diff --git a/INSTALL b/INSTALL index 68c727183b..535441fdcc 100644 --- a/INSTALL +++ b/INSTALL @@ -83,13 +83,6 @@ $ ./configure --help or $ ./autogen.sh --help -BUILDING DOCUMENTATION ----------------------- - -Specify --enable-docs=all (or =pdf or =html) to build the documentation as well during compilation. - -The necessary tools will be checked by the configure script. - INSTALLATION INSTRUCTIONS ------------------------- diff --git a/Makefile.am b/Makefile.am index 7623a859ca..8e0646a0b7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,7 +6,7 @@ LCOV_FLAGS = $(if $(filter-out 0,$(V)),,-q) SUBDIRS = libcompat libutils libcfnet $(NOVA_LIB_SUBDIRS) libpromises \ $(NOVA_BIN_SUBDIRS) cf-agent cf-execd cf-gendoc cf-key cf-monitord \ - cf-promises cf-runagent cf-serverd ext docs examples masterfiles \ + cf-promises cf-runagent cf-serverd ext examples masterfiles \ tests $(ENTERPRISE_API_SUBDIR) $(CFMOD_SUBDIR) $(NOVA_DOC_SUBDIR) \ $(NOVA_SUBDIR) @@ -67,16 +67,6 @@ install-data-local: $(MKDIR_P) -m 700 $(DESTDIR)$(workdir)/ppkeys -# -# Documentation -# - -html: - $(MAKE) -C docs $(AM_MAKEFLAGS) html - -pdf: - $(MAKE) -C docs $(AM_MAKEFLAGS) pdf - # # Code coverage # diff --git a/configure.ac b/configure.ac index cdec041507..4f201deab6 100755 --- a/configure.ac +++ b/configure.ac @@ -1019,33 +1019,6 @@ if test "x$use_coverage" = "xyes"; then LDFLAGS="$LDFLAGS -lgcov" fi -dnl -dnl Documentation generation -dnl - -AC_ARG_ENABLE(docs, AC_HELP_STRING([--enable-docs=html|pdf|all], - [Enable generation of documentation in specified formats]), - [use_docs=$enableval], [use_docs=no]) - -if test "x$use_docs" != "xno"; then - if test "x$use_docs" = "xhtml" || test "x$use_docs" = "xall"; then - if test "$MAKEINFO" = "${am_missing_run}makeinfo"; then - AC_MSG_ERROR([makeinfo tool is required for HTML documentation generation]) - fi - fi - - if test "x$use_docs" = "xpdf" || test "x$use_docs" = "xall"; then - AC_CHECK_PROG(TEXI2PDF, texi2pdf, texi2pdf) - - if test -z "$TEXI2PDF"; then - AC_MSG_ERROR([texi2pdf tool is required for PDF documentation generation]) - fi - fi -fi - -AM_CONDITIONAL(HTML_DOCS, test "x$use_docs" = "xhtml" || test "x$use_docs" = "xall") -AM_CONDITIONAL(PDF_DOCS, test "x$use_docs" = "xpdf" || test "x$use_docs" = "xall") - # # Populate contents of config.post.h # @@ -1130,12 +1103,6 @@ AC_CONFIG_FILES([Makefile cf-runagent/Makefile cf-serverd/Makefile ext/Makefile - docs/Makefile - docs/guides/Makefile - docs/manpages/Makefile - docs/reference/Makefile - docs/tools/Makefile - docs/tex-include/Makefile examples/Makefile masterfiles/Makefile tests/Makefile diff --git a/docs/Makefile.am b/docs/Makefile.am index 8662023b10..3a7021c6f1 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -1,9 +1 @@ -SUBDIRS = manpages tools guides reference tex-include - -html: - $(MAKE) -C guides $(AM_MAKEFLAGS) html - $(MAKE) -C reference $(AM_MAKEFLAGS) html - -pdf: - $(MAKE) -C guides $(AM_MAKEFLAGS) pdf - $(MAKE) -C reference $(AM_MAKEFLAGS) pdf +SUBDIRS = manpages diff --git a/docs/STYLE.md b/docs/STYLE.md deleted file mode 100644 index 68092f4d71..0000000000 --- a/docs/STYLE.md +++ /dev/null @@ -1,68 +0,0 @@ -# Style Guide - -Please consider these style recommendations to make using CFEngine -more pleasant. - -We strongly recommend that core contributions follow this style. - -## Indentation settings - -### General - -* No TAB characters should be used for indentation -* The width of a TAB character is 4 spaces - -### C code - -See the `contrib/cfengine-code-style.el` library, which defines a CFEngine code style. - -Example: - -``` -static void SourceSearchAndCopy(...) -{ - struct stat sb, dsb; -... - if (maxrecurse == 0) /* reached depth limit */ - { - ... - return; - } -``` - -### CFEngine code - -Follow the defaults of the `cfengine.el` Emacs mode: - -* one indent = 2 spaces -* comments inside bundles and bodies get 3 indents -* comments, promises and their attributes get 3 indents -* contexts/classes get 2 indents -* promise types get 1 indent -* everything else (bundle and body declarations and their braces, and top-level comments) gets 0 indents - -Example: - -``` -body common control -{ - bundlesequence => { run }; -} - -bundle agent run -{ - vars: - "time" int => now(), - ifvarclass => "maybe"; - - reports: - cfengine:: - "time now $(now)"; -} -``` - -### Automatic reindentation - -You can run `contrib/reindent.pl FILE1.cf FILE2.c FILE3.h` to reindent -files, if you don't want to set up Emacs. It will rewrite them with -the new indentation, using Emacs in batch mode. diff --git a/docs/guides/BDMA_model.png b/docs/guides/BDMA_model.png deleted file mode 100644 index d72c531653..0000000000 Binary files a/docs/guides/BDMA_model.png and /dev/null differ diff --git a/docs/guides/CFEngineFrontPage.pdf b/docs/guides/CFEngineFrontPage.pdf deleted file mode 100644 index 26e35bee2f..0000000000 Binary files a/docs/guides/CFEngineFrontPage.pdf and /dev/null differ diff --git a/docs/guides/CfengineStdLibrary.texinfo b/docs/guides/CfengineStdLibrary.texinfo deleted file mode 100644 index 820eea79e7..0000000000 --- a/docs/guides/CfengineStdLibrary.texinfo +++ /dev/null @@ -1,3708 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c *********************************************************************** - -@c %** start of header -@setfilename CfengineStdLibrary.info -@settitle Community Open Promise Body Library -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Community Open Promise Body Library -@subtitle A CFEngine Standard -@author CFEngine AS - -@c @smallbook - -@fonttextsize 10 - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2012 CFEngine AS -@end titlepage -@c *************************** File begins here ************************ -@ifinfo -@dircategory CFEngine Training -@direntry -* cfengine Reference: - CFEngine is a language based framework - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo -@ifnottex -@node Top, Basic company information and procedures, (dir), (dir) -@top CFEngine-Open-Promise-Body-Library -@end ifnottex -@ifhtml -@html -COMPLETE TABLE OF CONTENTS -

Summary of contents

-@end html -@end ifhtml -@iftex -@contents -@end iftex -@node The Purpose Of This Handbook -@chapter The Purpose Of This Handbook - -@sp 1 - -CFEngine is built on promises. Promises were chosen as the model for CFEngine's -configuration language, because they represent an expression of intention. - -If you are using custom scripts to manage your systems, you are using -@i{recipes}. Take a look at any cookbook and you will see that all -recipes look the same: take flour, eggs, butter, sugar ... and you -know nothing because you can make a hundred things from these steps. -If you don't make clear your intention, it is very hard to know what -the recipe is supposed to be: is it a cake, a waffle, a pastry? - -The same is true in system administration. Recipes are not merely -scripts, they encapsulate knowledge and experience. Their value is -in communicating @i{desired outcomes} or states. - -This library of standard components is like a cookbook that tells you -only how to make basics well. It gives these basic skills names and -therefore gives you a common vocabulary -- you will put together these -basics in creative ways to build your systems. - -@sp 2 - -@cartouche - -Please contribute to this guide by helping to develop a repertoire of -basic skills and names. This collection should be comprehensive but -parsimonious. Basics are only basics if they are few and carefully -thought out. This is a work in progress and your experience is welcome. - -This library will be moderated by CFEngine, and contributions and discussions -ca n be made to the help-cfengine@@cfengine.org mailing list. - -@end cartouche - - - - - -@node body acl access_generic -@section body acl access_generic(acl) - -@verbatim -body acl access_generic(acl) -# default/inherited ACLs are left unchanged, -# applicable for both files and directories on all platforms -{ -acl_method => "overwrite"; -aces => { "@(acl)" }; - -windows:: -acl_type => "ntfs"; - -!windows:: -acl_type => "posix"; -} - - -@end verbatim - -@node body acl ntfs -@section body acl ntfs(acl) - -@verbatim -body acl ntfs(acl) -{ -acl_type => "ntfs"; -acl_method => "overwrite"; -aces => { "@(acl)" }; -} - - -@end verbatim - -@node body acl strict -@section body acl strict - -@verbatim -body acl strict -# NOTE: May need to take ownership of file/dir -# to be sure no-one else is allowed access -{ -acl_method => "overwrite"; - -windows:: -aces => { "user:Administrator:rwx" }; -!windows:: -aces => { "user:root:rwx" }; -} - - -@end verbatim - -@node body action bg -@section body action bg(elapsed,expire) - -@verbatim -body action bg(elapsed,expire) -{ -ifelapsed => "$(elapsed)"; -expireafter => "$(expire)"; -background => "true"; -} - - -@end verbatim - -@node body action if_elapsed -@section body action if_elapsed(x) - -@verbatim -body action if_elapsed(x) -{ -ifelapsed => "$(x)"; -expireafter => "$(x)"; -} - - -@end verbatim - -@node body action if_elapsed_day -@section body action if_elapsed_day - -@verbatim -body action if_elapsed_day -{ -ifelapsed => "1440"; # 60 x 24 -expireafter => "1400"; -} - - -@end verbatim - -@node body action ifwin_bg -@section body action ifwin_bg - -@verbatim -body action ifwin_bg -{ -windows:: -background => "true"; -} - - -@end verbatim - -@node body action immediate -@section body action immediate - -@verbatim -body action immediate -{ -ifelapsed => "0"; -} - - -@end verbatim - -@node body action log_repaired -@section body action log_repaired(log,message) - -@verbatim -body action log_repaired(log,message) -{ -log_string => "$(sys.date), $(message)"; -log_repaired => "$(log)"; -} - - -@end verbatim - -@node body action log_verbose -@section body action log_verbose - -@verbatim -body action log_verbose -{ -log_level => "verbose"; -} - - -@end verbatim - -@node body action measure_performance -@section body action measure_performance(x) - -@verbatim -body action measure_performance(x) -{ -measurement_class => "Detect changes in $(this.promiser)"; -ifelapsed => "$(x)"; -expireafter => "$(x)"; -} - - -@end verbatim - -@node body action policy -@section body action policy(p) - -@verbatim -body action policy(p) -{ -action_policy => "$(p)"; -} - - -# Log a message to log=[/file|stdout] - -@end verbatim - -@node body action sample_rate -@section body action sample_rate(x) - -@verbatim -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} - - -@end verbatim - -@node body action warn_only -@section body action warn_only - -@verbatim -body action warn_only -{ -action_policy => "warn"; -ifelapsed => "60"; -} - - -@end verbatim - -@node body changes detect_all_change -@section body changes detect_all_change - -@verbatim -body changes detect_all_change - -# This is fierce, and will cost disk cycles - -{ -hash => "best"; -report_changes => "all"; -update_hashes => "yes"; -} - - -@end verbatim - -@node body changes detect_content -@section body changes detect_content - -@verbatim -body changes detect_content - -# This is a cheaper alternative - -{ -hash => "md5"; -report_changes => "content"; -update_hashes => "yes"; -} - - -@end verbatim - -@node body changes diff -@section body changes diff - -@verbatim -body changes diff -# Generates diff report (Nova and above) -{ -hash => "sha256"; -report_changes => "content"; -report_diffs => "true"; -update_hashes => "yes"; -} - - -@end verbatim - -@node body changes diff_noupdate -@section body changes diff_noupdate - -@verbatim -body changes diff_noupdate -{ -hash => "sha256"; -report_changes => "content"; -report_diffs => "true"; -update_hashes => "no"; -} - - -@end verbatim - -@node body changes noupdate -@section body changes noupdate - -@verbatim -body changes noupdate -# Use on (small) files that should never change -{ -hash => "sha256"; -report_changes => "content"; -update_hashes => "no"; -} - - -@end verbatim - -@node body classes always -@section body classes always(x) - -@verbatim -body classes always(x) - -# Define a class no matter what the outcome of the promise is - -{ - promise_repaired => { "$(x)" }; - promise_kept => { "$(x)" }; - repair_failed => { "$(x)" }; - repair_denied => { "$(x)" }; - repair_timeout => { "$(x)" }; -} - -# agent bundles - - - - -@end verbatim - -@node body classes cf2_if_else -@section body classes cf2_if_else(yes,no) - -@verbatim -body classes cf2_if_else(yes,no) - -# meant to match cf2 semantics - -{ -promise_repaired => { "$(yes)" }; -repair_failed => { "$(no)" }; -repair_denied => { "$(no)" }; -repair_timeout => { "$(no)" }; -} - - -@end verbatim - -@node body classes cmd_repair -@section body classes cmd_repair(code,cl) - -@verbatim -body classes cmd_repair(code,cl) -{ -repaired_returncodes => { "$(code)" }; -promise_repaired => { "$(cl)" }; -} - - -@end verbatim - -@node body classes enumerate -@section body classes enumerate(x) - -@verbatim -body classes enumerate(x) - -# -# This is used by commercial editions to count -# instances of jobs in a cluster -# - -{ -promise_repaired => { "mXC_$(x)" }; -promise_kept => { "mXC_$(x)" }; -persist_time => "15"; -} - - -@end verbatim - -@node body classes if_else -@section body classes if_else(yes,no) - -@verbatim -body classes if_else(yes,no) - -{ -promise_kept => { "$(yes)" }; -promise_repaired => { "$(yes)" }; -repair_failed => { "$(no)" }; -repair_denied => { "$(no)" }; -repair_timeout => { "$(no)" }; -} - - -@end verbatim - -@node body classes if_notkept -@section body classes if_notkept(x) - -@verbatim -body classes if_notkept(x) -{ -repair_failed => { "$(x)" }; -repair_denied => { "$(x)" }; -repair_timeout => { "$(x)" }; -} - - -@end verbatim - -@node body classes if_ok -@section body classes if_ok(x) - -@verbatim -body classes if_ok(x) -{ -promise_repaired => { "$(x)" }; -promise_kept => { "$(x)" }; -} - - -@end verbatim - -@node body classes if_ok_cancel -@section body classes if_ok_cancel(x) - -@verbatim -body classes if_ok_cancel(x) -{ -cancel_repaired => { "$(x)" }; -cancel_kept => { "$(x)" }; -} - - -@end verbatim - -@node body classes if_repaired -@section body classes if_repaired(x) - -@verbatim -body classes if_repaired(x) -{ -promise_repaired => { "$(x)" }; -} - - -@end verbatim - -@node body classes state_repaired -@section body classes state_repaired(x) - -@verbatim -body classes state_repaired(x) -{ -promise_repaired => { "$(x)" }; -persist_time => "10"; -} - - -@end verbatim - -@node body contain in_dir -@section body contain in_dir(s) - -@verbatim -body contain in_dir(s) -{ -chdir => "$(s)"; -} - - -@end verbatim - -@node body contain in_dir_shell -@section body contain in_dir_shell(s) - -@verbatim -body contain in_dir_shell(s) -{ -chdir => "$(s)"; -useshell => "useshell"; -} - - -@end verbatim - -@node body contain in_dir_shell_and_silent -@section body contain in_dir_shell_and_silent(dir) - -@verbatim -body contain in_dir_shell_and_silent(dir) -{ -useshell => "useshell"; -no_output => "true"; -chdir => "$(dir)"; -} - - -@end verbatim - -@node body contain in_shell -@section body contain in_shell - -@verbatim -body contain in_shell -{ -useshell => "useshell"; -} - - -@end verbatim - -@node body contain in_shell_and_silent -@section body contain in_shell_and_silent - -@verbatim -body contain in_shell_and_silent -{ -useshell => "useshell"; -no_output => "true"; -} - - -@end verbatim - -@node body contain in_shell_bg -@section body contain in_shell_bg - -@verbatim -body contain in_shell_bg -{ -useshell => "useshell"; -background => "true"; -} - - -@end verbatim - -@node body contain jail -@section body contain jail(owner,root,dir) - -@verbatim -body contain jail(owner,root,dir) -{ -exec_owner => "$(owner)"; -useshell => "useshell"; -chdir => "$(dir)"; -chroot => "$(root)"; -} - - - - -@end verbatim - -@node body contain setuid -@section body contain setuid(x) - -@verbatim -body contain setuid(x) -{ -exec_owner => "$(x)"; -useshell => "noshell"; -} - - -@end verbatim - -@node body contain setuid_sh -@section body contain setuid_sh(x) - -@verbatim -body contain setuid_sh(x) -{ -exec_owner => "$(x)"; -useshell => "useshell"; -} - - -@end verbatim - -@node body contain setuidgid_sh -@section body contain setuidgid_sh(owner,group) - -@verbatim -body contain setuidgid_sh(owner,group) -{ -exec_owner => "$(owner)"; -exec_group => "$(group)"; -useshell => "useshell"; -} - - -@end verbatim - -@node body contain silent -@section body contain silent - -@verbatim -body contain silent -{ -no_output => "true"; -} - - -@end verbatim - -@node body contain silent_in_dir -@section body contain silent_in_dir(s) - -@verbatim -body contain silent_in_dir(s) -{ -chdir => "$(s)"; -no_output => "true"; -} - - -@end verbatim - -@node body copy_from backup_local_cp -@section body copy_from backup_local_cp(from) - -@verbatim -body copy_from backup_local_cp(from) -# Local copy, keeping a backup of old versions -{ - source => "$(from)"; - copy_backup => "timestamp"; -} - - -# Copy only if the file does not already exist, i.e. seed the placement - -@end verbatim - -@node body copy_from local_cp -@section body copy_from local_cp(from) - -@verbatim -body copy_from local_cp(from) -{ -source => "$(from)"; -} - - -@end verbatim - -@node body copy_from local_dcp -@section body copy_from local_dcp(from) - -@verbatim -body copy_from local_dcp(from) -{ -source => "$(from)"; -compare => "digest"; -} - - -@end verbatim - -@node body copy_from no_backup_cp -@section body copy_from no_backup_cp(from) - -@verbatim -body copy_from no_backup_cp(from) -{ -source => "$(from)"; -copy_backup => "false"; -} - - -@end verbatim - -@node body copy_from no_backup_dcp -@section body copy_from no_backup_dcp(from) - -@verbatim -body copy_from no_backup_dcp(from) -{ -source => "$(from)"; -copy_backup => "false"; -compare => "digest"; -} - - -@end verbatim - -@node body copy_from no_backup_rcp -@section body copy_from no_backup_rcp(from,server) - -@verbatim -body copy_from no_backup_rcp(from,server) -{ -servers => { "$(server)" }; -source => "$(from)"; -compare => "mtime"; -copy_backup => "false"; -} - - -@end verbatim - -@node body copy_from perms_cp -@section body copy_from perms_cp(from) - -@verbatim -body copy_from perms_cp(from) -{ -source => "$(from)"; -preserve => "true"; -} - -@end verbatim - -@node body copy_from remote_cp -@section body copy_from remote_cp(from,server) - -@verbatim -body copy_from remote_cp(from,server) -{ -servers => { "$(server)" }; -source => "$(from)"; -compare => "mtime"; -} - - -@end verbatim - -@node body copy_from remote_dcp -@section body copy_from remote_dcp(from,server) - -@verbatim -body copy_from remote_dcp(from,server) -{ -servers => { "$(server)" }; -source => "$(from)"; -compare => "digest"; -} - - -@end verbatim - -@node body copy_from secure_cp -@section body copy_from secure_cp(from,server) - -@verbatim -body copy_from secure_cp(from,server) -{ -source => "$(from)"; -servers => { "$(server)" }; -compare => "digest"; -encrypt => "true"; -verify => "true"; -} - - -@end verbatim - -@node body copy_from seed_cp -@section body copy_from seed_cp(from) - -@verbatim -body copy_from seed_cp(from) -{ -source => "$(from)"; -compare => "exists"; -} - - -@end verbatim - -@node body copy_from sync_cp -@section body copy_from sync_cp(from,server) - -@verbatim -body copy_from sync_cp(from,server) -{ -servers => { "$(server)" }; -source => "$(from)"; -purge => "true"; -preserve => "true"; -type_check => "false"; -} - - -@end verbatim - -@node body database_server local_mysql -@section body database_server local_mysql(username, password) - -@verbatim -body database_server local_mysql(username, password) -{ -db_server_owner => "$(username)"; -db_server_password => "$(password)"; -db_server_host => "localhost"; -db_server_type => "mysql"; -db_server_connection_db => "mysql"; -} - - -@end verbatim - -@node body database_server local_postgresql -@section body database_server local_postgresql(username, password) - -@verbatim -body database_server local_postgresql(username, password) -{ -db_server_owner => "$(username)"; -db_server_password => "$(password)"; -db_server_host => "localhost"; -db_server_type => "postgres"; -db_server_connection_db => "postgres"; -} - - -@end verbatim - -@node body delete tidy -@section body delete tidy - -@verbatim -body delete tidy - -{ -dirlinks => "delete"; -rmdirs => "true"; -} - - -@end verbatim - -@node body depth_search include_base -@section body depth_search include_base - -@verbatim -body depth_search include_base -{ -include_basedir => "true"; -} - - -@end verbatim - -@node body depth_search recurse -@section body depth_search recurse(d) - -@verbatim -body depth_search recurse(d) - -{ -depth => "$(d)"; -xdev => "true"; -} - - -@end verbatim - -@node body depth_search recurse_ignore -@section body depth_search recurse_ignore(d,list) - -@verbatim -body depth_search recurse_ignore(d,list) -{ -depth => "$(d)"; -exclude_dirs => { @(list) }; -} - - -@end verbatim - -@node body edit_defaults backup_timestamp -@section body edit_defaults backup_timestamp - -@verbatim -body edit_defaults backup_timestamp -{ -empty_file_before_editing => "false"; -edit_backup => "timestamp"; -#max_file_size => "300000"; -} - - -@end verbatim - -@node body edit_defaults empty -@section body edit_defaults empty - -@verbatim -body edit_defaults empty -{ -empty_file_before_editing => "true"; -edit_backup => "false"; -#max_file_size => "300000"; -} - - -@end verbatim - -@node body edit_defaults no_backup -@section body edit_defaults no_backup - -@verbatim -body edit_defaults no_backup -{ -edit_backup => "false"; -} - - -@end verbatim - -@node body edit_defaults std_defs -@section body edit_defaults std_defs - -@verbatim -body edit_defaults std_defs -{ -empty_file_before_editing => "false"; -edit_backup => "false"; -#max_file_size => "300000"; -} - - -@end verbatim - -@node body edit_field col -@section body edit_field col(split,col,newval,method) - -@verbatim -body edit_field col(split,col,newval,method) -{ -field_separator => "$(split)"; -select_field => "$(col)"; -value_separator => ","; -field_value => "$(newval)"; -field_operation => "$(method)"; -extend_fields => "true"; -allow_blank_fields => "true"; -} - - -@end verbatim - -@node body edit_field line -@section body edit_field line(split,col,newval,method) - -@verbatim -body edit_field line(split,col,newval,method) -{ -field_separator => "$(split)"; -select_field => "$(col)"; -value_separator => " "; -field_value => "$(newval)"; -field_operation => "$(method)"; -extend_fields => "true"; -allow_blank_fields => "true"; -} - - -@end verbatim - -@node body edit_field quoted_var -@section body edit_field quoted_var(newval,method) - -@verbatim -body edit_field quoted_var(newval,method) -{ -field_separator => "\""; -select_field => "2"; -value_separator => " "; -field_value => "$(newval)"; -field_operation => "$(method)"; -extend_fields => "false"; -allow_blank_fields => "true"; -} - - -@end verbatim - -@node body environment_resources kvm -@section body environment_resources kvm(name, arch, cpu_count, mem_kb, disk_file) - -@verbatim -body environment_resources kvm(name, arch, cpu_count, mem_kb, disk_file) -{ -env_spec => -" - $(name) - $(mem_kb) - $(mem_kb) - $(cpu_count) - - hvm - - - - - - - destroy - restart - restart - - /usr/bin/kvm - - - - - - - - - - -"; -} - - - -@end verbatim - -@node body file_select all -@section body file_select all - -@verbatim -body file_select all -{ -leaf_name => { ".*" }; -file_result => "leaf_name"; -} - - -@end verbatim - -@node body file_select by_name -@section body file_select by_name(names) - -@verbatim -body file_select by_name(names) -{ -leaf_name => { @(names)}; -file_result => "leaf_name"; -} - - -@end verbatim - -@node body file_select days_old -@section body file_select days_old(days) - -@verbatim -body file_select days_old(days) -{ -mtime => irange(0,ago(0,0,"$(days)",0,0,0)); -file_result => "mtime"; -} - - -@end verbatim - -@node body file_select dirs -@section body file_select dirs - -@verbatim -body file_select dirs -{ -file_types => { "dir" }; -file_result => "file_types"; -} - - -@end verbatim - -@node body file_select ex_list -@section body file_select ex_list(names) - -@verbatim -body file_select ex_list(names) -{ -leaf_name => { @(names)}; -file_result => "!leaf_name"; -} - - -@end verbatim - -@node body file_select exclude -@section body file_select exclude(name) - -@verbatim -body file_select exclude(name) -{ -leaf_name => { "$(name)"}; -file_result => "!leaf_name"; -} - - -@end verbatim - -@node body file_select name_age -@section body file_select name_age(name,days) - -@verbatim -body file_select name_age(name,days) -{ -leaf_name => { "$(name)" }; -mtime => irange(0,ago(0,0,"$(days)",0,0,0)); -file_result => "mtime.leaf_name"; -} - - -@end verbatim - -@node body file_select plain -@section body file_select plain - -@verbatim -body file_select plain -{ -file_types => { "plain" }; -file_result => "file_types"; -} - -@end verbatim - -@node body file_select size_range -@section body file_select size_range(from,to) - -@verbatim -body file_select size_range(from,to) -{ -search_size => irange("$(from)","$(to)"); -file_result => "size"; -} - - -@end verbatim - -@node body link_from linkchildren -@section body link_from linkchildren(tofile) - -@verbatim -body link_from linkchildren(tofile) -{ -source => "$(tofile)"; -link_type => "symlink"; -when_no_source => "force"; -link_children => "true"; -when_linking_children => "if_no_such_file"; # "override_file"; -} - - -@end verbatim - -@node body link_from ln_s -@section body link_from ln_s(x) - -@verbatim -body link_from ln_s(x) -{ -link_type => "symlink"; -source => "$(x)"; -when_no_source => "force"; -} - - -@end verbatim - -@node body location after -@section body location after(str) - -@verbatim -body location after(str) -{ -before_after => "after"; -select_line_matching => "$(str)"; -} - - -@end verbatim - -@node body location before -@section body location before(str) - -@verbatim -body location before(str) -{ -before_after => "before"; -select_line_matching => "$(str)"; -} - - - - -@end verbatim - -@node body location start -@section body location start - -@verbatim -body location start -{ -before_after => "before"; -} - - -@end verbatim - -@node body match_value line_match_value -@section body match_value line_match_value(line_match, extract_regex) - -@verbatim -body match_value line_match_value(line_match, extract_regex) -{ -select_line_matching => "$(line_match)"; -extraction_regex => "$(extract_regex)"; -} - - -@end verbatim - -@node body match_value scan_changing_file -@section body match_value scan_changing_file(line) - -@verbatim -body match_value scan_changing_file(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "false"; -} - - -@end verbatim - -@node body match_value scan_log -@section body match_value scan_log(line) - -@verbatim -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - - -@end verbatim - -@node body match_value single_value -@section body match_value single_value(regex) - -@verbatim -body match_value single_value(regex) -{ -select_line_matching => "$(regex)"; -extraction_regex => "($(regex))"; -} - - -@end verbatim - -@node body mount nfs -@section body mount nfs(server,source) - -@verbatim -body mount nfs(server,source) -{ -mount_type => "nfs"; -mount_source => "$(source)"; -mount_server => "$(server)"; -edit_fstab => "true"; -} - - - -@end verbatim - -@node body mount nfs_p -@section body mount nfs_p(server,source,perm) - -@verbatim -body mount nfs_p(server,source,perm) -{ -mount_type => "nfs"; -mount_source => "$(source)"; -mount_server => "$(server)"; -mount_options => {"$(perm)"}; -edit_fstab => "true"; -} - - -@end verbatim - -@node body mount unmount -@section body mount unmount - -@verbatim -body mount unmount -{ -mount_type => "nfs"; -edit_fstab => "true"; -unmount => "true"; -} - - -@end verbatim - -@node body package_method apt -@section body package_method apt - -@verbatim -body package_method apt -{ -package_changes => "bulk"; -package_list_command => "/usr/bin/dpkg -l"; -package_list_name_regex => ".i\s+([^\s]+).*"; -package_list_version_regex => ".i\s+[^\s]+\s+([^\s]+).*"; -package_installed_regex => ".i.*"; # packages that have been uninstalled may be listed -package_name_convention => "$(name)"; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_ifelapsed => "240"; - -have_aptitude:: - package_add_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_list_update_command => "/usr/bin/aptitude update"; - package_delete_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes -q remove"; - package_update_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_patch_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_verify_command => "/usr/bin/aptitude show"; - package_noverify_regex => "(State: not installed|E: Unable to locate package .*)"; - - package_patch_list_command => "/usr/bin/aptitude --assume-yes --simulate --verbose full-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; - -!have_aptitude:: - package_add_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_list_update_command => "/usr/bin/apt-get update"; - package_delete_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes -q remove"; - package_update_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_patch_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_verify_command => "/usr/bin/dpkg -s"; - package_noverify_returncode => "1"; - - package_patch_list_command => "/usr/bin/apt-get --just-print dist-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; - -} - - -@end verbatim - -@node body package_method dpkg_version -@section body package_method dpkg_version(repo) - -@verbatim -body package_method dpkg_version(repo) -{ -package_changes => "individual"; -package_list_command => "/usr/bin/dpkg -l"; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_command => "/usr/bin/apt-get update"; -package_list_update_ifelapsed => "240"; - -package_list_name_regex => ".i\s+([^\s]+).*"; -package_list_version_regex => ".i\s+[^\s]+\s+([^\s]+).*"; - -package_installed_regex => ".i.*"; # packages that have been uninstalled may be listed - -package_file_repositories => { "$(repo)" }; - -debian.x86_64:: - package_name_convention => "$(name)_$(version)_amd64.deb"; - -debian.i686:: - package_name_convention => "$(name)_$(version)_i386.deb"; - -have_aptitude:: - package_patch_list_command => "/usr/bin/aptitude --assume-yes --simulate --verbose full-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; -!have_aptitude:: - package_patch_list_command => "/usr/bin/apt-get --just-print dist-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; - -debian:: - package_add_command => "/usr/bin/dpkg --install"; - package_delete_command => "/usr/bin/dpkg --purge"; - package_update_command => "/usr/bin/dpkg --install"; - package_patch_command => "/usr/bin/dpkg --install"; -} - - -@end verbatim - -@node body package_method emerge -@section body package_method emerge - -@verbatim -body package_method emerge -{ - package_changes => "individual"; - package_list_command => "/bin/sh -c '/bin/ls -d /var/db/pkg/*/* | cut -c 13-'"; - package_list_name_regex => ".*/([^\s]+)-\d.*"; - package_list_version_regex => ".*/[^\s]+-(\d.*)"; - package_installed_regex => ".*"; # all reported are installed - package_name_convention => "$(name)"; - package_list_update_command => "/bin/true"; # I prefer manual syncing - #package_list_update_command => "/usr/bin/emerge --sync"; # if you like automatic - package_list_update_ifelapsed => "240"; # should happen every 4 hours - - package_add_command => "/usr/bin/emerge -q --quiet-build"; - package_delete_command => "/usr/bin/emerge --depclean"; - package_update_command => "/usr/bin/emerge --update"; - package_patch_command => "/usr/bin/emerge --update"; - package_verify_command => "/usr/bin/emerge -s"; - package_noverify_regex => ".*(Not Installed|Applications found : 0).*"; -} - - -@end verbatim - -@node body package_method freebsd -@section body package_method freebsd - -@verbatim -body package_method freebsd -{ - package_changes => "individual"; - - # Could use rpm for this - package_list_command => "/usr/sbin/pkg_info"; - - # Remember to escape special characters like | - - package_list_name_regex => "([^\s]+)-.*"; - package_list_version_regex => "[^\s]+-([^\s]+).*"; - - package_name_regex => "([^\s]+)-.*"; - package_version_regex => "[^\s]+-([^\s]+).*"; - - package_installed_regex => ".*"; - - package_name_convention => "$(name)-$(version)"; - - - package_add_command => "/usr/sbin/pkg_add -r"; - package_delete_command => "/usr/sbin/pkg_delete"; -} - - -@end verbatim - -@node body package_method generic -@section body package_method generic - -@verbatim -body package_method generic -{ -SuSE:: - package_changes => "bulk"; - package_list_command => "/bin/rpm -qa --queryformat \"i | repos | %{name} | %{version}-%{release} | %{arch}\n\""; - # set it to "0" to avoid caching of list during upgrade - package_list_update_command => "/usr/bin/zypper list-updates"; - package_list_update_ifelapsed => "0"; - package_patch_list_command => "/usr/bin/zypper patches"; - package_installed_regex => "i.*"; - package_list_name_regex => "[^|]+\|[^|]+\|\s+([^\s]+).*"; - package_list_version_regex => "[^|]+\|[^|]+\|[^|]+\|\s+([^\s]+).*"; - package_list_arch_regex => "[^|]+\|[^|]+\|[^|]+\|[^|]+\|\s+([^\s]+).*"; - package_patch_installed_regex => ".*Installed.*|.*Not Applicable.*"; - package_patch_name_regex => "[^|]+\|\s+([^\s]+).*"; - package_patch_version_regex => "[^|]+\|[^|]+\|\s+([^\s]+).*"; - package_name_convention => "$(name)"; - package_add_command => "/usr/bin/zypper --non-interactive install"; - package_delete_command => "/usr/bin/zypper --non-interactive remove --force-resolution"; - package_update_command => "/usr/bin/zypper --non-interactive update"; - package_patch_command => "/usr/bin/zypper --non-interactive patch$"; # $ means no args - package_verify_command => "/usr/bin/zypper --non-interactive verify$"; - -redhat:: - package_changes => "bulk"; - package_list_command => "/bin/rpm -qa --qf '%{name} %{version}-%{release} %{arch}\n'"; - package_patch_list_command => "/usr/bin/yum --quiet check-update"; - package_list_name_regex => "^(\S+?)\s\S+?\s\S+$"; - package_list_version_regex => "^\S+?\s(\S+?)\s\S+$"; - package_list_arch_regex => "^\S+?\s\S+?\s(\S+)$"; - package_installed_regex => ".*"; - package_name_convention => "$(name)"; - package_list_update_command => "/usr/bin/yum --quiet check-update"; - package_list_update_ifelapsed => "0"; # sometimes, caching is pretty disturbing - package_patch_installed_regex => "^\s.*"; - package_patch_name_regex => "([^.]+).*"; - package_patch_version_regex => "[^\s]\s+([^\s]+).*"; - package_patch_arch_regex => "[^.]+\.([^\s]+).*"; - package_add_command => "/usr/bin/yum -y install"; - package_update_command => "/usr/bin/yum -y update"; - package_patch_command => "/usr/bin/yum -y update"; - package_delete_command => "/bin/rpm -e --nodeps --allmatches"; - package_verify_command => "/bin/rpm -V"; - -# package_changes => "bulk"; -# package_list_command => "/usr/bin/yum list installed"; -# package_patch_list_command => "/usr/bin/yum check-update"; -# package_list_name_regex => "([^.]+).*"; -# package_list_version_regex => "[^\s]\s+([^\s]+).*"; -# package_list_arch_regex => "[^.]+\.([^\s]+).*"; -# package_installed_regex => ".*(installed|\s+@).*"; -# package_name_convention => "$(name).$(arch)"; -# package_list_update_ifelapsed => "240"; -# package_patch_installed_regex => "^\s.*"; -# package_patch_name_regex => "([^.]+).*"; -# package_patch_version_regex => "[^\s]\s+([^\s]+).*"; -# package_patch_arch_regex => "[^.]+\.([^\s]+).*"; -# package_add_command => "/usr/bin/yum -y install"; -# package_delete_command => "/bin/rpm -e --nodeps"; -# package_verify_command => "/bin/rpm -V"; - -debian:: - package_changes => "bulk"; - package_list_command => "/usr/bin/dpkg -l"; - package_list_name_regex => ".i\s+([^\s]+).*"; - package_list_version_regex => ".i\s+[^\s]+\s+([^\s]+).*"; - package_installed_regex => ".i.*"; # packages that have been uninstalled may be listed - package_name_convention => "$(name)"; - package_list_update_ifelapsed => "240"; # 4 hours - -debian.have_aptitude:: - package_add_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_list_update_command => "/usr/bin/aptitude update"; - package_delete_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes remove"; - package_update_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_patch_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/aptitude -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --assume-yes install"; - package_verify_command => "/usr/bin/aptitude show"; - package_noverify_regex => "(State: not installed|E: Unable to locate package .*)"; - - package_patch_list_command => "/usr/bin/aptitude --assume-yes --simulate --verbose full-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; - -debian.!have_aptitude:: - package_add_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_list_update_command => "/usr/bin/apt-get update"; - package_delete_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes remove"; - package_update_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_patch_command => "/usr/bin/env DEBIAN_FRONTEND=noninteractive LC_ALL=C /usr/bin/apt-get -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef --yes install"; - package_verify_command => "/usr/bin/dpkg -s"; - package_noverify_returncode => "1"; - - package_patch_list_command => "/usr/bin/apt-get --just-print dist-upgrade"; - package_patch_name_regex => "^Inst\s+(\S+)\s+.*"; - package_patch_version_regex => "^Inst\s+\S+\s+\[?\(?([^\],\s]+).*"; - -freebsd:: - package_changes => "individual"; - package_list_command => "/usr/sbin/pkg_info"; - package_list_name_regex => "([^\s]+)-.*"; - package_list_version_regex => "[^\s]+-([^\s]+).*"; - package_name_regex => "([^\s]+)-.*"; - package_version_regex => "[^\s]+-([^\s]+).*"; - package_installed_regex => ".*"; - package_name_convention => "$(name)-$(version)"; - package_add_command => "/usr/sbin/pkg_add -r"; - package_delete_command => "/usr/sbin/pkg_delete"; - -alpinelinux:: - package_changes => "individual"; - package_list_command => "/sbin/apk info -v"; - package_list_name_regex => "([^\s]+)-.*"; - package_list_version_regex => "[^\s]+-([^\s]+).*"; - package_name_regex => "([^\s]+)-.*"; - package_version_regex => "[^\s]+-([^\s]+).*"; - package_installed_regex => ".*"; - package_name_convention => "$(name)-$(version)"; - package_add_command => "/sbin/apk add"; - package_delete_command => "/sbin/apk del"; - -gentoo:: - package_changes => "individual"; - package_list_command => "/bin/sh -c '/bin/ls -d /var/db/pkg/*/* | cut -c 13-'"; - package_list_name_regex => ".*/([^\s]+)-\d.*"; - package_list_version_regex => ".*/[^\s]+-(\d.*)"; - package_installed_regex => ".*"; # all reported are installed - package_name_convention => "$(name)"; - package_list_update_command => "/bin/true"; # I prefer manual syncing - #package_list_update_command => "/usr/bin/emerge --sync"; # if you like automatic - package_list_update_ifelapsed => "240"; # should happen every 4 hours - - package_add_command => "/usr/bin/emerge -q --quiet-build"; - package_delete_command => "/usr/bin/emerge --depclean"; - package_update_command => "/usr/bin/emerge --update"; - package_patch_command => "/usr/bin/emerge --update"; - package_verify_command => "/usr/bin/emerge -s"; - package_noverify_regex => ".*(Not Installed|Applications found : 0).*"; - -archlinux:: - package_changes => "bulk"; - package_list_command => "/usr/bin/pacman -Q"; - package_list_name_regex => "(.*)\s+.*"; - package_list_version_regex => ".*\s+(.*)"; - package_installed_regex => ".*"; - package_name_convention => "$(name)"; - package_list_update_ifelapsed => "240"; - package_add_command => "/usr/bin/pacman -S --noconfirm --noprogressbar --needed"; - package_delete_command => "/usr/bin/pacman -Rs --noconfirm"; - package_update_command => "/usr/bin/pacman -S --noconfirm --noprogressbar --needed"; -} - - - -@end verbatim - -@node body package_method ips -@section body package_method ips - -@verbatim -body package_method ips -{ - package_changes => "bulk"; - package_list_command => "/usr/bin/pkg list -v --no-refresh"; - package_list_name_regex => "pkg://.+?/([^\s]+)@.*$"; - package_list_version_regex => "[^\s]+@([^\s]+).*"; - package_installed_regex => ".*(i..)"; # all reported are installed - - # set it to "0" to avoid caching of list during upgrade - package_list_update_command => "/bin/true"; # Fixme later - package_list_update_ifelapsed => "240"; - - package_add_command => "/usr/bin/pkg install --accept "; - package_list_update_command => "/usr/bin/pkg refresh --full"; - package_delete_command => "/usr/bin/pkg uninstall"; - package_update_command => "/usr/bin/pkg install --accept"; - package_patch_command => "/usr/bin/pkg install --accept"; - package_verify_command => "/usr/bin/pkg list -a -v --no-refresh"; - package_noverify_regex => "(.*---|pkg list: no packages matching .* installed)"; -} - - -# SmartOS (solaris 10 fork by Joyent) uses pkgin - -@end verbatim - -@node body package_method msi_explicit -@section body package_method msi_explicit(repo) - -@verbatim -body package_method msi_explicit(repo) -# use software name as promiser, e.g. "7-Zip", and explicitly -# specify any package_version and package_arch -{ -package_changes => "individual"; -package_file_repositories => { "$(repo)" }; - -package_installed_regex => ".*"; - -package_name_convention => "$(name)-$(version)-$(arch).msi"; -package_delete_convention => "$(firstrepo)$(name)-$(version)-$(arch).msi"; - -package_add_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /i"; -package_update_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /i"; -package_delete_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /x"; -} - - -@end verbatim - -@node body package_method msi_implicit -@section body package_method msi_implicit(repo) - -@verbatim -body package_method msi_implicit(repo) -# Use whole file name as promiser, e.g. "7-Zip-4.50-x86_64.msi", -# the name, version and arch is then deduced from the promiser -{ -package_changes => "individual"; -package_file_repositories => { "$(repo)" }; - -package_installed_regex => ".*"; - -package_name_convention => "$(name)-$(version)-$(arch).msi"; -package_delete_convention => "$(firstrepo)$(name)-$(version)-$(arch).msi"; - -package_name_regex => "^(\S+)-(\d+\.?)+"; -package_version_regex => "^\S+-((\d+\.?)+)"; -package_arch_regex => "^\S+-[\d\.]+-(.*).msi"; - -package_add_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /i"; -package_update_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /i"; -package_delete_command => "\"$(sys.winsysdir)\msiexec.exe\" /qn /x"; -} - - -@end verbatim - -@node body package_method pacman -@section body package_method pacman - -@verbatim -body package_method pacman - -{ -package_changes => "bulk"; - -package_list_command => "/usr/bin/pacman -Q"; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_ifelapsed => "240"; - -package_list_name_regex => "(.*)\s+.*"; -package_list_version_regex => ".*\s+(.*)"; -package_installed_regex => ".*"; - -package_name_convention => "$(name)"; -package_add_command => "/usr/bin/pacman -S --noconfirm --noprogressbar --needed"; -package_delete_command => "/usr/bin/pacman -Rs --noconfirm"; -package_update_command => "/usr/bin/pacman -S --noconfirm --noprogressbar --needed"; -} - - - # Single bundle for all the similar managers simplifies promises - -@end verbatim - -@node body package_method rpm_filebased -@section body package_method rpm_filebased(path) - -@verbatim -body package_method rpm_filebased(path) - -# Contributed by Aleksey Tsalolikhin. Written on 29-Feb-2012. -# Based on yum_rpm body in COPBL by Trond Hasle Amundsen. -# Purpose: install packages from local filesystem-based package repository. -# Note: Specify the path to the local package repository in the argument. - -# Example of how to use it: -# -# {{{ -# packages: -# "epel-release" -# package_policy => "add", -# package_version => "5-4", -# package_architectures => { "noarch" }, -# package_method => rpm_filebased("/repo/RPMs"); -# }}} - -{ - package_file_repositories => { "$(path)" }; - # the above is an addition to Trond's yum_rpm body - - package_add_command => "/bin/rpm -ihv "; - # The above is a change from Trond's yum_rpm body, this makes the commands rpm only. - # The reason I changed the install command from yum to rpm is yum will be default - # refuse to install the epel-release RPM as it does not have the EPEL GPG key, - # but rpm goes ahead and installs the epel-release RPM and the EPEL GPG key. - - package_name_convention => "$(name)-$(version).$(arch).rpm"; - # The above is a change from Tron's yum_rpm body. When package_file_repositories is in play, - # package_name_convention has to match the file name, not the package name, per the - # CFEngine 3 Reference Manual - - # set it to "0" to avoid caching of list during upgrade - package_list_update_command => "/usr/bin/yum --quiet check-update"; - package_list_update_ifelapsed => "240"; - - # The rest is unchanged from Trond's yum_rpm body - package_changes => "bulk"; - package_list_command => "/bin/rpm -qa --qf '%{name} %{version}-%{release} %{arch}\n'"; - - package_list_name_regex => "^(\S+?)\s\S+?\s\S+$"; - package_list_version_regex => "^\S+?\s(\S+?)\s\S+$"; - package_list_arch_regex => "^\S+?\s\S+?\s(\S+)$"; - - package_installed_regex => ".*"; - - - package_delete_command => "/bin/rpm -e --allmatches"; - package_verify_command => "/bin/rpm -V"; -} - - -# OpenSolaris based systems (Solaris 11, Illumos, etc) use the much better -# Image Package System. - -@end verbatim - -@node body package_method rpm_version -@section body package_method rpm_version(repo) - -@verbatim -body package_method rpm_version(repo) -{ -package_changes => "individual"; - -package_list_command => "/bin/rpm -qa --queryformat \"i | repos | %{name} | %{version}-%{release} | %{arch}\n\""; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_command => "/usr/bin/yum --quiet check-update"; -package_list_update_ifelapsed => "240"; - -package_list_name_regex => "[^|]+\|[^|]+\|\s+([^\s|]+).*"; -package_list_version_regex => "[^|]+\|[^|]+\|[^|]+\|\s+([^\s|]+).*"; -package_list_arch_regex => "[^|]+\|[^|]+\|[^|]+\|[^|]+\|\s+([^\s]+).*"; - -package_installed_regex => "i.*"; - -package_file_repositories => { "$(repo)" }; - -package_name_convention => "$(name)-$(version).$(arch).rpm"; - -package_add_command => "/bin/rpm -ivh "; -package_update_command => "/bin/rpm -Uvh "; -package_patch_command => "/bin/rpm -Uvh "; -package_delete_command => "/bin/rpm -e --nodeps"; -package_noverify_regex => ".*[^\s].*"; -} - - -@end verbatim - -@node body package_method smartos -@section body package_method smartos - -@verbatim -body package_method smartos -{ - package_changes => "bulk"; - package_list_command => "/opt/local/bin/pkgin list"; - package_list_name_regex => "(.*)\-[0-9]+.*"; - package_list_version_regex => ".*\-([0-9][^\s]+).*"; - - package_installed_regex => ".*"; # all reported are installed - - package_list_update_command => "/opt/local/bin/pkgin -y update"; - package_list_update_ifelapsed => "240"; - - package_add_command => "/opt/local/bin/pkgin -y install"; - - package_delete_command => "/opt/local/bin/pkgin -y remove"; - package_update_command => "/opt/local/bin/pkgin upgrade"; -} - - -# The older solaris package system is poorly designed, with too many different -# names to track. See the example in tests/units/unit_package_solaris.cf -# to see how to use this - -@end verbatim - -@node body package_method solaris -@section body package_method solaris (pkgname, spoolfile, adminfile) - -@verbatim -body package_method solaris (pkgname, spoolfile, adminfile) -{ -package_changes => "individual"; -package_list_command => "/usr/bin/pkginfo -l"; -package_multiline_start => "\s*PKGINST:\s+[^\s]+.*"; -package_list_name_regex => "\s*PKGINST:\s+([^\s]+).*"; -package_list_version_regex => "\s*VERSION:\s+([^\s]+).*"; -package_list_arch_regex => "\s*ARCH:\s+([^\s]+)"; -package_installed_regex => "\s*STATUS:\s*(completely|partially)\s+installed.*"; -package_name_convention => "$(name)"; -package_add_command => "/usr/sbin/pkgadd -n -a /tmp/$(adminfile) -d /tmp/$(spoolfile)"; -package_delete_command => "/usr/sbin/pkgrm -n -a /tmp/$(adminfile)"; -} - - -# -# The following bundle is part of a package setup for solaris, see unit examples -# - -@end verbatim - -@node body package_method windows_feature -@section body package_method windows_feature - -@verbatim -body package_method windows_feature -{ -package_changes => "individual"; - -package_name_convention => "$(name)"; -package_delete_convention => "$(name)"; - -package_installed_regex => ".*"; -package_list_name_regex => "(.*)"; -package_list_version_regex => "(.*)"; # FIXME: the listing does not give version, so takes name for version too now - -package_add_command => "$(sys.winsysdir)\\WindowsPowerShell\\v1.0\\powershell.exe -Command \"Import-Module ServerManager; Add-WindowsFeature -Name\""; -package_delete_command => "$(sys.winsysdir)\\WindowsPowerShell\\v1.0\\powershell.exe -Command \"Import-Module ServerManager; Remove-WindowsFeature -confirm:$false -Name\""; -package_list_command => "$(sys.winsysdir)\\WindowsPowerShell\\v1.0\\powershell.exe -Command \"Import-Module ServerManager; Get-WindowsFeature | where {$_.installed -eq $True} |foreach {$_.Name}\""; -} - - -@end verbatim - -@node body package_method yum -@section body package_method yum - -@verbatim -body package_method yum -{ -package_changes => "bulk"; -package_list_command => "/usr/bin/yum --quiet list installed"; -package_patch_list_command => "/usr/bin/yum --quiet check-update"; - -# Remember to escape special characters like | - -package_list_name_regex => "([^.]+).*"; -package_list_version_regex => "[^\s]\s+([^\s]+).*"; -package_list_arch_regex => "[^.]+\.([^\s]+).*"; - -package_installed_regex => ".*(installed|\s+@).*"; -package_name_convention => "$(name).$(arch)"; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_command => "/usr/bin/yum --quiet check-update"; -package_list_update_ifelapsed => "240"; - -package_patch_installed_regex => "^\s.*"; -package_patch_name_regex => "([^.]+).*"; -package_patch_version_regex => "[^\s]\s+([^\s]+).*"; -package_patch_arch_regex => "[^.]+\.([^\s]+).*"; - -package_add_command => "/usr/bin/yum -y install"; -package_update_command => "/usr/bin/yum -y update"; -package_patch_command => "/usr/bin/yum -y update"; -package_delete_command => "/bin/rpm -e --nodeps"; -package_verify_command => "/bin/rpm -V"; -} - - -@end verbatim - -@node body package_method yum_rpm -@section body package_method yum_rpm - -@verbatim -body package_method yum_rpm - -# Contributed by Trond Hasle Amundsen - -# More efficient package method for RedHat - uses rpm to list instead of yum -# Notes: -# - using $(name).$(arch) instead of $(name) for package_name_convention -# causes uninstallation to fail. -# - using allmatches to remove for all architectures -# - -{ - package_changes => "bulk"; - package_list_command => "/bin/rpm -qa --qf '%{name} %{version}-%{release} %{arch}\n'"; - package_patch_list_command => "/usr/bin/yum --quiet check-update"; - - package_list_name_regex => "^(\S+?)\s\S+?\s\S+$"; - package_list_version_regex => "^\S+?\s(\S+?)\s\S+$"; - package_list_arch_regex => "^\S+?\s\S+?\s(\S+)$"; - - package_installed_regex => ".*"; - package_name_convention => "$(name)"; - - # set it to "0" to avoid caching of list during upgrade - package_list_update_command => "/usr/bin/yum --quiet check-update"; - package_list_update_ifelapsed => "240"; - - package_patch_installed_regex => "^\s.*"; - package_patch_name_regex => "([^.]+).*"; - package_patch_version_regex => "[^\s]\s+([^\s]+).*"; - package_patch_arch_regex => "[^.]+\.([^\s]+).*"; - - package_add_command => "/usr/bin/yum -y install"; - package_update_command => "/usr/bin/yum -y update"; - package_patch_command => "/usr/bin/yum -y update"; - package_delete_command => "/bin/rpm -e --nodeps --allmatches"; - package_verify_command => "/bin/rpm -V"; -} - - -@end verbatim - -@node body package_method zypper -@section body package_method zypper - -@verbatim -body package_method zypper - -{ -package_changes => "bulk"; - -package_list_command => "/bin/rpm -qa --queryformat \"i | repos | %{name} | %{version}-%{release} | %{arch}\n\""; - -# set it to "0" to avoid caching of list during upgrade -package_list_update_command => "/usr/bin/zypper list-updates"; -package_list_update_ifelapsed => "240"; - -package_patch_list_command => "/usr/bin/zypper patches"; -package_installed_regex => "i.*"; -package_list_name_regex => "[^|]+\|[^|]+\|\s+([^\s]+).*"; -package_list_version_regex => "[^|]+\|[^|]+\|[^|]+\|\s+([^\s]+).*"; -package_list_arch_regex => "[^|]+\|[^|]+\|[^|]+\|[^|]+\|\s+([^\s]+).*"; - -package_patch_installed_regex => ".*Installed.*|.*Not Applicable.*"; -package_patch_name_regex => "[^|]+\|\s+([^\s]+).*"; -package_patch_version_regex => "[^|]+\|[^|]+\|\s+([^\s]+).*"; - -package_name_convention => "$(name)"; -package_add_command => "/usr/bin/zypper --non-interactive install"; -package_delete_command => "/usr/bin/zypper --non-interactive remove --force-resolution"; -package_update_command => "/usr/bin/zypper --non-interactive update"; -package_patch_command => "/usr/bin/zypper --non-interactive patch$"; # $ means no args -package_verify_command => "/usr/bin/zypper --non-interactive verify$"; -} - - -@end verbatim - -@node body perms m -@section body perms m(mode) - -@verbatim -body perms m(mode) -{ -mode => "$(mode)"; -} - - -@end verbatim - -@node body perms mo -@section body perms mo(mode,user) - -@verbatim -body perms mo(mode,user) -{ -owners => { "$(user)" }; -mode => "$(mode)"; -} - - -@end verbatim - -@node body perms mog -@section body perms mog(mode,user,group) - -@verbatim -body perms mog(mode,user,group) -{ -owners => { "$(user)" }; -groups => { "$(group)" }; -mode => "$(mode)"; -} - - -@end verbatim - -@node body perms og -@section body perms og(u,g) - -@verbatim -body perms og(u,g) -{ -owners => { "$(u)" }; -groups => { "$(g)" }; -} - - -@end verbatim - -@node body perms owner -@section body perms owner(user) - -@verbatim -body perms owner(user) -{ -owners => { "$(user)" }; -} - - -@end verbatim - -@node body process_count any_count -@section body process_count any_count(cl) - -@verbatim -body process_count any_count(cl) - -{ -match_range => "0,0"; -out_of_range_define => { "$(cl)" }; -} - - -@end verbatim - -@node body process_count check_range -@section body process_count check_range(name,lower,upper) - -@verbatim -body process_count check_range(name,lower,upper) -{ -match_range => irange("$(lower)","$(upper)"); -out_of_range_define => { "$(name)_out_of_range" }; -} - - -@end verbatim - -@node body process_select days_older_than -@section body process_select days_older_than(d) - -@verbatim -body process_select days_older_than(d) -{ -stime_range => irange(ago(0,0,"$(d)",0,0,0),now); -process_result => "stime"; -} - - -@end verbatim - -@node body process_select exclude_procs -@section body process_select exclude_procs(x) - -@verbatim -body process_select exclude_procs(x) -{ -command => "$(x)"; -process_result => "!command"; -} - - -@end verbatim - -@node body rename disable -@section body rename disable - -@verbatim -body rename disable -{ -disable => "true"; -} - - -@end verbatim - -@node body rename rotate -@section body rename rotate(level) - -@verbatim -body rename rotate(level) -{ -rotate => "$(level)"; -} - - -@end verbatim - -@node body rename to -@section body rename to(file) - -@verbatim -body rename to(file) -{ -newname => "$(file)"; -} - - -@end verbatim - -@node body replace_with comment -@section body replace_with comment(c) - -@verbatim -body replace_with comment(c) -{ -replace_value => "$(c) $(match.1)"; -occurrences => "all"; -} - - -@end verbatim - -@node body replace_with uncomment -@section body replace_with uncomment - -@verbatim -body replace_with uncomment -{ -replace_value => "$(match.1)"; -occurrences => "all"; -} - - - -@end verbatim - -@node body replace_with value -@section body replace_with value(x) - -@verbatim -body replace_with value(x) -{ -replace_value => "$(x)"; -occurrences => "all"; -} - - -@end verbatim - -@node body select_region INI_section -@section body select_region INI_section(x) - -@verbatim -body select_region INI_section(x) -{ -select_start => "\[$(x)\]\s*"; -select_end => "\[.*\]\s*"; -} - - -@end verbatim - -@node body service_method bootstart -@section body service_method bootstart - -@verbatim -body service_method bootstart -{ - service_autostart_policy => "boot_time"; - service_dependence_chain => "start_parent_services"; -windows:: - service_type => "windows"; -} - - -@end verbatim - -@node body service_method force_deps -@section body service_method force_deps - -@verbatim -body service_method force_deps -{ - service_dependence_chain => "all_related"; -windows:: - service_type => "windows"; -} - - -@end verbatim - -@node body volume min_free_space -@section body volume min_free_space(free) - -@verbatim -body volume min_free_space(free) -{ -check_foreign => "false"; -freespace => "$(free)"; -sensible_size => "10000"; -sensible_count => "2"; -} - - -@end verbatim - -@node bundle agent cronjob -@section bundle agent cronjob(commands,user,hours,mins) - -@verbatim -bundle agent cronjob(commands,user,hours,mins) - - # For adding lines to crontab for a user - # methods: - # "cron" usebundle => cronjob("/bin/ls","mark","*","5,10"); - -{ -vars: - SuSE:: - "crontab" string => "/var/spool/cron/tabs"; - redhat|fedora:: - "crontab" string => "/var/spool/cron"; - !(SuSE|redhat|fedora):: - "crontab" string => "/var/spool/cron/crontabs"; - -files: - -!windows:: - "$(crontab)/$(user)" - - comment => "A user's regular batch jobs are added to this file", - create => "true", - edit_line => append_if_no_line("$(mins) $(hours) * * * $(commands)"), - perms => mo("644","$(user)"), - classes => if_repaired("changed_crontab"); - -processes: - -changed_crontab:: - "cron" - comment => "Most crons need to be huped after file changes", - signals => { "hup" }; - -} - - - - -@end verbatim - -@node bundle agent standard_services -@section bundle agent standard_services(service,state) - -@verbatim -bundle agent standard_services(service,state) -{ - # DATA, - -vars: - - any:: - - "stakeholders[cfengine3]" slist => { "cfengine_in" }; - "stakeholders[acpid]" slist => { "cpu", "cpu0", "cpu1", "cpu2", "cpu3" }; - "stakeholders[mongod]" slist => { "mongo_in" }; - "stakeholders[postfix]" slist => { "smtp_in" }; - "stakeholders[sendmail]" slist => { "smtp_in" }; - "stakeholders[www]" slist => { "www_in", "wwws_in", "www_alt_in" }; - "stakeholders[ssh]" slist => { "ssh_in" }; - "stakeholders[mysql]" slist => { "mysql_in" }; - "stakeholders[nfs]" slist => { "nfsd_in" }; - "stakeholders[syslog]" slist => { "syslog" }; - "stakeholders[rsyslog]" slist => { "syslog" }; - "stakeholders[tomcat5]" slist => { "www_alt_in" }; - "stakeholders[tomcat6]" slist => { "www_alt_in" }; - - linux:: - - "startcommand[acpid]" string => "/etc/init.d/acpid start"; - "stopcommand[acpid]" string => "/etc/init.d/acpid stop"; - "pattern[acpid]" string => ".*acpid.*"; - - "startcommand[cfengine3]" string => "/etc/init.d/cfengine3 start"; - "stopcommand[cfengine3]" string => "/etc/init.d/cfengine3 stop"; - "pattern[cfengine3]" string => ".*cf-execd.*"; - - "startcommand[fancontrol]" string => "/etc/init.d/fancontrol start"; - "stopcommand[fancontrol]" string => "/etc/init.d/fancontrol stop"; - "pattern[fancontrol]" string => ".*fancontrol.*"; - - "startcommand[hddtemp]" string => "/etc/init.d/hddtemp start"; - "stopcommand[hddtemp]" string => "/etc/init.d/hddtemp stop"; - "pattern[hddtemp]" string => ".*hddtemp.*"; - - "startcommand[irqbalance]" string => "/etc/init.d/irqbalance start"; - "stopcommand[irqbalance]" string => "/etc/init.d/irqbalance stop"; - "pattern[irqbalance]" string => ".*irqbalance.*"; - - "startcommand[lm-sensor]" string => "/etc/init.d/lm-sensor start"; - "stopcommand[lm-sensor]" string => "/etc/init.d/lm-sensor stop"; - "pattern[lm-sensor]" string => ".*psensor.*"; - - "startcommand[mongod]" string => "/etc/init.d/mongod start"; - "stopcommand[mongod]" string => "/etc/init.d/mongod stop"; - "pattern[mongod]" string => ".*mongod.*"; - - "startcommand[openvpn]" string => "/etc/init.d/openvpn start"; - "stopcommand[openvpn]" string => "/etc/init.d/openvpn stop"; - "pattern[openvpn]" string => ".*openvpn.*"; - - "startcommand[postfix]" string => "/etc/init.d/postfix start"; - "stopcommand[postfix]" string => "/etc/init.d/postfix stop"; - "pattern[postfix]" string => ".*postfix.*"; - - "startcommand[rsync]" string => "/etc/init.d/rsync start"; - "stopcommand[rsync]" string => "/etc/init.d/rsync stop"; - "pattern[rsync]" string => ".*rsync.*"; - - "startcommand[rsyslog]" string => "/etc/init.d/rsyslog start"; - "stopcommand[rsyslog]" string => "/etc/init.d/rsyslog stop"; - "pattern[rsyslog]" string => ".*rsyslogd.*"; - - "startcommand[sendmail]" string => "/etc/init.d/sendmail start"; - "stopcommand[sendmail]" string => "/etc/init.d/sendmail stop"; - "pattern[sendmail]" string => ".*sendmail.*"; - - "startcommand[ssh]" string => "/etc/init.d/sshd start"; - "stopcommand[ssh]" string => "/etc/init.d/sshd stop"; - "pattern[ssh]" string => ".*sshd.*"; - - "startcommand[tomcat5]" string => "/etc/init.d/tomcat5 start"; - "stopcommand[tomcat5]" string => "/etc/init.d/tomcat5 stop"; - "pattern[tomcat5]" string => ".*tomcat5.*"; - - "startcommand[tomcat6]" string => "/etc/init.d/tomcat6 start"; - "stopcommand[tomcat6]" string => "/etc/init.d/tomcat6 stop"; - "pattern[tomcat6]" string => ".*tomcat6.*"; - - "startcommand[varnish]" string => "/etc/init.d/varnish start"; - "stopcommand[varnish]" string => "/etc/init.d/varnish stop"; - "pattern[varnish]" string => ".*varnish.*"; - - "startcommand[wpa_supplicant]" string => "/etc/init.d/wpa_supplicant start"; - "stopcommand[wpa_supplicant]" string => "/etc/init.d/wpa_supplicant stop"; - "pattern[wpa_supplicant]" string => ".*wpa_supplicant.*"; - - SuSE|suse:: - - "startcommand[mysql]" string => "/etc/init.d/mysqld start"; - "stopcommand[mysql]" string => "/etc/init.d/mysqld stop"; - "pattern[mysql]" string => ".*mysqld.*"; - - "startcommand[www]" string => "/etc/init.d/apache2 start"; - "stopcommand[www]" string => "/etc/init.d/apache2 stop"; - "pattern[www]" string => ".*apache2.*"; - - - redhat:: - - "startcommand[anacron]" string => "/etc/init.d/anacron start"; - "stopcommand[anacron]" string => "/etc/init.d/anacron stop"; - "pattern[anacron]" string => ".*anacron.*"; - - "startcommand[atd]" string => "/etc/init.d/atd start"; - "stopcommand[atd]" string => "/etc/init.d/atd stop"; - "pattern[atd]" string => ".*sbin/atd.*"; - - "startcommand[auditd]" string => "/etc/init.d/auditd start"; - "stopcommand[auditd]" string => "/etc/init.d/auditd stop"; - "pattern[auditd]" string => ".*auditd.*"; - - "startcommand[autofs]" string => "/etc/init.d/autofs start"; - "stopcommand[autofs]" string => "/etc/init.d/autofs stop"; - "pattern[autofs]" string => ".*automount.*"; - - "startcommand[bluetoothd]" string => "/etc/init.d/bluetooth start"; - "stopcommand[bluetoothd]" string => "/etc/init.d/bluetooth stop"; - "pattern[bluetoothd]" string => ".*hcid.*"; - - "startcommand[capi]" string => "/etc/init.d/capi start"; - "stopcommand[capi]" string => "/etc/init.d/capi stop"; - "pattern[capi]" string => ".*capiinit.*"; - - "startcommand[conman]" string => "/etc/init.d/conman start"; - "stopcommand[conman]" string => "/etc/init.d/conman stop"; - "pattern[conman]" string => ".*conmand.*"; - - "startcommand[cpuspeed]" string => "/etc/init.d/cpuspeed start"; - "stopcommand[cpuspeed]" string => "/etc/init.d/cpuspeed stop"; - "pattern[cpuspeed]" string => ".*cpuspeed.*"; - - "startcommand[crond]" string => "/etc/init.d/crond start"; - "stopcommand[crond]" string => "/etc/init.d/crond stop"; - "pattern[crond]" string => ".*crond.*"; - - "startcommand[dc_client]" string => "/etc/init.d/dc_client start"; - "stopcommand[dc_client]" string => "/etc/init.d/dc_client stop"; - "pattern[dc_client]" string => ".*dc_client.*"; - - "startcommand[dc_server]" string => "/etc/init.d/dc_server start"; - "stopcommand[dc_server]" string => "/etc/init.d/dc_server stop"; - "pattern[dc_server]" string => ".*dc_server.*"; - - "startcommand[dnsmasq]" string => "/etc/init.d/dnsmasq start"; - "stopcommand[dnsmasq]" string => "/etc/init.d/dnsmasq stop"; - "pattern[dnsmasq]" string => ".*dnsmasq.*"; - - "startcommand[dund]" string => "/etc/init.d/dund start"; - "stopcommand[dund]" string => "/etc/init.d/dund stop"; - "pattern[dund]" string => ".*dund.*"; - - "startcommand[gpm]" string => "/etc/init.d/gpm start"; - "stopcommand[gpm]" string => "/etc/init.d/gpm stop"; - "pattern[gpm]" string => ".*gpm.*"; - - "startcommand[haldaemon]" string => "/etc/init.d/haldaemon start"; - "stopcommand[haldaemon]" string => "/etc/init.d/haldaemon stop"; - "pattern[haldaemon]" string => ".*hald.*"; - - "startcommand[hidd]" string => "/etc/init.d/hidd start"; - "stopcommand[hidd]" string => "/etc/init.d/hidd stop"; - "pattern[hidd]" string => ".*hidd.*"; - -# "startcommand[ip6tables]" string => "/etc/init.d/ip6tables start"; -# "stopcommand[ip6tables]" string => "/etc/init.d/ip6tables stop"; -# "pattern[ip6tables]" string => ".*ip6tables.*"; - -# "startcommand[iptables]" string => "/etc/init.d/iptables start"; -# "stopcommand[iptables]" string => "/etc/init.d/iptables stop"; -# "pattern[iptables]" string => ".*iptables.*"; - - "startcommand[irda]" string => "/etc/init.d/irda start"; - "stopcommand[irda]" string => "/etc/init.d/irda stop"; - "pattern[irda]" string => ".*irattach.*"; - - "startcommand[iscsid]" string => "/etc/init.d/iscsid start"; - "stopcommand[iscsid]" string => "/etc/init.d/iscsid stop"; - "pattern[iscsid]" string => ".*iscsid.*"; - - "startcommand[isdn]" string => "/etc/init.d/isdn start"; - "stopcommand[isdn]" string => "/etc/init.d/isdn stop"; - "pattern[isdn]" string => ".*isdnlog.*"; - - "startcommand[lvm2-monitor]" string => "/etc/init.d/lvm2-monitor start"; - "stopcommand[lvm2-monitor]" string => "/etc/init.d/lvm2-monitor stop"; - "pattern[lvm2-monitor]" string => ".*vgchange.*"; - - "startcommand[mcstrans]" string => "/etc/init.d/mcstrans start"; - "stopcommand[mcstrans]" string => "/etc/init.d/mcstrans stop"; - "pattern[mcstrans]" string => ".*mcstransd.*"; - - "startcommand[mdmonitor]" string => "/etc/init.d/mdmonitor start"; - "stopcommand[mdmonitor]" string => "/etc/init.d/mdmonitor stop"; - "pattern[mdmonitor]" string => ".*mdadm.*"; - - "startcommand[mdmpd]" string => "/etc/init.d/mdmpd start"; - "stopcommand[mdmpd]" string => "/etc/init.d/mdmpd stop"; - "pattern[mdmpd]" string => ".*mdmpd.*"; - - "startcommand[messagebus]" string => "/etc/init.d/messagebus start"; - "stopcommand[messagebus]" string => "/etc/init.d/messagebus stop"; - "pattern[messagebus]" string => ".*dbus-daemon.*"; - - "startcommand[microcode_ctl]" string => "/etc/init.d/microcode_ctl start"; - "stopcommand[microcode_ctl]" string => "/etc/init.d/microcode_ctl stop"; - "pattern[microcode_ctl]" string => ".*microcode_ctl.*"; - - "startcommand[multipathd]" string => "/etc/init.d/multipathd start"; - "stopcommand[multipathd]" string => "/etc/init.d/multipathd stop"; - "pattern[multipathd]" string => ".*multipathd.*"; - - "startcommand[mysql]" string => "/etc/init.d/mysqld start"; - "stopcommand[mysql]" string => "/etc/init.d/mysqld stop"; - "pattern[mysql]" string => ".*mysqld.*"; - - "startcommand[netplugd]" string => "/etc/init.d/netplugd start"; - "stopcommand[netplugd]" string => "/etc/init.d/netplugd stop"; - "pattern[netplugd]" string => ".*netplugd.*"; - - "startcommand[NetworkManager]" string => "/etc/init.d/NetworkManager start"; - "stopcommand[NetworkManager]" string => "/etc/init.d/NetworkManager stop"; - "pattern[NetworkManager]" string => ".*NetworkManager.*"; - - "startcommand[nfs]" string => "/etc/init.d/nfs start"; - "stopcommand[nfs]" string => "/etc/init.d/nfs stop"; - "pattern[nfs]" string => ".*nfsd.*"; - - "startcommand[nfslock]" string => "/etc/init.d/nfslock start"; - "stopcommand[nfslock]" string => "/etc/init.d/nfslock stop"; - "pattern[nfslock]" string => ".*rpc.statd.*"; - - "startcommand[nscd]" string => "/etc/init.d/nscd start"; - "stopcommand[nscd]" string => "/etc/init.d/nscd stop"; - "pattern[nscd]" string => ".*nscd.*"; - - "startcommand[oddjobd]" string => "/etc/init.d/oddjobd start"; - "stopcommand[oddjobd]" string => "/etc/init.d/oddjobd stop"; - "pattern[oddjobd]" string => ".*oddjobd.*"; - - "startcommand[pand]" string => "/etc/init.d/pand start"; - "stopcommand[pand]" string => "/etc/init.d/pand stop"; - "pattern[pand]" string => ".*pand.*"; - - "startcommand[pand]" string => "/etc/init.d/pand start"; - "stopcommand[pcscd]" string => "/etc/init.d/pand stop"; - "pattern[pcscd]" string => ".*pcscd.*"; - - "startcommand[portmap]" string => "/etc/init.d/portmap start"; - "stopcommand[portmap]" string => "/etc/init.d/portmap stop"; - "pattern[portmap]" string => ".*portmap.*"; - - "startcommand[postgresql]" string => "/etc/init.d/postgresql start"; - "stopcommand[postgresql]" string => "/etc/init.d/postgresql stop"; - "pattern[postgresql]" string => ".*postmaster.*"; - - "startcommand[rdisc]" string => "/etc/init.d/rdisc start"; - "stopcommand[rdisc]" string => "/etc/init.d/rdisc stop"; - "pattern[rdisc]" string => ".*rdisc.*"; - - "startcommand[rdisc]" string => "/etc/init.d/rdisc start"; - "stopcommand[rdisc]" string => "/etc/init.d/rdisc stop"; - "pattern[rdisc]" string => ".*rdisc.*"; - - "startcommand[readahead_early]" string => "/etc/init.d/readahead_early start"; - "stopcommand[readahead_early]" string => "/etc/init.d/readahead_early stop"; - "pattern[readahead_early]" string => ".*readahead.*early.*"; - - "startcommand[readahead_later]" string => "/etc/init.d/readahead_later start"; - "stopcommand[readahead_later]" string => "/etc/init.d/readahead_later stop"; - "pattern[readahead_later]" string => ".*readahead.*later.*"; - - "startcommand[restorecond]" string => "/etc/init.d/restorecond start"; - "stopcommand[restorecond]" string => "/etc/init.d/restorecond stop"; - "pattern[restorecond]" string => ".*restorecond.*"; - - "startcommand[rpcgssd]" string => "/etc/init.d/rpcgssd start"; - "stopcommand[rpcgssd]" string => "/etc/init.d/rpcgssd stop"; - "pattern[rpcgssd]" string => ".*rpc.gssd.*"; - - "startcommand[rpcidmapd]" string => "/etc/init.d/rpcidmapd start"; - "stopcommand[rpcidmapd]" string => "/etc/init.d/rpcidmapd stop"; - "pattern[rpcidmapd]" string => ".*rpc.idmapd.*"; - - "startcommand[rpcsvcgssd]" string => "/etc/init.d/rpcsvcgssd start"; - "stopcommand[rpcsvcgssd]" string => "/etc/init.d/rpcsvcgssd stop"; - "pattern[rpcsvcgssd]" string => ".*rpc.svcgssd.*"; - - "startcommand[saslauthd]" string => "/etc/init.d/saslauthd start"; - "stopcommand[saslauthd]" string => "/etc/init.d/saslauthd stop"; - "pattern[saslauthd]" string => ".*saslauthd.*"; - - "startcommand[smartd]" string => "/etc/init.d/smartd start"; - "stopcommand[smartd]" string => "/etc/init.d/smartd stop"; - "pattern[smartd]" string => ".*smartd.*"; - - "startcommand[svnserve]" string => "/etc/init.d/svnserve start"; - "stopcommand[svnserve]" string => "/etc/init.d/svnserve stop"; - "pattern[svnserve]" string => ".*svnserve.*"; - - "startcommand[syslog]" string => "/etc/init.d/syslog start"; - "stopcommand[syslog]" string => "/etc/init.d/syslog stop"; - "pattern[syslog]" string => ".*syslogd.*"; - - "startcommand[tcsd]" string => "/etc/init.d/tcsd start"; - "stopcommand[tcsd]" string => "/etc/init.d/tcsd stop"; - "pattern[tcsd]" string => ".*tcsd.*"; - - "startcommand[www]" string => "/etc/init.d/httpd start"; - "stopcommand[www]" string => "/etc/init.d/httpd stop"; - "pattern[www]" string => ".*httpd.*"; - - "startcommand[xfs]" string => "/etc/init.d/xfs start"; - "stopcommand[xfs]" string => "/etc/init.d/xfs stop"; - "pattern[xfs]" string => ".*xfs.*"; - - "startcommand[ypbind]" string => "/etc/init.d/ypbind start"; - "stopcommand[ypbind]" string => "/etc/init.d/ypbind stop"; - "pattern[ypbind]" string => ".*ypbind.*"; - - "startcommand[yum-updatesd]" string => "/etc/init.d/yum-updatesd start"; - "stopcommand[yum-updatesd]" string => "/etc/init.d/yum-updatesd stop"; - "pattern[yum-updatesd]" string => ".*yum-updatesd.*"; - - debian|ubuntu:: - - "startcommand[atd]" string => "/etc/init.d/atd start"; - "stopcommand[atd]" string => "/etc/init.d/atd stop"; - "pattern[atd]" string => "atd.*"; - - "startcommand[bluetoothd]" string => "/etc/init.d/bluetoothd start"; - "stopcommand[bluetoothd]" string => "/etc/init.d/bluetoothd stop"; - "pattern[bluetoothd]" string => ".*bluetoothd.*"; - - "startcommand[bootlogd]" string => "/etc/init.d/bootlogd start"; - "stopcommand[bootlogd]" string => "/etc/init.d/bootlogd stop"; - "pattern[bootlogd]" string => ".*bootlogd.*"; - - "startcommand[crond]" string => "/etc/init.d/cron start"; - "stopcommand[crond]" string => "/etc/init.d/cron stop"; - "pattern[crond]" string => ".*cron.*"; - - "startcommand[kerneloops]" string => "/etc/init.d/kerneloops start"; - "stopcommand[kerneloops]" string => "/etc/init.d/kerneloops stop"; - "pattern[kerneloops]" string => ".*kerneloops.*"; - - "startcommand[mysql]" string => "/etc/init.d/mysql start"; - "stopcommand[mysql]" string => "/etc/init.d/mysql stop"; - "pattern[mysql]" string => ".*mysqld.*"; - - "startcommand[NetworkManager]" string => "/etc/init.d/network-manager start"; - "stopcommand[NetworkManager]" string => "/etc/init.d/network-manager stop"; - "pattern[NetworkManager]" string => ".*NetworkManager.*"; - - "startcommand[ondemand]" string => "/etc/init.d/ondemand start"; - "stopcommand[ondemand]" string => "/etc/init.d/ondemand stop"; - "pattern[ondemand]" string => ".*ondemand.*"; - - "startcommand[plymouth]" string => "/etc/init.d/plymouthd start"; - "stopcommand[plymouth]" string => "/etc/init.d/plymouthd stop"; - "pattern[plymouth]" string => ".*plymouthd.*"; - - "startcommand[postgresql84]" string => "/etc/init.d/postgresql-8.4 start"; - "stopcommand[postgresql84]" string => "/etc/init.d/postgresql-8.4 stop"; - "pattern[postgresql84]" string => ".*postgresql.*"; - - "startcommand[postgresql91]" string => "/etc/init.d/postgresql-9.1 start"; - "stopcommand[postgresql91]" string => "/etc/init.d/postgresql-9.1 stop"; - "pattern[postgresql91]" string => ".*postgresql.*"; - - "startcommand[saned]" string => "/etc/init.d/saned start"; - "stopcommand[saned]" string => "/etc/init.d/saned stop"; - "pattern[saned]" string => ".*saned.*"; - - "startcommand[udev]" string => "/etc/init.d/udev start"; - "stopcommand[udev]" string => "/etc/init.d/udev stop"; - "pattern[udev]" string => ".*udev.*"; - - "startcommand[udevmonitor]" string => "/etc/init.d/udevmonitor start"; - "stopcommand[udevmonitor]" string => "/etc/init.d/udevmonitor stop"; - "pattern[udevmonitor]" string => ".*udevadm.*monitor.*"; - - "startcommand[www]" string => "/etc/init.d/httpd stop"; - "stopcommand[www]" string => "/etc/init.d/httpd stop"; - "pattern[www]" string => ".*apache2.*"; - - - # METHODS that implement these ............................................ - -classes: - - "start" expression => strcmp("start","$(state)"), - comment => "Check if to start a service"; - "stop" expression => strcmp("stop","$(state)"), - comment => "Check if to stop a service"; - -# Do we want to include the packages here too? - -processes: - - start:: - - "$(pattern[$(service)])" -> { "@(stakeholders[$(service)])" } , - - comment => "Verify that the service appears in the process table", - restart_class => "restart_$(service)"; - - stop:: - - "$(pattern[$(service)])" -> { "@(stakeholders[$(service)])" }, - - comment => "Verify that the service does not appear in the process", - process_stop => "$(stopcommand[$(service)])", - signals => { "term", "kill"}; - - commands: - - "$(startcommand[$(service)])" -> { "@(stakeholders[$(service)])" }, - - comment => "Execute command to restart the $(service) service", - ifvarclass => "restart_$(service)"; -} - - - -@end verbatim - -@node bundle common paths -@section bundle common paths - -@verbatim -bundle common paths -{ - vars: - - # - # Common full pathname of commands for OS - # - aix:: - - "awk" string => "/usr/bin/awk"; - "crontabs" string => "/var/spool/cron/crontabs"; - "df" string => "/usr/bin/df"; - "dig" string => "/usr/bin/dig"; - "egrep" string => "/usr/bin/egrep"; - "grep" string => "/usr/bin/grep"; - "ls" string => "/usr/bin/ls"; - "netstat" string => "/usr/bin/netstat"; - "cksum" string => "/usr/bin/cksum"; - "sort" string => "/usr/bin/sort"; - "find" string => "/usr/bin/find"; - "cat" string => "/bin/cat"; - "sed" string => "/usr/bin/sed"; - "diff" string => "/usr/bin/diff"; - "cut" string => "/usr/bin/cut"; - "printf" string => "/usr/bin/printf"; - "tr" string => "/usr/bin/tr"; - "echo" string => "/usr/bin/echo"; - "bc" string => "/usr/bin/bc"; - "dc" string => "/usr/bin/dc"; - - solaris:: - - "awk" string => "/usr/bin/awk"; - "crontabs" string => "/var/spool/cron/crontabs"; - "df" string => "/usr/bin/df"; - "dig" string => "/usr/sbin/dig"; - "egrep" string => "/usr/bin/egrep"; - "grep" string => "/usr/bin/grep"; - "ls" string => "/usr/bin/ls"; - "netstat" string => "/usr/bin/netstat"; - "cksum" string => "/usr/bin/cksum"; - "sort" string => "/usr/bin/sort"; - "find" string => "/usr/bin/find"; - "cat" string => "/usr/bin/cat"; - "sed" string => "/usr/bin/sed"; - "diff" string => "/usr/bin/diff"; - "cut" string => "/usr/bin/cut"; - "printf" string => "/usr/bin/printf"; - "tr" string => "/usr/bin/tr"; - "echo" string => "/usr/bin/echo"; - "bc" string => "/usr/bin/bc"; - "dc" string => "/usr/bin/dc"; - - # - "svcs" string => "/usr/bin/svcs"; - "svcadm" string => "/usr/sbin/svcadm"; - - redhat:: - - "awk" string => "/bin/awk"; - "crontabs" string => "/var/spool/cron"; - "df" string => "/bin/df"; - "dig" string => "/usr/bin/dig"; - "egrep" string => "/bin/egrep"; - "grep" string => "/bin/grep"; - "ls" string => "/bin/ls"; - "netstat" string => "/bin/netstat"; - "cksum" string => "/usr/bin/cksum"; - "sort" string => "/bin/sort"; - "find" string => "/usr/bin/find"; - "cat" string => "/bin/cat"; - "sed" string => "/bin/sed"; - "diff" string => "/usr/bin/diff"; - "cut" string => "/bin/cut"; - "printf" string => "/usr/bin/printf"; - "tr" string => "/usr/bin/tr"; - "echo" string => "/bin/echo"; - "bc" string => "/usr/bin/bc"; - "dc" string => "/usr/bin/dc"; - - # - "svc" string => "/sbin/service"; - "useradd" string => "/usr/sbin/useradd"; - "groupadd" string => "/usr/sbin/groupadd"; - - all:: - "ping" string => "/usr/bin/ping"; - -} -@end verbatim - -@node bundle edit_line append_groups_starting -@section bundle edit_line append_groups_starting(v) - -@verbatim -bundle edit_line append_groups_starting(v) - - # For adding groups to /etc/group, needs - # an array v[groupname] string => "line..." - -{ -vars: - - "index" slist => getindices("$(v)"); - -classes: - - "add_$(index)" not => groupexists("$(index)"), - comment => "Class created if group does not exist"; - -insert_lines: - - "$($(v)[$(index)])", - - comment => "Append users into a group file format", - ifvarclass => "add_$(index)"; - -} - - -@end verbatim - -@node bundle edit_line append_if_no_line -@section bundle edit_line append_if_no_line(str) - -@verbatim -bundle edit_line append_if_no_line(str) -{ -insert_lines: - - "$(str)" - - comment => "Append a line to the file if it doesn't already exist"; -} - - -@end verbatim - -@node bundle edit_line append_if_no_lines -@section bundle edit_line append_if_no_lines(list) - -@verbatim -bundle edit_line append_if_no_lines(list) -{ -insert_lines: - - "$(list)" - - comment => "Append lines to the file if they don't already exist"; -} - - -@end verbatim - -@node bundle edit_line append_to_line_end -@section bundle edit_line append_to_line_end(start,end) - -@verbatim -bundle edit_line append_to_line_end(start,end) -# -# Lines starting with "$(start)" and not ending with "$(end)" -# will get appended with "$(end)", whitespaces will be left unmodified. -# For example, append_to_line_end("kernel", "vga=791") would replace -# "kernel /boot/vmlinuz root=/dev/sda7" -# with -# "kernel /boot/vmlinuz root=/dev/sda7 resume=/dev/sda9 vga=791" -# -# WARNING: Be careful not to have multiple promises matching the same line, -# which would result in the line growing indefinetively. -{ -field_edits: - - "\s*$(start)\s.*" - comment => "Append lines with $(this.start) and $(this.end)", - edit_field => line("(^|\s)$(start)\s*", "2", "$(end)","append"); -} - - -@end verbatim - -@node bundle edit_line append_user_field -@section bundle edit_line append_user_field(group,field,allusers) - -@verbatim -bundle edit_line append_user_field(group,field,allusers) - - # For adding users to to a file like /etc/group - # at field position "field", comma separated subfields - -{ -vars: - - "val" slist => { @(allusers) }; - -field_edits: - - "$(group):.*" - - comment => "Append users into a password file format", - edit_field => col(":","$(field)","$(val)","alphanum"); -} - - -@end verbatim - -@node bundle edit_line append_users_starting -@section bundle edit_line append_users_starting(v) - -@verbatim -bundle edit_line append_users_starting(v) - - # For adding to /etc/passwd or etc/shadow, needs - # an array v[username] string => "line..." - -{ -vars: - - "index" slist => getindices("$(v)"); - -classes: - - "add_$(index)" not => userexists("$(index)"), - comment => "Class created if user does not exist"; - -insert_lines: - - "$($(v)[$(index)])", - - comment => "Append users into a password file format", - ifvarclass => "add_$(index)"; -} - - -@end verbatim - -@node bundle edit_line comment_lines_containing -@section bundle edit_line comment_lines_containing(regex,comment) - -@verbatim -bundle edit_line comment_lines_containing(regex,comment) - - # Comment lines of a file containing a regex - -{ -replace_patterns: - - "^(.*$(regex).*)$" - - replace_with => comment("$(comment)"), - comment => "Comment out lines in a file"; -} - - -@end verbatim - -@node bundle edit_line comment_lines_matching -@section bundle edit_line comment_lines_matching(regex,comment) - -@verbatim -bundle edit_line comment_lines_matching(regex,comment) - - # Comment lines of a file matching a regex - -{ -replace_patterns: - - "^($(regex))$" - - replace_with => comment("$(comment)"), - comment => "Search and replace string"; -} - - -@end verbatim - -@node bundle edit_line create_solaris_admin_file -@section bundle edit_line create_solaris_admin_file - -@verbatim -bundle edit_line create_solaris_admin_file -{ -insert_lines: - - "mail= -instance=unique -partial=nocheck -runlevel=nocheck -idepend=nocheck -rdepend=nocheck -space=nocheck -setuid=nocheck -conflict=nocheck -action=nocheck -networktimeout=60 -networkretries=3 -authentication=quit -keystore=/var/sadm/security -proxy= -basedir=default", - comment => "Insert contents of Solaris admin file (automatically install packages)"; -} - - -@end verbatim - -@node bundle edit_line delete_lines_matching -@section bundle edit_line delete_lines_matching(regex) - -@verbatim -bundle edit_line delete_lines_matching(regex) -{ -delete_lines: - - "$(regex)" - - comment => "Delete lines matching regular expressions"; -} - - -@end verbatim - -@node bundle edit_line expand_template -@section bundle edit_line expand_template(templatefile) - -@verbatim -bundle edit_line expand_template(templatefile) - - # Read in the named text file and expand $(var) - # inside the file - -{ -insert_lines: - - "$(templatefile)" - - insert_type => "file", - comment => "Expand variables in the template file", - expand_scalars => "true"; -} - -@end verbatim - -@node bundle edit_line insert_file -@section bundle edit_line insert_file(templatefile) - -@verbatim -bundle edit_line insert_file(templatefile) -{ -insert_lines: - - "$(templatefile)" - comment => "Insert the template file into the file being edited", - insert_type => "file"; -} - - -@end verbatim - -@node bundle edit_line insert_lines -@section bundle edit_line insert_lines(lines) - -@verbatim -bundle edit_line insert_lines(lines) -{ -insert_lines: - - "$(lines)" - comment => "Append lines if they don't exist"; -} - - -@end verbatim - -@node bundle edit_line maintain_key_values -@section bundle edit_line maintain_key_values(v,sep) - -@verbatim -bundle edit_line maintain_key_values(v,sep) - - # Contributed by David Lee - # Purpose: Sets the RHS of configuration items with an giving separator - -{ - vars: - "index" slist => getindices("$(v)"); - # Be careful if the index string contains funny chars - "cindex[$(index)]" string => canonify("$(index)"); - # Matching pattern for line (basically key-and-separator) - "keypat[$(index)]" string => "\s*$(index)\s*$(sep)\s*"; - - # Values may contain regexps. Escape them for replace_pattern matching. - "ve[$(index)]" string => escape("$($(v)[$(index)])"); - - classes: - "$(cindex[$(index)])_key_in_file" - comment => "Dynamic Class created if patterns matching", - expression => regline("^$(keypat[$(index)]).*", "$(edit.filename)"); - - replace_patterns: - # For convergence need to use negative lookahead on value: - # "key sep (?!value).*" - "^($(keypat[$(index)]))(?!$(ve[$(index)])).*" - comment => "Replace definition of $(index)", - replace_with => value("$(match.1)$($(v)[$(index)])"); - - insert_lines: - "$(index)$(sep)$($(v)[$(index)])", - comment => "Insert definition of $(index)", - ifvarclass => "!$(cindex[$(index)])_key_in_file"; -} - - -@end verbatim - -@node bundle edit_line manage_variable_values_ini -@section bundle edit_line manage_variable_values_ini(tab, sectionName) - -@verbatim -bundle edit_line manage_variable_values_ini(tab, sectionName) - - # Sets the RHS of configuration items in the file of the form - # LHS=RHS - # If the line is commented out with #, it gets uncommented first. - # Adds a new line if none exists. - # Removes any variable value pairs not defined for the ini section - # The argument is an associative array containing tab[SectionName][LHS]="RHS" - # don't change value when the RHS is dontchange - - # Based on set_variable_values_ini - # Added delete lines section to empty out undefined variable values for INI section - - # CAUTION : for it to work nicely, you should use Cfengine with the commit n°3229 - # otherwise you may risk a segfault - - # - # If you are running 3.2.1 or earlier or more specifically git commit # or - # earlier you can use this to work around the segfault bug. - # vars: - # "$(file)" - # edit_line => append_if_no_line("[#EOF#]"), - # create => "true", - # comment => "Work around bug where eof did not mean end - # of section and thus cannot select a region. This promise - # should be placed before your call to this bundle"; - # "$(file)" - # edit_line => manage_variable_values_ini("context.array", "SectionName"), - # create => "true", - # comment => "Set the variale values only in the specified ini region"; - # - -{ - vars: - "index" slist => getindices("$(tab)[$(sectionName)]"); - - # Be careful if the index string contains funny chars - "cindex[$(index)]" string => canonify("$(index)"); - - classes: - "edit_$(cindex[$(index)])" not => strcmp("$($(tab)[$(sectionName)][$(index)])","dontchange"), - comment => "Create conditions to make changes"; - - field_edits: - - # If the line is there, but commented out, first uncomment it - "#+$(index)\s*=.*" - select_region => INI_section("$(sectionName)"), - edit_field => col("=","1","$(index)","set"), - ifvarclass => "edit_$(cindex[$(index)])"; - - # match a line starting like the key something - "$(index)\s*=.*" - edit_field => col("=","2","$($(tab)[$(sectionName)][$(index)])","set"), - select_region => INI_section("$(sectionName)"), - classes => if_ok("manage_variable_values_ini_not_$(cindex[$(index)])"), - ifvarclass => "edit_$(cindex[$(index)])"; - - delete_lines: - ".*" - select_region => INI_section("$(sectionName)"), - comment => "Remove all entries in the region so there are no extra entries"; - - insert_lines: - "[$(sectionName)]" - location => start, - comment => "Insert lines"; - - "$(index)=$($(tab)[$(sectionName)][$(index)])", - select_region => INI_section("$(sectionName)"), - ifvarclass => "!manage_variable_values_ini_not_$(cindex[$(index)]).edit_$(cindex[$(index)])"; - -} - - -@end verbatim - -@node bundle edit_line replace_line_end -@section bundle edit_line replace_line_end(start,end) - -@verbatim -bundle edit_line replace_line_end(start,end) -# -# Lines starting with "$(start)" will get the ending given in "$(end)", -# whitespaces will be left unmodified. -# For example, replace_line_end("ftp", "2121/tcp") would replace -# "ftp 21/tcp" -# with -# "ftp 2121/tcp" -{ -field_edits: - - "\s*$(start)\s.*" - comment => "Replace lines with $(this.start) and $(this.end)", - edit_field => line("(^|\s)$(start)\s*", "2", "$(end)","set"); -} - - -@end verbatim - -@node bundle edit_line replace_or_add -@section bundle edit_line replace_or_add(pattern,line) - -@verbatim -bundle edit_line replace_or_add(pattern,line) - - # Replace a pattern in a file with a single line. - # If the pattern is not found, add the line to the file. - # The pattern must match the whole line (it is automatically - # anchored to the start and end of the line) to avoid - # ambiguity. - -{ -vars: - "cline" string => canonify("$(line)"); - -replace_patterns: - "^(?!$(line)$)$(pattern)$" - comment => "Replace a pattern here", - replace_with => value("$(line)"), - classes => always("replace_done_$(cline)"); - -insert_lines: - "$(line)" - ifvarclass => "replace_done_$(cline)"; -} - - -@end verbatim - -@node bundle edit_line resolvconf -@section bundle edit_line resolvconf(search,list) - -@verbatim -bundle edit_line resolvconf(search,list) - - # search is the search domains with space - # list is an slist of nameserver addresses - -{ -delete_lines: - - "search.*" comment => "Reset search lines from resolver"; - "nameserver.*" comment => "Reset nameservers in resolver"; - -insert_lines: - - "search $(search)" comment => "Add search domains to resolver"; - "nameserver $(list)" comment => "Add name servers to resolver"; -} - - -@end verbatim - -@node bundle edit_line set_colon_field -@section bundle edit_line set_colon_field(key,field,val) - -@verbatim -bundle edit_line set_colon_field(key,field,val) - - # Set the value of field number "field" of the - # line whose first field is "key", in a colon-separated file. - -{ -field_edits: - - "$(key):.*" - - comment => "Edit a colon-separated file, using the first field as a key", - edit_field => col(":","$(field)","$(val)","set"); -} - - -@end verbatim - -@node bundle edit_line set_config_values -@section bundle edit_line set_config_values(v) - -@verbatim -bundle edit_line set_config_values(v) - - # Sets the RHS of configuration items in the file of the form - # LHS RHS - # If the line is commented out with #, it gets uncommented first. - # Adds a new line if none exists. - # The argument is the fully-qualified name of an associative array containing v[LHS]="rhs" - -{ -vars: - "index" slist => getindices("$(v)"); - - # Be careful if the index string contains funny chars - "cindex[$(index)]" string => canonify("$(index)"); - -replace_patterns: - # If the line is there, maybe commented out, uncomment and replace with - # the correct value - "^\s*($(index)\s+(?!$($(v)[$(index)])$).*|# ?$(index)\s+.*)$" - comment => "Correct the value", - replace_with => value("$(index) $($(v)[$(index)])"), - classes => always("replace_attempted_$(cindex[$(index)])"); - -insert_lines: - "$(index) $($(v)[$(index)])" - ifvarclass => "replace_attempted_$(cindex[$(index)])"; - -} - -@end verbatim - -@node bundle edit_line set_config_values_matching -@section bundle edit_line set_config_values_matching(v,pat) - -@verbatim -bundle edit_line set_config_values_matching(v,pat) - - # Sets the RHS of configuration items in the file of the form - # LHS RHS - # If the line is commented out with #, it gets uncommented first. - # Adds a new line if none exists. - # Only elements of "v" that match the regex "pat" are used - # The argument is the fully-qualified name of an associative array containing v[LHS]="rhs" - -{ -vars: - "allparams" slist => getindices("$(v)"); - "index" slist => grep("$(pat)", "allparams"); - - # Be careful if the index string contains funny chars - "cindex[$(index)]" string => canonify("$(index)"); - -replace_patterns: - # If the line is there, maybe commented out, uncomment and replace with - # the correct value - "^\s*($(index)\s+(?!$($(v)[$(index)])).*|# ?$(index)\s+.*)$" - comment => "Correct the value", - replace_with => value("$(index) $($(v)[$(index)])"), - classes => always("replace_attempted_$(cindex[$(index)])"); - -insert_lines: - "$(index) $($(v)[$(index)])" - ifvarclass => "replace_attempted_$(cindex[$(index)])"; - -} - - -@end verbatim - -@node bundle edit_line set_user_field -@section bundle edit_line set_user_field(user,field,val) - -@verbatim -bundle edit_line set_user_field(user,field,val) - - # Set the value of field number "field" in - # a :-field formatted file like /etc/passwd - -{ -field_edits: - - "$(user):.*" - - comment => "Edit a user attribute in the password file", - edit_field => col(":","$(field)","$(val)","set"); -} - - -@end verbatim - -@node bundle edit_line set_variable_values -@section bundle edit_line set_variable_values(v) - -@verbatim -bundle edit_line set_variable_values(v) - - # Sets the RHS of variables in the file of the form - # LHS = RHS - # Adds a new line if no LHS exists, repairs RHS values if one does exist - # - # To use: - # 1) Define an array, where the keys are the LHS and the values are the RHS - # "stuff[lhs-1]" string => "rhs1"; - # "stuff[lhs-2]" string => "rhs2"; - # 2) The parameter passed to the edit_line promise is the fully qualified - # name of the array (i.e., "bundlename.stuff") WITHOUT any "$" or "@" - -{ -vars: - - "index" slist => getindices("$(v)"); - - # Be careful if the index string contains funny chars - - "cindex[$(index)]" string => canonify("$(index)"); - -field_edits: - - # match a line starting like the key = something - - "\s*$(index)\s*=.*" - - edit_field => col("=","2","$($(v)[$(index)])","set"), - classes => if_ok("$(cindex[$(index)])_in_file"), - comment => "Match a line starting like key = something"; - -insert_lines: - - "$(index)=$($(v)[$(index)])", - - comment => "Insert a variable definition", - ifvarclass => "!$(cindex[$(index)])_in_file"; -} - -@end verbatim - -@node bundle edit_line set_variable_values_ini -@section bundle edit_line set_variable_values_ini(tab, sectionName) - -@verbatim -bundle edit_line set_variable_values_ini(tab, sectionName) - - # Sets the RHS of configuration items in the file of the form - # LHS=RHS - # If the line is commented out with #, it gets uncommented first. - # Adds a new line if none exists. - # The argument is an associative array containing tab[SectionName][LHS]="RHS" - # don't change value when the RHS is dontchange - - # Based on set_variable_values from cfengine_stdlib.cf, modified to - # use section to define were to write, and to handle commented-out lines. - - # CAUTION : for it to work nicely, you should use Cfengine with the commit n°3229 - # otherwise you may risk a segfault - - # - # If you are running 3.2.1 or earlier or more specifically git commit # or - # earlier you can use this to work around the segfault bug. - # vars: - # "$(file)" - # edit_line => append_if_no_line("[#EOF#]"), - # create => "true", - # comment => "Work around bug where eof did not mean end - # of section and thus cannot select a region. This promise - # should be placed before your call to this bundle"; - # "$(file)" - # edit_line => set_variable_values_ini("context.array", "SectionName"), - # create => "true", - # comment => "Set the variale values only in the specified ini region"; - # - -{ - vars: - "index" slist => getindices("$(tab)[$(sectionName)]"); - - # Be careful if the index string contains funny chars - "cindex[$(index)]" string => canonify("$(index)"); - - classes: - "edit_$(cindex[$(index)])" not => strcmp("$($(tab)[$(sectionName)][$(index)])","dontchange"), - comment => "Create conditions to make changes"; - - field_edits: - - # If the line is there, but commented out, first uncomment it - "#+$(index)\s*=.*" - select_region => INI_section("$(sectionName)"), - edit_field => col("=","1","$(index)","set"), - ifvarclass => "edit_$(cindex[$(index)])"; - - # match a line starting like the key something - "$(index)\s*=.*" - edit_field => col("=","2","$($(tab)[$(sectionName)][$(index)])","set"), - select_region => INI_section("$(sectionName)"), - classes => if_ok("set_variable_values_ini_not_$(cindex[$(index)])"), - ifvarclass => "edit_$(cindex[$(index)])"; - - insert_lines: - "[$(sectionName)]" - location => start, - comment => "Insert lines"; - - "$(index)=$($(tab)[$(sectionName)][$(index)])", - select_region => INI_section("$(sectionName)"), - ifvarclass => "!set_variable_values_ini_not_$(cindex[$(index)]).edit_$(cindex[$(index)])"; - -} - - -@end verbatim - -@node bundle edit_line uncomment_lines_containing -@section bundle edit_line uncomment_lines_containing(regex,comment) - -@verbatim -bundle edit_line uncomment_lines_containing(regex,comment) - - # Uncomment lines of a file where the regex matches - # the text after the comment string - -{ -replace_patterns: - - "^$(comment)\s?(.*$(regex).*)$" - - replace_with => uncomment, - comment => "Uncomment a line containing a fragment"; -} - - -@end verbatim - -@node bundle edit_line uncomment_lines_matching -@section bundle edit_line uncomment_lines_matching(regex,comment) - -@verbatim -bundle edit_line uncomment_lines_matching(regex,comment) - - # Uncomment lines of a file where the regex matches - # the text after the comment string - -{ -replace_patterns: - - "^$(comment)\s?($(regex))$" - - replace_with => uncomment, - comment => "Uncomment lines matching a regular expression"; -} - - -@end verbatim - -@node bundle edit_line warn_lines_matching -@section bundle edit_line warn_lines_matching(regex) - -@verbatim -bundle edit_line warn_lines_matching(regex) -{ -delete_lines: - - "$(regex)" - - comment => "Warn about lines in a file", - action => warn_only; -} - - -@end verbatim - - - -@ifhtml -@html - -@end html -@end ifhtml - -@ifhtml -@contents -@end ifhtml - - -@bye - diff --git a/docs/guides/Editormenu.png b/docs/guides/Editormenu.png deleted file mode 100644 index 3238a92ab0..0000000000 Binary files a/docs/guides/Editormenu.png and /dev/null differ diff --git a/docs/guides/GetStarted.texinfo b/docs/guides/GetStarted.texinfo deleted file mode 100644 index 88361c062f..0000000000 --- a/docs/guides/GetStarted.texinfo +++ /dev/null @@ -1,501 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename getstarted.info -@settitle Get started with CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Get started with CFEngine -@subtitle A CFEngine Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -This short guide explains how to install the software from binary packages and get it running. This procedure is the same for both CFE Community and CFE Nova since the launch CFE Community version 3.2 and CFE Nova version 2.1. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@menu -@end menu - -@node -@top CFEngine-Tutorial -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node -@chapter Getting Started with CFEngine - -@node -@section What does getting started entail? - -@sp 1 - -@i{Choosing your hub. -Assumptions about your operating system (working package manager) -Start with no initial CFEngine policies.} - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node -@section Installing CFEngine - - -@menu -* Installing the software:: -* Upgrading:: -* What is the default configuration - out of the box:: -@end menu - -CFEngine is designed to be simple to install in its default configuration. The installation -process has three phases: - -@itemize -@item Unpacking the software. -@item Obtaining a license (only for commercial editions). -@item Adapting policy. -@end itemize - -@node -@section Installing the software on a new host -@c @node Installing from software binaries, Upgrading, Installing CFEngine, Installing CFEngine -@c @section Installing the software on a new host - -You should start from a blank system. If you wish to install CFE Nova and you have -already developed a policy using CFE Community, set aside this policy during the installation process. You will be able -to integrate it back later. - -In the following, @file{} represents either @file{community} or @file{nova}, depending on whether you are installing CFE Community or CFE Nova. - -CFEngine is provided in two packages, @file{cfengine-} and @file{cfengine--expansion}. The main software package -(for each operating system) must be installed on every host. The second package (expansion) is only installed on -the @i{hub} or @i{policy server}. @b{You should install and set up the hub first}. - -The @file{cfengine-} package may be installed on a wide range of supported operating systems, including -Linux, Solaris, Windows, etc. The @file{cfengine--expansion} -package currently only supports the following Linux operating systems: -@example -Debian -Ubuntu -Red Hat -SuSE -@end example -@noindent This means you must have one Linux computer running as your hub. -No special software is required on other machines in your -network. CFEngine bundles all dependencies in the binary package. - -On a new host, installation follows the following procedure. References to package managers -assume that additional packages might need to be installed on the policy server, e.g. the Apache -Web Server, MySQL database, etc. Remember, root privilege is required for the installation. - -@enumerate -@item Verify that the machine's network connection is working and that it can resolve -names. On the hub, verify that package managers @code{yum}, -@code{zypper} or @code{apt-get} are working (for example by typing @code(apt-get update)). They will be used to -install a web, database and php server (if not already -installed). If you are not able to set up a package manager and -repository on the hub, please look in the Frequently Asked Questions -below for manual installation. - -@item Copy the binary packages to the system. On the hub or policy server: - -@noindent CFE Community -@example -cfengine-community-3.@var{xxx.[rpm|deb]} -cfengine-community-expansion-3.@var{xxx.[rpm|deb]} -@end example - -@noindent CFE Nova -@example -cfengine-nova-2.@var{xxx.[rpm|deb]} -cfengine-nova-expansion-2.@var{xxx.[rpm|deb]} -@end example - -@sp 1 - -@noindent On all other machines: - -@noindent CFE Community -@example -cfengine-community-3.@var{xxx.[rpm|deb]} -@end example -@noindent CFE Nova -@example -cfengine-nova-2.@var{xxx.[rpm|deb]} -@end example - -@item Unpack the software: -@table @i -@item Red Hat family -@example -host# rpm -ihv @var{packages} -@end example - -@item SUSE family -@example -host# rpm -ihv @var{packages} -@end example - -@item Debian family -@example -host# dpkg --install @var{packages} -@end example - -@end table - -@item On the hub, a public key has now been created in @file{/var/cfengine/ppkeys/localhost.pub} as part of the -package installation. Users of CFE Community may skip to the next step. CFE Nova users: you should send this public key to CFEngine Support as an attachment in the ticket system (@url{https://cfengine.com/otrs/customer.pl}), -to obtain a license file @file{license.dat}. *** Save the returned license file to @file{/var/cfengine/masterfiles/license.dat} -on the hub @b{before continuing} ***. See more details for the software licensing here; -@url{https://cfengine.com/software/Licensing.pdf} - -@item The remaining steps apply to all hosts, but you should @b{install the hub or policy server first}. -Find the hostname or IP address of the hub (policy server), here we assume @samp{123.456.789.123} is the address. -@verbatim - hub # /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end verbatim -Use the same command on all hosts, i.e. *** do not bootstrap the policy server with a localhost address *** -If you mistype the address of the hub, we recommend doing the following steps to re-boostrap. -@verbatim - hub # /var/cfengine/bin/cf-agent --bootstrap 123.456.789.124 - hub # killall cf-execd cf-serverd cf-monoitord cf-hub - hub # rm -rf /var/cfengine/inputs/* - hub # rm -f /var/cfengine/policy_server.dat - hub # /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end verbatim - -@item The software should now be running. - -@end enumerate - -@noindent @b{How to assess success in this procedure (CFE Community and CFE Nova):} - -@enumerate - -@item Look at the process list on the systems with @samp{ps waux | grep cf}. -You should be able to see @code{cf-execd} running, and eventually other processes from -the CFEngine suite like @code{cf-monitord} @code{cf-serverd}. For CFE Nova, you should -also eventually see @code{cf-hub} running on the hub. Note that it may take 5--10 minutes before all the -processes get started. - -@item Look for files in @file{/var/cfengine/inputs} (Unix) -or @file{C:\Program Files\Cfengine\inputs} (Windows). For CFE Nova users the license -file will be copied out from the policy server to the clients as part -of the normal distribution of policy. Each Unix machine should get a -copy of the @file{license.dat} file in @file{/var/cfengine/inputs} -(Unix) or @file{C:\Program Files\Cfengine\inputs} (Windows). -@end enumerate - -@noindent @b{How to assess success in this procedure (CFE Nova only):} - -@enumerate 3 -@item On the hub, the file @file{/var/cfengine/promise_knowledge.cf} should have been -created, and should contain data. - -@item Finally, try to connect to the web server at port 80 on the hub / policy host. -You should see a summary page like the one shown in the figure -below. There should be at least 1 host registered, since the hub will -pull reports from itself also. -@end enumerate - -@sp 1 -@center @image{summary,15cm,,The front page} -@center The opening page of the CFEngine Nova Mission Portal. -@sp 1 - - -@node -@section What is the default configuration? - -Following the above procedure, you should have a fully functional -CFEngine on all clients. However, in the default configuration, -CFEngine does nothing other than looking after itself, and looking for -possible policy updates from @file{/var/cfengine/masterfiles} -on the policy server. On CFE Nova, the policy server is configured to collect data -from non-policy server machines and generate reports that are -integrated into the knowledge base. - -To alter policies, you need to change the files on the policy hub, -in the directory @file{/var/cfengine/masterfiles}. To begin with -most of the policy examples are commented out in these files: -@sp 1 -@cartouche -@smallexample -cdp_inputs/ cfengine.cf failsafe.cf knowledge.cf @b{promises.cf} update.cf -cdp_lib/ cfengine_stdlib.cf file_change.cf OrionCloud/ -@end smallexample -@end cartouche -@sp 1 -To change this, you can go to the main file @file{promises.cf}, and include additional -pre-made bundles of promises. You should always verify the contents of the bundles -you include before activating and deploying to new machines. - -@i{Remark: this section will and below have to be modified according to what is included in the PolicyBase. Will the update procedure also be included in Community 3.2?} - - -@cartouche -@verbatim -bundle agent main -{ -methods: - - any:: - - "general" usebundle => def; - -# "jobs" usebundle => system_scheduling; -# "security" usebundle => change_management; -# "security" usebundle => security_files; -# "windows boxes" usebundle => active_directory; - -# windows:: -# "windows boxes" usebundle => software_local; -# "windows boxes" usebundle => app_baseline; -# "windows boxes" usebundle => win_services; -# "windows boxes" usebundle => win_registry; -# "windows boxes" usebundle => win_emergency; - -# !windows:: -# "security" usebundle => system_xinetd; -# "maintenance" usebundle => garbage_collection; -} -@end verbatim -@end cartouche - -@node -@section Frequently Asked Questions - -@node -@subsection How do I install the prerequisites for the hub manually? - -Here is a list of dependencies for the hub to be checked if The Mission Portal displays -nothing; -@itemize -@item Red Hat/CentOS/Fedora -@example -httpd, mysql, mysql-server, php, php-bcmath, subversion -@end example -@item SUSE -@example -apache2, apache2-mod_php5, apache2-prefork, mysql, php5, subversion -@end example -@item Debian/Ubuntu -@example -apache2, mysql-server, php5 -@end example -@end itemize - -To install all of these, you might want to use @code{yum} on Red Hat/CentOS/Fedora, -@code{zypper} on SUSE or @code{apt} on Debian/Ubuntu. - -@subsection Why do I get a promise failed with the message @code{Can't stat -/var/cfengine/master_software_updates/SOME-OS} on some hosts? - -There is a built-in promise to automatically upgrade the Nova -binaries. By default, the clients will check for an update package -every time Nova runs. So if the clients find that there is no source -directory to download the files from, the message will be displayed. - -To fix the problem, simply create an empty directory mentioned in the -message on the hub. -@verbatim - hub # mkdir /var/cfengine/master_software_updates/SOME-OS -@end verbatim - - -@subsection I did bootstrap the hub @emph{before} obtaining a license file, what should I do? - -Four steps need to be followed to correct this minor issue. -@enumerate -@item obtain a working license file and copy it to @file{/var/cfengine/masterfiles} -@verbatim - hub # cp /tmp/license.dat /var/cfengine/masterfiles -@end verbatim -@item killall Nova running processes -@verbatim - hub # killall cf-execd cf-serverd cf-monitord cf-hub -@end verbatim -@item wipe out @file{/var/cfengine/inputs } -@verbatim - hub # rm -rf /var/cfengine/inputs -@end verbatim -@item bootstrap the policy hub -@verbatim - hub # /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end verbatim -@end enumerate - - -@subsection On my hub, I get messages of connection failures to a database. For example, in @code{messages}, I can see something like @code{!! Could not open connection to report database for saving}. What should I do? - -This message comes from the @code{cf-hub} process. It is responsible -for pulling reports from hosts that have contacted the hub to get -policy updates. When these reports are fetched, they are stored in a -local MongoDB database on the hub, and connecting to this database is -what is failing. - -Probably, the issue is that the database server is not running on your -hub. Run the @code{ps}-command to check this. -@verbatim - hub # ps -e | grep mongod - hub # -@end verbatim - -If the @code{mongod} process @emph{is} running, it must be -misconfigured or in some bad state. Please look at the newest entry in -@file{/var/log/mongod.log} to diagnose the problem, and contact -CFEngine Technical Support if necessary. - -If the @code{mongod} process @emph{is not} running, please follow the -steps below. -@itemize -@item Run - hub # @code{/var/cfengine/bin/cf-twin -Kvf failsafe.cf > /tmp/cfout} -@item Check again if the @code{mongod} is running, if so, the problem -is probably fixed now. -@item If @code{mongod} is still not running, please search the output -file for lines starting as follows. - -@verbatim -... -nova> -> Making a one-time restart promise for mongod -... -... -nova> -> Executing '/var/cfengine/bin/mongod.... -nova> -> Backgrounding job /var/cfengine/bin/mongod... -nova> -> Completed execution of /var/cfengine/bin/mongod... -... -@end verbatim - -If you don't see the first line above, Nova does not try to start -@code{mongod} --- so check if you bootstrapped your hub correctly. If -you see all lines, Nova starts @code{mongod}, but the process just -terminates immideatley after. If so, continue to the next step. - -@item Look at the newest entry in @file{/var/log/mongod.log}. It -should give you more details of why the @code{mongod} process refuses -to start. The two most common scenarios are described next. - -@item If @code{mongod} has been terminated unexpectedly, it might have -left a lock-file behind that stops it from starting again. Try -deleteting @file{/var/cfengine/state/mongod.lock} if it exists. - -@item If the database is corrupted, you can have @file{mongod} create a new one my moving -@file{/var/cfengine/state/cf-report.*} out of the way. There are also -tools and documentation for repairing a database at -@url{http://www.mongodb.org/}. - -Note that almost all of the @code{cfreport} database is completely -recreated with data collected from clients every six hours, so -deleting it is normally acceptable. But CFEngine AS or CFEngine Inc -can not be held responsible for data loss in this respect. - - -@end itemize - -@subsection How do I upgrade from community version to Nova? - -There is no shortcut for this task. We urge you to set aside your -current community policy while you install Nova, setup the Nova hub by -following this/Nova supplement document, and then integrate your existing -policy to the hub manually, in small testable steps. - -CFEngine Nova is compatible with the Community Edition of CFEngine 3, but -some process files are now managed by CFEngine for user convenience. - -@subsection Let's say I'd like to deploy Nova on my Debian/Ubuntu network. Describe this step by step? - -Here we go: - -@b{Debian/Ubuntu Installation Example:} -@itemize -@item @b{Hub(policy-server)} -@enumerate -@item Verify that the package manager is working (eg. @code{apt-get update}) -@item Download the Nova and Nova Supplement package -@item Unpack the software: -@verbatim - hub # dpkg --install cfengine-nova_2.0.1-1_x86_64.deb - hub # dpkg --install cfengine-nova-expansion_2.0.1-1_x86_64.deb -@end verbatim -@item Send the file: @code{"/var/cfengine/ppkeys/localhost.pub"} to Cfengine Support (OTRS ticket system) -@item You will receive a license file: @code{license.dat} -@item Copy the license file to: @code{"/var/cfengine/masterfiles/license.dat"} -@item Bootstrap the hub: -@verbatim - hub # /var/cfengine/bin/cf-agent --bootstrap - *** Warning: do not use 127.0.0.1 as the ip address *** -@end verbatim -@end enumerate -@item @b{Clients} -@enumerate -@item Verify that the package manager is working (eg. @code{apt-get update}) -@item Download the Nova package -@item Unpack the software: -@verbatim - hub # dpkg --install cfengine-nova_2.0.1-1_x86_64.deb -@end verbatim -@item Bootstrap the Client to the hub: -@verbatim - client # /var/cfengine/bin/cf-agent --bootstrap -@end verbatim -@end enumerate -@end itemize - -To check if the installation went as expected, see @code{"How to assess success in this procedure"} section in the Nova_Supplement Guide. - -@bye diff --git a/docs/guides/Makefile.am b/docs/guides/Makefile.am deleted file mode 100644 index 647b0eb980..0000000000 --- a/docs/guides/Makefile.am +++ /dev/null @@ -1,138 +0,0 @@ -TEX_INCLUDEDIR = ../tex-include - -# Syntax errors: -# SpecialTopic_Vision -# SpecialTopic_Comparison -# OrionCloudPack - -COMMON_GUIDES = \ - SpecialTopic_Adoption \ - SpecialTopic_Agility \ - SpecialTopic_ApplMgt \ - SpecialTopic_BDMA \ - SpecialTopic_Cloud \ - SpecialTopic_Change \ - SpecialTopic_ContentDrivenPolicies \ - SpecialTopic_DevOps \ - SpecialTopic_DistributedScheduling \ - SpecialTopic_Editing \ - SpecialTopic_Federation \ - SpecialTopic_FIPS \ - SpecialTopic_Hierarchy \ - SpecialTopic_ITIL \ - SpecialTopic_Iteration \ - SpecialTopic_Knowledge \ - SpecialTopic_MenuDrivenConfig \ - SpecialTopic_MissionCritical \ - SpecialTopic_Modules \ - SpecialTopic_Monitoring \ - SpecialTopic_OpenNebula \ - SpecialTopic_Packages \ - SpecialTopic_RBAC \ - SpecialTopic_Reporting \ - SpecialTopic_Rollback \ - SpecialTopic_Scalability \ - SpecialTopic_Scan \ - SpecialTopic_Schedule \ - SpecialTopic_Security \ - SpecialTopic_Teamwork \ - SpecialTopic_Virtualization \ - SpecialTopic_Windows \ - cf3-bestpractice \ - cf3-conceptguide \ - cf3-glossary \ - cf3-quickstart \ - cf3-solutions \ - cf3-tutorial \ - cf3-upgrade \ - cf_Quickref3 \ - CfengineStdLibrary - -HTML_ONLY_GUIDES = - -PDF_ONLY_GUIDES = - -if HAVE_NOVA --include ../../nova/docs/Makefile.am -endif - -HTML_GUIDES = $(COMMON_GUIDES) $(HTML_ONLY_GUIDES) - -PDF_GUIDES = $(COMMON_GUIDES) $(PDF_ONLY_GUIDES) - -.PRECIOUS: ../tools/build-solutions-guide - -../tools/build-solutions-guide: - $(MAKE) -C ../tools $(AM_MAKEFLAGS) build-solutions-guide - -../tools/build-stdlib: - $(MAKE) -C ../tools $(AM_MAKEFLAGS) build-stdlib - -cf3-solutions.texinfo: cf3-solutions.texinfo.in ../tools/build-solutions-guide - $(AM_V_GEN)../tools/build-solutions-guide $(top_srcdir)/examples < $< > $@ || (rm -f $@; false) - -CfengineStdLibrary.texinfo: ../../masterfiles/libraries/cfengine_stdlib.cf ../tools/build-stdlib - $(AM_V_GEN)../tools/build-stdlib $(srcdir)/../../masterfiles/libraries/cfengine_stdlib.cf || (rm -f $@; false) - -%.html: %.texinfo - $(AM_V_GEN)$(MAKEINFO) \ - $^ -o $@ \ - -I $(TEX_INCLUDEDIR) \ - --error-limit=0 \ - --html \ - --no-split \ - --no-validate \ - --css-include=cfcomdoc.css - -TEXI2PDFFLAGS = -I $(TEX_INCLUDEDIR) --batch $(if $(filter-out 0,$(V)),,--quiet) - -%.pdf: %.texinfo - $(AM_V_GEN)$(srcdir)/../tools/texi2pdfclean $< $(TEXI2PDF) -o $@ $(TEXI2PDFFLAGS) - - -if HTML_DOCS -html: $(patsubst %,%.html,$(HTML_GUIDES)) -endif - -if PDF_DOCS -pdf: $(patsubst %,%.pdf,$(PDF_GUIDES)) -endif - -GUIDEDIR=$(DESTDIR)/$(projdocdir)/guides - -dist-guide-%: % - $(INSTALL_DATA) $^ $(distdir) - if test -n "`$(srcdir)/../tools/extract-images $^ | sort | uniq`"; then \ - $(INSTALL_DATA) `$(srcdir)/../tools/extract-images $^ | sort | uniq` $(distdir); \ - fi - -dist-common: $(patsubst %,dist-guide-%.texinfo,$(COMMON_GUIDES)) - -if HTML_DOCS -install-html: html - $(MKDIR_P) $(GUIDEDIR)/html - $(INSTALL_DATA) $(patsubst %,%.html,$(HTML_GUIDES)) $(GUIDEDIR)/html - $(INSTALL_DATA) `$(srcdir)/../tools/extract-images $(patsubst %,%.texinfo,$(HTML_GUIDES)) | sort | uniq` $(GUIDEDIR)/html -endif - -dist-html-only: - -if PDF_DOCS -install-pdf: pdf - $(MKDIR_P) $(GUIDEDIR)/pdf - $(INSTALL_DATA) $(patsubst %,%.pdf,$(PDF_GUIDES)) $(GUIDEDIR)/pdf -endif - -if PDF_DOCS -dist-pdf-only: $(patsubst %,dist-guide-%.texinfo,$(PDF_ONLY_GUIDES)) -else -dist-pdf-only: -endif - -all: pdf html -install-data-hook: install-pdf install-html -dist-hook: dist-pdf-only dist-html-only dist-common - -EXTRA_DIST = cf3-solutions.texinfo.in CFEngineFrontPage.pdf NewLogo.pdf cfcomdoc.css - -CLEANFILES = cf3-solutions.texinfo $(patsubst %,%.pdf,$(PDF_GUIDES)) $(patsubst %,%.html,$(HTML_GUIDES)) diff --git a/docs/guides/MissionPlan.png b/docs/guides/MissionPlan.png deleted file mode 100644 index 37cea471d6..0000000000 Binary files a/docs/guides/MissionPlan.png and /dev/null differ diff --git a/docs/guides/NewLogo.pdf b/docs/guides/NewLogo.pdf deleted file mode 100644 index cb51106b1d..0000000000 Binary files a/docs/guides/NewLogo.pdf and /dev/null differ diff --git a/docs/guides/ONarchitecture.png b/docs/guides/ONarchitecture.png deleted file mode 100644 index 249dd34da4..0000000000 Binary files a/docs/guides/ONarchitecture.png and /dev/null differ diff --git a/docs/guides/Orion.png b/docs/guides/Orion.png deleted file mode 100644 index 314dcebb05..0000000000 Binary files a/docs/guides/Orion.png and /dev/null differ diff --git a/docs/guides/OrionCloudPack.texinfo b/docs/guides/OrionCloudPack.texinfo deleted file mode 100644 index a2bf653a78..0000000000 --- a/docs/guides/OrionCloudPack.texinfo +++ /dev/null @@ -1,632 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename orion-cloud.info -@settitle The Cfengine Orion Cloud Pack -@setchapternewpage odd -@c %** end of header - -@titlepage -@title The Cfengine Orion Cloud Pack - EC2 -@subtitle A Cfengine Handbook -@author Cfengine AS - - -@page - -@cartouche -@quotation -Get the Cloud under Orion's belt with the Cfengine Orion Cloud Pack. - -This document describes the Three Steps you need to bring reliability -and efficiency to Managed Services running out of the Amazon Cloud. -Set up and tear down machines as you like, and bring instant -configuration and compliance, with self-healing to your business. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010- Cfengine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@menu -* Introduction to Orion:: -* Some background on EC2:: -* Prerequisites for setting up Orion:: -* Three steps to the cloud:: -* How do I know that CFEngine is maintaining the system?:: -* Benefits for users running CFEngine Nova:: -* The Cloud Pack Nursury:: -* Orion Support:: -* Orion License:: -* Cultural References to Orion and Cloud:: -@end menu - -@node Top -@top CFEngine-Tutorial -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node Introduction to Orion -@unnumberedsec Introduction to the CFEngine Orion Cloud Pack - -@sp 1 - -Welcome to the CFEngine Orion Cloud Pack. This version of the package -has been designed to work specificallgy with the @i{Amazon Elastic -Compute Cloud}. It allows you to configure a cloud computer or -`platform instance' to run common services in a reproducible and -maintainable way and without human intervention. - -@sp 1 -@cartouche -The CFEngine Cloud Pack is not a tool for performing elastic scaling -of services on demand, rather it is a simple repeatable process for -speeding up system installation with automatic self-healing, for a -consistent and compliant outcome. -@end cartouche -@sp 1 - -CFEngine is uniquely suited to work in the Cloud because it is capable -of install systems and maintaining and repairing them with hands-free -capabilities that cannot be matched by other software. -The CFEngine Orion Cloud Pack may also be used on any other non-Cloud systems -that run the base operating-systems discussed here. - -You can thus -test and learn about CFEngine using disposable Cloud `instances' and -then use your experience on more permanent hardware elsewhere, if you -wish. Or, you can simply use the CFEngine Orion Cloud Pack to bring up -cloud services and configure them to a desired state on demand. - -@node Some background on EC2 -@unnumberedsec Some background on EC2 - -If you are familiar with Amazon Amazon Elastic Compute Cloud (EC2), -you will find the instructions here straightforward. You can -choose between these alternative paths: -@itemize -@item Do It Yourself: launch your own Amazon Machine Image and install CFEngine -on your own, then install the Orion Cloud Pack software and continue. If you choose -this option, your CFEngine policies are only examples and are unsupported. - -@item With our Help: use one of our publicly available images, located -in the Amazon storage area, which has CFEngine Community Edition -pre-installed for your convenience, then follow the Orion Cloud Pack -installation procedure to continue. You will then have access to 30 -days of E-mail support from CFEngine, with a maximum of 5 enquires. -@end itemize - -@sp 1 - -@cartouche -An Amazon Machine Image or AMI is a pre-configured server designed to -be launched and available on demand. Each AMI template has a unique -number of the form @code{ami-XXXXX}. Advanced users may also create -their own images customized with applications, data and configuration -settings as desired. The AMIs are the @i{baseline} or starting point -for Cloud Computing. -@end cartouche - -@page - -@node Prerequisites for setting up Orion -@unnumberedsec Prerequisites for setting up Orion -@sp 1 - -To get started in the Cloud, you will need an Amazon Web services -account and some familiarity with either the web interface or command -line tools@footnote{This booklet is not meant as an introduction to using the -Amazon EC2. See the Appendices for references to Cloud Resources.}. - -@sp 1 -@cartouche -You should know something about configuration of -@i{security groups}. For a start-to-finish guide to launching an AMI -and setting up the CFEngine Orion Cloud Pack see Appendix A. -@end cartouche - -@sp 1 -@noindent We have published the following AMIs on EC2 storage for your convenience: - -@sp 1 -@multitable @columnfractions .33 .33 .33 -@item @tab us-east @tab us-west -@item Ubuntu Server 9.10 32 @tab ami-XXXXXX @tab ami-XXXXXX -@item Ubuntu Server 9.10 64 @tab ami-XXXXXX @tab ami-XXXXXX -@item Centos 5.4 32 @tab ami-XXXXXX @tab ami-XXXXXX -@item Centos 5.4 64 @tab ami-XXXXXX @tab ami-XXXXXX -@end multitable - -@sp 1 -@noindent You should subscribe to one or more of these. The following -sections assume that you have already acquired such an instance. - -@node Three steps to the cloud -@unnumberedsec Three steps to the cloud - -To use the CFEngine Orion Cloud Pack, there are just three steps: -@sp 1 -@enumerate -@item @b{UNPACK}: Copy the CFEngine Orion Cloud Pack to your EC2 instance -and unpack the files in @file{/var/cfengine/masterfiles}. - -@item @b{CUSTOMIZE}: Edit the policy promise examples for your purposes. -In particular, look at the master file @file{promises.cf}, comment out -or uncomment the promises you want. The default promises construct a -PHP enabled webserver. You should also place the IP address of the policy -server in the @file{policy_server.dat} file, like this: -@example -echo "@var{IP-address}" > /var/cfengine/policy_server.dat -@end example -This tells CFEngine where to look for the cloud pack. If you are -running on a single test machine, you can make this localhost -(127.0.0.1); if you are running several machines, make it the first -machine where you installed the cloud-pack. - -Fill in the @code{policy_server} variable with the appropriate IP -address in @file{update.cf} and @file{promises.cf}. This guide assumes -that the single instance your hvae created will be its own policy -server. However when setting up multiple instances one or more may be -‘promoted' to be policy servers. - -@item @b{ACTIVATE}: Run @code{cf-agent -f /var/cfengine/masterfiles/failsafe.cf'} -to start CFEngine management. -@end enumerate - -@sp 1 -You now have a running `instance', with services configured and -maintained by CFEngine. - -@node How do I know that CFEngine is maintaining the system? -@unnumberedsec How do I know that CFEngine is maintaining the system? - -Execute @samp{ps aux | grep cf-} to see cf-agent, cf-serverd and -cf-execd in the process table. To test self repair try stopping the -web server. - -@page - - - -@node Benefits for users running CFEngine Nova -@unnumberedsec Additional benefits for users running CFEngine Nova - -@sp 1 - -If you have access to a commercial edition of the CFEngine -software, such as CFEngine Nova, you will have a number of immediate -benefits to simplify Cloud Management. - -@itemize -@item @b{Knowledge and monitoring} - -Without any further configuration or third party software, you can -monitor your cloud instances with CFEngine Nova's reporting features. -You can add special logging and see performance trend analysis, -integrated into your Nova Knowledge Map. - -@sp1 -@center{@image{monitor,10cm,,Monitorng,png}} - -@item @b{Compliance reporting} - -Not only will -you see the automatically integrated policy documentation but you will -be able to trace the behaviour and utilization of your systems over -the lifetime of the virtual instance. - -@item @b{Set up databases using @code{database} promsises} - -Most users working in the cloud are running some kind of Model View Controller -web framework in which a database (like MySQL or PostgreSQL) features -importantly. With CFEngine Nova, you can also manage the creation of -databases for the setting up the data services and applications -inside PHP, Java and other frameworks. - -@end itemize - - - -@page -@node The Cloud Pack Nursury -@unnumberedsec The Cloud Pack Contents - - -The files in the Cloud Pack fall into 3 categories: essential set up -files for getting CFEngine running, examples of pro-active maintenance -and examples of basic machine installation and setup. -@sp 1 -@multitable @columnfractions .35 .65 -@item @b{Essential Files} @tab @b{Description} -@item @file{promises.cf} @tab Main configuration file. -@item @file{update.cf} @tab Update configuration. -@item @file{failsafe.cf} @tab Falisafe configuration. -@item @file{cfengine_stdlib.cf} @tab CFEngine standard library. -@end multitable - -@sp 1 - -@multitable @columnfractions .35 .65 -@item @b{Maintenance examples} @tab @b{Description} -@item @file{change_mgt.cf} @tab Implement security tripwire on files/directories. -@item @file{ensure_ownership.cf} @tab Home directory ownership and permission maintenance. -@item @file{fix_broken_software.cf} @tab Package installation and permission correction. -@item @file{garbage_collection.cf} @tab Log rotation and removal. -@item @file{harden_xinetd.cf} @tab Disable xinetd services specified. -@item @file{iptables.cf} @tab Secure system with sysctl.conf and iptables. -@item @file{name_resolution.cf} @tab Edit /etc/resolv.conf to the specified DNS servers -@end multitable - -@sp 1 - -@multitable @columnfractions .35 .65 -@item @b{System setup examples} @tab @b{Description} -@item @file{c_cpp_env.cf} @tab Set up C programming environment. -@item @file{db_mysql.cf} @tab Install and run MySQL -@item @file{db_postgresql.cf} @tab Install and run PostgreSQL -@item @file{db_sqllite.cf} @tab Install and run SQLlite -@item @file{jboss_server.cf} @tab Prepare JAVA environment and run JBOSS. -@item @file{nagios.cf} @tab Setup NAGIOS monitoring node. -@item @file{nginx_perlcgi.cf} @tab Setup NGINX webserver perlCGI. -@item @file{nginx_phpcgi.cf} @tab Setup NGINX webserver phpCGI. -@item @file{ntp.cf} @tab Setup NTP server and clients. -@item @file{perl_env.cf} @tab PERL programming language install. -@item @file{php_webserver.cf} @tab Setup a PHP webserver. -@item @file{python_env.cf} @tab PYTHON programming install. -@item @file{ruby_env.cf} @tab Setup ruby on rails environment. -@item @file{sshd_conf.cf} @tab Ensure sshd config is correct. -@item @file{tomcat_server.cf} @tab Setup a tomcat server. -@item @file{varnish.cf} @tab Set up Varnish web accelerator -@end multitable - - -@page -@node Orion Support -@unnumberedsec Orion Support - -@sp 1 -Your CFEngine Orion Cloud Pack comes with 30 days of email support to -help you get started (@code{cloudsupport@@cfengine.com}). Support -applies to the single individual who is recorded as the purchaser of -the software, unless otherwise agreed with CFEngine. - -On receipt of a query, our engineers will respond -withing 48 hours on business days for a maximum period of 30 days from -the date of purchase of the Orion Cloud Pack. Existing users of -CFEngine Nova will receive support transparently under their existing -support arrangements. - -Support queries may cover issues connected with the use of CFEngine -Orion Cloud Pack, but not with the use of your Cloud provider. Support -does not include the development of new solutions or other consulting. -Users are free to seek Professional Services from CFEngine for such -matters. - -@node Orion License -@unnumberedsec Orion License - -The CFEngine Orion Cloud Pack is not Free or Open Source Software. -It is provided under a perpetual license as part of the -CFEngine Cloud Pack (hereby called The Software). The Software may be -used within a single Internet Domain. If no Internet Domain is -registered, it may be used within a single legal organization -possessing a maximum of 1024 computers, or by a single individual with -up to 250 computers. Multiple licenses may be purchased, as needed. - -The Licensee may modify, adapt and create derivative works based upon -the Software, for use within its organisation and for sharing between -other consecutive licensees. However, the Licensee shall not -reproduce, distribute, resell, rent, lease or disclose the Software in -any manner or form to any other third party not holding a license for -the Software. - -The Licensee may not transfer any of its rights under this agreement -without the prior and express written consent of CFEngine. - -CFEngine does not transfer any copyrights or other intellectual -property rights relating to the Software to the Licensee. Such rights -are protected by intellectual property legislation in the United -States, Europe and other jurisdictions and by international treaty -provisions. CFEngine and its suppliers retain all rights in the -Software that are not expressly granted to the Licensee through this -license. - -The Licensee is not allowed to remove, alter or destroy any proprietary, -trademark or copyright markings or notices placed upon or contained -within the Software. - -To the maximum extent permitted by law, CFEngine disclaims any -warranty for the Software. The Software, any services and any related -documentation are provided on an "as is" basis without warranty of any -kind, whether express or implied, including, but not limited to, -implied warranties of merchantability, fitness for a particular -purpose or non-infringement. Hereunder the parties acknowledges that -CFEngine does not warrant for the performance of any data centre on -which the Software runs, or the absence of any errors in the Software, -and that any such errors does not constitute a contractual defect. - -The liability of the parties in contract, tort (including negligence) -or otherwise shall for all incidents during the entire term of 30 days -from the date of purchase be limited to a half of the fees paid for a -perpetual license. CFEngine or its suppliers shall not be liable for -any special, incidental, indirect or consequential damages whatsoever -(including, without limitation, damages for loss of business profits, -lost savings, business interruption, loss of business information, -personal injury, loss of privacy, loss of goodwill or any other -financial loss) arising out of the use of or inability to use the -Software, even if advised of the possibility of such damages. - -For third-party software that is integrated with or used by -CFEngine, the current terms of the relevant third party software -supplier shall apply. - - - -@page -@node Cultural References to Orion and Cloud -@unnumberedsec Cultural References to Orion and Cloud - -Orion, the hunter from Greek mythology, was taken by renaissance -mythologist Natalis Comes to be an allegory for an approaching storm -cloud. - -Better-known today, Orion is the name of one of the most famous and -studied astronomical constellations in the night sky. It contains the -three bright stars of Orion's belt (the three steps to the cloud) and -the @i{Orion M42 Nebula} (a gigantic dust cloud): -@url{http://en.wikipedia.org/wiki/Orion_Nebula} beneath its belt. -Now with the CFEngine Orion Cloud Pack, you too can get the Cloud -under your belt. - -The Orion Nebula is, in fact, part of a much larger cloud or nebula in -the constellation of Orion -(@url{http://en.wikipedia.org/wiki/Orion_Molecular_Cloud_Complex}). We -chose the name Orion for our Cloud Pack (apart from the obvious puns) -because we believe that Cloud Computing is only a stepping stone -towards what we term @i{Molecular Computing}, in which many -independent platforms and services bond together to form @i{network -patterns}. These patterned systems act like molecules with new -properties, bonded together by @i{promises}. This view follows -naturally from a description of computing using Promise Theory, -replacing traditional monolithic and hierarchical systems with a more -natural form of engineering -(@url{https://cfengine.com/inside/deepBackground}). - -@sp 1 -@center{@image{Orion,9cm,,Orion,png}} - -@center{Hubble Image: http://apod.gsfc.nasa.gov/apod/ap051013.html} - - - -@node EC2 Cloud Command line setup -@appendix EC2 Cloud command line setup - -This Appendix details the creation of an EC2 instance, i.e. the -pre-requisites for CFEngine installation, using a command-line approach. -You may also use the web interface. - -For greater depth and explanation of all the commands and options see -the getting started guide: -@smallexample -@url{http://docs.amazonwebservices.com/AWSEC2/latest/GettingStartedGuide/}. -@end smallexample - -@sp 2 -@enumerate -@item Create an amazon web services account and sign up for Amazon Elastic Compute Cloud (EC2) at @url{http://aws.amazon.com/ec2/}. - -@item Login and go to the access identifiers page. - -@item Create new X.509 certificate. - -@item Download the private key file and the X.509 certificate. - -@item Download the EC2 api tools: -@smallexample -http://developer.amazonwebservices.com/connect/entry.jspa -?categoryID=88&externalID=351 -@end smallexample - -@item Extract the tools into a suitable directory: $dir. - -@item Setup EC2 control environment: -@itemize - @item Install Java - @item @code{export EC2_HOME=~/$dir} - @item @code{export PATH=$PATH:$EC2_HOME/bin} - @item @code{export EC2_PRIVATE_KEY=pk-KEYNAME.pem} - @item @code{export EC2_CERT=cert-KEYNAME.pem} - @item @code{export JAVA_HOME=/path/to/java/} -@end itemize -@item Create keys for accessing your instances: -@itemize - @item @code{cd $dir} - @item @code{ec2-add-keypair keyname} - where 'keyname' is users choice. - Save output to a file: -@end itemize -@itemize - @item @code{vi $dir/keyname} - @item paste in key and save. - @item @code{sudo chmod 600 keyname} -@end itemize -@item Choose an Amazon Machine Image (AMI) to launch: e.g. @samp{ami-6d0be204}, an Ubuntu 9.10 server with CFEngine community pre-installed (small instance in us-east region). - - - -@item @b{Warning billing begins after the next command}. Run the instance: -@itemize - @item @code{ec2-run-instances ami-6d0be204 -k keyname} - - Note is it possible to launch an instance without specifying a -key but it will not be accessible via ssh if you do not create one. The selected -public AMI is an Ubuntu 9.10 i368 server with CFEngine community -installed. -@end itemize -@item Get status of your instance: -@itemize - @item @code{ec2-describe-instances} - - This will reveal the external URL to your instance similar to: - - @code{ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com} -@end itemize - -@item Allow ssh: -@itemize - @item @code{ec2-authorize default -p 22} - - Note this will allow ssh access to all instances in the default security group from anywhere on port 22. - - @item Allow http traffic: - @code{ec2-authorize default -p 80} -@end itemize - -@item Access via ssh: -@itemize - @item @code{ssh -i keyname ubuntu@@ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com} -@end itemize -@end enumerate - - - -@node EC2 Cloud CFEngine Configuration -@appendix EC2 Cloud CFEngine Configuration - -You will need @code{root} access to the Amazon instance. -@sp 1 -@enumerate -@item Copy the CFEngine Orion Cloud Pack to your instance and unpack it: -@smallexample -scp -i keyname cloud_pack.tar ubuntu@@ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com -mv cloud_pack.tar /var/cfengine/masterfiles -cd /var/cfengine/masterfiles -tar xvf cloud_pack.tar -@end smallexample - -@item Set policy server ip address: e.g. - -@code{ifconfig eth0 ...