg-get/admin-fullauto -n COMMawsts"
(awstats_installed.!awstats_upgraded).solaris::
"$(pkgrm) -a /var/pkg-get/admin-fullauto -n CSWawstats"
# This won't work for upgraded. We need to have it remove the package
# then install a new one.
(!awstats_installed|!awstats_upgraded).solaris::
"$(gzip) -d -f $(sysnav_rep_path)/$(awstats_package)"
"$(pkgadd) -a /var/pkg-get/admin-fullauto -n -d
$(sysnav_rep_path)/$(awstats_package_unc) CSWawstats"
"$(gzip) -f $(sysnav_rep_path)/$(awstats_package_unc)"
!awstats_data_dir_exists::
# Make sure the data directory exists
'$(mkdir) -p $(sysnav_data_path)/awstats'
owner=$(sysnav_user)
# Run the awstats program to build the reports; copy the reports over
# to the portal
# Running the awstats command performs the following steps:
# 1. Take awstats_host logs entry (HOST%LOG) and place it in the
# file /tmp/awstats.tmp
# 2. Cut out the HOST entry and place it in the file
# /tmp/awstats_host.tmp
# 3. Cut out the LOG entry and place it in the file /tmp/awstats_log.tmp
# 4. Run Awstats
awstats_installed.awstats_run.awstats_hosts_defined::
# Run static content generator as root just to we are certain
we can read the access_log
"$(sysnav_bin_path)/awstats/static.sh $(awstats_output)
$(awstats_hosts) $(sysnav_var_path) $(awstats_bin)"
define=awstats_ran
# Change ownership to sysnav_user
awstats_ran::
"$(chown) -R $(sysnav_user) $(sysnav_static_path)/awstats"
# Copy the reports back to the portal
awstats_ran.!_proxynode.ssh_works::
"$(true) awstats; $(rsync) --delete -aq --temp-dir=/tmp -e
$(ssh) --timeout=30 $(sysnav_static_path)/awstats/$(snid)
$(parent_ip):$(sysnav_static_path)/awstats"
owner=$(sysnav_user)
links:
awstats_installed.linux::
$(sysnav_bin_path)/awstats_buildstaticpages.pl ->!
/usr/bin/awstats_buildstaticpages.pl
awstats_installed.solaris::
$(sysnav_bin_path)/awstats_buildstaticpages.pl ->!
/opt/csw/awstats/awstats_buildstaticpages.pl
# Anything that has not been modified in 7 days we just get rid of it.
tidy:
!_portal::
$(awstats_output)/
pattern=*
type=mtime
age=7
On 12/9/06, Zeev Fisher <zeevf@marvell.com> wrote:
Hi cfengine users,
I need your advice.
I'm a veteran user of cfengine. When all machines are the same there's no
problem with current cfengine config method ,but when there are differences,
I find myself mess with lots of excludes. This leads to confusions.
I need to setup cfengine in new site and this time I would like to achieve
the following in order to overcome the problem above:
There will be hierarchical tree which include all possible options for
matching machines. The top level is the site name , then os , os version
down to the machine name ( optional . The tree can stop in each level
according to relevant needs). Each level will also have "All" level which
include all machine in this level. For example:
All
London
Paris
TelAviv/All
Linux/All
RHEL/All
3/All
Hostname
4
SuSE
Solaris/All
8/
9
10
Each level will include cfengine files. Their names will identify their
purpose. For example : cf.dns or cf.sendmail
Cfengine agent will be able to determine in which level the machine reside
and according to it import all relevant files.
I know that it might be possible to prepare some pre script which identify
all relevant files in the tree and prepare every time input file for cfagent
but any idea how to implement this without external script will be
appreciated.
Also, you are welcome of course to comment on this method.
Thanks
Zeev
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine
--
Christian Pearce