} - -@item Copy this IP address to the policy server variable in the @file{update.cf} and -@file{promises.cf} files. - -@item @code{cf-agent -f /var/cfengine/masterfiles/failsafe.cf} -@end enumerate - -@noindent Note billing continues as long as instances are running. -To terminate an instance: - -@itemize - @item @code{ec2-terminate-instances instance_number} - The instance number (i-xxxxxxxx) is revealed by running: - @item @code{ec2-describe-instances} -@end itemize - - - - -@node Integrating the Cloud Pack Futher -@appendix Integrating the Cloud Pack Futher - -The Orion Cloud Pack is delivered in a form that makes it easy to choose the -services. As you move forward, or want to integrate these methods into a larger -framework, you can choose to alter the way in which you `call up' these -methods. - -In the Cloud Pack, all bundles are listed in the @code{bundlesequence}, -making them simple to compare and comment out, but we may also re-bundle -them in a single bundle like this: - -@verbatim -body common control -{ -bundlesequence => { "update", "main" }; -} - -@end verbatim - -@noindent To re-bundle, we create a single agent bundle (e.g. called `main') and -call the bundles as method promises. An advantage of this is to make it easier to -classify different parts of your configuration in a single location. For instance, -you might want two groups of servers supporting different platforms, one supporting -Ruby and one supporting PHP: - -@verbatim - -bundle agent main -{ -methods: - - group1:: - "environment 1" usebundle => ruby_on_rails; - - group2:: - "environment 2" usebundle => php_apache; - - any:: - "common" usebundle => fix_broken_software; - "common" usebundle => garbage_collection; - "common" usebundle => harden_xinetd; -} - -@end verbatim -@noindent This approach allows a great control over the execution of the bundles, -with additional transaction controls, but cannot be considered superior to the simple -list used in the Cloud Pack. Ultimately this is a question of style. - - -@node Ubuntu quirks -@appendix Ubuntu quirks - -The Ubuntu operating systems does not have a root account you can log onto directly. -You first log in as the @samp{ubuntu} user, and then type @samp{sudo su} to become -root. - -@bye diff --git a/docs/guides/SpecialTopic_Adoption.texinfo b/docs/guides/SpecialTopic_Adoption.texinfo deleted file mode 100644 index e70d6dc158..0000000000 --- a/docs/guides/SpecialTopic_Adoption.texinfo +++ /dev/null @@ -1,297 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-adopt.info -@settitle Adopting Cfengine in Your Organization -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Adopting CFEngine in Your Organization -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine is a framework and a methodology with far reaching -implications for the way you do IT management. The CFEngine approach -asks you to think in terms of @i{promises} and @i{cooperation} between -parts; it automates repair and maintenance processes and provides -simple integrated Knowledge Management. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What does adoption involve?, (dir), (dir) -@top Adoption -@menu -* What does adoption involve?:: -* The Mission Plan:: -* Commercial or Free?:: -* Installation or Pilot:: -* Identifying the Team:: -* Training and Certification:: -* Mission Goal and Knowledge Management:: -* Build:: -* Contact CFEngine:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What does adoption involve?, The Mission Plan, Top, Top -@unnumberedsec What does adoption involve? -@sp 1 - -CFEngine is a framework and a methodology with far reaching -implications for the way you do IT management. The CFEngine approach -asks you to think in terms of @i{promises} and @i{cooperation} between -parts; it automates repair and maintenance processes and provides -simple integrated Knowledge Management. - -To use CFEngine effectively, you should spend a little time learning -about the approach to management, as this will save you a lot of time -and effort in the long run. - -@node The Mission Plan, Commercial or Free?, What does adoption involve?, Top -@unnumberedsec The Mission Plan -@sp 1 - -At CFEngine, we refer to the management of your datacentre as `The -Mission'. The diagram below shows the main steps in preparing mission -control. Some training is recommended, and as much planning as you can -manage in advance. Once a mission is underway, you should expect to -work by making small corrections to the mission plan, rather than -large risky changes. - -@center @image{MissionPlan,10cm,,Mission Plan,png} - -Planning does not mean sitting around a table, or in front of a whiteboard. -Successful planning is a dialogue between theory and practice. It should include -test pilots and proof-of-concept implementations. - -@node Commercial or Free?, Installation or Pilot, The Mission Plan, Top -@unnumberedsec Commercial or Free? -@sp 1 - -The first decision you should make is whether you will choose a route -of commercial assistance or manage entirely on your own. You can -choose different levels of assistance, from just training, to -consulting, to commercial versions of the software that simplify -certain processes and offer extended features. - -At the very minimum, we recommend that you take a training course -on CFEngine. Users who don't train often end up using only a fraction -of the software's potential, and in a sub-optimal way. Think of this -as an investment in your future. - -The advantages of the commercial products include greatly simplified -set up procedures, continuous monitoring and automatic knowledge -integration. See the CFEngine Nova Supplement for more information. - -@node Installation or Pilot, Identifying the Team, Commercial or Free?, Top -@unnumberedsec Installation or Pilot -@sp 1 - -You are free to download Community Editions of CFEngine at any time to -test the software. There is a considerable amount of documentation and -example policy available on the cfengine.com web-site -to try some simple examples of system management. - -If you intend to purchase a significant number of commercial licenses -for CFEngine software, you can request a pilot process, during which a -specialist will install and demonstrate the commercial edition on -site. - -@node Identifying the Team, Training and Certification, Installation or Pilot, Top -@unnumberedsec Identifying the Team -@sp 1 - -CFEngine will become a core discipline in your organization, taking -you from reactive fire-fighting to proactive and strategic -practices. You should invest in a team that embraces its methods. The -CFEngine team will become the enabler of business agility, security, -reliability and standardization. - -The CFEngine team needs to have administrator or super-user access -to systems, and it needs the `headroom' or `slack' to think -strategically. It needs to build up processes and workflows that -address quality assurance and minimize the risk of change. - -All teams are important centres for knowledge, and you should provide -incentives to keep the core team strong and in constant dialogue with -your organization's strategic leadership. Treat your CFEngine team as -a trusted partner in business. - -@node Training and Certification, Mission Goal and Knowledge Management, Identifying the Team, Top -@unnumberedsec Training and Certification -@sp 1 - -Once you have tried the simplest examples using CFEngine, we recommend -at least three days of in-depth training. We can also arrange more -in-depth training to qualify as a CFEngine Mission Specialist. - -@node Mission Goal and Knowledge Management, Build, Training and Certification, Top -@unnumberedsec Mission Goal and Knowledge Management -@sp 1 - -The main aim of Knowledge Management is to learn from experience, and -use the accumulated learning to improve the predictability of workflow -processes. During every mission, there will be unexpected events, and -an effective team will use knowledge of past and present to respond to -these unpredictable changes with confidence - -The goal of an IT mission is a @i{predictable operational state} that -lives up to specific policy-determined promises. You need to work out -what this desired state should be before you can achieve it. No one -knows this exactly in advance, and most organizations will change -course over time. However, with good planning and understanding of the -mission, such adjustments to policy can be small and regular. - -@sp 1 - -@cartouche - -Many small changes are less risky than few large changes, and the -culture of agility keeps everyone on their toes. Using CFEngine to run -your mission, you will learn to work pro-actively, adjusting the system -by refining the mission goal rather than reacting to unexpected -events. - -@end cartouche - -@sp 1 -To work consistently and predictably, even when understaffed, requires -a strategy for describing system resources, policy and state. -CFEngine can help with all of these. See the Special Topics Guide on -Knowledge Management. - -A major component of a successful mission, is documenting -@i{intentions}. What is the goal, and how does it break down into -concrete, achievable states? CFEngine can help you in this process, -with training and Professional Services, but you must establish a -culture of commitment to the mission and learn how to express these -commitments in terms of CFEngine @i{promises}. - -@node Build, Contact CFEngine, Mission Goal and Knowledge Management, Top -@unnumberedsec Build, Deploy, Manage, Audit -@sp 1 - -The four mission phases are sometimes referred to as - -@table @emph -@item Build -A mission is based on decisions and resources that need to -be put assembled or `built' before they can be applied. This is -the planning phase. - -In CFEngine, what you build is a template of proposed promises for the -machines in an organization such that, if the machines all make and -keep these promises, the system will function seamlessly as -planned. This is how it works in a human organization, and this is how -is works for computers too. - -@item Deploy -Deploying really means launching the policy into production. In -CFEngine you simply publish your policy (in CFEngine parlance these -are `promise proposals') and the machines see the new proposals and -can adjust accordingly. Each machine runs an agent that is capable of -keeping the system on course and maintaining it over time without -further assistance. - -@item Manage -Once a decision is made, unplanned events will occur. Such incidents -traditionally set off alarms and humans rush to make new transactions -to repair them. Under CFEngine guidance, the autonomous agent manages -the system, and humans only manage knowledge and have to deal with -rare events that cannot be dealt with automatically. - -@item Audit -CFEngine performs continuous analysis and correction, and commercial -editions generate explicit reports on mission status. Users can sit -back and examine these reports to check mission progress, or examine -the current state in relation to the knowledge map for the mission. - -@end table - -@node Contact CFEngine, , Build, Top -@unnumberedsec Contact CFEngine -@sp 1 - -Contact CFEngine today for more information: @code{contact@@CFEngine.com}. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Agility.texinfo b/docs/guides/SpecialTopic_Agility.texinfo deleted file mode 100644 index ce638c2aab..0000000000 --- a/docs/guides/SpecialTopic_Agility.texinfo +++ /dev/null @@ -1,1293 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-agility.info -@settitle Agility in Infrastructure Engineering -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Agility in Infrastructure Engineering -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - - -@cartouche -@quotation -Agility is a widely used term in today's fast moving IT industry. It -reflects a need and a desire to respond quickly to changes in the -environment. This document explains the management factors that -affect speed, agility and scale in common scenarios, and what CFEngine can -do to help you be agile. -@end quotation -@end cartouche - -@vskip 2cm -Last updated December 2011 - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Understanding Agility, (dir), (dir) -@top Agility - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@menu -* Understanding Agility:: -* Aspects of CFEngine that bring agility:: -* Agility in your work:: -@end menu - -@node Understanding Agility, Aspects of CFEngine that bring agility, Top, Top -@chapter Understanding Agility -@sp 1 - -We intuitively recognize agility as the capability to respond rapidly -enough and flexibly enough to a difficult challenge. If we imagine an -animal surviving in the wild, a climber on a rock-face or a wrestler engaged in -combat, we identify the skills of @i{anticipation}, @i{speed} of response and -the ability to @i{adapt} or bend without breaking to meet the challenges. - -@itemize -@item Anticipate. -@item Act. -@item Adapt. -@end itemize - -In infrastructure management, agility represents the need to handle -changing demand for service, to repair an absence of service, and to -improve and deploy new services in response to changes from users and -market requirements. It is tied to economic, business or work-related -imperatives by the need to maintain a competitive lead. - -The compelling event that our system must respond to might represent -danger, or merely a self-imposed deadline. In either case, there is -generally a penalty associated with a lack of agility: a blow, a fall or -a loss. - - -@menu -* What make agility possible?:: -* The capacity of a system:: -* Speed:: -* Precision:: -* Comprehension:: -* Efficiency:: -@end menu - -@c ..................................................................... -@node What make agility possible?, The capacity of a system, Understanding Agility, Understanding Agility -@section What make agility possible? -@sp 1 - -To understand agility, we have to understand time and the @i{capacity} -for change. Agility is a relative concept: it's about adapting quickly -enough, in the right context, with the right measure and in the right -way. Below, we'll try to gain an @i{engineering} perspective on agility to -see what enables it and what throttles it. - -@sp 1 -@cartouche -@noindent To respond to a challenge there are four stages that need attention: - -@itemize -@item To comprehend the challenge. -@item To solve the challenge. -@item To respond to the challenge. -@item To confirm or verify the response. -@end itemize -@end cartouche - -@sp 1 -Each of these phases takes actual clock-time and requires a certain flexibility. -Our goal is to keep these phases simple and therefore cheap for the long-term. -Affording the time and flexibility needed is the key to being agile. -Technology can help with this, if we adopt sound practices. -@sp 1 - -@cartouche -Intuitively, we understand agility to be related to our capacity to -respond to a situation. -Let's try to pin this idea down more precisely. -@end cartouche - -@c ..................................................................... -@node The capacity of a system, Speed, What make agility possible?, Understanding Agility -@section The capacity of a system - -The capacity of a system is defined to be its maximum rate of -change. Most often, this refers to speed of the system response to a -single request@footnote{Capacity is often loosely referred to as `bandwidth' -because of its connection to signal propagation in communication -science, but this is not strictly correct, as bandwidth refers to parallel -channels.}. - -In engineering, capacity is measured in @i{changes per second}, so it -represents the maximum speed of a system within a single thread of -activity@footnote{For example, for a single coding frequency, the capacity of -a communications channel is measured in bits per second, and the -bandwidth is the number multiplied by the number of parallel -frequencies.}. - - -@c ..................................................................... -@node Speed, Precision, The capacity of a system, Understanding Agility -@section Speed - - -Speed is the rate at which change takes place. For a configuration tool like CFEngine, -speed can be measured either as - -@table @i -@item Clock speed -The actual elapsed wall-clock time-rate at which work gets done, -including any breaks and pauses in the schedule. - -This depends on how often checks are made, or the interval between them, - e.g. in CFEngine, the default -schedule is to verify promises every five minutes. - -@item System speed -The average speed of the system when it is actually busy working on a problem, -excluding breaks and pauses. For example, once CFEngine has been scheduled -at the end of a five minute interval, it might take a few seconds to -make necessary changes. -@end table - -Engineers can try to define an engineering scale of agility -as the ratio of available speed to required speed and ratio of number -ways a system can be changed to the number of ways imperatives require -us to change. - -@sp 1 - -@cartouche - -@i{Agility is proportional to both how much speed we can muster compared to what is required, -and the number of change-capabilities we possess, compared to what -we need to meet a challenge. In other words: how well equipped are we? -As engineers, we could write something like this:} - -@verbatim - - Available speed under control Changes available - Agility =~ ----------------------------- * ----------------------- - Required speed Changes Required -@end verbatim -@end cartouche -@sp 1 - -@noindent Although such a scale might be hard to measure and follow in practice, -the definition makes simple engineering sense@footnote{If available -speed matches need, and we have the capability to make all required -changes, then we can claim exactly 100% agility. If we have less than -required, then we get a smaller number, and if we have excess speed or -changeability then we can even claim a super-efficiency.}, and brings -some insight into what we need to think about. -What it suggests is that agility is a combination of @i{speed} and @i{precision}. - - -What is required speed? It is is the rate of change we have to be -able to enact in order to achieve and maintain a state (keep a -promise) that is aligned with our intent. This requires a dependence -on technology and human processes. - -The weakest link in any chain of dependencies limits the speed. -The weakest link might be a human who doesn't understand what to do, or a -broken wire or a misconfigured switch, so there are many -possible failure modes for agility. An organization is an information -rich @i{society} with complex interplays between Man and Machine; agility -challenges us to think about these weakest links and try to bolster -them with CFEngine's technology. - -For example: - -@itemize -@item If we think in terms of -services, it is the Service Level you have to achieve in order to -comply with a Service Level Agreement. - -@item If we think of a support -ticket, it is the speed we have to work at in order to keep the impact -of an unpredicted change within acceptable levels. -@end itemize - -What we call `acceptable' -is a subjective judgement, i.e. a matter for policy to decide. So -there are many uncertainties and relativisms in such definitions. It would -be inconceivable to claim any kind of industry standard for these. - -@sp 1 -@center @image{agility,12cm} -@center How agility depends on technology measures. -@sp 1 - - -We can write some scaling laws for the dependencies of agility to see where -the failure modes might arise. -@sp 1 -@cartouche -@i{The speed available to meet a challenge -is (on average) the maximum speed we can reliably maintain over time -divided by the number of challenges we have to share between.} -@verbatim - - Expected capacity * reliability - Average available speed =~ ------------------------------- - Consumers or challenges -@end verbatim -@end cartouche -@sp 1 -This expression says that the rate at which we get work done on average depends -no only on how we share maximum capacity amongst a number of different consumers, -clients, processes, etc, but also on how much of the time this capacity is fully -available, perhaps because systems are down or unavailable. - -The appearance of reliability in this expression therefore tells us that maintenance -of the system, and anticipation of failure will play a key role in agility. -Remarkably this is usually unexpected for most practitioners, and most of system planning -goes into first time deployment, rather than maintaining operational state. - - - -@c ..................................................................... -@node Precision, Comprehension, Speed, Understanding Agility -@section Precision - -Acting quickly is not enough: we also need to be accurate in responding to -change@footnote{In the 20th century, science learned that there is no such thing as -determinism -- the idea that you can guarantee an outcome absolutely. -If you still think in such terms, you will be quickly disappointed. -The best we can accomplish is to maximize the likelihood of a -predictable result, relative to the kind of environment in which we -work.}. We need to be able to: - -@sp 1 -@itemize -@item Model the desired outcome accurately in terms of universal policy coordinates: Why, When, Where, What, How. -@item Maximize the chance that the promised outcome will be achieved. -@end itemize -@sp 1 - -@noindent Precision is maximized when: - -@sp 1 -@itemize -@item Changes are `precise', i.e. they can be made at a highly granular level, without disturbing areas that are not relevant (few side-effects). -@item Policy is able to model or describe the desired state accurately, i.e. within the relevant area, the state is within acceptable tolerances. -@item If any assumptions are hidden, they are describable in terms of the model, not determined by the limitations of the software@footnote{In some other configuration software, assumptions are hard-coded into the tools themselves, making the outcome -undocumented.}. - -@item The agent executes the details of the model quickly and verifiably, -in a partially unpredictable environment, i.e. it should be fault tolerant. -@item If the model cannot be implemented, it is possible to determine why -and decide whether the problem lies in an incorrect assumption or a flaw in the implementation. -@end itemize -@sp 1 - -@cartouche -CFEngine is a fault tolerant system -- it continues to work on what it -can even when some parts of its model don't work out as -expected@footnote{Other systems that claim to be deterministic simply stop with -error messages. What is the correct behaviour? Clearly, this is a subjective choice. The important thing is that your -system for change behaves in a predictable way. -}. -@end cartouche - - -@c ..................................................................... -@node Comprehension, Efficiency, Precision, Understanding Agility -@section Comprehension - -The next challenge is concerns a human limitation. One of the greatest -challenges in any organization lies in comprehending the system. -@sp 1 -@cartouche -@i{Comprehensibility increases if something is predictable, or steady in its -behaviour, but it decreases in proportion to the number of things we need -to think about -- which includes the many different contexts such as environments, -or groups of machines with different purposes or profiles.} -@verbatim - Predictability (Reliability) Predictability - Comprehensibility =~ ---------------------------- = ---------------- - Contexts Diversity -@end verbatim -@end cartouche -@sp 1 -@noindent Our ability to comprehend behaviour depends on how predictable it is, i.e. -how well it meets our expectations. For technology, we expect -behaviour to be as close as possible on our intentions. CFEngine's -maintenance of promises ensures that this is done with best possible -effort and a rapid cycle of checking. - -To keep the number of contexts to a minimum, CFEngine avoids mixing up -@i{what} policy is being expressed with @i{how} the promises are -kept. It uses a declarative language to separate the what from the -how. This allows ordinary users to see what was intended without -having to know the meaning of how, as was the case when scripting was -used to configure systems. - - -@c ..................................................................... -@node Efficiency, , Comprehension, Understanding Agility -@section Efficiency - -Finally, if we think about the efficiency of a configuration, which is -another way of estimating its simplicity, we are interested in how -much work it takes to represent our intentions. There are two ways we -can think about efficiency: the efficiency of the automated process -and the human efficiency in deploying it. - -If the technology has a high overhead, the cost of maintaining -change is high and efficiency is low: -@sp 1 -@cartouche -@i{The efficiency of the technology decreases with the more resources -it uses, e.g. like memory and CPU. Resources used to run the technology -itself are pure overhead and take away from the real work of your system.} -@verbatim - Resources used - Resource Efficiency =~ 1 - --------------- - Total resources -@end verbatim -@end cartouche -@sp 1 -@noindent It is a design goal of CFEngine to maintain minimal overhead in -all situations. The second aspect of efficiency is how much planning -or rule-making is needed to manage the relevant issues. -@sp 1 -@cartouche -@i{The efficiency of a model decreases when you put more effort into -managing a certain number of things. If you can manage a large number -of things with a few simple constraints, that is efficient.} -@verbatim - Number of objects affected - Model Efficiency =~ ------------------------------- - Number of rules and constraints -@end verbatim -@end cartouche -@sp 1 -General patterns play a role too in simplifying, because the reduce the -number of special rules and constraints down to fewer more generic rules. -If we make good use of patterns, we can make few rules that cover many -cases. If there are no discernible patterns, every special case is a -costly exception. This affects not just the technology cost, but also -the cognitive cost (i.e. the comprehensibility). - -Efficiency therefore plays a role in agility, because it affects the -cost of change. Greater efficiency generally means greater speed, -and more greater likelihood for precision. - - -@c ******************************************************************************************* -@node Aspects of CFEngine that bring agility, Agility in your work, Understanding Agility, Top -@chapter Aspects of CFEngine that bring agility -@sp 1 - -We can now summarize some qualities of CFEngine that favour agility: -@sp 1 -@cartouche -@enumerate -@item Ability to express clear intentions about desired outcome (comprehension). -@item Availability of insight into system performance and state (comprehension). - -@item Ability to manage large numbers of hosts and resources with a few generic patterns (efficiency). -@item Ability to bundle related details into simple containers (comprehension without loss of adaptability). - -@item Ability to accurately customize policy down to a low level without programming (adaptability). - -@item Ability to recover quickly from faults and failures. The default, parallelized execution framework verifies promises every 5 minutes -for rapid fault detection and change deployment (clock speed)@footnote{Two related concepts that are frequently referred to are the -classic reliability measures: Mean Time Before Failure (MTBF) or -proactive health and Mean Time To Repair (MTTR), speed of -recovery: -(i) If we are proactive or quick at recovering from -minor problems, larger outages can be avoided. Recovery agility plays a -role in avoiding cascade failure. - -(ii) If the time to repair is long, or the repair is inaccurate, this could -result if more widespread problems. Inaccurate change or repair often leads to -attempts to `roll-back', causing further problems. -} -. -@item A quick system monitoring/sampling rate -- every 2.5 minutes (Nyquist frequency), -for automated hands-free response to errors. -@item Ability to recover cheaply. The lightweight resource footprint of CFEngine that consumes few system resources -required for actual business (system speed -- low overhead, maximum capacity). - -@item Ability to increase number of clients without significant penalty (scalability and easy increase of capacity). - -@item A single framework for all devices and operating systems (ease of migrating from one platform to another). -@end enumerate -@end cartouche - - - - - -@c ..................................................................... -@menu -* What agility means in different environments:: -* Separating What from How:: -* Packaging limits agility:: -* How abstraction improves agility:: -* Increasing system capacity - by scaling:: -@end menu - -@node What agility means in different environments, Separating What from How, Aspects of CFEngine that bring agility, Aspects of CFEngine that bring agility -@section What agility means in different environments - -Let's examine some example cases where agility plays a role. -Agility only has meaning relative to an environment, so in the following -sections, we cite the remarks of CFEngine users (in quotes), and -their example environments. - -Users' expectations for agility can differ dramatically in the present; but if we -think just a few years down the line, and follow the trends, it seems clear -that limber systems must prevail in IT's evolutionary jungle. - - -@menu -* Desktop management:: -* Web shops:: -* Cloud providers:: -* High Performance Computing:: -* Government:: -* Finance:: -* Manufacturing:: -@end menu - -@node Desktop management, Web shops, What agility means in different environments, What agility means in different environments -@subsection Desktop management - -"The desktop space can be a very volatile environment, with multiple platforms." - -@table @i -@item Speed: - -Speed is -essential when there is a need to respond to a security threat that -affects all of the desktop systems; e.g. when dealing with malware -that requires the distribution of updated @file{virus.dat} files, -etc. CFEngine can be very helpful by automating the process of -distributing and restarting the application responsible for virus -detection and mitigation. Systems that have been breached, need to be -returned to known and secure state quickly to avoid loss. CFEngine can -quickly detect and correct host based intrusions using file-scanning -techniques and can secure hosts for examination, or just repair them -quickly. - -Another case for agility lies in user request processing. For example, -when a new user joins a workplace and needs resources such as desktop, -laptop, phone, Internet connection, VPN connection, VM instances, -etc. Speed is of the essence to minimize employee downtime. - -@item Precision: - -Desktop environments can involve many different platforms: Windows, -multiple flavours of Linux and Macintosh, etc. A uniform low-cost way -of `provisioning' and maintaining all of these, as well as responding -to common threats is of significant value. - -Precision is important to ensure that the resources made available are -indeed the correct ones. Inaccuracy can be a potential security issue, -or merely a productivity question. - -Precision also comes into play when an enterprise rolls out new -patches or productivity upgrades. These upgrades need to be uniformly -and precisely distributed to all of the desktop systems during a given -change window. By design, desktop clients running CFEngine -automatically check for changes in system state and can precisely -propagate desired state. In the case of system restoration due to -corruption or hardware failure, CFEngine can greatly reduce the time -needed to return to the most current enterprise build. - -@end table - - -@node Web shops, Cloud providers, Desktop management, What agility means in different environments -@subsection Web shops - -Modern web-based companies often base their entire financial -operations around an active web site. Down-time of the web service is -mission critical. - -@table @i -@item Speed: - -The frequency of maintenance is not usually critical in web shops, -since configuration changes can be planned to occur over hours rather -than minutes. During software updates and system repairs, however, -speed and orchestration are issues, as time lost during upgrades is -often revenue lost, and a lack of coordination of multiple parts could -cause effective downtime. - -It is therefore easy to scale the management of a web service, as change -is rarely considered to be time-critical. - -Resource availability for the web service is an issue on busy web -servers, however web services are typically quite slow already and it -is easy to load balance a web service, so resource efficiency of the -management software is not usually considered a high priority, until -the possible savings become significant with thousands of hosts. - -Credit card information is subject to PCI-DSS regulation and requires -a continuous verification for auditing purposes, but these systems are -often separated from the main web service. Speed of execution can be seen -as an advantage by some auditors where repairs to security matters and -detection of breaches are carefully monitored. - - -@item Precision: - -The level of customization in a web shop could be quite high, as there -is a stack of interdependent services including databases and name -services that have to work seamlessly, and the rate of deployment of -new versions of the software might be relatively high. - -Customization and individuality is a large part of a website's business -competitiveness. Maintaining precise - -@end table - - -@node Cloud providers, High Performance Computing, Web shops, What agility means in different environments -@subsection Cloud providers - -@table @i -@item Speed: -The cloud was designed for shorter time-scales, and relatively quick turnover of -needs. That suggests that configuration will change quite often. -For Infrastructure-as-a-Service providers and consumers, set up -and tear-down rates are quite high so efficient and speedy configuration -is imperative. - -@item Precision: - -For Software and Platform as a service providers, stability, -high performance and regulation are key issues, and scaling up and down -for demand is probably the fastest rate of change. - -@end table - - -@node High Performance Computing, Government, Cloud providers, What agility means in different environments -@subsection High Performance Computing - -High Performance clusters are typically found in the oil and gas -industry, in movie, financial, weather and aviation industries, and -any other modelling applications where raw computation is used to -crunch numbers. - -@table @i -@item Speed: - -The lightweight footprint of CFEngine is a major benefit here, as -every CPU cycle and megabyte of memory is precious, so workflow is not -disrupted. - -"A single node in the compute grid being out of sync with the others -can cause the entire grid to cause failed jobs or otherwise introduce -unpredictability into the environment, as it may produce results that -differ from its peers. Thus it is imperative that repairs to an -incorrect state happen as soon as possible, to minimize the impact of -these issues." - -@item Precision: -"Precision is exquisitely important in an HPC grid. When making a -configuration change, due to the homogeneity of the environment, small -changes can have enormous impacts due to the quantity of affected -systems. I liken this to the "monoculture" problem in replanted -forests -- everything is the same, so what would ordinarily be a -small, easily-contained problem like a fungus outbreak, quickly -spreads into an uncontrollable disaster. Thus, with HPC systems it is -imperative that any changes deployed are precise, to ensure that no -unintended consequences will occur. This is clearly directly related -to comprehensibility of the environment -- it is difficult or -impossible to make a precise change when you don't fully comprehend -the environment." - -@end table - - -@node Government, Finance, High Performance Computing, What agility means in different environments -@subsection Government - -@table @i -@item Speed: - -Government is not known for speed. - - -@item Precision: - -"Government systems are reviewed and audited under FISMA and so one has -often thought in terms of the ability to reduce complexity to make the -problem manageable. Government typically wants the one-size-fits-all -solution to system management and could benefit from something that -can manage complexity and diversity while providing some central -control (I bet you hate that word). The only thing we might have in -common with finance is auditing but I'm sure the methods and goals are -completely different. Finance is big money trying to make more big -money. Government is focused more on compliance with its own -regulations." - - -@end table - -@node Finance, Manufacturing, Government, What agility means in different environments -@subsection Finance - -@table @i -@item Speed: - -One of the key factors in finance is liability. Fear of error, has led -to very slow processing of change. - -High availability in CFEngine is used for continuous auditing and -security. Passing regulatory frameworks like SOX, SAS-70, ISO 20k, etc -can depend on this non-intrusive availability. Liability is a major -concern and significant levels of approval are generally required to -make changes, with tracking of individual responsibility. Out-of-hours -change windows are common for making upgrades and making intended -changes. Scalability of reporting is a key here, but change happens -slowly. - - -@item Precision: - -Security and hence tight control of approved software are major challenges -in government regulated institutions. Agility has been a low priority -in the past, but this will have to change as the rest of the world's -IT services accelerate. - -@end table - - -@node Manufacturing, , Finance, What agility means in different environments -@subsection Manufacturing - -SCADA (supervisory control and data acquisition) generally refers to -industrial control systems (ICS): computer systems that monitor and -control industrial, infrastructure, or facility-based processes, as -described below. - -@table @i -@item Speed: - -Manufacturing is a curious mix of all the mention areas and more. In -addition to the above, there is an tool component. The -tools can design, build, test, track, and ship a physical -unit. Downtime of any component is measured in missed revenue, -so speed of detection and repair is crucial. - - -@item Precision: - - -"We need to ensure agility and accuracy of -reporting. We need to know what is going on at any microsecond of the -day. One faulty tool can throw a wrench in the whole works. The -digital equivalent of the steam whistle to stop the line. - -From there, all the tool information is fed upstream to servers, from -there to databases, then reports, that statistical analysis, and so -on. Each piece needs to move with the product and incorporate it. It -is a steady chain of events where are all information is liquid and -relevant. - -Not only do you have the security requirements, from virus updates to -top secret classification, but these tools need to never stop, -ever. Also, these tools need constant reconfiguration depending on the -product they are working on: e.g. you can't use the same set of -procedures on XBox chip as a cellphone memory module. And all the -tools are different too: one may be a probe to detect microscopic -fractures in the layers, one tool may just track it's position in -line. Supply and demand, cost and revenue." - - - -@end table - - -@c ..................................................................... -@node Separating What from How, Packaging limits agility, What agility means in different environments, Aspects of CFEngine that bring agility -@section Separating What from How (DevOps) -@sp 1 - -If you have to designs a programmatic solution to a challenge, it will -cost you highly in terms of cognitive investment, testing and clarity -of purpose to future users. Thinking @i{process} (how) instead of @i{knowledge} (what) is -a classic carry-over from the era of 2nd Wave industrialization@footnote{See @url{http://www.cfengine.com/blog/sysadmin-3.0-and-the-third-wave}}. - -@sp 1 -@cartouche -Think of CFEngine as an active knowledge management system, -rather than as a relatively passive programming framework. - -For `DevOps': programming is for your application, consider its deployment -to be part of the documentation. -@end cartouche -@sp 1 - -Many programmatic systems and `APIs' force you to explain how -something will be accomplished and the statement about `what' the -outcome will be is left to an implicit assumption. Such systems are -called imperative systems. - -CFEngine is a declarative system. In a declarative system, the reverse -is true. You begin by writing down What you are trying to accomplish -and the How is more implicit. The way this is done is by separating -data from algorithm in the model. CFEngine encourages this with its -language, but you can go even further by using the tools optimally. - -CFEngine allows you to represent raw data as variables, or as -strings within your policy. For example: - -@smallexample -bundle agent name -@{ -vars: - - "main_server" string => "abc.123.com"; - - "package_source[ubuntu]" string => "repository.ubuntu.com"; - "package_source[suse]" string => "repository.suse.com"; - - # Promises that use these data - # - # packages: - # processes: - # files: - # services: , etc - -@} -@end smallexample - -@noindent By separating `what' data like this out of the details of how -they are used, it becomes easier to comprehend and locate, and it -becomes fast to change, and the accuracy of the change is easily -perceived. Moreover, CFEngine can track the impact of such a change by -seeing where the data are used. - -@cartouche -CFEngine's knowledge management can tell you which system promises -depend on which data in a clear manner, so you will know the impact -of a change to the data. -@end cartouche - -You can also keep data outside your policy in databases, or sources like: - -@itemize -@item LDAP -@item NIS -@item DNS -@item System files -@end itemize - -@noindent For example, reading in data from a system file is very convenient. -This is what Unix-like system do for passwords and user management. - -@smallexample -@end smallexample - -What you might lose when making an input matrix is the @i{why}. -Is there an explanation that fits all these cases, or does each -case need a special explanation? We recommend that you include -as much information as possible about `why'. - - - - - -@c ..................................................................... -@node Packaging limits agility, How abstraction improves agility, Separating What from How, Aspects of CFEngine that bring agility -@section Packaging limits agility -@sp 1 - - -Atomicity enables agility. Atomicity, or the avoidance of dependency, is a -key approach to simplicity. Today this is often used to argue to -packaging of software. - -Handling software and system configuration as packages of data makes -certain processes appear superficially easy, because you get a single object -to deal with, that has a name and a version number. -However, to maintain flexibility we should -not bundle too many features into a package. - -@sp 1 -@cartouche -@i{A tin of -soup or a microwave meal might be a superficially easy way to make -dinner, for many scenarios, but the day you get a visitor with special -dietary requirements (vegetarian or allergic etc) then the -prepackaging is a major obstacle to adapting: the recipe cannot be -changed and repackaged without going back to the factory that made -it. Thus oversimplification generally tends to end up sending up back -to work around the technology.} -@end cartouche -@sp 1 - -CFEngine's modelling language gives you control over the smallest -ingredients, but also allows you to package your own containers -or work with other suppliers' packages. This ensures that -adaptability is not sacrificed for superficial ease. - -For example: your system's package model can cooperate with -CFEngine make asking CFEngine to promise to work with the -package manager: - -@verbatim - -packages: - - "apache2"; - "php5"; - "opera"; - -@end verbatim - -@noindent If you need to change what happens under the covers, it -is very simple to do this in CFEngine. You can copy the details -of the existing methods, because the details are not hard-coded, -and you can make your own custom version quickly. -@verbatim - -packages: - - "apache2" - - package_method => my_special_package_manager_interface; - -@end verbatim - - -@c ..................................................................... -@node How abstraction improves agility, Increasing system capacity - by scaling, Packaging limits agility, Aspects of CFEngine that bring agility -@section How abstraction improves agility -@sp 1 - -Abstraction allows us to turn special cases into general patterns. This leads to a compression -of information, as we can make defaults for the general patterns, which do not have to be -repeated each time. - -Service promises are good example of this@footnote{Service promises, -as described here, were introduced into version 3.3.0 of CFEngine in -2012.}, for example: - -@verbatim -services: - - "www"; - -@end verbatim -@noindent In this promise, all of the details of what happens to turn on the -web service have been hidden behind this simple identifier @samp{www}. -This looks easy, but is it simple? - -In this case, it is both easy and simple. Let's check why. We have to -ask the question: how does this abstraction improve speed and precision -in the long run? - -Obviously, it provides short term ease by allowing many complex -operations to take place with the utterance of just a single -word@footnote{All good magic stories begin like this.}. But any -software can pull that smoke and mirrors trick. To be agile, it must -be possible to understand and change the details of what happens when -this services is promised. Some tools hard-code processes for this kind -of statement, requiring an understanding of programming in a -development language to alter the result. In CFEngine, the definitions -underlying this are written in the high-level declarative CFEngine -language, using the same paradigm, and can therefore be altered by the -users who need the promise, with only a small amount of work. - -Thus, simplicity is assured by having consistency of interface -and low cost barrier to changing the meaning of the definition. - - -@c ..................................................................... -@node Increasing system capacity - by scaling, , How abstraction improves agility, Aspects of CFEngine that bring agility -@section Increasing system capacity (by scaling) - -Capacity in IT infrastructure is increased by increasing machine -power. Today, at the limit of hardware capacity, this typically means -increasing the number of machines serving a task. Cloud services have -increased the speed agility with which resources can be deployed -- -whether public or private cloud -- -but they do not usually provide any customization tools. This is -where CFEngine brings significant value. - -The rapid deployment of new services is assisted by: - -@sp 1 -@itemize -@item Virtualization hypervisor control or private cloud management (libvirt integration). -@item Rapid, massively-parallelized custom configuration. -@item Avoidance of network dependencies. -@end itemize -@sp 1 - -Related to capacity is the issue of scaling services for massive available -capacity. - -By scalability we mean the intrinsic capacity of a system to -handle growth. Growth in a system can occur in three ways: by the volume of input -the system must handle, in the total size of its infrastructure, -and by the complexity of the processes within it. - -For a system to be called scalable, growth should proceed unhindered, -i.e. the size and volume of processing may expand without -significantly affecting the average service level per node. - -Although most of us have an intuitive notion of what scalability -means, a full understanding of it is a very complex issue, mainly -because there are so many factors to take into account. One factor -that is often forgotten in considering scalability, is the human -ability to @i{comprehend} the system as it grows. Limitations of -comprehension often lead to over-simplification and -lowest-common-denominator standardization. - -Scalability is addressed in a separate document: @i{Scale and Scalability}, -so we shall not discuss it further here. - - - - -@c ***************************************************************************** -@node Agility in your work, , Aspects of CFEngine that bring agility, Top -@chapter Agility in your work - -@menu -* Easy versus simple:: -* How does complexity affect agility?:: -* An effective understanding helps agility:: -* Maximizing business imperatives:: -* What does agility cost?:: -* Who is responsible for agility?:: -@end menu - - -@c ..................................................................... -@node Easy versus simple, How does complexity affect agility?, Agility in your work, Agility in your work -@section Easy versus simple - -@cartouche -Just as we separate goals from actions, and strategy from tactics, -so we can separate what is easy from what is simple. Easy brings -short-term gratification, but simple makes the future cost less. -@end cartouche -@sp 1 - -@i{Easy} is about barriers to adoption. If there is a cost associated with -moving ahead that makes it hard: - -@itemize -@item A psychological cost -@item A cognitive cost -@item It takes too long -@item It costs too much money -@end itemize - -@i{Simple} is about what happens next. Once you have started, what happens if you -want to change something? - -Total cost of ownership is reduced if a design is simple, as there are -only a few things to learn in total. Even if those things are hard to -learn, it is a one-off investment and everything that follows will be easy. - -Unlike some tools, with CFEngine, you do not need to program `how' to -do things, only what you want to happen. This is always done by using the -same kinds of declarations, based on the same model. You don't -need to learn new principles and ideas, just more of the same. - - - -@c ..................................................................... -@node How does complexity affect agility?, An effective understanding helps agility, Easy versus simple, Agility in your work -@section How does complexity affect agility? -@sp 1 - - -In the past@footnote{Perhaps not just in the past. We are emerging -from an industrial era of management where mass producing everything -the same was the cheapest approach to scaling up services. However, -today personal freedom demands variety and will not tolerate such -oversimplification.}, it was common to manage change by making -everything the same. Today, the individualized @i{custom experience} -is what today's information-society craves. Being forced into a -single mold is a hindrance to adaptability and therefore to -agility. To put it another way, in the modern world of commerce, consumers -rule the roost, and agility is competitive edge in a market of many -more players than before. - -Of course, it is not quite that simple. Today, we live in a culture of -`ease', and we focus on what can be done easily (low initial -investment) rather than worrying about long term simplicity (Total -Cost of Ownership). - -At CFEngine, we believe that `easy' answers often suffer from the sin -of over-simplification, and can lead to risky practices. After all, anyone can make -something appear superficially easy by papering over a mess, or applying raw -effort, but this will not necessarily scale up cheaply over time. -Moreover, making a risky process `too easy' can encourage haste and -carelessness. - -Any problem has an intrinsic complexity, which can be measured by the -smallest amount of information required to manage it, without loss of control. - - -@sp 1 -@cartouche -@itemize -@item @i{Ease} is the absence of a barrier or cost to action. - -@item @i{Simplicity} is a strategy for minimizing Total Cost of Ownership. -@end itemize -@end cartouche -@sp 1 - -Making something truly simple is a very hard problem, but it is an -investment in future change. What is easy today might be expensive to make easy tomorrow. -But if something is truly simple, then the work is all up front in learning -the basics, and does not come -as an unexpected surprise down the line. - -At CFEngine, we believe in agility through simplicity, and so we -invest continuous research into making our technology genuinely simple for trained -users. We know that a novice user will not necessarily find CFEngine easy, but -after a small amount of training, CFEngine will be a tool for life, not just a hurried -deployment. - -Simplicity in CFEngine is addressed in the following ways: - -@sp 1 -@itemize -@item The software has few dependencies that complicate installation and upgrading. -@item Changes made are atomic and minimize dependencies. -@item Each host works as an independent entity, reducing communication fragility. -@item The configuration model is based on Promise Theory -- a very consistent and simple -approach to modelling autonomous cooperative systems. -@item All hosts run the same software agents on all operating -platforms (from mobile phones to mainframes), and understand a single common language of intent, which they can translate into native system calls. So there are few exceptions -to deal with. -@item Comprehensive facilities are allowed for making use of patterns and other total-information-reducing tactics. -@end itemize - -@sp 1 -A certain level of complexity might be necessary and desirable -- complexity is relative. -Some organizations still try to remain agile by avoiding complexity. However, the ability -to respond to complex scenarios often requires us to dabble with diversity. Avoiding -it merely creates a lack of agility, as one is held back by the need to -over-simplify. - - -@c ..................................................................... -@node An effective understanding helps agility, Maximizing business imperatives, How does complexity affect agility?, Agility in your work -@section An effective understanding helps agility -@sp 1 - -All configuration issues, including fitness for purpose, boil down to -three things: why, what and how. Knowing why we do something is the -most important way of avoiding error and risk of failure. Simplicity -then comes from keeping the `what' and the `how' separate, and -reducing the how to a predictable, repairable transaction. This is -what CFEngine's @i{convergent promise} technology does. - -Knowledge is an antidote to uncertainty. Insight into patterns, brings -simplicity to the information management, and insight into behaviour -allows us to estimate impact of change, thus avoiding the risk associated -with agility. - -@cartouche -In configuration `what' represents transitory knowledge, while `how' -is often more lasting and can be absorbed into the infrastructure. The -consistency and repairability of `how' makes it simpler to change what -without risk. -@end cartouche - - - -@c ..................................................................... -@node Maximizing business imperatives, What does agility cost?, An effective understanding helps agility, Agility in your work -@section Maximizing business imperatives - -Agility allows companies and public services to compete and address -the needs of continuous service improvement. This requires insight -into IT operations from business and vice versa. Recently, the -`DevOps' movement in web arenas has emphasized the need for a more -streamlined approach to integrating business-driven change and IT -operations. Whatever we choose to call this, and in whatever arena, -`connecting the dots between business and IT' is a major enabler for -agility to business imperatives. - -Some business issues are inherently complex, e.g. software -customization and security, because they introduce multifaceted -conflicts of interest that need to resolved with clear documentation -about @i{why}. - -@sp 1 -@cartouche -Be careful about choosing a solution because it has a low initial -outlay cost. Look to the long term cost, or the Total Cost of Ownership -over the next 5 years. - -Many businesses have used the argument: @i{everything is getting cheaper -so it doesn't matter if my software is inefficient -- I can brute force -it in a year's time with more memory and a faster CPU.} The flaw in this -argument is that complexity and scale are also increasing, and you will -need those savings down the line even more than you do now. -@end cartouche -@sp 1 -The ability to model our intentions in a clearly -understandable way enables insight and understanding; this, in turn, -allows us to anticipate and comprehend challenges. CFEngine's -knowledge management features help to make the configuration itself a -part of the documentation of the system. Instead of relying on command line tools -to interact, the user documents intentions (as `promises to be kept'). -These promises, and how well they have been kept, can be examined either -from the original specification or in the Mission Portal. - -In the industrial age, the strategy was to supply sufficient force to -a small problem in order to `control' it by brute force. In systems -today the scale and complexity are such that no such brute force -approach can seriously be expected to work. Thus one is reduced to a more even -state of affairs: learning to work with the environment `as is', -with clear expectations of what is possible and controlling only certain -parts on which crucial things depend. - - -@c ..................................................................... -@node What does agility cost?, Who is responsible for agility?, Maximizing business imperatives, Agility in your work -@section What does agility cost? -@sp 1 - -CFEngine is designed to have a low Total Cost of Ownership, by being -exceptionally lightweight and conceptually simple. The investment in -CFEngine is a `learning curve' that some find daunting. Indeed, at CFEngine, -we work on reducing this initial learning curve all the time -- but what -really saves you in the end is simplicity without over-simplification. - -@sp 1 -@cartouche -At a recent deployment in the banking sector, CFEngine replaced an incumbent software solution -where 200 machines were required to make the management infrastructure -scale to the task. - -CFEngine replaced this with 3 machines, and a reduced workforce. -After the replacement the clock-time required for system updates went -from 45 minutes to 16 seconds. -@end cartouche -@sp 1 - -The total cost of providing for agility can be costly or it -can be cheap. By design, CFEngine aims to make scale and agility -inexpensive in the long run. - -@c ..................................................................... -@node Who is responsible for agility?, , What does agility cost?, Agility in your work -@section Who is responsible for agility? -@sp 1 - -The bottom line is: you are! Diversity and customization are basic -freedoms that user-driven services demand in today's world, and having -the agility to meet changing desires is going to be an increasingly -important and prominent feature of IT, as we delve -further into the information-based society. - -@sp 1 -@cartouche -Competitive edge, response to demands, in both private sector and research, -makes agility the actual product of a not-too-distant tomorrow. -@end cartouche -@sp 1 - -Who or what makes agility a reality? The simple answer to this -question is everyone and everything. Change is a chain of dependent -activities and the weakest link in the chain is the limiting -factor. Often, that is human knowledge, since it is the part of the -chain that we take most for granted. - -CFEngine has been carefully designed to support agile operations for -the long term, by investing in knowledge management, speed and -efficiency. - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_ApplMgt.texinfo b/docs/guides/SpecialTopic_ApplMgt.texinfo deleted file mode 100644 index ca56fcc543..0000000000 --- a/docs/guides/SpecialTopic_ApplMgt.texinfo +++ /dev/null @@ -1,522 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-appmgt.info -@settitle Application Management -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Application Management -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine is able to install, update and uninstall services and -applications across all managed nodes in a platform-independent -manner. - -Updating software across all nodes can be made as simple as copying a -package to a software server. Thereafter, applications can be managed -and customized using CFEngine. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is Application Management?, (dir), (dir) -@top Application Management -@menu -* What is Application Management?:: -* How can CFEngine help?:: -* Package management:: -* Enterprise Software Reporting:: -* Integrated software installation:: -* Customizing applications:: -* Starting and stopping software:: -* Auditing software applications:: -@end menu - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is Application Management?, How can CFEngine help?, Top, Top -@unnumberedsec What is Application Management? -@sp 1 - -Application management concerns the deployment and updating of -software, as well as customization of for actual use, in other words -all the activities required to make an application ready for -use. Initially, software installation packages must be deployed on -host machines, however, we frequently encounter the need to update software due -to security flaws, bugs or new features. - -It is generally unwise to let every application update itself -automatically to the newest version from the internet; we want to -decide which version gets installed and also make sure that the load -on the network does not impair performance during mass-updates. Equally -important is making sure certain applications are not present, -especially when they are known to have security issues. - -Using CFEngine, you can verify that the software is in a -promised state and is properly customized for use. - -@node How can CFEngine help?, Package management, What is Application Management?, Top -@unnumberedsec How can CFEngine help? -@sp 1 - -CFEngine assists with application management in a number of ways. Following -the BDMA lifecycle, we note: - -@table @i -@item Build -CFEngine can be used to automate the build of packaged software releases -using standardized or custom package formats. -@item Deploy -CFEngine can distribute and install packaged software on any kind of platform. -@item Manage -CFEngine can start, stop, restart, monitor, and upgrade, and customize software -applications. -@item Audit -CFEngine can monitor and report on packages and patches installed on systems and their -versions and status. -@end table - -@node Package management, Enterprise Software Reporting, How can CFEngine help?, Top -@unnumberedsec Package management -@sp 1 - -Application management is simple today on most operating systems due to the -introduction of @i{package systems}. - -All major operating systems now have some sort of package management -system, e.g. RPM for Linux, and MSI for Windows. However, their -capabilities and methods vary greatly. Moreover, the packages they need -to install have to be made available to the hosts that need them and -the package manager has to be executed at the right time and -place. This is where CFEngine assists. - -Some package managers support online automatic access of online -repositories and can download data from the network. Others have to -have packages copied to local storage first. CFEngine can work with -both types of system to integrate software management. -@itemize -@item CFEngine communicates with the system using its own standards -to utilize the approach suitable for that software system. -@item Custom software repositories can be made, and CFEngine's -agents can perform this distribution -by collecting software packages to local storage and then -installing from there. -@end itemize - -When software packages are available on local storage, CFEngine -can check whether they are already installed, and if so, which version -and architecture are installed. This, in turn, can be verified against -the policy for the software --- should it indeed be installed, updated or -removed? - -Using the CFEngine standard library, agents know how to talk to the -native package manager to query information and get the system into -the desired state. - -CFEngine can edit configuration files in real time to ensure that -applications are customized to local needs at all times. - - - -@node Enterprise Software Reporting, Integrated software installation, Package management, Top -@unnumberedsec Enterprise Software Reporting -@sp 1 - -In commercial releases of CFEngine, the state of software installation -is reported centrally and is easily accessible through the Knowledge -Map. - -Commercial editions of CFEngine also support querying Windows machines -for installed MSI packages and thus allows for easy software -deployment in heterogeneous Unix and Windows -environments. - -@node Integrated software installation, Customizing applications, Enterprise Software Reporting, Top -@unnumberedsec Integrated software installation -@sp 1 - -CFEngine gives complete freedom to users, so there are many -ways to design a system that achieves a desired software end-state. Consider -the following example setup which ensures that one particular -application is up to date on all hosts. The procedure below is -very similar to the way that commercial CFEngine editions update. - -Rather than using an OS-specific package repository, like yum, we -create a universal approach using CFEngine's distribution and -installation promises. - -We first look at the example on an RPM system, then we show the -modifications required to handle Windows instead. The examples -use body parts from the standard library. - -@sp 1 -@center @image{update,10cm,,Updating software.,png} -@sp 1 - - - -@menu -* Distributing software packages to client hosts:: -* Stopping and restarting an application for update:: -* Adapting to Windows:: -* Notes on Windows systems:: -@end menu - -@node Distributing software packages to client hosts, Stopping and restarting an application for update, Integrated software installation, Integrated software installation -@unnumberedsubsec Distributing software packages to client hosts - -To begin with, we promise that the relevant software packages will be locally -available to the agents from software servers, i.e. we promise that a -local copy of all deployed software packages will exist in the -directory @file{/software_repo} on local storage. The copy will be collected -and compared against a directory called @file{/master_software_repo} -on host @code{server.example.org} in this example. - -@sp 1 -@cartouche -We say that this approach is @file{data-driven} because, by placing -software package data in the central repository, client hosts update -automatically, as they promise to subscribe to the data. -@end cartouche - -@sp 1 - -@verbatim -files: - - "/software_repo" - - comment => "Copy app1 updates from software server", - copy_from => remote_cp("/master_software_repo/app1/$(sys.flavour)", - "server.example.org"), - depth_search => recurse("inf"), - classes => if_repaired("newpkg_app1"); - -@end verbatim - -When the agent copies a relevant software package from the software -server (@code{sys.flavour} is the local operating system), the class -@code{newpkg_app1} will get defined. This class can act as a trigger -to stop the application, update it, and start it again. - -@node Stopping and restarting an application for update, Adapting to Windows, Distributing software packages to client hosts, Integrated software installation -@unnumberedsubsec Stopping and restarting an application for update - -On some operating systems, software cannot be updated while it is running. -CFEngine can promise to enure that a program is stopped before update: - -@verbatim -processes: - - newpkg_app1:: - - "app1" signals => { "term", "kill" }; - -@end verbatim - -CFEngine @i{normal ordering}, ensures that @code{processes} -promises are always run prior to @code{packages} promises, so the -application will be stopped before updated. Next we promise the -version of the software we want to install. In this case, any -version greater than 1.0.0. - -@verbatim -packages: - - newpkg_app1:: - - "app1" - - package_policy => "update", - package_select => ">=", - package_architectures => { "i586" }, - package_version => "1.0.0", - package_method => rpm_version("/software_repo"), - classes => if_else("app1_update", "app1_noupdate"); -@end verbatim - - -By promising carefully what package and version you want, using -@code{package_policy}, @code{package_select}, and -@code{package_version}, CFEngine can keep this promise by updating to -the latest version of the package available in the directory -repository @file{/software_repo}. If the available versions are all -`less than' than "1.0.0", an update will not take place. The -@code{package_version} specification should match the versioning -format of the software, whatever it is, e.g. you would write something -like "1.00.00.0" if two digits were used in the two middle version -number positions. - -@sp 1 -@cartouche -CFEngine automatically adapts its versioning -to the conventions used by individual package schemas. -@end cartouche -@sp 1 - -To summarize, in order for CFEngine to be able to match installed packages with the -ones in the directory repository, the same naming convention must be -applied. That is, the package name, version and architecture must have -the same format in the list of installed packages as the file names of -available packages. - -From the promise above, we see that CFEngine will interpret -@code{app1} as the name, @code{1.0.0} as the version and @code{i586} -as the architecture of the package. Using this while looking at the -@code{package_name_convention} in the rpm package method, we see that -CFEngine will look for packages named as @code{app1-X.Y.Z-i586.rpm}, -with X, Y, Z producing the largest version available in the directory -repository. If an available version is larger than the one installed, -an update will take place --- the update command is run. - -Finally, we set classes from the software update in case we want to -act differently depending on the outcome. - -Replacing the policy @samp{update} with @samp{add} is all that is -required to install the package (once) instead of updating. Using policy -@samp{add} will do nothing if the package is already installed, but -installs the largest version available if it is not. Use -@code{package_select => "=="} to install the exact version instead of -the largest. - - -@node Adapting to Windows, Notes on Windows systems, Stopping and restarting an application for update, Integrated software installation -@unnumberedsubsec Adapting to Windows - -@sp 1 - -To adapt our example to Windows, we change the path to the local -software repository from @file{/software_repo} to @file{c:\software_repo}, to -support the Windows path format. Other than that, all we have to -change is the @code{package_method}, yielding the following. - -@verbatim - - package_method => msi_version("c:\software_repo"), - -@end verbatim - -Refer to the @code{msi_version} body in the standard library. - -@node Notes on Windows systems, , Adapting to Windows, Integrated software installation -@unnumberedsubsec Notes on Windows systems - -CFEngine implements Windows packaging using the MSI subsystem, -internally querying the Windows Management Interface for information. However, -not all Windows systems have the reqired information. - -CFEngine relies on the name (lower-cased with spaces replaced by -hyphen) and version fields found inside the msi packages to look for -upgrades in the package repository. - -Problems can arise when the format of these fields differ from their -format in the file names. For example, a package file name may be -@code{7zip-4.65-x86_64.msi}, while the product name in the msi is -given as @code{7-Zip 4.65 (x64 edition)}, and the version is -@code{4.65.00.0}. - -For the formats to match, we can change the product name to -@code{7zip} and the version to @code{4.65} in the msi-package. Free -tools such as @code{InstEd} can both view and change the product name -and version (Tables->Property->ProductName and ProductVersion). - - -@node Customizing applications, Starting and stopping software, Integrated software installation, Top -@unnumberedsec Customizing applications - -@sp 1 -By definition, we cannot explain how to customize software for all -cases. For Unix-like systems however, software customization is -usually a matter of editing a configuration text file. CFEngine can -edit files, for instance, to add a configuration line to a file, you -might so something like this: - -@verbatim -bundle agent my_application_customize -{ -files: - - "$(prefix)/config.cf" - - comment => "Set the permissions and add a line...", - perms => mo("0600","root"), - edit_line => append_if_no_line("My custom setting..."); -} - -@end verbatim -@noindent To set a number of variables inside a file, you might do something like this: -@verbatim -bundle agent my_application_customize -{ -vars: - - # want to set these values by the names of their array keys - - "rhs[serverhost]" string => "123.456.789.123"; - "rhs[portnumber]" string => "1234"; - "rhs[admin]" string => "admin@example.org"; - -files: - - "$(prefix)/config.cf" - - comment => "Add new variables or set existing ones", - edit_line => set_variable_values("setvars.rhs"); - -} - -@end verbatim -You can also create file templates with customizable variables using -the @code{expand_template} method from the standard library. - -@node Starting and stopping software, Auditing software applications, Customizing applications, Top -@unnumberedsec Starting and stopping software - -CFEngine is promise or compliance oriented. You promise whether software will be -running or not running at different times and locations by making -@code{processes} or @code{services} promises. - -To start a service, you might do something like this: - -@verbatim -processes: - - "myprocess" restart_class => "start_me"; - -commands: - - start_me:: - - "/path/to/software" - - # ... many security options, etc - -@end verbatim -@noindent or using services -@verbatim -services: - - windows:: - - "Dhcp" - service_policy => "start", - service_dependencies => { "Alerter", "W32Time" }, - service_method => winmethod; - -@end verbatim -To stop a service, you take one of these approaches: - -@verbatim -processes: - - "badprocess" - signals => { "term", "kill" }; - - "snmp" - process_stop => "/etc/init.d/snmp stop"; - -@end verbatim - - - -@node Auditing software applications, , Starting and stopping software, Top -@unnumberedsec Auditing software applications - -@sp 1 -Commercial Editions of CFEngine generate reports about installed -software, showing package names and versions that are installed. -There is a huge variety in the functionality offered by different -package systems. The most sophisticated package managers are those -provided by OpenSuSE Linux and RedHat. These know the difference -between installation packages and software updates and can keep -track of installed software transparently. Most package systems -have fewer functions. - -CFEngine tries to make the best of each package system to collect -information about the state of software. In commercial editions -you have access to reports on the software installed on each system -in the network, to the extent permitted by the software subsystems -on those hosts. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_BDMA.texinfo b/docs/guides/SpecialTopic_BDMA.texinfo deleted file mode 100644 index e5977f9dad..0000000000 --- a/docs/guides/SpecialTopic_BDMA.texinfo +++ /dev/null @@ -1,335 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-bdma.info -@settitle BDMA -@setchapternewpage odd -@c %** end of header - -@titlepage -@title BDMA -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Build, Deploy, Manage, Audit is a simple and traditional model of the -IT infrastructure lifecycle, based on human workflows and -processes. CFEngine's approach to the IT infrastructure is somewhat -different, but the four pillars of the lifecycle can still be -addressed in the framework of automation. This guide explains how to -think about the IT infrastructure lifecycle when using CFEngine. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is BDMA?, (dir), (dir) -@top BDMA -@menu -* What is BDMA?:: -* Stem cell hosts:: -* Recommendations for Build:: -* Recommendations for Deploy:: -* Recommendations for Manage:: -* Recommendations for Audit:: -* Summary BDMA workflow:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is BDMA?, Stem cell hosts, Top, Top -@unnumberedsec What is BDMA? -@sp 1 - -The four mission phases are sometimes referred to as - -@table @emph -@item Build -A mission is based on decisions and resources that need to -be put assembled or `built' before they can be applied. This is -the planning phase. - -In CFEngine, what you build is a template of proposed promises for the -machines in an organization such that, if the machines all make and -keep these promises, the system will function seamlessly as -planned. This is how it works in a human organization, and this is how -is works for computers too. - -@item Deploy -Deploying really means launching the policy into production. In -CFEngine you simply publish your policy (in CFEngine parlance these -are `promise proposals') and the machines see the new proposals and -can adjust accordingly. Each machine runs an agent that is capable of -keeping the system on course and maintaining it over time without -further assistance. - -@item Manage -Once a decision is made, unplanned events will occur. Such incidents -traditionally set off alarms and humans rush to make new transactions -to repair them. Under CFEngine guidance, the autonomous agent manages -the system, and humans only manage knowledge and have to deal with -rare events that cannot be dealt with automatically. - -@item Audit -CFEngine performs continuous analysis and correction, and commercial -editions generate explicit reports on mission status. Users can sit -back and examine these reports to check mission progress, or examine -the current state in relation to the knowledge map for the mission. - -@end table - -@image{BDMA_model,12cm,,,,png} - - -@node Stem cell hosts, Recommendations for Build, What is BDMA?, Top -@unnumberedsec Stem cell hosts -@sp 1 -At CFEngine we talk about stem cell hosts. A stem cell host is a generic -foundation of software that is the @i{necessary and sufficient} basis for -any future purpose. To make a finished system from this stem cell host, -you only have to `differentiate' the system from this generic basis by running CFEngine. - -Differentiation of hosts involves adding or subtracting software packages, -and/or configuring the basic system. This strategy is cost effective, -as you do not have to maintain more than one base-line `image' for -each operating system; rather, you use CFEngine to implement and -maintain the morphology of the differences. Stem cell hosts are -normally built using PXE services by booting and installing automatically -from the network. - -@node Recommendations for Build, Recommendations for Deploy, Stem cell hosts, Top -@unnumberedsec Recommendations for Build -@sp 1 -There are many approaches to building complete systems. -When you use CFEngine, you should try to progress from -thinking only about putting bytes on disks, to planning -a long term set of promises to keep. - -@itemize -@item What services do you want to support? -@item What promises do you want to keep concerning these services? -@item Are these promises sustainable and convergently implementable? -@item Formulate proposed intentions in the form of CFEngine promises. -@item Discuss the impact of these in your team of CFEngine Mission Specialists (more than one pair of eyes). -@end itemize - -It is worth spending extra time in the build planning to simplify -your system as much as possible. A clear formulation here will save -time both in maintenance and training later, as employees come and go. -The better you understand your intentions, the simpler the system will be. - -We cannot emphasize enough the value of the promise discipline. If you can -formulate your requirements as promises to be kept, you have identified not only -what, where, when and how, but also who is responsible and affected by every promise. - -Building systems is resource intensive. CFEngine works well with @b{rPath}, allowing optimized -build that can shave off many minutes from the build time for machines. CFEngine can then take over where -rPath leaves off, performing surgically precise customization. - -@node Recommendations for Deploy, Recommendations for Manage, Recommendations for Build, Top -@unnumberedsec Recommendations for Deploy -@sp 1 - -Deploying a policy is a potentially dangerous operation, as it will -lead to change, with associated risk. Side-effects are common, and -often result from incomplete planning. (See the CFEngine Special -Topics Guide on @i{Change Management}). - -The following sequence forms a checklist for deploying successful policy change: -@enumerate -@item Discuss the impact of changes in the team. -@item Commit the changes to promises in version control, e.g. subversion. -@item Make a change in the CFEngine input files. -@item Run the configuration through @samp{cf-promises --inform} to check for problems. -@item Move the policy to a test system. -@item Try running the configuration in dry-run model: @samp{cf-agent --dry-run} -@item Try running the policy once on a single system, being observant of unexpected behaviour. -@item Try running the policy on a small number of systems. -@item Construct a test environment and examine the effect of these promises in practice. -@item Move the policy to the production environment. -@item If possible, test on one or a few machines before releasing for general use. -@end enumerate - -CFEngine recommends a process of many small incremental changes, rather than large -high-risk deployments. - -CFEngine allows you to apply changes at a much finer level of granularity than -any package based management system, thus it complements basic package management with -its deployment and real time repair (see next section). - - -@node Recommendations for Manage, Recommendations for Audit, Recommendations for Deploy, Top -@unnumberedsec Recommendations for Manage -@sp 1 - -Managing systems is an almost trivial task with CFEngine. Once a model -for desired state has been created, you just sit back and watch. You -should be ready for `hands free' operation. No one should make changes -to the system by hand. All changes should follow the deployment -strategy above. - -All that remains to do is wait for email alerts from CFEngine and to -browse reports about the system state. In CFEngine Nova, these reports -are generated automatically and integrated into the system knowledge -base. - -Most email alerts from CFEngine are information only. It is possible -(but not recommended) to make CFEngine very verbose about its -operations. It is common to look for confirmation early in the phase -of adopting CFEngine, as trust in the software is building. Eventually -users turn off the verbosity and the default is for CFEngine to send -as little email or output as possible. - -@cartouche -Consider a single line E-mail, in confirmation of a change, arriving -from 1000 computers in a single day. Learning to trust the software -saves unnecessary communication and needless human involvement. -The Nova Mission Portal makes notification and alerting largely -unnecessary. -@end cartouche - -@node Recommendations for Audit, Summary BDMA workflow, Recommendations for Manage, Top -@unnumberedsec Recommendations for Audit -@sp 1 - -Auditing systems is a continuous process when using CFEngine -Nova. Report data are collected on a continuous and distributed -basis. These data are then collected from each distributed location -according to a schedule of your choosing to collate and integrate the -reports from all systems. - -The reports CFEngine provides are meant to offer simple summaries of -the kind of information administrators need about their environment, -avoiding unnecessary detail. - -@table @emph -@item Available patches report -Patches already installed on system if available. -@item Classes report -User defined classes observed on the system -- inventory data. -@item Compliance report -Total summary of host compliance, all promises aggregated over time. -@item File_changes report -Latest observed changes to system files with time discovered. -@item File_diffs report -Latest observed differences to system files, in a simple diff format. -@item Hashes report -File hash values measured (change detection). -@item Installed patches report -Patches not yet installed, but published by vendor if available. -@item Installed software report -Software already installed on system if available. -@item Lastseen report -Time and frequency of communications with peers, host reliability. -@item Micro-audit report -Generated by CFEngine self-auditing. This report is not aggregated. -@item Monitor summary report -Pseudo-real-time measurement of time series data. -@item Performance report -Time cost of verifying system promises. -@item Promise report -Per-promise average compliance report over time. -@item Promises not kept report -Promises that were recently un-kept. -@item Promises repaired report -Promises that were recently kept by repairing system state. -@item Setuid report -Known setuid programs found on system. -@item Variables report -Current variable values expanded on different hosts. -@end table - -@node Summary BDMA workflow, , Recommendations for Audit, Top -@unnumberedsec Summary BDMA workflow -@sp 1 - -@enumerate -@item Define a stem cell host template -@item Set up PXE network booting and kickstart / jumpstart OS tools with CFEngine integrated -@item Get CFEngine running and updating on all hosts, but making no system changes. -@item Define a service catalogue. -@item Discuss and formulate a policy increment, thinking convergence at all times -@item Publish (deploy) the policy. -@item Follow emails and reports in the CFEngine Knowledge Map (Manage). -@item Adjust policy if necessary, following procedures for change management (Manage) -@item View reports (or enjoy the silence) to audit system state. -@end enumerate - -CFEngine works well with package based management software. Users of -rPath, for example, can achieve substantially improved efficiency in -the build phase. CFEngine takes over where package based systems leave -off, providing an unprecedented level of control `hands free'. - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Change.texinfo b/docs/guides/SpecialTopic_Change.texinfo deleted file mode 100644 index 7e54311e37..0000000000 --- a/docs/guides/SpecialTopic_Change.texinfo +++ /dev/null @@ -1,634 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-change.info -@settitle Change Management and Incident Repair -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Change Management and Incident Repair -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Change Management is about the planning and implementation -of intended changes to an IT system, as well as the detection, -documentation and possible repair of unintended changes. -Change Management involves the assessment of current system state, -the planning, testing and quality assurance cycles, and -scheduling of improvements. - -This guide explains change management in the -framework of CFEngine's self-healing automation. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009, updated 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - - -@node Top, What is change management?, (dir), (dir) -@top Change Management -@menu -* What is change management?:: -* Regulation - authorized and unauthorized change:: -* Intended and unintended change:: -* How fast should changes be made?:: -* Partially centralized change:: -* The decision point:: -* Promises about change vs state:: -* Promises about change:: -* Change management and knowledge management:: -* Non-destructive change:: -* Change and convergence:: -* The change decision process or release management:: -* Deploying policy changes:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is change management?, Regulation - authorized and unauthorized change, Top, Top -@unnumberedsec What is change management? -@sp 1 -Change Management is about the planning and implementation -of intended changes to an IT system, as well as the detection, -documentation and possible repair of unintended changes. -Change Management involves the assessment of current system state, -the planning, testing and quality assurance cycles, and -scheduling of improvements. - -There are many accounts of change management in the industry. Often -these make assumptions about the management framework being used. In -the context of CFEngine automation, some of these approaches are -considered antiquated. This guide explains change management in the -framework of CFEngine's self-healing automation. - -@node Regulation - authorized and unauthorized change, Intended and unintended change, What is change management?, Top -@unnumberedsec Regulation: authorized and unauthorized change -@sp 1 - -It is common to speak of @i{authorized} and @i{unauthorized} change in -the IT industry. Many organizations think in these authoritarian terms -and use management techniques designed for a slower-moving -world. Today's e-commerce companies usually have much more agile and -dynamical processes for change. - -The purpose of change regulation is to minimize the risk of actions -taken by humans, i.e. to avoid human error. This approach makes sense -in low-tech companies that have environments where change is only -about long-term wear and tear or intended modifications to -infrastructure (like a adding new building, or fitting a new gasket on -a car). In today's IT-driven organizations, problems arise a thousand -or more times faster than that, and a new approach is needed. - -Procedures for change, based on legacy regulative methods are incorporated -into popular frameworks for human management, such as ITIL. They begin -by making a formal Request For Change (RFC), which is processed by -management in order to secure permission to exercise a change during -an allocated time-window. In some cases, an ordinary repair such as -restarting a server could take weeks to process, as mandatory Root -Cause Analysis (RCA) is undertaken. The Mean Time To Repair (MTTR) is -dominated by internal bureaucracy. - -Today's IT-based organizations, experience unintended change too quickly -for such a process however, and there is a real risk of lost revenues -from not repairing issues quickly. As many organizations are fearful -of litigation or management reprisals, preferring to err on the side of -caution, it is necessary to evaluate the best strategy for avoiding -exposure to risk. -To use automation effectively, it makes sense to separate change management -into two phases: -@itemize -@item Change of policy itself - which defines desired state. - -Policy has a strategic impact, and its change deserves a process that includes -expert opinions, staged testing and ultimately a phased deployment -during a controllable time-window. - -@item Change that brings systems into compliance with policy. - -Once policy is frozen for a period of time, any unintended changes -must be considered infractions (non-compliance), and repairs should be made according -to what has already been decided. This should happen without delay, -rather than starting a new process to delay action. The ethical issue -is now turned on its head: execessive caution in fixing what has -already been decided may be seen as prevarication and even negligence. - -@end itemize - -@cartouche -The CFEngine way of managing change is to migrate systems through -states of @i{stable equilibrium}. One should not believe that systems -continue flawlessly because no intended changes are made. Change -management with CFEngine should be about planning one stable state -after another, but expecting run-time errors. The rate at which you -move through revisions of stable policy depends on your needs. -The rate at which compliance is repaired should be `as soon as possible'. - -To use an analogy: if policy changes are like take-off and landing, -then a period of stable operations is like a smooth flight, on course -to the correct destination. If unintended changes happen to change -that, like the weather, immediate course corrections should be made to -avoid loss. -@end cartouche - - -@node Intended and unintended change, How fast should changes be made?, Regulation - authorized and unauthorized change, Top -@unnumberedsec Intended and unintended change -@sp 1 - -To institue a rational approach to change management, i.e. one that is -suited to business's operational time-scales, we need to think about -separating change into two the categories implied above: change by -design and change by fate. It is desirable to exercise due diligence -in the design of a system's intended state, but we must be ready to -quickly repair faults that might disrupt business services. We need -to distinguish: -@itemize -@item Purposeful change of an intended policy (planning). -@item Change in the actual system state and behaviour (implementation and maintenance). -@end itemize -What is intended and what actually happens should not be confused. -It is impossible to `lock down' or fully control changes made to -computer systems, without switching them off. A mandatory level of risk -must be anticipated. - - -@cartouche -It is by defining a desired operational state that one can avoid re-processing -every since repair to a system. -@end cartouche - -@node How fast should changes be made?, Partially centralized change, Intended and unintended change, Top -@unnumberedsec How fast should changes be made? -@sp 1 - -Time scales are crucially important in engineering, and deserve equal -importance in IT management. Ask yourself: how do you know if -something is changing or not? You've probably heard catchetisms such -as: - -@itemize -@item A watched kettle never boils. -@item Tempus fugit (time flies). -@end itemize - -These phrases capture the idea that, if we expect to see change at a -certain rate, it is possible to miss changes that occur at either a -faster or slower rate. When we manage a @i{dynamical} process, we have -to attend to the system at the same rate as change takes place. - - -If there is a process changing the system once a day, then to keep the -system aligned with its desired state, there must be a corrective -process that repairs this once per day (the Mean Time To Repair or -MTTR should be the same as the Mean Time Before Failure MTBF), else -the system will experience significant deviations from policy. In the -worst case, this could result in security leaks or loss of -revenue. This is not the full story of course: there will always be -some delay between error and repair (actual time to repair). To -minimize the impact of lost compliance and deviations from intended -state, changes should be made before serious consequences can ensue -that require more significant repairs@footnote{For example, suppose a -process runs out of control and starts filling up logs with error -messages -- the disk might fill up and cause a much more serious -problem, such as a total system failure with crash, is this were left unattended.}. - -Thus, mean time to repair is not a metric that should be used to -define ideal time to repair. The ideal time should be that which -minimizes the risk of losses to operations, and therefore revenues. - -The advantage of CFEngine's two-phase approach to change is that -approved changes can be made a quickly as possible, without -significant use of resources. CFEngine's lightweight agents can -run every five minutes to achieve a tight alignment with operational -and business goals. - -@sp 1 -@cartouche -In information theory, Nyquist's theorem says that, in order to properly -track (and potentially correct) a process that happens at rate @math{R}, -one must sample the system at twice this rate @math{2R}. -In CFEngine, we have chosen a repair resolution of 5 minutes for configuration -sampling, because measurements show that many system characteristics have -auto-correlations times of 10-20 minutes@footnote{Nyquist's -theorem is the main reason why CD-players sample at 44kHz in order to cover the -audible spectrum of 22kHz for most young people. Even though hearing deteriorates -with age, and most people cannot hear this well, it provides a quality margin.}. -@end cartouche - -@node Partially centralized change, The decision point, How fast should changes be made?, Top -@unnumberedsec Partially centralized change -@sp 1 - -It is not necessary to assume a central model of authority to manage -change. Indeed, many CFEngine users have highly devolved organizations -with many decision makers. Federated regions of an organization can -maintain independent policies, aligned with different cultures if -necessary. - -@sp 1 -@cartouche -What may be problematic is to have teams that are not aligned, so that -there are @i{conficting intentions}. In this case, one individual -might instigate a change that conflicts with another. This often -happens in `hit'n'run system administration', where there is no concerted -plan or modus operandi. -@end cartouche - -@sp 1 -To keep federated teams aligned with common criteria for policy, -strong communication is required. For this we provide access to -information through the Mission Portal. This shows the policy itself -in different regions, as well as reports about the compliance of -systems. Users can also exchange messages about their intentions, -through policy comments and personal logs in the system. - - -@node The decision point, Promises about change vs state, Partially centralized change, Top -@unnumberedsec The decision point -@sp 1 - - -By making all changes through a single point of control and -verification, you avoid@footnote{Promise theory tells us that -coordination requires mutual agreement between all agents that work in -a coordinated way on common resources. Every decision necessarily -comes from a single point of origin (but there could be many of these, -making non-overlapping decisions); consistency only starts to go -wrong when intentions about common resources conflict.} the -problem of multiple intentions, because all intentions will be -clear to see. CFEngine works with promises, because a promise -is simply the expression of an intention. - -@image{arch,15cm,,The CFEngine architecture,png} - -If you work in a federated environment, then each distinct region of -policy can have its own policy server or hub. These will not conflict, -unless a host subscribes to updates from more than one hub. - -@node Promises about change vs state, Promises about change, The decision point, Top -@unnumberedsec Promises about change vs state -@sp 1 - -CFEngine works by keeping promises, so think about how promises -apply to change. - -You could promise to @i{make} a change, but that is a very weak -promise because it would be kept by a single transitory event (the -moment at which the change is made) and then it would go away. To -have control over your system at all times you need to make promises -about @i{state}, because state is something that persists for long -times, and thus the promise persists. - -When we care about the state of a system, we make promises that describe -that state at all times, because we know that there might be other -forces for change that can bring about unintended states. If we intend the -state of the system to persist, we should promise that. -Thinking always about periods of stable equilbrium will minimize issues -with non-compliance. - -@sp 1 -@cartouche -To make a change of state, you should think about @i{changing the promises} -that describe your desired state, not about @i{promising to make a change} of state. -@end cartouche -@sp 1 - -An analogy: think of change management as navigation though a sea of possible -states. If you promise changes, you promise to alter course relative -to your current state, e.g. turn left, turn right, alter heading by 10 -degrees to starboard, etc. However, you are now vulnerable to things -you don't know about. Winds and currents blow you off course and can -lead to unintended changes that invalidate these course corrections, -if you have not promised to monitor and avoid them. That is why -modern navigators use @i{beacons}. - -In CFEngine, a beacon is a promise of desired end-state (the end of -your journey). It's the place you want to be -- and the journey -doesn't interest you. Navigators used fixed stars, lighthouses and -now artificial radio signals to guide ships and planes on their -intended course at all times, because beacons promise absolute desired -location, not relative instructions to get there. CFEngine uses -promises in the same way, to guide systems to their desired outcomes, -not merely a script of relative corrections. So CFEngine works somewhat like a -system auto-pilot. - -@node Promises about change, Change management and knowledge management, Promises about change vs state, Top -@unnumberedsec Promises about change -@sp 1 - -To help you think of change in terms of promises, consider the following -promises made during change management, with CFEngine examples. -@table @i - -@item You promise a desired state for your system (beacon). - -@verbatim -packages: - - "apache" - - comment => "Ensure Apache webserver installed", - package_policy => "add", - package_method => yum; - -processes: - - "apache" - - comment => "Ensure apache webserver running", - restart_class => restart_apache; - -@end verbatim - -@item You change a promise you have made about state to promise a new desired state. - -You edit @file{promises.cf} and track the changes using a change management repository -like Subversion or CVS. - -@item A third party promises a change and we promise to accept that change. - -@verbatim -packages: - - "apache" - - comment => "Ensure Apache webserver up to date", - package_policy => "update", - package_method => yum; - -@end verbatim - -@item We promise to monitor unintended changes. - -@verbatim - -files: - - "/usr" -> "Security team" - - changes => detect_all_change, - depth_search => recurse("inf"); - -@end verbatim - -@item We promise two conflicting outcomes (a validation error to be corrected). - -Conflicts of intention are easy to see when they are mediated by CFEngine. -@verbatim - -files: - - "/etc/passwd" -> "Security team" - perms => owner("root"); - - "/etc/passwd" -> "Security team" - perms => owner("mark"); - -@end verbatim - - -@end table - -Perhaps you can think of more promises for your own organization. CFEngine encourages -promise thinking because it promotes stable expectations about the system. Let us -underline what traditional approaches ignore about change management: - -@sp 1 -@cartouche -If you have made no promise about your system state, you should not be -surprised by anything that happens there. You cannot assume that no -change will happen. -@end cartouche -@sp 1 - -@node Change management and knowledge management, Non-destructive change, Promises about change, Top -@unnumberedsec Change management and knowledge management -@sp 1 - -The decision to manage change is an economic trade-off. The more -promises we make about state, the higher the cost of keeping them. You -have to decide how much you are willing to spend on navigating change. - -CFEngine makes desired state cheap, but the true cost of change -management is not implementation but the cost of @i{changing -knowledge}, i.e. losing track of your place within your intentions. If -your system behaviour is dominated by changing external currents that -you ignore, you will constantly be fighting to steer reactively. - -Knowledge Management is necessary to maintain a guidance system that -makes course programming reliable and effective. CFEngine allows you -to document all of your intentions as promises to be kept. CFEngine -Nova additionally provides a continuously updated knowledge map as -part of its `auto-pilot navigation' facilities, based on what we -promise and what it discovers about the environment impacting on -systems. Hence, it tracks both promised state, and unintended changes. - -Lack of knowledge about your system is the cause of unexpected -side-effects and unpleasant surprises. The key to predictability in -system operations is CFEngine's core principle of @i{convergence}. -CFEngine Missions Specialists always think @i{convergence}. - -@node Non-destructive change, Change and convergence, Change management and knowledge management, Top -@unnumberedsec Non-destructive change -@sp 1 - -The IT industry, for the most part, has not really progressed beyond -the idea of baselining systems. In the traditional conception of -change management you start by baselining, i.e. establishing a known -starting configuration. Then you generally assume that you are the -only source of change. If something goes wrong you do not try to -repair the fault, but merely start again, destroying and rebuilding. - -In fact, all kinds of things change beyond our control all the -time. Bugs emerge, items are stolen, things get broken by accident and -external circumstances conspire to confound the order we would like to -preserve. The suggestion that only authorized people actually make -changes is simply wrong. - -@sp 1 -@center @image{demolish,8cm,,Rollback,png} -@sp 1 - -In reality, circumstances are part of the picture, as well as changing -inventory and releases. CFEngine uses the idea of ``convergence'' -(see figure below) to ensure desired state, independently of where you -start from. In this way of thinking, the configuration details might -be changing in a quite unpredictable way, and it is our job to -continuously monitor and repair this general dilapidation. Rather than -assuming a constant state in between changes, CFEngine assumes a -constant ``ideal state'' or @emph{goal} to be achieved at all -times. - -@node Change and convergence, The change decision process or release management, Non-destructive change, Top -@unnumberedsec Change and convergence -@sp 1 - -Change requires action, and implementation is the most dangerous part -of change, as it leads to consquences that a difficult to predict, especially -if you have incomplete knowledge of your environment. - -Reliabilty and dependability on promises requires you to think about -the convergence of all change operations. Many change procedures fail -because they are built in a highly fragile manner (left hand figure): -you require exact knowledge of where you start from, and you have a recipe -that (if applied once and only once) will take you to the desired end state. - -@sp 1 -@center @image{convergence,12cm,,Rollback,png} -@sp 1 -Such a procedure cannot maintain the desired state, without -demolishing it and rebuilding it from scratch. -With CFEngine you focus on the end state (right hand figure), not -where you start from. Every change, action or recipe may be -repeated a infinite number of times@footnote{Some writers like to call this -property idempotence.} without adverse consquences, -because every action will only bring you to the desired state, no matter -where you start from. - -@node The change decision process or release management, Deploying policy changes, Change and convergence, Top -@unnumberedsec The change decision process or release management -@sp 1 - -The process of managing intended changes is often called @i{release -management}. A @emph{release} is a collection of authorized changes -to the promises of desired state for a system. - -A release is traditionally a larger umbrella under which many smaller -changes are made. Changes are assembled into @emph{releases} and then -they are `rolled out'. - -@sp 1 -@cartouche -At CFEngine we encourage many small, incremental changes above -large risky changes, as every change has unexpected consequences, -and small changes minimize risk. (See the Special Topics Guide -on BDMA.) -@end cartouche -@sp 1 - -Release management is about the -designing, testing and scheduling the release, i.e. everything to do with -the release process except the explicit implementation of it. - -New releases are usually made in response to the occurrence of -unintended changes, called @emph{incidents} (incident management). An -incident is an event that leads to unintended behaviour. The root -cause of many incidents is often called a @emph{problem} (problem -management). One goal of CFEngine is to plan pro-actively to handle -incidents automatically, thus taking them off the list of things to -worry about. Changes can introduce new incidents, so it is important -to test changes to promises in advance. - -@enumerate -@item Formulate proposed intentions in the form of promises. -@item Discuss the impact of these in your team of CFEngine Mission Specialists (more than one pair of eyes). -@item Construct a test environment and examine the effect of these promises in practice. -@item Commit the changes to promises in version control, e.g. subversion. -@item Deploy promises changes into live environment on a small number of machines. -@item Finally deploy to all machines. -@end enumerate -At each stage, we make careful, low-risk incursions on the system and -see how it responds. Note that some side-effects could take days to -emerge, so the schedule for change should account for the expected impact. - - -@node Deploying policy changes, , The change decision process or release management, Top -@unnumberedsec Deploying policy changes -@sp 1 - -The following sequence forms a checklist for deploying successful policy change: -@enumerate -@item Discuss the impact of changes in the team. -@item Construct a test environment and examine the effect of these promises in practice. -@item Make a change in the CFEngine input files. -@item Run the configuration through @samp{cf-promises --inform} to check for problems. -@item Commit the tested changes to promises in version control, e.g. subversion. -@item Move the policy to a test system. -@item Try running the configuration in dry-run model: @samp{cf-agent --dry-run} -@item Try running the policy once on a single system, being observant of unexpected behaviour. -@item Try running the policy on a small number of systems. -@item Move the policy to the production environment. -@item If possible, test on one or a few machines before releasing for general use. -@end enumerate - -@noindent Be aware of the differences in your environment. A decision will not necessarily work everywhere -in the same way. - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Cloud.texinfo b/docs/guides/SpecialTopic_Cloud.texinfo deleted file mode 100644 index 20893bc3fa..0000000000 --- a/docs/guides/SpecialTopic_Cloud.texinfo +++ /dev/null @@ -1,314 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-cloud.info -@settitle Cloud -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Cloud Computing and Managed Services -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Cloud Computing is a new economic approach to computer resource management - in which computers can be created and retired on demand. The challenges -of managing this increasingly dynamic environment are considerable. CFEngine -Nova brings scalable assurances about compliance and performance. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What is Cloud Computing?, (dir), (dir) -@top Cloud Computing -@menu -* What is Cloud Computing?:: -* Is Cloud Computing for everything and everyone?:: -* How does CFEngine enable Cloud Computing?:: -* Permanent infra-structure with vibrant change:: -* How does Cloud relate to virtualization?:: -* Isn't virtualization inefficient?:: -* Challenges for Cloud Computing:: -* What if I change my mind about Cloud Computing?:: -* The future - molecular computing:: -@end menu - - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is Cloud Computing?, Is Cloud Computing for everything and everyone?, Top, Top -@unnumberedsec What is Cloud Computing? - - -Cloud Computing refers to the commoditization of -computing, i.e. a world in which computers may be borrowed on demand -from a resource pool, like renting a car or loaning a book from the -library. The term `Cloud' comes from a model of the Internet, where -the precise details of how everything fits together are fuzzy. In a -strongly networked environment, it might matter less where objects are -physically located. - -Commoditization of computers is an important strategy for business -because it has the potential to eliminate a lot of the investment -overhead for equipment during times of rapid change, as well as to -recycle no-longer needed resources and save on redundant investment. You may think of -Cloud Computing as `Recycle-able Computing' -- a world in which you can -use something for a short time and then discard it, without fear of waste. - -@node Is Cloud Computing for everything and everyone?, How does CFEngine enable Cloud Computing?, What is Cloud Computing?, Top -@unnumberedsec Is Cloud Computing for everything and everyone? - -Cloud Computing does for computers what the database did for -information. Instead of having to keep reams of paper physically on -site, databases allowed us to virtualize the information and care less -about where the data were stored. Today we can call up a resource -easily and cheaply from a database, and have someone else manage the -service for us. Cloud computing allows us to dial up a new -computer, like a book from the library, and then return it to the pool -for others to use when we are done. It frees us from thinking about -the specific location of the host, and we can appoint someone to -manage this abstraction for us. - -Of course, this has negative aspects too. In a security environment, -you do indeed want to know exactly where your resources are. If you -are storing diamonds, you want a bank not a library, and you want to -know exactly where the physical objects are. The same is true for -valuable data and computers. - -Cloud Computing might be popular in the contemporary press, but it should be seen -in clear terms as one strategy of several for managing resources efficiently. -Some people still buy books, cars and dig wells, while others loan books, rent -cars and get water from the water authority. Different economic models -have different applications. - -@node How does CFEngine enable Cloud Computing?, Permanent infra-structure with vibrant change, Is Cloud Computing for everything and everyone?, Top -@unnumberedsec How does CFEngine enable Cloud Computing? - -CFEngine has technology that can quickly bring machines, either real -or virtual, from an uninitiated state to a fully working and customized -state in seconds or minutes, without any human intervention. -It can thus turn a generic resource into a specialized managed -service on demand. CFEngine makes it extremely cheap to rebuild -systems from scratch. This is exactly what a vibrant recycling -regime needs to work efficiently. - -@node Permanent infra-structure with vibrant change, How does Cloud relate to virtualization?, How does CFEngine enable Cloud Computing?, Top -@unnumberedsec Permanent infra-structure with vibrant change - -Not all your computers should be disposable. Certain key -infrastructure items like DNS servers, directory servers, databases, -etc are part of a permanent infrastructure. What you need there is -unwavering stability, not agility and impermanence. - -CFEngine's lightweight repair capabilities are not only suitable for -building machines quickly, but also for maintaining their state over -time. It only pays to `rent services' (either from yourself or from a third -party cloud provider) if you use the service infrequently, or your needs -are constantly changing. The lack of permanence of cloud services can -itself become an overhead if what you really need is constancy and security. - -The overhead of investment in physical infrastructure is cheap if that -one term investment will last you for a long time, unchanged. -For that reason, cloud services will never solve everyone's needs -all the time. It is merely one product of choice. - - -@node How does Cloud relate to virtualization?, Isn't virtualization inefficient?, Permanent infra-structure with vibrant change, Top -@unnumberedsec How does Cloud relate to virtualization? - -Virtualization is the tool that makes Cloud Computing practical. -Every time a physical machine needs to be deployed or retired, it -requires the physical presence of a human. To deploy or recycle a -physical machine, somehow usually has to touch the box. - -To deploy and tear down a virtual machine, however, no one needs to -touch anything literally. Machines can be installed, moved and -retired on command, using the physical computers as the host -for a purely software process. Virtualization turns computer deployment -into a software application. - -CFEngine can help to manage the deployment of virtual machines, by -working on the physical host directly. It can also run on every -virtual machine to manage them in a seamless process in which no one -needs to think about what kind of machine software is running on. -CFEngine can bring stability to the hosts or the virtual guests, or it -can keep virtual machines running without the need to -reboot@footnote{Rebooting a virtual machine in the cloud often means -losing all of its special properties, so one needs to be ready -to rebuild in case of catastrophe.}. - - -@node Isn't virtualization inefficient?, Challenges for Cloud Computing, How does Cloud relate to virtualization?, Top -@unnumberedsec Isn't virtualization inefficient? - -Virtualized computers run as software simulations, adding an extra -layer of overhead. Using virtual machines is thus not as fast or -processor-efficient as using real machines, however the processing -overhead is written off in different ways. - -About 70-80% of the electrical power used by a computer is wasted just -by turning it on. Only the remaining 20% go to solving real -problems. However, most computers are very under-utilized (2-5%), so -that many more machines than necessary are switched on at any one -moment, compounding the cost of merely being switched on with an -additional cost of cooling. This expense costs datacentres money -every day. By squeezing 5-10 virtual machines into a single physical -host container, one has a net saving of electrical power and man-power and -often indistinguishable performance. - -Virtualization is a form of packaging, which enables service providers -to separate services more easily with a `Chinese Wall' barrier. -This is useful when dealing with services belonging to different companies -or different users on the same physical host. The packaging aspect -of virtual machines is therefore a form of `information management'. - - -@node Challenges for Cloud Computing, What if I change my mind about Cloud Computing?, Isn't virtualization inefficient?, Top -@unnumberedsec Challenges for Cloud Computing - -Dealing with scale, rapid change and impermanence could quickly lead -to a processing overhead for humans, i.e. in the management of the -cloud computers. In order to cope, some models force an -oversimplification onto the user, forcing them to make do with second -best (a `cheap rental'). - -However, the requirements of computing are getting more complicated, -not less. Even as this new economic management of resources comes -into focus, companies are having to deal with increasing legislation -about privacy, security, compliance with audits, and more. CFEngine -addresses this challenge by integrating transparency of process -and business goals into its scalable approach to continuous maintenance. - -The approach used by CFEngine is to: -@sp 1 -@itemize -@item Help to bring comprehension to the scope of the problem (Knowledge Management and Model-based Desired State Computing). -@item Help to implement change quickly and cheaply (through Lightweight Automation). -@item Help to bring measurable assurance about the state of compliance with policy (continuous maintenance). -@end itemize -@sp 1 -CFEngine's model promise-based computing provides both a language of -assurance for keeping promises, and a measuring stick against which -compliance can be measured. It is not necessary to make ad hoc -judgements; every statement about the system can be documented and -woven into a narrative about the system that can be understood -both by technicians and management stakeholders. - - -@itemize -Deployment and maintaining real or virtual machines - -Instant Managed services from `stem cell' hosts - -Modelling the required properties of all machines and -allowing non-experts insight into that model to see how -their business goals are being handled. - -Focus on outcomes rather than implementation. - -Bring systems from any state into compliance. - -@end itemize - -@node What if I change my mind about Cloud Computing?, The future - molecular computing, Challenges for Cloud Computing, Top -@unnumberedsec What if I change my mind about Cloud Computing? - -CFEngine can be used in a public or in a private cloud, and it can be -used on local servers, desktops and even mobile devices. CFEngine is -designed to be simple and lightweight, but powerful in its concepts -and capabilities. It out-performs most other management software and -imposes fewer limitations. If you want to move a service or a -server-role, it is a simple matter to do so. CFEngine will continue -to manage the service no matter what the underlying resource model. - - -@node The future - molecular computing, , What if I change my mind about Cloud Computing?, Top -@unnumberedsec The future - molecular computing - -At CFEngine, we believe that Cloud Computing is just a rehearsal for a -real change in the way computing services are managed. In the future, -the capabilities that assured management of recycle-able parts bring -to services will allow atomic services to be combined into new and -complex fabrics of functionality. The chemistry of these services will -enable businesses and other organizations to express unique functions -by combining a standard set of elementary parts. CFEngine's role in -such a fabric would be the same as today: bringing self-maintaining, -knowledge-based management to an infrastructure where users are free -to make the most of shared pools. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_ContentDrivenPolicies.texinfo b/docs/guides/SpecialTopic_ContentDrivenPolicies.texinfo deleted file mode 100644 index e2be156063..0000000000 --- a/docs/guides/SpecialTopic_ContentDrivenPolicies.texinfo +++ /dev/null @@ -1,197 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-cdp.info -@settitle Content-Driven Policies -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Content-Driven Policies -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -This document describes simplified policy writing using Content-Driven -Policies in CFEngine Nova. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is a Content-Driven Policy?, (dir), (dir) -@top Content-Driven Policies -@menu -* What is a Content-Driven Policy?:: -* Why should I use Content-Driven Policies?:: -* How do Content-Driven Policies work in detail?:: -* Can I make my own Content-Diven Policies?:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is a Content-Driven Policy?, Why should I use Content-Driven Policies?, Top, Top -@unnumberedsec What is a Content-Driven Policy? - -@sp 1 - -A Content-Driven Policy is a text file with lines containing -semi-colon separated fields, like a spreadsheet or tabular file. Each line in the file is -parsed and results in a specific type of promise being made, depending on which type the -Content-Driven Policy is. The @samp{services} Content-Driven Policy is -shown below. - -@sp 1 -@smallexample -# masterfiles/cdp_inputs/service_list.txt - -Dnscache;stop;fix;windows -ALG;start;warn;windows -RemoteRegistry;start;fix;Windows_Server_2008 - -@end smallexample -@sp 1 - -The meaning of the fields are different depending of the policy type, -but explained in the file header. With these three lines, we ensure -the correct status of three services on all our Windows machines and -are given specialized reports on the outcome. The Content-Driven -Policy services report is shown below. - -@image{cdp_services_report,15cm} - -@node Why should I use Content-Driven Policies?, How do Content-Driven Policies work in detail?, What is a Content-Driven Policy?, Top -@unnumberedsec Why should I use Content-Driven Policies? - -@sp 1 -As seen in the example above, Content-Driven Policies are easy to write -and maintain, especially for users not very familiar with the CFEngine -language. They are designed to capture the essence of a specific, -popular use of CFEngine, and make it easier. For example, the services -Content-Driven Policy above has the following equivalent in the CFEngine -language. - -@smallexample - -bundle agent service_example -@{ -services: - - "Dnscache" - comment => "Check services status of Dnscache", - handle => "srv_Dnscache_windows", - service_policy => "stop", - service_method => force_deps, - action => policy("fix"), - ifvarclass => "windows"; - - "ALG" - comment => "Check services status of ALG", - handle => "srv_ALG_windows", - service_policy => "start", - service_method => force_deps, - action => policy("warn"), - ifvarclass => "windows"; - - "RemoteRegistry" - comment => "Check services status of ALG", - handle => "srv_ALG_windows", - service_policy => "start", - service_method => force_deps, - action => policy("fix"), - ifvarclass => "Windows_Server_2008"; - -@} - -@end smallexample - -Writing this policy is clearly more time-consuming and error-prone. On -the other hand, it allows for much more flexibility than Content-Driven -Policies, when that is needed. - -CFEngine provides Content-Driven Policies to cover mainstream -management tasks like the following. - -@itemize -@item File change/difference management -@item Service management -@item Database management -@item Application / script management -@end itemize - -@node How do Content-Driven Policies work in detail?, Can I make my own Content-Diven Policies?, Why should I use Content-Driven Policies?, Top -@unnumberedsec How do Content-Driven Policies work in detail? -@sp 1 - -The text files in @code{masterfiles/cdp_inputs/} -(e.g. @samp{registry_list.txt}) are parsed into CFEngine lists by -corresponding @code{cdp_*} files in @code{masterfiles/} -(e.g. @samp{cdp_registry.cf}). It is the latter set of files that -actually implement the policies in the text files. - -The Knowledge Map contains reports specifically designed to match the -Content-Driven Policies. - -@node Can I make my own Content-Diven Policies?, , How do Content-Driven Policies work in detail?, Top -@unnumberedsec Can I make my own Content-Diven Policies? -@sp 1 - -It is possible to mimic the structure of the existing Content-Driven -Policies to implement new ones, for new purposes. - -However, CFEngine AS will be creating more of these best-practice -policies. Thus, making a feature request at CFEngine Support may -result in your proposal being developed and supported by professionals -at CFEngine AS. Furthermore, Knowledge Map reports currently need to -be developed induvidually by CFEngine AS. - -@bye diff --git a/docs/guides/SpecialTopic_DevOps.texinfo b/docs/guides/SpecialTopic_DevOps.texinfo deleted file mode 100644 index b8306581f3..0000000000 --- a/docs/guides/SpecialTopic_DevOps.texinfo +++ /dev/null @@ -1,551 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-devops.info -@settitle CFEngine for `DevOps' -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine for `DevOps' and Cloud Developers -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Today's Cloud model is about managing re-usable infrastructure -resources; DevOps extends this to manage and customize application -resources. CFEngine handles -deployment, customization and repair at all levels from the operating -platform to the business applications. - -CFEngine has the sophistication to enable precise integration -of software systems, and the responsiveness to determine the state of -systems within a few minutes in massive cloud-scale deployments. It -runs on everything from handhelds, to smartphones, to individual servers -to datacentres, to mainframes and clouds. -@end quotation -@end cartouche - -@vskip 2cm - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - - -@node Top, What is DevOps? , (dir), (dir) -@top Cfengine for Devops -@menu -* What is DevOps? :: -* Why is DevOps happening now? :: -* Should Web and IT management be closely related?:: -* How do we make controlled change faster?:: -* What role does CFEngine play in DevOps?:: -* Getting used to declarative expression:: -* Using CFEngine to integrate software components:: -* Cloud computing is a rehearsal:: -@end menu - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is DevOps? , Why is DevOps happening now? , Top, Top -@unnumberedsec What is DevOps? -@sp 1 -DevOps is a term coined by Patrick Debois in 2009, from an -amalgamation of Development and Operations. It expresses a -change in the way companies are thinking about IT -- a change from segregated -IT infrastructure to highly integrated platforms. -Leading the way is a group of highly innovative Web-based companies -whose businesses depend on very specific arrangements of -infrastructure. It is about giving software developers more influence -over the IT infrastructure their applications run on, and allowing -change at the same speed as agile development teams. - -@node Why is DevOps happening now? , Should Web and IT management be closely related?, What is DevOps? , Top -@unnumberedsec Why is DevOps happening now? -@sp 1 - -The proliferation of Free and Open Source -software has put powerful software components in the hands of a -broader range of developers than ever before -- and businesses -everywhere are exploiting this software by adapting it and combining -it is a wealth of mutations. This blurs the line between what used to -be development and what used to be the system administrator's domain (operations). -We have entered an age analogous to that of hobby electronics for IT -systems, where we can order off-the-shelf components and build cool -new applications from them anywhere. - -After 20 years of scepticism, business and Free Open Source software have -made friends and are working together creatively for the benefit of -willing consumers. -With this basic premise of agility, companies working in this area -naturally embrace a rapid innovation cycle, meaning a fast release -cycle too. Traditional IT management methods can be perceived as too -slow in such an environment. An important part of DevOps is that it -naturally encompasses the idea of business integration -- or IT -for a purpose. - -@node Should Web and IT management be closely related?, How do we make controlled change faster?, Why is DevOps happening now? , Top -@unnumberedsec Should Web and IT management be closely related? -@sp 1 - -Web frameworks have seen the rise of languages like PHP, Java, Python -and Ruby, all of which offer frameworks for fast deployment. -Languages that work well for application development are not well -suited to managing infrastructure however: they focus too much on low -level details that one would like to suppress. The fact that -programmers already know the languages does not change this. - -An important principle for robustness and stability of systems is weak -coupling between components. This brings flexibility rather than brittle -fragility. Giving programmers direct control over -infrastructure from their applications risks insufficient separation -in which infrastructure management becomes a second-class citizen run -by amateurs who just want to get code out there and don't properly -understand the implications. The System Administrator role exists for -a reason. - -Should we use the web and HTTP for everything just because we -know it? We suggest not. HTTP is an inefficient protocol -for operations. It was designed for 1:1 communication with centralized -certificate verification, not for decentralized 1000000:1 -communication, as testified by the extensive need for load balancers -in web farms. - -At CFEngine, we believe in lightweight management -- made as simple -as possible, but no simpler. - -@node How do we make controlled change faster?, What role does CFEngine play in DevOps?, Should Web and IT management be closely related?, Top -@unnumberedsec How do we make controlled change faster? -@sp 1 - -It is important to be able to make changes quickly. Automation can -implement change quickly if humans can get their acts together. Human -IT processes and best practices (e.g. ITIL, COBIT, etc) tend to over -bureaucratize change, leading to unnecessary overhead which frustrates -agile companies. - -To be confident and efficient (`less haste more speed'), there needs -to be a model for the system that everyone agrees on. Models compress -information and cache understanding, meaning we have less to talk -about@footnote{Consider, for example, US versus Norwegian legal -systems. In Norway more details are codified into federal law. This -means that there is less to talk about in court and legal proceedings -are much more quickly resolved as there is less need to reinvent -interpretations on the fly.}. Finally, models allow us to make -predictions, so they aid understanding and help us to avoid mistake. - -@cartouche -CFEngine's promise model offers a flexible approach to weakly-coupled -autonomous resource configuration. It simultaneously allows efficient, -convergent, and repeatable implementation, and a simple definition of -@i{compliance} with requirements@footnote{For an explanation of convergence, -see the Special Topics Guide on Change Management and Incident Repair.}. All web-based companies using credit -cards will know about the need for PCI-DSS compliance, for instance. -And US-traded companies will know about Sarbanes-Oxley (SOX). -@end cartouche - - -@node What role does CFEngine play in DevOps?, Getting used to declarative expression, How do we make controlled change faster?, Top -@unnumberedsec What role does CFEngine play in DevOps? -@sp 1 - -The challenges for IT management today are about increasing complexity (driven -by the circuitry of online applications) and increasing scale. - -CFEngine is not a programming language, but a documentation language -for system state that has the pleasant side effect of enforcing that -state on a continuous basis. It gets away from the idea of `build -automation' to complete lifecycle management. It's continuity is a -natural partner for a rapid development environment, as mistakes can be -quickly fixed on the fly with minimal impact on the system. - -CFEngine's wins are that it is massively scalable, very low impact and rich in functionality. -It will not break at a few hundred machines or choke off network communications with -overhead. It will fix practically any well-defined problem within 5 minutes, bringing dependability and -agility. - -Knowledge, business integration - metrics - -The advantage CFEngine brings is that users can have clear expectations about their -systems at all times. Today's programmers are more sophisticated than script monkeys. - -@node Getting used to declarative expression, Using CFEngine to integrate software components, What role does CFEngine play in DevOps?, Top -@unnumberedsec Getting used to declarative expression -@sp 1 - -CFEngine uses a pragmatic mixture of the declarative (functional) and -imperative to represent configurations. Programmers are taught mainly -imperative programming today, so a declarative approach could seem like -a barrier to adoption. The principles are very simple however, and easy for -developers to grasp. - -In spite of the focus on readability for documenting @i{intent}, -all the familiar structures of imperative programming are, in fact, available -in CFEngine, just optimized for clarity. - -@cartouche -The main goals of CFEngine are @i{convergence to a desired state}, @i{repeatability} -and @i{clear intentions}. -@end cartouche - -@menu -* Expressing actions or tasks in CFEngine:: -* Expressing conditionals in CFEngine:: -* Expressing loops in CFEngine:: -* Expressing subroutines in CFEngine:: -@end menu - -@node Expressing actions or tasks in CFEngine, Expressing conditionals in CFEngine, Getting used to declarative expression, Getting used to declarative expression -@unnumberedsubsec Expressing actions or tasks in CFEngine -@sp 1 - -Most of the actionable items have builtin operational support, -which is designed to be convergent and safely repeatable. -To keep declarations clear, CFEngine organizes similar -operations into chapters in a simple separation of concerns. - -@example -files: - @var{"affected object" ...details....} - -processes: - @var{"affected object" ...details....} - -@end example -@noindent In general, many such promises and types are collected into bundles, so -that the form is -@cartouche -@example - bundle agent SomeUserDefinedName - @{ - type_of_promise: - - @var{"affected object/promiser" - - body of the promise/details} - - ... - @} -@end example -@end cartouche -@node Expressing conditionals in CFEngine, Expressing loops in CFEngine, Expressing actions or tasks in CFEngine, Getting used to declarative expression -@unnumberedsubsec Expressing conditionals in CFEngine -@sp 1 - -CFEngine uses the idea of contexts (also called classes or class-contexts@footnote{ -The term classes was originally used but has since been overloaded with connotations from -Object Orientation, etc, making the term confusing.}) to address declarations to -certain environments. The contexts or classes are written as a prefix, a bit like a -target in a Makefile. They represent known properties of the environment. -@cartouche -@example - bundle agent SomeUserDefinedName - @{ - type_of_promise: - - @b{property::} - - @i{make one promise...} - - @b{!property::} - - @i{make a different promise...} - @} - -@end example -@end cartouche -@noindent This is the mechanism by which all decisions are made in CFEngine. Class contexts -are evaluated by @code{cf-agent} and are cached so that they can be used at any time. - -How do we know if the property has been evaluated or not? CFEngine evaluates certain -hard-classes by default. In addition, you can probe as many more as you like, as -separate promises. -@verbatim - classes: - - "cached_result" expression => fileexists("/some/file"); - "bigger" and => { isgreaterthan("1","0"), "cached_result" }; - -@end verbatim -This is different from a programming language where you generally make these tests -in-line when you need them. In CFEngine the chance that you need the same test multiple -times is greater, so the determination is separated entirely from the usage. - -To go from @i{if-then-else} thinking to using classes, you just need to thihnk about -classes as booleans: -@example -bundle agent Name -@{ -classes: - - "cached_result" expression => fileexists("/some/file"); - "bigger" and => @{ isgreaterthan("1","0"), "cached_result" @}; - -reports: - - @b{bigger::} - "Bigger is true...."; - - @b{cached_result&!bigger::} - "Mathematics seems to be awry..."; - - # may also be written @b{cached_result.!bigger::} - -@} -@end example -These results can then be extended and reused efficiently. -The class definitions can be hidden away and suitably meaningful class names -replace a lot of redundant syntax. - -All the information about class contexts is evaluated at the end-host, -in a decentralized manner avoiding clogging of network communications -that befuddles many centralized approaches. This keeps CFEngine execution -very fast and with a low overhead. - -@node Expressing loops in CFEngine, Expressing subroutines in CFEngine, Expressing conditionals in CFEngine, Getting used to declarative expression -@unnumberedsubsec Expressing loops in CFEngine -@sp 1 - -Lists and loops go hand in hand, and they are a very effective way of reducing -syntax and simplifying the expression of intent. Saying `do this to all the following' -is generally easier to comprehend than `do this to the first, do this to the next,...' and -so on, because our brains are wired to see patterns. - -Thus, loops are as useful for configuration as for programming. We -only want to simplify the syntax once again to hide redundant words -like `foreach'. To do this, CFEngine makes loops implicit. If you -use a scalar variable reference @samp{$(mylist)} to a list variable -@samp{@@(mylist)}, CFEngine assumes you want to iterate over each -case. -@verbatim -vars: - "my_list" slist => { "one", "two", "three" }; - -files: - "/tmp/file_$(my_list)" - create => "true"; - -@end verbatim -@noindent The above evaluates to three promises: -@example -files: - - "/tmp/file_one" - create => "true"; - - "/tmp/file_two" - create => "true"; - - "/tmp/file_three" - create => "true"; - -@end example -@noindent Similarly the following -@verbatim -bundle agent x -{ -vars: - "hi" string => "Hello"; - "list1" slist => { "a", "b", "c" }; - "list2" slist => { "1", "2", "3", "4" }; - "list3" slist => { "x", "y", "z" }; - -reports: - !silly_non_existent_context:: - "$(hi) $(list1) $(list2) $(list3)"; -} -@end verbatim -@noindent Results in: -@smallexample -R: Hello a 1 x -R: Hello b 1 x -R: Hello c 1 x -R: Hello a 2 x -R: Hello b 2 x -R: Hello c 2 x -R: Hello a 3 x -R: Hello b 3 x -R: Hello c 3 x -R: Hello a 4 x -R: Hello b 4 x -R: Hello c 4 x -R: Hello a 1 y -R: Hello b 1 y -R: Hello c 1 y -R: Hello a 2 y -R: Hello b 2 y -R: Hello c 2 y -R: Hello a 3 y -R: Hello b 3 y -R: Hello c 3 y -R: Hello a 4 y -R: Hello b 4 y -R: Hello c 4 y -R: Hello a 1 z -R: Hello b 1 z -R: Hello c 1 z -R: Hello a 2 z -R: Hello b 2 z -R: Hello c 2 z -R: Hello a 3 z -R: Hello b 3 z -R: Hello c 3 z -R: Hello a 4 z -R: Hello b 4 z -R: Hello c 4 z -@end smallexample - -@node Expressing subroutines in CFEngine, , Expressing loops in CFEngine, Getting used to declarative expression -@unnumberedsubsec Expressing subroutines in CFEngine -@sp 1 -Subroutines are used for both expressing and reusing parameterizable -chunks of code, and for naming chunks for better management of intention. -In CFEngine you define these as @code{methods}. A method is simply a bundle -of promises, possibly with parameters. To call a method, you make a -method-use-bundle promise. In this example, we call a bundle called @code{subtest} -which accepts a parameter from its calling bundle. - -@verbatim -body common control -{ -# Master execution list -bundlesequence => { "testbundle" }; -} - -########################################### - -bundle agent testbundle -{ -vars: - "userlist" slist => { "one", "two", "three" }; - -methods: - "any" usebundle => subtest("$(userlist)"); -} - -########################################### - -bundle agent subtest(user) -{ -commands: - "/bin/echo Fix $(user)"; -} - -@end verbatim -@noindent The use of methods brings multi-dimensional patterns -to convergent configuration management. - -@node Using CFEngine to integrate software components, Cloud computing is a rehearsal, Getting used to declarative expression, Top -@unnumberedsec Using CFEngine to integrate software components -@sp 1 - -Integration of software components may be addressed with a variety -of approaches and techniques: - -@itemize -@item Standard template methods from the COPBL community library (`out of the box' -solutions). -@item Customized, personalized configurations. -@item Package management for software dependencies. -@item File management - copying, editing, permissions, etc. -@item Process management - starting, stopping, restarting. -@item Security. -@item Monitoring performance and change. -@end itemize - -@noindent Needless to say, all of these are easily achievable with 5 minute repair accuracy -using our CFEngine framework. - -@node Cloud computing is a rehearsal, , Using CFEngine to integrate software components, Top -@unnumberedsec Cloud computing is a rehearsal -@sp 1 - -We have barely made a dent in CFEngine in this Short Topics Guide. -Let us end by noting briefly that DevOps and Cloud Computing are -merely rehearsals for what is to come next: molecular computing in -which we synthesize complex clusters of components based on higher -level rule based schemas. - -In this future version of IT, knowledge management will be the key -challenge for understanding how to build systems. We fully expect the -APIs of the future virtualized infrastructure to be promise oriented, -and for CFEngine to remain a viable approach to configuration after -other frameworks have become outmoded. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_DistributedScheduling.texinfo b/docs/guides/SpecialTopic_DistributedScheduling.texinfo deleted file mode 100644 index e1d9d06e72..0000000000 --- a/docs/guides/SpecialTopic_DistributedScheduling.texinfo +++ /dev/null @@ -1,611 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-distsched.info -@settitle Distributed Scheduling -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Distributed Scheduling and Workflows -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Distributed scheduling is about tying together jobs to create a -workflow across multiple machines. It introduces a level of fragility -into system automation. Using CFEngine promises, we can create self-healing -workflows, but we recommend minimizing dependencies. This document shows how -to build workflows using CFEngine primitives. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node top, What is distributed scheduling?, (dir), (dir) -@top CFEngine-Tutorial -@menu -* What is distributed scheduling?:: -* Coordinating dispatch:: -* Job scheduling and periodic maintenance:: -* Fancy distributed encapsulation:: -* More links in the chain:: -* Self-healing workflows:: -* Long workflow chains:: -* Summary of Distributed Scheduling:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is distributed scheduling?, Coordinating dispatch, top, top -@unnumberedsec What is distributed scheduling? - -@sp 1 -Scheduling refers to the execution of non-interactive processes or -tasks (usually called `jobs') at designated times and places around a -network of computers (see the Special Topics Guide on Scheduling). -Distributed Scheduling refers to the chaining of different jobs into a -coordinated workflow that spans several computers. For example, you -schedule a processing job on @code{machine1} and @code{machine2}, and -when these are finished you need to schedule a job on @code{machine3}. -This is distributed scheduling. - - -@node Coordinating dispatch, Job scheduling and periodic maintenance, What is distributed scheduling?, top -@unnumberedsec Coordinating dispatch - -Dispatch is the term used for starting actually the execution of a job -that has been scheduled. There are two ways to achieve distributed -job scheduling: -@itemize -@item Centralized dispatch of jobs. -@item Peer to peer signalling with local dispatch of jobs. -@end itemize -There are pros and cons to centralization. Centralization makes -consistency easy to determine, but it creates bottlenecks in -processing and allows one machine to see all -information. Decentralization provides an automatic and natural -load-balancing of job dispatch, and it allows machines to -reveal information on a `need to know' basis. - -CFEngine is a naturally decentralized system, and only policy -definition is usually centralized, but you can set up practically any -architecture you like, in a secure fashion. - -@node Job scheduling and periodic maintenance, Fancy distributed encapsulation, Coordinating dispatch, top -@unnumberedsec Job scheduling and periodic maintenance - -You promise to execute tasks or keep promises at distributed -places and times: - -@itemize -@item You tell CFEngine @i{what} and @i{how} with the details of a promise. -@item You tell CFEngine @i{where} and @i{when} promises should be kept, using @i{classes}. -@end itemize - -CFEngine is designed principally to maintain desired state on a continuous -basis. -There are three cases for job scheduling: -@itemize -@item Unique jobs run once and only once. -@item Standard jobs run sporadically on demand. -@item Standard jobs run on a regular schedule. -@end itemize -This list transfers to workflow processes too. If one job needs to -follow after another (because it depends on it for something), we can -ask if this workflow is a standard and regular occurrence, or a one-off phenomenon. - -@menu -* One-off workflows:: -* Regular workflows:: -@end menu - -@node One-off workflows, Regular workflows, Job scheduling and periodic maintenance, Job scheduling and periodic maintenance -@unnumberedsubsec One-off workflows - -In CFEngine, you code a one-off workflow by specifying the space-time coordinates -of the event that starts it. For example, if you want a job to be run a 16:45 on Monday -24th January 2012, you would make a class corresponding to this time, and place the -promise of a job (or jobs) in this class. Let's look at some examples of this, in which -host1 executes a command called @file{my_job}, and host2 follows up with a bundle of -promises afterwards. - -The simplest case is to schedule the exact times. -@verbatim -bundle agent workflow_one -{ -methods: - - Host2.Day24.January.Year2012.Hr16.Min50_55:: - - "any" usebundle => do_my_job_bundle; - -commands: - - Host1.Day24.January.Year2012.Hr16.Min45_50:: - - "/usr/local/bin/my_job"; - -} -@end verbatim -Host1 runs its task at 16:45, and Host2 excutes its part in the -workflow five minutes later. The advantage of this approach is that no -direct communication is required between Host1 and Host2. The -disadvantage is that you, as the orchestrator, have to guess how long -the jobs will take. Moreover Host2 doesn't know for certain whether -host1 succeeded in carrying out its job, so it might be a fruitless -act. - -We can change this by signalling between the processes. Whether not you consider -this an improvement or not depends on what you value highest: avoidance of -communication or certainty of outcome. In this version, we increase the certainty -of control by asking the predecessor or upstream host for confirmation of success -if the job was carried out. -@verbatim -bundle agent workflow_one -{ -classes: - - Host2:: - - "succeeded" expression => remoteclassesmatching - ( - "did.*", # get classes matching - "Host1", # from this server - "no", # encrypt comms? - "hostX" # prefix - ); -methods: - - Host2.hostX_did_my_job - - "any" usebundle => do_my_job_bundle; - -commands: - - Host1.Day24.January.Year2012.Hr16.Min45_50:: - - "/usr/local/bin/my_job", - classes => state_repaired("did_my_job"); -} -@end verbatim -In this example, the methods promise runs on Host2 and the commands promise runs -one Host1 as before. Now, host 1 sets a signal class @samp{did_my_job} -when it carries out the job, and Host2 collects it by contacting the @code{cf-serverd} -on Host1. Assuming that Host1 has agreed to let Host2 know this information, by granting -access to it, Host2 can inherit this class, with a prefix of its own choosing. Thus -is transforms the class @samp{did_my_job} on Host1 into @samp{hostX_did_my_job} on Host2. - -The advantage of this method is that the second job will only be started if the first -completed, and we don't have to know how long the job took. The disadvantage of this is that -we have to exchange some network information, and this has a small network cost, and requires -some extra configuration on the server side to grant access to this context information: - -@verbatim -bundle server access_rules -{ -access: - - "did_my_job" - - resource_type => "context", - admit => { "Host2" }; -} - -@end verbatim - - -@node Regular workflows, , One-off workflows, Job scheduling and periodic maintenance -@unnumberedsubsec Regular workflows - -To make a job happen at a specific time, we used a very specific time -classifier @samp{Day24.January.Year2012.Hr16.Min45_50}. If we now want -to make this workflow into a regular occurrence, repeating at some -interval we have two options: - -@itemize -@item We repeat this at the same time each week, day, hour, etc. -@item We don't care about the precise time, we only care about the interval between executions. -@end itemize -The checking of promises in CFEngine is controlled by @i{classes} and -by @i{ifelapsed locks}, which may be used for these two cases -respectively. If nothing else is specified, CFEngine runs every 5 -minutes and reconsiders the state of all its active promises. To be -specific about the time, we just alter which promises are active at -different times. Classes (as used already) allow us to anchor a -promise to a particular region of time and space. Locks, on the other -hand, allow us to say that a promise will only be rechecked if a certain -time has elapsed since the last time. - -So, to make a promise repeat, we simply have to be less specific about the time. -Let us make the promise on Host1 apply every day between 16:00:00 (4 pm) and 16:59:59, -and add an ifelapsed lock saying that we do not want to consider rechecking more often -tha once every 100 minutes (more than 1 hour). Now we have a workflow process -that starts at 16:00 hours each day and runs only once each day. - -@verbatim -bundle agent workflow_one -{ -classes: - - Host2:: - - "succeeded" expression => remoteclassesmatching( - "did.*", - "Host1", - "no", - "hostX" - ); -methods: - - Host2.hostX_did_my_job - - "any" usebundle => do_my_job_bundle; - -commands: - - Host1.Hr16:: - - "/usr/local/bin/my_job", - action => if_elapsed("100"), - classes => state_repaired("did_my_job"); - - -@end verbatim - -@node Fancy distributed encapsulation, More links in the chain, Job scheduling and periodic maintenance, top -@unnumberedsec Fancy distributed encapsulation - -We could try to be fancy about distributed scheduling, packaging -it into a reusable structure. This may or may not be a good idea, depending -on your aesthetics. The following example, from the community unit tests, -shows how we might proceed. - -@verbatim - -body common control - -{ -bundlesequence => { job_chain("Hr16.Min10_15") }; -} - -######################################################## - -bundle common g -{ -vars: - - # Define the name of the signal passed between hosts - - "signal" string => "pack_a_name"; -} - -######################################################## - -bundle agent job_chain(time) -{ -vars: - - # Define the names of the two parties - - "client" string => "downstream.exampe.org"; - "server" string => "upstream.example.org"; - -classes: - - # derive some classes from the names defined in variables - - "client_primed" expression => classmatch(canonify("$(client)")), - ifvarclass => "$(time)"; - - "server_primed" expression => classmatch(canonify("$(server)")), - ifvarclass => "$(time)"; - - client_primed:: - - "succeeded" expression => remoteclassesmatching( - "$(g.signal)", - "$(server)", - "yes", - "hostX" - ); -methods: - - client_primed:: - - "downstream" usebundle => do_job("Starting local follow-up job"), - action => if_elapsed("5"), - ifvarclass => "hostX_$(g.signal)"; - - server_primed:: - - "upstream" usebundle => do_job("Starting remote job"), - action => if_elapsed("5"), - classes => state_repaired("$(g.signal)"); - -reports: - - !succeeded:: - - "Server communication failed", - - ifvarclass => "$(time)"; -} - -######################################################### - -bundle agent do_job(job) -{ -commands: - - # do whatever... - - "/bin/echo $(job)"; -} - -######################################################### -# Server config -######################################################### - -body server control -{ -allowconnects => { "127.0.0.1" , "::1" }; -allowallconnects => { "127.0.0.1" , "::1" }; -trustkeysfrom => { "127.0.0.1" , "::1" }; -allowusers => { "mark" }; -} - -######################################################### - -bundle server access_rules() -{ -access: - - "$(g.signal)" - - resource_type => "context", - admit => { "127.0.0.1" }; -} - -@end verbatim - -@node More links in the chain, Self-healing workflows, Fancy distributed encapsulation, top -@unnumberedsec More links in the chain - -In the examples above, we only had two hosts cooperating about -jobs. In general, it is not a good idea to link together many -different hosts unless there is a good reason for doing so. In HPC or -Grid environments, where distributed jobs are more common and results -are combined from many sub-tasks, one typically uses some more -specialized middleware to accomplish this kind of cooperation. Such -software makes compromises of its own, but is generally better suited -to the specialized task for which it was written than a tool like -CFEngine (whose main design criteria are to be secure and generic). - -Nevertheless, there are some tricks left in CFEngine for distributed -scheduling if we want to trigger a number of follow-ups from a single job, or -aggregate a number of jobs to drive a single follow-up (see figure). - -@sp 1 -@center @image{schedule_patterns,5cm,,Rollback,png} -@sp 1 - -@menu -* Aggregation of multiple jobs:: -* Triggering multiple follow-ups:: -@end menu - -@node Aggregation of multiple jobs, Triggering multiple follow-ups, More links in the chain, More links in the chain -@unnumberedsubsec Aggregation of multiple jobs - -When aggregating jobs, we must combine their exit status using AND or OR. -The most common case it that we require all the prerequisites in place in order to -generate the final result, i.e. trigger the followup only if all of the prerequisites -succeeded. -@verbatim -bundle agent workflow_one -{ -vars: - - "n" slist => { "2", "3", "4" }; - -classes: - - "succeeded$(n)" expression => remoteclassesmatching( - "did.*", - "Host$(n)", - "no", - "hostX" - ), - ifvarclass => "Host$(n)"; -methods: - - Host2.Host3.Host4.hostX_did_my_job - - "any" usebundle => do_my_job_bundle; - -commands: - - Host1.Hr16:: - - "/usr/local/bin/my_job", - action => if_elapsed("100"), - classes => state_repaired("did_my_job"); -@end verbatim -@noindent This example shows an all-or-nothing result. The follow-up job -will only be executed if all three jobs finish within the same 5 -minute time-frame. There is no error handling or recovery except to schedule the whole -thing again. - -Triggering from one or more predecessors, i.e. combining with OR, looks similar, -we just have to change the class expression: -@verbatim -... - -methods: - - (Host2|Host3|Host4).hostX_did_my_job - - "any" usebundle => do_my_job_bundle; - -... -@end verbatim - - -@node Triggering multiple follow-ups, , Aggregation of multiple jobs, More links in the chain -@unnumberedsubsec Triggering multiple follow-ups - -The converse scenario is to trigger a number of jobs from a single pre-requisite. -This is simply a case of listing the jobs under the trigger classes. -@verbatim -bundle agent workflow_one -{ -classes: - - Host2:: - - "succeeded" expression => remoteclassesmatching( - "did.*", - "Host1", - "no", - "hostX" - ); -methods: - - Host2.hostX_did_my_job - - "any" usebundle => do_my_job_bundle1; - "any" usebundle => do_my_job_bundle2; - "any" usebundle => do_my_job_bundle3; - -commands: - - Host1.Hr16:: - - "/usr/local/bin/my_job", - action => if_elapsed("100"), - classes => state_repaired("did_my_job"); - -@end verbatim - - -@node Self-healing workflows, Long workflow chains, More links in the chain, top -@unnumberedsec Self-healing workflows - -To apply CFEngine's self-healing concepts to workflow scheduling, we -can imagine the concept of a convergent workflow, i.e. one that, if we -repeat everything a sufficient number of times, will eventually lead -to the result. The outcome of the chained sequence of jobs must have -an outcome that is repeatably achievable and which will eventually be -achieved if we try a sufficient number of times. Using CFEngine this -is a natural outcome -- however, most system designers do not think in -terms of repeatable sustainable outcomes and fault-tolerance. - -Beware however, one-off jobs @i{cannot} be made convergent, because -they only have a single chance to succeed. It is a question of -business process design whether you design workflows to be sustainable -and repeatable, or whether you trust the outcome of a single shot -process. Using the persistent classes in CFEngine together with the -if-elapsed locks to send signals between hosts, it is simple and -automatic to make convergent self-healing workflows. - - -@node Long workflow chains, Summary of Distributed Scheduling, Self-healing workflows, top -@unnumberedsec Long workflow chains - -Long workflow chains are those which involve more than one trigger. -These can be created by repeating the pattern above several times. -Note however, that each link in the chain introduces a new level of -uncertainty and potential failure. In general, we would not recommend -creating workflows with long chains. - -@node Summary of Distributed Scheduling, , Long workflow chains, top -@unnumberedsec Summary of Distributed Scheduling - -Distributed scheduling is about tying together jobs to create a -workflow across multiple machines. It introduces a level of fragility -into system automation. Using CFEngine promises, we can create self-healing -workflows, but we recommend minimizing dependencies. This document shows how -to build workflows using CFEngine primitives. - - - - - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/SpecialTopic_Editing.texinfo b/docs/guides/SpecialTopic_Editing.texinfo deleted file mode 100644 index 036cd3d5ab..0000000000 --- a/docs/guides/SpecialTopic_Editing.texinfo +++ /dev/null @@ -1,1047 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-editing.info -@settitle Promising and Editing File Content -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Promising and Editing File Content -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -The ability to edit files convergently is a popular and widely used -aspect of CFEngine. This document proposes some best practices for -managing file content. - -The examples contained here assume the inclusion of the standard COPBL -library as an input. -@end quotation -@end cartouche - -@vskip 2cm - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - - -@node Top, From boiler-plates to convergent file editing, (dir), (dir) -@top Editing -@menu -* From boiler-plates to convergent file editing:: -* Why is file editing difficult?:: -* What does file editing involve?:: -* Three approaches to managing files:: -* Constructing files from promises:: -* Editing bundles:: -* Choosing an approach to file editing:: -* Pitfalls to watch out for in file editing:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@c ********************************************************************* - -@node From boiler-plates to convergent file editing, Why is file editing difficult?, Top, Top -@unnumberedsec From boiler-plates to convergent file editing -@sp 1 - -Many configuration management systems allow you to determine -configuration file content to some extent, usually by over-writing -files with boiler-plate (template) files. This approach works for some -cases, but it is a blunt and inflexible instrument, which forces you -to take over the ownership of the file `all or nothing' and determine -its entire content yourself. This is more than is necessary or -desirable in general. - -Other approaches to file editing us search and replace, e.g. with the -long-standing Unix tools @file{awk} and @file{sed}. Adding a user to a -structured file such as the password file, only if the user is not -already defined, is a more complex operation. - -Cfengine allows you to model both whole files and parts of files, in any -format, and promise that these fragments will satisfy certain promises -about their state. This is potentially different from more common templating -approaches to file management in which pre-adjusted copies of files -are generated for all recipients at a single location and then -distributed. - - -The most important thing about making changes to files is that the -result end up being predictable. There are three ways to approach this -problem. You should choose the simplest approach that solves your -problem and try not to be prejudiced by what you have done before. - - - - - - - -@c ********************************************************************* - - -@node Why is file editing difficult?, What does file editing involve?, From boiler-plates to convergent file editing, Top -@unnumberedsec Why is file editing difficult? -@sp 1 - -File content is not made up of simple data objects like permission flags or -process tables: files contain compound, ordered structures (known as -grammars) and they cannot always be determined from a single source of -information. To determine the outcome of a file we have to adopt either -a fully deterministic approach, or live with a partial approximation. - -Some approaches to file editing try to `know' the intended format of a -file, by hardcoding it. If the file then fails to follow this format, -the algorithms might break. CFEngine gives you generic tools to be -able to handle files in any line-based format, without the need to -hard-code specialist knowledge about file formats. - -@cartouche -Remember that all changes are adapted to your local context and implemented at the final -destination by @code{cf-agent}. -@end cartouche - - -@c ********************************************************************* - -@node What does file editing involve?, Three approaches to managing files, Why is file editing difficult?, Top -@unnumberedsec What does file editing involve? -@sp 1 - -There are several ways -to approach desired state management of file contents: - -@sp 1 -@enumerate -@item Copy a finished file template to the desired location, completely overwriting existing content. -@item Copy and adapt an almost finished template, filling in variables or macros to yield a desired content. -@item Make corrections to whatever the existing state of the file might be. -@end enumerate -@sp 1 -There are advantages and disadvantages with each of these approaches and the best approach depends on -the type of situation you need to describe. - -@sp 1 -@multitable @columnfractions .5 .5 -@item @b{For the approach} @tab @b{Against the approach} -@item 1. Deterministic. @tab Hard to specialize the result and the source must still be maintained by hand. -@item 2. Deterministic. @tab Limited specialization and must come from a single source, again maintained by hand. -@item 3. Non-deterministic/partial model. @tab Full power to customize file even with multiple managers. -@end multitable -@sp 1 - - -Approaches 1 and 2 are best for situations where very few variations -of a file are needed in different circumstances. Approach 3 is best -when you need to customize a file significantly, especially when you don't know the -full details of the file you are starting from. Approach 3 is generally required -when adapting configuration files provided by a third party, since the basic -content is determined by them. - - - -@c ********************************************************************* - - -@node Three approaches to managing files, Constructing files from promises, What does file editing involve?, Top -@unnumberedsec Three approaches to managing files - - -@menu -* Copying a finished file template into place:: -* Contextual adaptation of a file template:: -* Example file template:: -* Combining copy with template expansion:: -* Making delta changes to someone else's file:: -@end menu - -@node Copying a finished file template into place, Contextual adaptation of a file template, Three approaches to managing files, Three approaches to managing files -@unnumberedsubsec Copying a finished file template into place - -Use this approach if a simple substution of data will solve the problem in all contexts. - -@enumerate -@item Maintain the content of the file in a version controlled repository. -@item Check out the file into a staging area. -@item Copy the file into place. -@end enumerate - -@cartouche -@verbatim -bundle agent something -{ -files: - - "/important/file" - - copy_from => secure_cp("/repository/important_file_template","svn-host"); -} -@end verbatim -@end cartouche - -@c ********************************************************************* - - -@node Contextual adaptation of a file template, Example file template, Copying a finished file template into place, Three approaches to managing files -@unnumberedsubsec Contextual adaptation of a file template - -There are several approaches here: -@enumerate -@item Encode the boiler-plate template directly in the CFEngine configuration, and have full use of the power of the CFEngine language to adapt it. -@item Keep a separate boiler-plate file and edit/adapt it. -@item Copy a template from a repository then edit/adapt it. -@item Copy a generic template with embedded variables that can be expanded like macro-substitution. -@end enumerate -@noindent Choose the approach that you consider to be simplest and most reliable for the purpose you need. -Don't use templating, for instance, simply because it is what you are used to, or you might waste a lot -of time and effort maintaining data that you don't need to. - -To expand a template file on a local disk: -@cartouche -@verbatim -bundle agent templating -{ -files: - - "/home/mark/tmp/file_based_on_template" - - create => "true", - edit_line => expand_template("/tmp/source_template"); -} -@end verbatim -@end cartouche -@noindent As of CFEngine version 3.3.0 you can also use a new templating file format -and write: -@cartouche -@verbatim -bundle agent templating -{ -files: - - "/home/mark/tmp/file_based_on_template" - - create => "true", - edit_template => "/tmp/source_template"; -} -@end verbatim -@end cartouche - - -@noindent For example, the source template file might look like this, with -embedded CFEngine variables: -@example -mail_relay = $(sys.fqhost) -important_user = $(mybundle.variable) -#... -@end example -@noindent These variables will be filled in by CFEngine assuming they are defined -within your CFEngine configuration. - -If you use the new @code{edit_template} promise, you can embed directives to CFEngine -context-classes and mark out regions of a file to be treated as an iteratable -block. - -@cartouche -@verbatim -#This is a template file /templates/input.tmpl - -These lines apply to anyone - -[%CFEngine solaris.Monday:: %] -Everything after here applies only to solaris on Mondays -until overridden... - -[%CFEngine linux:: %] -Everything after here now applies now to linux only. - -[%CFEngine BEGIN %] -This is a block of text -That contains list variables: $(some.list) -With text before and after. -[%CFEngine END %] - -nameserver $(some.list) -@end verbatim -@end cartouche -@sp 1 -@noindent For example: if we use this template in a promise: -@sp 1 -@cartouche -@verbatim -bundle agent test -{ -vars: - "var" slist => { "1", "2", "3"}; - -files: - "/tmp/expander" - create => "true", - edit_template => "/templates/input.tmpl"; -} - -@end verbatim -@end cartouche -@noindent The result would look like this, on a linux host: -@sp 1 -@verbatim -#This is a template file /templates/input.tmpl - -These lines apply to anyone -Everything after here now applies now to linux only. -This is a block of text -That contains list variables: 1 -With text before and after. -This is a block of text -That contains list variables: 2 -With text before and after. -This is a block of text -That contains list variables: 3 -With text before and after. -nameserver 1 -nameserver 2 -nameserver 3 -@end verbatim -@sp 1 - -@node Example file template, Combining copy with template expansion, Contextual adaptation of a file template, Three approaches to managing files -@unnumberedsubsec Example file template - -@sp 1 -@verbatim -[%CFEngine any:: %] - - ServerAdmin $(stage_file.params[apache_mail_address][1]) - DocumentRoot /var/www/htdocs - ServerName $(stage_file.params[apache_server_name][1]) - AddHandler cgi-script cgi - ErrorLog /var/log/httpd/error.log - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - SSLEngine off - CustomLog /var/log/httpd/access.log - - -[%CFEngine webservers_prod:: %] -[%CFEngine BEGIN %] - - ServerAdmin $(stage_file.params[apache_mail_address][1]) - DocumentRoot /var/www/htdocs - ServerName $(stage_file.params[apache_server_name][1]) - AddHandler cgi-script cgi - ErrorLog /var/log/httpd/error.log - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - SSLEngine on - SSLCertificateFile $(stage_file.params[apache_ssl_crt][1]) - SSLCertificateKeyFile $(stage_file.params[apache_ssl_key][1]) - CustomLog /var/log/httpd/access.log - -[%CFEngine END %] - -@end verbatim - -@node Combining copy with template expansion, Making delta changes to someone else's file, Example file template, Three approaches to managing files -@unnumberedsubsec Combining copy with template expansion - -What about getting your template to the end-host? To convergently -copy a file from a source and then edit it, use the following -construction with a staging file. -@cartouche -@verbatim -bundle agent master -{ -files: - "$(final_destination)" - create => "true", - edit_line => fix_file("$(staging_file)"), - edit_defaults => empty, - perms => mo("644","root"), - action => if_elapsed("60"); -} - -bundle edit_line fix_file(f) -{ -insert_lines: - "$(f)" - insert_type => "file"; - # expand_scalars => "true" ; - -replace_patterns: - "searchstring" - replace_with => value("replacestring"); -} - -@end verbatim -@end cartouche - -@c ********************************************************************* - -@node Making delta changes to someone else's file, , Combining copy with template expansion, Three approaches to managing files -@unnumberedsubsec Making delta changes to someone else's file - -Edit a file with multiple promises about its state, when you do not want -to determine the entire content of the file, or if it is unsafe to -make unilateral changes, e.g. because its contents are also -being managed from another source like a software package manager. - -For modifying a file, you have access to the full power of text editing -promises. This is a powerful framework. - -@cartouche -@verbatim -# Resolve conf edit - -body common control -{ -bundlesequence => { "g", resolver(@(g.searchlist),@(g.nameservers)) }; -inputs => { "cfengine_stdlib.cf" }; -} - -bundle common g # global -{ -vars: - "searchlist" slist => { "example.com", "cfengine.com" }; - "nameservers" slist => { "10.1.1.10", "10.3.2.16", "8.8.8.8" }; - -classes: - "am_name_server" - expression => reglist("@(nameservers)","$(sys.ipv4[eth1])"); -} - -bundle agent resolver(s,n) -{ -files: - "$(sys.resolv)" # test on "/tmp/resolv.conf" # - create => "true", - edit_line => doresolv("@(this.s)","@(this.n)"), - edit_defaults => empty; -} - -# For your private library ...................... - -bundle edit_line doresolv(s,n) -{ -insert_lines: - "search $(s)"; - "nameserver $(n)"; -delete_lines: - # To clean out junk - "nameserver .*| search .*" not_matching => "true"; -} -@end verbatim -@end cartouche - - - - - -@c ********************************************************************* - - -@node Constructing files from promises, Editing bundles, Three approaches to managing files, Top -@unnumberedsec Constructing files from promises -@sp 1 - -Making finished templates for files and filling in the blanks using variables -is a flexble approach in many cases, but it is not flexible enough for all -cases. A very flexible approach, but one that requires more thought, is to build -a final result (desired end-state) from a set of promises about what the file -should contain. This might or might not include templates in the sense of complete -files that are read in. - -@cartouche -If you are using CFEngine 3.3 or later, you have the option of using @code{edit_template} -and its embedded language constructs to keep decisions and loops inside templates. Let's -set aside that for a while and look at the alternatives, placing the data entirely -within bundles of `edit'-promises. -@end cartouche - -There is language support for this kind of editing in the standard -library, and you can store data and template components within a -CFEngine configuration itself, or as a separate file. For example: - -@verbatim -# - -body common control -{ -bundlesequence => { "main" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -# - -bundle common data -{ -vars: - "person" string => "Mary"; - "animal" string => "a little lamb"; -} - -# - -bundle agent main -{ -files: - "/tmp/my_result" - create => "true", - edit_line => expand_template("/tmp/my_template_source"), - edit_defaults => empty; -} - -@end verbatim -@noindent Suppose the file @file{my_template_source} contains the following -text: - -@smallexample - This is a file template containing variables to expand - - e.g $(data.person) had $(data.animal) -@end smallexample -@sp 1 -@noindent Then we would have the file content: -@sp 1 -@smallexample -host$ more /tmp/my_result - This is a file template containing variables to expand - - e.g Mary had a little lamb -@end smallexample - -@menu -* Adding a line here and there:: -* Lists inline:: -@end menu - -@node Adding a line here and there, Lists inline, Constructing files from promises, Constructing files from promises -@unnumberedsubsec Adding a line here and there - - -@noindent A simple file like this could also be defined in-line, without a separate template file: -@verbatim -# - -body common control -{ -bundlesequence => { "main" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -# - -bundle common data -{ -vars: - "person" string => "Mary"; - "animal" string => "a little lamb"; -} - -# - -bundle agent main -{ -vars: - "content" string => - "This is a file template containing variables to expand -e.g $(data.person) had $(data.animal)"; - -files: - - "/tmp/my_result" - create => "true", - edit_line => append_if_no_line("$(content)"), - edit_defaults => empty; -} - -@end verbatim - - -@node Lists inline, , Adding a line here and there, Constructing files from promises -@unnumberedsubsec Lists inline - - -@sp 1 -Here is a more complicated example, that includes list expansion. List expansion (iteration) -adds some trickiness because it is an ordered process, which needs to be anchored somehow. -@verbatim -# - -body common control -{ -bundlesequence => { "main" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -# - -bundle common data -{ -vars: - - "person" string => "Mary"; - "animal" string => "a little lamb"; - - "mylist" slist => { "one", "two", "three" }; - "clocks" slist => { "five", "six", "seven" }; - - # or read the list from a file with readstringlist() - -} - -# - -bundle agent main -{ -files: - - - "/tmp/my_result" - - create => "true", - edit_line => my_expand_template, - edit_defaults => empty; -} - -# - -bundle edit_line my_expand_template -{ -vars: - - # import the lists, due to current limitation - - "mylist" slist => { @(data.mylist) }; - "clocks" string => join(", ","data.clocks"); - "other" string => "eight"; - -insert_lines: - - " - This is a file template containing variables to expand - - e.g $(data.person) had $(data.animal) - - and it said: - "; - - " - $(mylist) o'clock "; - " - ROCK! - $(clocks) o'clock, $(other) o'clock - "; - - " ROCK! - The end. - " - - insert_type => "preserve_block"; # So we keep duplicate line -} - -@end verbatim -This results in a file output containing: -@smallexample -host$ ~/LapTop/cfengine/core/src/cf-agent -f ./test.cf -K -host$ more /tmp/my_result - - This is a file template containing variables to expand - - e.g Mary had a little lamb - - and it said: - - one o'clock - two o'clock - three o'clock - ROCK! - five, six, seven o'clock, eight o'clock - ROCK! - The end. - -@end smallexample - -Splitting this example into several promises seems unnecessary and inconvenient, so we could use a special -function @code{join()} to make pre-expand the scalar list and insert it as a single object: - -@verbatim -# - -body common control -{ -bundlesequence => { "main" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -# - -bundle common data -{ -vars: - - "person" string => "Mary"; - "animal" string => "a little lamb"; - - "mylist" slist => { "one", "two", "three", "" }; - "clocks" slist => { "five", "six", "seven" }; - - # or read the list from a file with readstringlist() - -} - -# - -bundle agent main -{ -files: - - - "/tmp/my_result" - - create => "true", - edit_line => my_expand_template, - edit_defaults => empty; -} - -# - -bundle edit_line my_expand_template -{ -vars: - - # import the lists, due to current limitation - - "mylist" string => join(" o'clock$(const.n) ","data.mylist"); - "clocks" string => join(", ","data.clocks"); - "other" string => "eight"; - -insert_lines: - - " - This is a file template containing variables to expand - - e.g $(data.person) had $(data.animal) - - and it said: - - $(mylist) - ROCK! - $(clocks) o'clock, $(other) o'clock - ROCK! - The end. - " - - insert_type => "preserve_block"; # So we keep duplicate line -} - -@end verbatim -Finally, since this is now entirely contained within a single set of quotes (i.e. there is a single -promiser), we could replace the in-line template with one read from a file: -@verbatim -# - -body common control -{ -bundlesequence => { "main" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -# - -bundle common data -{ -vars: - - "person" string => "Mary"; - "animal" string => "a little lamb"; - - "mylist" slist => { "one", "two", "three", "" }; - "clocks" slist => { "five", "six", "seven" }; - - # or read the list from a file with readstringlist() - -} - -# - -bundle agent main -{ -files: - - - "/tmp/my_result" - - create => "true", - edit_line => my_expand_template, - edit_defaults => empty; -} - -# - -bundle edit_line my_expand_template -{ -vars: - - # import the lists, due to current limitation - - "mylist" string => join(" o'clock$(const.n) ","data.mylist"); - "clocks" string => join(", ","data.clocks"); - "other" string => "eight"; - -insert_lines: - - "/tmp/my_template_source" - expand_scalars => "true", - insert_type => "file"; -} - -@end verbatim -@noindent - - - -@c ********************************************************************* - -@node Editing bundles, Choosing an approach to file editing, Constructing files from promises, Top -@unnumberedsec Editing bundles - -Unlike other aspects of configuration, promising the content of a single -file object involves possibly many promises about the atoms within the file. -Thus we need to be able to state bundles of promises for what happens inside -a file and tie it (like a body-template) to the @code{files} promise. -This is done using an @code{edit_line =>} or @code{edit_xml =>} constraint@footnote{At the time of writing -only @code{edit_line} is implemented.}, for -instance: - -@verbatim -files: - - "/etc/passwd" - - create => "true", - - # other constraints on file container ... - - edit_line => mybundle("one","two","three"); -@end verbatim - -Editing bundles are defined like other bundles for the agent, except that they have a type -given by the left hand side of the constraint (just like body templates): - -@verbatim -bundle edit_line mybundle(arg1,arg2,arg3) -{ -insert_lines: - - "newuser:x:1111:110:A new user:/home/newuser:/bin/bash"; - "$(arg1):x:$(arg2):110:$(arg3):/home/$(arg1):/bin/bash"; -} -@end verbatim - - - -@menu -* Standard library methods for simple editing:: -* Expressing expand_template as promises:: -@end menu - -@node Standard library methods for simple editing, Expressing expand_template as promises, Editing bundles, Editing bundles -@unnumberedsubsec Standard library methods for simple editing - -You may choose to write your own editing bundles for specific purposes; you can also use -ready-made templates from the standard library for a lot of purposes. If you follow the -guidelines for choosing an approach to editing below, you will be able to re-use standard -methods in perhaps most cases. Using standard library code keeps your own intentions clear -and easily communicable. -For example, to insert hello into a file at the end once only: -@verbatim -files: - - "/tmp/test_insert" - - create => "true", - edit_line => append_if_no_line("hello"), -edit_defaults => empty; - -@end verbatim -Or to set the shell for a user -@verbatim -files: - - "/etc/passwd" - create => "true", - edit_line => set_user_field("mark","7","/my/favourite/shell"); - -@end verbatim - -Some other examples of the standard editing methods are: - -@verbatim - append_groups_starting(v) - append_if_no_line(str) - append_if_no_lines(list) - append_user_field(group,field,allusers) - append_users_starting(v) - comment_lines_containing(regex,comment) - edit_line comment_lines_matching(regex,comment) - delete_lines_matching(regex) - expand_template(templatefile) - insert_lines(lines) - resolvconf(search,list) - set_user_field(user,field,val) - set_variable_values(v) - set_variable_values2(v) - uncomment_lines_containing(regex,comment) - uncomment_lines_matching(regex,comment) - warn_lines_matching(regex) -@end verbatim - -You find these in the documentation for the COPBL. - - -@c ********************************************************************* - - -@node Expressing expand_template as promises, , Standard library methods for simple editing, Editing bundles -@unnumberedsubsec Expressing @code{expand_template} as promises - -As on CFEngine 3.3.0, CFEngine has a new template mechanism to make it -easier to encode complex file templates. These templates map simply to @code{edit_line} bundles -in the following way. - -@itemize -@item Each line in a template maps to a separate @code{insert_lines} promise unless it is grouped with @samp{[%CFEngine BEGIN %]} and @samp{[%CFEngine END %]} tags. -@item Each multi-line group, marked with @samp{[%CFEngine BEGIN %]} and @samp{[%CFEngine END %]} tags maps to a multi-line @code{insert_lines} promise, with @code{insert_type => "preserve_block"}. -@item Each line that expresses a context-class: @samp{[%CFEngine @var{classexpression}:: %]} maps to a normal -class expression in a bundle. -@end itemize - -The order of lines in the template is preserved within each block, or if @code{edit_defaults} is used -to empty the resulting generated file before editing: e.g. with the standard library method: - -@verbatim - - "/tmp/expander" - - create => "true", - edit_template => "/home/a10004/input.dat", - edit_defaults => empty; - -@end verbatim - - -@node Choosing an approach to file editing, Pitfalls to watch out for in file editing, Editing bundles, Top -@unnumberedsec Choosing an approach to file editing - -There are two decisions to make when choosing how to manage file content: - -@table @i -@item How can the desired content be constructed from the necessary source(s)? -Is there more than one source of infromation that needs to be merged? - -@item Do the contents need to be adapted to the specific environment? -Is there context-specific information in the file? -@end table - -@cartouche -Use the simplest approach that requires the smallest number of promises to solve the -problem. -@end cartouche - -@node Pitfalls to watch out for in file editing, , Choosing an approach to file editing, Top -@unnumberedsec Pitfalls to watch out for in file editing - -File editing is different from most other kinds of configuration -promise because it is fundamentally an order dependent configuration -process. Files contain non-regular grammars. CFEngine attempts to simplify -the problem by using models for the file structure, essentially factoring out -as much of the context dependence as possible. - -Order dependence increases the fragility of maintainence, so you should do what you can to minimize it. - -@itemize -@item Try to use substitution within a known template if order is important. -@end itemize - -The simplest kinds of files for configuration are line-based, with no special order. For such -cases, simple line insertions are usually enough to configure files. - -The increasing introduction of XML for configuration is a major headache for configuration -management. - -@ifhtml -@html - -@contents -@end html - - -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_FIPS.texinfo b/docs/guides/SpecialTopic_FIPS.texinfo deleted file mode 100644 index 17ef6bdbb8..0000000000 --- a/docs/guides/SpecialTopic_FIPS.texinfo +++ /dev/null @@ -1,150 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-fips.info -@settitle FIPS certification -@setchapternewpage odd -@c %** end of header - -@titlepage -@title FIPS validated cryptography in CFEngine -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -The FIPS 140-2 validation for approved cryptographic modules is a current -government requirement in the USA. This document explains the use of -FIPS 140-2 validated modules in commercial CFEngine versions. - -FIPS 140-3 is underway and will supercede FIPS 140-2 at some unknown time in the future. - -QA: MB,NP,CR -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} July 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - - -@iftex -@contents -@end iftex - - -@unnumberedsec What is FIPS 140-2? -@sp 1 - -FIPS 140-2 is a standard published by the National Institute of -Standards and Technology (NIST)[1]. NIST also established the -Cryptographic Module Validation Program (CMVP)[2] that validates -cryptographic modules to the FIPS 140-2 standard. Vendors seek -validation for their cryptographic modules in order to provide -assurance that their encryption solutions are properly implemented -to an accepted standard. - -A cryptographic module that has already been issued a FIPS 140-2 -validation certificate may be incorporated or embedded into -another product. [3] - -In order to use a validated cryptographic module and attest FIPS 140-2 -validation, the new product must: -@itemize -@item Reference the certificate number of the validated module, -@item Must not alter the original validated module. -@item Must adhere to the documented security policy for the validated module. -@end itemize - - -@unnumberedsec What is the certificate number? -@sp 1 - -CFEngine attests to NIST certificate number 1111. - -These validations were not initiated by CFEngine, but any user of -this Open Source software module can use them provided we follow the -instructions in the security policy. - -@unnumberedsec Declaration from CFEngine -@sp 1 - -The current FIPS 140-2 Crypto Policy Officer for CFEngine resides -at CFEngine AS/Inc headquarters. The security officer attests that -packages provided by CFEngine, on the customer download site -software.CFEngine.com, whose names contain the term FIPS in upper or -lower case have been compiled according to the security policy for -certificate 1111 [5]. CFEngine packages, marked FIPS, have been built -from source code located at: - -@url{http://www.openssl.org/source/openssl-fips-1.2.tar.gz} - -@noindent according to the security policy documented in [6]. -CFEngine can provide compliant software on all Unix-like platforms, -but not currently on Windows. - - -@unnumberedsec Algorithms -@sp 1 - -CFEngine uses OpenSSL encryption code from the libcrypto library. It -does not use any SSL or TLS specific modules. CFEngine uses RSA -encryption for authentication. Commercial versions of CFEngine use -AES-256 symmetric encryption with a random session key for transport. - -@unnumberedsec Future policy -@sp 1 - -It is CFEngine's policy to obtain a private validation of the -OpenSSL crypto module at some time in the next two years for the principal -purpose of branding. This is a long process and does not alter the -specification of the software in any way. - -@page -@unnumberedsec References -@sp 1 - -@enumerate -@item Security policy 1111: - -@item @url{http://csrc.nist.gov/groups/STM/cmvp/standards.html} - -@item @url{http://csrc.nist.gov/groups/STM/cmvp/index.html} - -@item @url{http://csrc.nist.gov/groups/STM/cmvp/documents/CMVPFAQ.pdf} - -@item @url{http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1111} - -@item @url{http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt1111.pdf} -@item @url{http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1111.pdf} - - -@end enumerate - -@bye - - diff --git a/docs/guides/SpecialTopic_Federation.texinfo b/docs/guides/SpecialTopic_Federation.texinfo deleted file mode 100644 index 89a5030368..0000000000 --- a/docs/guides/SpecialTopic_Federation.texinfo +++ /dev/null @@ -1,593 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-federation.info -@settitle Orchestration -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Federation and Organizational Complexity -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Each business or organization has a necessary and sufficient level of -complexity for its tasks: too complex and resources are wasted due to -vlack of comprehension, too simple and the business is not being served -properly. Complexity often arises when organizations merge because -leaders attempt to reorganize hierarchically. This ST Guide explains -strategies that are suited to cope with complexity, and how best to -organize a CFEngine configuration. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - -@node Top, What is organizational complexity?, (dir), (dir) -@top Federation -@menu -* What is organizational complexity?:: -* What is federation?:: -* Coordination:: -* The Authority Paradox:: -* The social contract:: -* Service oriented federation:: -* Each part disconnected providing services:: -* Disconnected parts inheriting a single baseline:: -* Handling multiple sources:: -* Global assurance:: -* Merging and dividing enterprises:: -* Why federation does not reduce predictabilty:: -* The benefits of federated management:: -@end menu - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is organizational complexity?, What is federation?, Top, Top -@unnumberedsec What is organizational complexity? - -Complexity is a measure of the amount of information needed to explain -something. It implies a `mental cost' (and therefore a time and -monetary cost) to comprehend a pattern of structure and behaviour. - -The term organization has two distinct meanings in English: it can be -intended as a euphemism for an @i{institution} or a business, and it -can be intended to mean an ordered @i{structural pattern} (i.e. the -state of being organized). To avoid confusion, we shall refer to -businesses and public institutions as enterprises, and use the term -organization to mean an architectural pattern with a certain level of -complexity. - -Organizational Complexity is therefore the amount of information, and -hence cost, needed to manage an enterprise or system. In information -science, the complexity of a system is commonly defined as the length -of the shortest document that fully describes it. A complex system -requires a long document to capture its workings; a simple system -requires only a short document. - - -@node What is federation?, Coordination, What is organizational complexity?, Top -@unnumberedsec What is federation? - -A federation is a pattern of organization obtained by merging a number -of initially independent parts. The implication is that the resulting -organization is not a singular rigid unit, but rather a more loosely -coupled collective of autonomous parts. - -Federation is a natural structure for any enterprise that has parts -with fundamentally different functions or orgins. It can also be a -stepping stone on the way from a set of independent actors to a state -of unified integration. - -@sp 1 -@cartouche -Companies that merge or acquire other companies, as well as -companies that reorganize to outsource tasks are natural candidates -for federated management. -@end cartouche -@sp 1 - -Promise theory predicts that a federated organization is naturally -@i{service oriented}, with two main architectures: -@itemize -@item The different parts of the collective bind together -by promising each other services. - - -@item The parts offer services to external parties, but are bound -together by promising to coordinate with a central entity. - -@end itemize - -@node Coordination, The Authority Paradox, What is federation?, Top -@unnumberedsec Coordination, hierarchy and centralization - -Federated parts of an enterprise are said to be coordinated by an -entity, if they receive common information from it. Merely delivering -services (i.e. keeping promises) to a common entity does not lead to -coordination. Think of an orchestra. The conductor does not bring -about any coordination simply by listening, but rather by providing -common signals to the federated agents. On the other hand, the -conductor is a bottleneck who throttles the productivity of the -federated agents. If the agents rely too much on the conductor, or are -discouraged from acting independently, the amplification of effort is lost. - -@center @image{coordination,12cm,,,png} -@center Coordination implies common knowledge. -@sp 1 -The need for coordination is often exaggerated in human organizations --- it comes from an unrealistic desire to absolutely determine the -outcome of decisions. Realistically, it is only a means to bring -consistency to distributed parts. - - -@sp 1 -@cartouche -In ITIL and current IT parlance, a central hub containing coordination -information is called a Configuration Management Database (CMDB). The -term CMDB refers to a range of quite different approaches to -coordinating information that will not be discussed here. -In Object Orientation, the term @i{inheritance} is used to signify the -use of common information by federated parts. -@end cartouche -@sp 1 - -It is possible for federated parts to inherit coordinating information -from more than one source, just as it is possible for someone to have -two different jobs. In that case, one must be careful to avoid -conflicting directions. As organizational complexity grows, the -possibility of conflicting direction and expectation also grows unless strict principles -are adhered to. - -Promise Theory tells us that such conflicts can only be resolved by a -party receiving information, not by the parties sending it. This leads -to the model known as `voluntary cooperation' used by CFEngine, which -implies that each federated part must effectively choose which inputs it is -willing to use from external parties. - - - -@node The Authority Paradox, The social contract, Coordination, Top -@unnumberedsec The Authority Paradox - -For some, the idea that an organization should be built on voluntary -cooperation sounds wrong. However, no matter how much we might crave -certainty of outcome, making demands on the compliance of federated parts -does nothing to improve that certainty; indeed, it can -have the reverse effect. The confusion lies in a misunderstanding of desired -authority over the actual power to change, i.e. in what is intended or desired and -what is actually possible. Promise Theory resolves this confusion -by building a model based directly on the agents that can effect change. - -Authority is about who, in an enterprise, may decide what is -intended. Most people perceive authority through hierarchies or -`chains of command' in which the top of the hierarchical pyramid is -the master, and the layers below must follow: those at the top are -more powerful than those on the bottom. This is a cultural -prejudice. However this perception is, at best misleading, and in fact -is incorrect. - -Humans have been organizing things into hierarchies for most of -recorded history. We have a deeply held notion that favours -hierarchies as an organizational form. It is worth examining why. In -early times the upper echelons of hierarchy were the strong and the -educated, served by a relatively unspecialised workforce. They wielded -their power by guile and by violent force, and the lower layers cowered -in fear. From Kings and leaders to middle managers and class-system -underdogs, institutions and government, documents and tables of -contents, everywhere we look we see hierarchical structures. - -@sp 1 -@center @image{brainbrawn,8cm,,,png} -@sp 1 -@center The authority paradox -@sp 1 - -Today, education and peaceful society turns the reality of the power -hierarchy upside down: the true specialists are at the bottom of the -hierarchy, closer to the levers and the expertise to effect change. -Today `low level' means more specialised, not less educated. Low -level experts are held together by relatively unspecialised `managers' -who serve mainly as coordinators and communications links. However, -the culture and perception of authority from the top remains today. - -These changes create a paradox in modern systems. The leadership of -intent is assumed to come from above, but the real power to act is -down below. This necessitates the binding together of organizations -by a social contract of @i{voluntary cooperation}. - -The same is true in computer systems. Most system designs assume -that the point of command will be placed at the top of an -organizational tree, and that every part of the system (represented in -the branches and leaves) will follow the commands made from the top. -This turns out to be a poor model because, in reality, the top has -neither the knowledge nor the proximity to enforce changes below. - -No central management of either enterprise or computers can force -individual agents to comply with their wishes, without their low level -consent. The perception of authority is thus only a -fiction@footnote{Think of an orchestra. The real expertise lies in the -players (below). The conductor (above) offers coordination and -guidance, but has no real power to create music. Music is possible -because each player has his/her own copy of the script, and can work -autonomously, with only a little guidance.}. - - - - -@node The social contract, Service oriented federation, The Authority Paradox, Top -@unnumberedsec The social contract - -Social contracts lie at the heart of all human and computer -organizations. For computers these contracts may be as simple as -`access control settings', nonetheless there are human politics behind -them. Most enterprises struggle more with their internal sociology -(or politics) than with their technological solutions. - -When an organization is formed by merging independent parts, this is -especially important. The loss of identity and the feeling of loss of -autonomy by these parts can fuel a breakdown of the social contract -- -i.e. a loss of loss of voluntary cooperation. In terms of system -management, it therefore makes sense to preserve as much of the -identity and autonomy of the parts as possible. - -From an information perspective, this is also the lowest cost solution. -The expertise to run the merged entity already exists within -it@footnote{At least we may assume this.}, and the proximity to make -change is automatic, so to increase the organizational distance -between decision, expertise and change will at best lead to increased -overhead and at worst lead to the disconnection of decision making from -expertise. - -@sp 1 -@cartouche -Low level autonomy is a cost saving strategy that reduces the overhead -of management and improves the link between expertise and action. -@end cartouche - - -@node Service oriented federation, Each part disconnected providing services, The social contract, Top -@unnumberedsec Service oriented federation - -Service oriented means business oriented. -Let us now consider what this means for IT configuration. In -particular, how should a CFEngine configuration be structured for an -efficient organization? In the examples below, we shall adopt a -service oriented view, in which an enterprise is organized as a set of -federated entities, some of whom depend on each other for services. - - - -@node Each part disconnected providing services, Disconnected parts inheriting a single baseline, Service oriented federation, Top -@unnumberedsec Each part disconnected, providing services - -Each federated entity manages its own @file{promises.cf} file. Each has, in effect, its -own independent CFEngine configuration. - -@sp 1 -@center @image{fed1,12cm,,,pdf} -@center Independent configurations - complete autonomy - -The configuration may still use resources provided by other entities' machines, but -the other entities have no influence on the set of promises used to maintain any given one. - - - - - -@node Disconnected parts inheriting a single baseline, Handling multiple sources, Each part disconnected providing services, Top -@unnumberedsec Disconnected parts inheriting a single baseline - -A more common model for federation is to have a baseline constitution -for all the parts of the enterprise defined by an umbrella -organization. We can refer to this as a `global infrastructure' -service. - -Traditionally (i.e. hierarchically) one would think of this global -entity as being superior to the other entities, i.e. making them -subordinate, but this is not necessary, nor correct according to the -reality. The role of the global service is rather to provide a point -of consistent coordination, or centralized expertise to the others. -Compliance with the proposals of the global coordinator will be -assured if it plays a valuable roles. - -@sp 1 -@cartouche -Since the real power to change still lies in the hands of the -federated entities, the global infrastructure unit must build -a social contract with them to assure that its wishes are -complied with. This goal is attended to by making the global -entity a valued service for the federated entities. If the -global service is perceived as being of no value, it will be -ignored. -@end cartouche -@sp 1 - -@noindent The next step from full autonomy is thus to use methods that -have been defined by an enterprise-wide global infrastructure service. - -@sp 1 -@center @image{fed2,10cm,,,png} -@center Independent configurations using a common baseline -@sp 1 - - -@cartouche -@verbatim - -# -# Federated promises.cf -# - - bundle agent main - { - files: - - "$(sys.workdir)/inputs/baseline.cf" - - copy_from => remote_cp( - "/masterfiles/baseline.cf", - "central_service.example.com" - ); - methods: - - # Inherit the baseline constitution - - "baseline" usebundle => company_baseline; - - # All other local promises here .... - } - -@end verbatim -@end cartouche -@sp 1 - -The CFEngine code snippet above represents the CFEngine configuration -for any of the hosts in one of the federated departments. The -configuration is extremely simple. It begins by downloading the -@file{baseline.cf} configuration, provided by the global -infrastructure service, and then goes on to promise to use this as a -`method'. Finally, the major part of the configuration is the set of -special promises determined by the department itself. Federation is thus -technically trivial. The difficulties are rather conceptual and -sociological. - -Let us remark on the likelihood for conflict. Although the source of -the baseline is external, CFEngine configuration promises are always -implemented by the federated departments themselves, none are (or can -be) implemented by any external party such as the infrastructure -service. Thus, it is the responsibility of federated departments to -ensure that there are no conflicts between the baseline and their own -promises. Moreover, as the parts have no power to change the baseline, but -have agreed to follow it, the logical outcome must be that their own -special promises must not conflict with the global infrastructure -proposal. So all requirements are met without the need for central enforcement. - - -@node Handling multiple sources, Global assurance, Disconnected parts inheriting a single baseline, Top -@unnumberedsec Handling multiple sources - -Consider briefly the case in which there is more than one entity -offering promise proposals. If a part of the federation serves two -masters (see department 3 in the figure below), i.e. it promises to -implement the wishes of two external sources, then those sources must -either agree one hundred percent in their proposals, or they must not -overlap at all. Since these `masters' may or may not be coordinated, -it is up to the federated entity (department 3) to make the decision -about which of the sources to obey. - -@sp 1 -@center @image{fed3,12cm,,,png} -@center Multiple inheritance can lead to incorrect expectations. -@sp 1 - -The possiblity of conflict is easily handled in this architecture, -because it recognizes that the federated entity must be the final -arbiter of confict. - - -@node Global assurance, Merging and dividing enterprises, Handling multiple sources, Top -@unnumberedsec Global assurance - -The lack of a hierarchy has not made information chaotic and -disorganized. It has only provided a simple means of -scalability and conflict resolution. - -So what makes a federation different from a collection of completely -independent enterprises? The answer to this question us usually -some minimum set of common promises that all parts of the federation -must keep: a baseline constitution. - -Now, since the real power lies in the leaves of the organizational -tree, but the designated authority lies at the root, the root needs to -monitor the behaviour of the federated entities to ensure that this -baseline constition is being complied with. This can be handled by -performing an audit of the whole federation according to a single -standard@footnote{Think, once again, about the orchestra. The -conductor observes the behaviour of each autonomous player to -determine whether the orchestra is playing together and is playing the -same piece of music.}. - - -@sp 1 -@cartouche -CFEngine allows single-point-of-coodination monitoring of hosts -by a variety of mechanisms, so that compliance can be assured. -@end cartouche - - -@node Merging and dividing enterprises, Why federation does not reduce predictabilty, Global assurance, Top -@unnumberedsec Merging and dividing enterprises - -Autonomy makes the merging and division of enterprise systems trivial. -It is the way to enable out-sourcing and in-sourcing. - -Imagine trying to combine two cups of coffee. Now try combining two -combine two buildings or houses of cards. Coffee mixes easily because -it is not full of dependencies (bonds) between its parts. Buildings -are not fluid: at best one can build bridges between them, and try to -build something else around them and then take them apart. The same -applies to any system, whether human, software or mechanical. - -To merge two systems or enterprises, it will be much simpler if they -are fluid to begin with -- i.e. they are basically composed of -autonomous parts, loosely coupled, not rigidly joined together. Hierarchical -organization is rigid, like a house of cards. Service-oriented -systems are loosely coupled. By keeping the internal organization of -systems as far as possible like independent service atoms, you -facilitate reorganization by merging and division. - -@node Why federation does not reduce predictabilty, The benefits of federated management, Merging and dividing enterprises, Top -@unnumberedsec Why federation does not reduce predictabilty - -The fear that many traditionalists have of federated management is -that they cannot be certain of the outcome unless they have absolute -authority. This fear is misplaced however. Certainty of outcome does -not depend on whether authority is federated or not: there are many -reasons why outcomes fail to be realized, including misunderstandings, accidents, force -majeur and simple disagreements. - -Certain knowledge can only be obtained by observing the results -directly@footnote{This is why society needs a police force to monitor -and respond to those who do not obey proposed law -- whether they have -promised to or not. This is the role of CFEngine.}, and repairing the -system if promises have not been kept. -Trying to enforce rules and command from above is an expensive and -often ineffective way to manage systems, like swimming against the -current. Trust in the federated system reduces the cost of verifying -one's assumptions. - -Hierarchies are sometimes used for oversight. Just as a conductor -takes care of the big picture for his orchestra, so managers in a -hierarchy can use their position to coordinate the larger picture for -their subordinates. However, like the orchestra, the manager should -not think that he has a real influence on the outcome. As long as each -player has the script and the instruments, the music can go on for -quite some time without its conductor. The role of a manager is one of -advice. - -@sp 1 -@cartouche -Rules of thumb for scalable management: - -@itemize -@item Use autonomy to scale: proximity to the affected area -avoids unnecessary dependency and transport of materials. -Trust costs less. - -@item If you need to enforce a common baseline (or constitution) for all, -then arrange this as a service, not as a punitive force. Use local -caching and the principal of convergence to a desired state -(idempotence) to provide assurance without the cost of monitoring. - -@item Trust lowers costs. -@end itemize -@end cartouche - -@node The benefits of federated management, , Why federation does not reduce predictabilty, Top -@unnumberedsec The benefits of federated management - -Hierarchy is familiar, but not essential. A hierarchy is only a -so-called `spanning tree' for a more general network of relationships. -It may be thought of as one possible point of view, amongst many -- -one way of traversing a network of relationships. - -A federated organization is automatically specialized into departments, -each of which knows its requirements best. - -One could take an enterprise and divide it into -skill-areas or departments, then divide each department into -geopgraphical teams. Conversely, we could divide the enterprise by -country first and subdivide each country into regions, then divide -these into skills. There is no unique way to traverse the -enterprise. In truth, it is not a hierarchy, but a network of -relationships. - -If the federated teams or clusters in an enterprise have sufficient -autonomy, both in resources and intended authority, then they don't -need to communicate with or wait for other parts to do their jobs. -Forcing that communication, due to lack of trust, will add overhead -and increase costs, without improving the certainty of outcome. - -Promise Theory tells us that organization by autonomy automatically -indentifies the parts of a system that can operate independently -- -i.e., the essential `atoms' of the system. Thus, it is a method for -identifying the raw material building blocks from which everything -else can be built. Starting with these available raw materials, it -encourages a rational approach to design of systems that are efficient -and service oriented. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Hierarchy.texinfo b/docs/guides/SpecialTopic_Hierarchy.texinfo deleted file mode 100644 index eae1675cd5..0000000000 --- a/docs/guides/SpecialTopic_Hierarchy.texinfo +++ /dev/null @@ -1,616 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-hierarchy.info -@settitle Hierarchies -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Hierarchies: Authority, Structure and Inheritance -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Using hierarchies is one way of distributing the load from a single CFEngine -policy server. They are also useful when an organization has different types -of machine classes. These classes can be based on location or on function, -and oftentimes the distinction of machine class will also be reflected in -differences in configuration. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is a hierarchy?, (dir), (dir) -@top Hierarchies - -@menu -* What is a hierarchy?:: -* How hierarchy compares to sets:: -* Classes are sets:: -* For and against hierarchies:: -* Inheritance and its forms:: -* Expressing is-a or has-a:: -* How to organize your organization:: -* Applications of hierarchy:: -@end menu - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is a hierarchy?, How hierarchy compares to sets, Top, Top -@unnumberedsec What is a hierarchy? - -A hierarchy is an organizational structure with tree-like branches. In -a hierarchy, parts of the system belong to other parts, like -collections of boxes inside other boxes. Each time you move, you -either ascend or descend to a different level with respect to the -root. Hierarchies are called @i{Directed Acyclic Graphs} (DAG) in -mathematics (see figure below (a) and (b)). - -@sp 1 -@center @image{networks,10cm,,Network organizational structures.,png} -@sp 1 - -@noindent Hierarchies are often associated with @i{authority}, as -we use hierarchies to organize human `chains of command'. In this -case, a hierarchy typically has multiple levels, as in (b). You might -interpret this diagram as showing a single point of top level -management, then satellite areas of middle management each with their -own clusters of slaves (leaf nodes). When drawing hierarchies, the root of the tree is -placed at the top or centre of the picture and is considered to be -@i{authoritative}, i.e. more important than the `leaves'. Each leaf -node is then subject to the control of the root in a @i{top down} -manner. - - -The opposite of a hierarchy is a @code{mesh} or web (figure (c)), -which has no special or privileged node -- nodes are simply connected -by some kind of relationship. In mesh organization, each individual -has an area of responsibility and they talk on demand to other nodes, -without any particular ranking. If you move in a mesh, you cannot -easily measure how far you are away from a given point, as their might -be more than one way of getting there. - -Mesh architectures are often robust to failure as there can be multiple -`peer to peer' routes for passing messages or information. - -@cartouche -Top-down is is a cultural prejudice or `norm', as most human societies work in this -way. However it is not a necessity. A network service is bottom-up -- there -it is the leaves which drive requests that end at a single central server. -Hierarchies are special cases of @i{networks}, and (as all special cases) they are fragile, -because the have top-down redundancy, but not bottom-up redundancy. -We say that hierarchies have a Single Point of Faliure at the root, -as failure at that point will disconnect the network. - -@sp 1 -@center @image{nettolerance,6cm,,Network organizational structures.,png} -@end cartouche - -@sp 1 - - - -@node How hierarchy compares to sets, Classes are sets, What is a hierarchy?, Top -@unnumberedsec How hierarchy compares to sets - -@sp 1 - -Some languages (like Object Oriented languages) are designed to -enforce hierarchies. CFEngine is not one of these. In CFEngine you can -build a hierarchy if you want to, but you can also build any other -kind of network. The parts of your system can also work with complete -autonomy if that is what you want. CFEngine does not push a model onto you. - -@noindent Consider this example of CFEngine classes. It expresses a tree -structure. -@verbatim -classes: - - # Conceptual hierarchy - - "top" or => { "middle_1", "middle_2", "middle_3" }; - "middle_1" or => { "slave_1", "slave_2", "slave_3" }; - "middle_2" or => { "slave_4", "slave_5", "slave_6" }; - -@end verbatim -This example is contrived. The core classes that CFEngine cares about -are the slaves, since CFEngine is a bottom-up system. The definition -of the middle and top classes are @i{aggregations} of clusters of -basic member attributes. - -Consider this example of a geographically distributed organization, -with finance, engineering and legal departments in three countries. -@verbatim -# Hierarchy - - "headquarters" or => { "usa", "uk", "norway" }; - "department" or => { "finance", "engineering", "legal" }; - -@end verbatim -@noindent We can express the full hierarchy like this: -@verbatim -usa.finance -usa.engineering -usa.legal -uk.finance -uk.engineering -uk.legal -norway.finance -norway.engineering -norway.legal -@end verbatim -@noindent In this notation, the dot looks like `member' because the -departments are smaller than the countries and are contained within them. -You might feel that this model is upside down and that one should consider -the finance department to be a unified global entity, with branches in -three different countries. In that case, you would write -@verbatim -finance.uk -finance.usa -finance.norway -@end verbatim - -This highlights the fact that we often want to slice and dice organizations -in different ways, and attending too closely to a single hierarchical model -prevents that. -The key is to notice that the `.' (dot) operator is really an intersection -of sets (AND)@footnote{It is a commutative operator, which is why it makes sense -to write both @code{usa.finance} and @code{finance.usa}.}, and that this is -a much more flexible notion than hierarchy. - -@node Classes are sets, For and against hierarchies, How hierarchy compares to sets, Top -@unnumberedsec Classes are sets - -@quotation -@i{`Sets, sets, sets ... all you ever think about it sets!'@*} -@* --- Anonymous -@end quotation - - -Underlying hierarchies and networks is the concept of @i{sets}. A set -or @i{collection} of something is just a number of instances that -satisfy some property. For example, the @i{set of all Windows -machines}, or the @i{set of times between 2 and 3 o'clock}. Sets can -be thought of as networks in which the elements are all joined to each -other by a common relationship `in the same set as'. - -The name of a set can be thought of as a property that characterizes -the members, and as such it behaves like an abstract box or container for the members. -Containment in classes is the basis for hierarchies in Object Orientation, for instance. - -We often write subset membership using a membership `.' character, e.g. if @samp{linux} -is the set of hosts with property `linux', then a subset (or sub-class) of these -hosts is `debian' (see figure). The class @i{64 bit hosts} is not a subset of -linux, as part of it lies outside. It is a subset of @i{hosts}. - -@example -linux.debian -linux @i{AND} debian -linux @i{intersect} debian -@end example - -@center @image{intersect,5cm,,Overlapping sets.,png} - -Sets can be made hierarchical when every subset is contained entirely by one and -only one parent set, and in turn contains zero or more whole subsets which it -does not share with any other. The problem with hierarchical sets is -that they are too restrictive. If you design them incorrectly in the -first place, you shut parts of the organization inside a box that -prevents other parts from accessing them. - -CFEngine works only with sets. It does not assume that sets never overlap. -Indeed, it encourages you to use as many overlapping sets as possible to -create optimum, simple categories to address the parts of your organization. -This gives us great power. We can for instance extract the list of all English -speaking entities from the definitions about our organization, by adding a -defintion of set @i{union} (OR or @samp{|}) and @i{intersection} (AND or @samp{.}): -@verbatim -# Hierarchy - - "headquarters" or => { "usa", "uk", "norway" }; - "department" or => { "finance", "engineering", "legal" }; - - "english_speaking" expression => "(usa|uk).!legal"; - -@end verbatim -@noindent Thus the English speakers are those entities belonging to -the USA `AND' the UK, excepting presumably the legal department. - - -@node For and against hierarchies, Inheritance and its forms, Classes are sets, Top -@unnumberedsec For and against hierarchies - -@sp 1 -Hierarchies are good at bringing consistency. They are bad at scaling. -They bring consistency because the root node acts as a single point of -authority, i.e. the network speaks with a single voice. The scale -poorly because they funnel communication to a single point of failure -and processing so that the weakest link is the most authoratative -node. - -The Internet was designed by smart engineers to @i{not} be a hierarchy -so that it would be robust to failure of single nodes. Since then, -incorrigable humans have done their best to make it hierarchical from -the viewpoint of the Domain Name Service (DNS) classification, so that -organizational identifiers seem to fall into simple tree-like -hierarchies. - -Because the idea of hierarchy is so prevalent, it is many peoples' first -instinct to build hierarchical organizations. At CFEngine we believe that -the idea is over-used, and causes as many problems as it brings solutions, -so CFEngine does not encourage it. - -This document tries to show how to use hierarchy sensibly and usefully to -simplify rather than to enforce authority. - -@node Inheritance and its forms, Expressing is-a or has-a, For and against hierarchies, Top -@unnumberedsec Inheritance and its forms - -@sp 1 -Perhaps the most popular application of hierarchy is to use the -property of having a single-point of definition to avoid maintaining -the same information in more than one place. @i{This is an efficiency}. -Inheritance is expressed in different ways: - -@itemize -@item Special subset @i{extends} base set properties, emphasizing that the -leaf builds on, or adds the root in order to extend it. -@item Special subset @i{inherits} base set properties, emphasizing that -the leaf is a consumer of the root and does not necessarily offer any more. -@item Special subset @i{depends on}, emphasizing that the root is a single -point of failure for the leaf. -@end itemize -These are basically equivalent expressions of the same thing. No -matter how we choose to express this, inheritance is a client-server -relationship in which a single source is feeding a number of possible -users. - -@sp 1 -@cartouche -In Promise Theory, we consider this to be a use-promise (service) relationship. -A single point promises information, and a number of leaf-nodes promise to use it. -@end cartouche -@sp 1 - -@sp 1 -@center @image{inherit,10cm,,Network organizational structures.,png} -@sp 1 -The figure shows how we maintain common information in a `base' or server. -Then the users or consumers of the information are so-called derived classes. - -We can use the notion of inheritance at different levels within CFEngine. -These are a matter of using the global scope with bundle names. - -@table @i -@item Inheritance of classes/sets -We can aggregate smaller classes into larger ones (yielding multiple -inheritance of class attributes): -@verbatim -classes: - - "group_name" or => { - "base_class_1", - "base_class_2", - "base_class_3" - }; - -@end verbatim -Note that CFEngine naturally forms a bottom-up hierarchy, never a top-down hierarchy. - -@item Inheritance of class definitions -CFEngine divides its promises into bundles that have private classes -and variables. Bundles called `common bundles' define @i{global classes}, -so they are automatically inherited by all other bundles. - -@item Inheritance of variable definitions - -Variables in CFEngine are globally accessible, but you must say -what bundle you are talking about by writing @samp{$(bundle.scalar)} -or @samp{@@(bundle.list)}. If you omit the `bundle', it is assumed -that the variable is in the current bundle. - -@verbatim -bundle agent child_bundle(parameter) -{ -vars: - - "extend_list" slist => { "extension", @(foreign.list) }, - policy => "ifdefined"; - -reports: - - "Inherit parameter value $(parameter)"; - "Inherit foreign scalar value $(foreign.scalar)"; - -} -@end verbatim -The policy @code{ifdefined} means that CFEngine will ignore -the foreign list if it does not exist. This means you can -include a number of lists from other bundles to extend -the behviour of your own, if they are provided. - -@item Inheritance of bundles -Bundles cannot really be merged like sets, but since they -make promises you can @i{use} them. - -@verbatim -bundle agent child_bundle -{ -methods: - - "extend_method" use => base_bundle(parameter1,parameter2); - -} -@end verbatim - -A bundle can only be used if it exists, so we can also talk about -plug-ins for bundles. In CFEngine, you include entire bundles either -in the the @code{bundlesequence}, or as @code{methods}. - -Normally you have to know exactly which bundles are going to exist in -advance, as CFEngine considers missing code to be a security issue and -will signal an error for missing bundles. This is the default -behaviour, but we can override it using the following @code{body agent -control} promises. -@table @code -@item ignore_missing_bundles -Skip over any bundles listed in the @code{bundlesequence} constraint and continue -without error. -@item ignore_missing_inputs -Skip over any input files listed in the @code{inputs} contraint and continue -without error. -@end table - -@end table - - -@cartouche -Be aware of the security implications of inheritance. Because of the assumption of -authority, by promising to use the inheritance, you have subordinated your input -to the source -- or voluntarily given up the right to say no to whatever you -have subscribed to. You have implicity @i{trusted} them. -@end cartouche - - -@node Expressing is-a or has-a, How to organize your organization, Inheritance and its forms, Top -@unnumberedsec Expressing `is a' or `has a' - -Let us re-emphasize for the record that CFEngine is not intended to be -an object oriented system. At CFEngine we do not believe that Object -Orientation is a good way to think about complex architectures. - -That said, all object-oriented class relationships are expressable as -set relationships, as sets are the basis of all computing. We can therefore -understand relationships like `is a' and `has a' in CFEngine, even if they -are not the recommended way of thinking. - -For example, if we say that @code{debian} `is a' (kind of) -@code{linux}, or conversely that @code{linux} `has a' (subtype called) -@code{debian}, then we are expression @i{container} promises. We mean -that @code{debian} is a subset of @code{linux}, and this means. In -concrete terms @code{debian} might or might not extend @code{linux}, -or vice versa. When `objects' get as complicated as operating systems -it does not really make sense to speak so simplistically. - -If we want to say that a host `is a' server, we can code this as membership -in the set of servers: - -@verbatim -classes: - - "servers" or => { "host1", "host2" }; - -processes: - - servers:: # the next rules `extend' or add to the class servers - - "..." - -@end verbatim - - - -@node How to organize your organization, Applications of hierarchy, Expressing is-a or has-a, Top -@unnumberedsec How to organize your organization - -Faced with the choice of how to classify systems, where does one -begin? This is the dilemma that programmers face when designing new -software, and if they make the wrong choices for their class -hierarchy, it can cost a lot of work to redesign everything again from -the beginning. This is why inheritance and strict class hierarchies -are a very fragile way of organizing something. Using a patchwork of -sets, CFEngine potentially avoids this problem -- but you can still -make a mess -- it seems to be programmed into us to put systems into -hierarchy-like `container' categories anyway, and this can end with -confusion. - -The keyt issue is: how tdo we slice and dice the cake into the largest -pieces? In other words, what is that basic paradigm that you use to partition your -system operations? Some alternatives include: - -@itemize -@item Geographically (by site or country) -@item By business department (sales, accounting, research) -@item By security zone (private, DMZ, public, etc) -@item By operating system (solaris, linux, darwin) -@item By customer or client (e.g. for managed services) -@item By task, service or role in the network (webservers, dns, workstations) -@end itemize - -However, you choose to begin, you can further subdivide these major categories -by simply ANDing with other categories. - - - -@node Applications of hierarchy, , How to organize your organization, Top -@unnumberedsec Applications of hierarchy - -When a small organization uses CFEngine, machines are often configured by -"what they do" or "what they have" (@i{e.g.,} they "are a webserver" or they -"have ntp-based time synchronization"). These attributes are best expressed -using CFEngine classes (and class promises), so that the @code{.cf} files -can simply express configuration options based on "has-a" or "is-a" options. - - -For example: - -@verbatim -bundle agent maintain_servers -{ -classes: - "has_dhcpd" or => { classmatch("ipv4_10_\d+_\d+_1") }; - "has_httpd" or => { "www_example_com" }; - "has_sshd" or => { "any" }; - -processes: - has_dhcpd:: - "dhcpd" restart_class => "start_dhcpd"; - - has_httpd:: - "httpd" restart_class => "start_httpd"; - - has_sshd:: - "sshd" restart_class => "start_sshd"; - -commands: - freebsd.start_dhcpd:: - "/usr/local/etc/rc.d/isc-dhcpd.sh start"; - - start_httpd:: - "/usr/local/sbin/apachectl start"; - - freebsd.start_sshd:: - "/etc/rc.d/sshd start"; - - linux.start_sshd:: - "/etc/init.d/ssh start"; -} -@end verbatim - -@noindent As you can see, the #1 machine on every net-10 subnet has the dhcp -server for that subnet, the machine @code{www.example.com} has a web server, -and every machine has an ssh server. - -But what happens when we want to maintain configuration information -differently for different regions, or different IP addresses? Our usage of -classes can get complicated, and can obscure the the details of what you want -CFEngine to maintain. For example, if we want to maintain both internal and -external webservers for different parts of a larger corporation, we might see -something like this: - -@verbatim -files: - internal.has_httpd.nyc:: - # Files maintained for internal webserver in New York - - external.has_httpd.nyc:: - # Files maintained for external webserver in New York - - internal.has_httpd.london:: - # Files maintained for internal webserver in London - - external.has_httpd.london:: - # Files maintained for external webserver in London - - internal.has_httpd.tokyo:: - # Files maintained for internal webserver in Tokyo - - external.has_httpd.tokyo:: - # Files maintained for external webserver in Tokyo -@end verbatim - -@noindent When you compound this by ading more services, locations, and finer -and finer discriminations, the configuration files can rapidly grow so -complicated as to obfuscate the intentions. - -To be sure, having classes like @code{nyc}, @code{london}, and @code{tokyo} -can be very useful when using CFEngine to centrally administer a large -network of computers, but there are other ways of doing this that make -maintenance easier and the logic more apparent. - -1) Copying files to local machines -2) Symlinks -3) Local changes $(site_local) -4) Machine naming -> classes -5) Using dist classes to select from a set of machines, not just query them - in order; also splayclass -6) Versioning, RPM/SVN for distro, vs CFEngine -7) updating with cf-agent -DUpdateNow - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_ITIL.texinfo b/docs/guides/SpecialTopic_ITIL.texinfo deleted file mode 100644 index 96891bf396..0000000000 --- a/docs/guides/SpecialTopic_ITIL.texinfo +++ /dev/null @@ -1,1376 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-itil.info -@settitle ITIL -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine and ITIL -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -The IT Infrastructure Library (ITIL) is a set of human management practices -surrounding IT infrastructure that are designed to bring quality assurance -and continuous improvement to organizations. - -ITIL has emerged as a de-facto set of ideas about service management. -Many of ITIL's ideas are rooted in and old fashioned view of the -service desk and human remediation. This document explains how to -accomplish the major goals of ITIL, in the automated framework of -CFEngine. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What it ITIL?, (dir), (dir) -@top ITIL -@menu -* What it ITIL?:: -* ITIL history and versions:: -* Basics:: -* Version 2:: -* Version 3:: -* Service orientation and ITIL:: -* CFEngine in ITIL clothes?:: -* ITIL processes:: -* Which ITIL processes apply to CFEngine?:: -* Using CFEngine to implement ITIL objectives:: -* How can CFEngine or promises help an enterprise:: -* What is maintenance?:: -* ITIL and CFEngine Summary:: -* ITIL glossary:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What it ITIL?, ITIL history and versions, Top, Top -@unnumberedsec What it ITIL? -@sp 1 - -The IT Infrastructure Library (ITIL) is a set of human management practices -surrounding IT infrastructure that are designed to bring quality assurance -and continuous improvement to organizations. -ITIL has emerged as a de-facto set of ideas about service management. -Many of ITIL's ideas are rooted in and legacy views of the service desk -and human remediation. This document explains how to accomplish the -major goals of ITIL, in the automated framework of CFEngine. - -More concretely, the IT Infrastructure Library (ITIL) is a collection -of books, in which ``best practices'' for IT Service Management (ITSM) -are described. Today, ITIL can be seen as a de-facto standard in the -discipline of ITSM, for which it provides guidelines by its current -core titles Service Strategy, Service Design, Service Transition, -Service Operation and Continual Service Improvement. ITIL follows the -principle of process-oriented management of IT services. - -In effect, the responsibilities for specific IT management decisions -can be shared between different organizational units as the management -processes span the entire IT organization independent from its -organizational partition. Whether this means a centralization or -decentralization of IT management in the end, depends on the concrete -instances of ITIL processes in the respective scenario. - - -@sp 1 -@node ITIL history and versions, Basics, What it ITIL?, Top -@unnumberedsec ITIL history and versions -@sp 1 - -ITIL has its roots in the early 1990s, and since then was subject to -numerous improvements and enhancements. Today, the most popular -release of ITIL is given by the books of ITIL version 2 (often -referred to as ITILv2), while the British OGC (Office of Government -Commerce), owner and publisher of ITIL, is currently promoting ITIL -version 3 (ITILv3) under the device "`ITIL Reloaded"'. A further ITIL -version has already been planned, owing to perceived problems with -version 3. - -ITILv3 is not just an improved version of the ITILv2 books, but rather -comes with a completely renewed structure, new sets of processes and a -different scope with respect to the issue of IT strategies, -IT-business-alignment and continual improvement. In the following, we -run through the basics of both versions, highlighting commonalities -and differences. - -@sp 1 -@node Basics, Version 2, ITIL history and versions, Top -@unnumberedsec Basics -@sp 1 - -ITIL is an attempt to implement the @i{Deming Quality Circle} as a -model for continual quality improvement. Quality relates to the -provided IT services as well as the management processes deployed to -manage these services. Continual improvement in ITIL means to follow -the method of Plan-Do-Check-Act: - -@table @b -@item Plan -Plan the provision of high-quality IT services, i.e. set up the required management processes for the delivery and support of these services, define measurable goals and the course of action in order to fulfill them. -@item Do - Put the plans into action. -@item Check - Measure all relevant performance indicators, and quantify the achieved quality compared to the quality objectives. Check for potentials of improvement. -@item Act - In response to the measured quality, start activities for future improvements. This step leads into the Plan phase again. -@end table - -@sp 1 -@node Version 2, Version 3, Basics, Top -@unnumberedsec Version 2 -@sp 1 - -Although ITIL version 3 was released during the summer of 2007, -it is its predecessor that has achieved great acceptance amongst -IT service providers all over the world. Also due to the fact that the -International ISO/IEC 20000 standard emerged from those -basic principles and processes coming from ITILv2, it is this version -experiencing the biggest distribution and popularity. - -The core modules of ITIL version 2 are the books entitled Service -Support and Service Delivery. While the Service Support processes -(e.g. Incident Management, Change Management) aim at supporting -day-to-day IT service operation, the Service Delivery processes -(e.g. Service Level Management, Capacity Management, Financial -Management) are supposed to cover IT service planning like resource -and quality planning, as well as strategies for customer relationships -or dealing with unpredictable situations. - -@sp 1 -@node Version 3, Service orientation and ITIL, Version 2, Top -@unnumberedsec Version 3 -@sp 1 - -In 2007, version 2 was replaced by its successor version 3, aimed at -covering the entire service life cycle from a management -perspective and striving for a more substantiated idea of IT business alignment. -Many version 2 processes and ideas have been recycled -and extended by various additional processes and principles. The five -service life cycle stages accordant to versin 3 are: - -@enumerate -@item Service Strategy: Common strategies and principles for customer-oriented, business-driven service delivery and management -@item Service Design: Principles and processes for the stage of designing new or changed IT services -@item Service Transition: Principles and processes to ensure quality-oriented implementation of new or changed services into the operational environment -@item Service Operation: Principles and processes for supporting service operation -@item Continual Service Improvement: Methods for planning and achieving service improvements at regular intervals -@end enumerate - -@sp 1 -@node Service orientation and ITIL, CFEngine in ITIL clothes?, Version 3, Top -@unnumberedsec Service orientation and ITIL - -Why service and process orientation? What is ITIL trying to do? As we -mentioned in the introduction, the `top down hierarchical' control -view of human organization fell from favour in business research in -the 1980s and service oriented autonomy was identified as a new -paradigm for levelling organizations -- getting rid of deep -hierarchies that hinder communication and open up communication -directly. - -If we look at ITIL through the eyeglass of a hierarchical organization, -some of its procedures could be seen as restrictive, throttling -scalable freedoms. We do not believe -that this is their intention. Rather ITIL's guidelines try to make a -predictable and reliable face for business and IT operations so that -customers feel confidence, without choking the creative process that -lies behind the design of new services. - -@sp 1 -@node CFEngine in ITIL clothes?, ITIL processes, Service orientation and ITIL, Top -@unnumberedsec CFEngine in ITIL clothes? -@sp 1 - -CFEngine users are interested in the ability to manage, i.e. cope with -system configuration in a way that enables a business or other -organization to do its work effectively. They don't want -human procedures because this is what CFEngine is supposed to -eliminate. To be able to use ITIL to help in this task, we have to first -think of the process of setting up as a number of services. What -services are these? We have to think a little sideways to see the -relationship. - -@table @b -@item Service Management -Providing a sensible configuration policy, responding to discovered problems or the needs of end-users. -@item Change Management -A minor edit of the configuration policy, with appropriate quality controls. Or a change that comes -from a completely different source, outside the scope of intended change. -@item Release Management -A new configuration policy, consisting of many changes. This could be a major and disruptive change so it should be planned carefully. -@item Capacity Management -Having enough resources for cfservd to answer all queries in a network. Having enough people and machines to support the processes of deploying and following CFEngine's progress. -@end table - -@sp 1 -@node ITIL processes, Which ITIL processes apply to CFEngine?, CFEngine in ITIL clothes?, Top -@unnumberedsec ITIL processes -@sp 1 - -The following management processes are in scope of ITILv3: - -@itemize -@item Service Level Management: Management of Service Level Agreements (Alas), i.e. service level and quality promises. -@item Service Catalogue Management: deciding on the services that will be provided and how they -are advertised to users. -@item Capacity Management: Planning and provision of adequate business, service and resource capacities. -@item Availability Management: Resource provision and monitoring of service, from a customer viewpoint. -@item Continuity Management: Development of strategies for dealing with potential disasters. -@item Information Security Management: Ensuring a minimum level of information security throughout the IT organization. -@item Supplier Management: Maintaining supplier relationships. -@item Transition Planning and Support: Ensuring that new or changed services are deployed into the operational environment with the minimal impact on existing services -@item Asset and Configuration Management: Management of IT assets and Configuration Items. -@item Release Management: Planning, building, testing and rolling out hardware and software configurations. -@item Change Management: Assessment of current state, authorization and scheduling of improvements. -@item Service Validation and Testing: ensuring that services meet their specifications. -@item Knowledge Management: organizing and integrating experience and methodology for future reference. -@item Incident Management: responding to deviations from acceptable service. -@item Event Management: Efficient handling of service requests and complaints. -@item Problem Management: Problem identification by trend analysis of incidents. -@item Request Fulfillment: Fulfilling customer service requests. -@item Access Management: Management of access rights to information, services and resources. -@end itemize - -@menu -* Service Strategy:: -* Service Design:: -* Service Operation:: -* Continual Service Improvement:: -@end menu - -@node Service Strategy, Service Design, ITIL processes, ITIL processes -@unnumberedsubsec Service Strategy - -Service strategy is about deciding what services you want to -formalize. In other words, what parts of your system administration tasks can you -wrap in procedural formalities to ensure that they are carried out most excellently? - -@node Service Design, Service Operation, Service Strategy, ITIL processes -@unnumberedsubsec Service Design - -Service design is about deciding what will be delivered, when it will be delivered, -how quickly the service will respond to the needs of its clients etc. This stage is probably -something of a mental barrier to those who are not used to service-oriented thinking. - -@node Service Operation, Continual Service Improvement, Service Design, ITIL processes -@unnumberedsubsec Service Operation - -How shall we support service operation? What resources do we need to provide, both human -and computer? Can we be certain of having these resources at all times, or is there -resource sharing taking place? If services are chained into ``supply chains'', remember that -each link of the chain is a possible delay, and a possible misunderstanding. Successfully running -services can be more complex at task than we expect, and this is why it is useful to -formalize them in an ITIL fashion. - -@node Continual Service Improvement, , Service Operation, ITIL processes -@unnumberedsubsec Continual Service Improvement - -Continual improvement is quite self-explanatory. We are obviously -interested in learning from our mistakes and improving the quality and -efficiency by which we respond to service requests. But it is -necessary to think carefully about when and where to introduce this -aspect of management. How often should we revise out plans and change -procedures? If this is too often, the overhead of managing the quality -becomes one of the main barriers to quality itself! Continual has to mean regular -on a time-scale that is representative for the service being provided, e.g. -reviews once per week, once per month? No one can tell you about your needs. -You have to decide this from local needs. - -@sp 1 -@unnumberedsec Tool Support -@sp 1 - -In the field of tool support for IT Service Management accordant to -ITIL, various white papers and studies have been published. In -addition, there are papers available from BMC, HP, IBM and other -vendors that describe specific (commercial) solutions. Generally, the -market for tools is growing rapidly, since ITIL increasingly gains -attention especially in large and medium-size enterprises. Today, it -is already hard to keep track of the variety of functionalities -different tools provide. This makes it even more difficult to approach -this topic in a way satisfactory to the entire researchers', vendors' -and practitioners' community. - -That is why this document follows a different approach: Instead of thinking -of ever new tools and computer-aided solutions for ITIL-compliant IT Service -Management, this book analyses how the existing and well-established -technologies used for traditional systems administration can -fit into an ITIL-driven IT management environment, and it guides -potential practitioners in integrating a respective tool suite -- namely -CFEngine -- with ITIL and its processes. - -To avoid any misunderstanding: We do not argue that CFEngine -- -originally invented for configuring distributed hosts -- may be -deployed as a comprehensive solution for automating ITIL, but what we -believe is CFEngine and its more recent innovations can @emph{bridge -the gap} between the technology of distributed systems management and -business-driven IT Service Management. -To make the case we must show: - -@enumerate -@item How ITIL terminology relates to the terminology of CFEngine and hence -to a traditional system administrator's language, and -@item Which parts (processes and activities) of -ITIL can be (partially) supported by CFEngine, and how. -@end enumerate - - - -@sp 1 -@node Which ITIL processes apply to CFEngine?, Using CFEngine to implement ITIL objectives, ITIL processes, Top -@unnumberedsec Which ITIL processes apply to CFEngine? -@sp 1 - -@image{itilfcaps,14cm,,FCAPS and ITIL,png} - -In version 2, ITIL divides itself into @emph{service -support} and @emph{service delivery}. For -instance, service support might mean having a number of CFEngine -experts who can diagnose problems, or who have sufficient knowledge -about CFEngine to solve problems using the software. It could also -mean having appropriate tools and mechanisms in place to carry out the -tasks. Service delivery is about how these people make their knowledge -available through formal processes, how available are they and how -much work can they cope with? CFEngine enables a few persons to -perform a lot of work very cheaply, but we should not forget to track our performance -and quality for the process of continual improvement. - -Service support is composed of a number of issues: -@itemize -@item Incident management: collecting and dealing with incidents. -@item Problem management: root cause analysis and designing long term countermeasures. -@item Configuration management: maintaining information about hardware and software and -their interrelationships. -@item Change management: implementing major sequenced changes in the infrastructure. -@item Release management: planning and implementing major ``product'' changes. -@end itemize -Although the difference between change management and release -management is not completely clear in ITIL, we can think of a release -as a change in the nature of the service, while change management -deals with alterations possibly still within the scope of the same release. -Thus is release is a more major change. - -Service delivery, on the other hand, is dissected as follows: -@itemize -@item Service Level Management -@item Problem management -@item Configuration management -@item Change management -@item Release management -@end itemize -These issues are somewhat clearer once we understand the usage of the -terms ``problem'', ``service'' and ``configuration''. Once again, it -is important that we don't mix up configuration management in ITIL -with configuration management as used in a Unix parlance. - -The notion of system administration in the sense of Unix does not -exist in ITIL. In the world of business, reinvented through the eyes -of ITIL's mentors, system administration and all its functions are -wrapped in a model of service provision. - -@menu -* ITIL Configuration Management (CM):: -* CMDB Asset Management:: -* Change management in the enterprise:: -* Change management vs convergence:: -* Release management:: -* Incident and problem management:: -* Service Level Management (SLM):: -@end menu - -@node ITIL Configuration Management (CM), CMDB Asset Management, Which ITIL processes apply to CFEngine?, Which ITIL processes apply to CFEngine? -@unnumberedsubsec ITIL Configuration Management (CM) -@sp 1 - -Perhaps the most obvious example is the term configuration management. - -@table @b -@item Configuration Management -The process (and life-cycle) responsible for maintaining information -about configuration items (CI) required to deliver an IT service, -including their relationships. -@end table - -As we see, this is comparable to our intuitive idea of ``asset -management'', but with ``relationships'' between the items -included. ITIL also defines ``Asset Management'' as ``a process -responsible for tracking and reporting the value of financially valuable assets'' -and is a component of ITIL Configuration Management. - -In the CFEngine world, configuration management involves planning, -deciding, implementing (``base-lining'') and verifying (``auditing'') -the inventory. It also involves maintaining the security and privacy -of the data, so that only authorized changes can be made and private -assets are not made public. - -In this document we shall try not to mix the ITIL concept with the -more prosaic system administration notion of a configuration which -includes the current state of software configuration on the -individual computers and routers in a network. - -Since CFEngine is a completely distributed system that deals with -individual devices on a one-by-one basis, we must interpret this asset -management at two levels: - -@itemize -@item The local assets of an individual device at the level of virtual -structures and containers within it: files, attributes, software packages, -virtual machines, processes etc. This is the traditional domain of automation -for CFEngine's autonomic agent. - -@item The collective assets of a network of such devices. -@end itemize -Since a single host can be thought of as a network of assets connected -through virtual pathways, it really isn't such a huge leap to see the -whole network in a similar light. This is especially true when many of the -basic resources are already shared objects, such as shared storage. - -@node CMDB Asset Management, Change management in the enterprise, ITIL Configuration Management (CM), Which ITIL processes apply to CFEngine? -@unnumberedsubsec CMDB Asset Management -@sp 1 - -Why bother to collect an inventory of this kind? Is it bureaucracy -gone mad, or do we need it for insurance purposes? Both of these -things are of course possibilities. - -The data in an ITIL Configuration Management Database (CMDB) can be -used for planning the future and for knowing how to respond to -incidents, in other words for service level management (SLM) and for -capacity planning. An organization needs to know what resources it -has to know whether its can deliver on its promises. -Moreover, for finance and insurance it is clearly a sound policy to have a database of -assets. - -For continuity management, risk analysis and redundancy assessment we -need to know how much equipment is in use and how much can be brought -in at a moment's notice to solve a business problem. These are a few -of the reasons why we need to keep track of assets. - -@sp 1 -@cartouche -CFEngine does not subscribe the the ITIL notion of a CMDB. Instead -we have a semantic Knowledge Map and distributed knowledge for -scalable analysis of the system. -@end cartouche - -@node Change management in the enterprise, Change management vs convergence, CMDB Asset Management, Which ITIL processes apply to CFEngine? -@unnumberedsubsec Change management in the enterprise -@sp 1 - -If we make changes to a technical installation, or even a business -process, this can affect the service that customers experience. -Major changes to service delivery are often written into service level -agreements since they could result in major disruptions. -Details of changes need to be known by a help-desk and service personnel. - -The decision to make a change is more than a single person should -usually make alone (see the CFEngine Special Topics Guide on @i{Change -Management}). ITIL recommends an advisory board for changes. - -@node Change management vs convergence, Release management, Change management in the enterprise, Which ITIL processes apply to CFEngine? -@unnumberedsubsec Change management vs convergence -@sp 1 - -We should be especially careful here to decide what we mean by -change. ITIL assumes a traditional model of change management that -CFEngine does not necessarily need. ITIL's ideas apply to the management of -CFEngine's configuration, not specifically to the way in which CFEngine carries out its -automated manipulations of the system. - -In traditional idea of change management you start by ``base-lining'' a -system, or establishing a known starting configuration. Then you -assume that things only change when you actively implement a change, -such as ``rolling out a new version'' or committing a release. This, -of course, is very optimistic. - -In most cases all kinds of things change beyond our control. Items are -stolen, things get broken by accident and external circumstances -conspire to confound the order we would like to preserve. The idea -that only authorized people make changes is nonsense. - -CFEngine takes a different view. It thinks that changes in -circumstances are part of the picture, as well as changes in inventory -and releases. It deals with the idea of ``convergence''. In this way -of thinking, the configuration details might be changing at random in -a quite unpredictable way, and it is our job to continuously monitor -and repair general dilapidation. Rather than assuming a constant state -in between changes, CFEngine assumes a constant ``ideal state'' or -@emph{goal} to be achieved between changes. An important thing to realize about including -changes of external circumstances is that you cannot ``roll back'' -circumstances to an earlier state -- they are beyond our control. - -@node Release management, Incident and problem management, Change management vs convergence, Which ITIL processes apply to CFEngine? -@unnumberedsubsec Release management -@sp 1 - -A @emph{release} in ITIL is a collection of authorized changes to a system. -One part of Change Management is therefore @emph{Release Management}. -A release is generally a larger umbrella under which many smaller -changes are made. It is major change. -Changes are assembled into @emph{releases} and then they are rolled out. - -In fact release management, as described by ITIL, has nothing to do -with change management. It is rather about the management of -designing, testing and scheduling the release, i.e. everything to do with -the release process except the explicit implementation of it. -@emph{Deployment} or @emph{rollout} describe the physical movement of -configuration items as part of a release process. - -@node Incident and problem management, Service Level Management (SLM), Release management, Which ITIL processes apply to CFEngine? -@unnumberedsubsec Incident and problem management -@sp 1 -ITIL distinguishes between @emph{incidents} and @emph{problems}. An incident is -an event that might be problematic, but in general would observe -incidents over some length of time and then diagnose @emph{problems} based -on this experience. - -@table @i -@item Incident -An event or occurrence that demands a response. -@end table - -One goal of CFEngine is to plan pro-actively to handle incidents -automatically, thus taking them off the list of things to worry about. - -@table @i -@item Problem -A pattern of consequence arising from certain incidents that is detrimental -to the system. It is often a negative trend that needs to be addressed. -@end table - - -Changes can introduce new incidents. -An integrated way to make the tracking of cause and effect easier is -clearly helpful. If we are the cause of our own problems, we are in -trouble! - -@node Service Level Management (SLM), , Incident and problem management, Which ITIL processes apply to CFEngine? -@unnumberedsubsec Service Level Management (SLM) -@sp 1 -Also loosely referred to as Quality of Service. This is the -process of making sure that Service Level Promises are kept, -or Service Level Agreements (SLA) are adhered to. -We must assess the impact of changes on the ability to deliver -on promises. - - -@node Using CFEngine to implement ITIL objectives, How can CFEngine or promises help an enterprise, Which ITIL processes apply to CFEngine?, Top -@unnumberedsec Using CFEngine to implement ITIL objectives -@sp 1 - -How does CFEngine fit into the management of a service organization? -There are several ways: -@itemize -@item It offers a rapid detection and repair of faults that help to avoid formal incidents. -@item It simplifies the deployment (release) of services. -@item Allows resources to be understood and planned better. -@end itemize -These properties allow for greater @emph{predictability} -of system services and therefore they contribute to customer confidence. - - -Any tool for assisting with change management lies somewhere between -ITIL's notion of change management and the infrastructure itself. It -must essentially be part of both (see figure). This applies -to CFEngine too. - - -@image{cfinf,14cm,,CFEngine is both infrastructure and a part responsible for infrastructure.,png} - -CFEngine can manage itself as well as other resources: itself, its -software, its policy and the resulting plans for the configuration of -the system. In other words, CFEngine is itself part of the infrastructure -that we might change. - -@node How can CFEngine or promises help an enterprise, What is maintenance?, Using CFEngine to implement ITIL objectives, Top -@unnumberedsec How can CFEngine or promises help an enterprise -@sp 1 - -Traditional methods of managing IT infrastructure involve working from -crisis to crisis -- waiting for `incidents' to occur and then initiating fire -suppression responses or, if there is time, proactive changes. With CFEngine, -these can be combined and made into a management @emph{service}, with -continuous service quality. - -CFEngine can assist with: -@enumerate -@item Maintenance assurance. -@item Reporting for auditing. -@item Change management. -@item Security verification. -@end enumerate - -Promise theory comes with a couple of principles: -@enumerate -@item Separation of concerns. -@item Fundamental attention to autonomy of parts. -@end enumerate - -Other approaches to discussing organization talk about the separation -of concerns, so why is promise theory special? Object Orientation -(OO) is an obvious example. Promise theory is in fact quite different to -object orientation (which is a misnomer). - -Object orientation asks users to model abstract classes (roles) long -before actual objects with these properties exist. It does not provide -a way to model the instantiated objects that later belong to those -classes. It is mainly a form of information structure -modelling. Object orientation models only abstract patterns, not -concrete organizations. - -Promise theory on the other hand considers only actual existing objects -(which it calls agents) and makes no presumptions that any -two of these will be similar. Any patterns that might emerge can be -exploited, but they are not imposed at the outset. Promise theory's -insistence on autonomy of agents is an extreme viewpoint from which -any other can be built (just as atoms are a basic building block from which -any substance can be built) so there is no loss of generality by making -this assumption. - -In other words, OO is a design methodology with a philosophy, whereas -promises are a model for an arbitrary existing system. - -@node What is maintenance?, ITIL and CFEngine Summary, How can CFEngine or promises help an enterprise, Top -@unnumberedsec What is maintenance? -@sp 1 - -Maintenance is a process that ITIL does not formally spend any time -on explicitly, but it is central to real-world quality control. - -Imagine that you decide to paint your house. Release 1 is going to be -white and it is going to last for 6 years. Then release 2 is going to -be pink. We manage our painting service and produce release -1 with all of the care and quality we expect. Job done? No. - -It would be wrong for us to assume that the house will stay this fine -colour for 6 years. Wind, rain and sunshine will spoil the paint over -time and we shall need to touch up and even repaint certain areas in -white to maintain release 1 for the full six years. Then when it is time -for release 2, the same kind of maintenance will be required for that too. - -Unless we read between the lines, it would seem that ITIL's answer to -this is to wait for a crisis to take place (an incident). We then -mobilize some kind of response team. But how serious an incident do we -require and what kind of incident response is required? A graffiti artist? -A lightening strike? A bird anoints the paint-work? CFEngine is -like the gardener who patrols the grounds constantly plucking weeds, -before the flower beds are overrun. Call it continual improvement if -you like: the important thing is that the process your be pro-active -and not too expensive. - -Maintenance is necessary because we do not control all of the -changes that take place in a system. There is always some kind of -``weather'' that we have to work against. CFEngine is about this -process of Maintenance. We call it ``convergence'' to the ideal state, -where the ideal state is the specified version release. -Keep this in mind as you read about ITIL change management. - - -@node ITIL and CFEngine Summary, , What is maintenance?, Top -@unnumberedsec ITIL and CFEngine Summary -@sp 1 - -ITIL is about processes designed mainly for humans in a workplace. It -represents a service oriented view of an organization, and as such is -more scalable than hierarchical views of management. CFEngine is also -a service oriented technology, thus there is some overlap of concepts. -Indeed CFEngine is a good tool for implementing and assisting in -certain ITIL processes, but we believe that no automation system can -really support what ITIL is about. - -@image{topic,15cm,,ITIL terminology,png} - -@node ITIL glossary, , Top, Top -@appendix ITIL glossary - -This section lists some of the many terms from ITIL, especially the ISO/IEC 20000 -version of the text, and offers some comments and translations into common CFEngine -terminology. - -@menu -* Active Monitoring:: -* Availability:: -* Alert:: -* Audit :: -* Baseline:: -* Benchmark :: -* Capability:: -* Change record:: -* Chronological Analysis:: -* Configuration:: -* Configuration Item (CI):: -* Configuration Management Database (CMDB):: -* Document:: -* Emergency Change:: -* Error:: -* Event:: -* Exception:: -* Failure:: -* Incident:: -* Monitoring:: -* Passive Monitoring:: -* Policy:: -* Proactive Monitoring:: -* Problem:: -* Promise:: -* Reactive Monitoring:: -* Record:: -* Recovery:: -* Remediation:: -* Repair:: -* Release:: -* Request for Change:: -* Abandon Autonomy?:: -* Resilience:: -* Restoration:: -* Role:: -* Service desk:: -* Service Level Agreement:: -* Service Management:: -* Warning:: -@end menu - -@node Active Monitoring, Availability, ITIL glossary, ITIL glossary -@unnumberedsec Active Monitoring - -Monitoring of a configuration item or IT service that uses automated regular checks to discover the current status. - -@cartouche -CFEngine performs programmed checks of all of its promises each time cfagent is started. -Cfagent is, in a sense, an active monitor for a set of promises that are described in its -configuration file. -@end cartouche - -@node Availability, Alert, Active Monitoring, ITIL glossary -@unnumberedsec Availability - -The ability of a component or service to perform its required function. - -Availability = Hours operational / Agreed service hours - - -@cartouche -Availability or intermittency in CFEngine refers to the responsiveness of -hosts in a network when remotely connecting to cfservd. - -Intermittency = Successful~ attempts / Total Attempts - -@end cartouche -This is a measurement that cfagent automatically makes. - -@node Alert, Audit , Availability, ITIL glossary -@unnumberedsec Alert - -A warning that a threshold has been reached, something has changed or a failure has occurred. - - -@cartouche -A CFEngine alert fits this description quite well. -Most alerts are user-defined, but a few are side effects of certain configuration -rules. -@end cartouche - -@node Audit , Baseline, Alert, ITIL glossary -@unnumberedsec Audit - - -A formal inspection and verification to check whether a standard or -set of guidelines is being followed. - - - - -@cartouche -CFEngine's notion of an audit is more like the notion from system -accounting. However, the data generated by this extra logging -information could be collected and used in a more detailed examination -of CFEngine's operations, suitable for use in a formal inspection -(e.g. for compliance). -@end cartouche - - -@node Baseline, Benchmark , Audit , ITIL glossary -@unnumberedsec Baseline - - -A snapshot of the state of a service or an individual configuration -item at a point in time - - -@cartouche -In CFEngine parlance, we refer to this as an initial state or -configuration. In principle a CFEngine initial state does not have to -be a known-base line, since the changes we make will not generally be -relative to an existing configuration. CFEngine encourages users to -define the final state (regardless of initial state). -@end cartouche - - -@node Benchmark , Capability, Baseline, ITIL glossary -@unnumberedsec Benchmark - -The recorded state of something at a specific point in time. - - -@cartouche -CFEngine does not use this term in any of its documentation, though -our general understanding of a ``benchmark'' is that of a standardized -performance measurement under special conditions. CFEngine regularly -records state and performance data in a variety of ways, for example -when making file copies. -@end cartouche - -@node Capability, Change record, Benchmark , ITIL glossary -@unnumberedsec Capability - -The ability of someone or something to carry out an activity. - - -@cartouche -CFEngine does not use this concept specifically. The notion of a capability -is terminology used in role-based access control. -@end cartouche - -@node Change record, Chronological Analysis, Capability, ITIL glossary -@unnumberedsec Change record - -A record containing details of which configuration items are affected -and how they are affected by an authorized change. - - - -@cartouche -CFEngine's default modus operandi is to @emph{not} record changes made -to a system unless requested by the user. Changes can be written as -log entries or audit entries by switching on reporting.@end cartouche - -An ``inform'' promise means that cf-agent promises to notify the -changes to its standard output (which is usually sent by email or -printed on a console output). A ``syslog'' promise implies that -cfagent will log the message to the system log daemon. Both of the -foregoing messages give only a simple message of actual changes. An -``audit'' promise is a promise to record extensive details about the -process that cfagent undergoes in its checking of other promises. - - -@node Chronological Analysis, Configuration, Change record, ITIL glossary -@unnumberedsec Chronological Analysis - -An analysis based on the timeline of recorded events (used to help identify possible causes of problems). - - - -@cartouche -A timeline analysis could easily be carried out based on audit -information, system logs and cfenvd behavioural records. -@end cartouche - -@node Configuration, Configuration Item (CI), Chronological Analysis, ITIL glossary -@unnumberedsec Configuration - -A group of configuration items (CI) that work together to deliver an IT service. - -@cartouche -A configuration is the current state of resources on a system. This is, in -principle, different from the state we would like to achieve, or what has -been promised. -@end cartouche - -@node Configuration Item (CI), Configuration Management Database (CMDB), Configuration, ITIL glossary -@unnumberedsec Configuration Item (CI) - -A component of an infrastructure which is or will be under the control -of configuration management. - - -@cartouche -A configuration item is any object making a promise -in CFEngine. We often speak of the promise object, or ``promiser''.@end cartouche - -@node Configuration Management Database (CMDB), Document, Configuration Item (CI), ITIL glossary -@unnumberedsec Configuration Management Database (CMDB) - -Database containing all the relevant details of each configuration -item and details of the important relationships between them. - - -@cartouche - -CFEngine has no asset database except for its own list of -promises. The only relationships is cares about are those which are -explicitly coded as promises. In the future, CFEngine 3 is likely -to extend the notion of promises to allow more general records of the -CMDB kind, but only to the extent that they can be verified autonomically. -@end cartouche - -@node Document, Emergency Change, Configuration Management Database (CMDB), ITIL glossary -@unnumberedsec Document - -Information and its supporting medium. - - - -@cartouche -ITIL originally considered a document to be only a container for -information. In version 3 it considers also the medium on which -the data are recorded, i.e. both the file and the filesystem on which it resides.@end cartouche - -@node Emergency Change, Error, Document, ITIL glossary -@unnumberedsec Emergency Change - -A change that must be introduced as soon as possible -- for example to -solve a major incident or to implement a critical security patch. - - - -@cartouche -CFEngine has no specific concept for this. -@end cartouche - -@node Error, Event, Emergency Change, ITIL glossary -@unnumberedsec Error - -A design flaw or malfunction that causes a failure. - - - -@cartouche -CFEngine often uses the term configuration error to mean a deviation of -a configuration from its promised state. The ITIL meaning of the term would -translated into ``bug in the CFEngine software'' or ``bug in the -promised configuration''. -@end cartouche - - -@node Event, Exception, Error, ITIL glossary -@unnumberedsec Event - -A change of state that has significance for the management of a -configuration item or IT service. - - - -@cartouche -The same basic definition applies to CFEngine also, but CFEngine makes -all such events into @emph{classes}, since its approach to observing -the environment is to measure and then classify it into approximate -expected states. CFEngine class attributes (usually from cfenvd) may -be considered as event notifications as they change. -@end cartouche - -@node Exception, Failure, Event, ITIL glossary -@unnumberedsec Exception, Failure, Event, Summary - -An @b{event} that is generated when a service or device is currently operating abnormally. - - - -@cartouche -A state in which configuration policy is violated (could lead to a -warning or an automated correction). -@end cartouche - - -@node Failure, Incident, Exception, ITIL glossary -@unnumberedsec Failure - -Loss of ability to operate to specification or to deliver the required output. - - - -@cartouche -ITIL's idea of a failure is something that prevents a promise from being kept. -CFEngine's autonomy model means that it is unlikely for such a failure -to occur, since promises are only allowed to be made about resources for which -we have all privileges. Occasionally, environmental issues might interfere and -lead to failure. -@end cartouche - -@node Incident, Monitoring, Failure, ITIL glossary -@unnumberedsec Incident - -Any event that is not expected in normal operations and which might -cause a degradation of service quality. - - - -@cartouche -CFEngine's philosophy of convergence gives us only one option for -interpreting this term, namely as a temporary deviation from promised -behaviour. A deviation must be temporary if CFEngine is operating -continually, since it will repair any problem on its next invocation -round. Events which do not impact promises made by CFEngine are of no -interest to CFEngine, since autonomy means it cannot be responsible -for anything beyond its own promises. -@end cartouche - -@node Monitoring, Passive Monitoring, Incident, ITIL glossary -@unnumberedsec Monitoring - -Repeated observation of a configuration item, IT service or process in -order to detect events and ensure that the current status is known. - - - -@cartouche -CFEngine incorporates a number of different kinds of monitoring, including monitoring of kept -configuration-promises and passive monitoring of behaviour. -@end cartouche - -@node Passive Monitoring, Policy, Monitoring, ITIL glossary -@unnumberedsec Passive Monitoring - -Monitoring of a configuration item or IT service that relies on an alert or notification to discover the current status. - - - -@cartouche -Cfenvd is CFEngine's passive monitoring component. It observes system -related behaviour and learns about it. It assumes that there is likely -to be a weekly periodicity in the data in order to best handle its -statistical inference. -@end cartouche - -@node Policy, Proactive Monitoring, Passive Monitoring, ITIL glossary -@unnumberedsec Policy - -Formally documented management expectations and intentions. Policies -are used to direct decisions, and to ensure consistent and appropriate -development and implementation of processes, standards, roles, -activities, IT infrastructures, etc. - - -@cartouche -CFEngine's configuration policy is an automatable set of promises -about the static and runtime state of a computer. Roles are identified -by the kinds of behaviour exhibited by resources in a network. We say -that a number of resources (hosts or smaller configuration objects) -play a specific promised role if they make identical promises. Any resource can -play a number of roles. Decisions in CFEngine are made entirely on the basis -of the result of monitoring a host environment. -@end cartouche - -@node Proactive Monitoring, Problem, Policy, ITIL glossary -@unnumberedsec Proactive Monitoring, Problem, Policy, Summary - -Monitoring that looks for patterns of events to predict possible future failures. - - - -@cartouche -All CFEngine monitoring is pro-active in the sense that it can lead to automated follow-up actions. -@end cartouche - -@node Problem, Promise, Proactive Monitoring, ITIL glossary -@unnumberedsec Problem - -Unknown underlying cause of one or more incidents. - - - -@cartouche -A repeated deviation from policy that suggests a change of policy or -specific counter-measures. A promise needs to be reconsidered or new promises -are required. -@end cartouche - -@node Promise, Reactive Monitoring, Problem, ITIL glossary -@unnumberedsec Promise, Reactive Monitoring, Problem, Summary - -ITIL does not define this term, although promises are deployed in -various ways -- for instance in terms of cooperation, communication -interfaces within or between processes or contractual relationships as -defined by Service Level Agreements, Operational Level Agreements and -Underpinning Contracts. - - - -@cartouche -A promise in CFEngine is a single rule in the CFEngine language. The promiser is the resource -whose properties are described, and the promisee is implicitly the CFEngine monitor. -@end cartouche - -@node Reactive Monitoring, Record, Promise, ITIL glossary -@unnumberedsec Reactive Monitoring - -Monitoring that takes action in response to an event -- for example -submitting a batch job when the previous job completes, or logging an -incident when an error occurs. - - - -@cartouche -The concept of reactive monitoring is unclear because the duration of an event and the speed of -a response are undefined. In a sense, all CFEngine monitoring is potentially reactive. It is possible -to attach actions which keep promises to any observable condition discernable by CFEngine's monitor. -CFEngine is not usually considered event driven however, since it does not react ``as soon as possible'' -but at programmed intervals. -@end cartouche - -@node Record, Recovery, Reactive Monitoring, ITIL glossary -@unnumberedsec Record - -Information in readable form that is maintained by the service provider about operations. - - - -@cartouche -A log entry or database item. -@end cartouche - -@node Recovery, Remediation, Record, ITIL glossary -@unnumberedsec Recovery - -Returning a Configuration Item or an IT service to a working -state. Recovering of an IT service often includes recovering data to a -known consistent state. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. -@end cartouche - -@node Remediation, Repair, Recovery, ITIL glossary -@unnumberedsec Remediation - -Recovery to a known state after a failed change or release. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. - -However, this concept is like the notion of ``rollback'' which often involves a more -significant restoration of a system from backup. This is discussed later. -@end cartouche - -@node Repair, Release, Remediation, ITIL glossary -@unnumberedsec Repair - -The replacement or correction of a failed configuration item. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation.@end cartouche - -@node Release, Request for Change, Repair, ITIL glossary -@unnumberedsec Release, Request for Change, Repair, Summary - -A collection of new or changed configuration items that are introduced together. - - - -@cartouche -An instantiation of the entire CFEngine system under a specific -version of a policy, i.e. a specific set of promises. -@end cartouche - -@node Request for Change, Abandon Autonomy?, Release, ITIL glossary -@unnumberedsec Request for Change - -A form to be completed requesting the need for change. This is to be followed up. - - - -@cartouche -This has no counterpart in CFEngine. It is part of human communication -which coordinates autonomous machines. Clearly autonomous computers do not -listen to change requests from other computers, but when machines cooperate -in clusters or groups they take suggestions from the collaborative process. -An RFC in an ITIL sense is part of an organizational process that goes beyond - CFEngine's level of jurisdiction. This is an example of what ITIL adds to -the autonomous CFEngine model. -@end cartouche - - -@node Abandon Autonomy?, Resilience, Request for Change, ITIL glossary -@unnumberedsec Abandon Autonomy? - -Why not simply abandon autonomy of machines if this seems to interfere -with the need for organizational change? There are good reasons why -autonomy is the correct model for resources. Autonomy reduces the risk to a -resource of attack, mistake and error propagation. - -ITIL's processes exist precisely to minimize the risk of negative -impact of change, so the goals are entirely compatible. When an organization -discusses a change it examines information from possible several autonomous -systems and discusses how they will change their pattern of collaboration. -There is no point in this process at which it is necessary for one of the -systems to give up its autonomy. - - -@node Resilience, Restoration, Abandon Autonomy?, ITIL glossary -@unnumberedsec Resilience - -The ability of a configuration item or IT service to resist failure or to recover quickly following a failure. - - - -@cartouche -CFEngine's purpose is to make a system resilient to unpredictable change.@end cartouche - -@node Restoration, Role, Resilience, ITIL glossary -@unnumberedsec Restoration - -Actions taken to return an IT service to the users after repair and recovery from an incident. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. - -However, this concept seems to suggest a more catastrophic failure -which often involves a more significant restoration of a system from -backup. This is discussed later. -@end cartouche - -@node Role, Service desk, Restoration, ITIL glossary -@unnumberedsec Role - -A set of responsibilities, activities and authorities granted to a person or a team. Roles are defined in processes. - - - -@cartouche -A role in CFEngine is a class of agents that make the same kind of promise. The type -of role played by the class is determined by the nature of the promise they make. e.g. -a promise to run a web server would naturally lead to the role ``web server''. -@end cartouche - -@node Service desk, Service Level Agreement, Role, ITIL glossary -@unnumberedsec Service desk - -Interface between users and service provider. - - - -@cartouche -A help desk. This is not formally part of CFEngine's tool set. -@end cartouche - -@node Service Level Agreement, Service Management, Service desk, ITIL glossary -@unnumberedsec Service Level Agreement - -A written agreement between the service provider that documents agreed -services, levels and penalties for non-compliance. - - - -@cartouche -An agreement assumes a set of promises that propose behaviour and an -acceptance of those promises by the client. If we assume that the -users are satisfied with out policies, then an SLA can be -interpreted as a combination of a configuration policy -(configuration service promises), and the CFEngine execution -schedule. -@end cartouche - - -@node Service Management, Warning, Service Level Agreement, ITIL glossary -@unnumberedsec Service Management - - The management of services. - -@node Warning, , Service Management, ITIL glossary -@unnumberedsec Warning - -An @b{event} that is generated when a service or device is approaching its threshold. - - - -@cartouche -A message generated in place of a correction to system state when a deviation from policy is detected. -Note that CFEngine is not based on fixed thresholds. All ``thresholds'' for action or warning -are defined as a matter of policy. -@end cartouche - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Iteration.texinfo b/docs/guides/SpecialTopic_Iteration.texinfo deleted file mode 100644 index 6b6ef778c5..0000000000 --- a/docs/guides/SpecialTopic_Iteration.texinfo +++ /dev/null @@ -1,597 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-iterate.info -@settitle Iteration in CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Iteration, Explored and Explained -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Iteration is about repeating operations in a list. - -In CFEngine it is the process by which a list variuable is expanded -into its component parts -- a powerful and much-used idiom in -CFEngine. It enables a level of abstraction that can save the system -maintainer the job of repetitive specification of similar promises -with slight differences, and can save time and ease readability of -configuration files. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is Iteration?, (dir), (dir) -@top Iteration -@menu -* What is Iteration?:: -* Iterated promises:: -* Iterating across multiple lists:: -* Iterating over nested lists:: -* Fixing Iterating across nested lists:: -* Iterating revisted:: -* Nesting promises workaround:: -* Power:: -* Summary of iteration:: -@end menu -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is Iteration?, Iterated promises, Top, Top -@unnumberedsec What is iteration? - -@sp 1 - -Iteration is about repeating operations in a list. In CFEngine, -iteration is used to make a number of related promises, that fall into -a pattern based on elements of a list. This is what would correspond -to something like this pseudo-code in an imperative language: - -@quotation -@i{ foreach item in list}@* - @i{make promise}@* -@i{end} -@end quotation - -@noindent In CFEngine, we do not write loops; rather, they are implicit. -Suppose @samp{@@(list)} is a list variable (the @samp{@@} means list). If we -refer to this identifier using a scalar reference @samp{$(list)}, then -CFEngine understands this to mean, take each scalar item in the list and -repeat the current promise, replacing the instance with elements of the list -in turn. - -@node Iterated promises, Iterating across multiple lists, What is Iteration?, Top -@unnumberedsec Iterated promises - -Consider the following set of promises to report on the values of four -separate monitor values: - -@verbatim -bundle agent no_iteration -{ -reports: - cfengine_3:: - "mon.value_rootprocs is $(mon.value_rootprocs)"; - "mon.value_otherprocs is $(mon.value_otherprocs)"; - "mon.value_diskfree is $(mon.value_diskfree)"; - "mon.value_loadavg is $(mon.value_loadavg)"; -} -@end verbatim - -What we did was create four distinct reports, where each report announces -which monitor variable it will be reporting, and the follows with the actual -value of that monitor variable. For simple reports, this is perfectly -adequate and straightforward, but it lacks abstraction and repeatability. -Suppose we wanted to add a variable to report, we'd need a new report -promise. If we wanted to change the wording of the reports, we'd possibly -have to edit four promises, and this can be time consuming and error-prone. - -Consider instead the following example, which generates exactly the same reports: - -@verbatim -bundle agent iteration1 -{ -vars: - "monvars" slist => { - "rootprocs", - "otherprocs", - "diskfree", - "loadavg" - }; - -reports: - - cfengine_3:: - - "mon.value_$(monvars) is $(mon.value_$(monvars))"; -} -@end verbatim - -What we have done is to first specify a list variable @code{monvars}, and then -iterate over the values contained in that list by referencing the list -variable @i{as a scalar}. In CFEngine, simply referring to a list variable -as a scalar automatically iterates over that variable. - -Note that in terms of raw "lines of code", neither example shows an advantage -(and in fact, the reports that are created by the iteration in this second -example are @i{identical} to the reports in the first example). - -However, we already have a gain in maintainer efficiency. By changing the -single report format, we automatically change all the reports. And we have -separated the semantics of the reports from the list of monitoring variables. - -Admittedly, this is a simple example, but if you understand this one, we can -continue with more compelling examples. - -@node Iterating across multiple lists, Iterating over nested lists, Iterated promises, Top -@unnumberedsec Iterating across multiple lists - -@sp 1 -Although iteration is a powerful concept in and of itself, CFEngine can -iterate across multiple lists simultaneously. In the previous example, we -looked at the current values of four monitor variables, but since CFEngine -also gives us access to the averaged values and the standard deviation, how -would we create a series of reports that listed all three statistical -components of each variable? The answer is simply to do another iteration: - -@verbatim -bundle agent iteration2 -{ -vars: - "stats" slist => { "value", "av", "dev" }; - - "monvars" slist => { - "rootprocs", - "otherprocs", - "diskfree", - "loadavg" - }; -reports: - - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim - -Through the addition of a new list called @code{stats}, we can now iterate -over both it and the @code{monvars} list in the same promise. The reports -that we thus generate will report on @code{value_rootprocs}, -@code{av_rootprocs}, and @code{dev_rootprocs}, followed next by -@code{value_otherprocs}, @code{av_otherprocs}, etc, ending finally with -@code{dev_loadavg}. The leftward lists are iterated over completely before -going to the next value in the rightward lists. - -@node Iterating over nested lists, Fixing Iterating across nested lists, Iterating across multiple lists, Top -@unnumberedsec Iterating over nested lists - -Recall that CFEngine iterates over complete promise units, not small parts of -a promise. Let's look at an example that could show a common misunderstanding. - -If you look at the monitor variables that are described in the CFEngine -Reference Guide, you'll notice that some variables reference the number of -packets @i{in} and @i{out} of a host. So you might be -tempted to do the following, which might not do what you expect. - -@verbatim -bundle agent iteration3a -{ -vars: - "stats" slist => { "value", "av", "dev" }; - "inout" slist => { "in", "out" }; - - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - "smtp_$(inout)", # - "www_$(inout)", # look here - "wwws_$(inout)" # - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim -@noindent What this says is, for each value in @samp{$(inout)}, define @samp{monvars} -to be a variable. There are thus two attempts to defined the single name @samp{monvars} -as a list with two different right-hand-sides (one for `in' and one for `out'). -This will result in the error: - -@smallexample - !! Redefinition of variable "monvars" (embedded list in RHS) in context "iteration3a" - !! Redefinition of variable "monvars" (embedded list in RHS) in context "iteration3a" -@end smallexample - -Whenever a promise contains an iteration (that is, when the promise string or -any of its attributes contain a scalar reference to a list variable), that -promise is automatically re-stated with successive values from the list. So -the example above is exactly the same as if we had said the following: - -@verbatim -bundle agent iteration3b -{ -vars: - "stats" slist => { "value", "av", "dev" }; - - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - "smtp_in", - "www_in", "wwws_in" - }; - - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - "smtp_out", - "www_out", "wwws_out" - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim - -Notice that the promise is repeated twice, but the only thing that is -different is the @i{right hand side} of the promise -- the contents of the -list, expanded using iteration over the @code{inout} list variable. Not only -will this not do what we want, it will generate an error, because the second -promise on the variable @code{monvars} will overwrite the value promised in -the first promise! All that we will see in the reports are the @i{second} -definition of the @code{monvars} list. - -@node Fixing Iterating across nested lists, Iterating revisted, Iterating over nested lists, Top -@unnumberedsec Fixing Iterating across nested lists - -@verbatim -bundle agent iteration3c -{ -vars: - "stats" slist => { "value", "av", "dev" }; - "inout" slist => { "in", "out" }; - - "monvars_$(inout)" slist => { - "smtp_$(inout)", # - "www_$(inout)", # look here - "wwws_$(inout)" # - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars_in) is $(mon.$(stats)_$(monvars_in))"; - "mon.$(stats)_$(monvars_out) is $(mon.$(stats)_$(monvars_out))"; -} - -@end verbatim -CFEngine does not allow an unlimited level of nesting, for reasons of -efficiency and readability, and adding further levels of nesting -will start to work against you. Note that we had to explicitly refer to the -two variables that we created: @code{$(monvars_in)} and -@code{$(monvars_out)}, and specifying more will get very messy very quickly. -However, the next sections show an easier-to-read workaround. - -@node Iterating revisted, Nesting promises workaround, Fixing Iterating across nested lists, Top -@unnumberedsec Iterating across multiple lists, revisted - -When a list variable is referenced as a scalar variable (that is, when -the list variable is referenced as @code{$(list)}) instead of as a -list (using @code{@@(list)}), CFEngine assumes that it should -substitute each scalar from the list in turn, and thus iterate over -the list elements using a loop. - -If more than one list variable is referenced in this manner in a -single promise, each list variable is iterated over, so that every -possible combination of scalar components is represented. Consider -the following example. - -In this example, note that the @code{letters} list is -referenced in both the left-hand and right-hand side of the promise, -the @code{digits} list is referenced only in the left-hand side, and -the @code{symbols} list is only referenced in the left-hand side: - - -@verbatim -bundle agent iteration4a -{ -vars: - "letters" slist => { "a", "b" }; - "digits" slist => { "1", "2" }; - "symbols" slist => { "@", "#" }; - -commands: - "/bin/echo ${letters}, ${digits}+${digits}, " - args => "${letters} and ${symbols}'"; -} -@end verbatim - -Like a backwards-reading odometer, the left-most variable cycles the fastest -and the right-most list cycles the slowest. Most importantly, no matter how -many times or places a list variable is referenced as a scalar in a single -promise, each combination of values is visited @i{only once}, regardless of -whether the iteration variable is in the lefthand side or the righthand side -of a promise or both. - -The example above is exactly equivalent to this (much more) verbose set of -promises. As you can see, there are @code{2*2*2 = 8} promises generated, -which contains every possible comination of elements from the lists -@code{letters}, @code{digits}, and @code{symbols}: - -@verbatim -bundle agent iteration4b -{ -commands: - "/bin/echo a, 1+1, " - args => "a and @"; - "/bin/echo b, 1+1, " - args => "b and @"; - "/bin/echo a, 2+2, " - args => "a and @"; - "/bin/echo b, 2+2, " - args => "b and @"; - "/bin/echo a, 1+1, " - args => "a and #"; - "/bin/echo b, 1+1, " - args => "b and #"; - "/bin/echo a, 2+2, " - args => "a and #"; - "/bin/echo b, 2+2, " - args => "b and #"; -} -@end verbatim - -@node Nesting promises workaround, Power, Iterating revisted, Top -@unnumberedsec Nesting promises workaround - -Recall the problem of nesting iterations, we can now see how to repair -our error. The key is to ensure that there is a distinct and unique -promise created for every combination of iterated variables that we -want to use. Here is how to solve the problem of listing the input -and output packet counts: - -@verbatim -bundle agent iteration5a -{ -vars: - "stats" slist => { "value", "av", "dev" }; - "inout" slist => { "in", "out" }; - "io_names" slist => { "smtp", "www", "wwws" }; - "io_vars[$(io_names)_$(inout)]" int => "0"; - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - getindices("io_vars") - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim - -@noindent The output of this is -@smallexample -R: mon.value_rootprocs is $(mon.value_rootprocs) -R: mon.av_rootprocs is $(mon.av_rootprocs) -R: mon.dev_rootprocs is $(mon.dev_rootprocs) -R: mon.value_otherprocs is $(mon.value_otherprocs) -R: mon.av_otherprocs is $(mon.av_otherprocs) -R: mon.dev_otherprocs is $(mon.dev_otherprocs) -R: mon.value_diskfree is $(mon.value_diskfree) -R: mon.av_diskfree is $(mon.av_diskfree) -R: mon.dev_diskfree is $(mon.dev_diskfree) -R: mon.value_loadavg is $(mon.value_loadavg) -R: mon.av_loadavg is $(mon.av_loadavg) -R: mon.dev_loadavg is $(mon.dev_loadavg) -R: mon.value_wwws_in is $(mon.value_wwws_in) -R: mon.av_wwws_in is $(mon.av_wwws_in) -R: mon.dev_wwws_in is $(mon.dev_wwws_in) -R: mon.value_www_out is $(mon.value_www_out) -R: mon.av_www_out is $(mon.av_www_out) -R: mon.dev_www_out is $(mon.dev_www_out) -R: mon.value_www_in is $(mon.value_www_in) -R: mon.av_www_in is $(mon.av_www_in) -R: mon.dev_www_in is $(mon.dev_www_in) -R: mon.value_smtp_in is $(mon.value_smtp_in) -R: mon.av_smtp_in is $(mon.av_smtp_in) -R: mon.dev_smtp_in is $(mon.dev_smtp_in) -R: mon.value_wwws_out is $(mon.value_wwws_out) -R: mon.av_wwws_out is $(mon.av_wwws_out) -R: mon.dev_wwws_out is $(mon.dev_wwws_out) -R: mon.value_smtp_out is $(mon.value_smtp_out) -R: mon.av_smtp_out is $(mon.av_smtp_out) -R: mon.dev_smtp_out is $(mon.dev_smtp_out) -@end smallexample - -In this case, all we are doing is creating an array called @code{io_vars}. -Note that the indices of the elements of the array are iterated from @i{two} -lists, so in this case we'll have @code{2*3 = 6} elements in the array, -covering all the combinations of the two lists @code{inout} and -@code{inout-names}. - -The values of the array elements can be whatever we like. In this case, we're -making all the values @code{0}, because we don't care what the actual values -are -- we only care about the @i{keys} of the array. We add the list of the -keys to the @code{monvars} list by using the return value from -@code{getindices("io_vars")}. - -Looking at the example above, you might just as easily be tempted to do the -following: - -@verbatim -bundle agent iteration5b -{ -vars: - "stats" slist => { "value", "av", "dev" }; - "inout" slist => { "in", "out" }; - "io_names" slist => { "smtp", "www", "wwws" }; - "io_vars[$(io_names)_$(inout)]" string => "$(io_names)_$(inout)"; - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - @(io_vars) - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim -@noindent However, this is wrong. -We cannot use @code{@@(io_vars)}, because @code{io_vars} is not a -@i{list}, it is an @i{array}! You can only use the @code{@@} dereferencing -sigil on lists. - -@node Power, Summary of iteration, Nesting promises workaround, Top -@unnumberedsec The power of iteration in CFEngine - -Iteration and abstraction are power tools in CFEngine. In closing, consider -the following simple and straightforward example, where we report on all of -the monitoring variables available to us in CFEngine: - -@verbatim -bundle agent iteration6 -{ -vars: - "stats" slist => {"value", "av", "dev"}; - - "inout" slist => {"in", "out"}; - "io_names" slist => { - "netbiosns", "netbiosdgm", "netbiosssn", - "irc", - "cfengine", - "nfsd", - "smtp", - "www", "wwws", - "ftp", - "ssh", - "dns", - "icmp", "udp", - "tcpsyn", "tcpack", "tcpfin", "tcpmisc" - }; - "io_vars[$(io_names)_$(inout)]" string => "$(io_names)_$(inout)"; - - "n" slist => {"0", "1", "2", "3"}; - "n_names" slist => { - "temp", - "cpu" - }; - "n_vars[$(n_names)$(n)]" string => "$(n_names)$(n)"; - - "monvars" slist => { - "rootprocs", "otherprocs", - "diskfree", - "loadavg", - "webaccess", "weberrors", - "syslog", - "messages", - getindices("io_vars"), - getindices("n_vars") - }; - -reports: - cfengine_3:: - "mon.$(stats)_$(monvars) is $(mon.$(stats)_$(monvars))"; -} -@end verbatim - -In this example, we create a two arrays (@code{io_vars} and @code{n_vars}), -and a number of lists (but the most important ones are @code{stats} and -@code{monvars}). We have but a single report promise, but it iterates over -these latter two lists. With only a single reports promise and intelligent -use of lists and arrays, we are able to report on every one of the -@code{3*(8+2*18+4*2)==156} monitor variables. And to change the format of -every report, we will only have a single statement to change. - -@node Summary of iteration, , Power, Top -@unnumberedsec Summary of iteration - -Used judiciously and intelligently, iterators are a powerful way of -expressing patterns. They enable you to abstract out the concepts -from the nitty-gritty details, and to specify, in very few lines, -complex combinations of elements. Perhaps more importantly, they ease -the burden of maintainability, by making short work of -repetitive problems. - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Knowledge.texinfo b/docs/guides/SpecialTopic_Knowledge.texinfo deleted file mode 100644 index ca39659210..0000000000 --- a/docs/guides/SpecialTopic_Knowledge.texinfo +++ /dev/null @@ -1,998 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-knowledge.info -@settitle Implementing Knowledge Management -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Implementing Knowledge Management -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Everyone agrees that Knowledge Management is important, but few -really appreciate what it means to manage knowledge, or how to -begin. CFEngine's application area is principally operational, but it -provides tools for integrating with business development and -organizational management. - -This short guide suggests how to begin implementing a knowledge -management strategy using CFEngine Nova as a centrepiece for integrating -data from many different sources. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What is knowledge management?, (dir), (dir) -@top Knowledge -@menu -* What is knowledge management?:: -* Risk and uncertainty:: -* How should you begin?:: -* The CFEngine Knowledge map:: -* Pitfalls to avoid:: -* Using the Knowledge Map:: -* Types of information:: -* Example company_knowledge.cf:: -* Knowledge transfer:: -* How does CFEngine Nova help?:: -* Knowledge Management Objectives:: -@end menu - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is knowledge management?, Risk and uncertainty, Top, Top -@unnumberedsec What is knowledge management? - -@sp 1 - -Everyone agrees that Knowledge Management is important, but -few really appreciate what it means to manage knowledge, or how to -begin. Ironically perhaps, even learning institutions (so-called knowledge -based industries) like schools and universities often do not do a good -job of this. Having a wealth of knowledge is not the same as knowing -how to foster and protect it. Most organizations take their -knowledge for granted. - -In the worst case, poorly run organizations end up as collections of -individuals, each of whom possesses knowledge and experience, -but none of whom knows anything about the others' roles. This scenario presents a -high risk for the continuity of the organization, since taking out -even a single player could cripple a key work process. - -The end result is that many organizations are caught in a poverty trap -of knowledge: they spend their time reacting to emergencies cultivated -by a lack of confidence and certainty, and they are too busy patching over holes that -they never have time to learn enough to escape the pattern. - - -@cartouche -The Third Wave of configuration management emphasizes the role of knowledge -in coping with the diversity and adaptability that modern organizations crave. -This document is a beginning towards thinking about IT management in a new way: -as a knowledge resource, or a set of insight-driven intentions that are -maintained by smart machinery. This vision is about rehumanizing System Administration -through a proper division of labour between Man and Machine. -@end cartouche - -@node Risk and uncertainty, How should you begin?, What is knowledge management?, Top -@unnumberedsec Risk and uncertainty - -@sp 1 - -Knowledge exists to reduce our uncertainty about the world. We don't -generally learn in order to get smart, or to be experts; rather we -learn by necessity and feel smart when there are no remaining -surprises. Experts are people who can answer questions they already -know the answer to; they are supposedly extra-ordinary. Innovators are -people who can solve new problems -- they are even rarer. - -The main aim of knowledge management is not to make everyone an -expert, but to improve the predictability of workflow processes so -that we can respond to unpredictable changes in the environment with -greater confidence, without losing the feeling of control over -the situations we find ourselves in. -To do that, we have to make the connections between the appropriate -parts to that we can always obtain the answers. - -@node How should you begin?, The CFEngine Knowledge map, Risk and uncertainty, Top -@unnumberedsec How should you begin? - -@sp 1 -The road to maturity can be seen as stepping through one or more of -the following progressions: - -@sp 1 -@itemize -@item Data --> Information --> Knowledge --> Wisdom (DIKW) - -@item Objectives --> Results - -@item Intentions --> Promises --> Assessments -@end itemize -@sp 1 - -@image{dikw,12cm,,DIKW,png} - -Each of these sequences represents an increasing level of commitment. -You need to have data to interpret them as information. You need to -have goals or objectives in order to realize them and see results. You -need to have intentions to make promises, and so on. Ask yourself: -does everyone in your team know your business goals, and how to -translate their efforts into progess? - - - - - - - - - -@node The CFEngine Knowledge map, Pitfalls to avoid, How should you begin?, Top -@unnumberedsec The CFEngine Knowledge map - -Maps guide us to where we need to get to from where we are (even when we don't -fully understand where we are). A map places us in the context or a larger -picture and helps us to find our way. -The Knowledge map is a part of the CFEngine Mission Portal, -which in turn is provided with CFEngine Enterprise Edition. -Significant instrumentation of the software, user process and policy analysis -are provided in these editions in order to make Knowledge mining as transparent -to the user as possible. - -@cartouche -Our first task in Knowledge Management is to create a map of the knowledge -landscape in which we work. -@end cartouche - -CFEngine contains a tool @code{cf-know} for creating a map called a -Topic Map, that forms to basis of our approach to documentation. -Further, CFEngine Enterprise Editions, starting with Nova help fill in -the landscape of this map automatically. - -To build a map, you will need data (hence the beginning of the DIKW chain). -To use a map, you need an objective or an intention, hence the others. - -Ask yourself: what are the places in this map, and what are the paths between them? -This is a question every organization needs to ask itself. - -@sp 1 -@node Pitfalls to avoid, Using the Knowledge Map, The CFEngine Knowledge map, Top -@unnumberedsec Pitfalls to avoid - -@sp 1 - -CFEngine does a lot of work for you, but you need to do something to help -yourself too. As with all information, garbage in leads to garbage out. -Your organization should create documents and references -to capture its internal knowledge. If you are doing this well, it should not be -a major task. - -Knowledge gets out of control when you don't standardize ideas, -concepts and procedures. By standardizing topics and concepts, you -prevent an explosion of redundancy -- only then can you see -the signal in the noise. Standardization minimizes the number of things -you have to deal with. Be careful though, if you go too far, standardization -can become a straightjacket, preventing you from clear and free expression. -Too much standardization and you will be stuck in a rut. - -@cartouche -Dedicate yourself to a culture of simplicity, but not of -over-simplification (which often backfires). Always work to avoid -special cases and exceptions, unless they can be rigorously justified. -@end cartouche - -This is a question of economics: is it worth the cost of maintaining a -special case? CFEngine's is designed to make it a lot easier and -cheaper to manage exceptions, so you needn't worry too much. Just -don't go mad. - -Simplification is the hardest thing you will ever do. Anyone can make -something more complicated, but it takes real work to simplify -something@footnote{This is a general statement of the second law of -thermodynamics -- entropy tends to increase. If we want to reduce it -locally, we have to expend a lot of effort.}. Einstein's famous quote -captures this: @i{You should always make everything as simple as -possible, but no simpler.} - - - -@node Using the Knowledge Map, Types of information, Pitfalls to avoid, Top -@unnumberedsec Using the Knowledge Map - -CFEngine's exploration of knowledge management is still in its infancy --- we are learning constantly about how to use state of the art -technologies and techniques. This is still very much an experimental area -that we continue to improve upon. - -Let's look at the current state of the smart index which we call the -(Copernicus) Knowledge Map. If you go to the Mission Portal Library and -search for a topic, you will land in the Knowledge Map. You will immediately -see a graphical image and number of tabs that contain various different -renditions of the information. - -Presently, these are called: -@itemize -@item Map - a visual view of a small neighbourhood of the closest related topics -that places the search topic in the context of closely related items. The search -topic might not be a the centre of this little universe, as other topics can -be more important. The size of the plantary balls is an indication of the topic's -connectedness in the web. -@item Leads - an explanation with full text for the nearest neighbours of the search topic. -@item References - Actual document links or remarks made about the search topic. -@item Same context - Other topics discussed in the same context. -@end itemize - -@menu -* Knowledge map example 1:: -* Knowledge map example 2:: -@end menu - -@node Knowledge map example 1, Knowledge map example 2, Using the Knowledge Map, Using the Knowledge Map -@unnumberedsubsec Knowledge map example 1 - -You enter the knowledge map by searching, or being referred there by a link in -the Mission Portal. Suppose we enter @samp{webserver} into the search field. -CFEngine searches for matching topics in its index, and returns references in -different contexts. The context `any' represents an unspecific reference to the topic -name: - -@image{km1,12cm,,DIKW,png} - -Suppose we click on the first of these in any context; this leads us to a special -landing page about that particular topic which contains the four tabs mentioned above. -By default we end up in the graphical view. This gives an immediate impression of -roughly where CFEngine considers this topic to lie in the scope of its knowledge. -However, its value is rather limited. -@image{km2,12cm,,DIKW,png} - -The next step is to walk through the tabs to `drill down' to actual -content. The second tab points us to the `brainstorming' value of the -associative links -- now with explanations in text. If we select -another tab we arrive at further leads for assisted thinking: these -associative-thinking pointers can guide you to matters that are -related and provide context for the current topic. - -@image{km3,12cm,,DIKW,png} - - - -Leads are helpful if you didn't really know what you were -looking for in the first place -- and you would like some explanation -of what it what you guessed. - - -If we select one of these, we go the landing page for that new topic in the advertised -context. - -@image{km4,12cm,,DIKW,png} - - -Note that several topics might be highlighted -in yellow on a page -- if they have been named, or if they are topics of special importance in -this local cluster (meaning that they are highly referred to). - -In this view we are able to see, at a glance, that this somewhat -Byzantine string is the name of a file, and that is pertains only to -certain operating systems. Walking through the tabs again, we see -both where we came from and where we can go from here, with -more detailed explanations. - -@image{km5,12cm,,DIKW,png} - -So far the map has only shown us topics -- or named subjects -categorized by their context. This gives us a kind of compass for -knowing what the topic is about, but it tells us little about the -subject itself. The third tab points us to actual expansive -information about the topic, if any is known. This might be information -from the documentation, external links or commentary and remarks made in -policy. - -@cartouche -If there are no references to external information, this tab does not appear. -Let's choose one of these references; now we are taken to a new topic -altogether, where we see a new view of the system information. -@end cartouche - -@image{km6,12cm,,DIKW,png} - -Because the topic name is categorized in the context of `promises', we -know that (although this is the name of a file and it refers to -RedHat-like operating systems) that this is also the object of a -promise. The references page contains a link that then points us to -actual information about this promise. The textual comment that was attributed -to the promise in the policy itself, and a link to the promise's definiton. -Clicking on the defintion link takes us the the promise-viewer. - -@image{km7,12cm,,DIKW,png} - -The Copernicus Knowledge Map view will take you a while to get used to -- use it -to help you think about matters, and see how they fit together into a systematic -overview of your environment. - - -@node Knowledge map example 2, , Knowledge map example 1, Using the Knowledge Map -@unnumberedsubsec Knowledge map example 2 - -Let's look at another example. Suppose we enter @samp{vital signs} as -the search text, and go to the leads. We find a long list of other -topics. CFEngine says that `vital signs' generalizes, or is an -umbrella concept, for these other concepts. - -@image{km8,12cm,,DIKW,png} - - One of these -concepts is a class context that represents an anomaly -detected by CFEngine @samp{loadavg_high_dev2}. -Clicking on this, we see the -significance of this concept quite easily from its relationship -to other concepts: - -@image{km9,12cm,,DIKW,png} - -The load average being high might be an anomaly, but we also see that it -refers to system performance, as does a whole bunch of other concepts. - -@cartouche -The value of the semantic indexing is that it is information a casual user -can actually learn from. By providing context and leads for further thinking, -the Mission Portal becomes an quasi-intelligent assistant for working on -the system. -@end cartouche - -@node Types of information, Example company_knowledge.cf, Using the Knowledge Map, Top -@unnumberedsec Types of information - -@sp 1 - -There are many kinds of information that contribute to a strategy for -managing knowledge. The ability to learn from past mistakes demands -that we look both forwards and backwards, while realizing that -knowledge grows older and less useful the older it gets. -For instance, what is known about the past? What -is current? How can we track these things? Information comes in -logically different categories as well as different types. Data have -different sources, and are about different epochs. We need to unify -and integrate these in Knowledge Management. - -@table @i - -@item Conceptual information (Always) - -Conceptual information is knowledge of a general nature that defines -basic terms and concepts that describe the operational area of the -organization. e.g. background theory, compliance requirements, frameworks, license -expiry documents. Contracts and agreements. - -This information comes from the wider culture of the enterprise. It is often -treated poorly as our modern culture has an unreasonable suspicion of anything that -seems `academic'. - -@item System observations (Past) - -Recording what has actually happened in the organization. This includes -the IT system, but also the business services and workflows, e.g. -changes, transactions, logs, incidents, events, performance values (Key -Performance Indicators), audits, security scans, etc. This includes -what it traditionally called system monitoring. - -This comes from probing and monitoring human-computer processes. - -@item Enterprise process documentation (Now) - -These documents are about business internals, recipes, manuals and -how-tos. They allow individuals to work autonomously without constant -supervision, because they all have a copy of the script. This -information is about @i{orchestration} of parts. In an orchestra each -player can manage to play his or her part with only minimal advice -from a conductor because they each have a copy of their music. Their -music is their process documentation. - -This is closely related to policy and comes from internal management bodies. - -@item Policy (Future) - -Here are the promises and intentions of the IT mission. Documents of -all degrees of technicality form policy. They contain the decisions -you have made for steering the mission under all possible -contingencies. - -Policy is informed by all of the above, and usually changes in -response to recurring `problems' identified in the observations. It -originates from internal management. - -@end table - - - - -@sp 1 -@unnumberedsec Stories and narratives - -In the foregoing section, we saw how leads in the Knowledge Map's -semantic index could help us to see immediate relationships between -system issues. The next question is: what about connections that are less -immediate or obvious? - -In future releases you will be able to ask the agent to brainstorm for you -about topics, telling any stories is knows about topics. A story is a -simply a path through the web of connected information that follows -some kind of connectness. Most interesting stories have a thread of -cause and effect. CFEngine attempts to reason forth narratives that -might be sensible or which might offer some kind of insight. This is -not usually a directly useful revelation, but more often a thought -provoking stimulus for a human to take further. - -Machine intelligence is never a substitute for the real thing, at least -not in our present day technologies, but it can be a useful amplifier of -`leads' to get a smart human thinking about the right things. -Most CFEngine stories relate to policy, and they are generated automatically -by the knowledge engine, so you will not get any stories until you have -something interesting in your policy. - -Stories will be usable from the command-line, or as a tab within the -Mission Portal. The command line is useful for interactive -thinking: - -A story can be quite simple: -@cartouche -@smallexample -atlas$ src/cf-know --tell-me-about ftpusers -F: "ftpusers" seems to affect "any::/etc/ftpusers" (with 50 % probability) - - "ftpusers" (in any), - see also "/etc/ftpusers" (in any), -@end smallexample -@end cartouche -@noindent Other stories could be more involved: -@cartouche -@smallexample -cf-know --tell-me-about anomalies::cpu0_high_dev2 - -F: "anomalies::cpu0_high_dev2" -seems to affect "any::performance" (with 100 % probability) - - "cpu0_high_dev2" (in anomalies), - is a special case of "vital signs" (in any), - which is a generalization of "users_high_dev1" (in anomalies), - and this (users_high_dev1) is a special case of "performance" (in any) - -(Note also that performance, which was mentioned, is a generalization of -"anomalies::users_high_dev1") - -@end smallexample -@end cartouche - -@noindent Stories can also be quite spurious, because knowledge itself can be spurious. -For instance, some guesses might be quite wrong as the system gets the wrong end of the stick, -so to speak, as it uses general patterns and these patterns always have exceptions: -@cartouche -@smallexample -atlas$ src/cf-know --tell-me-about operating_systems::suse - -F: "operating_systems::suse" seems to affect "any::gnu/linux" (with 100 % probability) - - "suse" (in operating_systems), - is a special case of "linux" (in any), - and this (linux) seems to refer to "gnu/linux" (in any) - -F: "operating_systems::suse" seems to affect "any::unitedlinux" (with 100 % probability) - - "suse" (in operating_systems), - is a special case of "linux" (in any), - and this (linux) seems to refer to "unitedlinux" (in any) - -@end smallexample -@end cartouche -@noindent Or: -@cartouche -@smallexample -atlas$ src/cf-know --tell-me-about functions - -F: "any::functions" seems to affect "any::arrays" (with 100 % probability) - - "functions" (in any), - seems to refer to "functions which read" (in any), - which seems to refer to "functions which read arrays" (in any), - and this (functions which read arrays) seems to be referred to in "arrays" (in any) - -F: "any::functions" seems to affect "any::expression" (with 100 % probability) - - "functions" (in any), - seems to refer to "functions which read" (in any), - which seems to refer to "functions which read classes" (in any), - which seems to be referred to in "class" (in data_types), - which seems to refer to "a cfengine class expression" (in any), - and this (a cfengine class expression) seems to be referred to in "expression" -(in any) -... -@end smallexample -@end cartouche - -As you can see, the story generator looks for causative connections between the things -that it knows about. Some topics are from the documentation, and some from your -configuration policy. - -@cartouche -@smallexample -F: "any::functions" seems to affect "any::readrealarray" (with 100 % probability) - - "functions" (in any), - seems to refer to "functions which read" (in any), - which seems to be referred to in "class" (in data_types), - which seems to be referred to in "functions which return" (in any), - which seems to refer to "functions which return real" (in any), - which seems to be referred to in "real" (in vars_promises), - and this (real) seems to refer to "readrealarray" (in any) - -(Note also that readrealarray, which was mentioned, seems to refer to -"any::functions which read classes") -(Note also that readrealarray, which was mentioned, seems to refer to -"any::functions which return class") -@end smallexample -@end cartouche - -@sp 1 -@unnumberedsec Creating your own map - -@sp 1 -CFEngine provides a lot of knowledge about your system out of the box, that includes a domain -model about the space of IT management, and an automated analysis of the deployed policy. -Below are some notes about how this is built, and things you can do to improve the information -by adding knowledge that cannot be discovered automatically. -@enumerate - -@item You begin by documenting your intentions by creating a CFEngine automation policy, i.e. bundles of promises. - -@item You add comments, handles, promisees etc to your policy to full explain your intentions. - -@item You can assign each host in your network to a special class that represents its -physical location, using @code{classes:} promises. You should then collect -such classes into a topic context called @samp{locations::} in the @file{company_knowledge.cf} file. - -@item CFEngine runs @code{cf-promises -r} to build a decompsition of your -current policy. - -@item CFEngine runs @code{cf-know -bf enterprise_build.cf} to build the knowledge map. - -@item You may create enterprise process documents and written policies for your -organization, which you will link into the knowledge map. - -@item CFEngine Nova creates the Knowledge Map which includes -a conceptual framework for IT management, and which integrates with -the CFEngine software documentation. - -@item You may now extend the basic knowledge map with more of your -own special documentation by placing references and -additional concepts into the file @file{company_knowledge.cf}, on the policy server. - -@end enumerate - -@unnumberedsec Documenting goals - -Business goals are shown in the Goals app (and service catalogue) in the Mission Portal of CFEngine Enterprise -for each hub. To document the fact that a promise or bundle contributes to a business goal, -you must do two things: - -@enumerate -@item Document the goal (see below under the example @file{company_knowledge.cf} file). e.g. -@verbatim -topics: - - goals:: - "goal 1" comment => "Do good things"; - "goal 2" comment => "Be first"; - "goal 3" comment => "Be best"; - -@end verbatim -@item Make the goal a promisee of the promise concerned. - -@verbatim -methods: - - "security" -> { goal_1, goal_2 } - - comment => "Basic change management", - usebundle => change_management; - "maintenance" - comment => "Perform log rotation", - usebundle => garbage_collection; -@end verbatim - -@end enumerate - -@unnumberedsec Documenting locations - -To document the location of a host, make sure that it is placed inside a class that represents its address: - -@verbatim -classes: - - "london" or => { "host1", "host2" }; - "alexandria" or => { "host3", "host4", "host5" }; - -@end verbatim -@noindent Then designate these classes as locations in the knowledge map: -@verbatim -topics: - - locations:: - - "london" comment => "29 Market Street, London XW4, third on the left"; - "alexandria" comment => "Secret chamber, discovered by Indiana Jones"; - -@end verbatim - -@node Example company_knowledge.cf, Knowledge transfer, Types of information, Top -@unnumberedsec Example @file{company_knowledge.cf} - -@smallexample - -bundle knowledge company_knowledge -@{ -things: - - regions:: - - "Americas" comment => "USA, Latin America and Canada"; - - "EMEA" comment => "Europe, The Middle-East and Africa"; - - "APAC" comment => "Asia and the Pacific countries"; - - countries:: - - "USA"; - - "Germany"; - - "UK" synonyms => @{ "Great Britain" @}, - is_located_in => @{ "EMEA", "Europe" @}; - - "Netherlands" synonyms => @{ "Holland" @}, - is_located_in => @{ "EMEA", "Europe" @}; - - "Singapore" is_located_in => @{ "APAC", "Asia" @}; - - site_locations:: - - # Use this for the names of - - "London_1" is_located_in => @{ "London", "UK" @}; - "New_Jersey" is_located_in => @{ "USA" @}; - - routers:: - - "oslo-hub-p6 " comment => "Cisco xyz router, 3rd floor machine room, 6 Penny Street"; - "oslo-hub-trunk" comment => "Cisco BGP router, floor machine room"; - "nyc-hub-456" comment => "Juniper 123 router, 3rd floor machine room"; - - networks:: - - "192.23.45.0/24" - comment => "Secure network, zone 0. Single octet for corporate offices", - is_connected_to => @{ "oslo-hub-123" @}; - - "192.12.74.0/23" comment => "Zone 1, double octet for the London office developer network", - is_connected_to => @{ "oslo-hub-123" @}; - - "192.12.74.0/23" - comment => "Secure, single octet for the NYC office", - is_connected_to => @{ "nyc-hub-456" @}; - - -####### - -topics: - - company:: - - "ED" comment => "Exceptional Devices Ltd"; - - ED:: - - "EGC" comment => "Enterprise grid computing", - association => a("develops stuff within", - "ED", - "contains its engineering unit"); - - "EBC" comment => "Enterprise business computing", - association => a("handles business services within", - "ED", - "contains its business unit"); - - "ED terminology" comment => "Internal company nomenclature"; - - ED_terminology:: - - "interactive job" comment => "Interactive software running in the grid"; - - "apps" comment => "Software applications", - association => a("are also referred to as", - "interactive jobs", - "are also referred to as"); - - "business services" comment => "Support services for sales"; - -######################## -# GOALS as topics -######################## - - goals:: - - "goal 1" comment => "The company mission depends on reliability to our customers"; - "goal 2" comment => "Should be running recent versions of key software"; - "goal 3" comment => "The company must be compliant with Sarbanes Oxley act."; - "goal 4" comment => "Comply with US Export restrictions for class D countries"; - - -####### -# Documents below -####### - -occurrences: - - # Fill in company references here - - work_shifts:: - - "http://www.example.com/shifts_and_rotas.ods" - represents => @{ "Spreadsheet" @}; - - - current_projects:: - - "http://www.example.com/scope_of_work.html" - represents => @{ "SOW" @}; - - - software_licenses:: - - "This CFEngine software license expires $(sys.expires)" - representation => "literal", - represents => @{ "CFEngine Nova" @}; - -@} - -@end smallexample - -@sp 1 -@unnumberedsec What other special documents should an organization have? - -@sp 1 -CFEngine cannot produce everything you need for your library of knowledge. -There cannot be hard and fast rules about this. Here are some suggestions: - -@itemize -@item A policy on human roles and responsibilities, to avoid gaps in and unecessary doubling of effort. -@item A risk/security policy. -@item A standardization and procedure manual. -@item Incident logs of matters not detected and repaired by CFEngine. -@item Repair logs of matters not detected and repaired by CFEngine. -@item Requests for change (RFC) logs. -@item Promises in your organization that are not just for CFEngine to keep, documenting intentions. -@item A policy on Knowledge Retention and Business Continuity. -@end itemize - -@sp 1 -@cartouche -Hint: a simple way to have a log is to use a tickets system like OTRS or a moderated mailing list, and to email -new entries. Something like a Mailman archive allows then tracking and integration. -@end cartouche -@sp 1 - -@node Knowledge transfer, How does CFEngine Nova help?, Example company_knowledge.cf, Top -@unnumberedsec Knowledge transfer - -@sp 1 - -Passing on knowledge to others could be considered a `best -practice'. Alas, this is not as easy as it sounds. There are plenty -of strategies to achieve knowledge transfer: - -@itemize -@item Reading -@item Taking courses -@item Research -@item Repetition -@item Job swapping and promotion -@end itemize - -@noindent These are just a few. However, this list is old news, and -these items alone will not lead to knowledge transfer. - -One of the most important @i{barriers} to knowledge transfer is that -individuals refuse to learn new things. A lack of dynamism in a -company or organization establishes patterns of habit that are hard to -break. The longer they last, the more likely they are to continue. - -Promise theory makes clear that, even if all staff promise -to write excellent documentation, they do not necessarily promise -to read each others' documents. Transfer requires a commitment both -to send and to receive. - - -@cartouche -@itemize -@item The final step to managing knowledge is to foster a culture -of knowledge acquisition, retention and transfer. - -@item Knowledge transfer requires a commitment by all parties -@itemize -@item to learn outside of their box. - -@item to pass on their expertise to others. -@end itemize -@end itemize -@end cartouche - -Communication skills are clearly important, but this is a serious flaw -in the idea. Written communication skills are not as common as we -might think. This means it is hard for the writer, and also for the -reader. - -The solution taken by CFEngine is to reduce the problem of -documentation to one of coding notes and relationships. This requires -only minor writing skills. The technology can then assemble these notes -using intelligent algorithms and present the result in an organized form -with visual aids. You should pay special attention to the syntax items: - -@verbatim - comment => - handle => - depends_on => - - -> { promisees } - -@end verbatim - - -You need to foster a culture of using information, in order for it -to become assimilated as knowledge. Unused information will perish. - - -@node How does CFEngine Nova help?, Knowledge Management Objectives, Knowledge transfer, Top -@unnumberedsec How does CFEngine Nova help? - -@itemize -@item CFEngine assists knowledge management by providing tools for integration -of knowledge sources. - -@item A formal structure for encoding policy at relationships at a functional level - -@item Technical syntax makes annotation easy for IT workers, and CFEngine can construct -the surrounding story using intelligent algorithms. -@end itemize - - - - - -@node Knowledge Management Objectives, , How does CFEngine Nova help?, Top -@unnumberedsec Knowledge Management Objectives - -As a manifesto for us as developers at CFEngine, as well as for you as -users of the software, and as infrastructure engineers, it is helpful -to make a list of questions that we would like to be able to answer -using enterprise software. The following list is not to be regarded -as a set of features in CFEngine, but rather as a set of challenges -to be addressed in different ways. - -@itemize - -@item Tell me about the promise(s). -@item Tell me what happened to Y. -@item Tell me about security. -@item Tell me about performance. -@item Tell me about compliance. -@item Where are the resource problems? -@item Where is the greatest/least activity? -@item How much spare capacity do I have? -@item Where are things changing fastest? - -@item When do I need to think about X? -@item What do I need to know about X? -@item What are the most important things that happened? - -@item Why is this here? -@item What can I do about X? -@item Who changed X last? -@item When can I expect X? -@item Where can I find X? -@item What things affect X? -@item What promises have been made about X? -@item What stories lead to conclusion X? - -@end itemize - - - - - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_MenuDrivenConfig.texinfo b/docs/guides/SpecialTopic_MenuDrivenConfig.texinfo deleted file mode 100644 index 67991619f3..0000000000 --- a/docs/guides/SpecialTopic_MenuDrivenConfig.texinfo +++ /dev/null @@ -1,440 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-menus.info -@settitle Menu Driven Configuration -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Menu Driven Configuration -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Efficient organizations strive for simplicity and clockwork repetitive -procedures to extend and streamline their operations, but -over-simplification can lead to limitation and can get in the way of -progress. In this short guide, we consider how to use CFEngine's agile -framework to structure a simple menu-like approach to organizing -systems for predictable productivity. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - -@node Top, What is menu-driven configuration, (dir), (dir) -@top Menu Driven Configuration -@menu -* What is menu-driven configuration:: -* How do you create menus with CFEngine:: -* How do I select from menus:: -* How do I nest menus and make dependencies:: -* Strong and weak dependency:: -* How do I see what machines keep which promises:: -* Can I see a score-card of compliance:: -* Should I use menu driven configuration:: -@end menu - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is menu-driven configuration, How do you create menus with CFEngine, Top, Top -@unnumberedsec What is menu-driven configuration? - -@sp 1 -A menu is a list of simple choices. The purpose of a menu is to hide -the detailed breakdown of how those choices are implemented. A menu -item uses a single name to represent all the processes needed to bring -about the result. Naming things is an important aspect of knowledge -management. - -Menus work well as long as the choices you are presented with are -sufficient to cover your needs. If a menu is too short, it will force -you to choose sub-optimally, leading to an oversimplification of -your issues. This can lead to frustration and compromise. - -CFEngine does not force pre-determined menus onto you, rather it -allows you to make your own from building block operations. This -document explains how to simplify your interface to complex -configuration decisions by organizing it according to what amounts to -a number of context dependent menus -- i.e. menus that automatically -adapt to the environments in which they are run. - -@sp 1 -@cartouche -Once menus have been defined, they can be presented simply in any kind of -interface, including custom graphical user interfaces. -@end cartouche -@sp 1 - -@node How do you create menus with CFEngine, How do I select from menus, What is menu-driven configuration, Top -@unnumberedsec How do you create menus with CFEngine? - -@sp 1 - -A menu is a list of delegated methods. To create a menu, you need to -be able to name complex methods. CFEngine does this by grouping -promises into @i{bundles}. You must then present these bundles in some -kind of list for different machines in your environement to select -from. CFEngine has two mechanisms for presenting a bundle of lists. - -@itemize -@item The first approach is to use the @code{bundlesequence} as your menu. This is the master -execution list that CFEngine uses to process work. You `choose' promise bundles there by -commenting out the ones you don't want to use: - -@verbatim -body common control -{ -bundlesequence => { - "common_stuff", -# "change_management", -# "garbage_collection", -# "harden_xinetd", -# "my_firewall", - "php_apache", -# "j_def", "jboss_account", "jboss_server", -# "ruby_on_rails", -# "tomcat_server", -# "db_mysql", -# "db_postgresql", - }; -} -@end verbatim - -@noindent The advantage of the bundlesequence is that it provides a @i{definite ordering} of -the bundles. In the example above, the order doesn't matter much. The -disadvantage of this bundlesequence is that it is hard to adapt it to -more than one environment -- it is like a `set taster menu'. Every -machine using this configuration will get what it's given. That is too -heavy-handed for more sophisticated environments. - -@item The second approach is to use @code{methods} promises to embed bundles in a master-bundle, -in the manner of subroutines. - -@verbatim -body common control -{ -bundlesequence => { - "common_stuff", - "main", - }; - -} - -bundle agent main -{ -methods: - - context1:: # Menu for context 1 - "course2" usebundle => php_apache; - - context2:: # Menu for context 2 - "course2" usebundle => j_def; - "course2" usebundle => jboss_account; - "course2" usebundle => jboss_server; - - any:: # Menu items for everyone - "course1" usebundle => changemanagement; - -} -@end verbatim -@noindent In this example, we've just pointed the master bundlesequence to a `main' subroutine -(like in a C program) and we list the bundles we want to combine into menus in order, in different -contexts. So in context 1, machines see a PHP menu; in context 2, they see a Java menu. Both of them -get a common `dessert' of change management. - -This `method' approach makes light work of adaptation, but while the -order is preserved in most cases, you cannot guarantee that CFEngine -will execute the bundles in the written order, because other -`transaction constraints' (including CFEngine's convergent algorithms) -can interfere. In many cases ordering is less important than we have been taught to -think, but if you truly need strong ordering then there are mechanisms to ensure -the strict order of keeping promises. -@end itemize - - -@node How do I select from menus, How do I nest menus and make dependencies, How do you create menus with CFEngine, Top -@unnumberedsec How do I select from menus? - -Because CFEngine is a distributed system, every machine running -CFEngine can make its own choices. You can suggest a menu for -different classes of machines, that operate in different contexts. - -A machine selects a menu choice by virtue of being in a context that -has been defined. For instance, you might make separate menu choices based -on operating system: - -@verbatim -bundle agent main -{ -methods: - - ubuntu:: # Menu for context 1 - "course2" usebundle => php_apache; - - solaris:: # Menu for context 2 - "course2" usebundle => j_def; - "course2" usebundle => jboss_account; - "course2" usebundle => jboss_server; - - any:: # Menu items for everyone - "course1" usebundle => changemanagement; - -} -@end verbatim - -@noindent Alternatively, you might choose based on other context information, such -as the time of day, or membership in some abstract group: - -@verbatim -bundle agent main -{ -methods: - - Hr16.Min45:: # Menu for context 1 - "course2" usebundle => backup_system; - - mygroup:: # Menu for context 2 - "course2" usebundle => attach_storage_devices; - -} -@end verbatim - -The expressions like @samp{Hr16.Min45} are called `class expressions' -because they classify different contexts or scenarios, and CFEngine -knows how to keep promises only in the correct context. This is how -you select from a menu -- by correctly identifying the context a -system belongs to and describing the menu of promise-bundles that apply to it. - -@node How do I nest menus and make dependencies, Strong and weak dependency, How do I select from menus, Top -@unnumberedsec How do I nest menus and make dependencies? - -@sp 1 -Recursion is the term used to express a hierarchy of levels of description. -When a promise depends on something else, which in turn depends on a third -promise being kept, we say that there is nesting or recursion. - -A dependency (something we depend on to keep a promise) is often used as -a strategy for hiding detail. You push details into `black boxes' on which -you depend, and in doing so simpify the view for yourself. This is the menu -idea once again. So when you pick a menu item in the restaurant, the kitchen -breaks down your choice into a sub-menu of promises required to deliver your -selection, and so on down the chain. - -CFEngine allows bundles of promises to depend on other promises by -writing those promises inside the bundles. A bundle can even rely on -bundles of promises by using the @code{methods} approach -recursively. So, for example you could make a general menu choice -`setup_server', which depends on bundles `setup_general' -and `setup_solaris' and `setup_linux'. - -@verbatim -bundle agent main -{ -methods: # bulk dependency by bundle - linux:: - "linux machines" usebundle => setup_linux; - solaris:: - "sun machines" usebundle => setup_solaris; - any:: - "all" usebundle => setup_general; - -files: - # other promises -} - -# - -bundle agent setup_general -{ -commands: # Dependenc on individual promise - Hr06:: - "/usr/local/bin/do_backup" - comment => "Command dependence"; -} - -bundle agent setup_linux -{ -packages: - ubuntu:: # Dependence on software - "apache2" - package_policy => "add", - package_method => "yum"; - -} - -# other bundles ... -@end verbatim - -Notice how each `menu level' simplifies the appearance of the problem by -hiding details in the lower levels. This is the way you make components -in systems and delegate responsibility for different tasks to different -bundle maintainers. - - -@node Strong and weak dependency, How do I see what machines keep which promises, How do I nest menus and make dependencies, Top -@unnumberedsec Strong and weak dependency - -@sp 1 - -Weak dependency means that you `outsource' tasks that you will -eventually make use of, i.e. you depend on the outcomes but you don't -have to wait for the result. This kind of dependence brings -flexibility and allows delegation. - -Strong dependency means that you are completely dependent on getting the -result from somewhere else before you can continue. This kind of -dependence creates fragile or `brittle' systems. If part of the system -breaks, then everything breaks. It leads to `single points of failure'. - -We recommend avoiding strong dependency when designing systems. Whenever -possible, a system should survive the temporary loss of a part, and -should continue in a sensible and predictable manner. - - -@node How do I see what machines keep which promises, Can I see a score-card of compliance, Strong and weak dependency, Top -@unnumberedsec How do I see what machines keep which promises? - -@sp 1 -Once you have arranged your system promises in nested bundles to handle all of the -dependences, you no longer have a complete overview of the system. This is the challenge -of menu hierarchies -- hierarchy simplifies for individuals by offloading -responsibility, but it makes it harder for anyone to get a total overview. - -To get back to the total overview, you can use CFEngine's Knowledge Map. - -@image{knowledge_bundle,15cm} - -The knowledge map renders all of the relationships between promises as -a lexicon and visual map. It allows you to see the total set of -promises and bundles either as a generic flat network, or as a -hierarchy. It also allows you to search for issues within the -total network. The knowledge map puts back what the hierarchy -takes away, by allowing you to construct your own view of the system. - -If there are dependences they may be seen as a graphical representation -of issues. The lower image in this figure shows the direct dependences -of the `grant_reports' promises, i.e. all those that might be affected -by a change, and all those on which this promise depends. - -@image{impact,15cm} - - -@node Can I see a score-card of compliance, Should I use menu driven configuration, How do I see what machines keep which promises, Top -@unnumberedsec Can I see a score-card of compliance? - -@sp 1 -One reason people make lists is to be able to tick off the -menu items to know when a job is complete. CFEngine allows -you to measure whether all of the menu-promises have been -kept, by viewing reports tied into the knowledge map. - -There is one crucial difference between system configuration -and menus at a restaurant though: the order of the items in -the menu does not always have to be preserved, and in fact it is very -inefficient to use the menu as a strictly ordered list. -Computer configuration can benefit greatly from parallel execution, -and CFEngine is designed to parallelize tasks for greater efficiency. - -@cartouche -We advise against designing systems that base their outcome on a -strict ordering of promises. Although traditional programming methods -teach us to think in terms of imperative ordering, you will succeed -more effectively if you avoid it. -@end cartouche - - -@node Should I use menu driven configuration, , Can I see a score-card of compliance, Top -@unnumberedsec Should I use menu driven configuration? - -@sp 1 -A menu driven approach is a good way of modelling a complex -environment, with delegation. It is a form of knowledge management. -It allows you to view your system through a kind of compliance -scorecard. - -The idea of nesting layers of menus is similar to what has been -advocated by Object Oriented programming languages for several -years. However, OO also shows how you can go too far in creating deep -and complex hierarchies that become impossible to understand. If you -create too many levels, you invite inefficiency and complexity. - -We recommend keeping system organization simple, and avoiding -dependence whenever it does not provide a compelling and tangible -benefit. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_MissionCritical.texinfo b/docs/guides/SpecialTopic_MissionCritical.texinfo deleted file mode 100644 index 683d6d6358..0000000000 --- a/docs/guides/SpecialTopic_MissionCritical.texinfo +++ /dev/null @@ -1,804 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-critical.info -@settitle CFEngine for Mission Critical Operations -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine for Mission Critical Operations (draft) -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -As IT services dominate the operations of an increasing number of industries, -many companies now view all online services as mission critical. Today, mission critical -no longer just means the protection of human lives, but the protection of crucial -operational assets. - -By making a fully redundant architecture for information -updates, it is possible to make reliable promises about availability -of status information. Users get reliable and predictable insight, -with fault recovery times of only a few minutes in case of failure -- -something that cannot easily be matched by push-based centralization. - -This guide explains how to set up redundant hub availability for a single Nova -star network. -@end quotation -@end cartouche - -@vskip 2cm - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - -@node Top, What are Mission Critical Operations?, (dir), (dir) -@top CFEngine for Mission Critical Operations -@menu -* What are Mission Critical Operations?:: -* Factors affecting Risk:: -* Model-based planning for stability:: -* Key terminology for Mission Critical Systems:: -* Strategy for Mission Critical Operations:: -* How CFEngine contributes to reducing mission risks:: -* High availability access to the Mission Portal:: -* Redundant hub architecture:: -* How do I make a change in mission-critical infrastructure?:: -* Separating Policy Changes from ad-hoc Changes:: -* Appendix 1:: -* Appendix 2:: -@end menu - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What are Mission Critical Operations?, Factors affecting Risk, Top, Top -@unnumberedsec What are Mission Critical Operations? -@sp 1 - -Mission Critical operation refers to the use and management of systems -where the availability and correctness of a system has to be ensured -at all times. A mission is said to be critical when any noticable -failure in the system would cause a signifiant loss to some -stakeholder. - -Risk for mission critical systems deals with issues like monetary -losses (e.g. in time critical trading applications) or, in the worst -case, even the loss of human life (transport systems). - -What makes a system robust in a mission critical setting depends on a -number of factors. This Special Topics Guide discusses the role of -CFEngine in a mission critical environment. - -@node Factors affecting Risk, Model-based planning for stability, What are Mission Critical Operations?, Top -@unnumberedsec Factors affecting Risk -@sp 1 - -Risk is about predictability. The ability to predict the behaviour of -a system depends both on the complexity of the system itself and the -environment around it, since interaction with the environment is what -usually provokes failures (the environment is the most unpredictable -element of any system, since it is the part over which we have little -control). - -The cost of predicting and avoiding failures can be prohibitive in a -purely manual regime but automated systems can do a lot to reduce -costs. CFEngine can play a key role here in reducing the cost of -maintaining system state, even in a rapidly changing environment. - -@sp 1 -@itemize -@item Planning for eventualities. -@item Verifying system correctness with sufficient frequency. -@end itemize -@sp 1 - -@cartouche -The key observation for dealing with mission criticality is that -systems are dynamical entities. Most software systems only manage -the static setup of hosts. CFEngine manages both the static -resources and the run-time state. -@end cartouche - -@node Model-based planning for stability, Key terminology for Mission Critical Systems, Factors affecting Risk, Top -@unnumberedsec Model-based planning for stability -@sp 1 - -The key to handling mission criticality is to build a model of your -critical scenario that is based on a prediction of behaviour. In -science and engineering, this is something one does all the time -(e.g. wind-tunnel studies), but in Computer Engineering, the methods -of modelling are still quite undeveloped. -In the nuclear power industry and space programmes, for instance, -it is common to use formalized fault-analysis to avoid and secure -against error. - -The purpose of a model is to describe expectations. If a model is -sufficiently well conceived, it should be possible to identify key -causal factors in the mission that bring about critical behaviour. - -@sp 1 -@cartouche -CFEngine's methodology is based on the idea of promises: a promise -being something that aims to alter our expectations of outcome in a -postive way. -@end cartouche -@sp 1 - -In CFEngine, you make promises about the factors that underpin the -stability of your system, and CFEngine's task is to work on your -behalf to keep those promises. Promises cannot be guaranteed `kept' at -all times, especially in time-critical situations (such a guarantee -would require infinite resources to maintain), but a known schedule of -verification and repair allows us to bring a level of predictability -to a system, within certain tolerances. This is a best-effort engineering -definition of predictability. - -Examples of promises that you might want to include in a -foundation for a mission critical system are things that -bring trusted stability, e.g. -@itemize -@item Check that key processes and applications are running. -@item Automated garbage collection that prevents a system from -choking on its own biproducts. -@item Scan for rootkits (security breaches) every few hours. -@end itemize - -The economic aspect of mission criticality is key: the -loss of a key application or subsystem for even a minute could result -in loss of significant revenues in an online company, or the loss -of flight systems for a few seconds could result in a plane losing -control and crashing. - - -@node Key terminology for Mission Critical Systems, Strategy for Mission Critical Operations, Model-based planning for stability, Top -@unnumberedsec Key terminology for Mission Critical Systems -@sp 1 - - -@table @i - -@item Mean Time Before Failure (MTBF) -The average measured time between faults occurring on a system. -Although this is a well established measurement in the theory of -faults and errors, estimating this quantity is not without its challenges. - - -@item Mean Time To Repair (MTTR) -The average time it takes to repair a system after a failure has occurred. -The type or meaning of repairs is not specified. - -@item Sampling frequency -The rate at which we interact with the system in order to measure or -repair it. According to Nyquist's theorem, we have to sample a system -twice as fast as the rate at which we expect to detect an important change. - -@item Single point of failure -Any point in the design of a system that would lead to complete -failure if destroyed. There might be several `single points of failure' -in a system. Single refers to the fact that it only takes the failure -of one of these to cause the total breakdown of the system. -For example, the axel, or a tyre on a car would be examples of single points -of failure for the `driving system'. - -@end table - - - - -@node Strategy for Mission Critical Operations, How CFEngine contributes to reducing mission risks, Key terminology for Mission Critical Systems, Top -@unnumberedsec Strategy for Mission Critical Operations -@sp 1 - -There are many aspects to thinking about complete reliability of systems. - -@cartouche -The main goal of any system is to seek predictability. Having clear -and accurate expectations of a system helps to steer it in a low-risk direction. -@end cartouche - -@noindent Usually these fall into a mixture of two categories: - -@table @i - -@item Redundancy -Elimination of `single points of failure' when failure strikes. -@item Avoidance -Proactive maintainence to keep the system in a zone of low risk. -@item Certainty of knowledge -Knowing accurately what is going in a system can enable correct decisions -to be made more quickly when something unexpected happens. -@end table - -@noindent It is impossible to discuss a comprehensive list of points for ensuring -reliability, but a few general principles come to mind: -@itemize -@item Maximize Mean Time Before Failure -@item Minimize Mean Time To Repair -@item Maximize the relevance of information from the system -to mission goals. -@item Separate procedures for handling change into those for intended change (planned changes to the mission) and unintended change (changes that should not happen in an ideal world), falling into two cases: expected (for which we have written policy to repair) and unexpected (incidents that are handled manually). - -@item Certainty about information returned by the system, with multiple confirmation. - -@item Graceful failure modes: failover servers, backups, automatic elasticity (e.g. cloud technology) - -@item Peak load handling. (Also called Long Tail events.) - - -@item Design for self-correction (negative feedback controllers). -This includes, low-impact of management overhead on the mission system to avoid -cascade failure. - -@end itemize - - - - - -@node How CFEngine contributes to reducing mission risks, High availability access to the Mission Portal, Strategy for Mission Critical Operations, Top -@unnumberedsec How CFEngine contributes to reducing mission risks -@sp 1 - -@itemize -@item Automated monitoring and repair according to a policy model. - -@item Providing up to date knowledge about the system - -@item Automatic restoration of compliance with policy, with MTTR 2.5 minutes by default. - -@item Accuracy of knowledge: all data include running estimates of the certainty -of the data. - -@item Automatic updates of statistics about the system, with continuous updating -for accurate and up to date information with context - -@item Independence of infrastructure dependencies (network/cmdb) -CFengine will continue to work even if the network communications -are impaired. - -@end itemize - - -@node High availability access to the Mission Portal, Redundant hub architecture, How CFEngine contributes to reducing mission risks, Top -@unnumberedsec High availability access to the Mission Portal -@sp 1 - -CFEngine is designed to be a system that is resilient to failure. -That, in fact, is the opposite of a high availability system, -where failures are not supposed to occur at all. - -The Mission Portal has a role to play in Mission Criticality, -as it is a single source of information, collected, -categorized and calibrated for system engineers. Being a single -source website, it is can also be regarded as a single point of -failure from the point of view of a mission critical application. - -@cartouche -The information in the mission portal is largely status information -about systems. The content of the Mission Portal database is not in -any way deterministic for the configured state of your IT system -- it -is only a report of actual state, not a template for intended state. If the Mission -Portal is `down' or unavailable, it does not in any way imply that the -actual distributed system is down or that there is any fault. -@end cartouche - - -@menu -* Setting up redundant monitoring hubs:: -@end menu - -@node Setting up redundant monitoring hubs, , High availability access to the Mission Portal, High availability access to the Mission Portal -@unnumberedsubsec Setting up redundant monitoring hubs - -If information and insight into your IT system are indeed Mission -Critical for you, it is possible to create a high availability access -to the mission information in the portal. -In general, we recommend a small amount of professional services to -help set up such a system, as there are several details that need to -be taken into account. - -The CFEngine star-network `hub' is the report aggregator for the CFEngine commercial edition (Nova/Enterprise). -CFEngine commercial editions support multiple hubs for redundancy -during reporting. By making a cluster of three (or more) hubs, you -can ensure that reports will always be available and up to date, at -the time-resolution promised by CFEngine. - -To set up redundant hubs, you will need three physical computers, or -at least three virtual machines on different physical computers. -The idea is to use the underlying technology of the MongoDB database -to provide a replicated data store. If a single database server goes down -a secondary replica can take over the role. The commercial editions -of CFEngine interface with this database through @code{cf-hub}, -and this process can be made aware of the underlying replica technology -in the database. The architecture is intended to be as simple as possible -for the CFEngine user to employ. - -@sp 1 -@itemize - -@item Install each of the three systems with the Nova extension package for -policy hubs. - -@item The MongoDB backend needs to be set up specially before standard bootstrapping -of nodes in an high availability managed network. Alternatively, if you have already bootstrapped -hosts, you can manually establish hub redundancy with a little database infrastructure work -and some additional CFEngine configuration. - -To do this, configure the Mongo database to set up a minimal replica set. This underlying -mechanism for automatic failover. For example, a configuration like the following should -be typed into the mongo client on one of the hub machines. Text like the following -example can be pasted directly into the mongo shell. - -@verbatim -host$ mongo - -db.runCommand({"replSetInitiate" : { -"_id" : "CFEngineNova", -"members" : [ -{ -"_id" : 1, -"host" : "10.10.10.1:27017" -}, -{ -"_id" : 2, -"host" : "10.10.10.2:27017" -}, -{ -"_id" : 3, -"host" : "10.10.10.3:27017" -} -]}}) - -@end verbatim - -To bootstrap the Mongo DB replication you should follow the procedure -from the @i{MongoDB Definitive Guide, O'Reilly}. An example is shown below, -assuming the three IP addresses for the hubs have IP addresses -10.10.10.1, 10.10.10.2, 10.10.10.2, we would arrange for the following -CFEngine pseudo-code to be executed before bootstrapping any of the -hubs: -@verbatim - -commands: - - 10_10_10_1:: - - /var/cfengine/bin/mongod --fork \ - --logpath /var/log/mongod.log \ - --dbpath $(sys.workdir)/state \ - --replSet CFEngineNova/10.10.10.2:27017 - - 10._10_10_2|10_10_10_3:: - - /var/cfengine/bin/mongod --fork \ - --logpath /var/log/mongod.log \ - --dbpath $(sys.workdir)/state \ - --replSet CFEngineNova/10.10.10.1:27017 - -@end verbatim -Although we write the above in CFEngine pseudo-code, these steps need to be -carried out before boostrapping hosts, as the Mongo services need to -be initialized before anything can be written to the database, and the -bootstrapping of the license initialization writes information to be -stored in Mongo. During a single hub installation, these steps -can be automated, but bootstrapping the replication prevents -a fully automated installation. - - -@item Copy the public and private key from the licensed hub, along with the -@file{license.dat} file to the secondary hubs. -All hubs will share the same public-private key pair and license file. - -@item Start the @code{cf-hub} on each of the three machines. - -@end itemize - -@sp 1 -Next, we'll run through the operation and failure modes of the symmetric hubs. -The arrangement of the hubs is shown schematically in the figure below. -@sp 1 -@center @image{redundhubs,9cm,,,png} -@sp 1 -@center Fig 1. Only one master hub at a time collects data in a symmetric cluster. -@sp 1 - -@node Redundant hub architecture, How do I make a change in mission-critical infrastructure?, High availability access to the Mission Portal, Top -@unnumberedsec Redundant hub architecture - -To set up redundancy, you create three hubs, each running a Mongo -database server and a @code{cf-hub} process will play the role of a -virtual cluster. All three hosts make promises to one another to -coordinate their data. The Mongo replica sub-system promises its own -coordination independently. We essentially make three completely -symmetrical hub hosts, with different IP addresses. - -@enumerate -@item Set up three completely symmetrical hosts, with identical public-private key pairs. -That is, generate a key pair only for one of the hubs and then copy those keys to -@file{/var/cfengine/ppkeys/localhost.pub} and @file{/var/cfengine/ppkeys/localhost.priv} -on the other two hosts. This must be done manually to bootstrap -the hub redundancy. - -@item The underlying Mongo database infrastructure binds together these hosts into a small cluster called a replica set. - - -A voting mechanism selects a `hub_master' from this set, which is going to be the active hub. - -@item Each host is configured to copy the public keys from all the -others, so that they all converge on the same set of keys. The -following snippet shows the main principles involved in a replica -setup. - -@verbatim -vars: - - "hub_hosts" slist => { "hub1", "hub2", "hub3" }; - -files: - - am_policy_hub:: - - "$(sys.workdir)/ppkeys" - comment => "All hubs converge knowledge of client keys", - copy_from => secure_cp("$(sys.workdir)/ppkeys","$(hub_hosts)"), - depth_search => recurse("inf"); - -@end verbatim - -@item For optimization we set up a policy that rewrites the IP address in @file{policy_server.dat}, -to point existing clients away from a hub that is no longer responding, to the current master -or primary. Clients will initially pick up these changes by failing over, as in the previous point. - -@verbatim -files: - - am_hub_master:: - - "$(sys.workdir)/policy_server.dat" - comment => "Point clients to the current hub master", - edit_line => append_if_no_line("$(sys.hub_master)") - edit_defaults => empty; - -@end verbatim - - -@item To make the redundany hubs double as redundant policy servers, we make sure that -the copying of policy in @file{update.cf} uses the replicas as failover servers -for policy updates. This means that changes to policy should always be copied to -@file{/var/cfengine/masterfiles} on all three hub hosts. - -@verbatim -body copy_from update_copy -{ -... -servers => { $(sys.policy_server), "hub3", "hub2", "hub1" }; -... -} -@end verbatim -The policy server variable will point to one of these hubs. If a hub -host, doubling in its role as policy server, fails for some reason, -the clients will all fail over to the next hub, and updates will -continue. By the time this happens, we can expect the main policy will have been -adjusted by the edit in the previous point, and clients will be pointed to a new -primary. It does not matter that hosts appear twice in the list; we -could, for instance place @code{hub1} last in the list if we assume -that hub1 is the initial primary, so as to minimize the wait due to a -double-failover. - - -@end enumerate - -@sp 1 -@cartouche -With this configuration, all the hubs promise to synchronize their keys, -and share `last seen' client host data with each other in order to symmetrize. -However, only one of the hubs actually collected reports from the clients. -This is the host that is elected by the MongoDB replica-set vote. -@end cartouche -@sp 1 - -With the approach taken above we can be sure that data are being collected redundantly -without duplication of network overhead. - -Note that the standard Nova configuration files contains example -configurations for the replica set configuration. Integrating all the -settings can require extensive modifications, as mentioned above. - - -@menu -* Features of hub/policy server redundancy:: -* Variables and classes for hubs:: -@end menu - -@node Features of hub/policy server redundancy, Variables and classes for hubs, Redundant hub architecture, Redundant hub architecture -@unnumberedsubsec Features of hub/policy server redundancy - -The Nova starburst hub configuration supports the following properties: -@itemize -@item Redundant availability of policy changes, with automatic failover. -@item Redundant responsibility for report collection from managed hosts, with automatic reassignment of hub master. -@item Redundant availability for the Mission Portal console, with about 15 second changeover. -@item Fault tolerance of all parts of CFEngine to complete network failure. -@end itemize - -@node Variables and classes for hubs, , Features of hub/policy server redundancy, Redundant hub architecture -@unnumberedsubsec Variables and classes for hubs - -CFEngine Nova/Enterprise supports special classes to help write policy -for managing the hub infrastructure. -@verbatim - -am_policy_hub -am_hub_master - -@end verbatim - -The variable @samp{$(sys.hubmaster)} is also available @i{on hosts that are -hubs}, and points to that host currently voted into the role of hub master. - -@sp 1 - -@cartouche -Setting up redundant hubs might be best done with some professional -service assistance. Although it is quite simple, it changes the -bootstrapping procedure in the beginning of a Nova/Enterprise -deployment. -@end cartouche - - -@node How do I make a change in mission-critical infrastructure?, Separating Policy Changes from ad-hoc Changes, Redundant hub architecture, Top -@unnumberedsec How do I make a change in mission-critical infrastructure? -@sp 1 - -To make changes in a mission critical environment, you publish a fully -tested, risk-assessed policy to @file{/var/cfengine/masterfiles} on -all three of the hubs in the cluster. The policy on all hubs should be -the synchronized. It might be worth setting up a promise to verify -that the contents of these directories are the same between all hubs, -since unsychronized policies could cause serious issues. - -@verbatim -vars: - - "hubs" slist => { "hub1", "hub2", "hub3" }; - -files: - - "$(sys.workdir)/masterfiles" - - copy_from => secure_cp("$(sys.workdir)/masterfiles","$(hubs)"), - action => warn; - -@end verbatim - -All changes to a mission critical system should be classified -according to the level of risk to the mission. Changes fall into -different categories. - -@itemize -@item Regular routine maintenance to the system (preplanned). -@item Course or goal corrections to policy (replanned). -@item Unforeseen repairs (unplanned). -@end itemize - -In each case, we recommend that changes be made using CFEngine's -hands-free automation. Humans should never be the instruments of -change. By using CFEngine, you can get a documented and predictable -handle on change, using technology designed for stability with agility. - -CFEngine has the ability to change entire systems of thousands of -hosts within a timeframe of 5 to 10 minutes. - -@node Separating Policy Changes from ad-hoc Changes, Appendix 1, How do I make a change in mission-critical infrastructure?, Top -@unnumberedsec Separating Policy Changes from @i{ad-hoc} Changes -@sp 1 - -In mission critical environments, there are often struct processes for -approving change. Unintelligently applied, such rules can do more harm -than good -- i.e. when the process for approving changes causes -greater risk to the survival of the mission than not acting at all does. It -is important to separate changes into categories that allow the -minimization of risk. If we take the categories in the previous -section: - -@table @i -@item Regular routine maintenance to the system (preplanned). -Changes here have alredy gone through risk assessment, and root cause has been -deemed understood or irrelevant. These changes should be automated and implemented -in the minimum time. e.g. restarting a web server that crashed or was stopped accidentally. - -@item Course or goal corrections to policy (replanned). -This is a change in the mission plan and requires significant impact analysis -for each change. Although many businesses are concerned about liabilities, the -real aim of this analysis is to mitigate loss. - -@item Unforeseen repairs (unplanned). -These changes are usually discovered and repaired manually. Once some kind -of root cause analysis is performed to the required level, there should be -an analysis of how to automate the prevention of this kind of change in the -future. - -@end table - - -@sp 2 -@cartouche - -This is a partially finished Special Topics Guide, in which additional material -can be expected at a later date. It is made available in its current -form for your convenience. - -@end cartouche - - -@page -@node Appendix 1, Appendix 2, Separating Policy Changes from ad-hoc Changes, Top -@unnumberedsec Appendix MongoDB access from the command line. - - - - -@cartouche -@b{Using more than one hub at a time}: -If you want to be able to perform queries on any one of the redundant -hosts, not only the master, then it's necessary to set a flag on each -of the running mongo servers (master and slave): -@verbatim -host$ mongo - -rs.slaveOk(); -@end verbatim -This ensures that updates are synchonrized for querying. -e.g. In this example we see the first query fail, and the second -succeed after setting the flag: -@verbatim -CFEngineNova:SECONDARY> use cfreport -switched to db cfreport - -CFEngineNova:SECONDARY> db.notebook.find(); -error: { "$err" : "not master and slaveok=false", "code" : 13435 } - -CFEngineNova:SECONDARY> db.notebook.find(); -CFEngineNova:SECONDARY> rs.slaveOk(); -not master and slaveok=false -CFEngineNova:SECONDARY> db.notebook.find(); -{ "_id" : ObjectId("4e5cd788d5d6b92c00000000"), -"_kh" : "SHA=9e9ad21d192fa...1635", -"_rD" : "0 : 10.10.160.115", "_t" : 1, "n" : [ - { - "u" : "admin", - "m" : "This machine is a web server", - "d" : 319944880 - } -] } - -@end verbatim -@end cartouche - - - -@page -@node Appendix 2, , Appendix 1, Top -@unnumberedsec Appendix Shutting down Mongo with replication - - -Anytime you shutdown mongo, it will automatically failover. You can~t -specifically tell which node to become primary, but you can use -replFreeze and replSetStepDown to alter which is eligible to become -primary (small difference). - -Basically we would freeze a node from becoming primary, then tell the -primary to step down, which leaves only one node (see -@url{http://www.mongodb.org/display/DOCS/Forcing+a+Member+to+be+Primary} for -a good explanation). - -However, failover is the easy part. The other half to the action is -that all client will receive a new policy_server.dat based on the new -primary. This will create quite a flux in the system for a bit as it -reconfigure. This will take 10-20 minutes for everyone to stabilize. I -would reserve a full failover for when the primary will be down for an -extended period of time. - -Since the outages you have are fairly quick, I would just shutdown -mongo/cfengine (or freeze) the secondaries to prevent a -failover. Shutting them down would prevent all client from getting new -files, but that shouldn~t be an issue. - -If you freeze the secondaries, and leave CFE runnning, the clients -will update from the secondaries (they will get a license error). - -To freeze the secondaries: - -On any node: -@verbatim -# mongo -host `IP OF THE SECONDARY' # or login to the node and run plain ´mongo¡. -> rs.status() # this will show the status of the replicaSet -> rs.freeze(seconds) # how many seconds before the host can become primary. -> exit -@end verbatim - -Set the freeze for several hours (for four hours - -@samp{rs.freeze(14400)}). Then shutdown cfengine on the primary as normal -(@code{/etc/init.d/cfengine3 stop}). When you are done with the change, bring -up cfengine (@code{cf-agent -f failsafe.cf}), then set the freeze time for 0 -seconds to unfreeze it (@samp{rs.freeze(0)}). - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Modules.texinfo b/docs/guides/SpecialTopic_Modules.texinfo deleted file mode 100644 index 29446e3692..0000000000 --- a/docs/guides/SpecialTopic_Modules.texinfo +++ /dev/null @@ -1,1774 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-orchestrate.info -@settitle Modularizing and Orchestrating System Policy -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Modularizing and Orchestrating System Policy -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine is a descriptive framework for promising system state. It has -a language interface and a graphical interface, and supports a number -of levels of expression and abstraction. - -Ordering of operations is less important than you probably think. We -are taught to think of computing as an linear sequence of steps, but -this ignores a crucial fact about distributed systems: that many parts -are independent of each other and exist in parallel. Nevertheless -there are cases of strong inter-dependency where order and modularity -are important. - -This guide explains the many freedoms within CFEngine's Promise Model -for modularizing, ordering and making black, grey and white boxes. This allows us to -retain all of the important advantages of promises (autonomy, -convergence, atomicity etc) that lead to scalable predictability in -huge networks. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What is modularity?, (dir), (dir) -@top Orchestration - -@menu -* What is modularity?:: -* What is orchestration?:: -* How does CFEngine deal with modularity and orchestration?:: -* Levels of policy abstraction:: -* Is CFEngine patch or package oriented?:: -* High level services in CFEngine:: -* Hiding details:: -* Black grey and white box encapsulation in CFEngine:: -* Bulk operations are handled by repeating patterns over lists:: -* Ordering operations in CFEngine:: -* Bundle ordering:: -* Overriding order:: -* Distributed Orchestration between hosts with CFEngine Enterprise:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is modularity?, What is orchestration?, Top, Top -@unnumberedsec What is modularity? - -@sp 1 -Modularity is the ability to separate concerns within a total process, and hide -the details of the different concerns in different containers. In CFEngine, this is a -@i{service oriented view}, in which different aspects of a problem are -separated and turned into generic components that offer a service. We -often talk about black boxes, grey boxes or white boxes depending on -the extent to which the user of a service can see the details within -the containers. - -@node What is orchestration?, How does CFEngine deal with modularity and orchestration?, What is modularity?, Top -@unnumberedsec What is orchestration? - -@sp 1 -Orchestration is the ability to coordinate many different processes in -time and space, around a system, so that the sum of those processes -yields a harmonious result through cooperation. - -Orchestration is not about centralized control, though this is common -misperception. An orchestra does not manage to play a symphony -because the conductor pulls every player's strings or blows every -trumpet in person, but rather because each @i{autonomous} player has a -copy of the script, knows what to do, and can use just the little -additional information from the conductor to access a viewpoint that -is not available to an individual. An orchestra is a weakly coupled -expert system in which the management (conductor) provides a service -to the players. - -CFEngine works like an orchestra -- this is why is scales so well. -Each computer is an autonomous entity, getting its script and a few -occasional pieces of information from the policy server (conductor). -The coupling between the agents is weak -- there is slack that makes -the behaviour robust to minor errors in communication or timing. - -@node How does CFEngine deal with modularity and orchestration?, Levels of policy abstraction, What is orchestration?, Top -@unnumberedsec How does CFEngine deal with modularity and orchestration? - -Promise Theory provides simple principles for hiding details: agents are -considered to reveal a kind of @i{service interface} to peers, that is -advertised by making a promise to someone. We assume an agent exerts -best effort in keeping its promises. Orchestration requires a promise -to coordinate and the promise to use that coordination service. -These basic ideas are built into CFEngine. - -CFEngine provides containers called @i{bundles} for creating modular -parts. Bundles can be independent (and therefore parallelizable) -or they can be dependent (in which case the sequence in which they -verify their promises matters). - -In a computer centre with many different machines, there is an -additional dimension to orchestration -- multiple orchestras. Each -machine has a number of resources that need to be orchestrated, and -the different machines themselves might also need to cooperate because -they provide services to one another. The principles are the same in -both cases, but the confusion between them is typically the reason why -large systems do not scale well. - -@node Levels of policy abstraction, Is CFEngine patch or package oriented?, How does CFEngine deal with modularity and orchestration?, Top -@unnumberedsec Levels of policy abstraction - -CFEngine offers a number of layers of abstraction. The most fundamental atom -in CFEngine is the promise. Promises can be made about many system issues, -and you described in what context promises are to be kept. - -@table @i -@item Menu level -At this high level, a user `selects' from a set of pre-defined `services' (or bundles in CFEngine parlance). -In commercial editions, users may view the set of services as a Service Catalogue, from which each -host selects its roles. The selection is not made by every host, rather one places hosts into roles that -will keep certain promises, just as different voices in an orchestra are assigned certain parts to play. - -@cartouche -@smallexample -bundle agent service_catalogue # menu -@{ -methods: - any:: # selected by everyone - "everyone" usebundle => @b{time_management}, - comment => "Ensure clocks are synchronized"; - "everyone" usebundle => garbage_collection, - comment => "Clear junk and rotate logs"; - - mailservers:: # selected by hosts in class - "mail server" -> @{ "goal_3", "goal_1", "goal_2" @} - usebundle => @b{app_mail_postfix}, - comment => "The mail delivery agent"; - "mail server" -> goal_3, - usebundle => @b{app_mail_imap}, - comment => "The mail reading service"; - "mail server" -> goal_3, - usebundle => @b{app_mail_mailman}, - comment => "The mailing list handler"; -@} -@end smallexample -@end cartouche - -The resulting menu of services can be browsed in the Mission Portal interface. -@float -@sp 1 -@center @image{service_catalogue,15cm,,iso,png} -@center A human-readable Service Catalogue generated from technical specifications -@center shows what goals are being attended to automatically -@sp 1 -@end float - - -@item Bundle level -At this level, users can switch on and off predefined features, or re-use -standard methods, e.g. for editing files: - -@cartouche -@verbatim -body common control -{ -bundlesequence => { - webserver("on"), - dns("on"), - security_set("on"), - ftp("off") - }; -} -@end verbatim -@end cartouche -The set of bundles that can be selected from is extensible by the user. - -@item Promise level -This is the most detailed level of configuration, and gives full -@i{convergent} promise behaviour to the user. At this promise level, -you can specificy every detail of promise-keeping behaviour, and -combine promises together, reusing bundles and methods from standard -libraries, or creating your own. - -@cartouche -@smallexample -bundle agent addpasswd -@{ -vars: - - # want to set these values by the names of their array keys - - "pwd[mark]" string => "mark:x:1000:100:Mark B:/home/mark:/bin/bash"; - "pwd[fred]" string => "fred:x:1001:100:Right Said:/home/fred:/bin/bash"; - "pwd[jane]" string => "jane:x:1002:100:Jane Doe:/home/jane:/bin/bash"; - -files: - - "/etc/passwd" # Use standard library functions - create => "true", - comment => "Ensure listed users are present", - perms => mog("644","root","root"), - edit_line => append_users_starting("addpasswd.pwd"); - -@} -@end smallexample -@end cartouche - -@item Spread-sheet level (data-driven) - -CFEngine commercial editions support a kind of spreadsheet. In a spreadsheet -approach, you create only the data to be inserted into predefined -promises. The data are entered in tabular form, and may be browsed in -the web interface. This form of entry is preferred in some -environments, especially on the Windows platform. - - -@end table - - - - -@node Is CFEngine patch or package oriented?, High level services in CFEngine, Levels of policy abstraction, Top -@unnumberedsec Is CFEngine patch-oriented or package-oriented? - -Some system management products are patching systems. They package lumps -of software and configuration along with scripts. If something goes wrong -they simply update or replace the package with a new one. This is a patching -model of system installation, but it is not a good model for repair as it nearly -always leads to interruption of service or even requires a reboot. - -Installation of packages overwrites too much data in one go to be an effective model -of simple repair@footnote{Sometimes it is desirable to reinstall an entire package, but normally this is only true -for software upgrades. CFEngine has an interface for working in concert with local -package managers (RPM,DEB,MSI, etc).}. It can be both ineffecient and destructive. CFEngine manages addressable -entities at the lowest possible level so that ultra-fine-grained repair can be -performed with no interruption of service, e.g. altering a field within a line in a file, -or restarting one process, or altering one bit of a flag in each file in a set of directories. -The power to express sophisticated patterns is what makes CFEngine's approach both -non-intrusive and robust. - -@node High level services in CFEngine, Hiding details, Is CFEngine patch or package oriented?, Top -@unnumberedsec High level services in CFEngine - -CFEngine is designed to handle high level simplicity (without -sacrificing low level capability) by working with configuration -@i{patterns}, after all configuration is all about promising -consistent patterns of system @i{state} in the resources of the -system. Lists, for instance, are a particularly common kind of -pattern: @i{for each of the following... make a similar promise}. -There are several ways to organize patterns, using containers, lists -and associative arrays. Let's look at how to configure a number of -application services. - - -At the simplest or highest level, we can turn services into "genes" -to switch on and off on your basic "stem cell" machines. - -@verbatim -body agent control -{ -bundlesequence => { - webserver("on"), - dns("on"), - security_set("on"), - ftp("off") - }; -} -@end verbatim - -This obviously looks simple, but this kind of simplicity is cheating -as we are hiding @i{all} the details of what is going to happen -- we -don't know if they are hard-coded, or whether we can decide -ourselves. Anyone can play that game! The true test is whether we can -retain the power to decide the low-level details without having to -program in a low level language like Ruby, Python or Perl. Let's peel -back some of the layers, knowing that we can hide as many of the -details as we like. - - -A simple, but low level approach to deploying a service, that veteran -users will recognize, is the following. This is a simple example of -orchestration between a promise to raise a signal about a missing process and -another promise to restart said process once its absence has been -discovered and signalled. - -@verbatim -bundle agent application_services -{ -processes: - - "sshd" restart_class => "start_ssh"; - "httpd" restart_class => "start_spache"; - -commands: - - start_ssh:: - "/etc/init.d/sshd restart"; - - start_apache:: - "/etc/init.d/apache restart"; - -} -@end verbatim - -But the first thing we see is that there is a repeated pattern, so we could -rewrite this as a single promise for a list of services, at the cost of a loss -of transparency. However, this is the power of abstraction. - -@page -@verbatim -bundle agent application_services -{ -vars: - - "service" slist => { "ssh", "apache", "mysql" }; - - # - # Apply the following promises to this list... - # - -services: - - "$(service)"; - -} -@end verbatim - -@node Hiding details, Black grey and white box encapsulation in CFEngine, High level services in CFEngine, Top -@unnumberedsec Hiding details - -Resource abstraction, or hiding system specific details inside a kind of -grey-box, is just another service as far as CFEngine is concerned -- and we -generally map services to bundles. - -Many system variables are discovered automatically by CFEngine and provided -"out of the box", e.g. the location of the filesystem table might be @code{/etc/fstab}, -or @code{/etc/vfstab} or even @code{/etc/filesystems}, but CFEngine allows you to -refer simply to @code{$(sys.fstab)}. Soft-coded abstraction needs cannot -be discovered by the system however. -So how do we create this mythical resource abstraction layer? It is -simple. Elsewhere we have defined basic settings. - -@page -@verbatim -bundle common res # abstraction layer -{ -vars: - - solaris:: - - "cfg_file[ssh]" string => "/etc/sshd_config"; - "daemon[ssh] " string => "sshd"; - "start[ssh] " string => "/etc/init.d/sshd restart"; - - linux.SuSE:: - - "cfg_file[ssh]" string => "/etc/ssh/sshd_config"; - "daemon[ssh] " string => "sshd"; - "start[ssh] " string => "/etc/init.d/sshd restart"; - - default:: - - "cfg_file[ssh]" string => "/etc/sshd_config"; - "daemon[ssh] " string => "sshd"; - "start[ssh] " string => "/etc/init.d/sshd restart"; - -classes: - - "default" and => { "!SuSE", "solaris" }; -} -@end verbatim - - -Some of the attempts to recreate a CFEngine-like tool try to hard code -many decisions, meaning that minor changes in operating system versions -require basic recoding of the software. CFEngine does not make decisions -for you without your permission. - - -@node Black grey and white box encapsulation in CFEngine, Bulk operations are handled by repeating patterns over lists, Hiding details, Top -@unnumberedsec Black, grey and white box encapsulation in CFEngine - -CFEngine's ability to abstract system decisions as promises also -applies to bundles of promises. After all, we can package promises -as bumper compendia for grouping together related matters in -a single package. Naturally, CFEngine never abandons its insistence -on convergence, merely for the sake of making things look -simple. Using CFEngine, you can create convergent orchestration. - -@verbatim -bundle agent services -{ -vars: - "service" slist => { "dhcp", "ntp", "sshd" }; -methods: - "any" usebundle => fix_service("$(service)"), - comment => "Make sure the basic application services are running"; -} -@end verbatim -The code above is all you really want to see. The rest can be hidden in libraries that -you rarely look at. In CFEngine, we want the intentions to shine forth and the -low level details to be clear on inspection, but hidden from view. - -We can naturally modularize the packaged bundle of fully convergent -promises and keep it as library code for reuse. Notice that -CFEngine adds comments in the code that follow processes through -execution, allowing you to see the full intentions behind the -promises in logs and error messages. In commercial versions, you can -trace these comments to see your process details. - -@verbatim -bundle agent fix_service(service) -{ -files: - - "$(res.cfg_file[$(service)])" - - # - # reserved_word => use std templates, e.g. cp(), p(), or roll your own - # - copy_from => cp("$(g.masterfiles)/$(service)","policy_host.mydomain"), - perms => p("0600","root","root"), - classes => define("$(service)_restart", "failed"), - comment => "Copy a stock configuration file template from repository"; - -processes: - - "$(res.daemon[$(service)])" - - restart_class => canonify("$(service)_restart"), - comment => "Check that the server process is running..."; - -commands: - - "$(res.start[$(service)])" - - comment => "Method for starting this service", - ifvarclass => canonify("$(service)_restart"); - -} - -@end verbatim - -@node Bulk operations are handled by repeating patterns over lists, Ordering operations in CFEngine, Black grey and white box encapsulation in CFEngine, Top -@unnumberedsec Bulk operations are handled by repeating patterns over lists - - -The power of CFEngine is to be able to handle lists of similar -patterns in a powerful way. You can also wrap the whole experience in -a method-bundle, and we can extend this kind of pattern to -implement other interfaces, all without low level programming. - -@page -@verbatim -# -# Remove certain services from xinetd - for system hardening -# - -bundle agent linux_harden_methods -{ -vars: - - "services" slist => { - "chargen", - "chargen-udp", - "cups-lpd", - "finger", - "rlogin", - "rsh", - "talk", - "telnet", - "tftp" - }; -methods: - - # - # for each $(services) in @(services) do disable_xinetd($(services)) - # - - "any" usebundle => disable_xinetd("$(services)"); -} -@end verbatim - - - -In the library of generic templates, we may keep one or more methods for implementing -service disablement. For example, this simple interface to Linux's @code{chkconfig} -is one approach, which need not be hard-coded in Ruby using Cfeninge. - -@verbatim -# -# For the standard library -# - -bundle agent disable_xinetd(name) -{ -vars: - "status" - - string => execresult("/sbin/chkconfig --list $(name)", "useshell"); - -classes: - "on" expression => regcmp(".*on","$(status)"); - "off" expression => regcmp(".*off","$(status)"); - -commands: - on:: - "/sbin/chkconfig $(name) off", - comment => "disable $(name) service"; - -reports: - on:: - "disable $(name) service."; - off:: - "$(name) has been already disabled. Don't need to perform the action."; - -} -@end verbatim - -@node Ordering operations in CFEngine, Bundle ordering, Bulk operations are handled by repeating patterns over lists, Top -@unnumberedsec Ordering operations in CFEngine - -Ordering of operations is less important than you probably -think. We are taught to think of computing as an linear sequence of -steps, but this ignores a crucial fact about distributed systems: that -many parts are independent of each other and exist in parallel. - -Nevertheless there are sometimes cases of strong inter-dependency -(that we strive to avoid, as they lead to most of the difficulties of -system management) where order @i{is} important. In re-designing -CFEngine, we have taken a pragmatic approach to ordering. Essentially, -CFEngine takes care of ordering for you for most cases -- and you can -override the order in three ways: - -@itemize -@item CFEngine checks promises of the same type in the order in which they are defined, unless overridden -@item Bulk ordering of composite promises (called bundles) is handled using an overall list using the bundlesequence (replaces the actionsequence in previous CFEngines) -@item Dependency coupling through dynamic classes, may be used to guarantee ordering in the few cases -where this is required, as in the example below: -@end itemize - -@node Bundle ordering, Overriding order, Ordering operations in CFEngine, Top -@unnumberedsec Bundle ordering - -There are two methods, working at different levels. -At the top-most level there is the master @code{bundlesequence} - -@sp 1 -@verbatim -body common control -{ -bundlesequence => { "bundle_one", "bundle_two", "bundle_three" }; -} -@end verbatim -@sp 1 -@noindent For simple cases this is good enough, but the main -purpose of the bundlesequence is to easily be able to switch on -or off bundles by commenting them out. - -A more flexible way of ordering bundles is to wrap the ordered process -in a master-bundle. Then you can create new sequences of bundles -(parameterized in more sophisticated ways) using @code{methods} -promises. Methods promises are simply promises to re-use bundles, -possibly with different parameters. - -The default behaviour is to retain the order of these promises; the effect -is to `execute' these bundles in the assumed order: -@sp 1 -@verbatim -bundle agent a_bundle_subsequence -{ -methods: - classes:: - "any" usebundle => bundle_one("something"); - "any" usebundle => bundle_two("something"); - "any" usebundle => bundle_three("something"); - -} -@end verbatim -@sp 1 -@noindent Alternatively, the same effect can be achieved as follows. -@sp 1 -@verbatim -bundle agent a_bundle_subsequence -{ -methods: - classes:: - "any" usebundle => generic_bundle("something","one"); - "any" usebundle => generic_bundle("something","two"); - "any" usebundle => generic_bundle("something","three"); - -} -@end verbatim -@sp 1 -@noindent Or ultimately: -@sp 1 -@verbatim -bundle agent a_bundle_subsequence -{ -vars: - "list" slist => { "one", "two", "three"}; - -methods: - classes:: - "any" usebundle => generic_bundle("something","$(list)"); - -} -@end verbatim - - -@page -@node Overriding order, Distributed Orchestration between hosts with CFEngine Enterprise, Bundle ordering, Top -@unnumberedsec Overriding order - -CFEngine is designed to handle non-deterministic events, such as -anomalies and unexpected changes to system state, so it needs to -adapt. For this, there is no deterministic solution and approximate -methods are required. Nevertheless, it is possible to make CFEngine -sort out dependent orderings, even when confounded by humans, as in -this example: - -@verbatim -bundle agent order - -{ -vars: - - "list" slist => { "three", "four" }; - -commands: - - ok_later:: - "/bin/echo five"; - - any:: - - "/bin/echo one" classes => define("ok_later"); - "/bin/echo two"; - "/bin/echo $(list)"; - -} - -@end verbatim - -@noindent The output of which becomes: -@verbatim -Q: ".../bin/echo one": one -Q: ".../bin/echo two": two -Q: ".../bin/echo three": three -Q: ".../bin/echo four": four -Q: ".../bin/echo five": five -@end verbatim - - - -@node Distributed Orchestration between hosts with CFEngine Enterprise, , Overriding order, Top -@unnumberedsec Distributed Orchestration between hosts with CFEngine Enterprise - -CFEngine Enterprise edition adds many powerful features to CFEngine, including -a decentralized approach to coordinating activities across multiple -hosts. Some tools try to approach this by centralizing data from the -network in a single location, but this has two problems: - -@itemize -@item It leads to a bottleneck by design that throttles performance seriously. -@item It relies on the network being available. -@end itemize - -With CFEngine Nova there are are both decentralized network approaches -to this problem, and probabilistic methods that do not require the network -at all. - -@menu -* Basic communication methods for orchestration:: -* Run job or reboot only if n out m systems are running:: -* The self-healing chain - inverse Dominoes:: -* A Domino sequence:: -* A Chinese Dragon:: -@end menu - -@node Basic communication methods for orchestration, Run job or reboot only if n out m systems are running, Distributed Orchestration between hosts with CFEngine Enterprise, Distributed Orchestration between hosts with CFEngine Enterprise -@unnumberedsubsec Basic communication methods for orchestration - -The two examples below illustrate the basic syntax constructions for -communication using systems. We can pass class data and variable data between -systems in a peer to peer fashion, or through an Enterprise hub. You can -run these with a server and an agent just on localhost to illustrate the -principles. - -In this first example, three persistent classes, with names following -a known pattern are defined on a remote system (by the agent). The -server bundle then grants access to these using an access -promise. Finally, a function call to @code{remoteclassesmatching} -imports the classes, with a prefix to the local system. - -@verbatim - -body common control -{ -bundlesequence => { "overture" }; -inputs => { "cfengine_stdlib.cf" }; -} - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1",}; -allowallconnects => { "127.0.0.1" , "::1", }; -trustkeysfrom => { "127.0.0.1" , "::1",}; -} - -####################################################### - -bundle agent overture -{ -classes: - "extended_context" - expression => remoteclassesmatching(".*did.*","127.0.0.1","yes","got"); - -files: - - "/etc/passwd" - create => "true", - classes => set_outcome_classes; - - -reports: - - got_did_task_one:: - "task 1 complete"; - - extended_context.got_did_task_two:: - "task 2 complete"; - - extended_context.got_did_task_three:: - "task 3 complete"; - -} - -body classes set_outcome_classes -{ -promise_kept => { "did_task_one","did_task_two", "did_task_three" }; -promise_repaired => { "did_task_one","did_task_two", "did_task_three" }; -#cancel_kept => { "did_task_one" }; -persist_time => "10"; -} - -bundle server access_rules() -{ -access: - - "did.*" - resource_type => "context", - admit => { "127.0.0.1" }; - -} - -@end verbatim -@noindent The output of this, on success is simply: -@smallexample - -R: task 1 complete -R: task 2 complete -R: task 3 complete - -@end smallexample - - -@noindent In this second example, we pass actual variable data between hosts. -The generic peer function @code{remotescalar} can address any other host -running @code{cf-serverd}. The abbreviated interface @code{hubknowledge} -assumes that it should get data from a hub. - -Both these functions ask for an identifier; it is up to the server to interpret -what this means and to return a value of its choosing. If the identifier matches -a persistent scalar variable (such as is used to count distributed processes in CFEngine -Enterprise) then this will be returned preferentially. If no such variable is found, -then the server will look for a literal string in a server bundle with a handle that -matches the requested object. - - - -@verbatim - -body common control -{ -bundlesequence => { "overture" }; -inputs => { "cfengine_stdlib.cf" }; -} - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1",}; -allowallconnects => { "127.0.0.1" , "::1", }; -trustkeysfrom => { "127.0.0.1" , "::1",}; -} - -####################################################### - -bundle agent overture -{ -vars: - - "remote" string => remotescalar("test_scalar","127.0.0.1","yes"); - - "know" string => hubknowledge("test_scalar"); - - "count_getty" string => hubknowledge("count_getty"); - -processes: - - # Use the enumerated library body to count hosts running getty - - "getty" - - comment => "Count this host if a job is matched", - classes => enumerate("count_getty"); - -reports: - - !elsewhere:: - - "GOT remote scalar $(remote)"; - "GOT knowedge scalar $(know)"; - "GOT persistent scalar $(xyz)"; - -} - -####################################################### - -bundle server access_rules() -{ -access: - - "value of my test_scalar, can expand variables here - $(sys.host)" - handle => "test_scalar", - comment => "Grant access to contents of test_scalar VAR", - resource_type => "literal", - admit => { "127.0.0.1" }; - - "XYZ" - resource_type => "variable", - handle => "XYZ", - admit => { "127.0.0.1" }; - -} -@end verbatim - -@noindent You can run this example on a single host, running the server, the agent and the hub (if you have Enterprise CFEngine). -The output will be something like this: -@smallexample - -host$ ./cf-agent -f ~/test.cf -K -R: GOT remote scalar value of my test_scalar, can expand variables here - cflu-10004 -R: GOT knowedge scalar value of my test_scalar, can expand variables here - cflu-10004 -R: GOT persistent scalar 1 - -@end smallexample - - - -@node Run job or reboot only if n out m systems are running, The self-healing chain - inverse Dominoes, Basic communication methods for orchestration, Distributed Orchestration between hosts with CFEngine Enterprise -@unnumberedsubsec Run job or reboot only if n out m systems are running - - -The ability to base local promises on global knowledge seems -superficially attractive in some cases. As a strategy this way of -thinking requires a lot of caution. We have to assume that all -knowledge gathered about an environment is subject to errors, -latencies and a dozen other uncertainties that make any snapshot of -remotely assessed current state subject to considerable healthy -suspicion. This is not a weakness of CFEngine -- in fact CFEngine has -mechanisms that make it as reliable as you are likely to find in any -technology -- rather it is a fundamental limitation of distributed -systems, and it is strongly dependent on the architectures you build. - -In the following example, we show how you can make certain decisions -based on global, uncertain knowledge, allowing for the fact that the -information is uncertain. In other words, we aim to err on the safe -side. In this case we ask how could we reboot systems after an upgrade -only if doing so would not jeopardize a Service Level Agreement to have -at least 20 machines running at all times. Since the globally -counted instances of a running process cannot be greater than the actual -number, this particular problem satisfies the constraint of erring -on the side of caution. - -@verbatim -############################################################ -# -# Keep a special promise only if at least n or m hosts -# keep a specific promise -# -# This method works with Enterprise CFEngine -# -# If you want to test this on localhost, just edit /etc/hosts -# to add host1 host2 host3 host4 as aliases to localhost -# -############################################################ - -body common control -{ -bundlesequence => { "n_of_m_symphony" }; -inputs => { "cfengine_stdlib.cf" }; -} - -############################################################ - -bundle agent n_of_m_symphony -{ -vars: - - "count_compliant_hosts" string => hubknowledge("running_myprocess"); - -classes: - - "reboot" expression => isgreaterthan("$(count_compliant_hosts)","20"); - -processes: - - "myprocess" - - comment => "Count this host if a job is matched", - classes => enumerate("running_myprocess"); - -commands: - - reboot:: - - "/bin/shutdown now"; -} - - -####################################################### - -bundle server access_rules() -{ -access: - - "value of my test_scalar, can expand variables here - $(sys.host)" - handle => "test_scalar", - comment => "Grant access to contents of test_scalar VAR", - resource_type => "literal", - admit => { "127.0.0.1" }; - - "running_myprocess" - resource_type => "variable", - admit => { "127.0.0.1" }; - -} - -@end verbatim - - - - - -@node The self-healing chain - inverse Dominoes, A Domino sequence, Run job or reboot only if n out m systems are running, Distributed Orchestration between hosts with CFEngine Enterprise -@unnumberedsubsec The self-healing chain - inverse Dominoes - - -A self-healing chain is the opposite of a dominoe event. If a part of -the chain is `down', it will be revived. If these events depend on one -another, then the resuscitation of this part which cause all of the -subsequent parts to be repaired too. - -Let's start with the more common case of the independently repairable -services, such as one might find in a multi-tier architecture: -database, web-servers, applications etc. - -The following example can be run on a multiple hosts or on a single -host, using the aliases described in the example. It illustrates -coordination through the use of CFEngine's @code{remoteclasses} -function in the Enterprise edition to get confirmation of the -self-healing structure. In fact, the verification of the self-healing -is optional if one trusts the underlying system. - -@verbatim -############################################################ -# -# The self-healing tower: Anti-Dominoes -# -# This method works with CFEngine Enterprise -# -# If you want to test this on localhost, just edit /etc/hosts -# to add host1 host2 host3 host4 as aliases to localhost -# -############################################################ - -body common control -{ -bundlesequence => { "weak_dependency_symphony" }; -inputs => { "cfengine_stdlib.cf" }; -} - -body server control -{ -allowconnects => { "127.0.0.1" , "::1", @(def.acl) }; -allowallconnects => { "127.0.0.1" , "::1", @(def.acl) }; -} - -############################################################ - -bundle agent weak_dependency_symphony -{ -methods: - - # We have to seed the beginning by creating the tower - # /tmp/tower_localhost - - host1:: - "tower" usebundle => tier1, - classes => publish_ok("ok_O"); - - host2:: - "tower" usebundle => tier2, - classes => publish_ok("ok_1"); - - host3:: - "tower" usebundle => tier3, - classes => publish_ok("ok_2"); - - host4:: - "tower" usebundle => tier4, - classes => publish_ok("ok_f"); - -classes: - - ok_O:: # Wait for the methods, report on host1 only - - "check1" expression => remoteclassesmatching("ok.*","host2","yes","a"); - "check2" expression => remoteclassesmatching("ok.*","host3","yes","a"); - "check3" expression => remoteclassesmatching("ok.*","host4","yes","a"); - -reports: - - ok_O:: - "tier 1 is ok"; - a_ok_1:: - "tier 2 is ok"; - a_ok_2:: - "tier 3 is ok"; - a_ok_f:: - "tier 4 is ok"; - - ok_O&a_ok_1&a_ok_2&a_ok_f:: - "The Tower is standing"; - - !(ok_O&a_ok_1&a_ok_2&a_ok_f):: - "The Tower is down"; -} - -############################################################ - -bundle agent tier1 -{ -files: - - "/tmp/something_to_do_1" - create => "true"; -} - -bundle agent tier2 -{ -files: - - "/tmp/something_to_do_2" - create => "true"; -} - -bundle agent tier3 -{ -files: - - "/tmp/something_to_do_3" - create => "true"; - -} - -bundle agent tier4 -{ -files: - - "/tmp/something_to_do_4" - create => "true"; -} - -############################################################ - - -bundle server access_rules() -{ -access: - - "ok.*" - resource_type => "context", - admit => { "127.0.0.1" }; - -} - -############################################################ - -body classes publish_ok(x) -{ -promise_repaired => { "$(x)" }; -promise_kept => { "$(x)" }; -cancel_notkept => { "$(x)" }; -persist_time => "2"; -} - -@end verbatim - -@noindent If we execute this simple test on a single host, or allow it to be executed on distributed -hosts, the chain forms and quickly stands up the system into a tower of dependencies. -@verbatim -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/self-healing-chain.cf -K -R: tier 1 is ok -R: tier 2 is ok -R: tier 3 is ok -R: tier 4 is ok -R: The Tower is standing -@end verbatim -If we break the tower, by giving it an impossible promise to keep, e.g. changing the name -of the directory in tier 3 to something that cannot be created@footnote{For this illustration, -we run in non-privileged mode and choose a directory name we do not have permission to create.}, -then tier 3 will fail and the output looks like this: -@verbatim -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/self-healing-chain.cf -K -Unable to make directories to /xtmp/something_to_do_3 - !!! System reports error for cf_mkdir: "Permission denied" -R: tier 1 is ok -R: tier 2 is ok -R: tier 4 is ok -R: The Tower is down -@end verbatim -@noindent Clearly, whatever tier 3 is really supposed to do, any promise failure -would result in the same behaviour. If we then correct the policy to make it repairable, the output -heals quickly: -@verbatim -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/self-healing-chain.cf -K -R: tier 1 is ok -R: tier 2 is ok -R: tier 4 is ok -R: The Tower is down -R: tier 3 is ok -R: The Tower is standing -@end verbatim - - - -@node A Domino sequence, A Chinese Dragon, The self-healing chain - inverse Dominoes, Distributed Orchestration between hosts with CFEngine Enterprise -@unnumberedsubsec A Domino sequence - - -A different kind of orchestration is a domino cascade, that starts -from some initial trigger, and causes a change in one host that causes -a change in the next, etc. These examples show how this can easily be -carried out by CFEngine. Dominio cascades can be done with Community -or Enterprise editions, but are limited to single machines in each -step. - -The basic principle is shown below@footnote{This example has deliberately been -made general enough to demonstrate on a single host with several aliases. If each -host can be guaranteed to have a unique name and address, we could simplify -the @code{hand_over} wrapper}. - -@i{Note: to simulate this on a single host, start the server and agent -with this same file as input, and make aliases to localhost in @file{/etc/hosts} -as described in the example.} - -@verbatim -############################################################ -# -# Dominoes -# -# This method works with either Community of Enterprise -# -# If you want to test this on localhost, just edit /etc/hosts -# to add host1 host2 host3 host4 as aliases to localhost -# -############################################################ - -body common control -{ -bundlesequence => { "dominoes_symphony" }; -inputs => { "cfengine_stdlib.cf" }; -} - -############################################################ - -bundle agent dominoes_symphony -{ -methods: - - # We have to seed the beginning by creating the dominoes - # /tmp/dominoes_localhost - - host1:: - "dominoes" usebundle => hand_over("localhost","host1","overture"); - - host2:: - "dominoes" usebundle => hand_over("host1","host2","first_movement"); - - host3:: - "dominoes" usebundle => hand_over("host2","host3","second_movement"); - - host4:: - "dominoes" usebundle => hand_over("host3","host4","final_movement"), - classes => if_ok("finale"); - -reports: - - finale:: - - "The visitors book of the Dominoes method" - printfile => visitors_book("/tmp/dominoes_host4"); - -} - -############################################################ - -bundle agent hand_over(predecessor,myalias,method) -{ - - # This is a wrapper for the orchestration - -files: - - "/tmp/tip_the_dominoes" - - comment => "Wait for our cue or relay/conductor baton", - copy_from => secure_cp("/tmp/dominoes_$(predecessor)","$(predecessor)"), - classes => if_repaired("cue_action"); - -methods: - - cue_action:: - - "the music happens" - - comment => "One off activity", - usebundle => $(method), - classes => if_ok("pass_the_stick"); - -files: - - pass_the_stick:: - - "/tmp/tip_the_dominoes" - comment => "Add our signature to the dominoes's tail", - edit_line => append_if_no_line("Knocked over $(myalias) and did: $(method)"); - - "/tmp/dominoes_$(myalias)" - - comment => "Dominoes in position to be beamed up by next agent", - copy_from => local_cp("/tmp/tip_the_dominoes"); - -} - -############################################################ - -bundle agent overture -{ -reports: - - !xyz:: - - "Singing the overture..."; -} - -bundle agent first_movement -{ -reports: - - !xyz:: - - "Singing the first adagio..."; -} - -bundle agent second_movement -{ -reports: - - !xyz:: - - "Singing second allegro..."; - -} - -bundle agent final_movement -{ -reports: - - !xyz:: - - "Trumpets for the finale"; - -} - -############################################################ - - -bundle server access_rules() -{ -access: - - "/tmp" - - admit => { "127.0.0.1" }; - - "did.*" - resource_type => "context", - admit => { "127.0.0.1" }; - -} - - -body printfile visitors_book(file) -{ -file_to_print => "$(file)"; -number_of_lines => "10"; -} - - -@end verbatim -@noindent When executed, this produces output only on the final host -in the chain, showing the correct ordering out operations. The -sequence also passes a file from host to host as a coordination -token, like a baton in a relay race, and each host signs this -so that the final host has a log of eery host involved in the -cascade. - -@verbatim -R: Singing the overture... -R: Singing the first adagio... -R: Singing second allegro... -R: Trumpets for the finale - -R: The visitors book of the Dominoes method -R: Knocked over host1 and did: overture -R: Knocked over host2 and did: first_movement -R: Knocked over host3 and did: second_movement -R: Knocked over host4 and did: final_movement - -@end verbatim - -The average time for such a cascade to complete will be half the -length of the chain multiplied by the run-interval, if normal cf-execd -splaytime is used. Without any splaying, the average time will be the -run interval multiplied by the chain length. The completion time -could be increased by using cf-runagent. - - -@node A Chinese Dragon, , A Domino sequence, Distributed Orchestration between hosts with CFEngine Enterprise -@unnumberedsubsec A Chinese Dragon star pattern - -The Chinese dragon darts back and forth between different hosts, -forming a chain of events, and leaving a trail behind it. This pattern -is much like the Domino pattern, except that it follows a star. The -orchestrated sequence of events follows the dragon from its lair to -the first satellite host, then back to its lair to record the journey, -then out to the next satellite, then back to its lair, etc. - -A prototypical application for this kind of pattern is taking servers, one by one, -off a load balancer (in the dragon's lair) and then upgrading them, before -reinstating them and moving on to the next host. - - -@verbatim -############################################################ -# -# Chinese Dragon Dancing on a Star -# -# This method works with either Community or Enterprise. -# and uses named signals -# -# If you want to test this on localhost, just edit /etc/hosts -# to add host1 host2 host3 host4 as aliases to localhost -# -############################################################ - -body common control -{ -bundlesequence => { "dragon_symphony" }; -inputs => { "cfengine_stdlib.cf" }; -} - -############################################################ - -bundle agent dragon_symphony -{ -methods: - - # We have to seed the beginning by creating the dragon - # /tmp/dragon_localhost - - "dragon" usebundle => visit("localhost","host1","chapter1"); - - "dragon" usebundle => visit("host1","host2","chapter2"); - - "dragon" usebundle => visit("host2","host3","chapter3"); - - "dragon" usebundle => visit("host3","host4","chapter4"), - classes => if_ok("finale"); - -reports: - - finale:: - - "The dragon is slain:" - printfile => visitors_book("/tmp/shoo_dragon_host4"); -} - -############################################################ -# Define the -############################################################ - -bundle agent chapter1(x) -{ -# Do something significant here - -reports: - - host1:: - " ----> Breathing fire on $(x)"; -} - -################################ - -bundle agent chapter2(x) -{ -# Do something significant here - -reports: - - host2:: - " ----> Breathing fire on $(x)"; - -} - -################################ - -bundle agent chapter3(x) -{ -# Do something significant here - -reports: - - host3:: - " ----> Breathing fire on $(x)"; - -} - -################################ - -bundle agent chapter4(x) -{ -# Do something significant here - -reports: - - host4:: - " ----> Breathing fire on $(x)"; - -} - -############################################################ -# Orchestration wrappers -############################################################ - -bundle agent visit(predecessor,satellite,method) -{ - - # This is a wrapper for the orchestration will be acted on - # first by the dragon's lair and then by the satellite - -vars: - - "dragons_lair" string => "host0"; - -files: - - # We start in the dragon's lair .. - - "/tmp/unleash_dragon" - - comment => "Unleash the dragon", - rename => to("/tmp/enter_the_dragon"), - classes => if_repaired("dispatch_dragon_$(satellite)"), - ifvarclass => "$(dragons_lair)"; - - # if we are the dragon's lair, welcome the dragon back, shooed from the satellite - - "/tmp/enter_the_dragon" - - comment => "Returning from a visit to a satellite", - copy_from => secure_cp("/tmp/shoo_dragon_$(predecessor)","$(predecessor)"), - classes => if_repaired("dispatch_dragon_$(satellite)"), - ifvarclass => "$(dragons_lair)"; - - # If we are a satellite, receive the dragon from its lair - - "/tmp/enter_the_dragon" - comment => "Wait for our cue or relay/conductor baton", - copy_from => secure_cp("/tmp/dragon_$(satellite)","$(dragons_lair)"), - classes => if_repaired("cue_action_on_$(satellite)"), - ifvarclass => "$(satellite)"; - -methods: - - "check in at home" - comment => "Edit the load balancer?", - usebundle => switch_satellite(" -> Send dragon to $(satellite)"), - classes => if_repaired("send_the_dragon_to_$(satellite)"), - ifvarclass => "dispatch_dragon_$(satellite)"; - - "dragon visits" - comment => "One off activity that the nodes carry out while the dragon visits", - usebundle => $(method)("$(satellite)"), - classes => if_repaired("send_the_dragon_back_from_$(satellite)"), - ifvarclass => "cue_action_on_$(satellite)"; - - -files: - - # hub/lair hub signs the book too and schedules the dragon for next satellite - - "/tmp/dragon_$(satellite)" - create => "true", - comment => "Add our signature to the dragon's tail", - edit_line => sign_visitor_book("Dragon returned from $(predecessor)"), - ifvarclass => "send_the_dragon_to_$(satellite)"; - - # Satellite signs the book and shoos dragon for hub to collect - - "/tmp/shoo_dragon_$(satellite)" - create => "true", - comment => "Add our signature to the dragon's tail", - edit_line => sign_visitor_book("Dragon visited $(satellite) and did: $(method)"), - ifvarclass => "send_the_dragon_back_from_$(satellite)"; - -reports: - - !xyz:: - - "Done $(satellite)"; - -} - -############################################################ - -bundle agent switch_satellite(name) -{ -files: - - "/tmp/enter_the_dragon" - comment => "Add our signature to the dragon's tail", - edit_line => append_if_no_line("Switch new dragon's target $(name)"); - -reports: - - !xyz:: - " X Switching new dragon's target $(name)"; -} - - -############################################################ - -bundle edit_line sign_visitor_book(s) -{ -insert_lines: - - "/tmp/enter_the_dragon" - comment => "Import the current visitor's book", - insert_type => "file"; - - "$(s)" comment => "Append this string to the visitor's book"; -} - -############################################################ - - -bundle server access_rules() -{ -access: - - "/tmp" - - admit => { "127.0.0.1" }; - - "did.*" - resource_type => "context", - admit => { "127.0.0.1" }; - -} - -############################################################ - -body printfile visitors_book(file) -{ -file_to_print => "$(file)"; -number_of_lines => "100"; -} - -@end verbatim - - - -Let's test it on a single host, equipped with aliases to the see entire flow. - -@noindent Without the trigger, this simply yields -@verbatim -R: Done host1 -R: Done host2 -R: Done host3 -R: Done host4 -@end verbatim - -@verbatim -host$ touch /tmp/unleash_dragon - -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/dragon.cf -K -R: X Switching new dragon's target -> Send dragon to host1 -R: Done host1 -R: Done host2 -R: Done host3 -R: Done host4 - -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/dragon.cf -K -R: ----> Breathing fire on host1 -R: Done host1 -R: X Switching new dragon's target -> Send dragon to host2 -R: Done host2 -R: Done host3 -R: Done host4 -host$ - -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/dragon.cf -K -R: ----> Breathing fire on host1 -R: Done host1 -R: X Switching new dragon's target -> Send dragon to host2 -R: ----> Breathing fire on host2 -R: Done host2 -R: X Switching new dragon's target -> Send dragon to host3 -R: Done host3 -R: Done host4 - -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/dragon.cf -K -R: ----> Breathing fire on host1 -R: Done host1 -R: X Switching new dragon's target -> Send dragon to host2 -R: ----> Breathing fire on host2 -R: Done host2 -R: X Switching new dragon's target -> Send dragon to host3 -R: ----> Breathing fire on host3 -R: Done host3 -R: X Switching new dragon's target -> Send dragon to host4 -R: Done host4 -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/orchestrate/dragon.cf -K -R: ----> Breathing fire on host1 -R: Done host1 -R: X Switching new dragon's target -> Send dragon to host2 -R: ----> Breathing fire on host2 -R: Done host2 -R: X Switching new dragon's target -> Send dragon to host3 -R: ----> Breathing fire on host3 -R: Done host3 -R: X Switching new dragon's target -> Send dragon to host4 -R: ----> Breathing fire on host4 -R: Done host4 - -R: The dragon is slain: -R: Switch new dragon's target -> Send dragon to host1 -R: Dragon returned from localhost -R: Dragon visited host1 and did: chapter1 -R: Switch new dragon's target -> Send dragon to host2 -R: Dragon returned from host1 -R: Dragon visited host2 and did: chapter2 -R: Switch new dragon's target -> Send dragon to host3 -R: Dragon returned from host2 -R: Dragon visited host3 and did: chapter3 -R: Switch new dragon's target -> Send dragon to host4 -R: Dragon returned from host3 -R: Dragon visited host4 and did: chapter4 - -@end verbatim - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Monitoring.texinfo b/docs/guides/SpecialTopic_Monitoring.texinfo deleted file mode 100644 index b4c0f173c3..0000000000 --- a/docs/guides/SpecialTopic_Monitoring.texinfo +++ /dev/null @@ -1,1063 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} -@c -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-monitoring.info -@settitle Monitoring with CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Monitoring with CFEngine -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine fulfils an unusual role as a management system, closing the -loop between measurement or monitoring of resources and change -management. CFEngine learns the normal behaviour of a system using -smart lightweight algorithm, and builds a statistical view of what -is normal behaviuour. Policy may then me measured against this normal -state to provide @i{relativistic} reporting of state, and the detection -of anomalies. - -A significant capability of CFEngine Nova over previous versions of -CFEngine, as well as other monitoring software, is the existence of -lightweight extensible probes, based on Perl Compatible Regular -Expressions. These probes can extract and store data in an efficient -and non-intrusive manner. Reports can be integrated into the Nova Knowledge Map -and anomalies are automatically detected by CFEngine's self-learning -algorithms. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010-11 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Monitoring introduction, (dir), (dir) -@top Measurement and Monitoring - -@menu -* Monitoring introduction:: -* Monitoring customization:: -@end menu - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node Monitoring introduction, Monitoring customization, Top, Top -@chapter Monitoring introduction - -@menu -* What is monitoring?:: -* What are the goals of monitoring?:: -* What does monitoring software do?:: -* Monitoring in CFEngine:: -* Visualization of monitoring in CFEngine:: -* Standard measured variables:: -* Estimate of the level of normality:: -* Variables:: -* Entropy:: -* Persistent classes for alert conditions:: -@end menu - -@node What is monitoring?, What are the goals of monitoring?, Monitoring introduction, Monitoring introduction -@unnumberedsec What is monitoring? - -The world of IT management is replete with monitoring -software. Monitoring is considered to be a major part of management, -and it plays a kind of `feel good' role to engineers even when it -often reveals little useful information. Users are often fiercely -loyal to certain monitoring solutions, However, most monitoring systems have -some key problems: - -@itemize -@item Many monitoring systems are so heavy weight that they lead to - a system large overhead. - -@item Scalability of monitoring solutions is often poor, both in terms -of system resource consumption and comprehensability of the data collected. -@end itemize -One might argue that these problems can be traced back to the overly ambitious -nature of what they try to achieve. - -Some common or popular monitoring solutions include: -@itemize -@item HP OpenView -@item Nagios -@item Munin -@item Zenoss -@item Ganglia -@item collectd -@end itemize - -@node What are the goals of monitoring?, What does monitoring software do?, What is monitoring?, Monitoring introduction -@unnumberedsec What are the goals of monitoring? - -Few montioring systems yield accurate or even very clear results about -systems, and yet we feel reassured by moving traces. We monitor -systems first and foremost out of a desire for knowledge. If that -seems like a trivial statement, you should examine your own -motivations carefully -- what is it you really want from a monitoring -solution? Accurate data, or some basic reassurance? - -As scientific instruments, most monitoring software is rather poorly -constructed. The devices are rarely calibrated, the results are -presented without context, sorted according to arbitrary thresholds, -and it is unclear what delay there was between the sampling of the -system and the presentation of the data. That makes the data values -and the traces almost useless - but not quite. What users really see -in monitoring is patterns of change. Monitoring software forms a -bridge between actual data about the system and the habits of the -human brain. - - -@node What does monitoring software do?, Monitoring in CFEngine, What are the goals of monitoring?, Monitoring introduction -@unnumberedsec What does monitoring software do? - -Typically, monitoring software samples data from systems through a number of -probes and presents the data in some graphical form. A few systems can also -perform statistical analysis and even look-ahead forecasting of the data. -Much monitoring software is based on the Simple Network Management -Protocol (SNMP) which is an active probe regime usually run from a -centralized network manager. - -The simple fact of the matter is that most monitoring software -simple presents a rough visualization of the raw data to users -as either a set of alarms (loggable messages) or as a moving time-series, -analogous to a hospital vital-signs monitor (EEG or ECG). - -If one is cynical, it might be said that some monitoring systems waste -users' time by producing moving graphs with a level of detail that is -utterly inappropriate. Users then sit transfixed to these moving -traces, watching for any insignificant change -- and, because there is -no context or history to meaure the changes against, every change -appears to be interesting. - - -@node Monitoring in CFEngine, Visualization of monitoring in CFEngine, What does monitoring software do?, Monitoring introduction -@unnumberedsec Monitoring in CFEngine - - -In CFEngine, there is @code{cf-monitord}, which runs as a local agent -on every computer. This daemon wakes up every couple of minutes and -samples data for a number of variables without using the network. The -data are then stored in an embedded database on the localhost, using a -smart algorithm that prevents the datasize from growing endlessly. -CFEngine uses a model of system behaviour based on the findings of -research about how computers behave in a network. The model reveals -strong weekly patterns in most measurable data, or no pattern -whatsoever. This knowledge can be used to compress the data by a large -factor and enables @code{cf-monitord} to carry out a real time -statistical analysis of the normal behaviour that is updated over -time. - -CFEngine was not written to replace other monitoring systems, -but to achieve rather concrete goals. In order to achieve these -goals, CFEngine does not monitor as often as other systems, -and it presents results rather differently. - -The goals of monitoring in CFEngine are: - -@itemize -@item To not waste users' time with insignificant changes, but provide -meaningful updates at a rate that is defensible based on the rate of -change of the system. -@item To provide meaningful information that is placed in -the context of what is normal. -@item To reveal trends and patterns at a glance. - -@item To scale to tens of thousands of hosts without placing a significant -burden on the hosts being monitored. -@item To be as hands-free in configuration as possible, but allow customization. - - -@item To provide a feedback mechanism for system policy so that systems can -respond directly to conditions that are detected. -@end itemize - -The information returned by @code{cf-monitord} comes in a number of forms: - -@itemize -@item As visual, plottable graphs. -@item As CFEngine classes that are passed to @code{cf-agent} and may be used to generate -alarms or automatic responses. -@end itemize - -@sp 1 -@center @image{timeseries,15cm} -@sp 1 -@center A graphical rendering of a 100 x load average pattern collected by a host. -@sp 1 - - - -@node Visualization of monitoring in CFEngine, Standard measured variables, Monitoring in CFEngine, Monitoring introduction -@unnumberedsec Visualization of monitoring in CFEngine - -The CFEngine community edition provides limited support for -visualization. The @code{cf-report} command can be used to generate -files that can be plotted with other free software. So far this is not -well documented, since the process requires special knowledge of some -less-well known Open Source tools (see Reference Manual, reporter -control promises). - -However, in the commercial edition of CFEngine (Nova/Enterprise), much effort has been put into making the centralized -collection and visualization of these data straightforward and -powerful so that all of the learned information about a network -may be seen and analysed from a single location. - - -Any model of fluctuating values is based on the idea that the changing -signal has a basic separation of signal and noise. The variability of -the signal is generally characterized by a probability distribution -which often peaks about the mean value. Some tools and many papers -assume that the distribution of fluctuations is Gaussian. This is -almost never the case in real computer systems. - -CFEngine plots the following values together to provide -an interpretive context for the data: - -@itemize -@item The last sampled value (@samp{value}). This is the actual `current value'. This is the orange -line in the figure above. -@item The rolling average of the data for each 5 minute interval of the week (@samp{av}). This represents -the best estimate of what is normal. This is the green line in the figure above. -@item An envelope of on standard deviation above (red vertical bars) and below (green vertical bars) the average -to show the envelope of normal `variation' (@samp{dev}). -@end itemize - -@cartouche -Note: it is a common misconception that the mean and standard deviation only -apply to Gaussian statistical models. This is not true, although it is true that -these quantities have a special significance for these distributions. You may think -of the rolling mean as a representative average value that represents what is approximately -`normal'. The standard deviation plays the role of an approximate estimate of the uncertainty -in the value of the mean. These values should be treated as heuristics, not as absolute truths -in any reasonable statistical interpretation of the data. -@end cartouche - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node Standard measured variables, Estimate of the level of normality, Visualization of monitoring in CFEngine, Monitoring introduction -@unnumberedsec Standard measured variables - -When CFEngine detects an anomaly, it classified the current statistical -state of the system into a number of classes. - -CFEngine classifies anomalies by whether the currently measured state of -the system is higher or lower than the average for the current time of -week. The amount of deviation is based on an estimate of the `standard -deviation'. The precise definition of the average and standard -deviations is complex, and is discussed in the paper "M. Burgess, -Probabilistic anomaly detection in distributed computer -networks", (submitted to Science of Computer Programming, and available -on the web). - -The list of measured attributes is currently fixed to the following: - - -The first part of the string is from the list: - -@table @code -@item users -The number of different users that appear in the process table of the system. -@item rootprocs -The nunmber of current processes started by root/Administrator. -@item userprocs -The number of current processes started by non-privileged users. -@item diskfree -The amount of disk free on root file system. -@item loadavg -The load average of the system (actually multiplied by 100). -@end table -Socket counts of network services distinguish between incoming and outgoing -sockets (to a service or from a client). -@table @code -@item netbiosns -Registers traffic to/from port 137. -@item netbiosdgm -Registers traffic to/from port 138. -@item netbiosssn -Registers traffic to/from port 139. -@item irc -Registers traffic to/from port 194. -@item CFEngine -Registers traffic to/from port 5308. -@item nfsd -Registers traffic to/from port 2049. -@item smtp -Registers traffic to/from port 25. -@item www -Registers traffic to/from port 80. -@item ftp -Registers traffic to/from port 21. -@item ssh -Registers traffic to/from port 22. -@item wwws -Registers traffic to/from port 443. -@end table - -If you have tcpdump program installed in a standard location, then the monitor can be confugured to -collect data about the network flows to your host. - -@table @code -@item icmp -Traffic belonging to the ICMP protocol (ping etc). -@item dns -Traffic to port 53, the Domain Name Service (usually a special case of UDP). -@item udp -Miscellaneous UDP traffic that is not related to DNS. -@item tcpsyn -Registers TCP packets with SYN flag set. -@item tcpack -Registers TCP packets with ACK flag set. -@item tcpfin -Registers TCP packers with FIN flag set. -@item misc -Registers all other packets, not covered above. -@end table - - -@node Estimate of the level of normality, Variables, Standard measured variables, Monitoring introduction -@unnumberedsec Estimate of the level of normality - -When @code{cf-monitord} has accurate knowledge of statistics, it classifies -the current state into 3 levels: - -@cindex normal -@cindex dev1 -@cindex dev2 -@cindex anomaly -@cindex microanomaly - -@table @code -@item normal -means that the current level is less -than one standard deviation above normal. -@item dev1 -means that the -current level is at least one standard deviation about the average. - -@item dev2 -means that the current level is at least two standard -deviations about the average. - -@item anomaly -means that the current level is more than 3 standard deviations above average. - -@end table - -@noindent -Each of these charaxterizations assumes that there are good data -available. The @file{cf-monitord} evaluates its data and decides whether or -not the data are too noisy to be really useful. If the data are too -noisy but the level @i{appears} to be more than two standard deviations -above aaverage, then the category @code{microanomaly} is used. - -Here are some example classes: - -@smallexample -userprocs_high_dev2 -userprocs_low_dev1 -www_in_high_anomaly -smtp_out_high_dev2 -@end smallexample - -@noindent A complete list of standard metrics -@cindex Anomalies -Base classes: -@smallexample - users - rootprocs - otherprocs - diskfree - loadavg - netbiosns_in - netbiosns_out - netbiosdgm_in - netbiosdgm_out - netbiosssn_in - netbiosssn_out - irc_in - irc_out - CFEngine_in - CFEngine_out - nfsd_in - nfsd_out - smtp_in - smtp_out - www_in - www_out - ftp_in - ftp_out - ssh_in - ssh_out - wwws_in - wwws_out - icmp_in - icmp_out - udp_in - udp_out - dns_in - dns_out - tcpsyn_in - tcpsyn_out - tcpack_in - tcpack_out - tcpfin_in - tcpfin_out - tcpmisc_in - tcpmisc_out -@end smallexample -Suffixes: -@smallexample -_high_microanomaly -_low_microanomaly - -_high_dev1 -_low_dev1 - -_high_dev2 -_low_dev2 - -_high_anomaly -_low_anomaly - -_high_ldt -_low_ldt -@end smallexample - - -@node Variables, Entropy, Estimate of the level of normality, Monitoring introduction -@unnumberedsec Variables - -The @code{cf-monitord} sets variables which cache the values that were valid at the -time of the anomaly's occurrance. These are of the same form as above. -@smallexample -value_rootprocs -average_rootprocs -stddev_rootprocs - -value_nsfd_in -average_nfsd_in -stddev_nfsd_in -@end smallexample -The Leap Detection Test buffer is called -@smallexample -ldtbuf_users -ldtbuf_otherprocs -@end smallexample -etc. - -@menu -* Entropy:: -@end menu - -@node Entropy, Persistent classes for alert conditions, Variables, Monitoring introduction -@unnumberedsec Entropy - -For network related data, CFEngine evaluates the entropy in the -currently measured sample of measurements, with respect to the -different IP addresses of the sources. You can use these to predicate -the appearance of an anomaly, e.g. -@cindex Entropy -@smallexample - entropy_www_in_high - entropy_smtp_in_low -@end smallexample - -For example, if you only want to know when a huge amount of SMTP traffic arrives from a -single IP source, you would label your anomaly response: -@smallexample -entropy_smtp_in_low.smtp_in_high_anomaly:: -@end smallexample -@noindent -since the entropy is low when the majority of traffic -comes from only a small number of IP addresses (e.g. one). The entropy is maximal -when activity comes equally from several different sources. - - - -@node Persistent classes for alert conditions, , Entropy, Monitoring introduction -@unnumberedsec Persistent classes for alert conditions - - -Another application for alerts is to pass signals from one invocation of the CFEngine agent to -another by persistent, shared memory. For example, suppose a -short-lived anomaly event triggers a class that relates to a security -alert. The event class might be too short-lived to be followed up by -cfagent in full. One could thus set a long term class that would -trigger up several follow-up checks. A persistent class could also be -used to exclude an operation for an interval of time. - -Persistent class memory can be added through a system alert functions -to give timer behaviour. For example, consider setting a class that -acts like a non-resettable timer. It is defined for exactly 10 minutes -before expiring. - -@verbatim -body classes example - { - persist_time => "10"; - } - -body classes example - { - timer_policy => "reset"; - } - -@end verbatim - - - - -@node Monitoring customization, , Monitoring introduction, Top -@chapter Monitoring customization - -@menu -* What are measurements?:: -* measurements promises:: -* Scanning log files for patterns:: -* FTP:: -* DNS:: -* Email:: -* Milter:: -* Breakin:: -* Threshold monitoring:: -* Summary Monitoring:: -@end menu - -@node What are measurements?, measurements promises, Monitoring customization, Monitoring customization -@unnumberedsec What are measurements? - -@sp 1 -Measurement promises perform sampling of system variables, and -scanning of files and probes, at regular controllable intervals in -order to present an efficient overview of actual changes taking place over time. - - -@node measurements promises, Scanning log files for patterns, What are measurements?, Monitoring customization -@unnumberedsec @code{measurements} promises -@sp 1 - -In CFEngine Nova and above, you can extract data from the -system in sophisticated ways from files or pipes, using Perl -Compatible Regular Expressions to match text. The @code{cf-monitord} -agent is responsible for processing measurement promises. - -In this example, we count lines matching a pattern in a file. -You might want to scan a log for instances of a particular -message and trace this number over time. - - -@node Scanning log files for patterns, FTP, measurements promises, Monitoring customization -@unnumberedsec Scanning log files for patterns -@sp 1 - -You will have to scan the log file for each separate summary -you want to keep, so you win a lot of efficiency by lumping -together mulitple patterns in a longer regular expressions. - -Be careful however about the trade-off. Disk access is certainly the -most expensive computing resource, but a smart filesystem might do good caching. - -Regular expression processing, on the other hand, is CPU expensive, so -if you have very long or complex patterns to match, you will begin -to eat up CPU time too. - -At the end of the day, you should probably do some tests to find a good -balance. One goal of CFEngine is to minimally impact your system performance, -but it is possible to write promises that have the opposite effect. Check -your work! - -@verbatim - -bundle monitor watch -{ -measurements: - - "/home/mark/tmp/file" - - handle => "line_counter", - stream_type => "file", - data_type => "counter", - match_value => scan_log("MYLINE.*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node FTP, DNS, Scanning log files for patterns, Monitoring customization -@unnumberedsec Scanning syslog for FTP statistics -@sp 1 - -There are many things that you can set CFEngine at monitoring. For example, -CFEngine can automtically collect information about the number of socket-level -connections made to the ftp server, but you might want more detailed -statistics. For example, you might want to track the volume of data sent -and received, or the number of failed logins. Here are a collection of -monitoring promises for doing just that. - -Note that the ftp logs are maintained by syslog, so it is necessary to match -only those lines which correspond to the appropriate service. We also assume -that the specific messages are sent to @file{/var/log/messages}, while your -configuration may specify otherwise. Likewise, your operating systems's -version of ftp may issue messages with a slightly different format than ours - -@verbatim - -bundle monitor watch_ftp -{ -vars: - "dir" slist => { "get", "put" }; - -measurements: - - "/var/log/messages" - - handle => "ftp_bytes_${dir}", - stream_type => "file", - data_type => "int", - match_value => extract_log(".*ftpd\[.*", ".*${dir} .* = (\d+) bytes.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/messages" - - handle => "ftp_failed_login", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*ftpd\[.*", ".*FTP LOGIN FAILED.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/messages" - - handle => "ftp_failed_anonymous_login", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*ftpd\[.*", ".*ANONYMOUS FTP LOGIN REFUSED.*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body match_value extract_log(line, extract) -{ -select_line_matching => "$(line)"; -extraction_regex => "$(extract)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node DNS, Email, FTP, Monitoring customization -@unnumberedsec Scanning DNS logs for query statistics -@sp 1 - -Another thing you might want to do is monitor the types of queries that your -DNS server is being given. One possible reason for this is to test for -unusual behavior. For example, suddenly seeing a surge in @samp{MX} requests -might indicate that your system is being targeted by spammers (or that one of -your users is sending spam). If you are thinking of converting to IPv6, you -might want to compare the number of @samp{A} requests to @samp{AAAA} and -@samp{A6} requests to see how effective your IPv6 implementation is. - -Because DNS logs are directly maintained by @samp{bind} or @samp{named} (and -do not go through syslog), the parsing can be simpler. However, you @i{do} -need to configure DNS to log query requests to the appropriate log file. In -our case, we use @file{/var/log/named/queries}. - -@verbatim - -bundle monitor watch_dns -{ -vars: - "query_type" slist => { "A", "AAAA", "A6", "CNAME", "MX", "NS", - "PTR", "SOA", "TXT", "SRV", "ANY" }; -measurements: - "/var/log/named/queries" - handle => "DNS_$(query_type)_counter", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".* IN $(query_type).*"), - history_type => "log", - action => sample_rate("0"); -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node Email, Milter, DNS, Monitoring customization -@unnumberedsec Scanning syslog for email statistics -@sp 1 - -Email is another syslog-based facility that you may want to use CFEngine to -monitor. There are a number of volumetric data that are of interest. For -example, the number of messages sent and received, the number of messages -that have been deferred (a large number might indicate networking problems or -spam bounces), and the number of spam messages that have been -detected and removed by the assorted spam filters. - -The samples below assume that there is a separate logfile for email (called -@file{/var/log/maillog}) and that a few of the standard sendmail rulesets -have been enabled (see -@samp{http://www.sendmail.org/~ca/email/relayingdenied.html} for details). -As with any syslog-generated file, you need to check for the appropriate -service, and in this case we are lumping local messages (sent through -@samp{sm-mta}) and remote messages (sent through @samp{sendmail}) into a -single count. Your mileage may of course vary. - -If you use one or more sendmail "milters", each of these will also output -their own syslog messages, and you may choose to track the volume of -rejections on a per-filter basis. - -@verbatim - -bundle monitor watch_email -{ -vars: - "sendmail" string => ".*(sendmail|sm-mta)\[.*"; - - "action" slist => { "Sent", "Deferred" }; - -measurements: - - "/var/log/maillog" - - handle => "spam_rejected", - stream_type => "file", - data_type => "counter", - # This matches 3 kinds of rulesets: check_mail, - # check_rcpt, and check_relay - match_value => scan_log("$(sendmail)ruleset=check_(mail|rcpt|relay).*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/maillog" - - handle => canonify("mail_$(action)", - stream_type => "file", - data_type => "counter", - match_value => scan_log("$(sendmail)stat=$(action) .*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node Milter, Breakin, Email, Monitoring customization -@unnumberedsec Scanning syslog for email milter failures -@sp 1 - -Milters are relatively new in sendmail, and some have problems. You can also -use monitoring to detect certain types of failure modes. For example, if a -milter is running (that is, there is a process present) but it does not -respond correctly, sendmail will log an entry like this in syslog (where -@samp{xyzzy} is the name of the milter in question): - -@verbatim -Milter (xyzzy): to error state -@end verbatim - -A small number of these messages is no big deal, since sometimes the milter -has temporary problems or simply encounters an email message that it finds -confounding. But a larger value of these messages usually indicates that the -milter is in a broken state, and should be restarted. - -You can use @samp{cf-monitord} to check for the number of these kinds of -messages, and use the soft classes that it creates to change how -@samp{cf-agent} operates. For example, here we will restart any milter -which is showing a high number of failure-mode messages: - -@verbatim -bundle monitor watch_milter -{ -vars: - "milter" slist => { "dcc", "bogom", "greylist" }; - -measurements: - - "/var/log/maillog" - - handle => "${milter}_errors", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*Milter (${milter}): to error state"), - history_type => "log", - action => sample_rate("0"); -} - -bundle agent fix_milter -{ -vars: - "m[dcc]" string => "/var/dcc/libexec/start-dccm"; - "m[bogom]" string => "/usr/local/etc/rc.d/milter-bogom.sh restart"; - "m[greylist]" string => "/usr/local/etc/rc.d/milter-greylist restart"; - -commands: - "$(m[$(watch_milter.milter)])" - ifvarclass => "$(watch_milter.milter)_high"; -} -@end verbatim - - -@node Breakin, Threshold monitoring, Milter, Monitoring customization -@unnumberedsec Scanning syslog for breakin attempts -@sp 1 - -A lot of script-kiddies will probe your site for vulnerabilities, using -dictionaries of account/password combinations, looking for unguarded accounts -or accouts with default passwords. Most of these scans are harmless, because -a well-maintained site will not use the default passwords that these hackers -seek to exploit. - -However, knowing that you are being scanned is a good thing, and CFEngine can -help you find that out. Because @samp{sshd} logs it's message through -@samp{syslog}, we again need to filter lines based on the service name. On -our system, authorization messages are routed to @file{/var/log/auth.log}, -and we would monitor it like this: - -@verbatim -bundle monitor watch_breakin_attempts -{ -measurements: - "/var/log/auth.log" - # This is likely what you'll see when a script kiddie probes - # your system - - handle => "ssh_username_probe", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*Invalid user.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # As scary as this looks, it may just be because someone's DNS - # records are misconfigured - but you should double check! - - handle => "ssh_reverse_map_problem", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*POSSIBLE BREAK-IN ATTEMPT!.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # Someone is trying to log in to an account that is locked - # out in the sshd config file - - handle => "ssh_denygroups", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*group is listed in DenyGroups.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # This is more a configuration error in /etc/passwd than a - # breakin attempt... - - handle => "ssh_no_shell", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*because shell \S+ does not exist.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # These errors usually indicate a problem authenticating to your - # IMAP or POP3 server - - handle => "ssh_pam_error", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*error: PAM: authentication error.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # These errors usually indicate that you haven't rebuilt your - # database after changing /etc/login.conf - maybe you should - # include a rule to do this command: cap_mkdb /etc/login.conf - - handle => "ssh_pam_error", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*login_getclass: unknown class.*"), - history_type => "log", - action => sample_rate("0"); -} - -@end verbatim - - -See the CFEngine Nova documentation for more possibilities of measurement -promises. - - - -@node Threshold monitoring, Summary Monitoring, Breakin, Monitoring customization -@unnumberedsec Threshold monitoring - -@verbatim -vars: - - "probes" slist => { "www", "smtp", "ssh" }; - -classes: - - "$(probes)_threshold" expression => isgreaterthan("$(mon.$(probes))","50"); - -reports: - - "Help $(probes)!" ifvarclass => "$(probes)_threshold"; - -@end verbatim - - - - -@node Summary Monitoring, , Threshold monitoring, Monitoring customization -@unnumberedsec Summary Monitoring - - -There are endless possibilities for monitoring with CFEngine -Nova. This document has suggested a few. - - - - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_NovaReportArch.texinfo b/docs/guides/SpecialTopic_NovaReportArch.texinfo deleted file mode 100644 index 0d53050eee..0000000000 --- a/docs/guides/SpecialTopic_NovaReportArch.texinfo +++ /dev/null @@ -1,205 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-novareportarch.info -@settitle The Nova Report Architecture -@setchapternewpage odd -@c %** end of header - -@titlepage -@title The Nova Report Architecture -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -In the default set-up, CFEngine Nova is a star network and uses -bidirectional communication on port @code{5308} between the policy hub -and client hosts. - -However, Nova does not require network at all --- you can manage and -track your systems with a usb-stick if you wish. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node reportarch -@top The Nova Report Architecture -@menu -@end menu - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node How are reports collected? -@unnumberedsec How are reports collected? -@sp 1 - -In CFEngine Nova, hosts are normally managed with policy deployed in -@file{/var/cfengine/masterfiles} at the policy hub. Once the policy -hub is set up, new clients are easily added by bootstrapping them -using the ip-address of the policy hub. - -Each time a new host bootstraps to the policy hub, it pulls down the -policy and the policy hub notes the connection in its last-seen -database (this database is available as a report in the Nova Mission -Portal). - -By using the last-seen database, the policy hub registers which hosts -it should query for reports. The @code{cf-hub} component of Nova runs -as a daemon and regularly queries each host for reports, using port -@code{5308} by default (configurable in @code{body hub control}). The -reports are stored into a @code{mongodb} database on the policy hub. - -@center @image{novaarch,8cm,,Nova Report Architecture,eps} - -Note that by design, CFEngine only allows pull as mode of -communication. - -@node When are reports transferred?, , How are reports collected? -@unnumberedsec When are reports transferred? -@sp 1 - -It is the @code{cf-hub} component on the policy hub that schedules -report collection. There are two types of reports --- @code{delta} and -@code{full}. @code{delta} is transferred every five minutes, while -@code{full} is transferred every six hours. This schedule can be -changed in @code{body hub control}. - -@code{delta} includes the reports from the last ten minutes, while -full includes reports from the last week. Also, @code{full} includes -some large, more static reports like the software installed reports. - - -@node How do I force report collection on the policy hub?, , When are reports transferred? -@unnumberedsec How do I force report collection on the policy hub? -@sp 1 - -If you have network connectivity to a client host from the policy hub, -you can gather reports manually by running @code{cf-runagent -H -CLIENTIP -q full} on the policy hub. Fill in @code{CLIENTIP} with the -real ip-address of the client host. You may also collect delta reports -if you wish. Running this in verbose mode (@code{-v}) may help -debugging issues where reports do not show up in the Mission Portal. - - -@node What is the size of a report batch from a host?, , How do I force report collection on the policy hub? -@unnumberedsec What is the size of a report batch from a host? -@sp 1 - -This depends on the policy and the amount of reports the host -generates, but usually delta reports are a few kilobytes and full -reports are a few hundred kilobytes. - - -@node Can I export reports from a host into a file?, , What is the size of a report batch from a host? -@unnumberedsec Can I export reports from a host into a file? -@sp 1 - -Yes, this can be done by running @code{cf-report -x full} on the -client host. The output file will be written to -@code{/var/cfengine/reports/nova_export.nov}. You may also use -@code{cf-report -x delta}, but then you must make sure to transfer and -import the file much more frequently. - - -@node How do I import a report file into the policy hub?, , Can I export reports from a host into a file? -@unnumberedsec How do I import a report file into the policy hub? -@sp 1 - -Copy the file generated by the export command at the client to the -policy hub, using any mechanism. At the policy hub, run the following -command @code{cf-report -i FILEPATH}, where @code{FILEPATH} is the -path to the file generated by the client host. After this step, the -client should show up in the Nova Mission Portal web interface. - -Also, the Mission Portal will show when the last data was imported -from a client when viewing the client's host page. - -@node How often should I import the reports?, , How do I import a report file into the policy hub? -@unnumberedsec How often should I import the reports? -@sp 1 - -A @code{full} import should be done at least every six hours from each -client host. For @code{delta} imports to be useful, they should be -done at least every ten minutes. - -Doing them more often will not harm --- duplicate entries are -automatically detected. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_OpenNebula.texinfo b/docs/guides/SpecialTopic_OpenNebula.texinfo deleted file mode 100644 index 90a3d82ace..0000000000 --- a/docs/guides/SpecialTopic_OpenNebula.texinfo +++ /dev/null @@ -1,651 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-opennebula.info -@settitle Using CFEngine with Open Nebula -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Using CFEngine with Open Nebula -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -This guide explains how CFEngine can be used in conjunction with the -Open Nebula cloud controller software. It offers a simple -introduction to the configuration of physical and virtual components -of an Open Nebula based cloud. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What is Open Nebula, (dir), (dir) -@top Open Nebula -@menu -* What is Open Nebula:: -* How can CFEngine work with Open Nebula:: -* Example Setup:: -* Installation and dependancy configuration:: -* NFS config for shared image repository:: -* Open Nebula environment configuration:: -* Network configuration:: -* Virtual machine template configuration:: -* Open Nebula Commands:: -* Virtual machine configuration:: -* Open Nebula Summary:: -@end menu -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is Open Nebula, How can CFEngine work with Open Nebula, Top, Top -@unnumberedsec What is Open Nebula? - -Open Nebula is an Open Source framework for Cloud Computing that aims -to become an industry standard. The project is designed to be scalable -and offer compatbility with Amazon EC2 the Open Cloud Computing -Interface (OCCI). Open Nebula is used as a cloud controller in a -number of large private clouds. - - -@node How can CFEngine work with Open Nebula, Example Setup, What is Open Nebula, Top -@unnumberedsec How can CFEngine work with Open Nebula? - -CFEngine is a lifecycle management tool that can be integrated with a -Cloud Computing framework in a number of ways. Of the four phases of the computer lifecycle, -Open Nebula and CFEngine will play different roles. -@table @i -@item Build -Open Nebula focuses on building virtual machines in a managed framework, based on pre-built -images. CFEngine can further customize these images through package of customized installation -measures. -@item Deploy -Open Nebula provides manual controls to bring up and tear down generic virtualized machines -containing a baseline of software. CFEngine can further deploy patches and updates to these basic -images without needing to take down a machine. -@item Manage -One a machine is running, CFEngine can manage it exactly like any other physical computer. -@item Audit/Report -CFEngine's local agents can extract information and learn system trends and characteristics -over time. These may be collected in CFEngine's reporting interface or Mission Portal. -@end table - -@sp 1 -@cartouche -Open Nebula's focus is on managing the deployment and recycling of the computing infrastucture. -CFEngine picks up where Open Nebula leaves off and manages the dynamic lifecycle of software, -applications and runtime state. -@end cartouche - -@sp 1 - -@node Example Setup, Installation and dependancy configuration, How can CFEngine work with Open Nebula, Top -@unnumberedsec Example Setup - -@sp 1 - -This guide is based on an example setup provding a framework to -demonstrate how CFEngine can be used to automate Open Nebula -configuration. The following assumptions serve as an example and -should be altered to fit your needs: - -@sp 1 - -@itemize - @item - All physical hosts are running Ubnutu, KVM and CFEngine 3. - @item - All physical hosts are on the same network. - @item - The CFEngine policy hub is running on the Open nebula front end. - @item - NFS will be used to share virtual machine images between hosts. -@end itemize - -@sp 1 - -Open nebula requires a single front-end machine and one or more node -controllers. The front end is a management machine that is used to -monitor and issue commands to the node controllers. Node controllers -provide virtual machine resources. The promises that follow -concentrate on the configuration of the front-end and a single -cluster-node. In order to increase the capacity of your private cloud -we can simply classify a new physical machine as another cluster-node. - -@center @image{ONarchitecture,5in,,,png} - -@node Installation and dependancy configuration, NFS config for shared image repository, Example Setup, Top -@unnumberedsec Installation and dependancy configuration - -@sp 1 - -First we can classify the physical machines in this case by IP address: -@sp 1 -@verbatim -classes: - "front_end" or => {"192.168.1.2"}; - "node_controllers" or => {"192.168.1.3"}; -@end verbatim -@sp 1 -@noindent If we want multiple node controllers then we can instead setup an slist variable - IP addresses of intended node controllers. This will allow the -"onehost create" command to execution each new node controller in turn -reducing redundancy in the policy file for example: -@sp 1 -@verbatim -vars: - "node_controller" slist => { "192.168.1.3", "192.168.1.4", "192.168.1.5" }; - -commands: - "/usr/bin/onehost create $(node_controller) im_kvm vmm_kvm tm_nfs", - contain => oneadmin; - - -classes: - - "policy_host" or => { - classmatch(canonify("ipv4_$(node_controller)")), - classmatch(canonify("$(node_controller)")) - }; -@end verbatim -@sp 1 -@noindent To install the dependancies for each physical machine we can define these in a list and use the CFEngine standard library package promises to install them: -@sp 1 -@verbatim -vars: - -"front_end_deps" slist => { - "libcurl3", - "libmysqlclient16", - "libruby1.8", - "libsqlite3-ruby", - "libsqlite3-ruby1.8", - "libxmlrpc-c3", - "libxmlrpc-core-c3", - "mysql-common", - "ruby", - "ruby1.8", - "nfs-kernel-server" - }; -"cluster_node_deps" slist => { - "ruby", - "kvm", - "libvirt-bin", - "ubuntu-vm-builder", - "nfs-client", - "kvm-pxe" - }; -@end verbatim -@sp 1 -@noindent Promises to perform dependency installation: -@sp 1 -@verbatim -packages: - -front_end:: - "$(front_end_deps)" - - comment => "Install open nebula front end dependencies", - package_policy => "add", - package_method => generic, - classes => if_ok("ensure_opennebula_running"); - -node_controller:: - "$(node_controller_deps)" - comment => "Install open nebula node controller dependencies", - package_policy => "add", - package_method => generic; -@end verbatim -@sp 1 -@noindent The additional line in the front end dependancy installation promise, assuming a successful installation, will ensure the Open Nebula daemon is running at all times: -@sp 1 -@verbatim -front_end:: - -ensure_opennebula_running:: - ".*oned.*", - restart_class => "start_oned"; -@end verbatim -@sp 1 -@noindent Resulting in: -@sp 1 -@verbatim -commands: - -start_oned:: - "/usr/bin/one start", - comment => "Execute the opennebula daemon", - contain => oneadmin; -@end verbatim -@sp 1 -@noindent Since we will be using Open Nebula version 2 we must manually supply the package: -@sp 1 -@verbatim -commands: - -front_end.!opennebula_installed:: - "/usr/bin/dpkg -i /root/opennebula_2.0-1_i386.deb", - comment => "install opennebula package if it isnt already"; -@end verbatim -@sp 1 -@noindent This promise points to the Open Nebula package file in /root/. To prevent repeated installation we can do a check to see if Open Nebula has already been installed by classifying a successful installation as having the oned.conf file in existence: -@sp 1 -@verbatim -classes: - - "opennebula_installed" or => {fileexists("/etc/one/oned.conf")}; -@end verbatim -@sp 1 -@noindent Open nebula requires a privileged user "oneadmin" to issue commands. In order to have CFEngine perform these commands with the correct privileges we can use the contain body by appending the following to commands promises: -@sp 1 -@verbatim - contain => oneadmin -@end verbatim -@sp 1 -@noindent This will in turn apply owner and group permissions of the oneadmin user: - -@verbatim -body contain oneadmin -{ -exec_owner => "oneadmin"; -exec_group => "oneadmin"; -} -@end verbatim - -@node NFS config for shared image repository, Open Nebula environment configuration, Installation and dependancy configuration, Top -@unnumberedsec NFS config for shared image repository - -@sp 1 - -If not present append the NFS export directory stored in the corresponding variable (including a new line): -@verbatim - -vars: - -"nfs_export_dir" - - slist => - { - "/var/lib/one 192.168.1.2/255.255.255.0(rw,sync,no_subtree_check)", - "" - }; - -files: - -"/etc/exports", - edit_line => append_if_no_lines($(nfs_export_dir)), - comment => "export nfs image repo"; -@end verbatim -To ensure the NFS service remains available: -@verbatim -processes: - -ensure_nfs_running:: - ".*nfsd.*", - restart_class => "start_nfs"; -@end verbatim -If this is found to be false then we classify: -@verbatim -start_nfs:: - "service nfs-kernel-server restart", - comment => "restart nfs"; -@end verbatim -@noindent In order to ensure the share is mounted on all node controllers we can use the NFS promise: - -@verbatim -storage: - -cluster_node:: -"/var/lib/one", - mount => nfs("192.168.1.2","/var/lib/one"), - comment => "mount image repo from front end"; -@end verbatim -Next we will create a directory to hold our virtual machine images: -@verbatim -"/var/lib/one/images/.", - comment => "create dir in image repo share", - perms => mog("644", "oneadmin", "oneadmin"), - create => "true"; -@end verbatim - -@node Open Nebula environment configuration, Network configuration, NFS config for shared image repository, Top -@unnumberedsec Open Nebula environment configuration - -Create the oneadmin bashrc file containing the ONE_XMLRPC environment variable with appropriate permissions: -@verbatim -files: - front_end:: - "/var/lib/one/.bashrc" - comment => "setup oneadmin env", - perms => mog("644", "oneadmin", "oneadmin"), - create => "true", - edit_line => append_if_no_line( - "export ONE_XMLRPC=http://localhost:2633/RPC2"); -@end verbatim -We also need to create the one_auth file: -@verbatim -files: - front_end:: - "/var/lib/one/.one/one_auth", - comment => "create open nebula auth file", - perms => mog("644", "oneadmin", "oneadmin"), - create => "true", - edit_line => append_if_no_line("username:password"); -@end verbatim -Finally password-less authentication for the oneadmin user: - -Add key to autorized_keys file: -@verbatim -files: - front_end:: - "/var/lib/one/.ssh/authorized_keys", - comment => "copy sshkey to authorized", - perms => mog("644", "oneadmin", "oneadmin"), - copy_from => local_cp("/var/lib/one/.ssh/id_rsa.pub"); -@end verbatim -Disable known hosts prompt: -@verbatim -front_end:: -"/var/lib/one/.ssh/config", - comment => "disable strict host key checking", - perms => mog("644", "oneadmin", "oneadmin"), - create => "true", - edit_line => append_if_no_line("Host * - StrictHostKeyChecking no"); -@end verbatim -Now on the node controller(s) we need to add the oneadmin group and -user with the same uid and gid as the front end and add the oneadmin -user to the libvertd group: -@verbatim -files: - node_controller:: - "/etc/passwd", - comment => "add oneadmin user to node controller", - edit_line => append_if_no_line("oneadmin:x:999:999::/srv/cloud/one:/bin/bash"); - - "/etc/group", - comment => "add oneadmin group to node controller", - edit_line => append_if_no_line("oneadmin:x:999:"); - - "/etc/group", - comment =>"add oneadmin to libvirtd group", - edit_line => append_user_field("libvirtd","4","oneadmin"); -@end verbatim -Now that the user environment is configured we can register our node controller with the front end: -@verbatim -files: - front_end:: - "/usr/bin/onehost create 192.168.1.2 im_kvm vmm_kvm tm_nfs", - contain => oneadmin; -@end verbatim -@node Network configuration, Virtual machine template configuration, Open Nebula environment configuration, Top -@unnumberedsec Network configuration - -Before we can create virtual networks we must configure our node controller interfaces. In this example we will bridge a virtual interface (vbr0) with eth0. First we define the contents of the interfaces file in a variable: -@verbatim -vars: -"interfaces_contents" slist => { - "auto lo", - "iface lo inet loopback", - "auto vbr0", - "iface vbr0 inet static", - "address 192.168.1.2", - "netmask 255.255.255.0", - "network 192.168.1.0", - "broadcast 192.168.1.255", - "gateway 192.168.1.1", - "dns-nameservers 192.168.1.1", - "bridge_ports eth0", - "bridge_stp off", - "bridge_maxwait 0", - "bridge_fd 0" - }; -@end verbatim -@noindent Next we edit the interfaces file to include our new settings: -@verbatim -files: -node_controller:: -"/etc/network/interfaces", - comment => "ensure bridge for open nebula vm networks", - edit_line => append_if_no_lines($(interfaces_contents)), - create => "true", - perms => mog("644", "root", "root"); -@end verbatim -And restart networking: -@verbatim -commands: - restart_networking:: - - "/etc/init.d/networking restart", - comment => "restart networking"; -@end verbatim -Now we have configured the network bridge we can create an Open Nebula -virtual network file and submit it to the system. The contents of the -virtual network template file could be defined as a variable as we -have seen before but in this case it is passed as a parameter to the -append promise body: -@verbatim -"/var/lib/one/network.template", - comment => "create lan template", - create => "true", - perms => mog("644", "oneadmin", "oneadmin"), - edit_line => append_if_no_line("NAME = \"VM LAN\" -TYPE = FIXED -BRIDGE = vbr0 -LEASES = [IP=192.168.1.100]"); -@end verbatim -The network template only deals with fixed ip addresses and provides only one lease. Obviously this should be altered to suite your requirements. Now we have a template we can register it with open nebula: -@verbatim -commands: - front_end:: - "/usr/bin/onevnet create /var/lib/one/network.template", - contain => oneadmin; - -@end verbatim - -@node Virtual machine template configuration, Open Nebula Commands, Network configuration, Top -@unnumberedsec Virtual machine template configuration - -@noindent This follows the same pattern as virtual network setup. First we create the template file: -@verbatim -files: - - "/var/lib/one/vm.template", - comment => "create vm template", - create => "true", - perms => mog("644", "oneadmin", "oneadmin"), - edit_line => append_if_no_line("NAME = ubuntu-10.04-i386 -CPU = 0.1 -MEMORY = 256 -DISK = [ - source = \"/var/lib/one/images/open_nebula.img\", - target = \"vda\", - readonly = \"no\" ] -DISK = [ - type = \"swap\", - size = 1024, - target = \"vdb\"] - -NIC = [ NETWORK = \"VM LAN\" ] -INPUT = [ TYPE = \"mouse\", BUS = \"ps2\" ] -GRAPHICS = [TYPE = \"vnc\", LISTEN = \"localhost\", PORT = 5910] -"); -@end verbatim -@noindent Now we can launch the virtual machine defined in its template file: -@verbatim -commands: - front_end:: - "/usr/bin/onevm create /var/lib/one/vm.template", - contain => oneadmin; -@end verbatim -@noindent If we increase the leases in our network template each time the onevm create command is issued a new virtual machine will be launched up to the number of available leases. - -@node Open Nebula Commands, Virtual machine configuration, Virtual machine template configuration, Top -@unnumberedsec Open Nebula Commands - -It should be noted that commands, particularly those that are Open -Nebula specific, will be run each time cf-agent is executed. Since this -goes against the idea of convergence it is necessary to add some -additional classification. One method is to create a 'stamp' file -after a particular command is successfully executed. If this file -exists then (or if its time stamp is older/newer than some value) the -machines classified as having to run the command loose that class -preventing future execution. - -@node Virtual machine configuration, Open Nebula Summary, Open Nebula Commands, Top -@unnumberedsec Virtual machine configuration - -With CFEngine preinstalled in our virtual machine image we can -configure our generic image to the required specification on the -fly. For community edition we will need to exchange keys and define -access rules to the virtual machine can collect the policy files. with -CFEngine nova this step is even simpler as we can set a start up -script to issue the bootstrap command so the new vm automatically -registers with the policy hub. - -Once registration is complete we can define a new class based on the -ip of our virtual machine. In this example that is 192.168.1.100 so we -can create a class with a meaningful name: -@verbatim -"webserver" or => {"192_168_1_100"}; -@end verbatim -@noindent Now we have define webserver we can simply apply promises to it as if it was any other machine for example: - -@menu -* Webserver in Open Nebula:: -@end menu - -@node Webserver in Open Nebula, , Virtual machine configuration, Virtual machine configuration -@unnumberedsubsec Webserver in Open Nebula - -First we install apache: - -@verbatim -packages: - webserver:: - - "apache2", - comment => "install apache2 on webserver vm", - package_policy => "add", - package_method => generic, - classes => if_ok("ensure_apache_running"); -@end verbatim -@noindent Next we ensure it is running -@verbatim -processes: - ensure_apache_running:: - - ".*apache2.*" - restart_class => "start_apache"; -@end verbatim -@noindent If not, the service is restarted -@verbatim -commands: - start_apache:: - - "/etc/init.d/apache2 restart"; -@end verbatim -@noindent Finally we can copy some content into the document root on our new virtual webserver: -@verbatim -files: - "/var/www" - - perms => system("744"), - copy_from => uu_scp("/root/webserver_site_files","192.168.1.6"), - depth_search => recurse("inf"), - action => u_immediate; -@end verbatim - -@node Open Nebula Summary, , Virtual machine configuration, Top -@unnumberedsec Open Nebula Summary - -Now we have a convergent self-repairing, Open Nebula powered private -cloud! The main benefits in combining CFEngine and Open Nebula are the -facility to increase infrastructure capacity just by connecting a new -node controller to the network, and then allowing CFEngine to -configure and maintain it over time. Finally, there is the hands-free -configuration of generic virtual machine images to an arbitrary -specification, without touching the virtual -machine itself. - -There is a vast array of configuration options and choices to be made -in an Open Nebula setup, as with CFEngine. This flexibility is one of -its strengths. This guide demonstrates only a small subset of possible -configuration choices aiming to provide a starting point for more -comprehensive setups. - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Packages.texinfo b/docs/guides/SpecialTopic_Packages.texinfo deleted file mode 100644 index 71e5b26db1..0000000000 --- a/docs/guides/SpecialTopic_Packages.texinfo +++ /dev/null @@ -1,559 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-packages.info -@settitle Package Management -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Package Management -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine interfaces with operating system package management systems -to offer best-effort convergent maintenance of software packages. -Package management can be subtle, due to the diverse behaviours of -different package managers. -@end quotation -@end cartouche - -@vskip 2cm - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What is package management?, (dir), (dir) -@top Package management - -@menu -* What is package management?:: -* Strengths and weaknesses of package management:: -* What does CFEngine bring to package management?:: -* Package promises:: -* How CFEngine compares package versions:: -* Example package promises:: -* Package management next steps:: -@end menu - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is package management?, Strengths and weaknesses of package management, Top, Top -@unnumberedsec What is package management? -@sp 1 -Package management is about managing software inventory. It includes -ensuring that software is installed on computers, and in the correct -versions. It includes patching and upgrading. Each operating system generally -has its own approved package manager and software source. Usually this -is supplied by the operating system provider. - -Some package managers allow users to create their own software -packages providing a uniform way of deploying software to systems. -Packaging software is common on GNU/Linux, where well-known package formats include RPM -and deb. - - -@node Strengths and weaknesses of package management, What does CFEngine bring to package management?, What is package management?, Top -@unnumberedsec Strengths and weaknesses of package management -@sp 1 - -Packages were introduced to bring a rational approach to handling software dependencies. -By dividing up applications and libraries into packages, one can share code efficiently -and assign the responsibility of updating and versioning to different maintainers. - -Package management is not a substitute for configuration -management. It only delivers preconfigured files into a specific -location. Packaged software cannot be customized to local needs -without post-installation adaptation. - - -@node What does CFEngine bring to package management?, Package promises, Strengths and weaknesses of package management, Top -@unnumberedsec What does CFEngine bring to package management? -@sp 1 - -CFEngine does not try to fight against package mangers, but rather -work with them. CFEngine integrates the idea of convergent -maintenance with package installation, so that one can be certain -of maintaining a desired state. - -Package managers do not usually have the -intelligence to be able to verify the actual state of software -configuration. Rather they assume that once a package is installed, -it will remain in a good state until an update is required. - -If one reinstalls a package, changes get blown away in favour of the -original matrix. Package installation is thus a `destructive' -installation mechanism. It overwrites whatever currently exists with a -prefabricated (and therefore approximate) version of what you -need. For generic software this is exactly what is required. However, -for complex software such as web services, this is entirely -insufficient to result in a working system. - -CFEngine brings convergent methods to package management, and allows surgically -precise customizations to be applied and maintained even after multiple -package upgrades. - - - -@node Package promises, How CFEngine compares package versions, What does CFEngine bring to package management?, Top -@unnumberedsec Package promises -@sp 1 - -To manage software, you write @code{packages} promises, analogous to any other kind of -promise in CFEngine. It makes sense to use lists to install packages if you -don't need to make complex specifications about versions. Keep it simple and -package management will be a simple matter. - -@cartouche -@verbatim - vars: - "match_package" slist => { - "apache2", - "apache2-mod_php5", - "apache2-prefork", - "php5" - }; - packages: - - "$(match_package)" - package_policy => "add", - package_method => yum; - -@end verbatim -@end cartouche - -Many users elect to install a basic `stem cell' image for all machines -in their environment, and then customize each machine to a specific -purpose by adding or subtracting packages from this stem cell starting -state. CFEngine can be used together with other tools like -@code{Cobbler} or @code{rPath} to accomplish this in a comfortable way -in your environment. If you are working in the cloud, this is the -default approach to management. You begin from a basic image and then -customize it by either hardening or extending the software inventory. - -@node How CFEngine compares package versions, Example package promises, Package promises, Top -@unnumberedsec How CFEngine compares package versions -@sp 1 - -Cfengine uses a model for packages that is generic enough to support all the known -package managers. It classifies packages into - -@table @i -@item Name -The name of the packet is usually the name of the software itself, e.g. @samp{cfengine}. -@item Version -Versions of a particular piece of software are described in wildly -different ways, causing a lot of confusion. For instance, a common -model is to use major version number, minor version number and patch -release number, e.g. 3.1.5. However, many maintainers slap on their -own additions, such as 3.1.5-2 or 3.1.5-2.el5. Because these models -are operating system, software and release specific, you have to know -the versioning numbers used on your operating systems and refer to -them properly. CFEngine cannot reliabily guess these things for you. - -@item Architecture -The architecture describes the hardware platform for execution, e.g. -@samp{x86_64} or @samp{i586}. This is important when package managers -store multiple architectures in the same repository. -@end table - - - -@node Example package promises, Package management next steps, How CFEngine compares package versions, Top -@unnumberedsec Example package promises -@sp 1 - -Let's look at some example cases to explain the behaviour of the interaction between CFEngine and -the package managers. - - - -@menu -* Install latest package version example:: -* Install specific package version example:: -* Uprading to a newer package version example:: -@end menu - -@node Install latest package version example, Install specific package version example, Example package promises, Example package promises -@unnumberedsubsec Install latest package version example -@sp 1 - - -Suppose there is a older version of @code{wget} installed on your machine. -@cartouche -@verbatim -redhat$ rpm -q wget -wget-1.10.2-7.el5 -@end verbatim -@end cartouche -@sp 1 -@noindent Now suppose you'd like to upgrade the package to the latest version available in a repository by using @code{yum}. -We make a promise such the following; -@verbatim -bundle agent test001 -{ - packages: - redhat:: - "wget" - package_policy => "addupdate", - package_method => yum, - package_select => ">=", - package_version => "1.11.4-2.el5_4.1", - package_architectures => { "x86_64" }; - -} -@end verbatim -@sp 1 -@noindent Now run this bundle: -@cartouche -@verbatim -redhat$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -redhat$ rpm -q wget -wget-1.11.4-2.el5_4.1 -@end verbatim -@end cartouche -@sp 1 -@noindent If there is no @code{wget} installed, CFE will install the lastest one for you. -@verbatim -redhat$ rpm -e wget -redhat$ rpm -q wget -package wget is not installed -redhat$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K -redhat$ rpm -q wget -wget-1.11.4-2.el5_4.1 -@end verbatim - -@node Install specific package version example, Uprading to a newer package version example, Install latest package version example, Example package promises -@unnumberedsubsec Install specific package version example -@sp 1 - -To install a specific version, we can just adapt the promise. -This example will use RPM as the YUM repository doesn't support multi-version packages. -@verbatim -bundle agent test002 -{ - packages: - redhat:: - "wget" - package_policy => "addupdate", - package_method => rpm_version("/root"), - package_select => "==", - package_version => "1.10.2-7.el5", - package_architectures => { "x86_64" }; - -} -@end verbatim -@sp 1 -@noindent Now see before and after: -@cartouche -@verbatim -redhat$ ls -l /root --rw-r--r-- 1 root root 595422 Apr 4 2007 wget-1.10.2-7.el5.x86_64.rpm --rw-r--r-- 1 root root 596335 Nov 5 2009 wget-1.11.4-2.el5_4.1.x86_64.rpm - -redhat$ rpm -q wget -package wget is not installed - -redhat$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -redhat$ rpm -q wget -wget-1.10.2-7.el5 -@end verbatim -@end cartouche -@sp 1 -@noindent To upgrade the package to a newer version, just change @samp{package_version} to a version you'd like; -@verbatim -bundle agent test003 -{ - packages: - redhat:: - "wget" - package_policy => "addupdate", - package_method => rpm_version("/root"), - package_select => "==", - package_version => "1.11.4-2.el5_4.1", - package_architectures => { "x86_64" }; - -} -@end verbatim -@sp 1 -@noindent Now see the result: -@cartouche -@verbatim -redhat$ rpm -q wget -wget-1.10.2-7.el5 - -redhat$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -redhat$ rpm -q wget -wget-1.11.4-2.el5_4.1 -@end verbatim -@end cartouche - -@sp 1 -@noindent Here is an example for Ubuntu, which supports both the APT and DPKG interfaces. - -@verbatim -bundle agent test004 -{ - packages: - ubuntu:: - "wget" - package_policy => "addupdate", - package_method => apt, - package_select => ">=", - package_version => "1.12-1.1ubuntu2.1", - package_architectures => { "*" }; -} -@end verbatim -@sp 1 -@noindent Before and after: -@cartouche -@verbatim -ubuntu$ dpkg -l | grep wget -ii wget 1.10.2-3ubuntu1.2 retrieves files from the web - -ubuntu$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -ubuntu$ dpkg -l | grep wget -ii wget 1.12-1.1ubuntu2.1 retrieves files from the web -@end verbatim -@end cartouche -@sp 1 -@noindent Similarly, we can use the "dpkg" interface to install specific version of the software. - -@verbatim -bundle agent test005 -{ - packages: - ubuntu:: - "wget" - package_policy => "addupdate", - package_method => dpkg("/root"), - package_select => "==", - package_version => "1.10.2-3ubuntu1.2", - package_architectures => { "*" }; -} -@end verbatim -@sp 1 -@noindent Before and after: -@cartouche -@verbatim -ubuntu$ dpkg -l | grep wget - -ubuntu$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -ubuntu$ dpkg -l | grep wget -ii wget 1.10.2-3ubuntu1.2 retrieves files from the web -@end verbatim -@end cartouche -@node Uprading to a newer package version example, , Install specific package version example, Example package promises -@unnumberedsubsec Uprading to a newer package version example -@sp 1 - - -To upgrade to a newer version of apackage, we simply assign a newer version to package_version -and change the policy to include updating. -@verbatim -bundle agent test006 -{ - packages: - ubuntu:: - "wget" - package_policy => "addupdate", - package_method => dpkg("/root"), - package_select => "==", - package_version => "1.12-1.1ubuntu2.1", - package_architectures => { "*" }; -} -@end verbatim -@sp 1 -@noindent Before and after the keeping of this promise: -@cartouche -@verbatim -ubuntu$ dpkg -l | grep wget -ii wget 1.10.2-3ubuntu1.2 retrieves files from the web -ubuntu$ cf-agent -f /tmp/test.cf -K -ubuntu$ dpkg -l | grep wget -ii wget 1.12-1.1ubuntu2.1 retrieves files from the web -@end verbatim -@end cartouche -@sp 1 -@noindent Here is an example using the @code{zypper} package manager: -@verbatim -bundle agent test007 -{ - packages: - SuSE:: - "tcpdump" - package_policy => "addupdate", - package_method => zypper, - package_select => ">=", - package_version => "4.1.1-1.11", - package_architectures => { "x86_64" }; -} -@end verbatim -@sp 1 -@noindent Before and after running the agent: -@cartouche -@verbatim -suse$ rpm -q tcpdump -tcpdump-4.0.0-2.1.x86_64 - -suse$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -suse$ rpm -q tcpdump -tcpdump-4.1.1-1.11.x86_64 -@end verbatim -@end cartouche -@sp 1 -@noindent Finally, since SuSE uses RPM as a native format so we can use @samp{package_method rpm()} from above. -@verbatim -bundle agent test008 -{ - packages: - SuSE:: - "tcpdump" - package_policy => "addupdate", - package_method => rpm_version("/root"), - package_select => "==", - package_version => "4.0.0-2.1", - package_architectures => { "x86_64" }; -} -@end verbatim -@cartouche -@verbatim -suse$ ls -l /root --rw-r--r-- 1 root root 571158 2009-10-19 20:36 tcpdump-4.0.0-2.1.x86_64.rpm --rw-r--r-- 1 root root 318279 2010-07-05 23:37 tcpdump-4.1.1-1.11.x86_64.rpm - -suse$ rpm -q tcpdump -package tcpdump is not installed - -suse$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -suse$ rpm -q tcpdump -tcpdump-4.0.0-2.1.x86_64 -@end verbatim -@end cartouche -@sp 1 -@noindent Changing to a new version: -@verbatim -bundle agent test009 -{ - packages: - SuSE:: - "tcpdump" - package_policy => "addupdate", - package_method => rpm_version("/root"), - package_select => "==", - package_version => "4.1.1-1.11", - package_architectures => { "x86_64" }; -} -@end verbatim -@sp 1 - -@noindent Before and after: -@cartouche -@verbatim -suse$ rpm -q tcpdump -tcpdump-4.0.0-2.1.x86_64 - -suse$ /var/cfengine/bin/cf-agent -f /tmp/test.cf -K - -suse$ rpm -q tcpdump -tcpdump-4.1.1-1.11.x86_64 -@end verbatim -@end cartouche - - - -@node Package management next steps, , Example package promises, Top -@unnumberedsec Package management next steps - -The CFEngine standard library contains package manager methods for all -major operating systems and managers. Check out the reference -documentation too to learn about extended features of package -integration. Visit also the community forum to hear about reach -experiences. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_RBAC.texinfo b/docs/guides/SpecialTopic_RBAC.texinfo deleted file mode 100644 index 55ee2b7f02..0000000000 --- a/docs/guides/SpecialTopic_RBAC.texinfo +++ /dev/null @@ -1,679 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-rbac.info -@settitle Role Based Access Control and CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Role Based Access Control and CFEngine -@subtitle A CFEngine Special Topics Handbook -@author CFEngine - - -@page - -@cartouche -@quotation -Role Based Access Control (RBAC) is a well known paradigm for granting -privileged access to remote command systems. The paradigm of RBAC does -not apply directly to CFEngine because CFEngine is an autonomous -system that does not grant change privileges to external -users. Role-based read-privileges can be granted through the CFEngine -Nova Mission portal. - -This document is aimed at security experts who are trying to -understand transference of privilege in a CFEngine managed system. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - - -@node Top, What is Role Based Access Control?, (dir), (dir) -@top RBAC -@menu -* What is Role Based Access Control?:: -* The risks of RBAC:: -* CFEngine's approach to privilege:: -* The chain of privilege in CFEngine:: -* The role of centralized push and pull in RBAC:: -* No need for any centralization in CFEngine:: -* The risk from centralized trusted hosts:: -* The Policy Dispatch Point:: -* The right to edit and publish policy:: -* The bowtie process:: -* Granting the right to switch on special pre-defined policies:: -@end menu - - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is Role Based Access Control?, The risks of RBAC, Top, Top -@unnumberedsec What is Role Based Access Control? - -Role Based Access Control (RBAC) describes a set of promises made by a host -to grant privileged access to the system. In this regard, RBAC is no -different from any other form of access control, however, it is -normally used to grant the privilege to execute certain commands that -make changes to the system -- thus it involves @i{write} or @i{change} -privilege. - -The term @i{role}-based is used because users are often classified -into managerial roles that are each assigned different levels of privilege -with regard to the kind of tasks they need to perform. - -Role Based Access Control is used when remote users request access to -a privileged service from some kind of service-agent running on a host. -For example, the password on the Unix root account is a simple RBAC system where -access is granted to execute any command with unlimited privilege, to -any user who knows the root password. - -@sp 1 -@center @image{rbac,10cm} -@sp 1 -@center RBAC is about remote action privilege -@sp 1 - - -@node The risks of RBAC, CFEngine's approach to privilege, What is Role Based Access Control?, Top -@unnumberedsec The risks of RBAC - -Granting privilege to execute commands has obvious risks. The -implementation of restricted access is usually handled in one of a -number of different ways. The term RBAC does not explain, in itself, -which of these models will be used. - -Two common alternatives may be distinguished: - -@table @i -@item Arbitrary commands may be executed by privileged individuals (trusted user model). - -This is a high risk privilege granting system, where arbitrary change privileges are granted to -users. - -@item Pre-defined privileged operations may be made accessible to certain individuals/roles (Clark-Wilson model). - -This is a lower risk system, where users are only allowed privilege while executing very specific -pre-defined activities (e.g. the right to initiate a backup). - -@end table - -@node CFEngine's approach to privilege, The chain of privilege in CFEngine, The risks of RBAC, Top -@unnumberedsec CFEngine's approach to privilege - - -CFEngine handles privileged access somewhat differently. To see why, it is important -to understand what CFEngine is not: -@itemize -@item CFEngine is not a service agent that grants remote change access to systems. -@item CFEngine is not a remote-control for system operations@footnote{Many provisioning and management systems are indeed -effectively remote execution agents and thus RBAC is more relevant to them.}. -@end itemize -CFEngine is intended for autonomous hands-free operation, and thus the -issue of remote access almost never arises directly. -In CFEngine it is expressly forbidden for a -part of CFEngine to receive commands from external parties. In a -limited sense, CFEngine can be configured to listen for requests for -classes that label the context for extraordinary, predefined -policies; these can then be activated by certain users (@code{roles} -promises), providing a version of the second form of RBAC above. We shall return to this -below. - -@cartouche -By design it is not possible to send instructions to CFEngine that have -not been pre-approved by the host administrator and promised as -policy. Ultimately the local host administrator can veto any proposals -for change in any configuration system (e.g. by unplugging the network). - -In CFEngine this is made a central tenet of the management model. -@end cartouche - -From a security perspective, the elimination of remote command access -presents a huge simplification to security, without loss of -functionality. The risk of executing privileged commands on the system is -exchanged for a right to submit policy changes. Thus the access control -becomes a matter of @i{who is allowed to approve policy for dissemination} to the system. - -@node The chain of privilege in CFEngine, The role of centralized push and pull in RBAC, CFEngine's approach to privilege, Top -@unnumberedsec The chain of privilege in CFEngine - -Even though CFEngine is not in the business of granting privilege for command execution, there -are security implications to using CFEngine and thus we should -examine the chain of influence from user to host to understand the implications. - -In normal usage, users work as follows: - -@itemize -@item A user edits a CFEngine input file. -@item The input file determines a promise proposal, or template for policy. -@item Someone publishes the policy for dissemination to interested parties. -@item Interested parties (hosts running CFEngine) may choose to download these new propsals -from trusted sources. These sources are defined in the existing policy which may always -be vetoed by a local administrator. - -@item CFEngine will execute the new policies with the maximum privilege granted to it. -This privilege can be altered: -@itemize -@item By virtue of the privilege with the CFEngine itself runs. -@item By the privilege accorded to a promise as a matter of its own policy. -@end itemize -@end itemize -When planning for the security of system changes, one should assume that any promise -written in a CFEngine policy will be enforced with maximum privilege. - -@node The role of centralized push and pull in RBAC, No need for any centralization in CFEngine, The chain of privilege in CFEngine, Top -@unnumberedsec The role of centralized push and pull in RBAC - -Centralization is a strategy of collecting resources into a single location. A central resource -often becomes authoritative for a collection of hosts. Centralization has -positive and negative aspects - -@itemize -@item As a single point of direction, it simplifies the coordination of multiple agents (like a conductor in an orchestra). -@item It can be a single point of failure, and a bottleneck for operations. Becauses centralization concentrates effort, -brute force must be used by a hub when scaling to many hosts around a centralized strategy. -@end itemize - -@sp 1 -@cartouche -In terms of privilege, the implications of centralization are significantly -different for @i{push} and @i{pull} based systems (see the figures below). -@end cartouche -@sp 1 - -Let us first consider the general problem, without reference to CFEngine. -@sp 1 -@center @image{central_push,9cm} -@center Pushing out requires distributed RBAC control (read/write). -@sp 1 -A @i{push} is defined to be either -@itemize -@item The involuntary transmission of data to hosts -from a hub, or -@item The remote execution of commands from the hub to the hosts. -@end itemize -We see easily from the figures below that configuration of adequate access control -requires access control configuration to be implemented on every managed host. -If the hosts require different levels of access in different zones, for instance, -this requires a distributed configuration control of the RBAC system itself across -the affected hosts. There is thus a burden to setting up RBAC. - -@cartouche -One configures a system for a @i{push} -system just as one configures a system against attack from outside. In configuration -terms, push is indistinguishable from an attack. -@end cartouche - -Pull-based management is fundamentally different. In a pull model, hosts -download public information (their policy) from a trusted source. -@sp 1 -@center @image{central_pull,10cm} -@center Pulling updates requires only centralized RBAC control for change, -@center but not for the update itself (read only). -@sp 1 -There is no need for access control on the hosts anymore, since they -are only reading information voluntarily. They may simply reject all attempts -to send them data, in favour of their voluntary decision to download -updates. - -Moving from push to pull-based configuration simplifies the number -of independent points of configuration from @math{N} to 1, and the location -of access control information is simplified from @math{N} separate models -to a single model at the hub. The hub can decide which hosts -will have access to which policy proposals, so there is no loss -of privacy: the security model's definition is fully centralized (single point of definition for consistency). - -@cartouche -@itemize -@item Push-based approaches have centralized execution, but distributed RBAC configuration of the management setting. -Multiple, inconsistent pushes from different hubs can even lead to distributed inconsistency that cannot be detected from -any single location. - -@item Pull-based approaches have distributed execution, but a single point of security configuration. -Inconsistent pulls are impossible, as there is a single point of definition. -@end itemize -@end cartouche -At CFEngine, we strongly believe that pull-based systems are superior -for most purposes, because pull's distributed operation reduces the -risk of the bottleneck, while the centralized definition of access -rights reduces the risk of error. - -In all further sections, we assume CFEngine's pull-based model. - - - -@node No need for any centralization in CFEngine, The risk from centralized trusted hosts, The role of centralized push and pull in RBAC, Top -@unnumberedsec No need for any centralization in CFEngine - -Before continuing, it is important to emphasize that CFEngine has no -technological @i{need} for centralization. The decision to centralize -management is a policy decision. Every host can, if desired, be configured as an -independent device, with its own policy, making no contact with any -external host. CFEngine is thus ideal for embedded systems and -environments with partial connectivity, such as ships and submarines. -Nevertheless, centralized management is often chosen for its simple -coordination of decision making. What is important to realize is that -centralized decision-making is a convenient fiction for managers -- -no remote party can truly decide the state of a host. - -@cartouche -The owner of a machine always has the privilege to make changes to it. -Push-based models of management that pretend to control hosts absolutely -are simply misleading, as they exist by the good grace of end systems. -@end cartouche - -In the remainder of this Special Topics Guide, we shall assume the -common model of centralized management, because that is the -context in which RBAC is relevant. - - - -@node The risk from centralized trusted hosts, The Policy Dispatch Point, No need for any centralization in CFEngine, Top -@unnumberedsec The risk from centralized trusted hosts - -Centralization has implications for risk@footnote{A single point of -definition could also be a single point of failure. In CFEngine, a -central policy hub is not a point of failure, because each agent -caches all the resources it needs to maintain systems according to its -current model. At worst, the loss of a hub would mean a delay to -updates.}. Gaining malicious control of a trusted source could have a -significant impact on all the hosts that subscribe to updates from it. - -The risk, in this case, is precisely the same as that for a push-based system that executes -certain commands. However, the task of defending a single trusted -host is (at least psychologically) simpler than that of defending all -the hosts in the network@footnote{User who are adept at automated -configuration might disagree, as automation makes it easy to harden -all hosts equally well. Network policies such as firewalls, etc, are -however, simpler to manage for a single host.}. - -The risk of propagating a bad change (i.e. an unfortunate mistake) is also no -different between push and pull. A bad decision is simply a bad -decision. The antidote to human errors is to conduct policy reviews, i.e. use -more pairs of eyes, or `dual-key' solutions. - -@cartouche -Centralize the writing of policy, within a local region to obtain -straightforward consistency. Don't overcentralize, or you will oversimplfy. -One size rarely fits all (see the @i{Special Topics Guide on Federation and Organizational Complexity}). -RBAC then becomes an issue of: who should -have the right to edit and publish changes to policy? -@end cartouche - -@node The Policy Dispatch Point, The right to edit and publish policy, The risk from centralized trusted hosts, Top -@unnumberedsec The Policy Dispatch Point - -The burden of security is now localized entirely at the Policy Dispatch Point. -It becomes the responsibility of this `role' (policy dispatcher) to ensure -that the desired state is in fact the one that is promised. This happens -in two practical steps: - -@itemize -@item Editing of an SVN repository of working proposals (access to change respository). -@item Merging of changes into the actual published policy (bowtie process). -@end itemize - -Where the highest levels of paranoia are justified, no host should -receive automatic updates of policy without explicit human inspection -and policy review. This is equivalent to allowing no RBAC privileges. - -@node The right to edit and publish policy, The bowtie process, The Policy Dispatch Point, Top -@unnumberedsec The right to edit and publish policy - -Let's recap' for a moment. The CFEngine agent runs with maximum -system privilege (root/Administrator), and makes its decisions based -on a set of promise proposals that come from some trusted source, -e.g. the owner of the machine, or some central policy decision point. -Once a set of proposals has been published, we simply call these `the policy'. The agent on -each host reads these proposals and picks out those that are relevant -to the current context (`here and now') for each host. The agent then -tries to keep these promises, by making any necessary changes to the -system. For most common usages of CFEngine, the effect is that -anything that is in the published policy is executed with up to -maximum privilege. - -This means the following: - -@table @i -@item Any user who can edit the actual source policy has control over a host. - -The policy should not be writable by any unauthorized user, in any location -where it will be picked up as part of the policy-appoved process for updating -policy@footnote{Note that the decision to collect policy updates from somewhere is -itself a policy decision in CFEngine, so users should always think carefully -about these decisions.}. - -@item Any user who can cause a new version of the policy to be published for immediate use has privileged access. - -RBAC now means limiting access to the files that define policy. - -@item If policy is automatically checked out of a repository, commit access to the respository can give privileged access. - -There should be a process of approval for changes made to policy. This should be a human -process, because ultimately a human must be responsible for publishing a policy. In this situation, RBAC now -consists of granting access to make commits to the repository. - -@end table - -The conclusion of this section is that only a small number of highly trusted individuals -should be able to alter policy themselves. - - - -Distributed coordination. RBAC is a poor tool for delegating tasks alone, because if multiple -individuals with access rights are not coordinated in their promises, the result will merely be -a conflict. - -@node The bowtie process, Granting the right to switch on special pre-defined policies, The right to edit and publish policy, Top -@unnumberedsec The bowtie process - -Promise theory allows us to model the collaborative security -implications of this (see the figure of the bow-tie structure). A -simple method of delegating is the following. - -@enumerate -@item Delegate responsibility for different issues to admin teams 1,2,3, etc. -@item Make each of these teams responsible for version control of their own -configuration rules. -@item Make an intermediate agent responsible for collating and vetting the rules, checking for -irregularities and conflicts. This agent must promise to disallow rules by -one team that are the responsibility of another team. The agent could be a -layer of software, but a cheaper and more manageable solution is the make this -another group of one or more humans. - -@item Make the resulting collated configuration version controlled. Publish -approved promises for all hosts to download from a trusted source. - - -@end enumerate - -A review procedure for policy-promises is a good solution if you want -to delegate responsibility for different parts of a policy to -different sources. Human judgement as the `arbiter' is irreplaceable, -but tools can be added to make conflicts easier to detect. - -Promise theory underlines that, if a host or computing device accepts -policy from any source, then it is alone and entirely responsible for -this decision. The ultimate responsibility for the published version -policy is the vetting agent. This creates a shallow hierarchy, but -there is no reason why this formal body could not be comprised of -representatives from the multiple teams. - -The figure below shows how a number of policy authoring teams can work together -safely and securely to write the policy for a number of hosts, by vetting through -a checkpoint, in a classic `bow-tie' formation. - -@image{delegate,15cm,,Delegation of responsibility requires vetting access,png} - - -@node Granting the right to switch on special pre-defined policies, , The bowtie process, Top -@unnumberedsec Granting the right to switch on special pre-defined policies - -CFEngine offers one technological convenience that is relevant to RBAC. -In the Clark-Wilson security model, non-privileged users can be -granted limited privilege to execute predefined commands that are -locked down to specific actions. The Unix @code{ps} and @code{passwd} -commands are examples of this, for example. - -Most users do not need to touch CFEngine at all, because policy is -checked very regularly and promises are enforced with 5 minute -intervals. In other words, for most users, just waiting will fix anny -problem. In some cases, there are extraordinary promises or tasks that -one does not want implemented without human oversight. In that -instance, one places the relevant promises in a context that is not normally -active. Users can then activate those sleeping promises by defining the -context class manually. -@verbatim -bundle agent mybundle -{ -files: - - extraordindary:: - - # ... promises ... -} -@end verbatim -Privileged users who have access to the system do not need RBAC to do this -as they already have all credentials they need, and can achieve the same thing -by running the agent with a defined class, e.g. - -@verbatim - -host# cf-agent -D extraordinary - -@end verbatim -However, it is also possible to grant access to these parts of a CFEngine policy that are normally -switched off by using @code{cf-serverd} to mediate privilege to execute the agent with this class -active. For example, setting: - -@verbatim -bundle server access_rules() -{ -roles: - - # Allow mark - - "extraordinary" authorize => { "mark", "sally" }; -} - -@end verbatim -and running: -@verbatim - -host# cf-runagent -H special_host -D extraordinary - -@end verbatim -would achieve the same effect without granting any rights to change -the policy. - -In this example CFEngine promises to grant permission to users -@samp{mark} and @samp{sally} to remotely activate classes matching the regular -expression @samp{extraordinary} when using the @code{cf-runagent} to -activate CFEngine. In this way one can implement a form of Role Based -Access Control (RBAC) for unprivileged users, provided users do not -have privileged access on the host directly. User identity is based on -trusted CFEngine keys created by the user and exchanged with the -server. - - -@unnumberedsec RBAC-filtered read-access in CFEngine Nova - -CFEngine Nova 2.2.0 introduces Role Based Access Control (RBAC) for all -reports and promises shown in the Mission Portal. This does not cover -access control for making policy changes, but displaying reports. - -RBAC can be globally switched on or off in the Mission Portal settings. - -@unnumberedsec Authentication - -User-authentication is carried out when users log in to the Mission -Portal. This is done by requiring a user name and password, which is -checked against the following possible sources. - -@itemize -@item Internally defined in the Mission Portal -@item LDAP -@item Acitive Directory -@end itemize - -The selection between these options are available in the Mission -Portal settings. - - -@unnumberedsec Authorization - -The information a user is authorized to see is determined from his -role memberships. A user may be member of an arbitrary number of -roles, each which may grant and deny access to certain -information. - -The effective permissions of a user is the cumulative set of -permission granted or denied by his roles, and is used to filter the -information displayed in the following standard way. - -@itemize -@item Create a union of the granted access for the roles. -@item Override with the rules that deny access for the roles. -@item If left unspecified, access is denied. -@end itemize - - -@unnumberedsec Entities filtered - -RBAC is supported on the @emph{host} and @emph{promise bundle} level, -each applying to different parts of the Mission Portal. Both these -entities are atomic with respect to RBAC --- either a user can see -everything they contain, or nothing of it. - -Access to a host is required to see any information about it, e.g. all -its reports (Engineering->Reports), host page, and compliance -category. If a user is not allowed access to a host, the Mission -Portal would look the same as if the host was not bootstrapped to that -hub. - -Information about the running policy is also available in the Mission -Portal, either through the Promise Finder at the Engineering page, or -by clicking a promise handle from one of the reports. The searchable -promises in the Promise Finder and information pages about promises -and bundles are filtered in the same manner as the hosts, but defined -based on promise bundles instead. The Policy Editor is not covered by -RBAC --- access to the policy source repository allows the user to see -the whole policy. Some version control systems can be configured to -only allow users to access sub-directories of the policy, which may -help in this case. - -Note that the host and promise filtering is independent --- no attempt -is made to try to infer which promises a role should have access to -based on the hosts it has access to or vice versa. - - -@unnumberedsec Defining roles - -From the above discussion, we see that a role is defined as reporting -access to a set of hosts and promise bundles from the Mission Portal -and REST API. This does not give any rights with respect to changing -the content or execution of the policy. It should not be confused with -the @code{roles} promise-type that can be used by @code{cf-runagent} -and @code{cf-serverd}. - -In order to scale, both entities are -defined as a set of @emph{regular expressions} to allow and -deny. - -Access to hosts is defined by regular expressions on @emph{classes}, -not the hostname, ip, or any other name. This is done to ensure -maximum scalability. Classes can be arbitrarily defined in the -CFEngine policy language, so this incurs no loss of flexibility, but -ensures distributed computation. - -In contrast to users, a role definition and membership can only be -obtained from the internal Mission Portal database. This means that -any roles must be defined through the Mission Portal web interface, -and can not be obtained from e.g. LDAP at this time. The rationale is -that querying complex LDAP structures for role membership is too -inefficient and error-prone. This may change in future releases, if -requested. Note that the @emph{possible members} of a role can be -obtained from other sources, as described in @samp{Authentication} -above. However, assigning possible members to roles must be done -through the Mission Portal user-interface. - -A sample definition of the role @samp{lob_a} is shown below. - -@center @image{role-define-loba,12cm,,Defining a role,png} - -Only members of the @samp{admin} role has the ability to manipulate -roles and their memberships. - -After defining the role itself, the next step is to make the -designated users members of the role, using the Mission Portal. - - - -@unnumberedsec Limitations - -@itemize - -@item Notes added in the Mission Portal are not filtered: they can be -seen by all users (including notes added to any host page). - -@item The Knowledge Map is only available for members of the -@samp{admin} role when RBAC is switched on. - -@item Running @code{cf-report} from the command-line on the hub will -bypass all RBAC checks. - -@end itemize - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Reporting.texinfo b/docs/guides/SpecialTopic_Reporting.texinfo deleted file mode 100644 index afa2b05a13..0000000000 --- a/docs/guides/SpecialTopic_Reporting.texinfo +++ /dev/null @@ -1,890 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-reporting.info -@settitle Reporting -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Monitoring and Reporting -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -A significant capability of CFEngine Nova over previous versions of -CFEngine is the existence of automated system reporting. CFEngine collects -history, state and change data about computers and ties them together. - -The CFEngine strategy is to replace conventional CMDBs with a more -scalable and flexible approach to information mining over the coming -years. Commercial versions of CFEngine are designed to bring state of -the art methods to the problem of information management for IT -operations. - -Users of CFEngine's Community Edition can use in-built logging and -reporting functions to simulate some aspects of these reports, by applying -simple principles with work and ingenuity. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex - - -@node Top, What are monitoring and reporting?, (dir), (dir) -@top Reporting -@menu -* What are monitoring and reporting?:: -* Should monitoring and configuration be separate?:: -* Reporting in CFEngine:: -* Standard reports in CFEngine:: -* CFEngine output levels:: -* Creating custom reports -- all versions:: -* Including data in reports:: -* Creating custom logs:: -* Redirecting output to logs:: -* Change auditing - the all seeing eye:: -* Cheaper options - tripwires:: -* Commerical edition measurements promises:: -* Hub reporting:: -* Mission Portal access to the hub:: -* Command line access to the hub:: -* Example command hub searches :: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What are monitoring and reporting?, Should monitoring and configuration be separate?, Top, Top -@unnumberedsec What are monitoring and reporting? - -@sp 1 -Monitoring is the sampling of system variables at regular intervals in -order to present an overview of actual changes taking place over time. -Monitoring data are often presented as extensive views of moving-line -time series. Monitoring has the ability to detect anomalous behaviour -by comparing past and present. - -The term @i{reporting} is usually taken to mean the creation of short -summaries of specific system properties suitable for -management. System reports describe both promises about the system, -such as compliance, discovered changes and faults. - -The challenge of both these activities is to compare @i{intended} or -@i{promised}, behaviour with the @i{actual} observed behaviour of the -system. - -@node Should monitoring and configuration be separate?, Reporting in CFEngine, What are monitoring and reporting?, Top -@unnumberedsec Should monitoring and configuration be separate? - -@sp 1 -The traditional view of IT operations is that configuration, -monitoring and reporting are three different things that should not be -joined. Traditionally, all three have been independent centralized -processes. This view has emerged historically, but it has a major -problem. Humans are needed to glue these parts back together. - -Monitoring as an independent activity is inherently non-scalable. -When numbers of hosts grow beyond a few thousands, centralized -monitoring schemes fail to manage the information. Tying configuration -(and therefore repair) to monitoring at the host level is essential -for the effective management of large and distributed data facilities. -CFEngine foresaw this need in 1998, with its Computer Immunology -initiative, and continues to develop this strategy. - -CFEngine's approach is to focus on scalability. The commercial editions -of CFEngine provide what meaningful information they can in a manner that -can be scaled to tens of thousands of machines. - - -@node Reporting in CFEngine, Standard reports in CFEngine, Should monitoring and configuration be separate?, Top -@unnumberedsec Reporting in CFEngine -@sp 1 - -@cartouche -If you have regular reporting needs, we recommend using our commercially supported -version of CFEngine (CFEngine Nova or above), as you will save considerable time -and resources in programming, and you will have access to the latest developments -through the software subscription. -@end cartouche - -No promises made in CFEngine imply automatic aggregation of data to a central -location. In commercial CFEngine versions, e.g. CFEngine Nova, an optimized -aggregation of standardized reports is provided, but the ultimate decision to -aggregate must be yours. - -Monitoring and reporting capabilities in CFEngine depend on the -software version include: - -@itemize -@item @b{Community Edition:} Basic output to file or logs may be customized on a per-promise basis. Users can design their own log and report formats, but data processing and extraction from CFEngine's embedded databases must be scripted by the user. - -@item @b{Nova:} In addition to community features, Nova/Enterprise provides automated extraction of -data from CFEngine's self-learning agents, and the generation of a -standard set of reports in text, HTML or XML formats. Nova summarizes -distributed data and provides simple compression and aggregation of -these summaries. Finally summaries are tied into a knowledge map or -semantic index for browsing by IT operations. Command line tools in -@code{cf-report} are also available for Nova users to browse network-wide data. - -@ignore -@item @b{Constellation:} In addition to Nova features, Constellation performs -additional data extraction from the collected reports. It analyses correlations -and provides reverse look up of system attributes based on searchable expressions. -At this level, CFEngine exceeds other industry CMDB solutions in both reporting -and configuration. -@end ignore - -@end itemize - -@node Standard reports in CFEngine, CFEngine output levels, Reporting in CFEngine, Top -@unnumberedsec Standard reports in CFEngine - -The following list of reports are only available in full in commercial editions of -CFEngine. Some sample reports are provided in the Community Edition. -@table @emph -@item Available patches report -Patches already installed on system if available. -@item Classes report -User defined classes observed on the system -- inventory data. -@item Compliance report -Total summary of host compliance, all promises aggregated over time. -@item File_changes report -Latest observed changes to system files with time discovered. -@item File_diffs report -Latest observed differences to system files, in a simple diff format. -@item Hashes report -File hash values measured (change detection). -@item Installed patches report -Patches not yet installed, but published by vendor if available. -@item Installed software report -Software already installed on system if available. -@item Lastseen report -Time and frequency of communications with peers, host reliability. -@item Micro-audit report -Generated by CFEngine self-auditing. This report is not aggregated. -@item Monitor summary report -Pseudo-real-time measurement of time series data. -@item Performance report -Time cost of verifying system promises. -@item Promise report -Per-promise average compliance report over time. -@item Promises not kept report -Promises that were recently un-kept. -@item Promises repaired report -Promises that were recently kept by repairing system state. -@item Setuid report -Known setuid programs found on system. -@item Variables report -Current variable values expanded on different hosts. -@end table - -@node CFEngine output levels, Creating custom reports -- all versions, Standard reports in CFEngine, Top -@unnumberedsec CFEngine output levels -@sp 1 - -CFEngine's default behaviour is to report to the console (known as -standard output). It's default behaviour is to report nothing except -errors that are judged to be of a critical nature. - -By using CFEngine with the inform flag: -@verbatim -# cf-agent -I -# cf-agent --inform -@end verbatim -@noindent you can alter the default to report on action items (actual changes) -and warnings. - -By using CFEngine with the verbose flag: -@verbatim -# cf-agent -v -# cf-agent --verbose -@end verbatim -@noindent you can alter the default to report all of its thought-processes. -You should not interpret a message that only appears in CFEngine's -verbose mode as an actual error, only as information that might be relevant -to decisions being made by the agent. - -@node Creating custom reports -- all versions, Including data in reports, CFEngine output levels, Top -@unnumberedsec Creating custom reports -- all versions -@sp 1 - -CFEngine allows you to use @code{reports} promises to -make reports of your own. A simple example of this is shown below. - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} - -# - -bundle agent test -{ -reports: - - cfengine_3:: - - "$(sys.date),This is a report" - report_to_file => "/tmp/test_log"; -} - -@end verbatim - - -@noindent We can apply this idea to make more useful custom -reports. In this example, the agent tests for certain software -package and creates a simple HTML file of existing software. - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} - -# - -bundle agent test -{ -vars: - - "software" slist => { "gpg", "zip", "rsync" }; - -classes: - - "no_report" expression => fileexists("/tmp/report.html"); - "have_$(software)" expression => fileexists("/usr/bin/$(software)"); - -reports: - - no_report:: - - " - - Name of this host is: $(sys.host)
- Type of this host is: $(sys.os)
- " - - report_to_file => "/tmp/report.html"; - - # - - " - Host has software $(software)
- " - - ifvarclass => "have_$(software)", - report_to_file => "/tmp/report.html"; - - # - - " - - " - report_to_file => "/tmp/report.html"; - -} -@end verbatim - -@noindent The outcome of this promise is a file called @file{/tmp/report.html} -containing output like this: - -@verbatim - - Name of this host is: atlas
- Type of this host is: linux
- - Host has software gpg
- - Host has software zip
- - Host has software rsync
- - -@end verbatim - -The mechanism shown above, can clearly be used to create a wide -variety of report formats, but it requires a lot of coding and -maintenance by the user. - -@cartouche -CFEngine Nova simplifies this kind of report generation by enabling -and updating many out-of-the-box reports directly from the -@code{cf-report} agent. -@end cartouche - -@node Including data in reports, Creating custom logs, Creating custom reports -- all versions, Top -@unnumberedsec Including data in reports - -CFEngine generates information internally that you might want to use -in reports. For example, the agent @code{cf-agent} -interfaces with the local light-weight monitoring -agent @code{cf-monitord} so that system state can be reported simply: - -@verbatim - -body common control - -{ -bundlesequence => { "report" }; -} - -########################################################### - -bundle agent report - -{ -reports: - - linux:: - - "/etc/passwd except $(const.n)" - - showstate => { "otherprocs", "rootprocs" }; - -} - -@end verbatim - -@noindent A corollary to this is that you can get CFEngine to report -system anomalies. - -@verbatim -reports: - - rootprocs_high_dev2:: - - "RootProc anomaly high 2 dev on $(mon.host) at approx $(mon.env_time) - measured value $(mon.value_rootprocs) - average $(mon.average_rootprocs) pm $(mon.stddev_rootprocs)" - - showstate => { "rootprocs" }; - - entropy_www_in_high&anomaly_hosts.www_in_high_anomaly:: - - "High entropy incoming www anomaly on $(mon.host) at $(mon.env_time) - measured value $(mon.value_www_in) - average $(mon.average_www_in) pm $(mon.stddev_www_in)" - - showstate => { "incoming.www" }; - -@end verbatim - -@noindent This produces standard output of the form: - -@cartouche -@verbatim -R: State of otherprocs peaked at Tue Dec 1 12:12:21 2009 - -R: The peak measured state was q = 98: -R: Frequency: [kjournald] |** (2/98) -R: Frequency: [pdflush] |** (2/98) -R: Frequency: /var/cfengine/bin/cf-execd|** (2/98) -R: Frequency: COMMAND |* (1/98) -R: Frequency: init [5] |* (1/98) -R: Frequency: [kthreadd] |* (1/98) -R: Frequency: [migration/0] |* (1/98) -R: Frequency: [ksoftirqd/0] |* (1/98) -R: Frequency: [events/0] |* (1/98) -R: Frequency: [khelper] |* (1/98) -R: Frequency: [kintegrityd/0] |* (1/98) -@end verbatim -@end cartouche - - - -@noindent Finally, you can quote lines from files in your data -for convenience. - -@verbatim - -body common control - -{ -bundlesequence => { "report" }; -} - -########################################################### - -bundle agent report - -{ -reports: - - linux:: - - "/etc/passwd except $(const.n)" - - printfile => pr("/etc/passwd","5"); - -} - -###################################################################### - -body printfile pr(file,lines) - -{ -file_to_print => "$(file)"; -number_of_lines => "$(lines)"; -} - -@end verbatim - -@noindent This produces output of the form - -@cartouche -@verbatim -R: /etc/passwd except -R: at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash -R: avahi:x:103:105:User for Avahi:/var/run/avahi-daemon:/bin/false -R: beagleindex:x:104:106:User for Beagle indexing:/var/cache/beagle:/bin/bash -R: bin:x:1:1:bin:/bin:/bin/bash -R: daemon:x:2:2:Daemon:/sbin:/bin/bash -@end verbatim -@end cartouche - -@node Creating custom logs, Redirecting output to logs, Including data in reports, Top -@unnumberedsec Creating custom logs -@sp 1 - -Logs can be attached to any promise. In this example, an executed shell command -logs a message to the standard output. CFEngine recognizes the @code{stdout} -filename for Standard Output, in the Unix/C standard manner. - -@verbatim -bundle agent test -{ -commands: - - "/tmp/myjob", - - action => logme("executor"); - -} - -############################################ - -body action logme(x) -{ -log_repaired => "stdout"; -logstring => " -> Started the $(x) (success)"; -} -@end verbatim - -@noindent In this next example, a file creation promise -logs different outcomes (success or failure) to different -log files. - - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} - -bundle agent test -{ -vars: - - "software" slist => { "/root/xyz", "/tmp/xyz" }; - -files: - - "$(software)" - - create => "true", - action => logme("$(software)"); - -} - -# - -body action logme(x) -{ -log_kept => "/tmp/private_keptlog.log"; -log_failed => "/tmp/private_faillog.log"; -log_repaired => "/tmp/private_replog.log"; -log_string => "$(sys.date) $(x) promise status"; -} - -@end verbatim - - -@noindent This generates three different logs with outputs in of the form: - -@cartouche -@verbatim -atlas$ more /tmp/private_keptlog.log -Sun Dec 6 11:58:16 2009 /tmp/xyz promise status -Sun Dec 6 11:58:43 2009 /tmp/xyz promise status -@end verbatim -@end cartouche - - -@node Redirecting output to logs, Change auditing - the all seeing eye, Creating custom logs, Top -@unnumberedsec Redirecting output to logs -@sp 1 - -CFEngine interfaces with the system logging tools in different ways. -Syslog is the default log for Unix-like systems, while the event -logger is the default on Windows. You may choose to copy a fixed -level of CFEngine's standard screen messaging to the system logger -on a per-promise basis. - -@verbatim -body common control -{ -bundlesequence => { "one" }; -} - - -bundle agent one -{ -files: - - "/tmp/xyz" - - create => "true", - action => log; -} - -body action log -{ -log_level => "inform"; -} -@end verbatim - - - - -@node Change auditing - the all seeing eye, Cheaper options - tripwires, Redirecting output to logs, Top -@unnumberedsec Change auditing - the all seeing eye - -@sp 1 - -Total auditing of a system is a surprisingly difficult thing to do, -and it is extremely resource intensive. The followers of an audit -trail are often paranoid by nature and are seldom satisfied with the -level of detail they find. However, the times we really need an audit -are rare, but the cost is ever present. The price of certainty is high. - -@cartouche -Spend a moment considering this: if you want to describe every change -of state that happens on a computer, then you need to remember old -state and compare it to new state. Then you have to record the -differences. So you need more than the entire size of your computer's -normal resources to do this. Your storage efficiency will always be -less than 50% and your processing efficiency will be less than 50% on -every audited item. Is this worth the effort? Perhaps your resources -would be better spent keeping targeted backups and simply rebuilding -contaminated systems. -@end cartouche - -Switch on auditing like this: - -@verbatim -body agent control -{ -auditing => "true"; -} - -@end verbatim - -If you decide to go for full auditing, CFEngine will not collect and -centralize the reports as they will be too large for this to be a -scalable operation. Still, you can view them in a web browser on the -local host, or copy them manually to a suitable location. - -@node Cheaper options - tripwires, Commerical edition measurements promises, Change auditing - the all seeing eye, Top -@unnumberedsec Cheaper options - tripwires - -Doing a change detection scan is a convergent process, but it can -still detect changes and present the data in a compressed format -that is often more convenient than auditing. The result is less precise, -but there is a trade-off between precision and cost. - -To make a change tripwire, you use a @file{files} promise, something like this: - -@verbatim -body common control -{ -bundlesequence => { "testbundle" }; -} -# - -bundle agent testbundle - -{ -files: - - "/home/mark/tmp" -> "me" - changes => scan_files, - depth_search => recurse("inf"); -} - -# library code ... - -body changes scan_files -{ -report_changes => "all"; -update_hashes => "true"; -} - -body depth_search recurse(d) -{ -depth => "$(d)"; -} -@end verbatim - -In CFEngine Nova, reports of the following form are generated when these promises -are kept by the agent: - -@cartouche -@verbatim -Change detected File change -Sat Dec 5 18:27:44 2009 group for /tmp/testfile changed 100 -> 0 -Sat Dec 5 18:27:44 2009 /tmp/testfile -Sat Dec 5 18:20:45 2009 /tmp/testfile -@end verbatim -@end cartouche - -@noindent These reports are generated automatically in CFEngine Nova, -and are integrated into the web browsable knowledge map. Community -edition users have to extract the data and create these themselves. - - -@node Commerical edition measurements promises, Hub reporting, Cheaper options - tripwires, Top -@unnumberedsec Commercial edition measurements promises -@sp 1 - -In commercial versions of CFEngine, you can extract data from the -system in more sophisticated ways from files or pipes, using Perl -Compatible Regular Expressions to match text. The @code{cf-monitord} -agent is responsible for processing measurement promises. - -In this example, we count lines matching a pattern in a file. -You might want to scan a log for instances of a particular -message and trace this number over time. - -@verbatim -bundle monitor watch -{ -measurements: - - "/tmp/file" - - handle => "line_counter", - stream_type => "file", - data_type => "counter", - match_value => scanlines("MYLINE.*"), - history_type => "log"; - -} - -# - -body match_value scanlines(x) -{ -select_line_matching => "^$(x)$"; -} - -@end verbatim - -See the CFEngine Nova documentation for more possibilities of measurement -promises. - - - -@node Hub reporting, Mission Portal access to the hub, Commerical edition measurements promises, Top -@unnumberedsec Hub Reporting - -In the commercial editions of CFEngine much more extensive and searchable -reporting is available. - - - -@node Mission Portal access to the hub, Command line access to the hub, Hub reporting, Top -@unnumberedsec Mission Portal access to the hub - -The preferred approach to querying information on a hub -is to use the web interface in the Mission Portal. -This gives the greatest flexibility in both search -and presentation of data. Given the extensiveness of -the Mission Portal user interface, the details are -covered in a separate document. - - -@node Command line access to the hub, Example command hub searches , Mission Portal access to the hub, Top -@unnumberedsec Command line access to the hub - -Users with login access to the hub can also use the command line tool -@code{cf-report} to extract a limited view of the data. -Currently supported reports include: - -@table @code -@item compliance -The percentage total compliance log for all hosts. -@item dead-clients -Shows a list of client hosts that have not made incoming requests within the standard -time horizon (default 15 minutes). -@item file_changes -The change log -@item file_diffs -The change details for text files. -@item last-seen -Show the last time hosts connnected to the hub -@item promises -Compliance by promise, labelled by promise-handle. -@item setuid -The list of setuid/setgid root files detected on the system. -@item software -The installed software base of the system. -@item summary -A summary of how many hosts are compliant within a given set of search parameters. -@item vars -The values of variables set on hosts. -@end table - -@noindent Some special command line options are supported in the commercial versions. - -@table @samp -@item --query-hub -or @samp{-q} Query hub database interactively. This option is the entry point -for querying the hub data with @code{cf-report}, and must always be specified. - -@item --show name -Select the name of the report from the above list. - -@item --promise-handle -or @samp{-p regex}. For promise compliance report, this defines a -regular expression to search for promises of a specific name. Specify a promise-handle to look up - -@item --hostkey -or @samp{-k hashkey}. -Specify a particular host to query for data, using the unique host-key. - -@item --class-regex -or @samp{-c regex} - Specify a class regular expression to search for - -@item --filter -or @samp{-F regex} - Specify a name regular expression for filtering results -@end table - -@node Example command hub searches , , Command line access to the hub, Top -@unnumberedsec Example command hub searches - -If only a host-key is specified, CFEngine returns with the last known location and identity -of the host. (Note that, in the following examples, the SHA keys are reduced for readability). -@verbatim - -host# cf-report -q --hostkey SHA=bd6dfcc2... - -> Hostname: hub.test.cfengine.com - -> Recent IP Addresses: 10.0.0.29 - -@end verbatim -To dump all values from all hosts: -@verbatim - -cf-report -q --show promises -cf-report --query-hub --show promises - -@end verbatim -@noindent You can select a single host for a particular report: -@verbatim -cf-report -q --hostkey SHA=c40fb732c6e5... --show vars -@end verbatim -@noindent Or you can select a CFEngine class of hosts that will be selected to report -@verbatim -cf-report -q --show summary --class-regex linux -cf-report -q --show summary --class-regex SuSE -cf-report -q --show summary --class-regex NewYork -@end verbatim -@noindent Here are some examples using filters to 'grep' out certain items: -@verbatim - -cf-report -q --hostkey SHA=c40fb732c6... --show vars --filter date - -cf-report -q --filter "mail.*" --hostkey SHA=bd6dfccb1a... --show setuid - -cf-report -q --show promises -p knowledge_files_db_stamp - -@end verbatim - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Rollback.texinfo b/docs/guides/SpecialTopic_Rollback.texinfo deleted file mode 100644 index e05028a9d3..0000000000 --- a/docs/guides/SpecialTopic_Rollback.texinfo +++ /dev/null @@ -1,467 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-rollback.info -@settitle Rollout and Rollback -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Rollout and Rollback -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Rollback is supposed to be like the `Undo' button in a text editor, -and there is a tendency to equate rollback with the ability to `undo' -any kind of system change. However, `all changes are not made equal'. - -In system administration, in particular, the idea of rollback has been -borrowed loosely for talking about system change management, which is -a problem of much higher risk and complexity. This handbook explains -the limitations of transaction thinking for system administration, and -presents an alternative in the CFEngine framework. - -The expectations for rollback are considerable: a magic bullet for undoing -mistakes and the unforeseen failures of incomplete planning. The -reality is different however. Rollback is not always -possible and can even lead to worse problems. - -CFEngine takes an alternative approach, using `convergence' as its -approach to ensure not just one-time patching, but continuous, -repeatable desired state migration. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node top, What is rollback?, (dir), (dir) -@top Rollback -@menu -* What is rollback?:: -* Like revision control?:: -* Limitations of rollback in system administration:: -* ITIL release management:: -* Why is relying on rollback not a good strategy?:: -* Don't shoot the messenger:: -* An alternative way to plan changes:: -* How does CFEngine convergence help?:: -* `Resetting' -- a case where rollback works?:: -* Appendix - Did you know?:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - - -@node What is rollback?, Like revision control?, top, top -@unnumberedsec What is rollback? - -@sp 1 - -Rollback is a term that originates from the world of @i{Transaction -Processing}, e.g in databases. It arises in the context of trying to -guarantee data integrity during @i{intended changes to data} (e.g. during copy or -write operations to a database or a disk). - -Accurate change of data can fail for a variety of unpredictable -environmental reasons, so the idea is to preserve the integrity of -data during change by arranging them into predictable chunks called -@i{transactions}. If an error occurs during the copying of a single -data transaction, e.g. because it was interrupted or there was a -failure, then the change should be such that we are able to scrap -the affected transaction and try it again until the intention -succeeds. - -The idea is a simple variation of error-correction methods in signal -transmission, where detection of an error mandates dropping a packet -and retransmitting it. Ultimately this goes back to Shannon -communication theory. - -@node Like revision control?, Limitations of rollback in system administration, What is rollback?, top -@unnumberedsec Like revision control? - -The idea has been used in other contexts too. Revision control -systems (CVS, Subversion, etc) use the same idea to keep a record of -what @i{intended changes} have been made in source code or other -documents. In theory, if you intentionally commit a change that you -don't like, you can `back out' by reversing a `commit' operation and -going back to a previous version before it becomes irreversible. - -This idea works well if you only ever want to undo the last atomic -transaction in a sequence of deliberate changes, however there are -limitations. If two or more persons make changes to data in parallel, -you might not know what the last transaction was, or even that another -transaction has taken place when trying to undo a change. - -Similarly, you might want to undo changes that you made a few -transactions ago, in which case you would need to undo all the changes -from that point to the current point. At that point, it is more -efficient to make a `new' revision that takes away the offending text, -rather than undoing everything that happened since. - -Revsion control can also fail. Your last change might have already been -changed with or without your knowledge and simply reversing what you -changed will not be possible. -For example, consider the file: - -@smallexample -one -two -three -@end smallexample - -@noindent User 1 commits new lines in a single transaction: - -@smallexample -one -two -three -seven -eight -@end smallexample - -@noindent Then another user transforms all the lines in a single transaction: - -@smallexample -#one -#two -#three -#seven -#eight -@end smallexample - -@noindent User 1 now realizes that the lines were incorrect and tries -to undo his transaction, deleting two lines `seven' and `eight' at the -end of the file, but now there are no such lines to be found where -they were expected, and the rollback fails without a graceful exit. Now -the system is in an unknown state, not merely an imperfect one. - -The resolution to this problem is not to try reversing changes, but to -reanalyze the file contents and move forward. As long as changes are -small and simple, re-analysis will be a simple matter and moving -forward will be the simplest option with the least upheaval to the -system. - -@sp 1 -@cartouche -You cannot change the past, only the future. -@end cartouche - -@node Limitations of rollback in system administration, ITIL release management, Like revision control?, top -@unnumberedsec Limitations of rollback in system administration - -The term roll-back has been adopted (actually misappropriated) -in the context of IT management to mean `undo of changes during system -upgrades'. However, system upgrade is usually a very complex sequence -of @i{intended} transactions and @i{unintended} side effects, some of -which are a result of planned intentions and some of which are caused by -third parties. It is quite difficult to isolate and serialize system -changes in live operating environments, because planned changes -generally get interleaved with unplanned ones. - -The concept of rollback therefore has practical limitations: the main -ones being that it requires @i{isolation} and @i{serialization} of all -change processing. If people or machines are working at the same time -on shared data, or if there is distributed work going on, this is -likely to break the @i{single point of change} condition required to -make transactions integral -- i.e. to make rollback possbile. - -@sp 1 -@cartouche -Unix's single user mode was defined for the purpose of assisting in -transactional changes during maintenance, by locking non-root users -out of the system, but in todays environments it is not practical to -shut down a system for making changes. -@end cartouche -@sp 1 - -@node ITIL release management, Why is relying on rollback not a good strategy?, Limitations of rollback in system administration, top -@unnumberedsec ITIL release management - -The idea of rollback is seductive and has also been introduced into -human practices in the hope of making processes impervious to error. -The IT Infrastructure Library (ITIL) is a self-proclaimed set of best -practices for IT management. It borrows some ideas about transaction -integrity for human management processes. - -Once again, the idea is to break up changes into chunks (ITIL calls -these chunks `releases') and verify that each release is error-free -before fully committing to it. If something goes wrong, you `roll -back' by throwing away the last chunk and try again. In order to -succeed, each chunk must be a separate entity and its integrity must -be verified before the change is accepted so that there are no -unforeseen consequences of a potential error. - -@node Why is relying on rollback not a good strategy?, Don't shoot the messenger, ITIL release management, top -@unnumberedsec Why is relying on rollback not a good strategy? - -Gaining full control of a system requires complete mastery of every -aspect of the environment. This is unrealistic when multiple agents -are involved. - -@node Don't shoot the messenger, An alternative way to plan changes, Why is relying on rollback not a good strategy?, top -@unnumberedsec Don't shoot the messenger - -When you make a mistake, either with a policy decision or its -implementation, and a user comes pointing a finger because the system -is broken, someone is going to ask: what was the last change that was -made that `caused' this problem? Now roll back to that version to fix -the problem (usually in an urgent voice)! - -Stop right there and think again. True, it is possible that a single -change was the origin of a chain of events resulting in the problems -you have, but it is not true that going back to the previous version -of that incident will repair the problem. If you open the door to your -submarine while deep under water, closing it alone will not help get -rid of the unwanted water. - -Whenever you make a mistake, you should expect to undertake a clean-up -operation that deals with all of the consequences of the -error. Tracking changes can help you to map out what needs to be -repaired, but you cannot turn back time. - -One approach is a destructive one: stop the system and go back to a -checkpoint date on the filesystem. If you do that, you will lose all -your data and changes since the checkpoint, and it might still be too -late for your mission critical operation. - -A less destructive way is to contain the problem by preventing more -damage from occurring, then create a new policy to automatically clean up. -That way, if the same problem should happen again, you will have -already planned your exit strategy. - -@node An alternative way to plan changes, How does CFEngine convergence help?, Don't shoot the messenger, top -@unnumberedsec An alternative way to plan changes - - -@noindent Reliable rollback is an intractable problem in most modern -datacentres, but many systems claim that they can do it without -addressing the consequences of loss or downtime. In short, relying on -the ability to roll back makes for a fragile strategy. - -A better approach to error correction is planned avoidance of mistakes, and -assuming that unplanned changes will occur. You know -that there is a risk of error, so minimize the error by planning a -multitude of tiny changes rather than fewer big releases. - -@sp 1 -@itemize -@item Make small incremental changes. -@item Test in a test environment. -@item Test in a runtime environment on the smallest possible set of machines. -@item Make no other planned changes until you are sure the change resulted in the -behaviour you expected. -@item Expand the scope of the change gradually, as your confidence grows, until -all machines are covered. -@end itemize -@sp 1 -Notice that a human must be responsible for each expansion of scope. -Always plan based on the desired state -- i.e. not where you think you -are starting from, but where you want to get to. That is the only -fixed point on which to base a policy. - -CFEngine can deal with the error correction against unplanned changes, -but only humans can manage @i{intentions}. - -@sp 2 -@cartouche -WHY CAN WE DO THIS NOW? Previously the technology for making reliable -changes was poor and was based on transaction thinking, and it was -important to minimize the disruptive operations in a few -`roll-outs'. This is no longer true with CFEngine. It is both -inexpensive and even @i{recommended} to make a large number of small -impact changes to respond to your needs. In this way you should -minimize the risk through small increments and testing. Moreover, -because CFEngine does @i{not} assume or rely on transactional -integrity, it is less prone to failures during change implementation. -@end cartouche -@sp 2 - -@node How does CFEngine convergence help?, `Resetting' -- a case where rollback works?, An alternative way to plan changes, top -@unnumberedsec How does CFEngine @i{convergence} help? - -CFEngine's change management model is not based on transactions, it is -based on a concept of convergence to a known end-state. In -transaction management, you need to know where you started from and -the complete history of the system in order to know where you will end -up. No one has this information reliably. The alternative is -CFEngine's convergence principle. Convergence, works like a sink, -drawing the system down towards the desired state, no matter where you -start from. - -@center @image{convergence,12cm,,Rollback,png} - -Each promise in CFEngine is engineered in this way. We promise end -results, not changes. CFEngine calculates the -necessary steps and implementing them (many times if necessary) to avoid -failure. - -If you make small changes to policy (small modifications to promises), -then you will not make big mistakes that need to be undone. The main -reason for failure is that our initial assumptions about the environment -were incorrect. - -@sp 1 -@itemize - -@item Plan for changes in a real environment. Base your projections on -what happens in the live system, not in the lab. - -@item Test on the smallest possible set and expand from there. - -@item Watch over changes and their later impact on the network as -they are made by CFEngine to see if any of your initial assumptions were wrong. - -@item If there was a mistake, change your policy again to correct the mistake (moving forwards). - -@end itemize -@sp 1 - -Using CFEngine, you should always be thinking of moving forwards, even -if you circle back to an earlier policy. Do not try to go back and -undo changes, think of going forwards and minimizing the repercussions -of errors. If mistakes are made, go forward again with promises that clean -up and repair. - -@node `Resetting' -- a case where rollback works?, Appendix - Did you know?, How does CFEngine convergence help?, top -@unnumberedsec `Resetting' -- a case where rollback works? - -Some environments consider `rollback' to mean, stopping destroying and -rebuilding systems from a frozen image. This is something different -from an undo operation on a running system. It applies the idea of -transactions only to the design of each `roll out' release and -turns a blind eye to what happens once a machine is taken into service. - -Resetting a machine by destroying and re-building is indeed a transaction -that will roll us back to the initial state, but it is a misleading -form of integrity because you also undo all of the intended changes -that happen as part of the system's function: run-time state. - -If you are willing to sacrifice run-time data then you can @i{reset} -a system, i.e. sacrifice or destroy it and build a new one with the -same original specification. However, you must be clear about what -is being lost: - -@sp 1 -@itemize -@item The system must be taken out of service. - -@item Any run-time data must either be lost, or should be considered -`possibly contaminated' by the change that was introduced. Either way, -you need to make a decision about how to recover them. -@end itemize -@sp 1 - -@cartouche -`Reset' is what nature does when it makes mistakes: it lets unsuccessful -instances or copies die and falls back to a copy. -@end cartouche -@sp 1 - -CFEngine helps here too. If you really want this kind of radical reset -and you don't mind losing runtime data, CFEngine will help you to -reconstruct the system in a predictable policy-compliant way. - -@node Appendix - Did you know?, , `Resetting' -- a case where rollback works?, top -@unnumberedsec Appendix - Did you know? - -Here are some features that can help you to recover with CFEngine's -non-destructive error correction approach: - -@itemize -@item In @code{files} promises, you can use the @code{changes} attribute -to detect and log unexpected change in our system. This can help you -to correlate changes in policy with unexpected consequences so that you -can plan your clean-up. - -@item When CFEngine changes or renames a file it keeps a backup of the file -before the change, of the form @file{filename.@var{suffix}}, where the -@var{suffix} is by default: @file{.cfsaved}, @file{.cfdisabled}, @file{.cfedited}, -@file{.cfmoved}. - -@item Normally only one level of backup is kept, i.e. the next change -will overwrite this file. If you specify @code{copy_backup => -"timestamp";} or @code{edit_backup => "timestamp";} then CFEngine will -keep multiple versions with time-stamps to keep a complete history. - -@item If you specify a @code{repository} directory in a @code{files} -promise, CFEngine will move all such backup files to a single -location, rather than leaving them in the same directory, next -to the original files. - -@end itemize - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/SpecialTopic_Scalability.texinfo b/docs/guides/SpecialTopic_Scalability.texinfo deleted file mode 100644 index 6c90ad585e..0000000000 --- a/docs/guides/SpecialTopic_Scalability.texinfo +++ /dev/null @@ -1,1415 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-scale.info -@settitle Scale and Scalability -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Scale and Scalability (draft) -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -How large a system can CFEngine manage before special measures are -required to make it work? CFEngine is a flexible system with no fixed -architecture, that can be adapted to service any number of machines, -by adjusting the architecture. This document describes the most common -architectures in use today. - -Several risk factors are associated with managing huge systems, -including loss of control under failures of the human-computer -system. Strategies for avoiding these failure modes are discussed. - -Scaling gracefully is not just about handling volumes of machines, -but also about comprehensibility and manageability -to human engineers. -@end quotation -@end cartouche - -@vskip 2cm -This is an incomplete draft document. Last updated October 2011. - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010,2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Principles of scalability, (dir), (dir) -@top Scalability - - - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@menu -* Principles of scalability:: -* Scalable policy strategy:: -* Internal and external scalability of the software:: -@end menu - -@node Principles of scalability, Scalable policy strategy, Top, Top -@chapter Principles of scalability -@sp 1 - -@menu -* What is scalability?:: -* How does CFEngine address scale?:: -* What does scalability depend on?:: -* A product strategy for scaling:: -* A user strategy for scaling:: -* Unexpected risks of scaling:: -@end menu - -@node What is scalability?, How does CFEngine address scale?, Principles of scalability, Principles of scalability -@section What is scalability? -@sp 1 - -By scalability we mean the intrinsic capacity of a system to -handle growth. Growth in a system can occur in three ways: by the volume of input -the system must handle, or in the total size of its infrastructure, -and by the complexity of the processes within it. - -For a system to be called scalable, growth should proceed unhindered, -i.e. the size and volume of processing may expand without -significantly affecting the average service level per node. - -Although most of us have an intuitive notion of what scalability -means, a full understanding of it is a very complex issue, mainly -because there are so many factors to take into account. One factor -that is often forgotten in considering scalability, is the human -ability to @i{comprehend} the system as it grows. Limitations of -comprehension often lead to over-simplification and -lowest-common-denominator standardization. This ultimately causes systems -to fail due to an information deficit. - -@sp 1 - -@node How does CFEngine address scale?, What does scalability depend on?, What is scalability?, Principles of scalability -@section How does CFEngine address scale? -@sp 1 - -@sp 1 -@cartouche -CFEngine is a decentralized (or federated) agent-based system, with no single point of -failure. It uses integrated Knowledge Management to present -comprehensible views of how infrastructure complies with user intentions. -@end cartouche -@sp 1 - -In this Special Topics Guide, we take a simple approach to gauging the -scalability of CFEngine, considering the worst case scalability of -the software as a management system for typical environments -and network models. - -@node What does scalability depend on?, A product strategy for scaling, How does CFEngine address scale?, Principles of scalability -@section What does scalability depend on? -@sp 1 - -CFEngine's scalability is not only a function of the CFEngine -software, but also of the environment in which it operates and the -choices that are made. Some relevant environmental factors include: -@itemize -@item The capacity of the network. -@item The capacity of the server that supplies common information to agents. -@item The extent to which parallelism can be employed during updates (Amdahl's law). -@item The size and cost of the tasks carried out by the management system (in time and resources). -@item The social contract between users and parts of an organization (don't forget -that you are really dealing with a human-computer system). -@end itemize - -@noindent For managers, there are several challenges to scaling that go beyond the -infrastructure: - -@itemize -@item The ability to express and comprehend @i{necessary complexity and variation} in policy. -@item The ability to process the result (agent efficiency). -@item The ability for a significant number of people to understand the result (comprehension). -@end itemize - -CFEngine does all processing of configuration policy at the -destination node (i.e. on the affected system). There is no -centralization of computation. CFEngine Nova adds fault-tolerant -multi-node orchestration, in which any node's state can -be made available to other nodes on request. - -In general, reliance on common or centralized information will limit -the inherent scalability of the system. However, through opportunistic -use of caching, CFEngine is able to avoid single points of reliance. -CFEngine's asynchronous promise model makes the impact of resource sharing less significant. - - - -@node A product strategy for scaling, A user strategy for scaling, What does scalability depend on?, Principles of scalability -@section A product strategy for scaling -@sp 1 - -CFEngine's scaling behaviour follows an -`astronomical' hierarchy of scales. Our product range have been chosen to model different issues of -scale that occur in systems as they grow from tens to tens of -thousands of machines. As indicated above, dealing with scale is not -just about machine capacity, but also about knowledge management and -comprehension. - -An @i{Enterprise} installation is designed around a single star -configuration (like a solar system) in which the hub machine is the -star and the managed entities are the planets. Special planets can -have their own satellites (customized environments within the single -point of control), so this model does not imply complete uniformity. - -Future releases will be designed around multiple star -configurations and for cases where it is desirable to -maintain several points of control or independently managed -entities. This is also called a federation of star networks. The -reason for choosing this kind of architecture may or may not have to -do with service capacity (i.e. for coping with a large number -of systems): sometimes knowledge management and -responsibilities scale better with federation. - -@ignore -@sp 1 -@center @image{nova_const,14cm} -@center From a Nova star network to a Constellation of star networks. -@sp 1 -@end ignore - -@node A user strategy for scaling, Unexpected risks of scaling, A product strategy for scaling, Principles of scalability -@section A user strategy for scaling - - -This section proposes a simple method for evaluating capacity and scalability -at a site. You will need some numbers in order to do some simple calculations. - -@itemize -@item Identify the key scales and constraints of your organization. -@itemize -@item How many distinct environments or requirement sets do you have? -@item How many machines (managed units) are there? -@item What frequency of system state checking is desired (certainty about policy, or control resolution)? -@end itemize -@end itemize - -@noindent You will be able to use these numbers in the next chapter to work out how far a -simple star network configuration (Nova starburst) will go in supporting requirements. -An environment that consists of multiple environments, or very large size will have -to be handled as a constellation configuration. - -@menu -* Scalable CFEngine architecture:: -* Layout guidelines for scalability:: -@end menu - -@node Scalable CFEngine architecture, Layout guidelines for scalability, A user strategy for scaling, A user strategy for scaling -@subsection Scalable CFEngine architecture - -Several architectural principles aid the ability to scale to large size: -@itemize -@item @b{Patchwork coverage and federated centres}: -Most architectures have some kind of central point of change or control, but -too much centralization leads to bottlenecks that hinder throughput (see -the Special Topics Guide on Federation and Organizational Complexity). -Build a federated architecture from the beginning, i.e. a number of hubs or -star networks that each covers the requirements for the most local environment. -Do not try to make one single model that applies to everything (Grand Unification -is an unstable process). - -@item @b{Necessary and sufficient complexity}: -Do not oversimplify issues to avoid multiple environments. Delegation is cheap -and is mainly an issue of trust. Delegation (decentralization) is a key principle of scaling -as it avoids concentration of resources and single points of failure. - -@item @b{Don't over-constrain systems}: -It is wise to avoid configuration rules and requirements that are not necessary, as -this can impact systematically on the resources needed to scale. -Similarly, don't waste time creating perfect container classes for rules. Rough patches -are cheap to maintain -- precision targeting costs resource logic. - -@item @b{Autonomy -- avoid strong dependence}: -If systems depend strongly on other systems (i.e. a failure of one -leads to a failure of the other), then one creates fragility. Robust, -fault tolerant systems avoid interval coupling or dependencies -as these can lead to cascade failures. - -@item @b{Strive for efficiency}: -Management is not free, but one does not generally account for the -overhead when designing production systems. In the next chapter, we -shall show how to make rough estimates about network requirements for -management. As a rule of thumb, a site engineer needs to avoid -clogging the network with traffic, and burying systems in CPU or -memory intensive work. - -@end itemize - - -@node Layout guidelines for scalability, , Scalable CFEngine architecture, A user strategy for scaling -@subsection Layout guidelines for scalability - -The picture of a federated architecture is that of a number of smaller -star networks loosely rather than tightly integrated together. This -loose coupling avoids rigidity that can cause cascade failure. - -This schematic architecture does not answer where these centres will be -located however. Will the division into local centres be based on -geography, departmental lines, or some other virtual view of the organization? - -@cartouche -It does not matter from an architectural point of view what criteria are used for -dividing up an organization. The main criteria is the environment itself. If we think -in terms of promises for a moment, a strong group culture forms when members of -a community make a lot of promises to one another. Organizational entities are -therefore clusters of promises. This might or might not coincide with -naming of institutional entities. -@end cartouche - -It is easy to understand the reason for a promise-oriented approach to -scalability. Clusters of promises are also clusters where -communication is likely to be required and take place. Since -scalability is enhanced by limiting the amount and scope of -communication, the clusters of promises mark out the areas (sub-networks, if you -like) where communication is necessary. This makes for a natural encapsulation -of policy issues. - - -@itemize -@item Model the organization (focusing on business-level issues) -@item Give names to the parts -@item Identify patterns -@item Form a disciplined protocol (best practice) -@end itemize - - -@node Unexpected risks of scaling, , A user strategy for scaling, Principles of scalability -@section Unexpected risks of scaling -@sp 1 - -@itemize -@item @b{Division of labour => fragmentation of knowledge}: -When problems are management intensive, the need to divide and conquer problems -leads to points of failure. - -@item @b{Turnover of staff}: -Too much specialization of roles means that individuals attain mission -critical positions that lead to single points of failure for -operations. When key employees leave the organization, this damages -operations due to loss of expertise. The cost of this lies in -retraining, or even redesign. All roles should have redundancy both -for quality assurance and failover, and strong Knowledge Management -is required to avoid this scenario. - -@item @b{Morale}: -When engineers feel powerless, they are demoralized and feel unimportant. -This can lead to both disgruntlement and power-hogging. This is a failure of the -social contract. - -@item @b{Scale reduces certainty}: -The larger a system, the less detail human decision-makers can know -about the whole. - -@end itemize - -@c ************************************************************************ - -@node Scalable policy strategy, Internal and external scalability of the software, Principles of scalability, Top -@chapter Scalable policy strategy -@sp 1 - - -@menu -* Policy guidelines for comprehension:: -* Performance impact of promises:: -* Avoiding network traffic:: -* Defining classes:: -* Copernicus Knowledge Map:: -* System Tuning and Hub Optimization:: -@end menu - -@node Policy guidelines for comprehension, Performance impact of promises, Scalable policy strategy, Scalable policy strategy -@section Policy guidelines for comprehension - -Part of the challenge of scale is comprehension. If every computer is identical, this is no problem, but -when there is real growth in complexity scale can lead to a case of information and comprehension overload. -Checking that growth of complexity requires some user discipline. - -@menu -* Strategy for scaling policy:: -* Tactics for scaling policy:: -* Caching classes that are expensive to compute:: -@end menu - -@node Strategy for scaling policy, Tactics for scaling policy, Policy guidelines for comprehension, Policy guidelines for comprehension -@subsection Strategy for scaling policy - - -What if you have written down 250,000 promises to keep? How can you manage that? Here are some tips: - -@itemize -@item @b{Don't have 250,000 promises}. If your conception of the problem is -this complicated, then CFEngine is not your problem. Management will -fail by its own overheads unless it can slim down problems to -@i{necessary and sufficient} complexity. Over-constrained systems -usually fail eventually because they become overwhelmed by the problem -of unintentionally conflicting requirements. Keep it simple. - -If you are migrating from CFEngine 2, then many of your separate promises -can be turned into a single promise by using lists and other patterns. -This will drastically improve the modelling capabilities and reduce the -complexity of the policy. - -@item @b{Divide up your management problem and delegate} to autonomous -entities that can manage their own pieces. It does not matter how -you divide up your organization (geographically, logically, by department, by -application team, etc) the important thing is to spread the load of -responsibility. @b{Who proposes the promises to be kept.} - -The criterion for dividing up the organization is to make the entities -as autonomous as possible, i.e. with as few dependencies or communication -requirements as possible. The configurations for each autonomous entity -should be kept and managed locally by those entities, and not mixed together. -Centralization is the enemy of scaling. - -@end itemize -@noindent When writing the CFEngine bundles of promises, you will need to use a -`meta-model' to organize the bundles. This is part of a Knowledge -Management (comprehension) strategy. Your best friend here is someone -with didactic or pedagogical skills, as he/she will maintain the -visibility of high level goals throughout the technical -challenges. Your worst enemy is a technician with his head in the -machine, who will drag everyone down to the machine components, where goals -and challenges are incomprehensible. - -@itemize -@item @b{Start by modelling your business challenges}, not technical solutions. For example, -name bundles by service -@verbatim -bundle agent service_email -@end verbatim -@noindent -not by configuration file: -@verbatim -bundle agent etc_conf_postfix -@end verbatim -@noindent Even a non-expert should be able to see what these bundles are for, even if they don't -understand their detailed content. - - -@item @b{Focus on the broad strokes}. Don't micro-manage details that are not necessary. - -@item @b{Seek stability and predictability} of your system before turning your attention to -other details. If you don't have predictability, you have nothing. This will keep you -away from a focus on unhealthy technical detail. - - - -@item @b{Keep promise descriptions at a high level} as far as possible, and use the Copernicus -Knowledge Map to locate low level resources and the promises they make. - -@item @b{Use @i{patterns} to model similar configuration issues} as a single promise iterated -over the pattern, not as many individual promises. This allows you to compress a large -number of issues into a small amount of text. The ability to comprehend patterns is -also central to human understanding, as it shows the principles or allows -us to @i{`see the general in the particular, or the eternal in the transitory'}. -@end itemize - - - - - - -@node Tactics for scaling policy, Caching classes that are expensive to compute, Strategy for scaling policy, Policy guidelines for comprehension -@subsection Tactics for scaling policy - -In writing policy, the thing most often forgotten by technicians is explaining @i{why} decisions -have been made. -@itemize -@item @b{Give meaningful (high level, or even goal oriented) names} to collections of -promise attributes. e.g. instead to writing @code{perms => m("0600")}, try writing -something that allows readers to understand the @i{reason} for the intention: @code{perms =>write standard_permissions}. - -@item @b{Use comments to explain} why the promise is the way it is. e.g. write -@verbatim - comment => "This file needs to be writable by the web server - else application XYZ breaks" -@end verbatim -@noindent instead of -@verbatim - comment => "Set permissions on the temp directory" -@end verbatim - -@item @b{Encourage good practice in the policy authors}. Check whether objects have made other -promises elsewhere, and try to document the connections. If a policy -have dependencies, encode these (see `Best practice for writing promises' in the Reference manual). - -@item When solving problems, think about how to model the data. For example, -one way to model groups is to try to classify the names in lists -@verbatim -"group" slist => { - classify("a.domain.com"), - classify("b.domain.com"), - .....4000x... - }; -@end verbatim -This is neat, and easy to read but it requires CFEngine to process -a list linearly, which becomes increasingly inefficient and can take several -seconds if a list contains thousands of hosts. Some improvement can be obtained -by converting the domain strings manually: -@verbatim -"group" slist => { - "a_domain_com", - "b_domain_com", - .....4000x... - }; -@end verbatim -However, the linear scaling is still present. - -In this case, it is inefficient to process the list -in memory, because we only need one out of thousands of the -entries, thus it makes sense to prune the list in advance. - -To handle this, we can create a flat file of data in the format -"hostname:group" using the builtin function @code{getfields()} to read -one line from the file. -@verbatim -vars: - "match_name" int => getfields("a.domain.com:.*","/my/file",":","group_data"); - -classes: - "$(group_data[2])" expression => isgreaterthan("$(match_name)","0");; - -@end verbatim - -This assumes, of course, that each host is in -one and only one class context. The saving in processing is large, -however, as it can be carried out directly in the input buffer. -Only one out of thousands of lines thus needs to be processes. -Although the scaling is still linear in search, the allocation and read -processes are heavily optimized by block device reading and much lower -overhead. - -A module could also be used to the same effect to define the appropriate class -context. - -@end itemize - - - -@node Caching classes that are expensive to compute, , Tactics for scaling policy, Policy guidelines for comprehension -@subsection Caching classes that are expensive to compute - -As of version 3.4.0 of the CFEngine core, persistent classes can be -used to construct a simple time-saving caching of classes -that depend on very large amounts of data. -This feature can be used to avoid recomputing expensive classes -calculations on each invocation. If a class discovered is essentially -constant or only slowly varying (like a hostname or alias from a -non-standard naming facility) - -For example, to create a conditional inclusion of costly class -definitions, put them into a separate bundle in a file @file{classes.cf}. -@verbatim -# promises.cf - -body common control -{ -cached_classes:: - bundlesequence => { "test" }; - -!cached_classes:: - bundlesequence => { "setclasses", "test" }; - -!cached_classes:: - inputs => { "classes.cf" }; -} - - -bundle agent test -{ -reports: - - !my_cached_class:: - "no cached class"; - - my_cached_class:: - "cached class defined"; -} - -@end verbatim -@noindent Then create @file{classes.cf} -@verbatim -# classes.cf - -bundle common setclasses -{ -classes: - - "cached_classes" # timer flag - expression => "any", - persistence => "480"; - - "my_cached_class" - or => { ...long list or heavy function... } , - persistence => "480"; - -} - -@end verbatim - - - - - - - - - -@node Performance impact of promises, Avoiding network traffic, Policy guidelines for comprehension, Scalable policy strategy -@section Performance impact of promises - -In a large system it is natural to expect a large number of -promises. This makes the location of a specific promise difficult. The -Copernicus Knowledge Map is a key strategy for locating promises. - -@itemize -@item Using a very large number of bundles will have a performance impact, -as a local environment has to be established for each bundle. - -@item Using a large number of different input files can have a -performance impact during file updating, as each file requires a -bi-directional verification involving network traffic. The frequency -of policy updates can be limited -@itemize -@item Test systems -- can update relatively often since there are -fewer test machines, and their resources are less important than -production machines. -@item Production -- fewer changes need to be made since most -delta changes have been aggregated through the testing phase. -@end itemize - -@item There is no performance impact involved in having multiple -promise-type sections, e.g. @code{files:} in a bundle. However, -splitting up type-sections makes human readability harder. -@end itemize - - -@node Avoiding network traffic, Defining classes, Performance impact of promises, Scalable policy strategy -@section Avoiding network traffic - -Connecting to a CFEngine server process is one of the most time consuming activities -in centralized updating. Every bidirectional query that has to be made -adds latency and processing time the limits scalability. The connection time -and data transfer size during checking for updates can be minimized by making -use of the @file{cf_promises_validated} cache file on the server. This file -summarizes whether it is necessary to search for file updates (a search that -can take a significant number of seconds per client). Since most checks do not -result in a required update, this cache file can save a large amount of -network traffic. - -@smallexample -files: - - "$(inputs_dir)/cf_promises_validated" - comment => "Check whether new policy update to reduce the distributed load", - handle => "check_valid_update", - copy_from => u_dcp("$(master_location)/cf_promises_validated","$(sys.policy_hub)"), - action => u_immediate, - classes => u_if_repaired("validated_updates_ready"); - -am_policy_hub|validated_updates_ready:: - - "$(inputs_dir)" - comment => "Copy policy updates from master source on policy server if a new validation was acquired", - handle => "update_files_inputs_dir", - copy_from => u_rcp("$(master_location)","$(sys.policy_hub)"), -depth_search => u_recurse("inf"), -file_select => u_input_files, - depends_on => @{ "grant_access_policy", "check_valid_update" @}, - action => u_immediate, - classes => u_if_repaired("update_report"); - -@end smallexample - - - -@node Defining classes, Copernicus Knowledge Map, Avoiding network traffic, Scalable policy strategy -@section Defining classes - -Modelling environments with classes is a powerful strategy for knowledge management, -and is therefore encouraged. - - - -@node Copernicus Knowledge Map, System Tuning and Hub Optimization, Defining classes, Scalable policy strategy -@section Using the Copernicus Knowledge Map - -The Copernicus Knowledge Map is an integral part of the commercial CFEngine products. -It is also a feature that is developing rapidly as part of the CFEngine commitment to -research and development. -It forms a browsable `mental model' of relationships -between promises, goals and documents that describe them (including -the manuals and other documentation sources). The map provides you with -an overview of how parts of your policy relate to one another, and to other -high level parts of your environment. - -@itemize -@item Shows where and when promises are relevant. -@item Gives contextual meaning to promises and other issues by showing you their impact on both practical and abstract issues. -@item Offers commentary in a browsable and user friendly form. -@item How promises relate to business goals. -@item Dependencies between promises. -@item Overview of promise bundles and their contents. -@item Browsable view of promises and their relationships. -@item Browsable view of body parts in expanded form. -@item Examples of code usage. -@end itemize - -Use the knowledge map to: -@itemize -@item Find conflicts of policy. -@item Avoid repetition. -@item Understand relevance and impact. -@end itemize - - -@node System Tuning and Hub Optimization, , Copernicus Knowledge Map, Scalable policy strategy -@section System Tuning and Hub Optimization - -CFEngine uses MongoDB as its repository of information for each Nova/Enterprise hub. -The performance of a hub depends on the combination of hardware and software. The CFEngine -hub falls under the category or role of database server, and this requires fairly specific -optimizations. For example, NUMA architecture processing is known to lead to severe -processing bottlenecks on database servers, and so NUMA kernel modules should be switched off. -Below are some of the optimizations that should be looked into for the CFEngine hubs. - -@menu -* Tuning the linux kernel for thousands of hosts:: -* Tuning the MongoDB for thousands of hosts:: -@end menu - -@node Tuning the linux kernel for thousands of hosts, Tuning the MongoDB for thousands of hosts, System Tuning and Hub Optimization, System Tuning and Hub Optimization -@subsection Tuning the linux kernel for thousands of hosts - -Although CFEngine communicates with the Mongo database over a local socket, it -still uses TCP as its connection protocol and is therefore subject to kernel -optimizations. - -Every write and read connection to the Mongo database makes a kernel -TCP connection. With the extreme density of connections, this is -somewhat like a high volume webserver. The standard `play safe' kernel -settings are too conservative for this kind of performance. The main -bottleneck eventually becomes the FIN_WAIT timeout, which leaves file descriptors -occupied and non-recyclable for too long. We recommend -reducing this waiting time to free up descriptors faster: - -@verbatim -echo "1024 61000" > /proc/sys/net/ipv4/ip_local_port_range -echo "5" > /proc/sys/net/ipv4/tcp_fin_timeout -@end verbatim -@noindent This will clear old connections faster, allowing new ones be created and old threads to terminate faster. - -@node Tuning the MongoDB for thousands of hosts, , Tuning the linux kernel for thousands of hosts, System Tuning and Hub Optimization -@subsection Tuning the MongoDB for thousands of hosts - -Some points to consider when scaling the MongoDB: -@itemize -@item Indexing is a very important factor for scaling any database. -CFEngine Nova automatically checks and the creates indices needed for -scale as part of the schedule of @code{cf-hub}. The incices are -checked every six hours. - -However, if the database schema changes, which may happen during -upgrades of CFEngine Nova, the indices may have been changed as -well. In large-scale environment we may not have time to wait up to -six hours for the indices to get repaired, so this can be done -manually by running the following command on the hub. - -@verbatim -/var/cfengine/bin/cf-hub --index -@end verbatim - -Please make sure @code{cf-hub} is not running in the background while -indices are being created, as this may slow the system down -considerably under high load. - -@item For installations of one or two thousand hosts per hub, one approaches -the throughput limitations of x86 hardware and the Mongo database. One -can expect to see MongoDB writes dominating the system -resources. MongoDB does extensive caching'in RAM, so maximizing -installed RAM is an important strategy -- however disk access priorities -will also play a role. - -To make sure that server connection performance does not suffer as a result -of aggressive database writing, we can lower the priority of the MongoDB -process -@verbatim -ionice -c2 -n0 /var/cfengine/bin/mongod -@end verbatim -@noindent or, using the PID -@verbatim -ionice -c2 -n0 -p PID -@end verbatim - -@item If the MongoDB database is located on the same disk as the last-seen -database (as is default under @file{/var/cfengine}, there will be -contention between last-seen and mongodb updates, which can slow down -both processes unnecessarily. Ideally, these -should be separate disks with independent queues, even independent -controllers. RAID configurations can also slow down performance, so -only hardware RAID should be considered. - - -@item Non-Uniform Memory Access (NUMA) hardware -works poorly with all databases. If your server uses such hardware, -you should try to switch off this feature to improve write stability. -NUMA tries to bind memory to specific cores for speed, but in doing so it -can prevent free allocation of memory and lead to paging and swapping, thereafter -thrashing as the system grinds to a halt. Processes become CPU bound as threads -attempt to work around the memory manegement constraints, and performance worses -by a factor of ten or more. - -Some users report that using this approach is sufficient: -@verbatim -numactl --interleave=all /var/cfengine/bin/mongod # (other args) -echo 0 > /proc/sys/vm/zone_reclaim_mode -@end verbatim -@noindent However, in our experience, only removing the kernel modules -supporting NUMA and rebooting the kernel will solve the NUMA contention issue. - -Setting: -@verbatim -numa=off -@end verbatim -@noindent in the kernel boot parameters, e.g. in @file{grub.conf}: - -@cartouche -@smallexample -# grub.conf generated by anaconda -# -# Note that you do not have to rerun grub after making changes to this file -# NOTICE: You do not have a /boot partition. This means that -# all kernel and initrd paths are relative to /, eg. -# root (hd0,0) -# kernel /boot/vmlinuz-version ro root=/dev/sda1 -# initrd /boot/initrd-version.img -#boot=/dev/sda -default=0 -timeout=5 -splashimage=(hd0,0)/boot/grub/splash.xpm.gz -hiddenmenu -title MY Linux Server (2.6.32-100.26.2.el5uek) - root (hd0,0) - kernel /boot/vmlinuz-2.6.32-100.26.2.el5 ro root=/dev/sda1 rhgb quiet @b{numa=off} - initrd /boot/initrd-2.6.32-100.26.2.el5.img -@end smallexample -@end cartouche - - -@item Finally, @code{splaytime} on the client nodes will help to spread out -the incoming connections over the update interval of the hub. The hub -defaults to 5 minute updates, so a complete update of policy should be -spread over less than or equal to the same scheduled cycle time. Alternatively the cycle -for policy updates can be extended and the splaying can be even longer. - -@verbatim - -body executor control -{ -splaytime => "4"; -} - -@end verbatim - -@end itemize - - - -@c ************************************************************************ - -@node Internal and external scalability of the software, , Scalable policy strategy, Top -@chapter Internal and external scalability of the software -@sp 1 -Scalability is about the internal and external architecture of the -system, and the way that information flows around the highways and -bottlenecks within it. As a distributed system, some of those are -internal to the software, and some lie in the way it is used. - -CFEngine allows users to build any external architecture, so the only -intrinsic limitations are those internal to the software itself. Poor -decisions about external architecture generally lead to greater -problems that the internal limitations. - -A number of techniques are used internally to bring efficiency and hence -scalability in relation to policy. -@table @i -@item Hashing and indexing -are used in many ways to coordinate system without the need for communication. -By basing decisions on the predefined and publicly available information about -a node (like its name and address), we avoid having to pass messages between -nodes. -@item Classifying of patterns -is used to model patterns of similarity and difference in the intentions for a system. -By describing policy for different categories of system parts, rather than for -each individual part by name, we can reduce the amount of information we need to -specify. - -@item Persistent locking of execution -is used to place limits on the frequency and concurrency of operations undertaken -by CFEngine. Using the @code{ifelapsed} timers on each promise, one can say how -often work-intensive checks are made. - -@item Lazy evaluation -is a common approach to efficiency, but it is difficult to achieve -in a dynamic environment. Necessary complexity makes for necessary work. -CFEngine uses best-effort lazy evaluation to reduce processing, but errs on the side -of correctness, reliability and security. -@end table - -@sp 1 -@cartouche -The greatest challenge for scalability is to reduce functional -requirements to a description or model that uses patterns -(i.e. general rules) to compress only what needs to be said about the -policy into a comprehensible form. It is about identifying a -@i{necessary and sufficient} level of complexity without -over-simplification, and it is about not having to specify things that -don't need to be specified. This is Knowledge Management. -@end cartouche -@sp 1 - -@menu -* Best case approach to external scalability:: -* Failover and redundancy:: -* A simple worst case approach to scalability - the star network:: -* Optimizations affecting scalability:: -* Redundancy and load balancing in the Nova hub:: -@end menu - -@node Best case approach to external scalability, Failover and redundancy, Internal and external scalability of the software, Internal and external scalability of the software -@section Best case approach to external scalability -@sp 1 - -In the most scalable approach to management, each agent works 100% -autonomously as a standalone system, requiring no communication with -its peers, or with a central agency. Its policy is therefore constant -and fixed. - -If this model suits your organization, the operation of CFEngine is -completely independent of the number of machines, so it exhibits -@i{perfect scaling} with respect to the size of the infra-structure. -However, this model is too simple for most sites, and its value lies -in documenting the extreme end of the scalability scale, as an ideal to -work towards when striving for efficiency. - - -@node Failover and redundancy, A simple worst case approach to scalability - the star network, Best case approach to external scalability, Internal and external scalability of the software -@section Failover and redundancy - -As a self-healing system, CFEngine poses a low risk to loss of data. Most management -data that are lost in an incident will recover automatically. - -@table @i -@item Failover due to unavailability. - -The loss of a hub is not a critical failure in a CFEngine managed -network. Client machines continue to work with the last known version -of policy until a hub returns to `online' status. During updates, -hubs can come under load. To avoid this, splaying options should be -used primarily@footnote{We strongly recommend users to abandon the -idea that it is possible to have `instant' or `immediate' -updates. There is always some delay. It is more pragmatic to manage -that delay by making it predictable than to leave it to chance.}. -CFEngine's failover servers for file-copying can be set up to offer -immediate redundancy. - -@item Shared storage for @file{/var/cfengine/masterfiles}. - -The only place where shared storage makes sense is between the main -policy server (hub) and any failover servers. In that case only this -one directory can be shared. - -@item Backup of @file{/var/cfengine}. - -It is not strictly necessary to have a backup of the CFEngine work directory, but -keeping a backup of this for the hub can save time when restoring a broken hub, -since the records of known clients are stored in this workspace, and the current -status of reports is also stored. - -On clients, this workspace can be considered disposable, but many -users save public private key-pairs to preserve the `identity' of -hosts that have merely disk failures, etc. - -@item Multiple reporting hubs. - -Although it is technically possible to have multiple reporting hosts, -this is recommended against. Multiple hubs will only increase the -overhead on all parts of the system for little return. -@end table - -Our general recommendation is to introduce as few network -relationships as possible (make every system as autonomous as -possible). Shared storage is more of a liability than an asset in -general networks, as it increases the number of possible failure -modes. Backup of the hub workspace is desirable, but not a -show-stopper. - - -@node A simple worst case approach to scalability - the star network, Optimizations affecting scalability, Failover and redundancy, Internal and external scalability of the software -@section A simple worst case approach to scalability: the star network -@sp 1 - -CFEngine 3 Nova is designed around the concept of a simple star network, -i.e. a number of `client' machines bound together by a central hub. -This is a commonly used architecture that is easy to understand. -The hub architecture introduces a bottleneck, so we expect this to -have a limited scalability as long as we cannot increase the power and -the speed of the hub without limit. - -To understand the external scalability of CFEngine management, we -shall estimate how large a CFEngine system can grow using simple -centralized management, in this star network pattern. This will force -us to confront low level performance characteristics, where we try to -extract the most from limited resources. - -In a star network, all agents connect to a central hub to obtain -possibly frequent updates. The challenge is to optimize this -process@footnote{The estimates here are based on CFEngine core versions -3.1.2 and higher.}. This makes the central hub into a bottleneck. It -becomes the weakest link in the chain of information, i.e. the star network has -limitations that are nothing to do with CFEngine itself. The counterpoint -is that the star network is very easy to comprehend, and thus it usually forms -the starting point for most management frameworks. - -@sp 1 -@center @image{hub,10cm} -@center Centralized management with a hub. -@sp 1 - -@sp 1 -@cartouche -In the Community edition of CFEngine, updates travel only in one -direction, from server to client. CFEngine Nova, adds to this the -collection of data for reporting and analysis (CFDB), from client to -hub. Thus the expected load on the server is the sum of both -processes. -@end cartouche -@sp 1 - - -We would like to answer two equivalent questions. Given a central hub -with certain limitations, how many clients can it support? Conversely, -given a number of hosts to support with a single hub, what capacity -is required in system infrastructure to support it at a certain level? - -There are actually two independent issues here. There is the scaling -of the policy updates (served by the hub) and the scaling of the -reporting updates (collected by the hub). Both of these processes compete -for resources. - -@menu -* Typical CFEngine scales:: -* Scaling of updates:: -* Limitations on the CFDB hub database:: -* Update storms:: -@end menu - -@node Typical CFEngine scales, Scaling of updates, A simple worst case approach to scalability - the star network, A simple worst case approach to scalability - the star network -@subsection Typical CFEngine scales - -We start by setting some fundamental scales. - -@itemize -@item The interval at which policy and reporting updates are checked (@math{\Delta t = 5} mins or @math{300s}). -@item The expected worst size of an update (@math{U \le 5} MB per host). -@item The amount of RAM available on the server (@math{M = 1} GB).. -@item The resident size of a thread or server process (@math{s \le 12} MB). -@item The maximum available network capacity for management processes (@math{C \ge 1} MB/s). -@end itemize - -We choose deliberately a low value for network capacity. Even if more -capacity is available, one does not typically expect to use it all for -management overhead. - - -@node Scaling of updates, Limitations on the CFDB hub database, Typical CFEngine scales, A simple worst case approach to scalability - the star network -@subsection Scaling of updates - -To a first approximation, the process scaling relationships are linear, as long as -we stay far away from the region of resource contention at which a server -will typically perform very quickly. Scalability is thus about having safe margins -for worst case behaviour. - -The number of threads @math{t} supported by a server satisfies: -@sp 1 -@display - @math{st \le M} -@end display -@sp 1 -@noindent and yields a value for @math{t}, given fixed values for the hub's RAM -and software build size. -For a server with 1GB of memory, we have @math{t \le 1024/12 \sim 80} threads. -This will consume @math{U \le 1MB} of data per agent for a community host, and -@math{U\le 5MB} for Nova to account for reporting. - -The expected time-to-update @math{\tau_{\rm round}} satisfies: -@sp 1 -@display - @math{{U_{\rm min}/C} \le \tau_{\rm round}\le {U_{\rm max}/C}} -@end display -@sp 1 -The actual values will normally by significantly less than this worst case, -but he must plan for the possibility of update storms. -The network capacity @math{C = 1MBs^{-1}} suggests an expected -time-to-update @math{\tau_{\rm round} \le 2s} (there and back) with a -server-processing overhead. -We shall take a conservative value of -@math{\tau_{\rm round} \le 10s} for the maximum round trip request time. - - -Let's consider the policy/reporting update process, as this dominates -the scaling behaviour of the software in terms of number of machines. -Assuming that we can arrange for agents to distribute their updates -over a single time interval @math{\Delta t}, with maximum possible -entropy@footnote{Maximum entropy means the most even or flat -distribution over the time interval, in this case. See, for instance, -Mark Burgess, @i{Analytical Network and System Administration}.}, -then we should be able to achieve a maximum number of scheduling -slots @math{\sigma}: -@sp 1 -@display - @math{\sigma = {\Delta t}/\tau_{\rm round}} -@end display -@sp 1 -@noindent -Since the round-trip time can be higher or lower, depending on the size of the -update, we can propose some approximate limits. -@math{\sigma_{\max} = 300/2}, @math{\sigma_{\min} = 300/10} per interval @math{\Delta t}. -@sp 1 - -@noindent The total number of updates that can complete in the @math{\Delta t} -interval is thus, at fixed @math{t}: -@sp 1 -@display - @math{N = \sigma t = {{\Delta t} \over \tau_{\rm round}}t} -@end display -@sp 1 -@noindent If there are now @math{t} threads, then the total number of -updates available must lie between the upper and lower bounds determined by @math{\sigma}: - -@sp 1 -@display - @math{2400 \le N \le 12,000}. -@end display -@sp 1 - -@noindent So we can gauge a reasonable lower bound of 2000 machines from a single hub, -with extremely conservative estimates of the environment. Note that -when exceeding several thousands connections over a short time -interval, other limitations of the operating system will normally -start to play a role, e.g. the maximum number of allowed file -descriptors. Further, comprehending a system of more than a few thousand -machines is a challenge unless the system is extremely uniform. - -In making each of these estimates, we are assuming that the hub machine will be working -almost to capacity. Increasing its resources will naturally lead to improvements -in performance. - - -@c ******************************************************************** -@node Limitations on the CFDB hub database, Update storms, Scaling of updates, A simple worst case approach to scalability - the star network -@subsection Limitations on the CFDB hub database - -A `star network' architecture has a single concentration -of processing, centred around registration of incoming and outgoing hosts on the hub. -Read/write activity is focused on two databases: - -@itemize -@item The last-seen database that records the current IP addresses of known clients -to the hub, accessed every time a host connects or is connected to the hub. -@item The document database where reports are stored (using MongoDB), accessed each time -an update is stored, or when a user makes a query. -@end itemize - -The scalablity of the hub depends on how efficiently reads and writes -can be parallelized to these databases. Even with aggressive cachine, -databases are disk-intensive and since disk access is typically the -slowest or weakest link in the data flow chain, disk accesses will -throttle the scalability of the hub the most. - -CFEngine tries to support efficient parallelization by using -multiple threads to serve and collect data, however access to a -shared resource must always be serialized, so ultimately serial access to the -disk will be the limiting factor. The CFEngine hub supports Linux -systems. Simple SATA disks, USB and Firewire have very limited performance. -To achieve the maximum scaling limit of a few thousand hosts per hub, -users can invest in faster interfaces and disk speeds, or even solid state -disk devices. - -Because of the serialization, a heavily loaded MongoDB will eat up most of the -resources on the hub, dominating the performance. Some performance tuning option -strategies are discussed below. Clearly maximizing the amount of RAM on the -hub is a way to improve the performance. - -The time estimates for host updating used above include the latency of -this database, but it is possible that there might be additional -delays once the amount of data passes a certain limits. We currently -have no data to support this assumption and await customer experiences -either way. - -Lookup times for data in the reports database increase with the number -of host-keys, so the time required to generate certain reports -(especially when searching through logs) must increase as the number -of hosts increases. - -@c ******************************************************************** -@node Update storms, , Limitations on the CFDB hub database, A simple worst case approach to scalability - the star network -@subsection Update storms - -When changes are made, many hosts will start downloading updated -files. This can have a sudden impact on the network, as a lot of -unexpected traffic is suddenly concentrated over a short interval of -time. The contention from these multiple downloads can therefore make -each download longer than it otherwise might have been, and this in -turn makes the problem worse. The situation is analogous to disk -thrashing. - -@cartouche -Once thrashing has started, it can cause greatly reduced performance -and hosts might pass their `blue horizon threshold', appearing to -disappear from the CFEngine Mission Portal. This does not mean the -hosts are dead or even `out of control'. It only means that updates -are taking too long according the tuning parameters. The default -update horizon is. -@end cartouche - -@c ******************************************************************** -@node Optimizations affecting scalability, Redundancy and load balancing in the Nova hub, A simple worst case approach to scalability - the star network, Internal and external scalability of the software -@section Optimizations affecting scalability -@sp 1 - - -@menu -* The role of caching and indexing:: -* Deterministic queue:: -* Push versus pull:: -@end menu - - - -@node The role of caching and indexing, Deterministic queue, Optimizations affecting scalability, Optimizations affecting scalability -@subsection The role of caching and indexing - -To assist the speed of policy processing by @code{cf-agent}, choose -class names evenly throughout the alphabet to make searching easier. -CFEngine arranges for indexing and cachine to be performed automatically. - -@node Deterministic queue, Push versus pull, The role of caching and indexing, Optimizations affecting scalability -@subsection Deterministic queue - - -@node Push versus pull, , Deterministic queue, Optimizations affecting scalability -@subsection Push versus pull - - -@node Redundancy and load balancing in the Nova hub, , Optimizations affecting scalability, Internal and external scalability of the software -@section Redundancy and load balancing in the Nova hub - -CFEngine does not @i{need} a `high availability' architecture to be an -effective management system. The software was designed to work with -very low availability, and the designers highly recommend avoiding the -introduction of dependencies that require such availability. In normal -operation, CFEngine will be able to continue to repair systems without -any contact with the outside world, until actual policy changes are -made. - -It is nonetheless possible to balance load and account for failures by -multiplying the number of hubs/policy servers in a Nova star -network. This only makes sense for the policy servers and reporting -hubs, which are in principle single points of failure. - -@itemize -@item Availability of policy in case of policy server failure. -@item Availability of reports in case of reporting hub failure. -@end itemize -Because CFEngine is a pull-based technology, the two processes look -like this: -@itemize -@item Satellite `client' nodes pull policy from a policy server. -@item Reporting hubs pull reports from all satellite clients. -@end itemize -In both cases, the processes are `self-healing'. If a client is unable -to connect to a policy server, it will continue to work with its old -policy until the policy server becomes available again. If a report -hub fails and reports are no longer accessible, no data are lost -because the actual data are sourced from the satellite nodes. When the -hub is replaced or restored, it will update and continue as before. - -@menu -* Balancing multiple policy servers:: -* Redundant reporting hubs and recovery:: -@end menu - -@node Balancing multiple policy servers, Redundant reporting hubs and recovery, Redundancy and load balancing in the Nova hub, Redundancy and load balancing in the Nova hub -@subsection Balancing multiple policy servers - -A simple way to balance client hosts across multiple servers is to split them into classes -using the @code{select_class} function@footnote{This feature was added in core 3.1.5.}. Nothing else is needed to spread computers evenly -into a set of named buckets. -@verbatim -classes: - - "selection" select_class => { "bucket1", "bucket2" }; - -@end verbatim -This selects a particular class for each host from the list. A given -host will always map to the same class, thus allowing the rule for -policy updates to include copying from a personal `bucket' server. -@verbatim -body copy_from xyz -{ -... - -bucket1:: - servers => { "server-abc-1.xyz.com", "failover.xyz.com" }; -bucket2:: - servers => { "server-abc-2.xyz.com", "failover.xyz.com" }; - -... -} -@end verbatim - -Note this method is not suitable for bootstrapping hosts in a hub -configuration, since that requires a one to one relationship documented -in the @file{/var/cfengine/policy_server.dat} resource. - - -@node Redundant reporting hubs and recovery, , Balancing multiple policy servers, Redundancy and load balancing in the Nova hub -@subsection Redundant reporting hubs and recovery - -A CFEngine reporting hub is a host that aggregates reports from all -managed hosts in a Nova/Enterprise cluster. The purpose of aggregating -reports is to have all the information in one place for searching, -calibrating and comparing. The loss of a hub is an inconvenience -rather than a problem, as the function of a hub is to make access to -information about the system convenient and to enhance the knowledge of -users. - -@itemize -@item The loss of a hub will not impact the correctness of host configurations. -@item A hub will never come under heavy query load, so there is no need for load balancing. -@item Running multiple hubs on the same set of hosts will only lead to network contention -and increased overhead. -@item If a hub serves so many computers that updating the reports becomes a burden, -then you have probably already passed the point at which it makes sense to divide up -your management into multiple hubs. -@end itemize -Dividing hosts into multiple hubs should be a decision based on the absence of -the `need to know' for all hosts. By splitting the aggregation up into multiple -hubs, one jettisons the function of the hub which is to aggregate information. -The should normally be done in conjunction with a decision about knowledge boundaries -in your organization. - - -It makes sense to back up some information from a reporting hub. -Hub information is considered to be a mixture of two kinds of data: -@itemize -@item Cached information for data-mining, whose original source is the client from which it was collected. -Such information may be collected again if lost, and thus there is no need to back it up. -It can, of course, be backed up for convenience. -@item Original comments and hand-entered data about systems that are entered by users of the Mission Portal. -These data should be backed up as they cannot be recovered from any other source. -@end itemize -In addition to these, the hub makes use of the `last seen' database of -known hosts in order to know where to collect data from. For rapid -recovery after a data-loss catastrophe, it is recommended to back up -this database also. - -@sp 1 -@center @image{hubs,14cm} -@center Some data can be backed up from a hub for convenience. -@sp 1 - -The procedure for backing up the ephemeral data is: -@itemize -@item Mongo collections can be dumped to an intermediary format, though this is impractical -for large installations. - -@item For embedded databases, it is sufficient to copy the binary object: -@verbatim -cp /var/cfengine/cf_lastseen.db /backup -@end verbatim - -@end itemize - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Scan.texinfo b/docs/guides/SpecialTopic_Scan.texinfo deleted file mode 100644 index fb3c6c76c0..0000000000 --- a/docs/guides/SpecialTopic_Scan.texinfo +++ /dev/null @@ -1,1361 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-scan.info -@settitle Security Scanning and Tripwires with CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Security Scanning and Tripwires with CFEngine -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation - -CFEngine has sophisticated functionality for scanning hosts to find -anomalous content, for looking through log messages and detecting unauthorized file -changes. This can form the basis of a host based intrusion shield, -either alone or in conjunction with other tools. - -This document describes how to scan systems for potential security -incidents and vulnerabilities, and view reports across your system -using the Mission Portal. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} October 2011 CFEngine AS - -@end titlepage - - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, File scanning, (dir), (dir) -@top Security scanning and tripwires with CFEngine -@end ifnottex - -@iftex -@contents -@end iftex - -@menu -* File scanning:: -* Process and network scanning:: -* Log scanning:: -* Intrusion detection:: -@end menu - -@node File scanning, Process and network scanning, Top, Top -@chapter File scanning - -CFEngine has sophisticated functionality for scanning hosts to find -anomalous content, for looking through log messages and detecting unauthorized file -changes. This can form the basis of a host based intrusion shield, -either alone or in conjunction with other tools. - -This document describes how to scan systems for potential security -incidents and vulnerabilities, and view reports across your system -using the Mission Portal. - - - -@menu -* File change detection and tripwires:: -* Example change management:: -* file_change.log:: -* File change reports in Nova/Enterprise:: -* Tamperproof data:: -* Change detection bundle summary:: -* Reversion of file changes from a trusted source:: -@end menu - -@node File change detection and tripwires, Example change management, File scanning, File scanning -@section File change detection: tripwires - -File change monitoring is about detecting when file information on a -computer system changes. You might or might not know that files -are going to change. Expected changes are not usually a problem, -but unexpected change can be problematic or even sinister. - -The bulk of information on a computer is its file data. Change -detection for filesystems uses a technique made famous in the original -open source program Tripwire, which collects a snapshot of the system -in the form of a database of file checksums (cryptographic hashes) and -then periodically rechecks the system against this database to see -what has changed. Using cryptographic hashes is an efficient way of -detecting change as it reduces file contents to a unique number, just -a few bytes long, which can be stored for later comparison to detect change. - -If as much as a single bit of information changes, the file hash will -change by a noticable amount. This is a very simple (even simplistic) -view of change, but it is effective at warning about potential -incursions to the system. - -@cartouche -A cryptographic hash (also called a digest) is an algorithm that reads -(digests) a file and computes a single number (the hash value) -based on its contents. If so much as a single bit in the file changes -then the value of the hash will change. You can compute hash values -manually, for example: - -@verbatim - -host$ openssl md5 /etc/passwd -MD5(/etc/passwd)= 1fbd82252c441d0e9539f8f7271ec2fe - -@end verbatim - -There are several kinds of hash function. The most common ones are MD5 -and SHA1. Recently both of these algorithms -have been superceded by the newer SHA2 set. - -@sp 1 -Note that the FIPS 140-2 US government standard for encryption does not recognize -the MD5 hash algorithm. The default algorithm for enterprise grade -CFEngine is now SHA256. -@end cartouche - - -@sp 1 - -To use hash based change detection we use @file{files} promises -and the @code{changes} feature; first we ask CFEengine to -compute file hashes for specified files and enter them into a -database. Then, the same promise on subsequent runs will re-collect -the data and compare the result to what has been stored in the database. - -Here is a simple CFEngine promise that checks for changes in -@file{/usr/local}: - -@verbatim -files: - "/usr/local" - changes => detect_all_change, - depth_search => recurse("inf"); -@end verbatim - -@noindent This example uses the standard library template @samp{detect_all_change}. - -The first time this promise is kept, CFEngine collects data and treats -all files as @i{unchanged}. It builds a database of the checksums. The -next time the rule is checked, cfagent recomputes the checksums and -compares the new values to the `reference' values stored in the -database. If no change has occurred, the two should match. If they -differ, then the file as changed and a warning is issued either on the -command line (if you are testing manually) or by email. - -@verbatim - cf3: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - cf3: SECURITY ALERT: Checksum (sha256) for /etc/passwd changed! - cf3: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -@end verbatim - -This message is designed to be visible. If you do not want the -embracing rows of `!' characters, then this control directive turns -them off: - -@verbatim -body agent control -{ -exclamation => "false"; -} -@end verbatim - - - -@node Example change management, file_change.log, File change detection and tripwires, File scanning -@section Example change management - -Try the following complete example. -@cartouche -@verbatim -body common control -{ -bundlesequence => { "test_change" }; -inputs => { "LapTop/cfengine/copbl/cfengine_stdlib.cf" }; -} - -bundle agent test_change -{ -files: - - "/tmp" - changes => detect_all_change, - depth_search => recurse("inf"); -} -@end verbatim -@end cartouche -@sp 1 -@noindent This example shows how we use standard library templates to -scan a directory and (recursively) all of its sub-directories and their -contents. - -The first time we run this, we get a lot of messages about new files being detected. -This learns and defines the baseline for future comparisons: -@cartouche -@smallexample -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/test.cf -K - - !! File /tmp/.X0-lock was not in sha512 database - new file found -I: Made in version 'not specified' of '/home/a10004/test.cf' near line 14 - !! File /tmp/pulse-5weilfdGWBDj/pid was not in sha512 database - new file found -I: Made in version 'not specified' of '/home/a10004/test.cf' near line 14 -@end smallexample -@end cartouche -@noindent Next we can create a new file in the directory: -@verbatim -host$ touch /tmp/blablabla -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/test.cf -K - - !! File /tmp/blablabla was not in sha512 database - new file found -I: Made in version 'not specified' of '/home/a10004/test.cf' near line 14 -@end verbatim - -@noindent Next we edit the contents of the file -@cartouche -@smallexample -host$ echo sldjfkdsf > /tmp/blablabla -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/test.cf -K - -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -ALERT: Hash (sha512) for /tmp/blablabla changed! -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -> Updating hash for /tmp/blablabla to SHA=63fc10a0c57dc8cbd2c259b4d0bb81e1b4e5cf23f1fdc8b8 -I: Made in version 'not specified' of '/home/a10004/test.cf' near line 14 - -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -ALERT: Last modified time for /tmp/blablabla changed Thu Oct 20 08:46:58 2011 -> Thu Oct 20 -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -@end smallexample -@end cartouche -@noindent Note the different messages here. The first message notes that the contents of the file -have changed. The second indicates that the database has been updated with the new hash of the -file so that this message will not be regenerated on every subsequent run of CFEngine. Finally, -it notes that the modification time on the file changed. These messages reflect the default settings -in the @samp{detect_all_change} template (see below). - -Finally, if we remove a file from a monitored directory, we see the following: -@cartouche -@smallexample -host$ rm /tmp/blablabla -host$ ~/LapTop/cfengine/core/src/cf-agent -f ~/test.cf -K - -ALERT: /tmp/blablabla file no longer exists! -I: Made in version 'not specified' of '/home/a10004/test.cf' near line 14 -@end smallexample -@end cartouche -In this example, we used the standard library template @samp{detect_all_change}, -which is defined as follows: -@verbatim -body changes detect_all_change -{ -hash => "best"; -report_changes => "all"; -update_hashes => "yes"; -} -@end verbatim - -This is the most exacting option, but it costs CPU time to compute two different hashes -for cross-referencing as well as for reading -disk files and it costs disk space in storing both content hashes and additional -file attribute information. Moreover, it resets its learned database each time a change -is made. - -There are several alternatives. To save CPU and disk, we can just monitor content: -@verbatim -body changes detect_content -{ -hash => "md5"; -report_changes => "content"; -update_hashes => "yes"; -} -@end verbatim -@noindent To prevent the database being updated, we can use: -@verbatim -body changes noupdate -{ -hash => "sha256"; -report_changes => "content"; -update_hashes => "no"; -} -@end verbatim - -Finally, commercially supported versions of CFEngine will support -detection of file difference reports in the Mission Portal, if enabled -in policy: -@verbatim -body changes diff # Generates diff report (Nova and above) -{ -hash => "sha256"; -report_changes => "content"; -report_diffs => "true"; -update_hashes => "yes"; -} -@end verbatim - - -@node file_change.log, File change reports in Nova/Enterprise, Example change management, File scanning -@section file_change.log - -The file file_hash_event_history contains a separate text log of file -changes. - -@verbatim -host$ sudo more /var/cfengine/state/file_change.log -[sudo] password for you: -1308904847,/etc/passwd -1308904847,/etc/shadow -@end verbatim -The first column is a time stamp. If you are using one of the commercial versions -of CFEngine, you can see a more user friendly report for the entire enterprise or -for a single host in the next section. - -@node File change reports in Nova/Enterprise, Tamperproof data, file_change.log, File scanning -@section File change reports in Nova/Enterprise - -In the commercially supported editions of CFEngine, users have access -to a number of reports about file changes. A report of file changes and the -times at which the changes were detected is available in the file change report: - -@sp 1 -@image{file_change_diffs,15cm} -@sp 1 - -@noindent CFEngine does not record the actual changes unless you mention files -explicitly by name, and the report is mostly useful if the file is a text file. -In that case, you will see a change report: - -@sp 1 -@image{file_change_log,15cm} -@sp 1 - - - - -@node Tamperproof data, Change detection bundle summary, File change reports in Nova/Enterprise, File scanning -@section Tamperproof data - -Message digests are supposed to be unbreakable, tamperproof -technologies, but of course everything can be broken by a sufficiently -determined attacker. Suppose someone wanted to edit a file and alter -the cfengine checksum database to cover their tracks. If they had -broken into your system, this is potentially doable, though not easy. How can we -detect whether this has happened or not? - -A simple solution to this is to exploit the fact that CFEngine is a -distributed system, and to make neighbouring hosts work together to -watch over one another. We can use the same idea for change detection, -but now remotely across networked hosts: we -use another checksum-based -operation to copy the database to a completely different host. By -using a copy operation based on a checksum value, we can also remotely -detect a change in the checksum database itself. - -@cartouche -@verbatim -bundle agent neighbourhood_watch -{ -vars: - - "neighbours" slist => peers("/var/cfengine/inputs/hostlist","#.*",4), - comment => "Get my neighbours from a list of all hosts"; - -files: - - # Redundant cross monitoring ....................................... - - "$(sys.workdir)/nw/$(neighbours)_checksum_digests.db" - - comment => "Watch our peers remote hash tables!", - copy_from => - remote_cp("$(sys.workdir)/checksum_digests.db",$(neighbours)), - depends_on => { "grant_hash_tables" }; - - # Define the actual children to watch over ......................... - - "/usr/bin" - comment => "Watch over the system binaries", - changes => detect_all_change, - depth_search => recurse("inf"), - action => measure; - -} -@end verbatim -@end cartouche - -We must have a file @file{hostlist} containing a list of all participating hosts; it is -best to list IP addresses, one per line, but host names will also do. -This works as follows. - -Each host extracts from the host lists a list of (in this case three) neighbours, -since we have set a neighbourhood size of 4. The CFEngine built-in function -@samp{peers()} can be used for this. Each host in -the network takes on the responsibility to watch over its -neighbours by promising to copy the change databases for its neighbours -only if they have changed. Any changes are then logged as alerts. - -The copy rule attempts to copy the database to some file in a -safekeeping directory @code{$(sys.workdir)/nw}. -In theory, all four neigbours should signal this change. If an -attacker had detailed knowledge of the system, he or she might be able -to subvert one of these before the change was detected, but it -is unlikely that all four could be covered up. At any rate, this -approach maximizes the chances of change detection. - -Finally, in order to make this copy, you must, of course, grant access to the database in -by granting access to the database in a bundle of server promises: - -@verbatim -bundle server access_rules() -{ -vars: - - # List here the IP masks that we grant access to on the server - - "acl" slist => { - "$(sys.policy_hub)/24", - "128.39.89.233", - "2001:700:700:3.*" - }, - comment => "Define an acl for the machines to be granted accesses", - handle => "common_def_vars_acl"; - -access: - - "/var/cfengine/checksum_digests.tcdb" - - handle => "grant_hash_tables", - admit => { @(acl) }, - maproot => { @(acl) }; - -@end verbatim - -Let us now consider what happens if an attacker changes a file an -edits the checksum database. Each of the four hosts that has been -designated a neighbour will attempt to update their own copy of the -database. If the database has been tampered with, they will detect a -change in the hashes of the remote copy versus the original. The file -will therefore be copied. - -It is not a big problem that others have a copy of your checksum -database. They cannot see the contents of your files from this. A -potentially greater problem is that this configuration will unleash an -avalanche of messages if a change is detected. This does make messages -visible however. - - - -@node Change detection bundle summary, Reversion of file changes from a trusted source, Tamperproof data, File scanning -@section Change detection bundle summary - -A typical promise structure for doing change management. - -@cartouche -@verbatim - -bundle agent change_management -{ -vars: - - "watch_files" slist => { - "/etc/passwd", - "/etc/shadow", - "/etc/group", - "/etc/services" - }; - - "watch_dirs" slist => { - "/usr" - }; - - "neighbours" slist => peers("/var/cfengine/inputs/hostlist","#.*",4), - comment => "Partition the network into groups"; - -files: - "$(watch_dirs)" - comment => "Change detection on the directories", - changes => detect_all_change, - depth_search => recurse("inf"); - - "$(watch_files)" - comment => "Change detection on important files", - changes => diff; # diff_noupdate - - # Redundant cross monitoring ... neighbourhood watch - - "$(sys.workdir)/nw/$(neighbours)_checksum_digests.db" - - comment => "Watching our peers remote hashes - cross check", - copy_from => - remote_dcp("$(sys.workdir)/checksum_digests.db","$(neighbours)"), - depends_on => { "grant_hash_tables" }, - action => neighbourwatch("File changes observed on $(neighbours)"); -} - -####################################################### - -body action neighbourwatch(s) -{ -ifelapsed => "30"; -log_string => "$(s)"; -log_repaired => "stdout"; -} - -@end verbatim -@end cartouche -@noindent Note that the @file{remote_dcp} template uses a digest-comparison when comparing -the files. - -With this promise in place, you will not merely be warned about file -changes, but you will immediately remediate the erroneous file -change. By default, CFEngine backs up files when they are replaced by -appending a suffix @file{.cfbackup}, or timestamp. If you want to go -and look at the erroneous file for forensic evaluation, this backup -contains the evidence of changes. - - -@node Reversion of file changes from a trusted source, , Change detection bundle summary, File scanning -@section Reversion of file changes from a trusted source - -Detecting changes to files is only half of battle against unauthorized -change. In most cases you will also want to revert back to a trusted -version. A recommended approach here is to maintain a trusted -repository of source files, and to ask CFEngine to compare the current -version of the file to master version using a cryptographic hash. - -Suppose we want to manage a particular file (of any type or for any purpose) -called @file{fileX}, which is to be located in some directory -@file{/destination} of a host. We arrange for some other host -(that is considered `secure') to have a trusted version the file -in some directory called @file{/mastersources}@footnote{Perhaps this master source -has its own version control system for tracking intended changes in the master versions; -we shall not discuss that here.}. A promise that synchronized the - -@verbatim - "/destination/fileX" - - comment => "Copy fileX from a trusted source", - copy_from => - remote_dcp("/mastersources/fileX","masterhost"), - depends_on => { "grant_fileX" }, - action => neighbourwatch("File changes observed on fileX"); - -@end verbatim -@noindent We assume here that access to the masterfile has been granted to the -host. - - -@node Process and network scanning, Log scanning, File scanning, Top -@chapter Process and network scanning - -Looking at file changes is a very static view of system change -- basically you assume that -the system should not change from some initial snaphot, or at the very least you warn about -every change. However, many aspects of a system change all the time, e.g. the network connections -to and from the host, the processes running on the system. - -The system might attain some kind of @i{statistical} normalcy, which can be learnt -over time, but it that is based on a kind of equilibrium with its environment, not -of locking down the system completely. - -CFEngine's @code{cf-montord} has the ability to learn the trends and -behaviour of any countable or measurable value on the system. Over -time, it employs machine-learning methods from artificial intelligence -to build a normalcy profile for the system. Any significant deviations from -these profiles can be reported and responded to in policy. - -@sp 1 -@cartouche -In the Special Topics Guide @i{Monitoring with CFEngine}, you will find more information about -about how to use CFEngine's monitoring daemon @code{cf-monitord} to watch over changes -to the system that are dynamical. -@end cartouche - - -@menu -* Watching processes:: -* Watching other system variables:: -* Threshold monitoring:: -* Port monitoring:: -@end menu - -@node Watching processes, Watching other system variables, Process and network scanning, Process and network scanning -@section Watching processes - -CFEngine does not encourage the watching of systems without repair, -i.e. simply informing humans about changes without fixing -problems. After all, if you have a chance to repair something that is -already encoded into policy, why wouldn't you simply do it? However, -in certain mission critical environments you might want a specific -alert about changes even though a repair was made. If certain -conditions are not supposed to happen, it is good to know that they did. - -In the following example, we look for a number of very specific -processes in the process table, using our own promise-bdy template. -Then we use a standard library template @code{check_range} to -set policy for an acceptable range of such processes on the system. - -This combines two kinds of checks: how many of a particular process -is acceptable at any given moment, and the precise parameters -satsified: in this case, the amount of memory used by the process. - -@sp 1 -@cartouche -@verbatim -bundle agent count_important_processes -{ -processes: - - ".*" - - process_select => my_proc_finder("myprocess"), - process_count => check_range("myprocess",1,10); -} - -######################################################## - -body process_select my_proc_finder(p) - -{ -process_owner => { "root", "bin" }; -command => "$(p)"; -pid => "100,199"; -vsize => "0,1000"; -process_result => "command.(process_owner|vsize)"; -} - -@end verbatim -@end cartouche -@noindent This example therefore searches for processes called @samp{myprocess} -running as root or bin that use between 0 and 1000 KB of virtual memory -and have a process ID between 100 and 199. -Although this example is a little contrived, it shows how different -criteria can be combined to watch for very specific promises. - - -@node Watching other system variables, Threshold monitoring, Watching processes, Process and network scanning -@section Watching other system variables - - -When @code{cf-monitord} is running, it collects information about a -running processes and network connections to well-known ports. There -is a list of standard ports and system attributes examined by -CFEngine, and you can extend this using @code{measurements} promises. - -@sp 1 -@cartouche -In the Special Topics Guide @i{Monitoring with CFEngine}, you will find more information about -about how to use CFEngine's monitoring daemon @code{cf-monitord} to watch over changes -to the system that are dynamical. -@end cartouche -@sp 1 - -The information learnt by the monitoring daemon is stored in an -embedded database so that CFEngine can learn the normal behaviour of -the system. It does this by gathering statistics using a very -lightweight, smart algorithm that avoids storing large amounts -of data. The result is that every monitored value can be characterized -by an expectation value and an estimate of the standard-deviation -of the values measured. - -CFEngine is smart enough to realize that what us normal at one time of -day is not necessarily normal all the time, so it learns what is -normal within each five minute interval of the days of the week. Based -on this published model, it is possible to detect anomalies in -behaviour quite accurately, provided enough data are available. - -@sp 1 -@cartouche -Looking for statistical anomalies on little-used hosts is a waste of time. -If it is normal that nothing happens, then everything that happens -in anomalous. -@end cartouche -@sp 1 - -You do not need to provide any special configuration in the monitor -daemon to be able to -use the basic anomaly measures, however if you want to interface with -a packet analyser, you will need to configure that as it is resource -intensive. - -@cartouche -If you have @code{tcpdump} available on your system, it is also possible -to get CFEngine to interface to it an measure general packet types -travelling on the local network. - -@verbatim -body monitor control -{ -tcpdump => "false"; -tcpdumpcommand => "/usr/sbin/tcpdump -t -n -v"; -} -@end verbatim -@end cartouche -@sp 1 - -@noindent CFEngine monitoring is normally very lightweight, but occupying -the network interface for packet analysis is quite the opposite! - - -The following example bundle shows we can use the classes set the by -monitoring daemon simply to warn about anomalous statistical -states. Notice that we define what anomalous means in the policy -itself, by setting a class based on the current state in relation to -the learnt state, e.g. @code{rootprocs_high_dev1}, meaning that the -current state is between zero and one standard deviation above the -expectation value, or average. An `anomaly' is defined syntactically -to be more than two standard deviations above or below average. - -Entropy measures can also be used to see how much entropy (variation) -there is in the source IP addresses from which the connections arise. -This allows us to distinguish between focused traffic from a single source, and -traffic arriving from many sources. - - - -@cartouche -@verbatim -bundle agent anomalies -{ -reports: - -rootprocs_high_dev1:: - - "RootProc anomaly high 1 dev on $(sys.host) at $(mon.env_time) - measured value $(mon.value_rootprocs) with - average $(mon.av_rootprocs) pm $(mon.dev_rootprocs)" - - showstate => { "rootprocs" }; - - entropy_www_in_high.www_in_high_anomaly:: - - "HIGH ENTROPY Incoming www anomaly high anomaly dev!! on - $(sys.host) at $(mon.env_time) - measured value $(mon.value_www_in) - av $(mon.av_www_in) pm $(mon.dev_www_in)" - - showstate => { "incoming.www" }; - - entropy_www_in_low.anomaly_hosts.www_in_high_anomaly:: - - "LOW ENTROPY Incoming www anomaly high anomaly dev!! on - $(sys.host) at $(mon.env_time) - measured value $(svalue_www_in) - av $(av_www_in) pm $(dev_www_in)" - - showstate => { "incoming.www" }; - - entropy_tcpsyn_in_low.anomaly_hosts.tcpsyn_in_high_dev2:: - - "Anomalous number of new TCP connections on $(sys.host) at - $(mon.env_time) - measured value $(mon.value_tcpsyn_in) av - $(mon.av_tcpsyn_in) pm $(mon.dev_tcpsyn_in)" - - showstate => { "incoming.tcpsyn" }; - - entropy_dns_in_low.anomaly_hosts.dns_in_high_anomaly:: - - "Anomalous (3dev) incoming DNS packets on $(sys.host) - at $(mon.env_time) - measured value $(mon.value_dns_in) - av $(av_dns_in) pm $(mon.dev_dns_in)" - - showstate => { "incoming.dns" }; - - anomaly_hosts.icmp_in_high_anomaly.!entropy_icmp_in_high:: - - "Anomalous low entropy (3dev) incoming ICMP traffic on $(sys.host) - at $(mon.env_time) - measured value $(mon.value_icmp_in) - av $(mon.av_icmp_in) pm $(mon.dev_icmp_in)" - - showstate => { "incoming.icmp" }; - -} -@end verbatim -@end cartouche - - - -@node Threshold monitoring, Port monitoring, Watching other system variables, Process and network scanning -@section Threshold monitoring - -The values learned by the monitoring daemon are made available to the -agent as variables in the system context @samp{mon}, e.g. @samp{$(mon.www_in)}. -We can use these values at any time to set policy, either for alerting or -fixing the system. - -@verbatim -vars: - - "probes" slist => { "www", "smtp", "ssh" }; - -classes: - - "$(probes)_threshold" expression => isgreaterthan("$(mon.$(probes)_in)","50"); - -reports: - - "Help me $(probes)!" ifvarclass => "$(probes)_threshold"; - -@end verbatim - -@noindent The value of the CFEngine's component integration is to have transparent -access to the detailed running state of the system at all times. It is possible to -defined quite complex policies, and to respond to incidents based on the specific -data discovered. - - - -@node Port monitoring, , Threshold monitoring, Process and network scanning -@section Port monitoring - -The cf-monitord sets some system variables that allow you to see what ports are in -use on a local host. These data are stored locally in @file{/var/cfengine/state/env_data} -and may be seen in variables reports in the Mission Portal. - -@noindent The following are list variables: -@table @samp -@item mon.listening_ports -A list of all open ports -@item mon.listening_tcp4_ports -A list of open TCP ports bound to IPv4. -@item mon.listening_tcp6_ports -A list of open TCP ports bound to IPv6. -@item mon.listening_udp4_ports -A list of open UDP ports bound to IPv4. -@item mon.listening_udp6_ports -A list of open UDP ports bound to IPv6. -@end table -@noindent The following are scalar array variables: -@table @samp -@item mon.tcp6_port_addr[@var{port}] -Variable contains the value of the IPv6 address bound to the port with number given by the array slot. -@item mon.tcp4_port_addr[@var{port}] -Variable contains the value of the IPv4 address bound to the port with number given by the array slot. -@end table - - -This excerpt shows list variables and an array of addresses for the bindings to each port, -both for IPv4 and IPv6. -@sp 1 -@cartouche -@verbatim - -@listening_ports={'80','5308','631','22','53','1194'} -@listening_tcp6_ports={'631','22','53','80'} -@listening_tcp4_ports={'5308','631','22','53','1194'} - -tcp6_port_addr[631]=::1 -tcp6_port_addr[22]=:: -tcp6_port_addr[53]=:: -tcp6_port_addr[80]=:: -tcp4_port_addr[5308]=0.0.0.0 -tcp4_port_addr[631]=127.0.0.1 -tcp4_port_addr[22]=0.0.0.0 -tcp4_port_addr[53]=0.0.0.0 -tcp4_port_addr[1194]=127.0.0.1 -@end verbatim -@end cartouche -@sp 1 -This simple policy extract will generate a list of open ports on a given host: -@verbatim -reports: - monitoring:: - "Open tcp4 port on $(mon.listening_tcp4_ports)"; - "Open tcp6 port on $(mon.listening_tcp6_ports)"; -@end verbatim -@sp 1 -Sample output: -@example -R: Open tcp4 port on 5308 -R: Open tcp4 port on 631 -R: Open tcp4 port on 22 -R: Open tcp4 port on 53 -R: Open tcp4 port on 1194 -R: Open tcp6 port on 631 -R: Open tcp6 port on 22 -R: Open tcp6 port on 53 -R: Open tcp6 port on 80 -@end example - -@node Log scanning, Intrusion detection, Process and network scanning, Top -@chapter Log scanning - -In CFEngine Nova and above, you can extract data from the -system in sophisticated ways from files or pipes, using Perl -Compatible Regular Expressions to match text. The @code{cf-monitord} -agent is responsible for processing measurement promises. - -In this example, we count lines matching a pattern in a file. -You might want to scan a log for instances of a particular -message and trace this number over time. - - -@menu -* Scanning log files for patterns:: -* FTP:: -* DNS:: -* Email:: -* Milter:: -* Breakin:: -@end menu - -@node Scanning log files for patterns, FTP, Log scanning, Log scanning -@section Scanning log files for patterns -@sp 1 - -You will have to scan the log file for each separate summary -you want to keep, so you win a lot of efficiency by lumping -together mulitple patterns in a longer regular expressions. - -Be careful however about the trade-off. Disk access is certainly the -most expensive computing resource, but a smart filesystem might do good caching. - -Regular expression processing, on the other hand, is CPU expensive, so -if you have very long or complex patterns to match, you will begin -to eat up CPU time too. - -At the end of the day, you should probably do some tests to find a good -balance. One goal of CFEngine is to minimally impact your system performance, -but it is possible to write promises that have the opposite effect. Check -your work! - -@verbatim - -bundle monitor watch -{ -measurements: - - "/home/mark/tmp/file" - - handle => "line_counter", - stream_type => "file", - data_type => "counter", - match_value => scan_log("MYLINE.*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node FTP, DNS, Scanning log files for patterns, Log scanning -@section Scanning syslog for FTP statistics -@sp 1 - -There are many things that you can set CFEngine at monitoring. For example, -CFEngine can automtically collect information about the number of socket-level -connections made to the ftp server, but you might want more detailed -statistics. For example, you might want to track the volume of data sent -and received, or the number of failed logins. Here are a collection of -monitoring promises for doing just that. - -Note that the ftp logs are maintained by syslog, so it is necessary to match -only those lines which correspond to the appropriate service. We also assume -that the specific messages are sent to @file{/var/log/messages}, while your -configuration may specify otherwise. Likewise, your operating systems's -version of ftp may issue messages with a slightly different format than ours - -@verbatim - -bundle monitor watch_ftp -{ -vars: - "dir" slist => { "get", "put" }; - -measurements: - - "/var/log/messages" - - handle => "ftp_bytes_${dir}", - stream_type => "file", - data_type => "int", - match_value => extract_log(".*ftpd\[.*", ".*${dir} .* = (\d+) bytes.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/messages" - - handle => "ftp_failed_login", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*ftpd\[.*", ".*FTP LOGIN FAILED.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/messages" - - handle => "ftp_failed_anonymous_login", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*ftpd\[.*", ".*ANONYMOUS FTP LOGIN REFUSED.*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body match_value extract_log(line, extract) -{ -select_line_matching => "$(line)"; -extraction_regex => "$(extract)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node DNS, Email, FTP, Log scanning -@section Scanning DNS logs for query statistics -@sp 1 - -Another thing you might want to do is monitor the types of queries that your -DNS server is being given. One possible reason for this is to test for -unusual behavior. For example, suddenly seeing a surge in @samp{MX} requests -might indicate that your system is being targeted by spammers (or that one of -your users is sending spam). If you are thinking of converting to IPv6, you -might want to compare the number of @samp{A} requests to @samp{AAAA} and -@samp{A6} requests to see how effective your IPv6 implementation is. - -Because DNS logs are directly maintained by @samp{bind} or @samp{named} (and -do not go through syslog), the parsing can be simpler. However, you @i{do} -need to configure DNS to log query requests to the appropriate log file. In -our case, we use @file{/var/log/named/queries}. - -@verbatim - -bundle monitor watch_dns -{ -vars: - "query_type" slist => { "A", "AAAA", "A6", "CNAME", "MX", "NS", - "PTR", "SOA", "TXT", "SRV", "ANY" }; -measurements: - "/var/log/named/queries" - handle => "DNS_$(query_type)_counter", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".* IN $(query_type).*"), - history_type => "log", - action => sample_rate("0"); -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - -@node Email, Milter, DNS, Log scanning -@section Scanning syslog for email statistics -@sp 1 - -Email is another syslog-based facility that you may want to use CFEngine to -monitor. There are a number of volumetric data that are of interest. For -example, the number of messages sent and received, the number of messages -that have been deferred (a large number might indicate networking problems or -spam bounces), and the number of spam messages that have been -detected and removed by the assorted spam filters. - -The samples below assume that there is a separate logfile for email (called -@file{/var/log/maillog}) and that a few of the standard sendmail rulesets -have been enabled (see -@samp{http://www.sendmail.org/~ca/email/relayingdenied.html} for details). -As with any syslog-generated file, you need to check for the appropriate -service, and in this case we are lumping local messages (sent through -@samp{sm-mta}) and remote messages (sent through @samp{sendmail}) into a -single count. Your mileage may of course vary. - -If you use one or more sendmail "milters", each of these will also output -their own syslog messages, and you may choose to track the volume of -rejections on a per-filter basis. - -@verbatim - -bundle monitor watch_email -{ -vars: - "sendmail" string => ".*(sendmail|sm-mta)\[.*"; - - "action" slist => { "Sent", "Deferred" }; - -measurements: - - "/var/log/maillog" - - handle => "spam_rejected", - stream_type => "file", - data_type => "counter", - # This matches 3 kinds of rulesets: check_mail, - # check_rcpt, and check_relay - match_value => scan_log("$(sendmail)ruleset=check_(mail|rcpt|relay).*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/maillog" - - handle => canonify("mail_$(action)", - stream_type => "file", - data_type => "counter", - match_value => scan_log("$(sendmail)stat=$(action) .*"), - history_type => "log", - action => sample_rate("0"); - -} - -########################################################## - -body match_value scan_log(line) -{ -select_line_matching => "$(line)"; -track_growing_file => "true"; -} - -body action sample_rate(x) -{ -ifelapsed => "$(x)"; -expireafter => "10"; -} -@end verbatim - - -@node Milter, Breakin, Email, Log scanning -@section Scanning syslog for email milter failures -@sp 1 - -Milters are relatively new in sendmail, and some have problems. You can also -use monitoring to detect certain types of failure modes. For example, if a -milter is running (that is, there is a process present) but it does not -respond correctly, sendmail will log an entry like this in syslog (where -@samp{xyzzy} is the name of the milter in question): - -@verbatim -Milter (xyzzy): to error state -@end verbatim - -A small number of these messages is no big deal, since sometimes the milter -has temporary problems or simply encounters an email message that it finds -confounding. But a larger value of these messages usually indicates that the -milter is in a broken state, and should be restarted. - -You can use @samp{cf-monitord} to check for the number of these kinds of -messages, and use the soft classes that it creates to change how -@samp{cf-agent} operates. For example, here we will restart any milter -which is showing a high number of failure-mode messages: - -@verbatim -bundle monitor watch_milter -{ -vars: - "milter" slist => { "dcc", "bogom", "greylist" }; - -measurements: - - "/var/log/maillog" - - handle => "${milter}_errors", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*Milter (${milter}): to error state"), - history_type => "log", - action => sample_rate("0"); -} - -bundle agent fix_milter -{ -vars: - "m[dcc]" string => "/var/dcc/libexec/start-dccm"; - "m[bogom]" string => "/usr/local/etc/rc.d/milter-bogom.sh restart"; - "m[greylist]" string => "/usr/local/etc/rc.d/milter-greylist restart"; - -commands: - "$(m[$(watch_milter.milter)])" - ifvarclass => "$(watch_milter.milter)_high"; -} -@end verbatim - - -@node Breakin, , Milter, Log scanning -@section Scanning syslog for breakin attempts -@sp 1 - -A lot of script-kiddies will probe your site for vulnerabilities, using -dictionaries of account/password combinations, looking for unguarded accounts -or accouts with default passwords. Most of these scans are harmless, because -a well-maintained site will not use the default passwords that these hackers -seek to exploit. - -However, knowing that you are being scanned is a good thing, and CFEngine can -help you find that out. Because @samp{sshd} logs it's message through -@samp{syslog}, we again need to filter lines based on the service name. On -our system, authorization messages are routed to @file{/var/log/auth.log}, -and we would monitor it like this: - -@verbatim -bundle monitor watch_breakin_attempts -{ -measurements: - "/var/log/auth.log" - # This is likely what you'll see when a script kiddie probes - # your system - - handle => "ssh_username_probe", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*Invalid user.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # As scary as this looks, it may just be because someone's DNS - # records are misconfigured - but you should double check! - - handle => "ssh_reverse_map_problem", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*POSSIBLE BREAK-IN ATTEMPT!.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # Someone is trying to log in to an account that is locked - # out in the sshd config file - - handle => "ssh_denygroups", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*group is listed in DenyGroups.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # This is more a configuration error in /etc/passwd than a - # breakin attempt... - - handle => "ssh_no_shell", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*because shell \S+ does not exist.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # These errors usually indicate a problem authenticating to your - # IMAP or POP3 server - - handle => "ssh_pam_error", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*error: PAM: authentication error.*"), - history_type => "log", - action => sample_rate("0"); - - "/var/log/auth.log" - # These errors usually indicate that you haven't rebuilt your - # database after changing /etc/login.conf - maybe you should - # include a rule to do this command: cap_mkdb /etc/login.conf - - handle => "ssh_pam_error", - stream_type => "file", - data_type => "counter", - match_value => scan_log(".*sshd\[.*login_getclass: unknown class.*"), - history_type => "log", - action => sample_rate("0"); -} - -@end verbatim - - -See the CFEngine Nova documentation for more possibilities of measurement -promises. - - - -@node Intrusion detection, , Log scanning, Top -@chapter Intrusion detection - -Intrusion detection is a highly specialized area. CFEngine is not -designed specifically to be an intrusion detection or intrusion -prevention system, but it has many features that can be used as part -of an integrated stratey against intrusions. - -What is an intrusion or an attempted intrusion? This can be difficult -to define. If someone tries to login as root once? If someone tries to -login at root fifty times? Is port scanning a sign, or perhaps a SATAN -or ISS scan? Someone trying a known security hole? There is no certain -way to identify the intentions behind activity we observe on a system. - -The aim of an intrusion detection system is to detect events that can -be plausibly connected to incidents or break-ins, hopefully while they -are still in progress so that something can be done about them. -One way of doing fault diagnosis is to compare a system to a working -specification continuously. This is essentially what CFEngine does -with systems. - - -@bye diff --git a/docs/guides/SpecialTopic_Schedule.texinfo b/docs/guides/SpecialTopic_Schedule.texinfo deleted file mode 100644 index 5921054f60..0000000000 --- a/docs/guides/SpecialTopic_Schedule.texinfo +++ /dev/null @@ -1,557 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-schedule.info -@settitle Scheduling and Event Management -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Scheduling and Event Management -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine is able to schedule processes or jobs across all managed -nodes, in a platform independent manner. This eliminates the -distributed configuration of time-shedulers like cron, and allowed the -design of custom calendars trivially with CFEngine's built in logic. - -Moreover, CFEngine can respond to the occurrence of any distributed -pattern in behaviour or data on the network and bring immediate -countermeasures to bear. Thus full location-time scheduling and -response is supported. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is scheduling?, (dir), (dir) -@top Scheduling -@menu -* What is scheduling?:: -* How can CFEngine help?:: -* Define jobs with basic profile information :: -* Chaining jobs together:: -* Calendars :: -* Logging execution:: -* Scheduling by Sensing Events and Patterns:: -* Working with Unix cron:: -* Commands promises:: -* Splaying host times:: -* Choosing a scheduling interval:: -* Appendix - Did you know?:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - - -@node What is scheduling?, How can CFEngine help?, Top, Top -@unnumberedsec What is scheduling? - -@sp 1 - -Scheduling refers to the execution of non-interactive processes or -tasks (usually called `jobs') at designated times and places around a -network of computers. On a given computer, jobs might be run -sequentially in a queue, one after the other, or they might be run in -parallel. -Jobs can also be started by triggers when sensors see certain system -activity. CFEngine supports a full range of features for customizing -hands-free scheduling. - -@node How can CFEngine help?, Define jobs with basic profile information , What is scheduling?, Top -@unnumberedsec How can CFEngine help? - -CFEngine is able to schedule processes or jobs across all managed -nodes, in a platform independent manner. This eliminates the -distributed configuration of shedulers like cron. The time resolution -for this depends on the frequency with with the cf-agent is scheduled -to run. A normal recommendation is that cf-agent runs every 5 minutes, -which is sufficiently often for most batch scheduling requirements. - -@node Define jobs with basic profile information , Chaining jobs together, How can CFEngine help?, Top -@unnumberedsec Define jobs with basic profile information - -Jobs are scheduled using CFEngine as @code{commands} promises. -To determine the conditions under which a job should be promised -one uses @code{classes}. - -@verbatim - bundle agent batch_jobs - { - commands: - - # Always run job on these three hosts - - host1||host2||host3:: - - "/usr/local/bin/my_special_job $(sys.host)" - - comment => "Run the cluster task for this host"; - } -@end verbatim - -@noindent To limit the job to a special time, we use time-classes: - -@verbatim - bundle agent batch_jobs - { - commands: - - # Run job on all hosts at 13:05pm - - Hr13.Min00_05:: - - "/usr/local/bin/my_special_job $(sys.host)" - - comment => "Run the cluster task for this host"; - } -@end verbatim - - -@noindent To combine, location and time coordinates, simply join the classes: - -@verbatim - bundle agent batch_jobs - { - commands: - - # Run job on all hosts at 13:05pm - - (host1||host2||host3).Hr13.Min00_05:: - - "/usr/local/bin/my_special_job $(sys.host)" - - comment => "Run the cluster task for this host"; - } -@end verbatim - -@node Chaining jobs together, Calendars , Define jobs with basic profile information , Top -@unnumberedsec Chaining jobs together - -Creating a managed process by chaining jobs together is also done -using classes. To chain jobs into a sequence, you simply set a -class if when the predecessor completes, and predicate the -antecedant on that class: - -@verbatim - - bundle agent order - { - commands: - - # Dummy jobs to illustrate chaining - - Monday.Hr12.Min30_35:: - - "/bin/echo Job one" classes => if_else("success","failure"); - - success:: - - "/bin/echo Next job"; - - failure:: - - "/bin/echo Error condition?"; - - } - -@end verbatim - -@node Calendars , Logging execution, Chaining jobs together, Top -@unnumberedsec Calendars - -You can define classes based on any combination of events in -CFEngine, and in this way build up special calendars. - -@verbatim - bundle agent jobs - { - classes: - - "holiday" or => { - "July.Day4", - "May.(Day1|Day2|Day3|Day4|Day5|Day6).Monday", - "December.Day25" - }; - - commands: - - !holidays:: - - "/usr/local/bin/my_special_job $(sys.host)" - - comment => "Run the cluster task for this host", - action => if_elapsed("240"); - } -@end verbatim - -@noindent Avoiding weekends is a simple matter, as is testing -to see if the target system fulfills the requirements for the job: - -@verbatim - bundle agent batch_jobs - { - classes: - - "weekend" expression => "Saturday|Sunday"; - - "have_update_db" expression => fileexists("/usr/bin/updatedb"); - - commands: - - (host1||host2||host3).!weekend:: - - "/usr/local/bin/my_special_job $(sys.host)" - - comment => "Run the cluster task for this host every six hours", - action => if_elapsed("240"); - - have_locate_db.Hr01:: - - "/usr/bin/updatedb" - - comment => "Update the locate db at 1 a.m. each night, if exists", - action => if_elapsed("240"); - } -@end verbatim - -@noindent Here are some other calendar ideas: - -@verbatim -classes: - -"LunchAndTeaBreaks" expression => "!(Saturday|Sunday).(Hr12|Hr10|Hr15)"; - -"NightShift" or => { "Hr22", "Hr23", "Night" }; - -"ConferenceDays" or => { "Day26", "Day27", "Day29", "Day30" }; - -"TimeSlices" or => { "Min01", "Min02", "Min03", "Min10_15" - "Min33", "Min34", "Min35" }; - -"Exception" not => "Hr12.Min15_20"; - -@end verbatim - -@node Logging execution, Scheduling by Sensing Events and Patterns, Calendars , Top -@unnumberedsec Logging execution - -@noindent There are many ways to log events in CFEngine. - -@verbatim - bundle agent test - { - commands: - - "/usr/local/myjob" - - action => logme("myjob"); - } - - - body action logme(x) - { - log_repaired => "/tmp/private_$(x)_keptlog.log"; - log_string => "$(sys.date) $(x) promised job succeeded"; - } - -@end verbatim - -@noindent This results in a log file @file{/tmp/private_myjob_keptlog.log} -which contains data of the form: - -@smallexample -Sat Aug 22 11:11:01 2009 myjob promised job succeeded -Sat Aug 22 11:11:01 2009 myjob promised job succeeded -@end smallexample - -@node Scheduling by Sensing Events and Patterns, Working with Unix cron, Logging execution, Top -@unnumberedsec Scheduling by Sensing Events and Patterns - -@noindent Any measurable event on a system can trigger a response from -cf-agent. - - - -@verbatim - bundle agent test - { - commands: - - special_event:: - - "/usr/local/open_help_ticket args"; - } - -@end verbatim - -For example, the monitoring agent @code{cf-monitord} sets system classes -based events that are classified as anomalies on the system, as well as -custom defined observations. - - -@node Working with Unix cron, Commands promises, Scheduling by Sensing Events and Patterns, Top -@unnumberedsec Working with Unix @code{cron}. - -One of CFEngine's strengths is its use of classes to identify systems -from a single file or set of files. This allows you to have a single, -central CFEngine file which contains all the `cron' jobs on your -system without losing any of the fine control which cron affords -you. - -One way to achieve this is to set up a regular cron job on every -system which executes @code{cf-agent} at frequent intervals. Each -time @code{cf-agent} is started, it evaluates time classes and -executes the shell commands defined in its configuration file. -CFEngine's time classes are much more powerful than -@code{cron}'s time specification possibilities, and they add control -over location too. - -@sp 1 -@cartouche -DO I NEED TO USE CRON? No. With CFEngine's @code{cf-execd} you don't -need to use cron at all -- CFEngine can schedule itself. Whether you choose -to run @code{cf-execd} in daemon mode, or in wrapper mode is entirely -up to you. -@end cartouche -@sp 1 - -@node Commands promises, Splaying host times, Working with Unix cron, Top -@unnumberedsec Commands promises - -CFEngine commands promises have the general form: - -@smallexample - -@var{promise-type}: - - @var{time-based classes::} - - @var{Promise} - -@end smallexample - -@noindent For example: - -@verbatim -bundle agent example -{ -commands: - -# Exec during every first quarter-hour after noon - - Hr12.Q1:: - - "/path/myscript -arg1 -arg2"; - -# Exec during any second quarter-hour - - Q2:: - - "/path/otherscript"; - -# Exec during the intervals 00:10 through 00:15 and 12:45 through 12:55 -# (English says ``and'', but logic says ``if this interval or that is true'' - - Hr00.Min10_15||Hr12.Min45_55:: - - "/path/amongstourscripts"; - -} - -@end verbatim - -@noindent If you want to get fancy, you can set parameters for the -execution of the script by building a container for it that traps its -output and privileges (this applies to root only, since only root has -this power to change privilege). - -@verbatim -bundle agent example -{ -commands: - -# Exec on the first quarter after noon - - Hr12.Q1:: - - "/path/myscript -arg1 -arg2", - - contain => my_custom_jail("nobody","true"); -} - -# ... - -body contain my_custom_jail(owner,devnull) -{ -exec_owner => "$(owner)"; # run with this setuid -no_output => "$(devnull)"; # like > /dev/null 2>&1 -umask => "77"; # set process umask -} - -@end verbatim -The @samp{contain}ment body provides a safe and flexible environment in which -to embed scripts. - -The time resolution of the classes is limited by how often you execute -CFEngine either using cron or @code{cf-execd}. Five minutes is the -recommended scheduling interval. - -@node Splaying host times, Choosing a scheduling interval, Commands promises, Top -@unnumberedsec Splaying host times - -In a network of thousands of computers, many agents could start -executing and downloading resources from a server at the same time. -For instance, if a thousand cf-agents all suddenly wanted to copy a -file from a master source simultaneously this would lead to a big load -on the server. We can prevent this from happening by introducing a -time delay which is unique for each host and not longer than some -given interval; @code{cf-execd} uses a hashing algorithm to generate -a number -between zero and a maximum value in minutes which you define, like -this: - -@verbatim - -body executor control - -{ -splaytime => "10"; # Minutes -} - -@end verbatim - - - -@node Choosing a scheduling interval, Appendix - Did you know?, Splaying host times, Top -@unnumberedsec Choosing a scheduling interval - -How often should you call your global CFEngine configuration? There -are several -things to think about: - -@itemize @bullet - -@item -How much fine control do you need? Running cron jobs once each hour is -usually enough for most tasks, but you might need to exercise finer -control for a few special tasks. - -@item -Are you going to verify the entire CFEngine configuration file -or just selected promises? - -@end itemize - -CFEngine has an intelligent locking and timeout policy which should be -sufficient to handle hanging shell commands from previous crons so that -no overlap can take place. - -@node Appendix - Did you know?, , Choosing a scheduling interval, Top -@unnumberedsec Appendix - Did you know? - -Here are some features that can help you with CFEngine's -scheduling capabilities: - -@itemize -@item Batch jobs can be made to run in parallel by using @code{background => "true"} -in an @code{action} body. - -@item You can limit the frequency with which a batch job is executed with or without -specifying an actual time of execution using the @code{ifelapsed} settings. -Then a job will only be started if a certain number of minutes have elapsed since it -was last started. - -@item You can make sure that jobs have not crashed or run out of control using -the @code{expireafter} settings. Then a job that seems to have been -running for too long will expire after a defined number of minutes and -will be killed and restarted. - -@item The monitor agent @code{cf-monitord} can watch over special processes -and monitor their resource usage, e.g. memory or CPU usage and report on these -in CFEngine Nova. - -@item You can arrange for jobs to run in a `sandbox' or `jail', running -as a special user, in a special directory without access to system resources. -Thus system security can be addressed when running foreign applications. - -@end itemize - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Security.texinfo b/docs/guides/SpecialTopic_Security.texinfo deleted file mode 100644 index d98fcb63ad..0000000000 --- a/docs/guides/SpecialTopic_Security.texinfo +++ /dev/null @@ -1,736 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-security.info -@settitle Architecture and Security -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine Architecture and Security -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation - -This document describes an overview of the design principles and architecure used by CFEngine. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} July 2010 CFEngine AS - -@end titlepage - - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Architecture Principles, (dir), (dir) -@top Security -@end ifnottex - - -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@menu -* Architecture Principles:: -* Security Principles:: -* Communication Security:: -@end menu - -@node Architecture Principles, Security Principles, Top, Top -@chapter Architecture Principles - -CFEngine is agent based software. It resides on and runs processes on -each individual computer under its management. That means you do not -need to grant any security credentials for login to CFEngine. Instead, for -normal operation, CFEngine runs in privileged `root' or -`Administrator' mode to get access to system resources and makes these -available safely to authorized enquiries. - -A CFEngine installation is thus required on every machine you want to -manage: client and server, desktop or blade. Typically, you will -single out one machine to be a @i{policy server} or @i{hub}. In very -large networks of many thousands of machines, you might need several -policy servers, i.e. several hubs. - - -Any piece of software has two different architectures, which should not be confused: - -@itemize -@item The information flow that results in decisions (weak coupling). -@item The software or service dependence graph (strong coupling). -@end itemize - -Information flow is about how users determine what promises the -software should keep; this is entirely informational and once -decisions are made they can be stored (cached) for an indefinite -time. The dependence graph explains what services or resources are -required by the software in order to keep its promises. This is a -strong dependency because the software is unable to function without -the availability of these resources at all times. Systems are robust -if they are only weakly coupled. Strong dependence introduced -@i{fragility} of design. - -In many software products these two separate models are identical in -design and implementation. However, Promise Theory maintains their -independence and CFEngine makes no assumptions about the kind of -information flows that should be set up. - -@sp 1 -@cartouche -CFEngine takes host autonomy as its guiding -architectural principle. Agents are functionally independent of one another -and only weak couplings can be promised. -@end cartouche - -@sp 1 -The implication of this principle is that CFEngine is robust to -failures of communication (e.g. network connectivity) and that each -host is responsible for maintaining its own state. This affects the -security and scalability of the solution. - -@menu -* Single point of coordination:: -* Policy information flow:: -* Robustness to failure:: -* Distributed execution and federation:: -@end menu - -@node Single point of coordination, Policy information flow, Architecture Principles, Architecture Principles -@section Single point of coordination - -The default CFEngine Nova architecture uses a single hub or policy -server to publish changes of policy and to aggregate knowledge about -the environment, but you can set up as many as you like to manage -different parts of your organization independently. The CFEngine -technology is not centralized by nature. Most users choose to -centralize updating of policy and report aggregation for convenience -however. - -@sp 1 -@center @image{hub,10cm,,The front page,png} -@center Figure: A policy server or `hub' is implemented in CFEngine Nova -@center as a simple solution that will scale for most sites `out of the box'. -@sp 1 - -If you operate CFEngine Nova in its default mode, the hub acts as a -server from which every other client machine can access policy -updates. It also acts as a collector, aggregating summary information -from each machine and weaving it into a knowledge map about the datacenter. - -For a single hub configuration, the figure below shows a normal -process approach to managing policy. Policy is edited and developed at -a Policy Definition Point, outside of normal production -environment. This can be done using the specialized editor embedded -in CFEngine Nova, or it can be done using any text editor of your choice. - -@node Policy information flow, Robustness to failure, Single point of coordination, Architecture Principles -@section Policy information flow - -Edits are made in conjunction with a version control -repository@footnote{CFEngine supports integration with Subversion -through its Mission Portal, but any versioning system can of course be -used.}, which should be used to document the @i{reasons} for changes -to policy@footnote{CFEngine and version control will document @i{what} -the changes are, but what is usually missing from user documentation -is an explanation of the reasonsing behind the change. This is most -valuable when trying to diagnose and debug changes later.}. When a -change has been tested and approved, it will be copied manually to the -policy dispatch point on one or more distribution servers. All other -machines will then download policy updates from that single location according -to their own schedule. - -@sp 1 -@image{arch,15cm,,The front page} -@center Figure: Policy coordinated from a central root location -@center is implemented in a distributed manner at every leaf node. -@sp 1 - -@node Robustness to failure, Distributed execution and federation, Policy information flow, Architecture Principles -@section Robustness to failure - -If an agent receives a policy proposal that is badly formed or in some -way non-executable, it switches to a failover strategy to recover. It will -continue in this mode until a new policy proposal is available that can be -executed. - -The CFEngine agent clones itself to avoid limitations of operating systems -like Windows, where programs and disk files cannot be altered while in use. -When new software updates are available, CFEngine can update itself from -a suitable source, and restart its own services. Should the new version be corrupt, -the twin will still be the old working version, hence the software will be able -to recover as soon as a new valid version is available. - -@node Distributed execution and federation, , Robustness to failure, Architecture Principles -@section Distributed execution and federation - -Each agent runs independently of others, unless it promises to -acquire services from other hosts. Thus all processing capacity and -decision-making computation takes place on the end nodes of the -communication graph. There is no apriori need for agents to collect -data from any source outside themselves, though this is a highly -convenient strategy. CFEngine's use of the network may be called opportunistic. - -Each agent is the ultimate arbiter of whether or not to accept -information from external sources. This makes CFEngine ideal for use -in federated architectures, where attention to local requirements is -paramount for whatever reason. Federation is typically a recommended -strategy when the cost of avoiding local specialization outweighs the -price of having local policy-makers. Universities and large companies -(e.g. formed through acquisition) are typical candidates for federated -management. Federation is facilitated by an essentially `service -oriented architecture'@footnote{NB. CFEngine does not use web services -as part of its technology, so this should not be construed to mean SOA.}, i.e. a weak coupling. - - -@node Security Principles, Communication Security, Architecture Principles, Top -@chapter Security Principles - -@menu -* What is security?:: -* The principles of CFEngine security:: -* Communications:: -@end menu - -@node What is security?, The principles of CFEngine security, Security Principles, Security Principles -@section What is security? -@sp 1 - -The concept of security, while various in its interpretation and -intented use, is related to a feeling of safety. No system is -completely safe from every threat, thus no system can promise complete -security. Security is ultimately defined by a model, an attitude, and -a policy. It involves a set of compromises called a @i{trust model} -that determines where you draw the line in the sand between trusted -and risky. - -@node The principles of CFEngine security, Communications, What is security?, Security Principles -@section The principles of CFEngine security - -CFEngine adheres to the following design principles: - -@enumerate -@item It shall be, by design, impossible to send policy-altering data to -a CFEngine agent. Each host shall retain its right to veto policy suggestions -at all times. This is called the Voluntary Cooperation Model. - -@item CFEngine will support the encyrption of data transmitted over the network. - -@item Each host shall continue to function, as -far as possible, without the need for communication with other hosts. - -@item CFEngine will use a lightweight peer model for key trust (like -the Secure Shell). No centralized certificate authority shall be -used. SSL and TLS shall not be used. - -@item CFEngine shall always provide safe defaults, that grant no access to other -hosts. -@end enumerate - -@node Communications, , The principles of CFEngine security, Security Principles -@section Communications - -CFEngine uses a simple, private protocol that is based on (but not -identical to) that used by OpenSSH (the free version of the Secure -Shel). It is based on mutual, bi-directional challenge-reponse using -an autonomous Public Key Infrastructure. - -@itemize -@item Authentication by Public Key is mandatory. -@item Encryption of data transfer is optional. -@end itemize - -@node Communication Security, , Security Principles, Top -@chapter Communication Security - - -@menu -* TCP wrappers:: -* The connection sequence:: -* Encyption algorithms:: -* Remote communication:: -* Authentication:: -* Security FAQ:: -* CFEngine and Firewalls:: -* Tamperproof data and distributed monitoring:: -@end menu - -@node TCP wrappers, The connection sequence, Communication Security, Communication Security -@section TCP wrappers - -The right to connect to the server is the first line of defence. -CFEngine has built into it the equivalent of the `TCP wrappers' -software to deny non-authorized hosts the ability to connect to the -server at all. - -@node The connection sequence, Encyption algorithms, TCP wrappers, Communication Security -@section The connection sequence - -@enumerate - -@item A client attempts to connect to port 5308 -@item Server examines IP address of connection and applies rules from -@verbatim -allowconnects -allowallconnects -denyconnects -@end verbatim -@item If host is allowed to connect, read max 2048 bytes to look for valid hail - -@item Client sends its hostname, username and public key to server -@item Server checks whether public key is known -@itemize -@item If known, host and user are confirmed, go to access control -@item If unknown, use trustkeysfrom rules to check whether we should accept the client's asserted identity -@end itemize -@item If not in trustkeysfrom list, break connection -@item If willing to trust, go to further checks - -@item If skipverify is set, ignore reverse DNS lookup checks else check asserted identity by reverse DNS lookup -@item If fails break off -@item Check user ID is in allowusers -@item If fails break off -@item Go to file access control - -@item Process admit first then deny -@item Mapping of root privilege on server is governed by @code{maproot}. If this is false, only resources owned by the authenticated user name may be transmitted. -@item If @code{ifencrypted} is set, access is denied to non-encrypted connections. -@item Symbolic links to files are not honoured by the server when computing access. -@item Access control is evaluated by the rules: -@itemize -@item First admit rule that matches wins -@item All other admit rules are ignored -@item No admit rule means you're denied! -@item Then look at deny rules (overrides admit) -@item First deny rule that matches wins -@item All other deny rules are ignored -@item No deny rule means you're admitted -@end itemize -@end enumerate - -@node Encyption algorithms, Remote communication, The connection sequence, Communication Security -@section Encryption algorithms - -CFEngine Community Edition uses RSA 2048 public key encryption for -authentication. These are generated by the @samp{cf-key} command. -It generates a 128 bit random Blowfish encryption key for data -transmission. Challenge response is verified by an MD5 hash. - -Commercial Editions of CFEngine use the same RSA 2048 key for -authentication, and then AES 256 with a 256 bit random key for data -transmission. The latter is validated for FIPS 140-2 government use in -the United States of America. Challenge response is verified by a SHA256 -hash. - - -@node Remote communication, Authentication, Encyption algorithms, Communication Security -@section Remote communication - -The concept of voluntary cooperation used by CFEngine places restrictions -on how files can be copied between hosts. CFEngine allows only `pull' -(download) but not `push' (upload). Users cannot force an agent to -perform an operation against local policy. - -To allow remote copying between two systems each -of the system must explicitly grant access before the operation can -take place. - - - - -@c =========================================================================0 -@node Authentication, Security FAQ, Remote communication, Communication Security -@section Authentication - -Authentication is about making sure users are who they say you -are. Traditionally, there are two approaches: the trusted third -party (arbiter of the truth) approach, and the challenge-response -approach. The Trust Third Party decides whether two individuals who -want to authenticate should trust each other. This is the model used -in the Web. - -The challenge-response approach allows each individual to decide -personally whether to trust the other. This is the approach used by -CFEngine. Its model is based in the Secure Shell (OpenSSH). - - -Two machines authenticate each other in a @i{public key exchange} -process. For key exchange between client and server, the server has to -decide if it will trust the client by using the @code{trustkeysfrom} -directive. The @code{trustkeysfrom} directive allows the server to accept -keys from one or more machines. - -On the client-side the client also has to specify if it will trust key -from the server by using the trustkey directive. The @code{trustkey} -directive in @code{copy_from} allows a client to decide whether to -accept keys from a server. The CFEngine authentication model is based -on the @code{ssh} scheme, however unlike @code{ssh}, CFEngine -authentication is not interactive and the keys are generated by -@code{cf-key} program instead of @samp{ssh key-gen} program. Key -acceptance is accomplished in CFEngine using trust-key method. Once -the keys have been exchange the trust settings are irrelevant. - - -@node Security FAQ, CFEngine and Firewalls, Authentication, Communication Security -@section Security FAQ - - -@itemize @bullet -@item @i{ Doesn't opening a port on a machine on the inside of the firewall make -it vulnerable to both Denial of Service and buffer overflow attacks?} - -Buffer overflow attacks are extremely unlikely in CFEngine by -design. The likelihood of a bug in CFEngine should be compared to the -likelihood of a bug existing in the firewall itself. - -Denial of Service attacks can be mitigated by careful -configuration. @code{cf-serverd} reads a fixed number of bytes from the -input stream before deciding whether to drop a connection from a -remote host, so it is not possible to buffer overflow attack before -rejection of an invalid host IP. - -Another possibility is to use a standard VPN to the inside of the -firewall. That way one is concerned first and foremost with the -vulnerabilities of the VPN software. - -@item @i{Doesn't opening the firewall -compromise the integrity of the policy information by allowing an -attacker the chance to alter it?} - -The CFEngine security model, as well -as the design of the server, disallows the uploading of -information. No message sent over the CFEngine channel can alter data -on the server. (This assumes that buffer overflows are impossible.) - -@item @i{Couldn't an IP spoofer gain access to data from the policy -server that it should not be able to access?} - -Assuming that buffer overflow attacks and DOS attacks are highly -improbable, the main worry with opening a port is that intruders will -be able to gain access to unauthorized data. If the firewall is -configured to open only connections from the policy mirror, then an -attacker must spoof the IP of the policy attacker. This requires -access to another host in the DMZ and is non-trivial. However, suppose -the attacker succeeds then the worst he/she can do is to download -information that is available to the policy-mirror. But that -information is already available in the DMZ since the data have been -exported as part of the policy, thus there is no breach of -security. (Security must be understood to be a breach of the terms of -policy that has been decided.) - -@item @i{ What happens if the policy mirror is invaded by an attacker?} - -If an attacker gains root access to the mirror, he/she will be able to -affect the policy distributed to any host. The -policy-mirror has no access to alter any information on the policy -source host. Note that this is consistent with the firewall security -model of trusted/untrusted regions. The firewall does not mitigate the -responsibility of security every host in a network regardless of which -side of the firewall it is connected. -@end itemize - - -@c ---------------------------------------------------- -@menu -* CFEngine and Firewalls:: -@end menu - -@node CFEngine and Firewalls, Tamperproof data and distributed monitoring, Security FAQ, Communication Security -@section CFEngine and Firewalls - - -Some users want to use CFEngine's remote copying mechanism through a -firewall, in particular to update the CFEngine policy on hosts inside -a DMZ (so-called de-militarized zone). In making a risk assessment, it -is important to see the firewall security model together with the -CFEngine security model. CFEngine's security record is better than -most firewalls, but Firewalls are nearly always trusted because they -are `security products'. - -Any piece of software that traverses a firewall can, in principle, -weaken the security of the barrier. On the other hand, a strong piece -or software might have better security than the firewall -itself. Consider the example in the figure; - -@image{firewall,10cm,,A CFEngine host outside a firewall,png} - - -We label the regions inside and outside of the firewall as the ``secure -area" and ``Demilitarized Zone" for convenience. It should be -understood that the areas inside a firewall is not necessarily secure -in any sense of the word unless the firewall configuration is -understood together with all other security measures. - -Our problem is to copy files from the ``secure'' source machine to hosts -in the DMZ, in order to send them their configuration policy -updates. There are two ways of getting files through the firewall: - -@itemize @bullet -@item An automated CFEngine solution, i.e., pull from outside to inside the secure area. -@item A manual push to the outside of the wall from the inside. -@end itemize - -One of the -main aims of a firewall is to prevent hosts outside the secure area -from opening connections to hosts in the secure area. If we want -@code{cfagent} processes on the outside of the firewall to receive updated policies -from the inside of the firewall, information has to traverse the -firewall. - -@c ------------------------------ -@menu -* CFEngine trust model:: -* Policy Mirror in the DMZ:: -* Pulling through a wormhole:: -@end menu - - - - -@node CFEngine trust model, Policy Mirror in the DMZ, CFEngine and Firewalls, CFEngine and Firewalls -@subsection CFEngine trust model - -CFEngine's trust model is fundamentally at odds with the external -firewall concept. CFEngine says: ``I am my own boss. I don't trust -anyone to push me data.'' The firewall says: ``I only trust things -that are behind me.'' The firewall thinks it is being secure if it -pushes data from behind itself to the DMZ. CFEngine thinks it is being -secure if it makes the decision to pull the data autonomously, without -any orders from some potentially unknown machine. One of these -mechanisms has to give if firewalls are to co-exist with CFEngine. - - -From the firewall's viewpoint, push and pull are different: a push -requires only an outgoing connection from a trusted source to an -untrusted destination; a pull necessarily requires an untrusted -connection being opened to a trusted server within the secure area. -For some firewall administrators, the latter is simply unacceptable -(because they are conditioned to trust their firewall). But it is -important to evaluate the actual risk. We have a few observations -about the latter to offer at this point: - -@itemize @bullet -@item It is not the aim of this note to advocate any one method of -update. You must decide for yourself. The aim here is only to evaluate -the security implications. Exporting data from the secure area to the -DMZ automatically downgrades the privacy of the information. - -@item The CFEngine security model assumes that the security of every host -will be taken seriously. A firewall should never be used as a -substitute for host security. - -@item Knowing about CFEngine but not your firewall or your secure network, it is only possible -to say here that it seems, to us, safe to open a hole in a firewall to -download data from a host of our choice, but we would not accept data -from just any host on your company network on trust. It would be -ludicrous to suggest that an arbitrary employee's machine is more -secure than an inaccessible host in the DMZ. -@end itemize - -@c ---------------------------------------- -@node Policy Mirror in the DMZ, Pulling through a wormhole, CFEngine trust model, CFEngine and Firewalls -@subsection Policy Mirror in the DMZ - -By creating a policy mirror in the DMZ, these issues can be worked around. This is -the recommended way to copy files, so that normal CFEngine pull -methods can then be used by all other hosts in the DMZ, using the -mirror as their source. The policy mirror host should be as secure as -possible, with preferably few or no other services running that might -allow an attacker to compromise it. In this configuration, you are -using the mirror host as an envoi of the secure region in the DMZ. - -Any method of pushing a new version of policy can be chosen in -principle: CVS, FTP, RSYNC, SCP. The security disadvantage of the push -method is that it opens a port on the policy-mirror, and therefore the -same vulnerability is now present on the mirror, except that now you -have to trust the security of another piece of software too. Since -this is not a CFEngine port, no guarantees can be made about what -access attackers will get to the mirror host. - -@c ---------------------------------------- -@node Pulling through a wormhole, , Policy Mirror in the DMZ, CFEngine and Firewalls -@subsection Pulling through a wormhole - -Suppose you are allowed to open a hole in your firewall to a single -policy host on the inside. To distribute files to hosts that are -outside the firewall it is only necessary to open a single tunnel -through the firewall from the policy-mirror to the CFEngine service -port on the source machine. Connections from any other host will still -be denied by the firewall. This minimizes the risk of any problems -caused by attackers. - -To open a tunnel through the firewall, you need to alter -the filter rules. A firewall blocks access at the network -level. Configuring the opening of a single port is -straightforward. We present some sample rules below, but make sure -you seek the guidance of an expert if necessary. - -Cisco IOS rules look like this -@smallexample -ip access-group 100 in -access-list 100 permit tcp mirror host source eq 5308 -access-list 100 deny ip any any -@end smallexample -Linux @code{iptables} rules might look something like this: -@smallexample -iptables -N newchain -iptables -A newchain -p tcp -s mirror-ip 5308 -j ACCEPT -iptables -A newchain -j DENY -@end smallexample - -Once a new copy of the policy is downloaded by CFEngine to the policy -mirror, other clients in the DMZ can download that copy from the -mirror. The security of other hosts in the DMZ is dependent on the -security of the policy mirror. - - - -@node Tamperproof data and distributed monitoring, , CFEngine and Firewalls, Communication Security -@section Tamperproof data and distributed monitoring - -Message digests are supposed to be unbreakable, tamperproof -technologies, but of course everything can be broken by a sufficiently -determined attacker. Suppose someone wanted to edit a file and alter -the CFEngine checksum database to cover their tracks. If they had -broken into your system, this is potentially easy to do. How can we -detect whether this has happened or not? - -A simple solution to this problem is to use another checksum-based -operation to copy the database to a completely different host. By using -a copy operation based on a checksum value, we can also remotely detect -a change in the checksum database itself. - -Consider the following code: - -@verbatim - -bundle agent change_management -{ -vars: - - "watch_files" slist => { - "/etc/passwd", - "/etc/shadow", - "/etc/group", - "/etc/services" - }; - - "neighbours" slist => peers("/var/cfengine/inputs/hostlist","#.*",4), - comment => "Partition the network into groups"; - -files: - - "$(watch_files)" - - comment => "Change detection on the above", - changes => detect_diff_content; - - ####################################################################### - # Redundant cross monitoring ....................................... - ####################################################################### - - "$(sys.workdir)/nw/$(neighbours)_checksum_digests.db" - - comment => "Watching our peers remote hash tables for changes - cross check", - copy_from => remote_cp("$(sys.workdir)/checksum_digests.db","$(neighbours)"), - depends_on => { "grant_hash_tables" }, - action => neighbourwatch("File changes observed on $(neighbours)"); - -@end verbatim - - -It works by building a list of neighbours for each host. The function -@code{peers} can be used for this. Using a file which contains a list -of all hosts running CFEngine, we create a list of hosts to copy -databases . Each host in the network therefore takes on the -responsibility to watch over its neighbours. - -In theory, all four neighbours should signal this change. If an -attacker had detailed knowledge of the system, he or she might be able -to subvert one or two of these before the change was detected, but it -is unlikely that all four could be covered up. At any rate, this -approach maximizes the chances of change detection. - -Consider what happens if an attacker changes a file an -edits the checksum database. Each of the four hosts that has been -designated a neighbour will attempt to update their own copy of the -database. If the database has been tampered with, they will detect a -change in the checksums of the remote copy versus the -original. The file will therefore be copied. - -It is not a big problem that others have a copy of your checksum -database.  They cannot see the contents of your files from this.  A -possibly greater problem is that this configuration will unleash an -avalanche of messages if a change is detected. This makes messages -visible at least. - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/SpecialTopic_Teamwork.texinfo b/docs/guides/SpecialTopic_Teamwork.texinfo deleted file mode 100644 index 385a934237..0000000000 --- a/docs/guides/SpecialTopic_Teamwork.texinfo +++ /dev/null @@ -1,277 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-teams.info -@settitle Teamwork -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Teams and Delegation -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -Team work is a collaboration between individuals with different -skills. It is key element in decentralized organization -- both for -humans and computers. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2009 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, What is team-work?, (dir), (dir) -@top Teams -@menu -* What is team-work?:: -* Creative roles:: -* Delegating roles in a collaboration:: -@end menu -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What is team-work?, Creative roles, Top, Top -@unnumberedsec What is team-work? -@sp 1 - -Team work is a collaboration between individuals with different -skills. It is key element in decentralized organization -- both for -humans and computers. - -Teams exist for efficiency (divide and conquer by skill) and also -because because humans need continual motivation and emotional support -which sustains work-flow and adds creativity to work. - -The team-aspect of management is often overlooked in favour of -top-down hierarchical design (do what the boss tells you). CFEngine -does not force us into hierarchical systems however; -the team analogy is more appropriate for CFEngine's -model of voluntary cooperation. - -@image{hierarchy,12cm,,Hierarchy has long traditions but modern thinking favours teams.,png} - -IT management is complex, so it makes sense to delegate -responsibility for different issues. An organization will generally -consist of many groups and teams already, each with their own special -needs and each craving its own autonomy. CFEngine and promise theory -were designed for precisely this kind of environment. CFEngine allows -cooperation and sharing without allowing central managers to ride -roughshod over local needs. - -Teams thrive by discussion and interaction within the framework of a -policy or vision, allowing variation and arriving at a consensus when -necessary. Success in a team depends on a combination of abilities -working together not undermining one another. Conflicts in the -promises made by team members reveal design problems in the group. An -analysis of promises (CFEngine's model of collaboration) is a -significant tool for understanding and enabling teams. - -@sp 1 -@cartouche -Team work and policy design for inter-host cooperation are closely -related. Use promises as a tool to explain to the individuals in a team -which individual is responsible for what role, and to what extent. -@end cartouche -@sp 1 - -@node Creative roles, Delegating roles in a collaboration, What is team-work?, Top -@unnumberedsec Creative roles -@sp 1 - -M. Belbin, a researcher in teamwork has identified nine abilities or -roles (kinds of promise) to be played in a team collaboration (regardless -of how many people there are in the team): - -@enumerate -@item Plant -- a creative ``ideas'' person who solves problems. - -@item Shaper -- this is a dynamic member of the team who thrives on -pressure and has the drive and courage to overcome obstacles. - -@item Specialist -- someone who brings specialist knowledge to the group. - -@item Implementer -- a practical thinker who is rooted in reality and can turn ideas into -practice (who sometimes frustrates more imaginative high flying -visionaries). - - -@item Resource Investigator -- an enabler, or someone who knows where to -find the help the team needs regardless of whether the help is -physical, financial or human. This person is good at networking. - - -@item Chairman/Co-ordinator -- an arbitrator who makes sure that -everyone gets their say and can contribute. - -@item Monitor-Evaluator -- is a dispassionate, discerning member who can -judge progress and achievement accurately during the process. - - -@item Team Worker -- someone concerned with the team's inter-personal -relationships and who is sensitive to the atmosphere of the group. - - - -@item Completer/Finisher -- someone critical and analytical who looks after the details of -presentation and spots potential flaws and gaps. The completer is -a quality control person. -@end enumerate - -His model leaves little room for technical workflow arguments. It is -entirely concerned with the creative process. This is probably -significant. We should ask ourselves: how can we use the freedom to -organize into specialized teams to maximize human creativity, while -passing hard work over to machines. Solving this problem is what -CFEngine is about. - - -@node Delegating roles in a collaboration, , Creative roles, Top -@unnumberedsec Delegating roles in a collaboration -@sp 1 - -We need to delegate responsiblity to divide and conquer a problem, both when -designing policy for computers and when making work schedules for humans. But how -can we be certain different parties will not interfere with one -anothers' responsibilities? The bottom line is that we cannot be certain -without oversight and coordination. - -Promise theory shows that coordination needs a single -point of coordination to be the arbiter of correctness in any collaborative -process: a so-called `checkpoint' or `team leader', like passport -control at an airport. This checkpoint has to examine each -contribution to the team and look for conflicts. - -For humans, this might be a matter of communication by meeting. CFEngine, -on the other hand, has no built-in meta-access control mechanism which -can decide who may write policy rules. To create such a mechanism, -there would have to be a monitor which could identify users, and an -authority mechanism that would disallow certain users to write rules -of certain types about certain objects on certain hosts. - -CFEngine Community Edition has @code{roles} promises, which offer a -partial solution, but it does not address the core issue which is that -collaboration in change requires freedom to act, not restriction. -Delegation therefore requires trust. CFEngine Nova/Enterprise -has `hubs' which can be coordinate large numbers of -hosts. Coordination can also be pre-arranged as policy, so that -everyone has their own copy of the script. This is how an orchestra -scales, for instance. - -To keep matters as simple as possible, CFEngine avoids this kind of -technical coordination as much as possible and proposes a different -approach, using policy along with a social contract between -the collaborating teams. Promise theory allows us to model the collaborative security -implications of this (see the figure of the bow-tie structure). A -simple method of delegating is the following. - -@enumerate -@item Delegate responsibility for different issues to admin teams 1,2,3, etc. -@item Make each of these teams responsible for version control of their own -configuration rules. -@item Make an intermediate agent responsible for collating and vetting the rules, checking for -irregularities and conflicts. This agent must promise to disallow rules by -one team that are the responsibility of another team. The agent could be a -layer of software, but a cheaper and more manageable solution is the make this -another group of one or more humans. - -@item Make the resulting collated configuration version controlled. Publish -approved promises for all hosts to download from a trusted source. - - -@end enumerate - -A review procedure for policy-promises is a good solution if you want -to delegate responsibility for different parts of a policy to -different sources. Human judgement as the `arbiter' is irreplaceable, -but tools can be added to make conflicts easier to detect. - -Promise theory underlines that, if a host or computing device accepts -policy from any source, then it is alone and entirely responsible for -this decision. The ultimate responsibility for the published version -policy is the vetting agent. This creates a shallow hierarchy, but -there is no reason why this formal body could not be comprised of -representatives from the multiple teams. - -The figure below shows how a number of policy authoring teams can work together -safely and securely to write the policy for a number of hosts, by vetting through -a checkpoint, in a classic `bow-tie' formation. - -@image{delegate,15cm,,Delegation of responsibility requires vetting access,png} - - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Virtualization.texinfo b/docs/guides/SpecialTopic_Virtualization.texinfo deleted file mode 100644 index 1b7528ad4b..0000000000 --- a/docs/guides/SpecialTopic_Virtualization.texinfo +++ /dev/null @@ -1,525 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-virt.info -@settitle Virtualization and Cloud Support in CFEngine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Virtualization and Cloud Support in CFEngine -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine Nova integrates simply with existing frameworks for -virtualization and cloud computing, allowing you to apply convergent -`self-healing' methods to the deployment and management of virtual -machines running anywhere. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - - -@node Top, What are virtualization and cloud computing?, (dir), (dir) -@top Virtualization - -@ifnottex -@menu -* What are virtualization and cloud computing?:: -* Why build virtualization support into CFEngine?:: -* What can CFEngine do with virtual machines?:: -* Guest environments promises:: -* Virtualization types supported:: -* Distinct states:: -* Example deployment:: -* Virtualized host examples:: -* Virtual network example:: -@end menu - -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@node What are virtualization and cloud computing?, Why build virtualization support into CFEngine?, Top, Top -@unnumberedsec What are virtualization and cloud computing? -@sp 1 - -Virtualization refers to the ability to run multiple host instances on -a single physical node. Cloud computing typically refers to what is -called `platform as a service', or deployment of virtual machines on -demand, often as an online service. - -In this document, virtualization support refers specifically to -hypervisor technologies supported by the open source library layer @i{libvirt} -project, which includes interfaces for Xen, KVM, Vmware-ESX, and more. -CFEngine thus integrates freely with other tools based on this library, such -as @i{virsh} and the @i{Virtual Manager} graphical user interface. - - -@node Why build virtualization support into CFEngine?, What can CFEngine do with virtual machines?, What are virtualization and cloud computing?, Top -@unnumberedsec Why build virtualization support into CFEngine? -@sp 1 - -Virtualization engines (usually called supervisors or hypervisors) are -seeing an explosion of development. They exist as a number of projects -in various stages of maturity. The libvirt project was designed as -an integration layer based on an XML specification. - -The tools for management are still quite primitive and require much -manual work. CFEngine has a unique role to play in maintaining desired -state in virtual machine systems. - -In the cloud, virtual machines may be rented from remote commercial -providers, and managed as disposable resources. Convergent or -`self-healing' maintenance is an essential method for managing -machines that are geographically remote and awkward to access, e.g. -machines in other time-zones that it is impractical to monitor by -legacy methods. - - -@node What can CFEngine do with virtual machines?, Guest environments promises, Why build virtualization support into CFEngine?, Top -@unnumberedsec What can CFEngine do with virtual machines? -@sp 1 - -The simple answer is: anything that @i{libvirt} can do, with added -convergence to a desired state: that means, creating, destroying and -starting and stopping machines. By starting virtual machines through -CFEngine, you can be sure that a given `virtual guest' is running on -one and only one physical host, thus avoiding conflicts that are -difficult to detect with centralized systems. - -CFEngine does not support everything that libvirt does -- it offers a -simplified interface that is meant for robustness, stability and -hands-free repeatability. - -@sp 1 -@cartouche -CFEngine does not use libvirt's TLS based web communication layer. It -manages every host as an independent entity, in typical CFEngine -fashion, using CFEngine's own distributed cooperation to provide thje -implicit communication. CFEngine does not currently support so-called -`live migration' of virtual machines. -@end cartouche -@sp 1 - -@node Guest environments promises, Virtualization types supported, What can CFEngine do with virtual machines?, Top -@unnumberedsec Guest environments promises -@sp 1 - -A virtual machine is one example of what CFEngine calls an -`guest_environment'. You can promise to create (and host) an guest environment -with certain attributes, just as you can promise to host a file or a -process. Here is a simple example: - -@verbatim -body common control -{ -bundlesequence => { "my_vm_cloud" }; -} - -####################################################### - -bundle agent my_vm_cloud -{ -guest_environments: - - "myUbuntu" # the running instance name, defined in XML - - environment_resources => virt_xml, - environment_type => "xen", - environment_host => "my_physical_computer", # ipv4_10_1_2_3 - environment_state => "create"; -} - -####################################################### - -body environment_resources virt_xml -{ -env_spec_file => "/srv/xen/centos5-libvirt-create.xml"; -} - -@end verbatim - -@itemize -@item The promiser (in this case @samp{myUbuntu}) is the name of the virtual -machine. This should be a unique identifier, as we need to be able to -refer to machines uniquely. - -@item The guest environment host is the name of the computer that -is the host for the virtual machine. - -@item Normally when we want to ensure something on a machine, we use classes -to decide where the promise will be made. For guest environments, however, -we need to make promises about the uniqueness of the machine. When you -make a machine instance you normally want it to be running on one and -only one host. So you want @i{every} machine to make a promise. On the -guest environment's host, you want to promise that the guest environment is -running, and on every other machine you want to promise that it is -not. In CFEngine, you simply include a unique class belonging to host -in the promise using @code{environment_host} and CFEngine assumes that -rest. Unique classes might include -@itemize -@item Hostname class e.g. @code{myhost_CFEngine_com} -@item IP address class e.g. @code{ipv4_123_456_789_123} -@end itemize -@end itemize - -An alternative way to write this example is to quote the XML -specification in CFEngine directly. This has a few advantages: you can -re-use the data and use it as a template, filling in -CFEngine-variables. You can thus adapt the configuration using -CFEngine's classes. - -@page -@verbatim -bundle agent my_vm_cloud -{ -guest_environments: - - "myUbuntu" # the running instance name, defined in XML - environment_resources => virt_xml("$(this.promiser)"), - environment_type => "xen", - environment_host => "myphysicalcomputer"; - environment_state => "create" -} - -####################################################### - -body environment_resources virt_xml(host) -{ -env_spec_file => - -" - $(host) - - linux - /var/lib/xen/install/vmlinuz-ubuntu10.4-x86_64 - /var/lib/xen/install/initrd-vmlinuz-ubuntu10.4-x86_64 - kickstart=http://example.com/myguest.ks - - 131072 - 1 - - - - - - - - - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Vision.texinfo b/docs/guides/SpecialTopic_Vision.texinfo deleted file mode 100644 index 9bb5e56faf..0000000000 --- a/docs/guides/SpecialTopic_Vision.texinfo +++ /dev/null @@ -1,273 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-vision.info -@settitle Vision -@setchapternewpage odd -@c %** end of header - -@titlepage -@title The Vision -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -This is an internal note that intends to provide a quick summary of CFEngine -concepts. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2010 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Iteration: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top -@top Federation - - -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@menu -* What is the vision:: -* From goals to promises:: -* The Primacy of Knowledge:: -* Use of patterns:: -* Virtualization:: -* Scalability:: -@end menu - -@node What is the vision -@unnumberedsec What is the vision? - -The CFEngine vision is a set of dreams, goals and principles that guide -us in the development of the software. -A separate vision statement exists for the company. - -Slogan: -`Assured infrastructure, connecting the dots between Business and IT.' - -@node From goals to promises -@unnumberedsec From goals to promises - -Everything we do at CFEngine follows the promise model. Promises offer a -consistent language for expressing desired state, compliance, agreements, services, and -practically anything else. It is a language that focuses on knowledge and assurance. -Promises also provide a measuring stick against which to measure or assess systems. -Promises-kept is a simple nmeasure of compliance. - -@cartouche -CFEngine's attention to knowledge and assurance aims to connect the -dots between your business goals and a set of verifiable promises. -@end cartouche - -Note: the term `knowledge' should not be overused when talking to clients, -as they find the term scary. We should look for better alternatives. - - -@node The Primacy of Knowledge -@unnumberedsec The Primacy of Knowledge - -CFEngine began as a tool for @i{assuring} a system state or -configuration. Assurance is about wanting to @i{know}. Users want to -know that state of the system is okay, that the system has certain -properties that we have decided comply with policy. - -For the past 15 years, we have been concerned with the mechanics of -how to ensure this desired state, but now CFEngine has solved this -problem for most important cases, and we are turning to the issue -of @i{knowledge retention} and @i{system comprehension}. - -@cartouche -Scalability is limited not only by machine resources but by our comprehension. -If we can't understand a system, then it is not under control. -@end cartouche - - -@node Use of patterns -@unnumberedsec Use of Patterns - -Patterns are the essence of @i{information compression} and @i{comprehension}. - -@itemize -@item We typically think we understand something when we see how it falls into a pattern. - -@item If we have a pattern, we don't need a list of instances. Replacing instances with a -shorter pattern is what data-compression is about. Patterns are therefore `cheap'. - -@item Every pattern is based on a model of the possible instances, so it is about -`model-based' or `policy-based' management. -@end itemize - -The complexities of a real environments throw up many instances. Sometimes -it can seem that there are more exceptions than general cases. Many vendors -try to simply by over-simplifying -- discouraging specialization. -Alvin Toffler wrote about this the latre 1960s, in connection with industrialization -and automation. He opposed the view that automation would lead to mass production -of identical instances (like the people in Chinese Communism): - -@cartouche -`As technology becomes more sophisticated, the cost of introducing variations -declines' (Alvin Toffler, Future Shock) -@end cartouche - -@noindent i.e. Automation implies more variety, not less. -This is because we can deal with special cases more cheaply by exploiting the -generalities first. Most of the information can be made general, and special cases -just require us to model @i{context}. - -CFEngine models context using `classes' (not Object Oriented classes, but -`classifications' of the environment in the manner of an ontology/taxonomy of -state). This is knowledge management. -Most vendors only know how to do this in a procedural, imperative of `scripted' -approach. They re-image or `baseline' systems so that they have a known -context, and the rebuild delta-changes from that. CFEngine does not need to -do this, because it starts with a model of the end-state, not the start-state. - -An example that we have used to good effect is the simplest pattern: a list. -Most system administrators a familar with ACLs (Access Control Lists). -We can turn many configuration issues into two lists: - -@itemize -@item What we want. -@item What we don't want. -@item Everything else we don't care about (tolerated variation) -@end itemize - - -@node Virtualization -@unnumberedsec Virtualization - -Virtualization is a way of using patterns to replace many cases with a single -interface. It is about hiding ugly reality behind a more congenial user experience, -so it is a recognizable `pattern'. - -The IT industry will soon close the loop on computing. IBM began with its mainframe computers, -designed to scale for business needs by providing extra capacity on demand. It's -virtualization allowed multiple customers to run in segregated environments. -The past 40 years have been an effort to escape from a mainframe architecture to -a commodity version that can scale in the same way, with the same assurances. - -Tomorrow's operating system will be more seamless, a virtual interface to -an underlying diversity of devices. - -CFEngine has been about virtualization from the beginning -- hiding the differences -between underlying operating systems - - -@node Scalability -@unnumberedsec Scalability - -Scalability refers to the capacity for a system to grow in size -without losing functional efficiency. Specifically it describes the -ability of a system to deal with increasing volume of input, and the -efficiency with which it produces output. The implication is that it -should be cheap to increase the volume of processing, but design -issues such as bottlenecks usually intervene. There are two approaches -for scaling: - -@itemize -@item Increases rate of processing (throughput) of each part of the system (especially its weakest links). -@item Increase the parallelism in the system (non redundant processing). -@end itemize - -System administrators tend to see limitations only in technology. However, humans -are often the weakest link. -Scalability requires: - -@itemize -@item The ability to comprehend the system as it grows (human): - -@itemize -@item Promised properties and behaviours (Functions) -@item The ability to perceive the actual properties and behaviours (visualize) -@itemize - -@item The ability to grow system processing (automation). -@end itemize -Most technologies have no strategy for helping humans to comprehend. -Menu-based systems try to simplify by taking away control from the -user, but this only leads to distrust and frustration for experts. - -CFEngine's model does not take away control, but manages the amount -of information that an end user has to deal with, by using design-patterns -and automated analysis to reduce the cost for the end user. - -@itemize -@item Policy editor with syntax aware interface (for extensible language input) -@item Content-driven policies (fixed spreadsheet approach to input) -@item Knowledge Map (for browsing policy and documentation) -@item Monitoring interface and reporting engine (for browsing system state) -@end itemize - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/SpecialTopic_Windows.texinfo b/docs/guides/SpecialTopic_Windows.texinfo deleted file mode 100644 index 02d547672f..0000000000 --- a/docs/guides/SpecialTopic_Windows.texinfo +++ /dev/null @@ -1,565 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename st-windows.info -@settitle Windows Management with CFEngine Enterprise -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Windows Management with CFEngine Enterprise -@subtitle A CFEngine Special Topics Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -CFEngine Enterprise is a cross-platform and versatile tool that unifies the -desired state management on all major operating systems. - -However, some operating systems are designed fundamentally different -than others, requiring special CFEngine language features when being -described. In this document, we highlight the CFE Enterprise extensions provided -to the Windows platform. - -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2012 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, , (dir), (dir) -@top Windows Managment with CFEngine Enterprise -@end ifnottex - -@iftex -@contents -@end iftex - -@menu -* System requirements:: -* Installation:: -* Testing policies locally:: -* Windows registry management:: -* Windows service management:: -* File and folder permissions:: -* Windows-aware features in CFE Enterprise:: -* Windows special variables:: -* Windows hard classes:: -* Notes on windows policies:: -@end menu - -@c @ifhtml -@c @html -@c

COMPLETE TABLE OF CONTENTS

 -@c

Summary of contents

-@c end html -@c @end ifhtml - - - -@c acls - -@c registry - -@c Event log - -@c policy sharing with Unix - bundles at least. - -@node System requirements, Installation, Top, Top -@unnumberedsec System requirements -@sp 1 - -CFEngine Enterprise, being so lightweight, works equally well on Windows -clients as on Windows servers. Both native 32-bit/x86 (package name -@code{i686}) and 64-bit/x64 (package name @code{x86_64}) packages are -available to customers. It is important that you select the -@code{x86_64} package if you are running 64-bit Windows. - -Of Windows client operating systems, anything from Windows XP SP2 and -newer is supported. On the server side, Windows Server 2003 and newer -is supported. - -CFEngine Enterprise communicates bi-directionally on port @code{5308}, so -make sure that this port is open for outgoing and incoming @code{TCP} -connections. - -All software dependencies are bundled with the CFEngine Enterprise -package. The total disk consumption is about 70 @code{MB}, and the -memory usage is less than 30 @code{MB}. - -@node Installation, Testing policies locally, System requirements, Top -@unnumberedsec Installation -@sp 1 - -The installation and set-up procedure on Windows is not different than -that for other operating systems CFE Enterprise runs on, so the CFE Enterprise getting -started document available at @url{http://software.cfengine.com} -applies to the Windows version as well. - -The Windows @code{msi}-packages will get silently installed (no -prompts) to @code{Cfengine} under your program files directory -(e.g. @code{C:\Program Files\Cfengine} on English Windows -versions). It is important that the installer is run with -Administrative priviliges. To ensure this, open a @code{Command -Prompt} in Administrative mode and run @samp{msiexec -i -cfengine-nova-VERSION-ARCH.msi} (replace @code{VERSION} and -@code{ARCH} appropriately). - -If you are just going to test your policies on a Windows host, it is -more efficient to not bootstrap to a policy server, but run the -policies locally just after you create them. You can install the license -with the @code{cf-key -l} command -- you will need to copy over the -licensed public key as advised by @code{cf-key -l}.@footnote{Avaliable -in CFEngine Enterprise 3.0 and beyond. Run @code{cf-key -l -C:\path\to\license.dat} and follow the instructions.} - -Eventually, when you are done testing and want to bootstrap a Windows -host to a policy server, please run the following command (against a -Linux-based policy server, as advised in the CFE Enterprise getting -started document). If we assume the policy server's IP address is -'123.456.789.123', you need to run the following command to bootstrap -the Windows host. - -@verbatim - C:\Program Files\Cfengine\bin\cf-agent.exe --bootstrap 123.456.789.123 -@end verbatim - - -@node Testing policies locally, Windows registry management, Installation, Top -@unnumberedsec Testing policies locally - -Create a new text file @code{Cfengine\inputs\promises.cf} and input -the following text using your favourite text editor. - -@verbatim -body common control -{ -bundlesequence => { "test" }; -inputs => { "cfengine_stdlib.cf" }; -} - -bundle agent test -{ -reports: -windows:: - "Hello, Windows!"; -} -@end verbatim - -Now, go to your terminal (e.g. Command Prompt) and navigate to -@code{Cfengine\bin} under program files. Run @code{cf-promises.exe}. It -should generate no output, which indicates correct syntax and license. - -To execute the policy, run @code{cf-agent.exe -K}. You should see the -following output. - -@center @image{winhello,8cm,, Windows output,png} - -We now have a basic skeleton policy that we can test our Windows -promises with. These can later be integrated at the policy hub to -ensure that they are run on all Windows systems. We will assume this -general skeleton for the rest of this document, modifying the contents -of the @code{test} bundle only. - - -@node Windows registry management, Windows service management, Testing policies locally, Top -@unnumberedsec Windows registry management - -CFEngine Enterprise supports fine-grained management of the Windows -registry. These promises are encapsulated under the @code{databases:} -promise type. - - -@unnumberedsubsec Creating values - -Let us modify our skeleton bundle to contain the following. - -@verbatim -... -bundle agent test -{ -databases: - - "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security" - - database_operation => "create", - database_rows => { "MaxSize,REG_DWORD,84017152", "Retention,REG_DWORD,0"}, - database_type => "ms_registry", - comment => "Ensure eventlog size is in accordance with standards"; -} -@end verbatim - -Now, we again run @code{cf-promises.exe} to ensure the syntax is -correct, followed by @code{cf-agent.exe -KI}. Note that we added the -@code{-I} option which tells @code{cf-agent.exe} to notify us on the -existing state of the system and any actions done to ensure the -desired state. The output should look like the following. - -@center @image{winreg-create,13cm,,Windows registry create output,png} - -When we run @code{cf-agent.exe} twice, the second run will do nothing -because the first run has already corrected the value. This is -convergence --- CFEngine is ensuring the desired state. - - -@unnumberedsubsec Removing values - -In order to remove values instead, we just need to adjust the policy -slightly, resulting in the following bundle. - -@verbatim -... -bundle agent test -{ -databases: - - "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security" - - database_operation => "delete", - database_columns => { "value1", "value2"}, - database_type => "ms_registry", - comment => "Remove stray values generated by an application"; -} -@end verbatim - -Now, if you create @samp{value1} and @samp{value2} in the key above, -@code{cf-agent.exe} should show the following output. - -@center @image{winreg-delete,13cm,,Windows registry delete output,png} - - -At the time of writing, CFE Enterprise supports the @code{REG_DWORD} (double -word), @code{REG_SZ} (string) and @code{REG_EXPAND_SZ} (expandable -string) data types, as given in the middle field of the -@code{database_rows} list elements. See the -@uref{http://cfengine.com/manuals/cf3-Reference.html#database_005frows-in-databases,CFEngine -reference manual} for an updated list of supported data types. - -Also note the @code{registryvalue()} function which can be used to -read out value data from the registry and act upon it. Examples of its -use are also available in the -@uref{http://cfengine.com/manuals/cf3-Reference.html#Function-registryvalue,CFEngine -reference manual}. - - -@node Windows service management, File and folder permissions, Windows registry management, Top -@unnumberedsec Windows service management - -CFEngine Enterprise can maintain complete control of the state of all -Windows services. For example, services prone to security issues or -errors can easily be given a disabled state. - -@center @image{winservice-disabled_policy,8cm,,Disabled Windows service,png} - -A service can also be given a running state, in which case CFEngine -Enterprise ensures that it is running, and starts it if it is not, with -parameters if desired. More advanced policy options are also -available, including support for starting and stopping dependencies, -and configuring when the services should be started (e.g. only when -they are being used). - -Note that the name of a service in Windows may be different from its -``Display name''. CFEngine Enterprise policies use the name, not the display -name, due to the need of uniqueness. - -@center @image{winservice-properties_name,7cm,,Windows service name and Display name,png} - -A complete example of a service management bundle is show below. - -@verbatim -... -bundle agent test -{ -services: - -windows:: - "W32Time" - service_policy => "start", - service_method => bootstart, - comment => "Ensure important services are running and starting at boot"; - -Windows_Server_2008:: - "RemoteRegistry" - service_policy => "disable", - service_method => force_deps, - comment => "Disable services that create security issues"; - -} -@end verbatim - -This example ensures that the Windows Time service is running on all -Windows hosts, and that Remote registry is disabled on all Windows -2008 servers. - - -@node File and folder permissions, Windows-aware features in CFE Enterprise, Windows service management, Top -@unnumberedsec File and folder permissions - -CFEngine Enterprise can ensure the permissions or Access Control Lists -(@code{ACLs}) of your Windows systems are correctly set. Windows -@code{ACLs} are a complex topic by itself, with support for more than -ten different permission bits and inheritance. CFE Enterprise supports all of -this, but we will just cover the basics in this document. - -The following policy will ensure strict permissions on a directory -@samp{C:\Secret} and a file @samp{C:\Secret\file.txt}. - -@verbatim -... - -bundle agent test -{ -vars: - "acl_secret_dir" slist => { "user:Administrator:rwx:allow", - "group:Administrators:rx:allow" }; - "acl_secret_file" slist => { "user:Administrator:rw:allow" }; - -files: - -windows:: - "C:\Secret", - acl => ntfs( "@(acl_secret_dir)" ), - depth_search => include_base, - perms => owner( "Administrator" ); - - "C:\Secret\file.txt", - acl => ntfs( "@(acl_secret_file)" ), - perms => owner( "Administrator" ); -} -@end verbatim - -The @uref{http://cfengine.com/manuals/cf3-Reference.html#acl-in-files, -CFEngine reference manual} contains a description of all the available -@code{ACL} options. Also refer to the the CFEngine Enterprise Owner's manual -for a more in-depth discussion of the @code{ACL} options available. - -@node Windows-aware features in CFE Enterprise, Windows special variables, File and folder permissions, Top -@unnumberedsec Windows-aware features in CFE Enterprise - -CFEngine Enterprise integrates with the Windows operating system in multiple -ways. - -The CFEngine scheduler in CFE Enterprise (@code{cf-execd}) runs as a Windows -service. This means it runs in the background and starts with Windows, -before any user logs in. It can be configured, started and stopped -from the ``Services'' listing in Windows, just like any other Windows -service. - -Event logs are the Windows counterpart to syslog from Unix. The main -difference is that event logs aim to group similar log messages, -giving each group an event id. The following event ids are defined in -CFEngine Enterprise, allowing categorisation of the log message based on its -type. The CFE Enterprise event logs can be found under the ``System'' logs. - -@multitable @columnfractions .4 .2 .2 -@headitem Description @tab Event ID @tab Type -@item Promise kept @tab 100 @tab Information -@item Promise repaired @tab 101 @tab Information -@item Promise not repaired due warn only policy @tab 102 @tab Error -@item Promise not repaired due to error @tab 103 @tab Error -@item Report promise @tab 104 @tab Information -@item Generic information @tab 105 @tab Information -@item Generic verbose @tab 106 @tab Information -@item Generic warning @tab 107 @tab Warning -@item Generic error @tab 108 @tab Error -@end multitable - -@center @image{winevent-notkept-storage,10cm,,Promise not kept in Event Viewer,png} - -By default, only promise not repaired and generic error events are -logged to avoid flooding the Event Log. You can turn on verbose -logging to log all messages, like the following example. - - -@verbatim - -body common control -{ -inputs => { "cfengine_stdlib.cf" }; -bundlesequence => { "main" }; -} - -bundle agent main -{ -files: -"C:\test.txt" - create => "true", - action => log_verbose; -} - -@end verbatim - -@node Windows special variables, Windows hard classes, Windows-aware features in CFE Enterprise, Top -@unnumberedsec Windows special variables -Three new special variables have been added to the Windows version of -CFEngine Enterprise. - -@itemize - -@item @code{sys.windir} contains the Windows directory, -e.g. ``C:\WINDOWS''. - -@item @code{sys.winsysdir} contains the Windows system directory, -e.g. ``C:\WINDOWS\system32''. - -@item @code{sys.winprogdir} contains the program files directory, -e.g. ``C:\Program Files''. - -@end itemize - -Note that these variables are not statically coded, but retrieved from -the current system. For example, @code{sys.winprogdir} is often -different on Windows versions in distinct languages. - - -@node Windows hard classes, Notes on windows policies, Windows special variables, Top -@unnumberedsec Windows hard classes -The Windows version of CFEngine Enterprise defines hard classes to pinpoint -the exact version of Windows that it is running on, the service pack -version and if it's a server or workstation. - -First of all, the class @code{windows} is defined on all Windows -platforms. For Windows workstations, such as Windows XP, -@code{WinWorkstation} is defined. On Windows servers, such as Windows -Server 2003, @code{WinServer} is defined. In addition, if the server -is a domain controller, @code{DomainController} is defined. Note that -if @code{DomainController} is defined, then @code{WinServer} is also -defined, for natural reasons. - -The class @code{Service_Pack_X_Y} is defined according to the service -pack version. For example, at the time of writing, -@code{Service_Pack_3_0} is set on an updated Windows XP operating -system. - -To allow taking specific actions on different Windows versions, one -of the following hard classes is defined. - -@itemize -@item @code{Windows_7} -@item @code{Windows_Server_2008_R2} -@item @code{Windows_Server_2008} -@item @code{Windows_Vista} -@item @code{Windows_Server_2003_R2} -@item @code{Windows_Home_Server} -@item @code{Windows_Server_2003} -@item @code{Windows_XP_Professional_x64_Edition} -@item @code{Windows_XP} -@item @code{Windows_2000} -@end itemize - -Note that all defined hard classes for a given system is shown by -running @code{cf-promises -v}. - - -@node Notes on windows policies, , Windows hard classes, Top -@unnumberedsec Notes on windows policies -A potential problem source when writing policies for windows is that -paths to executables often contain spaces. This makes it impossible -for CFEngine to know where the executable ends and the parameters to -it starts. To solve this, we place escaped quotes around the -executable. Windows share paths (double backslashes) also need -escaping. - -Additionally, Windows does not support that processes start themselves -in in the background (i.e. fork off a child process in the Unix -world). The result is that CFEngine is always waiting for the commands -to finish execution before checking the next promise. To avoid this, -use the background attribute in the action body-part. - -Both these things are demonstrated in the following example. - -@verbatim - -body common control -{ -inputs => { "cfengine_stdlib.cf" }; -bundlesequence => { "main" }; -} - -bundle agent main -{ -commands: - -"\"C:\Program Files\Some Dir\program name.bat\" --silent --batch" - action => in_shell_bg; - -"\"\\\\computer\share path\my program.exe\" /some args"; -} - -@end verbatim - -Finally, one should note that Windows lacks support for certain -features that are utilised in Unix versions of CFEngine. These include -symbolic links, file groups, user and group identifiers. - -Thus, the parts of promises containing these features will be -ignored. For example, the @code{getgid()} function does not return -anything on Windows. The -@uref{http://cfengine.com/manuals/cf3-Reference.html,CFEngine -reference manual} documents exactly which promises are ignored and -not. Also, @code{cf-agent.exe} from CFEngine Enterprise prints warning messages -on ignored attributes when run in verbose mode (@code{cf-agent.exe -Kv}). - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/agility.png b/docs/guides/agility.png deleted file mode 100644 index 9559037e0c..0000000000 Binary files a/docs/guides/agility.png and /dev/null differ diff --git a/docs/guides/arch.png b/docs/guides/arch.png deleted file mode 100644 index 4655faa541..0000000000 Binary files a/docs/guides/arch.png and /dev/null differ diff --git a/docs/guides/body_bundle.png b/docs/guides/body_bundle.png deleted file mode 100644 index 79bdfdce61..0000000000 Binary files a/docs/guides/body_bundle.png and /dev/null differ diff --git a/docs/guides/boxes.png b/docs/guides/boxes.png deleted file mode 100644 index b79075443b..0000000000 Binary files a/docs/guides/boxes.png and /dev/null differ diff --git a/docs/guides/brainbrawn.png b/docs/guides/brainbrawn.png deleted file mode 100644 index 1cc2e06263..0000000000 Binary files a/docs/guides/brainbrawn.png and /dev/null differ diff --git a/docs/guides/bval.png b/docs/guides/bval.png deleted file mode 100644 index fdbcebc8b1..0000000000 Binary files a/docs/guides/bval.png and /dev/null differ diff --git a/docs/guides/cdp_reports_generate.png b/docs/guides/cdp_reports_generate.png deleted file mode 100644 index f4c21ab38b..0000000000 Binary files a/docs/guides/cdp_reports_generate.png and /dev/null differ diff --git a/docs/guides/cdp_services_report.png b/docs/guides/cdp_services_report.png deleted file mode 100644 index b38974f820..0000000000 Binary files a/docs/guides/cdp_services_report.png and /dev/null differ diff --git a/docs/guides/central_pull.png b/docs/guides/central_pull.png deleted file mode 100644 index 01a1d00fa6..0000000000 Binary files a/docs/guides/central_pull.png and /dev/null differ diff --git a/docs/guides/central_push.png b/docs/guides/central_push.png deleted file mode 100644 index 2139f1ed73..0000000000 Binary files a/docs/guides/central_push.png and /dev/null differ diff --git a/docs/guides/cf-Compliance.texinfo b/docs/guides/cf-Compliance.texinfo deleted file mode 100644 index 06bcf36b66..0000000000 --- a/docs/guides/cf-Compliance.texinfo +++ /dev/null @@ -1,123 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{NewLogo} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf-Compliance.info -@settitle Compliance management using cfengine -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Compliance management using CFEngine -@subtitle A CFEngine AS workbork -@author CFEngine.com - -@c @smallbook - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, ISO standards and International Law, (dir), (dir) -@top CFEngine-Modularization -@end ifnottex - - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 - -

Summary of contents

- -@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@menu -* ISO standards and International Law:: -@end menu - -@cartouche - -In this module you will learn about - -@itemize @bullet -@item -Ways of ensuring compliance with security requirements and company policy. - -@end itemize -@end cartouche - -@c ----------------------------------------------------------------------- -@node ISO standards and International Law, , Top, Top -@chapter ISO standards and International Law - - - - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - -@ifhtml -@html - -@end html -@end ifhtml - -@contents - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf-bestpractices.texinfo b/docs/guides/cf-bestpractices.texinfo deleted file mode 100644 index f016eabeea..0000000000 --- a/docs/guides/cf-bestpractices.texinfo +++ /dev/null @@ -1,356 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{NewLogo} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf-bestpractices.info -@settitle CFEngine Best Practices -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine Best Practices -@subtitle A CFEngine AS workbork -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Best practices, (dir), (dir) -@top CFEngine-Modularization -@end ifnottex - - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 - -

Summary of contents

- -@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - - -@menu -* Best practices:: -* The Promise Matrix:: -* Things to remember when writing promises:: -@end menu - -@c ********************************************************************** -@node Best practices, The Promise Matrix, Top, Top -@chapter Best practices - -Who decides best practice? Who gets to say what is best for whom and -under what circumstances? In many cases this is an ad hoc individual, -or perhaps (worse) a committee, more concerned with concensus building -that practicality. - -We would like to begin by saying that we don't believe in the concept -of @i{best} practice, however perhaps we can refer to Pretty Good -Practice, i.e. Useful Experience. That is the spirit in which we present our -thoughts in this document. - -@c ********************************************************************** -@node The Promise Matrix, Things to remember when writing promises, Best practices, Top -@chapter The Promise Matrix - -Let us oversimplify just a little to describe what we believe is the basic -problem. - -The management of a distributed system can be thought of as the -population of a matrix (table) of `things to do' versus `where to do -them', i.e. on which machines to execute which processes. This -matrix is what is sometimes referred to as orchestration, or choreography: - -@image{matrix1,12cm,,The Matrix,png} - -The CFEngine version of this is more general and more powerful. To -begin with, we describe promises which are not just tasks, but -maintainance processes. Then, instead of individual machines, we are -able to put together any kind of (possibly overlapping) set of -machines into a `class'. - -@image{matrix2,12cm,,The Matrix,png} - -@menu -* Avoid hierarchical arrangements:: -* Defining effective classes:: -* Classifying machines:: -* Bundling under a class:: -@end menu - -@node Avoid hierarchical arrangements, Defining effective classes, The Promise Matrix, The Promise Matrix -@section Avoid hierarchical arrangements - -Hierarchies are a bad way to model organizations. Even though history -has favoured hierarchical organization, almost no real organization is -trul hierarchical. Indeed, strict hierarchies tend to fail in most -cases because they force things into a tree of isolated -leaf-categories. Networks (like the internet) are successful because -they can branch like trees, but allow cross connected and overlapping -membership of categories. - -Our first advice is: - -@itemize -@item Create the classes that you need to represent your organization. - -Put out of your mind all thoughs about hierarchy and Object -Orientation. If they are natural, they will emerge by themselves. If -they are not, they will just get in your way. If you try to be strict -in categorization, you will just end up making more exceptions to the -rule than the rule itself. - -@item Use many classes with descriptive names. - -This is how you model and understand cooperation in your organization. - -@end itemize - -Many clients have a significant fraction of their total configuration -dedicated to defining appropriate classes. - - -@node Defining effective classes, Classifying machines, Avoid hierarchical arrangements, The Promise Matrix -@section Defining effective classes - -One idea for best practice is this: we want to make the smallest -number of classes that cover an organization. This sounds like a nice -obsessive-compulsion for optimization, and it appeals to nit-pickers; -however we advise against exessive optimization. Comfort and pedagogy -are more important characteristics to nurture. - -@enumerate - -@item The main thing we want to avoid is having to maintain the same -information in many locations. If we can, we would like to have a -little raw information and use logic and @i{reasoning} to derive -classes from these. Fortunately CFEngine does a lot of reasoning in -advance, providing you with a rich list of classes on which to base -decisions. - -@item Remember also that you can define your own classes by testing the -system with functions like @code{fileexists()}, @code{filesexist}, -@code{hashmatch()}, etc., which detect conformance with particular -patterns. - -@item A lot of information is contained in lists. Make use of existing -lists in databases like NIS, LDAP and SQL databases. The may be accessed -by special functions like @code{ldaplist}, @code{hostinnetgroup}. - -@item There are two strategies to making lists, much like `allow' and `deny' -strategies in access control security. - -@itemize -@item Specify the individual entities. -@item Specify the exceptions to a general rule. -@end itemize - -There are general classes (all encompassing) like @samp{any}, and @samp{solaris}. -Then there are specific classes like the name of a host, or the IP address. - -@end enumerate - - -@node Classifying machines, Bundling under a class, Defining effective classes, The Promise Matrix -@section Classifying machines - -There are different approaches to classifying machines: - -@itemize -@item By IP address, or subnet. - -This seems simple but does not easily capture today's distributed organizations. - -@item By netgroup or LDAP list. - -This has the advantage of being managed by a specialist in the organization, so it -makes use of knowledge about the organization. - -@end itemize - - -@node Bundling under a class, , Classifying machines, The Promise Matrix -@section Bundling under a class -- making use of patterns - - -CFEngine's ability to define methods based on parameterized bundles of -code is a powerful way to reduce the total number of specific promises -into generic patters. Whenever possible, we recommend writing -generic promises and re-using them by iterating over lists, -or applying parameter sets to different classes, e.g. - -@verbatim - - domain_01:: - - "dep1" slist => { "c:\WINDOWS\system32\msiexec.exe" }; - - "dep2" slist => { "c:\WINDOWS\system32\msiexec.exe", "c:\Program Files\cf_dummy1" }; - - "dep3" slist => { "c:\WINDOWS\system32\msiexec.exe", "c:\Program Files\cf_dummy1", "c:\Program Files\cf_dummy2" }; - - - domain_02:: - - "dep1" slist => { "c:\WINDOWS\system32\msiexec.exe" }; - - "dep2" slist => { "c:\WINDOWS\system32\msiexec.exe", "c:\Program Files\cf_dummy2" }; - -methods: - - # perform the actual installation with dependency checking - - domain_01:: - - "any" usebundle => install_software("cf_dummy1.msi","cf_dummy1",@(Trial1.dep1)); - "any" usebundle => install_software("cf_dummy2.msi","cf_dummy2",@(Trial1.dep2)); - "any" usebundle => install_software("cf_dummy3.msi","cf_dummy3",@(Trial1.dep3)); - - domain_02:: - - "any" usebundle => install_software("cf_dummy2.msi","cf_dummy2",@(Trial1.dep1)); - "any" usebundle => install_software("cf_dummy1.msi","cf_dummy1",@(Trial1.dep2)); - -@end verbatim - - -@c ********************************************************************** -@node Things to remember when writing promises, , The Promise Matrix, Top -@chapter Things to remember when writing promises - - - - -When writing promises, get into the habit of giving every promise a comment -that explains its intention. - -Also, give related promises @i{handles}, or labels that can be used to -refer to them by. - -@verbatim - -files: - - "/var/cfengine/inputs" - - handle => "update_policy", - - perms => system("600"), - copy_from => mycopy("$(master_location)","$(policy_server)"), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - -@end verbatim -If a promise affects another promise in some way, you can make the affected -promise one of the promisees, like this: - -@verbatim - -access: - - "/master/CFEngine/inputs" -> { "update_policy", "other_promisee" }, - - handle => "serve_updates", - - admit => { "217.77.34.*" }; - -@end verbatim - -Conversely, if a promise might depend on another in some (even indirect) way, document this too. - -@verbatim - -files: - - "/var/cfengine/inputs" - - handle => "update_policy", - depends_on => {"serve_updates"}, - - perms => system("600"), - copy_from => mycopy("$(master_location)","$(policy_server)"), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - - -@end verbatim - -Get into the habit of adding the cause-effect lines of influence. -Enterprise editions of CFEngine will track the dependencies between these -promises and map out impact analyses. - - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - -@ifhtml -@html - -@end html -@end ifhtml - -@contents - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf-copernicus.texinfo b/docs/guides/cf-copernicus.texinfo deleted file mode 100644 index f97246049a..0000000000 --- a/docs/guides/cf-copernicus.texinfo +++ /dev/null @@ -1,258 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{NewLogo} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf-copernicus.info -@settitle Copernicus Hints -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Copernicus Hints -@subtitle A CFEngine AS reference -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - -@ifnottex -@node Top, Introduction, (dir), (dir) -@top CFEngine-Reference -@end ifnottex - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 - -

Summary of contents

- -@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@menu -* Introduction:: -* The content:: -* Graphs:: -* Improve Copernicus:: -@end menu - -@node Introduction, The content, Top, Top -@chapter Introduction - - -Copernicus is CFEngine's knowledge integration tool, proving -semantically linked access to our extended documentation for support -customers. Copernicus is really just CFEngine 3 in disguise. The -website is powered by CFEngine 3's knowledge agent @code{cf-know}. Only -the content is proprietary -- and even then we encourage you to -help develop it by sending us suggestions for improvement. - -Copernicus was made famous for his heliocentric view of the -universe, placing the sun at the centre and seeing the -planets orbit around it. - -@image{copernicus-planets,10cm,,The heliocentric solar system,png} - -CFEngine's Copernicus is a simplified implentation of ISO standard -Topic Maps, in which every page is based around a topic. It places -a given topic of interest in the centre of focus and shows what other -concepts are closely related to it. Just click on a concept to see -how it relates to nearby concepts and to find references to the -documentation. - -The best way to use the topic map is simply to explore for a while -and use the search field to short-cut to relevant topics. - -@itemize -@item Orange links point to concepts -@item Red links point to documents. -@end itemize - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@node The content, Graphs, Introduction, Top -@chapter The content - -@menu -* Topics:: -* Types:: -* Associations:: -* Occurrences:: -* Searching:: -@end menu - -@node Topics, Types, The content, The content -@section Topics - -A topic is any subject that we want to talk about or represent. - -Strictly speaking, the term topic refers to the object or node in -the topic map that represents the subject being referred to. However, -there is a one-to-one relationship between topics and -subjects, with every topic representing a single subject and every -subject being represented by just one topic. To a certain degree, -therefore, the two terms can be used interchangeably - -@image{NewCopernicus,10cm,,A typical topic page,png} - -@node Types, Associations, Topics, The content -@section Types - -Topics can be categorized according to their type. In a topic map, any -given topic is an instance of zero or more topic types. This -corresponds to the categorization inherent in the use of multiple -indexes in a book (index of names, index of works, index of places, -etc.). - -Types are used mainly to disambiguate topics of the same namin -different contexts. - -@node Associations, Occurrences, Types, The content -@section Associations - - -An association is a semantic relationship between two topics. -The associative distance between topics is what defines the -solar system of a topic in Copernicus. Associations are what -links ideas together in the knowledge base, e.g. - -@smallexample -is implemented by -is an example of -is an aspect/component of -was a feature added in -@end smallexample - - -@node Occurrences, Searching, Associations, The content -@section Occurrences - -An occurrence of a topic is a piece of information about -it. This is normally the reason for using the topic map -in the first place -- to arrive at an actual document, or -occurrence of the topic. In CFEngine occurrences can be -short literal explanations, or the can be red URL pointers -to documentation. - -An occurrence pointer will lead you some some text that -says something about the topic. - -@node Searching, , Occurrences, The content -@section Searching - -The search field at the top right hand corner of the header may be -used to enter Perl Compatible Regular Expressions to match topic name -fragments. Searches are case insensitive. Do not enter more than one -keyword at a time, the expression should match only a single name, -e.g. - -@smallexample -web -web server -web.*module.* -apache -@end smallexample - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@node Graphs, Improve Copernicus, The content, Top -@chapter Graphs - -Copernicus provides some graphical representations of topic space, -showing approximately 30 of the closest related topics. This magic -number 30 is one of the Dunbar numbers and represents the number of -working relationships humans can typically maintain. - -@image{NewCopernicusGraph,10cm,,A graphical view of related topics,png} - - -The graphics are not a complete represenation of the topic map but -are designed to provoke associative thought. You can reach all of -the links by going to the Associations section of a topic page (assuming -there are associations). - -The graphical aspects of copernicus are being developed as part of our -research into knowledge management. Users can expect future -improvements to the analysis and navigation features. - - -@node Improve Copernicus, , Graphs, Top -@chapter Improve Copernicus - -Entering the expert knowledge in Copernicus is a huge and -time-consuming task. Help us to improve the knowledge base by sending -us your wishes and suggestions. Every `stupid question' and smart -lateral thought that you send us can help someone to find what they -need more quickly. - -We are constantly researching and analysing the data we have and -the patterns of usage we observe. All of this will lead to -a more sophisticated experience in the coming years. - -@ifhtml -@html - -@end html -@end ifhtml - -@contents - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/cf3-bestpractice.texinfo b/docs/guides/cf3-bestpractice.texinfo deleted file mode 100644 index 72cc67ad8a..0000000000 --- a/docs/guides/cf3-bestpractice.texinfo +++ /dev/null @@ -1,1455 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-bestpractice.info -@settitle CFEngine 3 Best Practices -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine 3 Best Practices -@subtitle A CFEngine Handbook -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Policy Style Guide, (dir), (dir) -@top CFEngine-Best-Practices -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@menu -* Policy Style Guide:: -* Policy Dos and Don'ts:: -* Common Workflows :: -* Quality Assurance around CFEngine:: -@end menu - - -@c ********************************************************************** - -@node Policy Style Guide, Policy Dos and Don'ts, Top, Top -@chapter Policy Style Guide - -@c .................................... -@menu -* Arranging files:: -* Where to define variables and classes:: -* How to choose and name bundles:: -* How to decide when to make a bundle:: -* When to use a paramaterized bundle or method :: -* When should classes be in common bundles:: -* When should variables be in common bundles:: -* When should variables be in local bundles:: -@end menu - -@node Arranging files, Where to define variables and classes, Policy Style Guide, Policy Style Guide -@section Arranging files - -Base your files on high level services as you do with bundles, -@xref{How to choose and name bundles}. The purpose of breaking up -policy into files is to limit the scope of the policy to manageable -amounts, making it easier to understand. It will only be easier to -understand if the casual user can immediately locate promises from the -name of the file. - -You can place related files in subdirectories of the inputs to localize them. -This also makes updating more efficient, as fewer objects need to be -checked. - -@cartouche -The Enterprise Knowledge base allows you to search for -promises, but everything will make more sense if promises are found in -an intuitive place. -@end cartouche - -@node Where to define variables and classes, How to choose and name bundles, Arranging files, Policy Style Guide -@section Where to define variables and classes - -@cartouche -Note that all CFEngine variables are globally accessable, by using their -fully qualified name :@code{$(bundle.variable)}, or @code{@@(bundle.variable)}, -so placing variables in one place or another does not affect their accessability. -@end cartouche - -Variables should be defined as close to the place where they are used as possible. -The user will expect to find variables defined: - -@itemize -@item In the current bundle, first and foremost. -@item In some common bundle for generic, global data. -@end itemize - -@noindent Variables that define global aspects of configuration, e.g. - -@itemize -@item Well known path names, e.g. document root. -@item Site specific data, e.g. the email address of the support unit. -@end itemize -@noindent can be defined in @code{common} bundles. This places them -in a neutral context. - -The only reason to define a variable far from its place of use would -be when writing generically re-usable methods and passing data as -parameters, @xref{When to use a paramaterized bundle or method}. -However, re-usability can make rules harder to understand. - -@node How to choose and name bundles, How to decide when to make a bundle, Where to define variables and classes, Policy Style Guide -@section How to choose and name bundles - -Use the name of a bundle to represent a meaningful aspect of system adminstration, -We recommend using a two or three-part name, that explains the context, general subject heading and -special instance. Names should be service oriented and should guide non-experts to understand -what they are about. -e.g. -@itemize -@item app_mail_postfix -@item app_mail_mailman -@item app_web_apache -@item app_web_squid -@item app_web_php -@item app_db_mysql -@item garbage_collection -@item security_check_files -@item security_check_processes -@item system_name_resolution -@item system_xinetd -@item system_root_password -@item system_processes -@item system_files -@item win_active_directory -@item win_registry -@item win_services -@end itemize - -@node How to decide when to make a bundle, When to use a paramaterized bundle or method , How to choose and name bundles, Policy Style Guide -@section How to decide when to make a bundle - -Put things into a single bundle if: -@itemize -@item They belong to the same conceptual aspect of system administration. -@item They do not need to be switched on or off independently. -@end itemize - - -Put things into different bundles if: - -@itemize -@item All of the promises in one bundle need to the checked -before all of the promises in another bundle. - -@item You need to re-use the promises with different parameters. -@end itemize - -In general, keep the number of bundles to a minimum. -This is a knowledge management issue. Clarity comes from differentiation, -but only if the number of things is small. - - - - -@node When to use a paramaterized bundle or method , When should classes be in common bundles, How to decide when to make a bundle, Policy Style Guide -@section When to use a paramaterized bundle or method - -If you need to arrange for a @i{managed convergent collection} or -@i{sequence} of promises that will occur for a list of (multiple) names or -promisers, then use a bundle to simplify the code. - -Write the promises, which may or may not be ordered, using a parameter for the -different names, then call the method passing the list of names as a parameter -to reduce the amount of code. - -@smallexample - -bundle agent testbundle -@{ -vars: - - "userlist" slist => @{ "mark", "jeang", "jonhenrik", "thomas", "eben" @}; - -methods: - - "any" @b{usebundle => subtest("$(userlist)")}; - -@} - -########################################### - -bundle agent subtest(@b{user}) - -@{ -commands: - - "/bin/echo Fix @b{$(user)}"; - -files: - - "/home/@b{$(user)}/." - - create => "true"; - -reports: - - linux:: - - "Finished doing stuff for @b{$(user)}"; -@} - -@end smallexample - - - -@node When should classes be in common bundles, When should variables be in common bundles, When to use a paramaterized bundle or method , Policy Style Guide -@section When should classes be in @code{common} bundles? - -@itemize -@item When you need to use them in multiple bundles (because classes defined -in @code{common} bundles have global scope). -@end itemize - -@cartouche - -Note, if you are converting from CFEngine 2 you should know the following. -In CFEngine 2, all classes were global and it was common to define all classes -in a big unmanageable list. That meant that there was a chance of -class name collisions. CFEngine 3 has both local and global classes, allowing you -to limit the scope of classes and define them more in context. - -@end cartouche - -@node When should variables be in common bundles, When should variables be in local bundles, When should classes be in common bundles, Policy Style Guide -@section When should variables be in @code{common} bundles? - -@itemize -@item For rationality, if the variable does not belong to any particular -bundle, because it is used elsewhere. -(Qualified variable names e.g. @code{$(mybundle.myname)}are always -globally accessible, so this is a cosmetic issue.) -@end itemize - -@node When should variables be in local bundles, , When should variables be in common bundles, Policy Style Guide -@section When should variables be in local bundles? - -@itemize -@item If they are not needed outside the bundles. -@item If they are used for iteration (without qualified scope). -@item If they are tied to a specific aspect of system maintenance represented -by the bundle, so that accessing @code{$(bundle.var)} adds clarity. -@end itemize - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@node Policy Dos and Don'ts, Common Workflows , Policy Style Guide, Top -@chapter Policy Dos and Don'ts - -This chapter lists a number of recommended practices. - - - -@menu -* Never do:: -* Avoid:: -* Recommended:: -* Always do:: -@end menu - -@node Never do, Avoid, Policy Dos and Don'ts, Policy Dos and Don'ts -@section Never do - -@menu -* Never change system policy when humans are absent:: -* Never embed simple shell commands:: -* Never manage more than one cron job:: -@end menu - - -@node Never change system policy when humans are absent, Never embed simple shell commands, Never do, Never do -@subsection Never change system policy when humans are absent - -Never make system changes when humans are unavailable, e.g. just before -going offline for the weekend. No matter how careful you have been, mistakes -can be made and you need to have at least 24 hours experience with a running -policy to lend it your trust. - - - -@node Never embed simple shell commands, Never manage more than one cron job, Never change system policy when humans are absent, Never do -@subsection Never embed simple shell commands - - -Do not embed simple shell commands with CFEngine @code{commands} promises, like this: - -@smallexample - -commands: - - # Don't do this! - - "/bin/rm -r /tmp/xyz*"; - "/bin/mkdir /tmp/abcd"; - -@end smallexample - -@b{WHY?} Embedded shell commands like this cannot be managed by CFEngine, -so none of the protections that CFEngine offers can be applied to the process. -Moreover, this starts a new process, adding to the burden on the system. - -Most importantly, this approach works like a covert channel, making changes -that are not directly visible to CFEngine. - - -@node Never manage more than one cron job, , Never embed simple shell commands, Never do -@subsection Never manage more than one cron job - -When you run CFEngine, there is no reason to maintain separate cron -jobs. Instead, use CFEngine's time classes to work like a user -interface for cron. This allows you to have a single, central -CFEngine file which contains all the cron jobs on your system without -losing any of the fine control which cron affords you. All of the -usual advantages apply: -@itemize @bullet - -@item -It is easier to keep track of what cron jobs are running on the -system when you have everything in one place. - -@item -You can use all of your carefully crafted groups and user-defined -classes to identify which host should run which programs. -@end itemize - -@b{WHY?} This gives you a single point of definition for batch jobs. -It encapsulates jobs under CFEngine's tutelage, for improved control -and security. Finally, CFEngine can collate and summarize the outputs -from multiple scripts in a rational monitoring process. - - - -@c ********************************************************************** -@node Avoid, Recommended, Never do, Policy Dos and Don'ts -@section Avoid - -@menu -* Avoid writing custom scripts:: -* Avoid running CFEngine without lock protection:: -@end menu - -@node Avoid writing custom scripts, Avoid running CFEngine without lock protection, Avoid, Avoid -@subsection Avoid writing custom scripts - -Do not spend your time writing scripts to embed within CFEngine. If -you are doing this, you are not using the potential of CFEngine and -you are not benefitting from the protections and efficiencies that -CFEngine offers. Custom scripts should be for your specific business -operations, not for system maintenance. - -If you are tempted to use scripts to achieve your needs, consider -using @code{methods}, and if necessary consult with support personnel -for advice. - - -@node Avoid running CFEngine without lock protection, , Avoid writing custom scripts, Avoid -@subsection avoid running CFEngine without lock protection - -CFEngine's adaptive locking is an important system protection. You -should not run CFEngine continuously without this protection, e.g. by -running with the @samp{-K} flag set, of by setting @code{ifelapsed} to -zero for a promise. - -@b{WHY?} System inconsistencies can result and unnecessary resources -will be consumed. - - - -@c ********************************************************************** -@node Recommended, Always do, Avoid, Policy Dos and Don'ts -@section Recommended (Try to) - -@menu -* Try to combine tests and operations during file searches:: -* Try to make many small changes:: -@end menu - -@node Try to combine tests and operations during file searches, Try to make many small changes, Recommended, Recommended -@subsection Try to combine tests and operations during file searches - -Searching through files on a disk is one of the most time consuming -operations for a computer. If you have to do it, make sure that -you are getting the most for your CPU-cycles and combine operations -in a single promise. This allows CFEngine to optimize the resource use -of the system. - -@smallexample - -files: - - "$(site)/app/webroot/img/inside/extmans" - comment => "Copy the images for the private html documents", -@b{ copy_from => cp("$(kbase)"), - perms => p("root","644"), - file_select => by_name(".*.png"), - depth_search => recurse("1"),} - action => ifelapsed("60"); - -@end smallexample - - - -@node Try to make many small changes, , Try to combine tests and operations during file searches, Recommended -@subsection Try to make many small changes - -Changes to policy should always be part of a serious and considered -plan. They should not be @emph{ad hoc}. That said, consideration of -changes should not be so time-consuming that it cripples human -resources, or leads to change-avoidance because it seems daunting. - -It is better to make many small changes than few large changes. Large -changes involve many interdependencies, which make them fragile to -unexpected contingencies. The risk of large changes is high. The risk -of small changes is low. - -CFEngine makes it easy to make small changes frequently, without -operational repercussions. As long as humans are on hand during the -change to observe possible side-effects this. - - -@c ********************************************************************** -@node Always do, , Recommended, Policy Dos and Don'ts -@section Always do - - -@menu -* Always document promises:: -* Always keep coding to a minimum:: -* Always use lists to make the same promise about multiple objects:: -* Always use existing templates:: -* Always use the system variables for system resources:: -* Always use variables as pointers to paths and servers:: -@end menu - -@node Always document promises, Always keep coding to a minimum, Always do, Always do -@subsection Always document promises - -Always add comment attributes to your promises to explain the intention. - -@smallexample - -files: - - # This is a throw-away comment, below is a full-bodied promise - - "/tmp/testfile" # promiser - - @b{comment => "This is for keeps...", # Live comment} - create => "true", # Constraint 1 - perms => p("612"); # Constraint 2 - -@end smallexample - -If a promise has a stakeholder that is worthy of special mention, then -use the promisee fields to add the name of this person. - -@smallexample - -files: - - "/tmp/testfile" -> @{ "stakeholder@@company.com" @}, - - @b{comment => "This is for keeps...", # Live comment} - create => "true", # Constraint 1 - perms => p("612"); # Constraint 2 - -@end smallexample - -If a promise depends on another promise being run before it, use the -@code{depends_on} fields to document the handle of the other prior promise. -This allows tracing of the impact chain. - - -@smallexample - -files: - - "/tmp" - - @b{handle => "make_temp",} - comment => "This is for keeps...", # Live comment - create => "true", # Constraint 1 - perms => p("612"); # Constraint 2 - - - "/tmp/testfile" - - @b{depends_on => @{ "make_temp" @},} - comment => "This is for keeps...", # Live comment - create => "true", # Constraint 1 - perms => p("612"); # Constraint 2 - -@end smallexample - - -@node Always keep coding to a minimum, Always use lists to make the same promise about multiple objects, Always document promises, Always do -@subsection Always keep coding to a minimum - -If you are coming to CFEngine from another scripting langauge, you -will probably be tempted to add a lot of `logic' to your CFEngine -program, testing whether things are true and trying to control the -order of things. This is not necessary. You should think of each -promise as being a self-contained `nugget' that requires little -additional coding. The more coding you add, the more fragile -a configuration becomes. - -The hardest part of using CFEngine for programmers is letting go -of the reins. - - -@node Always use lists to make the same promise about multiple objects, Always use existing templates, Always keep coding to a minimum, Always do -@subsection Always use lists to make the same promise about multiple objects - -If you have a number of system resources that all make the same -promise, then use lists to iterate over the resources in a single -promise, rather than coding the same promise many times. - -@smallexample -vars: - - "watch_files" slist => @{ - "/etc/passwd", - "/etc/shadow", - "/etc/group", - "/etc/services" - @}; -files: - - "$(watch_files)" - - comment => "Change detection on the above", - changes => change_management_trip_wire; - -@end smallexample - - -@node Always use existing templates, Always use the system variables for system resources, Always use lists to make the same promise about multiple objects, Always do -@subsection Always use existing templates - -Familiarize yourself with the current @code{CFEngine_stdlib.cf} file in the -software distribution. This contains many body templates, e.g. - -@smallexample -local_cp() remote_cp() secure_cp() if_elapsed() recurse() -@end smallexample - -@noindent Use these pre-existing body templates whenever possible, rather -than inventing new ones. For example: - -@smallexample - -bundle agent update -@{ -files: - - "/path/to/copy" - - comment => "Update the policy files from the master", - perms => u_p("600"), - copy_from => @b{local_cp}("$(master_location)","localhost"), - depth_search => @b{recurse}("inf"); - -@} -@end smallexample - -@b{WHY?} The comprehensibility of your code to consultants and new -employees is enhanced by standardization of practice. If the global -CFEngine community uses the same set of idioms, then communicating -policy will be simpler. - - -@node Always use the system variables for system resources, Always use variables as pointers to paths and servers, Always use existing templates, Always do -@subsection Always use the system variables for system resources - -CFEngine provides indirection (pointers) to particular resources, -through its @samp{sys} variable context. These variables adapt -to the operating system and user id under which CFEngine is run. -Your policy will be more readily portable and you will need to -code fewer exceptions if you use CFEngine's automatically adapting -primitives, e.g. instead of writing @file{/etc/resolv.conf} for the -name-service configuration file, use @code{$(sys.resolv)}. - -@smallexample - -files: - - "@b{$(sys.resolv)}" - - comment => "Add lines to the resolver configuration", - create => "true", - edit_line => resolver, - edit_defaults => std_edits; - -@end smallexample - - -@node Always use variables as pointers to paths and servers, , Always use the system variables for system resources, Always do -@subsection Always use variables as pointers to paths and servers - -You should avoid coding paths and names of resources directly in -promises. Use instead a local or possible global variable to point to -the resource instead. This brings consistency to the coding, often -shortens the references, and provides a @i{single point of definition} -for change. - - -@smallexample - -bundle agent update -@{ -vars: - - # A standard location for the source point (single point of definition) - - "master_location" string => "@b{$(sys.workdir)}/masterfiles"; - -files: - - "$(sys.workdir)/inputs" - - comment => "Update the policy files from the master", - perms => u_p("600"), - copy_from => u_cp("@b{$(master_location)}","localhost"), - depth_search => recurse("inf"); - -@} - -@end smallexample - - -@node Common Workflows , Quality Assurance around CFEngine, Policy Dos and Don'ts, Top -@chapter Common Workflows - -This chapter concerns `workflow processes' that should typically be -dealt with on systems. A workflow process is represented by a -@i{promise bundle} in CFEngine. None of the proposals here should be -considered mandatory in any sense, but they do represent the norm. - -We refer users to the CFEngine solutions guide for implementation details of -specific solutions. - -@c ********************************************************************** -@menu -* Anomaly Monitoring:: -* Batch Jobs:: -* Garbage Collection:: -* Knowledge Updating:: -* Name Service:: -* Policy Distribution:: -* Services:: -* Security:: -* Software Management:: -@end menu - -@node Anomaly Monitoring, Batch Jobs, Common Workflows , Common Workflows -@section Anomaly Monitoring - -@noindent @b{Purpose:} - -The purpose of anomaly monitoring is to understand the stability -of a system, both in terms of its run-time performance and its -architectural structure. Sudden changes on a system can be separated -from the normal slow variations. - -@noindent @b{Remarks:} - -Anomaly detection is enabled and performed by the @code{cf-monitord} daemon. -Reporting of anomalies is not automatic however. Alerts must be promised -explicitly. This is normally handled by a @code{reports} promise. - -Change detection of the file system is handled by @code{files} -promises in @code{cf-agent}. - -@noindent @b{Example:} - -@smallexample - -bundle agent anomalies -@{ -vars: - - "sysdir" string => "/tmp"; - "files" slist => @{ "passwd", "shadow" @}; - -classes: - - "no_$(files)" not => fileexists("$(sysdir)/$(files)"); - -files: - - # backup - - "/var/cfengine/inputs/$(files)" - - copy_from => emergency_save("$(sysdir)/$(files)"); - - # restore - - "/tmp/$(files)" - - copy_from => emergency_save("/var/cfengine/inputs/$(files)"), - ifvarclass => "no_$(files)"; - -reports: - - rootprocs_high_dev2:: - - "RootProc anomaly high 2 dev on $(mon.host) at $(mon.env_time) - measured value $(mon.value_rootprocs) av $(mon.average_rootprocs) - pm $(mon.stddev_rootprocs)" - - showstate => @{ "rootprocs" @}; - - entropy_www_in_high&anomaly_hosts.www_in_high_anomaly:: - - "HIGH ENTROPY Incoming www anomaly high anomaly dev!! on $(mon.host) - - measured value $(mon.value_www_in) av $(mon.average_www_in) pm - $(mon.stddev_www_in)" - - showstate => @{ "incoming.www" @}; - - entropy_www_in_low.anomaly_hosts.www_in_high_anomaly:: - - "LOW ENTROPY Incoming www anomaly high anomaly dev!! on $(mon.host) - at $(mon.env_time) - - measured value $(svalue_www_in) av $(average_www_in) pm $(stddev_www_in)" - - showstate => @{ "incoming.www" @}; - - # etc. - -@} - -@end smallexample - - -@c ********************************************************************** -@node Batch Jobs, Garbage Collection, Anomaly Monitoring, Common Workflows -@section Batch Jobs - - -@noindent @b{Purpose:} - -Batch jobs are run on systems in order to perform basic house keeping functions such -as updating databases or executing business related tasks. - -@noindent @b{Remarks:} - -Batch jobs should not be run every time CFEngine runs, so you need to limit the -execution of each one carefully, using: - -@itemize -@item Classes -Classes for time and location. -@item Locks -The @code{ifelapsed} parameter determined how much time has to have elapsed -before the job can be executed again. -@end itemize - -@noindent @b{Example:} - - -@smallexample - -bundle agent example -@{ -commands: - - # Exec on the first quarter after noon on Mondays - - Hr12.Q1.Monday:: - - "/path/myscript -arg1 -arg2"; - - # Exec every second quarter past hour, every day - - Q2:: - - "/path/otherscript"; - -@} - -@end smallexample - - -@c ********************************************************************** -@node Garbage Collection, Knowledge Updating, Batch Jobs, Common Workflows -@section Garbage Collection - -@noindent @b{Purpose:} - -Garbage collection is required on systems to prevent temporary or -antiquated files from consuming all available storage resources. It is -impossible for a system to survive in the long term without throwing -some data away. - -@noindent @b{Remarks:} - -Needless to say, care should be exercised when deleting anything from the system. -There are many strategies to select carefully what is to be deleted. -The @code{file_select} constraint is your friend. - -@noindent @b{Example:} - -@smallexample - - -bundle agent garbage_collection -@{ -files: - - "$(sys.workdir)/outputs" - - comment => "Garbage collection of any output files", - delete => tidy, - @b{file_select => days_old("3")}, - depth_search => recurse("inf"); - - "/tmp" - - comment => "Garbage collection of any temporary files", - delete => tidy, - @b{file_select => days_old("3")}, - depth_search => recurse("inf"); - -@} - -@end smallexample - -@c ********************************************************************** -@node Knowledge Updating, Name Service, Garbage Collection, Common Workflows -@section Knowledge Updating - -@noindent @b{Purpose:} -@noindent @b{Remarks:} -@noindent @b{Example:} - -@c ********************************************************************** -@node Name Service, Policy Distribution, Knowledge Updating, Common Workflows -@section Name Service - -@noindent @b{Purpose:} -Every computer needs to know how to perform name directory lookups in the Domain -Name Service. On Unix systems this requires it to manage the @file{/etc/resolv.conf} -file. - -@noindent @b{Remarks:} - -Always use the @code{$(sys.resolv)} variable to refer to the file. - -@noindent @b{Example:} - -@smallexample -bundle agent name_resolution - -@{ -files: - - "$(sys.resolv)" # test on "/tmp/resolv.conf" # - - comment => "Add lines to the resolver configuration", - create => "true", - edit_line => resolver, - edit_defaults => std_edits; - -@} - -bundle edit_line resolver - -@{ -delete_lines: - - "search.*"; - "nameserver 80.65.58.31"; - -insert_lines: - - "search CFEngine.com" location => start; - "nameserver 212.112.166.18"; - "nameserver 212.112.166.22"; -@} - - -@end smallexample - -@c ********************************************************************** -@node Policy Distribution, Services, Name Service, Common Workflows -@section Policy Distribution - - -@noindent @b{Purpose:} - -In a centralized model of policy suggestion, policy updates are downloaded -from a single point of definition, from one or more policy servers. -Maintaining this flow of communication from `central command' is what maintains -that centralized command. - -@noindent @b{Remarks:} -It is not mandatory to centralize management, but usually there needs to -be some automated process. - -@noindent @b{Example:} - -@smallexample - -vars: - - "master_location" string => "/var/cfengine/masterfiles"; - - "policy_server" slist => @{ "62.109.39.150" @}, - comment => "IP address to locate your policy host."; - -files: - - "/var/cfengine/inputs" - - handle => "update_policy", - perms => system("600"), - copy_from => u_scp("$(master_location)",@@(policy_server)), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - -@end smallexample - -@c ********************************************************************** -@node Services, Security, Policy Distribution, Common Workflows -@section Services - - -@noindent @b{Purpose:} -Keeping services up and running, or taking down services that should not be -running is both a matter of productivity and security. - -@noindent @b{Remarks:} -@noindent @b{Example:} - -@smallexample - -bundle agent services -@{ -vars: - "serlist" slist => @{ "dhcp", "ntp", "sshd" @}; - - "sindex" int => readstringarray - ( - "service", - "$(g.workdir)/inputs/fixservices-array", - "#[^\n]*", - ":", - "10", - "4000" - ); - -methods: - - "any" usebundle => fixservice - ( - "$(service[$(serlist)][0])", - "$(service[$(serlist)][1])", - "$(service[$(serlist)][2])", - "$(service[$(serlist)][3])", - "$(service[$(serlist)][4])" - ); -@} - -bundle agent fixservice(service,tfiles,mfiles,procs,restart) -@{ -files: - - "$(tfiles)" - perms => system("0600","root","root"), - copy_from => mycopy("$(g.masterfiles)/config/$(mfiles)","$(g.phost)"), - classes => cdefine( "$(service)_restart", "failed"); - -processes: - - "$(procs)" - - restart_class => canonify("$(service)_restart"); - -commands: - - "$(restart)" - - ifvarclass => canonify("$(service)_restart"); -@} - -@end smallexample - -@c ********************************************************************** -@node Security, Software Management, Services, Common Workflows -@section Security - -@noindent @b{Purpose:} -Security is a vast topic. You need to start with a security policy -and then translate this into promises about the system. For instance -you might promise file permissions and access rules. You might promise -change monitoring or anomaly detection. - -@noindent @b{Remarks:} -This is an open ended topic. Security should be discussed as a -human process, since most breaches come from within the system. -CFEngine can then be used to implement hardening measures, and -monitoring of important assets. - -@noindent @b{Example:} - - -@smallexample -vars: - - "system_files" slist => @{ - "/etc/passwd", - "/etc/group", - "/etc/services" - @}; - - "secret_files" slist => @{ - "/etc/shadow" - @}; - -files: - - - "$(secret_files)" - - comment => "Check permissions are secret on the above", - perms => mo("o-rwx","root"); - - "$(system_files)" - - comment => "Check permissions are correct on the above", - perms => mo("644","root"); - - -@end smallexample - -@c ********************************************************************** -@node Software Management, , Security, Common Workflows -@section Software Management - -@noindent @b{Purpose:} -Installing software and updating - -These days most systems have some kind of package based management -system. These vary in their intelligence from self-updating robots to -simple dumb file repositories. CFEngine can manage the installation -and subsequent customization/configuration. - -@noindent @b{Remarks:} -Installing software from some kind of source is only the first step. -Thereafter, special settings must be harmonized with security policies -and operational requirements. - - -@noindent @b{Example:} - -@smallexample - -vars: - - "match_package" slist => @{ - "apache2", - "apache2-mod_php5", - "apache2-prefork", - "php5" - @}; - -packages: - - "$(match_package)" - - package_policy => "add", - package_method => yum, - classes => ok("software_ok"); - -@end smallexample - - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - - -@node Quality Assurance around CFEngine, , Common Workflows , Top -@chapter Quality Assurance around CFEngine - -A powerful tool like CFEngine can do great good, or cause enormous -damage if used carelessly. It is essential to have a strict -discipline when making changes. This is a human quality assurance -process. - -Your general rule of thumb should be: make small changes, not big releases. - - -@menu -* Policy changes:: -* The policy decision flow:: -* Configuration version control and rollback:: -* Delegating responsibility:: -@end menu - -@node Policy changes, The policy decision flow, Quality Assurance around CFEngine, Quality Assurance around CFEngine -@section Policy changes - -Changes to policy should always be part of a serious and considered -plan. They should not be @emph{ad hoc}. That said, consideration of -changes should not be so time-consuming that it cripples human -resources, or leads to change-avoidance because it seems daunting. - -It is better to make many small changes than few large changes. Large -changes involve many interdependencies, which make them fragile to -unexpected contingencies. The risk of large changes is high. The risk -of small changes is low. - -CFEngine makes it easy to make small changes frequently, without -operational repercussions. As long as humans are on hand during the -change to observe possible side-effects this. - -Consider the following issues in quality assurance: -@itemize -@item Create a schedule and policy for major changes. -@item Plan to acquire the complete set of components for release. -@item Assign human roles as well as machine roles for changes. -@item Label new policy release items uniquely for tracking. -@item Always document the policy changes using the comment fields. -@item Test prior to releasing into the production environment. -@item Test in the production environment on a small number of machines whenever possible. -@end itemize - - -@image{cfengine-bdma,10cm,,The policy lifecycle,png} - - -There are four commonly cited phases in managing systems, summarized -as follows (see figure): - -@itemize -@item Build -@item Deploy -@item Manage -@item Audit -@end itemize - -These separate phases originate with a model of system management -based on transactional changes. CFEngine's conception of management -is some different, as transaction processing is not a good model for -system management, but we can use this template to see how -CFEngine works differently. - -@table @emph -@item Build -A system is based on a number of decisions and resources that need to -be `built' before they can be implemented. Building the trusted -foundations of a system are the key to guiding its development. You -don't need to decide every detail, just enough to build trust and -predictability into your system. - -In CFEngine, what you build is a template of proposed promises for the -machines in an organization such that, if the machines all make and -keep these promises, the system will function seamlessly as -planned. This is how it works in a human organization, and this is how -is works for computers too. - -@item Deploy -Deploying really means implementing the policy that was already -decided. In transaction systems, one tries to push out changes one by -one, hence `deploying' the decision. In CFEngine you simply publish -your policy (in CFEngine parlance these are `promise proposals') and -the machines see the new proposals and can adjust accordingly. Each -machine runs an agent that is capable of implementing policies and -maintaining them over time without further assistance. - -@item Manage -Once a decision is made, unplanned events will occur. Such -incidents usually set off alarms and humans rush to make new transactions -to repair them. In CFEngine, the autonous agent manages the system, -and you only have to deal with rare events that cannot be dealt with -automatically. - -@item Audit -In traditional configuration systems, the outcome is far from clear -after a one-shot transaction, so one audits the system -to determine to discover what actually happened. In CFEngine, changes -are not just initiated once, but locally audited and maintained. -Decision outcomes are assured by design in CFEngine and maintained -automatically, so the main worry is managing conflicting -intentions. Users can sit back and examine regular reports of -compliance generated by the agents, without having to arrange -for new `roll out' transactions. - -@end table - -@cartouche -@emph{ROLL-OUT and ROLL-BACK? You should not think of CFEngine with a -roll-out system, i.e. one that attempts to force out absolute changes -and perhaps reverse them in case of error. Roll-out and roll-back are -theoretically flawed concepts that only sometimes work in practice. -With CFEngine, you publish a sequences of policy revisions, always -moving forward (because like it or not, time only goes in one -direction). All of the desired-state changes are managed locally by -each individual computer, and continuously repaired to ensure on-going -compliance with policy. } -@end cartouche - -@node The policy decision flow, Configuration version control and rollback, Policy changes, Quality Assurance around CFEngine -@section The policy decision flow - -CFEngine does not make many absolute choices. Almost everything about -its behaviour is matter of policy and can be changed. However, a -structure for use, like the following, is recommended (see figure). - -In order to keep operations as simple as possible, CFEngine maintains -a private working directory on each machine referred to in -documentation as WORKDIR and in policy by the variable -@code{$(sys.workdir)}. By default, this is located at -@file{/var/cfengine} or @file{C:\var\CFEngine}. It contains everything -CFEngine needs to run. - -The figure below shows how decisions flow through the parts of a system. - -@image{arch,15cm,,The CFEngine architecture,png} - - -@itemize -@item -It makes sense to have a single point of coordination. Decisions are -therefore usually made in a single location (the Policy Definition -Point). The history of decisions and changes can be tracked by a -version control system of your choice (e.g. SubVersion). - -@item -Decisions are made by editing CFEngine's policy file -@file{promises.cf} on one of its included children. This process is -carried out off-line. - -@item -Once decisions have been formalized and coded, this new policy is -copied @emph{manually} (a human decision) to a @emph{decision -distribution point}, which by default is located in the directory -@file{/var/cfengine/masterfiles} on all policy distribution servers. - -In this introduction, we shall assume that there is only one central -policy distribution server, a specially-appointed server which is -referred to simple as the @code{policy server}. - - -@item -Every client machine contacts the policy server and downloads these -updates. The policy server can be replicated if the number of clients -is very large, but we shall assume here that there is only one policy -server. -@end itemize - -Once a client machine has a copy of the policy, it extracts only those -promise proposals that are relevant to it, and implements any changes -without human assistance. This is how CFEngine manages change. - -@cartouche - -@emph{WHY DO THIS? CFEngine tries to minimize dependencies by decoupling -processes. By following this pull-based architecture, CFEngine will -tolerate network outages and will recover from deployment errors -easily. By placing the burden of responsibility for decision at the -top, and for implementation at the bottom, we avoid needless fragility -and keep two independent quality assurance processes apart.} - -@end cartouche - - - -@c *********************************************************** -@node Configuration version control and rollback, Delegating responsibility, The policy decision flow, Quality Assurance around CFEngine -@section Version control and rollback - - - -CFEngine does not provide specific tools for versioning promise -specifications. It is recommended to use a tool such as subversion for -this. CFEngine does allow you to track changes and keep versions of -non-trivial changes, such as file content changes. - -Subversion maintains revision numbers on files. It is useful to be -able to refer to version names or numbers also in CFEngine. A version -string can be added to files as follows: -@smallexample -body common control -@{ -version => 1.2.3 -@} - -@end smallexample -This defines the version number of a set of configuration files -which is referred to in reference messages from CFEngine. - - -When CFEngine saves a current version of a file that it is modifying -or replacing, by default such files are given a new extension and -remain within the same directory which they were -encountered. Alternatively, one can specify a repository directory to -which such files can be moved instead. The repository location is -specified in the @code{control} section: -@smallexample - -body agent control -@{ -default_respository => "/var/cfengine/repository"; -@} - -@end smallexample -Files moved to the repository are given names reflecting their full path, with slashes replaced -by underscore characters. For some, this creates a clearer overview of the -changes that have occurred. - - - -@c *********************************************************** -@node Delegating responsibility, , Configuration version control and rollback, Quality Assurance around CFEngine -@section Delegating responsibility - -In a large organization, you delegate responsibility for different -issues to different teams. CFEngine has no meta-access control -mechanism which can decide who may write policy rules on what -issue. To create such a mechanism, there would have to be a monitor -which could identify users, and an authority mechanism that would -disallow certain users to write rules of certain types about certain -objects on certain hosts. Although it is @emph{possible} to create such -a system, it would be both technically difficult, very cumbersome -to use and would add a whole new level of complexity to policy and -potential error to the configuration process. - -To keep matters as simple as possible, we avoid this and propose a -different approach. Promise theory (CFEngine's basis) reveals a -straightforward answer to model the security implications of this (see -the figure of the bow-tie structure). A simple method of delegating is -the following. - -@enumerate -@item Delegate responsibility for different issues to admin teams 1,2,3, etc. -@item Make each of these teams responsible for version control of their own -configuration rules. -@item Make an intermediate agent responsible for collating and vetting the rules, checking for -irregularities and conflicts. This agent must promise to disallow rules by -one team that are the responsibility of another team. The agent could be a -layer of software, but a cheaper and more manageable solution is the make this -another group of one or more humans. - -@item Make the resulting collated configuration version controlled. Publish -approved promises for all hosts to download from a trusted source. - -@end enumerate - -A review procedure for policy promises is a good -solution if you want to delegate responsibility for different parts of -a policy to different sources. Human judgement is irreplaceable, and tools -can be added to make conflicts easier to detect. - -Promise theory underlines that, if a host of computing device accepts -policy from any source, then it is alone and entirely responsible for -this decision. The ultimate responsibility for the published version -policy is the vetting agent. This creates a shallow hierarchy, but -there is no reason why this formal body could not be comprised of -representatives from the multiple teams. - -@center @image{delegate,13cm,,Delegation of responsibility requires vetting access,png} - -@cartouche - -Run several CFEngines? Another way to delegate CFEngine control for -users that only require limited privileges would be to run several -agents as non-root users. This only works however if the tasks -delegated are very self-contained and require no special privilege. - -@end cartouche - - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf3-conceptguide.texinfo b/docs/guides/cf3-conceptguide.texinfo deleted file mode 100644 index 3c15ac8f32..0000000000 --- a/docs/guides/cf3-conceptguide.texinfo +++ /dev/null @@ -1,2505 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-conceptguide.info -@settitle CFEngine 3 Concept Guide -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine 3 Concept Guide -@subtitle A CFEngine AS workbook -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Introduction - System automation, (dir), (dir) -@top CFEngine Concepts -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@i{This document is an abbreviated version of the CFEngine tutorial (http://cfengine.com/manuals/cf3-tutorial.html).} - -@c ********************************************************************** -@menu -* Introduction - System automation:: -* The components of CFEngine:: -* Bodies and bundles:: -* A simple crash course in concepts:: -* Knowledge Management:: -@end menu - -@node Introduction - System automation, The components of CFEngine, Top, Top -@chapter Introduction - System automation - -@menu -* Managing diverse and challenging environments seamlessly and invisibly:: -* Managing expectations - a theory of promises:: -* Why automation?:: -* How do you view CFEngine:: -@end menu - -@node Managing diverse and challenging environments seamlessly and invisibly, Managing expectations - a theory of promises, Introduction - System automation, Introduction - System automation -@section Managing diverse and challenging environments seamlessly and invisibly - -CFEngine was designed to enable scalable configuration management, for -the -whole system life-cycle, in any kind of environment. -Almost every other system for configuration assumes that there will be -a reliable network in place and that changes will be pushed out -top-down from an authoritative node. Those systems are useless in -environments like - -@itemize -@item Mobile systems with partial or unreliable connectivity (e.g. a -submarine). -@item Systems where bandwidths are very low (e.g. a satellite or space -probe). -@item Systems where computing power is very low (e.g. ad hoc sensors -or kitchen appliances). -@end itemize - -CFEngine does not need reliable infrastructure. It works -opportunistically in almost any environment, using few resources. It -has few software dependencies. So, not only does it work in all of the -traditional fixed-plan scenarios, but it is capable of working in -totally ad hoc deployment: a temporary incident room, a submarine -drifting on and off line, a satellite or a robot explorer. - -One could argue `well I don't need that kind of system, because my -network is reliable'. However, your network is not as reliable as you -think, and mobility is an increasingly important topic. Even with a -very strong redundant network, the services that support the network -can be paralyzed by any of a number of failed dependencies or -mishaps. It is crucial in a modern pervasive environment that systems -remain available, fault tolerant and as far as possible independent of -external requirements. This is how to build scalable and reliable -services. - -@cartouche -CFEngine works in all the places you think it should, and all the new -places you haven't even thought of yet. How do we know? Because it -is based on almost 20 years of careful research and experience. -@end cartouche - - -@c -------------------------------------------------------------- -@node Managing expectations - a theory of promises, Why automation?, Managing diverse and challenging environments seamlessly and invisibly, Introduction - System automation -@section Managing expectations - a theory of promises - -One of the hardest things in management is to make everyone aware of -their roles and tasks, and to be able to rely on others to do the same. -@i{Trust} is an economic time-saver. If you can't trust you have to -verify, -and that is expensive. - -To improve trust we make promises. A promise is the documentation of an -intention to act or behave in some manner. This is what we need to -learn to -trust systems, no matter whether they are machines or humans. - -One CFEngine user once said to me, that the thing that had helped him -the most in deploying CFEngine was its design based around voluntary -cooperation. ``Our main problems were not technical but political -- -getting everyone to agree in all of our departments around the -world''. This was because, for all the technology, it is people who -make the decisions and people need to feel that the system is -empowering rather than disempowering them. - -@cartouche - -CFEngine works on a simple notion of promises. Everything in -CFEngine can be thought of as a promise to be kept by different -resources in the system. - -Combining promises with patterns to describe where and when -promises should apply is what CFEngine is all about. - -@end cartouche - - -@c -------------------------------------------------------------- -@node Why automation?, How do you view CFEngine, Managing expectations - a theory of promises, Introduction - System automation -@section Why automation? - - -Humans are good at making decisions and awful at reliable -implementation. Machines are pitiful at making decisions and very -good at reliable implementation. It makes sense to let each side do -the job that they are good at. - -The main problem in managing systems is a loss of self-discipline. -Discipline -does not imply that orders have to be barked from a central command. It -only requires that every part of the system knows its job and carries -it out seamlessly and flawlessly. - -Skilled workers tend to think that it is enough to be smart. In fact -this is wrong: smart people tend to be problem solvers and will -happily solve the same problem many times, wasting time and -effort. Moreover, human intervention is often based on panic and lack -of understanding so every time someone logs onto a system by hand, -they jeopardize everyone's understanding of the system. Only the -self-discipline of stable procedures leads to predictability. - -Ad hoc changes are bad because: -@itemize -@item Others have no idea what happened. -@item There is no record of changes or intentions. -@item A scar is left from the change. -@end itemize - - -People often rile against automation saying that it dehumanizes their -work. In fact the opposite is true: forcing humans to do the work of -machines, in repetitive and reliable ways is what dehumanizes people. -The only way to make progress with a bad habit is to recognize it and -be willing to abandon the habit. - - -@c -------------------------------------------------------------- -@node How do you view CFEngine, , Why automation?, Introduction - System automation -@section How do @i{you} view CFEngine? - -CFEngine is a framework. It is not so complex, but it is certainly -extensive. -Often when trying to describe CFEngine, it seems that there is too -much to -tell and it is hard to convey in a simple way what the software can do. -The picture below shows a few ways in which you can think of CFEngine. - -@center @image{boxes,12cm,,CFEngine application areas,png} - -For many users, CFEngine is simply a configuration tool -- -i.e. software for deploying and patching systems according to a -policy. Policy is described using promises -- indeed, every statement -in CFEngine 3 is a promise to be kept at some time or location. More -than this, however, CFEngine is not like most automation tools that -`roll out' an image of some software once and hope for the best. Every -promise that you make in CFEngine is continuously verified and -maintained. It is not a one-off operation, but an encapsulated process -that repairs itself should anything deviate from the policy. - -That clearly places CFEngine in the realm of automation, which often -begs the question: so it's just another scripting language? Certainly -CFEngine contains a powerful scripting language, but it is not like -any other. CFEngine is not a low level language like Perl, Python or -Ruby; it is a language of promises, in which you express very high -level intentions about the system and the inner details figure out the -algorithms needed to implement the result. - -Above all, CFEngine is aimed to promote human understanding of complex -processes. Its promises are easily documentable using comments that -the system remembers and reminds us about in error reporting. It hides -irrelevant and transitory details of implementation so that the -@i{intentions} behind the promises are highlighted for all to see. -This means that the knowledge of your organization can be encoded into -the CFEngine language. - -@cartouche -@i{WHY DOES KNOWLEDGE MATTER? 1. Technical descriptions are hard to remember. You might understand -your configuration decisions when you are writing them, but a few -months later when something goes wrong, you will probably have forgotten -what you were thinking. That costs you time and effort to diagnose. -2. Organizations are fragile to the loss -of those individuals who code policy. If they leave, often there is -no one left who can understand or fix the system. Only with proper -documentation is it possible to immunize against loss.} -@end cartouche - - - - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node The components of CFEngine, Bodies and bundles, Introduction - System automation, Top -@chapter The components of CFEngine - -CFEngine comprises a number of components. In this chapter we'll -consider how to -build them and what they are for. - - -@menu -* The players:: -* About the CFEngine architecture:: -* The policy decision flow:: -@end menu - - -@node The players, About the CFEngine architecture, The components of CFEngine, The components of CFEngine -@section The players - -A CFEngine system is something like an orchestra. -It is composed of any number of computers (players), each of which has -its -own copy of the music and knows what to play. It might or might not have -a conductor to help coordinate the individual parts -- that's up to you. - -CFEngine's software agents are independent components that run on each individual computer. They can -communicate if they need to, as depicted in the figure below. This means -you don't have to arrange risky login credentials to run your network --- and if something goes wrong with the communications network, -CFEngine is where it needs to be to repair or protect the system -during the outage. - -@image{components,10cm,,CFEngine components,png} - -If the network is not working, CFEngine just skips these parts and -continues -with what it can do. It is fault tolerant and opportunistic. - -@table @emph - -@item cf-promises -The promise verifier and compiler. This is used to pre-check a set of -configuration promises before attempting to execute. - -@item cf-agent - -This is the instigator of change. The agent is the part of CFEngine -that manipulates -system resources. - -@item cf-serverd - -The server is able to share files and receive requests to execute -existing policy on an individual machine. It is not possible to send -(push) new information to CFEngine from outside. - -@item cf-execd - -This is a scheduling daemon (which can either supplement or replace -@code{cron}). It also works as a wrapper, executing and collecting the -output of @code{cf-agent} and E-mailing it if necessary to a system -account. - -@item cf-runagent - -This is a helper program that can talk to @code{cf-serverd} and -request that it execute @code{cf-agent} with its existing policy. It -can thus be used to simulate a push of changes to CFEngine hosts, if -their policy includes that they check for updates. - -@item cf-report - -This generates summary and other reports in a variety of formats for -export or integration with other systems. - -@item cf-know - -This agent can generate an ISO standard Topic Map from a number of -promises about system knowledge. It is used for rendering documentation -as a `semantic web'. - -@end table - - - -@c ------------------------------------------------------------------------- -@node About the CFEngine architecture, The policy decision flow, The players, The components of CFEngine -@section About the CFEngine architecture - -This section explains how CFEngine will operate autonomously in a -network, under your guidance. If your site is large (thousands of -servers) you should spend some time discussing with CFEngine experts -how to tune this description to your environment as @emph{scale} -requires you to have more infrastructure, and a potentially more -complicated configuration. The essence of any CFEngine deployment -is the same. - - - -There are four commonly cited phases in managing systems, summarized -as follows: - -@itemize -@item Build -@item Deploy -@item Manage -@item Audit -@end itemize - -These separate phases originate with a model of system management -based on transactional changes. CFEngine's conception of management -is somewhat different, as transaction processing is not a good model for -system management, but we can use this template to see how -CFEngine works differently. - -@table @emph -@item Build -A system is based on a number of decisions and resources that need to -be `built' before they can be implemented. Building the trusted -foundations of a system is the key to guiding its development. You -don't need to decide every detail, just enough to build trust and -predictability into your system. - -In CFEngine, what you build is a template of proposed promises for the -machines in an organization such that, if the machines all make and -keep these promises, the system will function seamlessly as -planned. This is how it works in a human organization, and this is how -is works for computers too. - -@item Deploy -Deploying really means implementing the policy that was already -decided. In transaction systems, one tries to push out changes one by -one, hence `deploying' the decision. In CFEngine you simply publish -your policy (in CFEngine parlance these are `promise proposals') and -the machines see the new proposals and can adjust accordingly. Each -machine runs an agent that is capable of implementing policies and -maintaining them over time without further assistance. - -@item Manage -Once a decision is made, unplanned events will occur. Such -incidents traditionally set off alarms and humans rush to make new -transactions -to repair them. In CFEngine, the autonomous agent manages the system, -and you only have to deal with rare events that cannot be dealt with -automatically. - -@item Audit -In traditional configuration systems, the outcome is far from clear -after a one-shot transaction, so one audits the system -to determine what actually happened. In CFEngine, changes -are not just initiated once, but locally audited and maintained. -Decision outcomes are assured by design in CFEngine and maintained -automatically, so the main worry is managing conflicting -intentions. Users can sit back and examine regular reports of -compliance generated by the agents, without having to arrange -for new `roll out' transactions. - -@end table - -@cartouche -@emph{ROLL-OUT and ROLL-BACK? You should not think of CFEngine as a -roll-out system, i.e. one that attempts to force out absolute changes -and perhaps reverse them in case of error. Roll-out and roll-back are -theoretically flawed concepts that only sometimes work in practice. -With CFEngine, you publish a sequence of policy revisions, always -moving forward (because like it or not, time only goes in one -direction). All of the desired-state changes are managed locally by -each individual computer, and continuously repaired to ensure on-going -compliance with policy. } -@end cartouche - - -@c ------------------------------------------------------------------ -@node The policy decision flow, , About the CFEngine architecture, The components of CFEngine -@section The policy decision flow - -CFEngine does not make absolute choices for you, like other -tools. Almost everything about its behavior is matter of policy and -can be changed. However, a structure for use, like the following, is -recommended (see the following figure). - -In order to keep operations as simple as possible, CFEngine maintains -a private working directory on each machine referred to in -documentation as WORKDIR and in policy by the variable -@code{$(sys.workdir)}. By default, this is located at -@file{/var/cfengine} or @file{C:\var\CFEngine}. It contains everything -CFEngine needs to run. - -The figure below shows how decisions flow through the parts of a system. - -@image{arch,15cm,,The CFEngine architecture,png} - - -@itemize -@item -It makes sense to have a single point of coordination. Decisions are -therefore usually made in a single location (the Policy Definition -Point). The history of decisions and changes can be tracked by a -version control system of your choice (e.g. Subversion, CVS, etc.). - -@item -Decisions are made by editing CFEngine's policy file -@file{promises.cf} (or one of its included sub-files). This process is -carried out off-line. - -@item -Once decisions have been formalized and coded, this new policy is -copied @emph{manually} (a human decision) to a @emph{decision -distribution point}, which by default is located in the directory -@file{/var/cfengine/masterfiles} on all policy distribution servers. - -In this introduction, we shall assume that there is only one central -policy distribution server, a specially-appointed server which is -referred to simple as the @code{policy server}. - - -@item -Every client machine contacts the policy server and downloads these -updates. The policy server can be replicated if the number of clients -is very large, but we shall assume here that there is only one policy -server. -@end itemize - -Once a client machine has a copy of the policy, it extracts only those -promise proposals that are relevant to it, and implements any changes -without human assistance. This is how CFEngine manages change. - -@cartouche - -@emph{WHY DO THIS? CFEngine tries to minimize dependencies by decoupling -processes. By following this pull-based architecture, CFEngine will -tolerate network outages and will recover from deployment errors -easily. By placing the burden of responsibility for decision at the -top, and for implementation at the bottom, we avoid needless fragility -and keep two independent quality assurance processes apart.} - -@end cartouche - - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node Bodies and bundles, A simple crash course in concepts, The components of CFEngine, Top -@chapter Bodies and bundles - -To emphasize the fact that CFEngine is not an imperative programming -language, and to keep closely to the nomenclature of Promise Theory, -CFEngine uses two concepts throughout: bundles and bodies. - - -@menu -* Bodies:: -* Bundles:: -* A simple syntax pattern:: -@end menu - -@node Bodies, Bundles, Bodies and bundles, Bodies and bundles -@section Bodies - -Promises are the fundamental statements in CFEngine. Promises are the policy atoms. -If there is no promise, nothing happens. - -However, promises can become quite complicated and readability becomes -an issue, so it is useful to have a way of breaking them down into independent -components. The structure of a promise is this: - -@table @i -@item Promiser -This is the object that formally makes the promise. It is always the @i{affected object}, -since objects can only make promises about their own state or behavior in CFEngine. - -@item Promisee (optional) -This is a possible stakeholder, someone who is interested in the outcome of the -promise. It is used as documentation, and it is used for reasoning in the commercial -CFEngine product. - -@item Promise body -Everything else about a promise is defined in the body of the promise. -We use this word in the sense of `body of a contract' or the `body of a document' -(like @code{}) tags in HTML, for example. - -A promise body is a list of declarations of the following form: - -@verbatim -CFEngine_attribute_type => user_defined_value or template -@end verbatim - -@end table - -@menu -* Body parts:: -* Control bodies:: -@end menu - -@node Body parts, Control bodies, Bodies, Bodies -@subsection Body parts - -The CFEngine reserved word @code{body} is used to define -@i{parameterized templates} for bodies to hide the details of complex -promise specifications. For complex body lists, you must fill in a -body declaration as an `attachment' to the promise, e.g. - -@verbatim -files: - - "/tmp/promiser" # Promiser - - perms => myexample; # The body is just one line, - # but needs an attachment - -@end verbatim -The attachment is declared like this, with a `type' that matches the left -hand side of the declaration in the promise: -@verbatim -body perms myexample -{ -mode => "644"; -owners => { "mark", "sarah", "angel" }; -groups => { "users", "sysadmins", "mythical_beasts" }; -} -@end verbatim -The structure is this: - -@sp 1 -@cartouche -@smallexample - - @var{promiser} - - @b{LVALUE} => @var{RVALUE} - -.. - -body @b{LVALUE} @var{RVALUE} -@{ -@b{LVALUE} => @var{RVALUE}; -@b{LVALUE} => @var{RVALUE}; -@} -@end smallexample -@end cartouche -@sp 1 - -Another way of looking at it is this: - -@sp 1 -@cartouche -@smallexample - - @var{promiser} - - @b{CFEngine_word} => @var{user_defined_value} - -.. - - body @b{CFEngine_word} @var{user_defined_value} - @{ - @b{CFEngine_word} => @var{user_defined_value}; - @b{CFEngine_word} => @var{user_defined_value}; - ... - @} - -@end smallexample -@end cartouche -@sp 1 - -Body attachments are required items. You cannot choose to put the -attachments in-line. This is a lesson that was learned from CFEngine -2. Readability is quickly lost if too many details are placed in-line. - -@center @image{body_bundle,10cm} - -@node Control bodies, , Body parts, Bodies -@subsection Control bodies - -Some promises in CFEngine are implicit and hard-coded into the program. -For example, the fact that CFEngine looks for a number of files to read and -execute them in a sequence cannot be changed. -However, you can change the behavior of such promises by setting control -parameters. These are formally parts of the `promise body', so we use the body structure to set them. Each agent, (CFEngine software component) has a special body whose name is @code{control}, used for setting these parameters. For cf-agent and cf-serverd we can have: - -@verbatim -body agent control -{ -bundlesequence => { "test" }; -} -@end verbatim - -@verbatim -body server control -{ -allowconnects => { "127.0.0.1" , "::1", @(def.acl) }; -} -@end verbatim - - -@node Bundles, A simple syntax pattern, Bodies, Bodies and bundles -@section Bundles - -A bundle is a simple concept. A bundle is merely a collection of promises -in a `sub-routine-like' container. The purpose of bundles is to allow -you greater flexibility to break down the contents of your policies and -give them names. Bundles also allow you to re-use promise code by -parameterizing it. - -Like bodies, bundles also have `types'. Bundles belong to the agent that -is used to keep the promises in the bundle. So @code{cf-agent} has bundles -declared as - -@verbatim -bundle agent my_name -{ -} -@end verbatim - -@noindent The @code{cf-serverd} program has bundles declared as: -@verbatim -bundle server my_name -{ -} -@end verbatim -@noindent and so on. - - - -@menu -* Bundle scope:: -@end menu - -@node Bundle scope, , Bundles, Bundles -@subsection Bundle scope - -Variables and classes defined inside bundles are not directly visible outside. -All variables in CFEngine are globally accessible, however if you refer to a variable -by @samp{$(unqualified)}, then it is assumed to belong to the current bundle. To -access any other (scalar) variable, you must qualify the name using the name of -the bundle in which it is defined: -@samp{$(bundle_name.qualified)}. - -Some promise types, like @code{var}, @code{classes} may be made -by any agent. These are called @code{common} promises. Bundles of type @code{common} -are special. They may contain common promises. -Classes defined in common bundles have global scope. - -@node A simple syntax pattern, , Bundles, Bodies and bundles -@section A simple syntax pattern - -The syntax of CFEngine follows a simple pattern in all cases and has a few simple rules: - -@itemize -@item CFEngine built-in words, and identifiers of your choosing (the names -of variables, bundles, body templates and classes) may only contain -the usual alphanumeric and underscore characters (@samp{a-zA-Z0-9_}). - -@item All other `literal' data must be quoted. - -@item Declarations of promise bundles -in the form: -@example -bundle @var{agent-type} identifier -@{ -... -@} -@end example - -@item Declarations of promise body-parts in the form: -@example -body constraint_type template_identifier -@{ -... -@} -@end example -matching and expanding on a reference inside a promise -of the form -@samp{constraint_type => template_identifier}. - - -@item CFEngine uses many `constraint expressions' -as part of the body of a promise. These take the form: left-hand-side (cfengine word) -@samp{=>} right-hand-side (user defined data). This can take several forms: - -@verbatim -cfengine_word => user_defined_template(parameters) - user_defined_template - builtin_function() - "quoted literal scalar" - { list } -@end verbatim -In each of these cases, the right hand side is a user choice. -@end itemize - -Once you have learned this pattern, -it will make sense anywhere in the program. The figure below illustrates -this pattern. Some words are reserved by CFEngine, and are used as types or categories -for talking about promises. Other words (in blue) are to be defined by you. -Look at the examples and try to identify these patterns yourself. - -@image{cfengineword,14cm} - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** -@node A simple crash course in concepts, Knowledge Management, Bodies and bundles, Top -@chapter A simple crash course in concepts - - -@menu -* Rules are promises:: -* Best practice for writing promises:: -@c * Containers:: -* Decisions:: -* Types in CFEngine 3:: -* Datatypes in CFEngine 3:: -* Variables:: -* Loops:: -* The main promise types:: -* Test a promise?:: -@end menu - -@node Rules are promises, Best practice for writing promises, A simple crash course in concepts, A simple crash course in concepts -@section Rules are promises - -Everything in CFEngine 3 can be interpreted as a promise. Promises can -be made about all kinds of different subjects, from file attributes, -to the execution of commands, to access control decisions and -knowledge relationships. - -This simple but powerful idea allows a very practical uniformity in -CFEngine syntax. There is only one grammatical form for statements in -the language that you need to know and it looks generically like this: - -@smallexample - -type: - -classes:: - - "promiser" -> @{ "promisee1", "promisee2", ... @} - - attribute_1 => value_1, - attribute_2 => value_2, - ... - attribute_n => value_n; - -@end smallexample - -@noindent -We speak of a promiser (the abstract object making the promise), the -promisee is the abstract object to whom the promise is made, and then -there is a list of associations that we call the `body' of the -promise, which together with the promiser-type tells us what it is all -about. - -@cartouche -The promiser is always the object -affected by the promise. -@end cartouche - -Not all of these elements are necessary every time. Some promises -contain a lot of implicit behavior. In other cases we might want to -be much more explicit. For example, the simplest reports promise -looks like this: - -@smallexample - -reports: - -"hello world"; - -@end smallexample - -And the simplest commands promise looks like this - -@smallexample - -commands: - -"/bin/echo hello world"; - -@end smallexample - -@noindent -This promise has default attributes for everything except the -`promiser', i.e. the -command string that promises to execute. -A more complex promise contains many attributes: - -@smallexample - -# Promise type -files: - -# promiser -> promisee (no curly braces needed if only one) -"/home/mark/tmp/test_plain" -> "system blue team", - - # attribute => value - comment => "This comment follows the rule for knowledge integration", - perms => owner("@@(usernames)"), - create => "true"; - -@end smallexample -The list of promisees is not used by CFEngine except for -documentation, just -as the comment attribute (which can be added to any promise) has no -actual function -other than to provide more information to the user in error tracing -and auditing. - -You see several kinds of object in this example. All literal strings -(e.g. @code{"true"}) in CFEngine 3 must be quoted. This provides -absolute consistency and makes type-checking easy and error-correction -powerful. All function-like objects (e.g. @code{users("..")}) are -either built-in -special functions or parameterized templates which contain the `meat' -of the right hand -side. - -The words @code{commands}, and @code{files} are built-in promise -types. Promise types generally belong each to a particular component -of CFEngine, as the components are designed to keep different kinds of -promises. A few types, such as @code{vars}, @code{classes} and -@code{reports} are common to all the different component bundles. You -will find a full list of the promise types that can be made by the -different components in the reference manual. - - -@c ----------------------------------------------------------------------- -@c @node Best practice for writing promises, Containers, Rules are promises, A simple crash course in concepts -@node Best practice for writing promises, Decisions, Rules are promises, A simple crash course in concepts -@section Best practice for writing promises - -When writing promises, get into the habit of giving every promise a comment -that explains its intention. - -Also, give related promises @i{handles}, or labels that can be used to -refer to them by. - -@verbatim - -files: - - "/var/cfengine/inputs" - - handle => "update_policy", - comment => "Update the configuration from a master server", - - perms => system("600"), - copy_from => mycopy("$(master_location)","$(policy_server)"), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - -@end verbatim -If a promise affects another promise in some way, you can make the affected -promise one of the promisees, like this: - -@verbatim - -access: - - "/master/cfengine/inputs" -> { "update_policy", "other_promisee" }, - - comment => "Grant access to policy to our clients", - handle => "serve_updates", - - admit => { "217.77.34.*" }; - -@end verbatim - -Conversely, if a promise might depend on another in some (even indirect) way, document this too. - -@verbatim - -files: - - "/var/cfengine/inputs" - - comment => "Update the configuration from a master server", - handle => "update_policy", - - depends_on => {"serve_updates"}, - - perms => system("600"), - copy_from => mycopy("$(master_location)","$(policy_server)"), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - - -@end verbatim - -Get into the habit of adding the cause-effect lines of influence. -Enterprise editions of CFEngine will track the dependencies between these -promises and map out impact analyses. - -@c ----------------------------------------------------------------------- -@c @node Containers, Decisions, Best practice for writing promises, A simple crash course in concepts -@c @section Containers - - -@c CFEngine allows you to group multiple promise statements into containers called bundles. -@c @smallexample - -@c bundle agent identifier - -@c @{ -@c commands: -@c -@c "/bin/echo These commands are a silly way to use CFEngine"; -@c "/bin/ls -l"; -@c "/bin/echo But they illustrate a point"; - -@c @} - -@c @end smallexample - -@c Bundles serve two purposes: they allow us to collect related promises under a -@c single heading, like a subroutine, and they allow us to mix configuration for different -@c parts of CFEngine in the same file. The type of a bundle is the name of the component -@c of CFEngine for which it is intended. - -@c For instance, we can make a self-contained example agent-server -@c configuration by labeling the bundles: - -@c @smallexample - -@c # -@c # Not a complete example -@c # - -@c bundle agent testbundle - -@c @{ -@c files: - -@c "/home/mark/tmp/testcopy" - -@c comment => "Throwaway example...", -@c copy_from => mycopy("/home/mark/LapTop/words","127.0.0.1"), -@c perms => system, -@c depth_search => recurse("inf"); - -@c @} - -@c # - -@c bundle server access_rules - -@c @{ -@c access: - -@c "/home/mark/LapTop" - -@c admit => @{ "127.0.0.1" @}; -@c @} - -@c @end smallexample - -@c Another type of container in CFEngine 3 is a `body' part. Body parts -@c exist to hide complex parameter information in reusable containers. -@c The right hand side of some attribute assignments use body containers -@c to reduce the amount of in-line information and preserve readability. -@c You cannot choose where to use bodies: either they are used or they -@c are not used for a particular kind of attribute. What you can choose, however, is -@c the name and number of parameters for the body; and you can make as many of them as you like: -@c For example: - -@c @smallexample - -@c body copy_from mycopy(from,server) - -@c @{ -@c source => "$(from)"; -@c servers => @{ "$(server)" @}; -@c copy_backup => "true"; - -@c special_class:: - -@c purge => "true"; -@c @} - -@c @end smallexample - -@c Notice also that classes can be used in bodies as well as parameters so that -@c you can hide environmental adaptations in these bodies also. The classes used -@c here are effectively ANDed with the classes under which the calling promise -@c is defined. - - -@c ------------------------------------------------------------------ -@c @node Decisions, Types in CFEngine 3, Containers, A simple crash course in concepts -@node Decisions, Types in CFEngine 3, Best practice for writing promises, A simple crash course in concepts -@section Decisions - -CFEngine decisions are made behind the scenes and the results of -certain true/false propositions are cached in Booleans referred to as -`classes'. There are no if-then-else statements in CFEngine; all -decisions are made with classes. - -CFEngine runs on every computer individually and each time it wakes up -the underlying generic agent platform discovers and classifies -properties of the environment or context in which it runs. This -information -is effectively cached and may be used to make decisions about -configuration. - -Classes fall into hard (discovered) and soft (user-defined) types. A -single hard class can be one of several things: - -@itemize @bullet - -@item The name of an operating system architecture e.g. -@code{ultrix}, @code{sun4}, etc. - -@item The unqualified name of a particular host. If your system -returns a fully -qualified domain name for your host, CFEngine truncates it at the -first dot. Note: @code{www.sales.company.com} and -@code{www.research.company.com} have the same unqualified name -- @code{www}. - -@item The name of a user-defined group of hosts. - -@item A day of the week (in the form @code{Monday, Tuesday, -Wednesday, ..}). - -@item An hour of the day, current time zone (in the form @code{Hr00, -Hr01 ... Hr23}). - -@item An hour of the day GMT (in the form @code{GMT_Hr00, GMT_Hr01 ... -GMT_Hr23}). -This is consistent the world over, in case you need virtual -simultaneity of change -coordination. - -@item Minutes in the hour (in the form @code{Min00, Min17 ... Min45}). - -@item A five minute interval in the hour (in the form @code{Min00_05, -Min05_10 ... Min55_00}) - -@item The quarter-hour (in the form @code{Q1, Q2, Q3, Q4}). - -@item A day of the month (in the form @code{Day1, Day2, ... Day31}). - -@item A month (in the form @code{January, February, ... December}). - -@item A year (in the form @code{Yr1997, Yr2004}). - -@item A shift in @code{Night,Morning,Afternoon,Evening}, which fall -into six hour blocks -starting at 00:00 hours. - -@item A `lifecycle index', which is the year number modulo 3 (used in -long term resource memory). - -@item An arbitrary user-defined string. - -@item The IP address octets of any active interface (in the form -@code{@w{ipv4_192_0_0_1}}, -@code{@w{ipv4_192_0_0}}, @code{@w{ipv4_192_0}}, @code{@w{ipv4_192}}). - -@end itemize - -@c chew end Hard classes - -To see all of the classes define on a particular host, run - -@smallexample -host# cf-promises -v -@end smallexample -as a privileged user. Note that some of the classes are set only -if a trusted link can be established with cfenvd, i.e. if both -are running with privilege, and the @file{/var/cfengine/state/env_data} -file is secure. More information about classes can be found in -connection with -@code{allclasses}. - -User-defined or soft classes are defined in bundles. Bundles of type -@code{common} yield classes that are global in scope, whereas in all -other bundle types classes are local. Soft classes are evaluated when -the -bundle is evaluated. They can be based on test functions or simply from -other classes: - -@verbatim - -bundle agent myclasses -{ -classes: - -"solinus" expression => "linux||solaris"; - -# List form useful for including functions - -"alt_class" or => { "linux", "solaris", fileexists("/etc/fstab") }; - -"oth_class" and => { fileexists("/etc/shadow"), fileexists("/etc/ -passwd") }; - -reports: - -alt_class:: - - # This will only report "Boo!" on linux, solaris, or any system - # on which the file /etc/fstab exists - "Boo!"; -} - -@end verbatim - -@noindent Classes may be combined with the operators listed here in order -from highest to lowest precedence: - -@table @samp -@item () -The parenthesis group operator. -@item ! -The NOT operator. -@item . -The AND operator. -@item & -The AND operator (alternative). -@item | -The OR operator. -@item || -The OR operator (alternative). -@end table - -@noindent -So the following expression would be only true on Mondays or Wednesdays -from 2:00pm to 2:59pm on Windows XP systems: - -@example - -(Monday|Wednesday).Hr14.WinXP:: - -@end example - -@noindent Consider the following more advanced example. Promises in bundles -of type @samp{common} are global in scope -- all other promises are local to -the scope of their bundle. - - -@verbatim - -body common control -{ -bundlesequence => { "g","ls_1", "ls_2" }; -} - -################################# - -bundle common g -{ -classes: - -# The promise "zero" is always satisfied , and is global in scope -"zero" expression => "any"; - -} - -################################# - -bundle agent ls_1 -{ -classes: - -# The promise "one" is always satisfied , and is local in scope to ls_1 -"one" expression => "any"; -} - -################################# - -bundle agent ls_2 -{ -classes: - -# The promise "two" is always satisfied , and is local in scope to ls_2 -"two" expression => "any"; - -reports: - -zero.!one.two:: - - # This report @b{will} be generated - "Success"; -} - -@end verbatim - -Here we see that class @samp{zero} is global while classes @samp{one} -and @samp{two} are local. -The report `Success' result is therefore true because only @samp{zero} -and @samp{two} are in scope in the @samp{ls_2} bundle (and the class -expression for bundle @samp{ls_2} requires that both @samp{zero} and -@samp{two} be true and that @samp{one} not be true). - -CFEngine is controlled by a series of locks which prevent it from -checking promises too often, and which prevent it from spending too -long trying to verify promises it already verified recently. The locks -work in such a way that you can start several CFEngine processes -simultaneously without them interfering with each other. You can -control two things about each kind of action in the action sequence: - -@table @samp - -@item ifelapsed -The minimum time (in minutes) which should have passed since the last time -that promise was verified. It will not be executed again until -this amount of time has elapsed. -(Default time is 1 minute.) - -@item expireafter -The maximum amount (in minutes) of time cf-agent should wait for an old -instantiation to finish before killing it -and starting again. (Default time is 120 minutes.) - -@end table - -@noindent -You can set these values either globally (for all -actions) or for each action separately. If you -set global and local values, the local values override -the global ones. All times are written in units -of @emph{minutes}. Global setting is in the control body: - -@verbatim - -body agent control -{ -ifelapsed => "60"; # one hour -} - -@end verbatim - -@noindent -or locally in the transaction bodies: - - -@verbatim - -body action example -{ -ifelapsed => "90"; # 1.5 hours -} - -@end verbatim - -These locks do not prevent the whole of cf-agent from running, only -atomic promise checks. Several different atoms can be run concurrently -by different cf-agents. The locks ensure that atoms will never be -started by two cf-agents at the same time, or too soon after a -verification, causing contention and wasting CPU cycles. - - -@c ----------------------------------------------------------------------- -@node Types in CFEngine 3, Datatypes in CFEngine 3, Decisions, A simple crash course in concepts -@section Types in CFEngine 3 - -A key difference in CFEngine 3 compared to earlier versions is the -presence of types. Types are a mechanism for associating -values and checking consistency in a language. Once again, there is a -simple pattern to types in CFEngine. - -The principle is very simple: types exist in order to match like a -plug-socket relationship. In the examples above, you can see two places -where types are used to match templates: - -@itemize -@item Matching bundles to components: -@smallexample - -bundle TYPE name # matches TYPE to running agent -@{ -@} - -@end smallexample - -@item Match bodies templates to lvalues in @code{lvalues => rvalue} constraints: - -@smallexample - -body TYPE name # matches TYPE => name in promise -@{ -@} - -@end smallexample -@end itemize - - -@c ----------------------------------------------------------------------- -@node Datatypes in CFEngine 3, Variables, Types in CFEngine 3, A simple crash course in concepts -@section Datatypes in CFEngine 3 - -CFEngine variables have two meta-types: scalars and lists. A scalar is a single value, -a list is a collection of scalars. Each scalar may have one of three types: -@code{string}, @code{int} or @code{real}. Typing is dynamic, so these are -interchangeable in many instances. However arguments to special functions check legal -type for consistency. - -Integer constants may use suffixes to represent large numbers. - -@itemize - @item 'k' - = value times 1000. - - @item 'K' - = value times 1024. - - @item 'm' - = value times 1000^2 - @item 'M' - = value times 1024^2 - @item 'g' - = value times 1000^3 - @item 'G' - = value times 1024^3 - - @item '%' - meaning percent, in limited contexts - - @item 'inf' - = a constant representing an unlimited value. -@end itemize - - -@c -------------------------------------------------------------------- -@node Variables, Loops, Datatypes in CFEngine 3, A simple crash course in concepts -@section Variables - -Variables (or "variable definitions") are also promises -- the promise to -represent their values. We can write these in -any promise bundle. CFEngine recognizes two variable object types: scalars and -lists (lists contain 0 or more objects)@footnote{Arrays can be scalars or lists of the RHS (rvalues). An array is really just a pattern in the names of the LHS (lvalues), not a separate type.}, as well as -three data-types (string, integer and real). Typing in CFEngine is -dynamic, as in -Perl and other scripting languages. Thus variables of any data-type -may be used as strings. - - -@menu -* Scalar variable expansion:: -* List variable substitution and expansion:: -* Special list value cf_null:: -* Arrays in CFEngine 3:: -@end menu - -@node Scalar variable expansion, List variable substitution and expansion, Variables, Variables -@subsection Scalar variable expansion - -Scalar variables hold a single value. The are declared as follows: - -@smallexample -bundle @i{} name -@{ -vars: - -"my_scalar" string => "String contents..."; - "my_int" int => "1234"; - "my_real" real => "567.89"; - -@} - -@end smallexample - -The @samp{@i{}} indicates that any kind of bundle applies here. -Scalar variables are referenced by @samp{$(name)} (or -@samp{$@{name@}}) and they represent -a single value at a time. - -@itemize -@item Scalars that are written without a context, e.g. @samp{$(myvar)} -are local to the current bundle. - -@item Scalars are globally available everywhere provided one -uses the context to verify them e.g. @samp{$(context.myvar)} -may be written to access the variable `myvar' in bundle `context'. -@end itemize - - -@c ----------------------------------------------------------------------- -@node List variable substitution and expansion, Special list value cf_null, Scalar variable expansion, Variables -@subsection List variable substitution and expansion - -List variables hold several values. The are declared as follows: - -@smallexample -bundle @i{} name -@{ -vars: - - "my_slist" slist => @{ "list", "of", "strings" @}; - "my_ilist" ilist => @{ "1234", "5678" @}; - "my_rlist" rlist => @{ "567.89" @}; - -@} - -@end smallexample -An entire list is referred to with the at symbol @samp{@@}, but it does -not usually make sense to use this reference in a string. For instance -@smallexample - -reports: - - cfengine_3:: - - "My list is @@(my_slist)"; - -@end smallexample -@noindent means nothing and cannot be expanded (it does not generate an -error, but instead inserts the text @@(my_slist) into the string); but if -we use the scalar reference to a list variable, CFEngine will iterate over -the values in -the list essentially making this into a list of promises. - -@noindent To summarize: -@itemize - -@item Scalar references to @i{local} list variables imply iteration, -e.g. -suppose we have local list variable @samp{@@(list)}, then the -scalar @samp{$(list)} implies an iteration over every value of the -list. - - -@item Lists can be passed in their entirety in any context -where a list is expected as @samp{@@(list)}., e.g. - -@verbatim - -vars: - -"longlist" slist => { @(shortlist), "plus", "plus" }; - -"shortlist" slist => { "you", "me" }; - -@end verbatim - -The declaration order does not matter -- CFEngine will execute the promise -to assign the variable @samp{@@(shortlist)} before the promise to assign the -variable @samp{@@(longlist)}. - -@item Only local lists can be expanded directly. Thus @samp{$(list)} -can be expanded but not @samp{$(context.list)}. Global -list references have to be mapped into a local context if you want to -use them for iteration. -@end itemize - -Instead of doing this in some -arbitrary way, with possibility of name collisions, CFEngine -asks you to make this explicit. There are two possible approaches. - -The first uses parameterization to map a global list into a local -context. -@verbatim - -# -# Show access of external lists. -# -# - to pass lists globally, use a parameter to dereference them -# - -body common control -{ -bundlesequence => { hardening(@(va.tmpdirs)) }; -} - -######################################################### - -bundle common va -{ -vars: - - "tmpdirs" slist => { "/tmp", "/var/tmp", "/usr/tmp" }; - -} - -########################################################## - -bundle agent hardening(x) -{ -classes: - - "ok" expression => "any"; - -vars: - - "other" slist => { "/tmp", "/var/tmp" }; - -reports: - - ok:: - - "Do $(x)"; - "Other: $(other)"; -} - -@end verbatim - -This alternative uses a direct `short-circuit' approach to map the global -list into the local context. - -@verbatim -# -# Show access of external lists. -# - -body common control -{ -bundlesequence => { hardening }; -} - -######################################################### - -bundle common va -{ -vars: - - "tmpdirs" slist => { "/tmp", "/var/tmp", "/usr/tmp" }; - -} - -########################################################## - -bundle agent hardening -{ -classes: - - "ok" expression => "any"; - -vars: - - "other" slist => { "/tmp", "/var/tmp" }; - "x" slist => { @(va.tmpdirs) }; - -reports: - - ok:: - - "Do $(x)"; - "Other: $(other)"; -} -@end verbatim - - -@c ----------------------------------------------------------------------- -@node Special list value cf_null, Arrays in CFEngine 3, List variable substitution and expansion, Variables -@subsection Special list value @code{cf_null} - -As of CFEngine core version 3.1.0, the value @samp{cf_null} may be used as a NULL -value within lists. This value is ignored in list variable expansion. - -@verbatim - -vars: - - "empty_list" slist => { "cf_null" }; - -@end verbatim - - -@c ----------------------------------------------------------------------- -@node Arrays in CFEngine 3, , Special list value cf_null, Variables -@subsection Arrays in CFEngine 3 - -Array variables are written with @samp{[} and @samp{]} brackets, e.g. - -@verbatim - -bundle agent example - -{ -vars: - - "component" slist => { "cf-monitord", "cf-serverd", "cf-execd" }; - - "array[cf-monitord]" string => "The monitor"; - "array[cf-serverd]" string => "The server"; - "array[cf-execd]" string => "The executor, not executioner"; - -commands: - - "/bin/echo $(component) is" - - args => "$(array[$(component)])"; - -} - -@end verbatim - -Arrays are associative and may be of type scalar or list. Enumerated -arrays are simply treated as a special case of associative arrays, since -there are no numerical loops in CFEngine. Special functions exist to -extract lists of keys from array variables for iteration purposes. - -Thus one could have written the example above in the form of the -following example: - -@verbatim - -bundle agent array - -{ -vars: - - "v[index_1]" string => "value_1"; - "v[index_2]" string => "value_2"; - - "parameter_name" slist => getindices("v"); - -reports: - - Yr2008:: - - "Found index: $(parameter_name)"; - -} - -@end verbatim - - -@c ------------------------------------------------------------------ -@node Loops, The main promise types, Variables, A simple crash course in concepts -@section Loops -If you are looking for loops in CFEngine then we need to reprogram you -a little, as you are thinking like a programmer! CFEngine is not a -programming language that is meant to give you low level control, but -rather a set of declarations that embody processes. It's the difference -between the gears on a bicycle and the automated transmission in a -transporter. - -Loops are executed implicitly in CFEngine, but there is no visible -mechanism for it -- because that would steal attention from the -intention of the promises. The way to express them is through lists. - -Loops are really a way to iterate a variable over a list. Try the -following. - -@verbatim - -body common control - -{ -bundlesequence => { "example" }; -} - -########################################################### - -bundle agent example - -{ -vars: - -# This is a list - -"component" slist => { "cf-monitord", "cf-serverd", "cf-execd" }; - -# This is an associative array - -"array[cf-monitord]" string => "The monitor"; -"array[cf-serverd]" string => "The server"; -"array[cf-execd]" string => "The executor, not executionist"; - -reports: - -cfengine_3:: - -"$(component) is $(array[$(component)])"; - -} - -@end verbatim -The output looks something like this: -@smallexample - -/var/cfengine/bin/cf-agent -f ./unit_loops.cf -K - -R: cf-monitord is The monitor -R: cf-serverd is The server -R: cf-execd is The executor, not executionist - -@end smallexample -You see from this that, if we refer to a list variable using the -scalar reference -operator @samp{$()}, CFEngine interprets this to mean ``please iterate -over all -values of the list''. Thus, we have effectively a `foreach' loop, without the -attendant syntax. - -@c --------------------------------------------------------------------------- -@node The main promise types, Test a promise?, Loops, A simple crash course in concepts -@section The main promise types - -@noindent The following promise types may be used in any bundle: -@table @code -@item vars -A promise to be a variable, representing a value. -@item classes -A promise to be a class representing a state of the system. -@item reports -A promise to report a message. -@end table - -@noindent These additional promise types may be used only in agent bundles -@table @code -@item commands -A promise to execute a command. -@item databases -A promise to configure a database. -@item files -A promise to configure a file, including its existence, attributes and -contents. -@item interfaces -A promise to configure a network interface. -@item methods -A promise to take on a whole bundle of other promises. -@item packages -A promise to install a package. -@item storage -A promise to verify attached storage. -@end table - -@noindent These promise types belong to other components: -@table @code -@item access -A promise to grant or deny access to file objects in @code{cf-serverd}. -@item measurements -A promise to measure or sample data from the system, for monitoring or -reporting in @code{cf-monitord} (CFEngine Nova and above). -@item roles -A promise to allow certain users to activate certain classes when -executing @code{cf-agent} remotely, in @code{cf-serverd}. -@item topics -A promise to associate knowledge with a name, and possibly other -topics, in @code{cf-know}. -@item occurrences -A promise to point or refer to a knowledge resource, in @code{cf-know}. -@end table - - -@c --------------------------------------------------------------------------- -@node Test a promise?, , The main promise types, A simple crash course in concepts -@section Test a promise? - -If you are impatient to get hands-on experience, now might be a good time to take a break from Concepts and try out your first promises (@url{http://cfengine.com/manuals/cf3-tutorial.html#First-promises}. Still, since knowledge management is an integral part of CFEngine, we strongly recommend to read the following section on this very issue sooner rather than later. - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** -@node Knowledge Management, , A simple crash course in concepts, Top -@chapter Knowledge Management - - -A unique aspect of CFEngine, that is fully developed in the commercial -editions of the software, its ability to enable integrated knowledge -management as part of an automation process, and to use its configuration -technology as a `semantic' documentation engine. - -@image{topicmap,15cm,,,png} - -Knowledge management is the challenge of our times. Organizations -frequently waste significant effort re-learning old lessons because they have -not been documented and entered into posterity. Now you can alleviate -this problem with some simple rules of thumb and even build -sophisticated index-databases of documents. - - -@menu -* Promises and Knowledge:: -* The basics of knowledge:: -* Annotating promises:: -* A promise model of topic maps:: -* What topic maps offer:: -* The nuts and bolts of topic maps:: -* Example of topics promises:: -* Modeling configuration promises as topic maps:: -@end menu - -@node Promises and Knowledge, The basics of knowledge, Knowledge Management, Knowledge Management -@section Promises and Knowledge - -The learning curve for configuration management systems has been the -brunt of frequent criticism over the years. Users are expected to either -confront the informational complexity of systems at a detailed level, or -abandon the idea of fine control altogether. This has led either to -information overload or over-simplification. The ability to cope with -information complexity is therefore fundamental to IT management - -CFEngine introduced the @emph{promise model} for configuration in -order to flatten out this learning curve. It can lead to -simplifications in use, because a lot of the thinking has been done -already and is encapsulated into the model. One of its special -properties is that it is both a model for system behaviour and a model -for knowledge representation (this is what declarative languages seek -to be, of course). More specifically, it incorporated a subset of the -ISO standard for `Topic Maps', an open technology for semantic -indexing of information resources. By bringing together these two -technologies (which are highly compatible), we end up with a seamless -front-end for sewing together and browsing system information. - -Knowledge management is a field of research in its own right, and it -covers a multitude of issues both human and technological. Most would -agree that knowledge is composed of facts and relationships and that -there is a need both for clear definitions and semantic context to -interpret knowledge properly; but how do we attach @emph{meaning} to -raw information without ambiguity? - -Knowledge has quite a lot in common with configuration: what after all -is -knowledge but a configuration of ideas in our minds, or on some -representation medium (paper, silicon etc). It is a coded pattern, -preferably one that we can agree on and share with others. Both -knowledge and configuration management are about describing patterns. -A simple knowledge model can be used to represent a policy or -configuration; conversely, a simple model of policy configuration can -manufacture a knowledge structure just as it might manufacture -a filesystem or a set of services. - - -@node The basics of knowledge, Annotating promises, Promises and Knowledge, Knowledge Management -@section The basics of knowledge - -Knowledge only truly begins when we write things down: - -@itemize -@item The act of formulating something in writing brings a discipline -of thought than often lends clarity to an idea. -@item You never confront an idea fully until you try to put it into -language. -@item Any written record that is kept allows others to read it and -pass on the knowledge. -@end itemize - -The trouble is that writing is something people don't like to do, and -few are very good at. To an engineer, it can feel like a waste of -time, especially during a busy day, to break off from the doing to -write about the doing. Also, writing requires a spurt of creative -thinking and engineers are often more comfortable with manipulating -technical patterns and notations than writing fluent linguistic -formulations that seem overtly long-winded. - -CFEngine tries to bridge this gap by making documentation simple and -part of the technical configuration. CFEngine's knowledge agent then -uses AI and network science algorithms to construct a readable -documentation from these technical annotations. It can do this because -a lot of thought has already gone into the meaning of the promise -model. - -@node Annotating promises, A promise model of topic maps, The basics of knowledge, Knowledge Management -@section Annotating promises - -The beginning of knowledge is to annotate the technical specifications. -Remember that the point of a promise is to convey an @i{intention}. -When writing promises, get into the habit of giving every promise a -comment that explains its intention. Also, expect to give special -promises -@i{handles}, or helpful labels that can be used to refer to them in -other -promise statements. A handle could be something dumb like `xyz', but -you should -try to use more meaningful titles to help make references clear. - -@verbatim - -files: - -"/var/cfengine/inputs" - - handle => "update_policy", - comment => "Update the CFEngine input files from the policy server", - perms => system("600"), - copy_from => rcp("$(master_location)","$(policy_server)"), -depth_search => recurse("inf"), -file_select => input_files, - action => immediate; - -@end verbatim -@noindent If a promise affects another promise in some way, you can -make the affected one -promise one of the promisees, like this: - -@verbatim - -access: - -"/master/CFEngine/inputs" -> { "update_policy", "other_promisee" }, - -handle => "serve_updates", - admit => { "217.77.34.*" }; - -@end verbatim - -@noindent Conversely, if a promise might depend on another in some -(even indirect) way, document this too. - -@verbatim - -files: - -"/var/cfengine/inputs" - - handle => "update_policy", - comment => "Update the CFEngine input files from the policy -server", - depends_on => { "serve_updates" }, - perms => system("600"), - copy_from => rcp("$(master_location)","$(policy_server)"), -depth_search => recurse("inf"), -file_select => input_files, - action => immediate; - -@end verbatim - -@noindent This use of annotation is the first level of documentation -in CFEngine. -The annotations are used internally by CFEngine to provide meaningful -error messages with context and to compute dependencies that reveal -the existence of process chains. These can be turned into a topic map -for browsing the policy relationships in a web browser, using -@code{cf-know}. - - -@cartouche -The CFEngine Knowledge Map is only available in commercial editions -of the software, where the necessary support to set up and maintain -this technology can be provided. -@end cartouche - - -@node A promise model of topic maps, What topic maps offer, Annotating promises, Knowledge Management -@section A promise model of topic maps - -CFEngine's model of promises can also be used to promise information -and its relevance in different contexts. The Knowledge agent @code{cf-know} -understands three kinds of promise. - -@table @code -@item topics: -A topic is merely a string that can be associated with another string. It represents a `subject to be talked about'. -Like other promise types, you can use contexts, which are formed from other topics expressions to limit the scope of -the current topic promise. -@item things: -Things are a simplified interface to topics, that were introduced to make it easier -for users to contribute knowledge about more concrete `things', or less abstract ideas. -A challenge with knowledge management is the abstract and technical nature of the models -one must use to represent it. Things attempt to make that task easier. -@item occurrences: -An occurrence is a reference to a document or a piece of text that actually represents -knowledge content about the topic concerned. Occurrences are generally URLs or strings -explaining things or topics. -@end table - -@node What topic maps offer, The nuts and bolts of topic maps, A promise model of topic maps, Knowledge Management -@section What topic maps offer - -CFEngine is capable of automating the documentation of a policy, using basic annotations provided above, as a -knowledge map. They require very little effort from the user. If you -are using the Community Edition of CFEngine, you can develop a topic -map, but we do not support the backend technology without a -commercial license. In either case, once you become familiar with the -use of Topic Maps, you will want to extend your knowledge manually to -incorporate things like: - -@itemize -@item Local (high level) policy documents -@item Related databases, such as CMDBs -@end itemize - -@noindent So let us spend a while showing how to encode knowledge in -topic maps -using @code{cf-know}. - -The kind of result you can expect is shown in the pictures below. The -example figures show typical pages generated by the knowledge agent -@code{cf-know}. The first of these shows how we use the technology to -power the web knowledge base in the commercial CFEngine product. - -In this use, all of the data are based on documentation for -the CFEngine software, and most of the relationships are manually -entered. - -For a second example, consider how CFEngine can generate such a -knowledge map analysis of its own configuration (self-analysis). The -data in the images below describe the CFEngine configuration -promises. One such page is generated, for instance, for each policy -promise, and pages are generated for reports from different computers -etc. You can also create you own `topic pages' for any local -(enterprise) information that you have. - -In this example, the promise has been given the promise-handle -@code{update_policy}, and the associations and the lower graph shows -how this promise relates to other promises through its documented -dependencies (these are documented from the promisees and -@code{depends_on} attributes of other promises.). - -The example page shows two figures, one above the other. -The upper figure shows the thirty nearest topics (of any kind) that -are related to this one. -Here the relationships are unspecific. This diagram can reveal -pathways to related information -that are often unexpected, and illustrates relationships that broaden -one's understanding -of the place the current promise occupies within the whole. - -Although the graphical illustrations are just renderings of -semantic associations shown more fully in text, they are useful for -visualizing -several levels of depth in the associative network. This can be -surprisingly useful for brainstorming and reasoning alike. In -particular, one can see the other promises that could be affected if -we were to make a change to the current promise. Such impact analyses -can be crucial to planning change and release management of policy. - - - -@cartouche - -A knowledge base is a slightly improved implementation of a Topic Map which is an ISO -standard technology. A topic map works like an index that can point to -many different kinds of external resources, and may contain simple -text and images internally. So you use it to bind together documents -of any kind. A CFEngine knowledge base is not a new document format, it -is an overlay map that joins ideas and resources together, and -displays relationships. - -@end cartouche - - - - -@node The nuts and bolts of topic maps, Example of topics promises, What topic maps offer, Knowledge Management -@section The nuts and bolts of topic maps - - -@menu -* Topic map definitions:: -@end menu - -@node Topic map definitions, , The nuts and bolts of topic maps, The nuts and bolts of topic maps -@subsection Topic map definitions - -Topic maps are really electronic indices, but they form and work like -webs. -A topic is the technical representation of a `subject', i.e. anything -you might want -to discuss, abstract or physical e.g. an item of `abstract -knowledge', which probably has a number of concrete exemplars. It -might be a person, a machine, a quality, etc. - -Topics can be classified into boxes called @emph{topic-types} so that -related -things can be collated and unrelated things can be separated, e.g. -types allow us to distinguish between @code{rmdir} the Unix utility -and @code{rmdir} the Unix system-call. - -Each typed topic can further point to a number of references or -exemplars called @emph{occurrences}. For instance, an occurrence of -the topic `computer' might include books, web documents, database -entries, physical manifestations, or any other information. An -occurrence is a reference that exemplifies the abstract -topic. Occurrence references are like the page numbers in an -index. - - -A book index typically has `see also' references which point from one -topic to another. -Topic Maps allow one to define any kind of @emph{association} between -topics. Unlike an ordinary index, a topic map has a rich (potentially -infinite) variety of cross reference types. -For instance, -@smallexample -topic_1 ``is a kind of'' topic_2 -topic_1 ``is improved by'' topic 2 -topic_1 ``solves the problem of'' topic_2 -@end smallexample - -@noindent The topic map model thus has three levels of containers: - -@table @emph -@item Contexts -The box into which we classify a topic to disambiguate different -topics with the same name (`in the context of')@footnote{Here, CFEngine differs from the topic map standard in allowing contexts -to be overlapping sets, rather than mutually exclusive `types'. -CFEngine is guided by Promise Theory in this respect in order to enable -distributed cooperation and the development of a free and emergent ontology.}. - -@item Topics/Things -The representation of a subject (an index term). - -@item Occurrence Types -A term that explains how an actual document occurrence relates -to the topic is claims to say something about. e.g. (tutorial, manual, -or -example, definition, photo-album etc). - -@item Occurrences -Specific information resources: these are pointers to the actual -documents -that we want to read (like page numbers in an index). -@end table - - -Contexts map conveniently into CFEngine classes. -Topics map conveniently into promisers. -Occurrences also map to promisers of a different type. -These three label different levels of granularity of meaning. Contexts -represent a set of topics that might be relevant, which in turn encompass a set of -occurrences of resources that contain actual information about the topics in that context. The primacy of topics in this -stems from their ability to form networks by @emph{association}. - -The classic approach to information modeling is to build a -hierarchical decomposition of non-overlapping objects. Data are -manipulated into non-overlapping containers which often prove -to be overly restrictive. Topic maps allow us to avoid the kinds of -mistakes that have led to monstrosities like the Common Information -Model (CIM) with its @emph{thousands} of strictly non-overlapping type -categories. - -Each topic allows us to effectively `shine a light' onto the -occurrences of information that highlight the concepts pertinent to -the topic somehow. - - -@node Example of topics promises, Modeling configuration promises as topic maps, The nuts and bolts of topic maps, Knowledge Management -@section Example of topics promises - -You can use @code{cf-know} to render a topic map either as text (for -command line -use) or as HTML (for web rendering). We begin with the text rendering -as it requires less -infrastructure. You will just need a database. - -Try typing in the following knowledge promises: - -@smallexample - -body common control -@{ -bundlesequence => @{ "tm" @}; -@} - -################################################### - -bundle knowledge tm -@{ -topics: - - -"server" comment => "Common name for a computer in a desktop"; -"desktop" comment => "Common name for a computer for end users"; - -programs:: # context of programs - -"httpd" comment => "A web service process"; -"named" comment => "A name service process"; - -services:: - -"WWW" comment => "World Wide Web service", - association => a("is implemented by", - "programs::httpd", - "implements"); - - # if we don't specify a context, it is "any" - -"WWW" association => a("looks up addresses with", - "named", - "serves addresses to"); - -occurrences: - -httpd:: - "http://www.apache.org" - represents => @{ "website" @}; - -@} - -################################################### - -body association a(f,name,b) - -@{ -forward_relationship => "$(f)"; -backward_relationship => "$(b)"; -associates => @{ $(name) @}; -@} -@end smallexample - -@noindent The simplified things interface is similar, but uses fixed relations: - -@verbatim -bundle knowledge company_knowledge -{ -things: - regions:: - - "EMEA" comment => "Europe, The Middle-East and Africa"; - "APAC" comment => "Asia and the Pacific countries"; - - countries:: - "UK" synonyms => { "Great Britain" }, - is_located_in => { "EMEA", "Europe" }; - - "Netherlands" synonyms => { "Holland" }, - is_located_in => { "EMEA", "Europe" }; - - "Singapore" is_located_in => { "APAC", "Asia" }; - - locations:: - "London_1" is_located_in => { "London", "UK" }; - "New_Jersey" is_located_in => { "USA" }; - - networks:: - - "192.23.45.0/24" comment => "Secure network, zone 0. Single octet for corporate offices", - is_connected_to => { "oslo-hub-123" }; - -@end verbatim - -@menu -* Analyzing and indexing the policy:: -* cf-know:: -@end menu - -@node Analyzing and indexing the policy, cf-know, Example of topics promises, Example of topics promises -@subsection Analyzing and indexing the policy - -CFEngine can analyze the promises you have made, index and cross -reference them using the command: - -@verbatim -# cf-promises -r -@end verbatim -Normally, the default policy in Nova/Enterprise will perform this -command each time the policy is changed. - -@node cf-know, , Analyzing and indexing the policy, Example of topics promises -@subsection @code{cf-know} - -CFEngine's knowledge agent @code{cf-know} allows you to make promises -about knowledge and its inter-relationships. It is not specifically a -generic topic map language: rather it provides a powerful configuration -language for managing a knowledge base that can be compiled into a -topic map. - -To build a topic map from a set of knowledge promises in @file{knowledge.cf}, you would write: - -@verbatim -# cf-know -b -f ./knowledge.cf -@end verbatim - -The syntax of this file is hinted at below. -The full ISO standard topic map model is too rich to be a useful tool -for system knowledge management. However, this is where powerful -configuration management can help to simplify the process: encoding a -topic map is a complex problem in configuration, which is exactly what -CFEngine is for. CFEngine's topic map promises have the following -form: - -@smallexample - -bundle knowledge example -@{ -topics: - -topic_type_context:: # canonical container - -"Topic name" # short topic name - - comment => "Use this for a longer description", - association => a("forward assoc to","Other topic","backward assoc"); - - "Other topic"; - -occurrences: - -Topic_name:: # Topic - - "http://www.example.org/document.xyz" # URI to instance - - represents => @{ "Definition", "Tutorial"@}; # sub-types -@} - -@end smallexample -The association body templates look like this: -@verbatim - -body association a(f,name,b) -{ -forward_relationship => "$(f)"; -backward_relationship => "$(b)"; -associates => { $(name) }; -} - -@end verbatim - - - -@cartouche - -Promise theory adds a clear structure to the topic map ontology, which -is highly beneficial as experience shows that weak conceptual models -lead to poor knowledge maps. - -@end cartouche - - -@node Modeling configuration promises as topic maps, , Example of topics promises, Knowledge Management -@section Modeling configuration promises as topic maps - -We can model topic maps as promises within CFEngine; the -question then remains as to how to use topic maps to model -configurations so that CFEngine users can navigate the documented -promises using a web browser and be able to see all of the -relationships between otherwise isolated and fragmentary rules. This -will form the basis of a semantic Configuration Management Database -(sCMDB) for the CFEngine software. The key to making these ends meet -is to see the configuration of the topic map as a number öf promises -made in the abstract space of topics and the turning each promise into -a meta-promise that models the configuration as a topic with attendant -associations. Consider the following CFEngine promise. - -@verbatim - -bundle agent update -{ -files: - -any:: - -``/var/cfengine/inputs'' -> { ``policy_team'', ''dependent'' }, - - comment => ``Check policy updates from source'', - perms => true, - mode => 600, - copy_from => true, - copy_source => /policy/masterfiles, - compare => digest, - depth_search => true, - depth => inf, - ifelapsed => 1; - -} -@end verbatim - -This system configuration promise can be mapped by CFEngine into a -number of other promise proposals intended for the @code{cf-know} -agent. Suppressing some of the details, we have: - -@verbatim - -type_files:: - -"/var/cfengine/inputs" - association => a("promise made in bundle","update","bundle -contains promise"); -"/var/cfengine/inputs" - association => a("specifies body type","perms","is specified in"); -"/var/cfengine/inputs" - association => a("specifies body type","mode","is specified in"); -"/var/cfengine/inputs" - association => a("specifies body type","copy_from","is specified -in"); - -# etc ... - -occurrences: - -_var_CFEngine_inputs:: - - "promise_output_common.html#promise__var_CFEngine_inputs_update_cf_13" - represents => { "promise definition" }; - -@end verbatim -Note that in this mapping, the actual promise (viewed as a real world -entity) is an occurrence of the topic `promise'; at the same time each -promise could be discussed as a different topic allowing -meta-modeling of the entity-relation model in the real-world -data. Conversely the topics themselves become configuration items or -`promisers' in the promise model. The effect is to create a navigable -semantic web for traversing the policy; this documents the structure -and intention of the policy using a small ontology of standard -concepts and can be extended indefinitely by human domain experts. - - - - - -@chapter More... - -@cartouche - -You will find extensive help, examples and documentation as part of -the commercial CFEngine support. Visit the website @url{http://www.cfengine.com} for more -details. - -@end cartouche - -@noindent Need help getting started? -@itemize -@item CFEngine Installation: @url{http://cfengine.com/manuals/cf3-installation.html} -@item Get started, first promises: @url{http://cfengine.com/manuals/cf3-tutorial.html#First-promises} -@end itemize - -@noindent For a complete overview: -@itemize -@item Tutorial: @url{http://cfengine.com/manuals/cf3-tutorial.html} -@item Reference manual: @url{http://cfengine.com/manuals/cf3-Reference.html} -@end itemize - - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/cf3-enterprise.texinfo b/docs/guides/cf3-enterprise.texinfo deleted file mode 100644 index 933f34c84c..0000000000 --- a/docs/guides/cf3-enterprise.texinfo +++ /dev/null @@ -1,3602 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-enterprise.info -@settitle CFEngine and Enterprise Processes -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine and Enterprise Processes -@subtitle A CFEngine AS workbook -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Enterprise integration, (dir), (dir) -@top CFEngine-Enterprise-Manual -@end ifnottex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml -@iftex -@contents -@end iftex - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - - -@menu -* Enterprise integration:: -* CFEngine past and present:: -* ITIL past and present:: -* A meeting of mind-sets:: -* Using CFEngine to implement ITIL objectives:: -* Summary:: -* ITIL glossary:: -@end menu - -@c ********************************************************************** -@node Enterprise integration, CFEngine past and present, Top, Top -@chapter Enterprise Integration - -@menu -* Business alignment:: -* ITIL introduced:: -* Business processes and goals:: -* About Promises:: -* Is automation worthwhile?:: -@end menu - -@c ********************************************************************** -@node Business alignment, ITIL introduced, Enterprise integration, Enterprise integration -@section Business alignment - -The goal of most IT installations is to work as a support -infrastructure for some other primary activity, such as the running of -a business or other organization. Even if the primary activity is the -design of computer systems, or the writing of software, the supporting -infrastructure is a tool whose management is in principle separate -from the main business goals. As organizations become larger, the -management of the IT system and other ancillary activities frequently -become isolated from ``front line'' activities. - -IT infrastructure is an enabler, so it is important to ensure that it -succeeds in this task. How do we do this? This document is about how -to make CFEngine-management best support primary business or organizational -processes. - -We write this document in the light to two trends: the demotion of -system administration as a job description and the rise of service -oriented thinking to replace it, along with monolithic design -philosophy of systems. Service orientation is not so much a -technological innovation as it is a different kind of social -structure. It is a move away from hierarchy as the main model of -organization, toward generalized network structure. In computer -parlance, service orientation is essentially a peer to peer -structure. There are no automatic kings or commanders in chief, only -peers who need help from other peers. If such key positions arise, -they emerge naturally by necessity, not by presumption. - -For example, in the 1960s factory work in the United Kingdom was -organized hierarchically with powerful unions attending to a dutiful -``separation of concerns'', much like an idealized object oriented -system. To build a ship, one would have to ask the management to ask -panel producers for panels, then when they were finished they would -send the message back up the hierarchy so that management would -schedule the welders to arrive, then the painters and so on. Much -delay and inefficiency was caused by this organizational bureaucratic -structure. - -Although this behaviour persists to a lesser extent, today we use more -direct communication between the parts that need to connect and so -save much time and overhead. This service oriented thinking can be -applied to computing services, their organization and even the support -of those computing services. The service model can be applied at all -levels. - -In the late 1980s it was realized that a service oriented view of -management could profitably be formalized so as to be of benefit to -all organizations. This began the Information Technology -Infrastructure Library, building on the experience of leaders in -government and industry, including organizations such as the British -Broadcasting Corporation, the office of Government Commerce and others. - -@c ********************************************************************** -@node ITIL introduced, Business processes and goals, Business alignment, Enterprise integration -@section ITIL introduced - -The IT Infrastructure Library (ITIL) has emerged as a de-facto set -of ideas about service delivery. It is not based on any theoretical -model or design criteria. It is rather a set of self-proclaimed @emph{best -practices} compiled by representatives from government and industry. -As such its claims can be discussed, but we shall not do so here. -We shall refer to ITIL because it has become a popular set of -guidelines for all manner of IT organizations, and because it promotes -the idea of IT-business @emph{alignment}. - -ITIL was an important source of concepts and processes documented in -the following British and ISO standards: - -@itemize -@item BS 15000 -@item ISO/IEC 20000 (successor of BS 15000) -@end itemize - -ITIL now encompasses various books and courses and has its own -qualification scheme allowing for a certification of Service Managers - or IT staff. - -The key concepts of ITIL include @emph{service and process orientation}, and -service orientation is an important model for system organization -because it can encompass everything from the monolithic hierarchical -systems of yesteryear to modern day peer to peer architectures which -better mirror a free-market economic business interaction. It can be -applied to computer-provided services (e.g. web services, or even -configuration operations like CFEngine) or it can be applied to human -services and operations such as help desks and support. This makes it -an important centre-piece in the discussion. - -ITIL has its own particular terminology for discussing service related -matters. To relate these to the use of a technology such as CFEngine -we need to understand the words and how they are used. ITIL uses many -terms and phrases in a different way to system -administrators. - -The verb ``to manage'' originally meant ``to cope''. Only more recently -has strategic thinking changed it into a transitive verb: something that -we do to systems, like driving a car, or flying a plane. - -Today the term ``management'' signifies the introduction of a -bureaucratic level of governance, to control and verify the workings -of a system. The terminology this has come about mainly because -the people who wrote ITIL live in that kind of world and understand -things through these eyes. Ironically, computer engineers now speak -of ``self-management'' and ``autonomics'' to recover the original -idea of systems that can cope. - -In this document we have two principal aims: -@itemize -@item To explain a number of -patterns for using CFEngine to allow systems to cope with business -needs. - -@item To demystify ITIL for technicians and -engineers who do not naturally respond to business-speak, -relating CFEngine's capabilities (both the technical aspects that are -well known and the non-technical aspects of instrumentation and -reporting that are less well known) to the goals of ITIL. -@end itemize - - -@c ********************************************************************** -@node Business processes and goals, About Promises, ITIL introduced, Enterprise integration -@section Business processes and goals - -What do we need to make a business? Do we need a demand for a -``product'', a workflow to implement it, a supply (chain) -mechanism for selling it to a market? It turns out that the service -abstraction is a paradigm that fits all enterprises without too much -shoe-horning. - -Businesses have probably many goals in their grand designs: they have -high level visions, notions of secure and best practices, sometimes -even ethical policies. All of these can be couched in the language of -promises to behave in some way. - -Now, we can ask: what does it mean to align an IT infrastructure to -this business goal to provide @i{S}? First, for IT systems to have any -impact on the business goal at all, the business must rely on the IT -system in some way. This could either be directly, in the manner of an -e-commerce web-site, or it might be indirectly, for instance by -providing drawing and modelling software in an architect's office. In -either case there is a workflow in which an IT system plays an -intermediary role in the workflow process. - -In fact, it does not matter whether this is an IT system, a human being -or a steam-powered engine. What is key is that there is a technology -playing an intermediate role in the performance of a service. -We can display this as the workflow diagram shown by -the dotted lines in the figure. -The business @i{B} would like to provide service @i{S} to its customer @i{C}; -in actuality this requires the help of intermediary @i{I}. - -@image{intermediate,10cm,,Intermediate agent,png} - -Inserting an intermediate agent into a business process. The dotted -lines show a work flow path. The arc shows a promise the business -would like to make to the end customer -- but promise theory says that -it cannot if it does not have direct contact. - -Promise theory has several implications, and one of them is that an -agent cannot promise something @emph{with confidence} to an agent it is -not directly in contact with. This is because agents can only vouch -for their own behaviour. They cannot promise what an intermediate -agent would do. This has implications for the business. - -Suppose a business want to make a promise to its customer, but knows -that it must rely on intermediaries (the IT department for example) to -do so. Promise theory tells us that the business representative making -the promise requires promises from every intermediate agent in the -chain, and each of the agents in that chain require promises from down -the chain too. - -It is beyond the scope of this document to explain all of those -promises. What CFEngine allows a business to do is to automate many -of those promises -- or make them @emph{autonomic} (self-managing). - -@menu -* Teams control structures and collaboration:: -@end menu - -@c ********************************************************************** -@node Teams control structures and collaboration, , Business processes and goals, Business processes and goals -@subsection Teams and collaboration - -Humans are poor at reliable, repetitive work but they are infinitely -superior at creative work and decision-making. Modern theory on -success in business rejects the classic views of management with -militarized or bureaucratized chains of command and -control in favour of more human-creative -structures. Creative and adaptive workflow requires high level of -decentralization and autonomy, while at the same time protecting the -core values of the organization. - -Team work is a key element in decentralized organization -- both for -humans and computers. IT departments are often organized in this way, -for instance. Teams do not exist because they maximize production of -every individual, nor do they make an organization more predictable or -controllable. They exist because humans need continual motivation and -emotional support -- and indirectly this sustains workflow and adds -creativity to a business. One often overlooks the team-aspect of -coping when considering computer management, in favour of hierarchical -design. CFEngine does not force us into hierarchical systems however, -so we should not discard the smaller team idea too soon. - -@image{hierarchy,10cm,,Hierarchy has long traditions but modern thinking favours teams.,png} - -CFEngine is complex enough for it to make sense to delegate -responsibility for different issues. An organization will generally -consist of many groups and teams already, each with their own special -needs and each craving its own autonomy. CFEngine and promise theory -were designed for precisely this kind of environment. CFEngine allows -cooperation and sharing without allowing central managers to ride -roughshod over local needs. - -Teams thrive by discussion and interaction within the framework of a -policy or vision, allowing variation and arriving at a consensus when -necessary. Success in a team depends on a combination of abilities -working together not undermining one another. Conflicts in the -promises made by team members reveal design problems in the group. An -analysis of promises (CFEngine's model of collaboration) is a -significant tool for understanding and enabling businesses. - -M. Belbin a researcher in teamwork has identified nine abilities or -roles (kinds of promise) to be played in a team collaboration: - -@enumerate -@item Plant -- a creative ``ideas'' person who solves problems. - -@item Shaper -- this is a dynamic member of the team who thrives on -pressure and has the drive and courage to overcome obstacles. - -@item Specialist -- someone who brings specialist knowledge to the group. - -@item Implementer -- a practical thinker who is rooted in reality and can turn ideas into -practice (who sometimes frustrates more imaginative high flying -visionaries). - - -@item Resource Investigator -- an enabler, or someone who knows where to -find the help the team needs regardless of whether the help is -physical, financial or human. This person is good at networking. - - -@item Chairman/Co-ordinator -- an arbitrator who makes sure that -everyone gets their say and can contribute. - -@item Monitor-Evaluator -- is a dispassionate, discerning member who can -judge progress and achievement accurately during the process. - - -@item Team Worker -- someone concerned with the team's inter-personal -relationships and who is sensitive to the atmosphere of the group. - - - -@item Completer/Finisher -- someone critical and analytical who looks after the details of -presentation and spots potential flaws and gaps. The completer is -a quality control person. -@end enumerate - -His model has little room for technical workflow arguments. It is -entirely concerned with the creative process. This is probably -significant. We should ask ourselves: how can we use the freedom to -organize into specialized teams to maximize human creativity, while -passing hard work over to machines. Solving this problem is what -CFEngine is about. - - -@node About Promises, Is automation worthwhile?, Business processes and goals, Enterprise integration -@section About Promises - -@menu -* A theory:: -* Basic definitions:: -@end menu - -@c ********************************************************************** -@node A theory, Basic definitions, About Promises, About Promises -@subsection A theory for ITIL - -ITIL has no theory to back it up, so we have to look elsewhere for a -motivation of its practices. Promise theory is an attempt to do just -this for a service oriented model in which peers make promises to one -another. So it ought to work for ITIL also. -The advantage of promise theory is that it helps us to see how -CFEngine can be used, because promises provide a simple -picture of how CFEngine works. - -@cartouche -Think of CFEngine as a general tool for automatically making sure that promises are kept. -@end cartouche - -The popular service concept fails to capture one thing very clearly, namely the -distinction between making a promise and keeping a promise. A -service implies that something will be provided but it does not -specify when. - -Suppose we ask a security company to protect our assets. The company -might promise to deploy guards, or alarm technology, or it could -simply promise that you will be safe without explaining how the -promise will be kept. The promise does not necessarily imply any -action required to maintain this state of safety, but we still pay the -company for the service to keep this promise anyway. Trust plays an -important role, of course. - -Promise theory helps us to understand services in all forms by forcing -us to think carefully about the concept of @emph{autonomy}. Autonomy -implies several things: for instance, privacy of information, -independence of decision and responsibility for one's own -behaviour. The concept of autonomy is like a filter that makes us -think carefully about things that we often take for granted. It -is a good discipline, forcing us to confront what we think we know -about systems. - -The agents of promises are humans, computers or any entity that can be -associated with a promise even if by association with its owner or -designer. They are said to be autonomous if they cannot be forced to -make any promises about their behaviour by an outside agent. A useful -principle for understanding systems is the maximal @emph{separation of -concerns} and promises help us to separate independent issues. - -Separation of concerns is only half the story however. Promises are -also about describing how the parts of a system work together, just as -in team-work. Promises provide the glue that allows completely -autonomous parts to form an organization. We are not allowed to think -about ``control'' or ``command'', only about voluntary cooperation. -Keep these ideas in mind when reading this document. - -@c ********************************************************************** -@node Basic definitions, , A theory, About Promises -@subsection Basic promise definitions - -We can use the language of promises to make clearer definitions. -@itemize -@item @emph{Service}: a promise to act or provide a resource. -The promise is made from a `server' agent @i{S} to one or more external agents -which we call the clients. - -@item @emph{Agreement}: a mutual acceptance of knowledge by two agents (``the agents agree''). -The knowledge that is agreed to is called the body of the -agreement. Note that the term ``agreement'' is sometimes used -incorrectly to mean ``contract''. Agreement is often -signified by signing the body, or some equivalent declaration. In -promise theory an agreement is a pair of @emph{use-promises} between two -parties to acknowledge acceptance of the agreement body. - -@item @emph{Contract}: a bilateral bundle of proposed promises between two agents, -intended to serve as the body of an agreement. - -@item @emph{Service Level Agreement} An agreement between two parties whose body -describes a contract for service delivery and consumption. -@end itemize - - -Service Level Agreements (SLA) are now a well-known part of the -customer-business scenario. -How are promises different from Service Level Agreements (SLA)? -Promises are more primitive than agreements. Agreements bind two -parties to a collection of bilateral decisions that have been made in -advance. An agreement implies an existing infrastructure on which to -agree. A promise on the other hand is an entirely autonomous -statement about agents' behaviour (ad hoc). Showing only the promises in a -system does not imply any agreement between the parties, only -indications about their likely behaviours. - -In other words, seeing the promises that have been made, an external -observer could calculate effective service levels that have been -promised without any agreement taking place. Promises are therefore -more fundamental than agreements to the predictability of the system. - - -@c ********************************************************************** -@node Is automation worthwhile?, , About Promises, Enterprise integration -@section Is automation worthwhile? - -Process automation is an investment which has its own cost. The -benefits are not merely saved manpower but improved consistency or -certainty of process. Automation provides an automatic quality assurance. - -A simple argument against automation goes like this: if I can fix it -in five minutes then it is not worth automating, unless the automation -takes less time than that. - -The argument is simplistic. Before dismissing automation, one should -ask questions like this: -@itemize -@item How many of these five minute periods occur in the long run? -@item How much time was needed to diagnose each of them? -@item Could the problems have been avoided altogether by proactive maintenance? -@end itemize -One of the benefits of automation is in prevention, another is in -documenting institutional learning by codifying the processes -required for the avoidance of incidents. A tool like CFEngine which -separates intention (promises) from action makes this kind of -documentation highly readable and allows the learning to penetrate the -workflow processes directly. - -@c ********************************************************************** -@node CFEngine past and present, ITIL past and present, Enterprise integration, Top -@chapter CFEngine past and present - - -CFEngine is a free software package for automating the installation -and maintenance of networked computers. The project began in 1993 and -it has been in widespread use since 1995. CFEngine is available for all major -Unix and Unix-like operating systems, and it will also run under -NT-derived Windows operating systems via the Cygwin Unix-compatibility -environment/libraries. - -CFEngine scales easily from a single host to tens of thousands of -hosts. As of this writing, the largest installations we know of -regulate around 50,000 machines under a common administration. -CFEngine can manage many aspects of system configuration and -maintenance, including the following: - -@itemize -@item Performing post-installation tasks such as configuring the network interface. -@item Editing system configuration files and other files. -@item Creating symbolic links. -@item Checking and correcting file permissions and ownership. -@item Deleting unwanted files. -@item Compressing selected files. -@item Distributing files within a network. -@item Automatically mount NFS file systems. -@item Verifying the presence and integrity of important files and file systems. -@item Executing commands and scripts. -@item Applying security-related patches and similar system corrections. -@item Managing system server processes. -@end itemize - -CFEngine's purpose is to implement policy-based configuration -management. In practical terms, this means that CFEngine greatly -simplifies the tasks of system configuration and maintenance. For -example, to customize a particular system, it is no longer necessary -to write a program which performs each required action in a procedural -language like Perl or your favorite shell. Instead, you write a much -simpler policy description that documents @emph{how} you want your -hosts to be configured. The CFEngine software determines what needs to -be done in terms of implementation and/or remediation from this -specification. Such policy descriptions are also used to ensure that -the system remains configured as the system administrator wishes over -time. - -Here is a brief example of such a policy description which verifies and -installs a number of packages in a convergent way: - -@smallexample - -body common control -{ -bundlesequence => { "packages" }; -} - -############################################# - -bundle agent packages -{ -vars: - - "match_package" slist => { - "apache2", - "apache2-mod_php5", - "apache2-prefork", - "php5" - }; -packages: - - "$(match_package)" - - package_policy => "add", - package_method => yum; - -} - -@end smallexample - -This simple configuration is divided into four stanzas, each -introduced by a colon-terminated keyword, specifically -@code{control:}, @code{files:}, @code{copy:} and @code{tidy:}. The -@code{control} stanza defines a list of directories which we've named -@var{tmpdirs} which we'll use later (in the @code{tidy} stanza). - -The @code{files} stanza specifies that all of the files in the -directory @file{/usr/local/bin} should be owned by user root and -group bin and have the file mode 755. When CFEngine runs with this -configuration description it will correct any ownership and/or -permissions which deviate from these specifications. Thus, this -stanza serves to implement a policy about the proper ownerships and -permissions for the executables in the local binaries directory. - -The @code{copy} stanza prescribes different configurations for Linux -and Solaris systems. On Solaris systems, files in @file{/etc/pam.d} -will be updated with those in the directory @file{/config/pam/solaris} on a master server when the latter are newer. On -Linux systems, only the file @file{/etc/pam.d/common-auth} is updated -from the PAM master configuration because the Linux systems in -question use the PAM include file mechanism to propagate this file's -stacks to all of the PAM-enabled services. Note, however, that both of -these specifications implement the same underlying system -configuration maintenance policy: update the relevant PAM -configuration files from the master server if necessary. - -The final, @code{tidy} stanza illustrates the use of implicit -looping. The single directive in the example applies to each of the -directories in the @var{tmpdirs} list. For each directory, CFEngine -will delete all items in the directory or any of its subdirectories -which have not been accessed in seven days (including ones where the -filename begins with a period). Like the other directives in this -sample configuration file, this stanza implements a policy: items in -temporary directories which have not been used within a week will be -deleted. - -All CFEngine configuration descriptions are variations on these an -similar themes, albeit more elaborate ones. Before turning to more -details about the technical aspects of using CFEngine, a brief -consideration of the most important underlying and guiding theoretical -concepts is in order. - -@menu -* Fundamental Concepts:: -* CFEngine Components:: -@end menu - -@c ********************************************************************** -@node Fundamental Concepts, CFEngine Components, CFEngine past and present, CFEngine past and present -@section Fundamental CFEngine Concepts - -As we've stated, CFEngine operates on hosts in order to bring their -configurations in line with the specified policies. -We need to define some terms. - -@table @i -@item Host -A host is a single computer that runs an operating system like Unix, -Linux or Windows. We will sometimes talk about machines too, and -a host can also be a virtual machine supported by an environment VMWare or Xen/Linux. - -@item Policy -This is a specification of what we want a host to be like, or how -we want it to behave. A policy is essentially a piece of -documentation that describes technical details and -characteristics. CFEngine implements policies that are specified via -directives of the sort we just considered. - -@item Configuration -The configuration of a host is the actual state of its resources, e.g. -the permissions and contents of files, the inventory of software installed, etc. It -is the `state of affairs' on a particular host at a given time. -@end table - -What are we aiming for with CFEngine? The answer is: @emph{policy -conformant configuration}. We want to formulate a specification of not -just one host, but usually many, including how they all interact, -perhaps to solve a business problem; then we want to leave the -details, implementation and maintenance to a robot agent: -@code{cfagent}. - -Humans are good at understanding input and thinking up solutions but they -not very reliable at implementation: @emph{doing} things reliably. Machines and -software agents are good at carrying out tasks reliably, but are not -good at understanding or finding actual solutions. With CFEngine, you -let the distinct parts of your human-computer organization concentrate -on what they are each good at. - -CFEngine can also produce reports about systems for monitoring the -performance and compliance with policies. This is an important aspect -of business integration as service providers want to know whether they -are delivering what they have promised, and whether their money has been -spent wisely. - -@node CFEngine seen from an ITIL perspective -@section CFEngine seen from an ITIL perspective - -The figure below shows the three cornerstones of CFEngine and how they relate to one another. - -@image{cfengine-schematic,10cm,,The key aspects of CFEngine from an ITIL perspective,png} - -@itemize -@item @code{cf-agent} is the engine for configuration management. It takes -a policy (expressed in promises) and ensures continuously that promises are kept. - -@item @code{cf-monitord} is the lightweight monitoring agent, that observes the states -of the system that can not be specified by policy, i.e. performance aspects that are determined -by the environment in which a system is placed. - -@item @code{cf-know} is the knowledge agent which builds a semantic web-overview of -the policy and state of the system, using topic maps. -@end itemize - -This triumvirate of components exchanges information in all directions to build -a complete, reflective, policy-based management framework. - -The @i{convergent automation} that CFEngine provides, along with its model of -promises, provides an immediate ITIL process loop for @i{incident management}, -repairing deviations from a given release of policy. - -What CFEngine tries to achieve is the separation of design from implementation, -in much the way that style-sheets do this for web browsers. The CFEngine policy -is a (probably incomplete) specification of all machines' configurations, -and the @code{cf-agent} is an implementation engine. When intention and action -have been separated, all that is really left for humans to govern is @i{knowledge}. - -Policy is, of course, knowledge about our @i{intentions} for the -system. Monitoring data are knowledge about the state of the system -that we have not directly planned for. Knowledge about unforeseen -events helps us to inform the next revision of policy, and builds up -historical records about system behaviour. Thus, the information -about actual happenings feeding back into new @i{releases} of policy is -what ÃÂTIL refers to as @i{problem management}. - -In this way, CFEngine supports the process of knowledge management `DIKW', -from Data to Information to Knowledge to Wisdom. - - - -@node How is CFEngine different from a classical CMDB? -@section How is CFEngine different from a classical CMDB? - -One of ITIL's central requirements is the Configuration Managment -Database or CMDB. According to ITIL this database is built up of -inventory information and relationships. The database starts out as -an archive of collected information but at some point it stops being a -record of obvservation and starts becoming an authoratative template -for defining and `imaging' systems. - -The CFEngine view is that a database is only ever a report cache. It -is never the authoratative source of a configuration, because a ER -data model does not provide an expressive enough language for -describing a system. CFEngine has its own policy language, with -special properties and optimizations for the authoratative intentions -of the system. Thus @code{cf-agent} reads policy, written in the -CFEngine language, and implements it. Then the agent itself, in -concert with other components like @code{cf-monitord} reports back on -what really happened, and this is cached in a database (which might be -called a CMDB). This is the separation of duties that CFEngine holds -to. - -One important difference is that relationships do not have to be -data-mined from the database. They can be coded directly in policy, -and thus they too can be authoratative, not merely guessed. - - -@menu -* Promises actions operations:: -* Convergence:: -* Classes and Declarations From One to Many Hosts:: -* Voluntary Cooperation:: -* Scalability:: -@end menu - -@node Promises actions operations, Convergence, Fundamental Concepts, Fundamental Concepts -@section Promises, Actions and Operations - -CFEngine's philosophy fits quite well with the service oriented -approach to computing. - -A CFEngine policy can be thought of as a list of promises which the -system makes to some auditor about its configuration. Most of the -these promises involve the possibility of @emph{change} to make a host -fulfills its policy promises. We call such changes @emph{actions} or -@emph{operations}. As you probably already guessed, the auditor in this -scenario is part of CFEngine itself. Cfagent is also the mechanic -or surgeon that performs the operations on the system, if it does not -meet its promises. - -By describing its operation in this manner, we can think of configuration -management as a service that is provided, a service that is intimately -connected with monitoring and maintenance, and which can be ``bought'' -on demand without necessarily subordinating a system to a central authority. - -@table @i -@item Operation -A unit of change is called an operation. CFEngine deals with changes to -a system, and operations are embedded into the basic sentences of a -CFEngine policy. They tell us @emph{how} policy constrains a host, -in other words, how we will prevent a host from running away. -@end table - -For example, in the software package promise above, - -@smallexample - -packages: - - "$(match_package)" - - package_policy => "add", - package_method => yum; - -@end smallexample - -There are implicit operations (actions) in this declaration: specifically, the -operations that will change the packages if/when they do not conform to this -simple specification. - -@node Convergence, Classes and Declarations From One to Many Hosts, Promises actions operations, Fundamental Concepts -@subsection Convergence - -A key property of CFEngine is convergence. This is an important characteristic -that distinguishes it from general computer languages. It is a property that -helps to prevent systems from diverging: running away in an uncontrollable -fashion. - -@table @i -@item Convergence -An operation is convergent if it always brings the configuration of a -host closer to its ideal, policy-conformant state and has no effect if -the host is already in that state. We shall sometimes call it a -``correct state'' or a ``healthy state,'' using the metaphor that a -badly configured host is suffering from a kind of sickness. -@end table - -Here is an example used during the editing of an ASCII file: - -@smallexample - -insert: - - "@var{Important configuration line}"; - -@end smallexample -This operation tells CFEngine to insert the given text (by default at the end of a -file), only if it is not already there. The policy-conformant configuration is -therefore that the line is present, and once that is achieved nothing -more will be done. We say that the operation @code{insert} -is @i{convergent}. - -Don't underestimate the value of convergence. It provides you with -stability. Because CFEngine's language interface strongly discourages -you from doing anything non-convergent, it also help to prevent -mistakes. The price is that you will have to learn to think in a -convergent way---and that is new for most people who come to CFEngine for -the first time. - -@c ********************************************************************** -@node Classes and Declarations From One to Many Hosts, Voluntary Cooperation, Convergence, Fundamental Concepts -@subsection One or Many Hosts - -One of the features that makes CFEngine policies readable is the -ability to hide away all of the complex decision-making that -needs to be performed by the agent. To realize this ambition, CFEngine -uses a @emph{declarative} language to express policy. - - -A declarative language is simply a structured list of sentences (in -the case of CFEngine, it is a list of policy promises). It is stated -in no particular order; it describes a final goal that is to be -achieved. The details of how one gets there are left implicit: to be -evaluated and implemented by the engine that interprets the -specification. This is in contrast to @emph{procedural} or -@emph{imperative} languages, such as shell or Perl which micro-manage -every step along the way. - -In an imperative language, one focuses on the procedure. In a declarative -language, one focuses on the intention, or the presumed result. - -One example of this is the use of classes in CFEngine. Classes are a -way of making decisions, without writing many ``if-then-else'' -clauses. A class is an identified which has the value ``true'' when a -particular test is true. It is a Boolean variable; if you like it -caches the result of an ``if'' test. The benefit of classes is that -all of the testing can be hidden away in the bowels of CFEngine, and -only the results need be visible if or when they are needed. - -@table @i -@item Classes -A class is a way of slicing up and mapping out the complex environment -of one or more hosts into regions that can then be referred to by a -symbol or name. They describe scope: @emph{where} something is to -be constrained. -@end table - -For example, the class @code{debian} is true if and only if cfagent is -running on a host that has Debian Linux as its operating system. - -@node Voluntary Cooperation, Scalability, Classes and Declarations From One to Many Hosts, Fundamental Concepts -@subsection Voluntary Cooperation - -It is a fundamental property of CFEngine components that every host -retains its individual autonomy. A host can always opt out of CFEngine-based governance if its administrator wants to. -This principle leads to a fundamental design and implementation decision: - - -@table @i -@item Autonomy -No CFEngine component is capable of receiving information that it -has not explicitly asked for itself, nor can it be advised or commanded -by an outside agent without requesting such advice. -@end table - -It is important to understand what this means. It does not mean that -centralized control of hosts cannot be achieved. Centralized control -is the way that most users choose to use CFEngine. Indeed, all you have -to do to achieve centralized control is to make a policy decision for -all your hosts to fetch policy specifications from a central authority. - -Autonomy does mean that if your environment has some small groups or -sub-cultures with special needs, it is possible for them to retain -their special identity. No one claiming to be their self-appointed -authority can ride rough shod over their local decisions. - -@emph{Where does policy come from then?} -Each host works from a policy specification that CFEngine expects to -find in a local directory (usually @file{/var/cfengine/inputs} on a -Unix-like host). If you want your host to be controlled from some -central manager or authority, then your policy must contain -bootstrapping specifications that say: ``@emph{it is my decision that -I should download and follow the policy specification located -at the central manager}.'' - -Each host can turn this policy decision off at any time. -This is a key part of the CFEngine security model. - - -@c ********************************************************************** -@node Scalability, , Voluntary Cooperation, Fundamental Concepts -@subsection Scalability - -CFEngine's scalability is at least as good as any other system, -because it allows for maximal distribution of -workload. - -@table @i -@item Scalable distributed action -Each host is responsible for carrying out checks and maintenance -on/for itself, based on its local copy of policy. -@end table - -This does not mean that you are immune from making bad decisions. -For example, network services can always be a bottleneck if you ask 10,000 hosts -to fetch something from one place at the same time. - -The fact that each CFEngine agent keeps a local copy of policy (regardless -of whether it was written locally or inherited from a central -authority) means that CFEngine will continue to function even if -network communications are down. - -@node CFEngine Components, , Fundamental Concepts, CFEngine past and present -@section CFEngine Components - -The CFEngine software consists of a number of components: separate -programs that work together (see figure). The components differ -between version 1 and version 2. We shall only discuss CFEngine 2 -here, as CFEngine version 1 is no longer supported, and you are strongly -advised to use version 2. In addition, CFEngine version 3 is being -developed at the time of writing, but this will take a number of years -before it can fully replace version 2. It will incorporate the state -of the art in Network and System Administration research, building on all -the lessons learned from versions 1 and 2. - -The components of CFEngine are: - - -@itemize -@item @code{cfagent}: Interprets policy promises and implements them in a convergent manner. -The agent can use data generated by the statistical monitoring engine @code{cfenvd} and -it can fetch data from @code{cfservd} running on local or remote hosts. - -@item @code{cfexecd}: Is a scheduler and wrapper which executes @code{cfagent} and logs -its output (optionally sending a summary via email). It can be run in -daemon (standalone) mode, or it can be run from @code{cron} -on a Unix-like system. - -@item @code{cfservd}: A server daemon that serves file data. It can also be configured -to start @code{cfagent} immediately on receipt of a connection from @code{cfrun}. No -actual data can be passed to this daemon. - -@item @code{cfrun}: A helper application that polls hosts and asks them to run @code{cfagent} -if they agree. - -@item @code{cfenvd}: A statistical state monitor that collects statistics -about resource usage on each host for anomaly detection purposes. The information is -made available to the agent in the form of CFEngine classes so that the agent can check for and respond -to anomalies dynamically. - -@item @code{cfkey}: Generates public-private key pairs on a host. You normally run this -program only once, as part of the CFEngine software installation process. - -@item @code{cfshow}: Displays the @code{cfagent} database contents in ASCII format, should you ever -become interested in its internal memory. - -@item @code{cfenvgraph}: Dumps @code{cfenvd}'s statistical database contents in a form -that can be used to plot graphs showing the normal behavior of a host in its -environment. -@end itemize - -@image{cfdiag,10cm,,CFEngine Components and the Connections Between Them,png} - -This figure illustrates the relationships among CFEngine -components on different hosts. On a given system, @code{cfagent} may -be started by the @code{cfexecd} daemon; the latter also handles -logging during @code{cfagent} runs. In addition, operations such as -file copying between hosts are initiated by @code{cfagent} on the -local system, and they rely on the @code{cfservd} daemon on the remote -system to obtain remote data. - - -@c ********************************************************************** -@node ITIL past and present, A meeting of mind-sets, CFEngine past and present, Top -@chapter ITIL past and present - - -The IT Infrastructure Library (ITIL) is a collection of books, in which -``best practices'' for IT Service Management (ITSM) are described. Today, -ITIL can be seen as a de-facto standard in the discipline of ITSM, for -which it provides guidelines by its current core titles Service -Strategy, Service Design, Service Transition, Service Operation and -Continual Service Improvement. ITIL follows the principle of -process-oriented management of IT services. - -In effect, the responsibilities for specific IT management decisions -can be shared between different organizational units as the management -processes span the entire IT organization independent from its -organizational partition. Whether this means a centralization or -decentralization of IT management in the end, depends on the concrete -instances of ITIL processes in the respective scenario. - - -@menu -* ITIL and its versions:: -* Foundations:: -* Tool Support:: -@end menu - -@c ********************************************************************** -@node ITIL and its versions, Foundations, ITIL past and present, ITIL past and present -@section ITIL and its versions - -ITIL has its roots in the early 1990s, and -since then was subject to numerous improvements and enhancements. -Today, the most popular release of ITIL is given by the books of ITIL version 2 (often referred to as ITILv2), -while the British OGC (Office of Government Commerce), owner and publisher -of ITIL, is currently promoting ITIL version 3 (ITILv3) under the device "`ITIL Reloaded"'. - -It is important to understand that ITILv3 is not just an improved version of -the ITILv2 books, but rather comes with a completely renewed structure, -new sets of processes and a different scope with respect to the issue of -IT strategies, IT-business-alignment and continual improvement. That is why, in the following, -we run through the basics of both versions, highlighting commonalities -and differences. - - -@menu -* ITIL Important Foundations:: -* ITILv2 Service Support and Service Delivery:: -* ITILv3 Management from the Service Life Cycle Perspective:: -@end menu - -@node ITIL Important Foundations, ITILv2 Service Support and Service Delivery, ITIL and its versions, ITIL and its versions -@subsection ITIL: Important Foundations - -It is the paradigm of process-oriented IT Service Management -that ITIL is based on. In addition, ITIL uses the Deming quality -circle as a model for continual quality improvement, where quality both -relates to the provided IT services as well as the management processes -deployed to manage these services. Continual improvement as to ITIL means -to follow the method of Plan-Do-Check-Act: - -@itemize -@item Plan: Plan the provision of high-quality IT services, set up the required management processes for the delivery and support of these services, define measurable goals and the course of action in order to fulfill them. -@item Do: Put the plans into action. -@item Check: Measure all relevant performance indicators, and quantify the achieved quality compared to the quality objectives. Check for potentials of improvement. -@item Act: In response to the measured quality, start activities for future improvements. This step leads into the Plan phase again. -@end itemize - -@c ********************************************************************** -@node ITILv2 Service Support and Service Delivery, ITILv3 Management from the Service Life Cycle Perspective, ITIL Important Foundations, ITIL and its versions -@subsection ITILv2 Service Support and Service Delivery - - -Although ITILv3 has been released during the summer of the year 2007, -it is its predecessor that has achieved great acceptance amongst -IT service providers all over the world. And due to the fact that the -International ISO/IEC 20000 standard has emerged from the -basic principles and processes coming from ITILv2, it is this version -experiencing the biggest distribution and popularity. - -The core modules of ITILv2 are the books entitled Service Support -and Service Delivery. While the Service Support -processes (e.g. Incident Management, Change Management) aim at -supporting day-to-day IT service operation, the Service Delivery -processes (e.g. Service Level Management, Capacity Management, -Financial Management) are supposed to cover IT service planning like -resource and quality planning, as well as strategies for customer -relationships or dealing with unpredictable situations. - -@c ********************************************************************** -@node ITILv3 Management from the Service Life Cycle Perspective, , ITILv2 Service Support and Service Delivery, ITIL and its versions -@subsection ITILv3 Management from the Service Life Cycle Perspective - -In 2007, ITILv2 has been replaced by its successor ITILv3, aimed at -covering the entire service life cycle from a management -perspective and striving for a more substantiated idea of IT business alignment. -Many of the ITILv2 processes and ideas have been recycled -and extended by various additional processes and principles. The five -service life cycle stages accordant to ITILv3 are: - -@enumerate -@item Service Strategy: Common strategies and principles for customer-oriented, business-driven service delivery and management -@item Service Design: Principles and processes for the stage of designing new or changed IT services -@item Service Transition: Principles and processes to ensure quality-oriented implementation of new or changed services into the operational environment -@item Service Operation: Principles and processes for supporting service operation -@item Continual Service Improvement: Methods for planning and achieving service improvements at regular intervals -@end enumerate - -The ITILv3 framework is sometimes reduced to the four Ps. - -@itemize -@item Products (tools) -@item People (humans) -@item Partners (cooperation between parts of the organization) -@item Processes (execution and verification) -@end itemize - - -@c ********************************************************************** -@node Foundations, Tool Support, ITIL and its versions, ITIL past and present -@section Service orientation and ITIL - -Why service and process orientation? What is ITIL trying to do? As we mentioned -in the introduction, the `military' control view of human organization fell from -favour in business research in the 1980s and service oriented autonomy -was identified as a new paradigm for levelling organizations -- -getting rid of deep hierarchies that hinder communication and open up -communication directly. - - -If one is cynical, one can interpret the signs of CEOs nervously -trying to put back some of the military thinking into process -management -- with definitions of authority and chains of -responsibility, but these chains are short and whenever ITIL says -``committee'', promise theory would say that all we need is a single -agent (a human or computer) and the internal details of it don't -matter. We should probably not think too literally about ITIL's choice -of words, which after all were born from a particular kind of -corporate culture and will not appeal to everyone. - -If we look at ITIL through the eyeglass of a hierarchical organization, -some of its procedures could be seen as restrictive, throttling -scalable freedoms. We do not believe -that this is their intention. Rather ITIL's guidelines try to make a -predictable and reliable face for business and IT operations so that -customers feel confidence, without choking the creative process that -lies behind the design of new services. - -@menu -* CFEngine in ITIL clothes?:: -* ITIL processes:: -* Service Strategy:: -* Service Design:: -* Service Operation:: -* Continual Service Improvement:: -@end menu - -@c ********************************************************************** -@node CFEngine in ITIL clothes?, ITIL processes, Foundations, Foundations -@subsection CFEngine in ITIL clothes? - -CFEngine users are interested in the ability to manage, i.e. cope with -system configuration in a way that enables a business or other -organization to do its work effectively. They don't want reams of -human management because this is what CFEngine is supposed to -remove. To be able to use ITIL to help in this task, we have to first -think of the process of setting up as a number of services. What -services are these? We have to think a little sideways to see the -relationship. - -@itemize -@item Service - providing a sensible configuration policy, responding to discovered problems or the needs of end-users. -@item Change - an edit of the configuration policy, with appropriate quality controls. -@item Release - a new configuration policy, consisting of many changes. A new version of CFEngine? This could be a major and disruptive change so it should be planned carefully. -@item Capacity - having enough resources for cfservd to answer all queries in a network. Having enough people to support the processes of deploying and following CFEngine's progress. -@end itemize - -You should keep this kind of thinking in mind, and train yourself to see every part -of a task in ``ITIL clothes''. - -@c ********************************************************************** -@node ITIL processes, Service Strategy, CFEngine in ITIL clothes?, Foundations -@subsection ITIL processes - -The following management processes are in scope of ITILv3: - -@itemize -@item Service Level Management: Management of Service Level Agreements (Alas), i.e. service level and quality promises. -@item Service Catalogue Management: deciding on the services that will be provided and how they -are advertised to users. -@item Capacity Management: Planning and provision of adequate business, service and resource capacities. -@item Availability Management: Resource provision and monitoring of service, from a customer viewpoint. -@item Continuity Management: Development of strategies for dealing with potential disasters. -@item Information Security Management: Ensuring a minimum level of information security throughout the IT organization. -@item Supplier Management: Maintaining supplier relationships. -@item Transition Planning and Support: Ensuring that new or changed services are deployed into the operational environment with the minimal impact on existing services -@item Asset and Configuration Management: Management of IT assets and Configuration Items. -@item Release Management: Planning, building, testing and rolling out hardware and software configurations. -@item Change Management: Assessment of current state, authorization and scheduling of improvements. -@item Service Validation and Testing: ensuring that services meet their specifications. -@item Knowledge Management: organizing and integrating experience and methodology for future reference. -@item Incident Management: responding to deviations from acceptable service. -@item Event Management: Efficient handling of service requests and complaints. -@item Problem Management: Problem identification by trend analysis of incidents. -@item Request Fulfillment: Fulfilling customer service requests. -@item Access Management: Management of access rights to information, services and resources. -@end itemize - -@c ********************************************************************** -@node Service Strategy, Service Design, ITIL processes, Foundations -@subsection Service Strategy - -Service strategy is about deciding what services you want to -formalize. In other words, what parts of your system administration tasks can you -wrap in procedural formalities to ensure that they are carried out most excellently? - -@c ********************************************************************** -@node Service Design, Service Operation, Service Strategy, Foundations -@subsection Service Design - -Service design is about deciding what will be delivered, when it will be delivered, -how quickly the service will respond to the needs of its clients etc. This stage is probably -something of a mental barrier to those who are not used to service-oriented thinking. - -@c ********************************************************************** -@node Service Operation, Continual Service Improvement, Service Design, Foundations -@subsection Service Operation - -How shall we support service operation? What resources do we need to provide, both human -and computer? Can we be certain of having these resources at all times, or is there -resource sharing taking place? If services are chained into ``supply chains'', remember that -each link of the chain is a possible delay, and a possible misunderstanding. Successfully running -services can be more complex at task than we expect, and this is why it is useful to -formalize them in an ITIL fashion. - -@c ********************************************************************** -@node Continual Service Improvement, , Service Operation, Foundations -@subsection Continual Service Improvement - -Continual improvement is quite self-explanatory. We are obviously -interested in learning from our mistakes and improving the quality and -efficiency by which we respond to service requests. But it is -necessary to think carefully about when and where to introduce this -aspect of management. How often should we revise out plans and change -procedures? If this is too often, the overhead of managing the quality -becomes one of the main barriers to quality itself! Continual has to mean regular -on a time-scale that is representative for the service being provided, e.g. -reviews once per week, once per month? No one can tell you about your needs. -You have to decide this from local needs. - -@c ********************************************************************** -@node Tool Support, , Foundations, ITIL past and present -@section Tool Support - -In the field of tool support for IT Service Management accordant to -ITIL, various white papers and studies have been published. In -addition, there are papers available from BMC, HP, IBM and other -vendors that describe specific (commercial) solutions. Generally, the -market for tools is growing rapidly, since ITIL increasingly gains -attention especially in large and medium-size enterprises. Today, it -is already hard to keep track of the variety of functionalities -different tools provide. This makes it even more difficult to approach -this topic in a way satisfactory to the entire researchers', vendors' -and practitioners' community. - -That is why this document follows a different approach: Instead of thinking -of ever new tools and computer-aided solutions for ITIL-compliant IT Service -Management, this book analyses how the existing and well-established -technologies used for traditional systems administration can -fit into an ITIL-driven IT management environment, and it guides -potential practitioners in integrating a respective tool suite -- namely -CFEngine -- with ITIL and its processes. - -To avoid any misunderstanding: We do not argue that CFEngine -- -originally invented for configuring distributed hosts -- may be -deployed as a comprehensive solution for automating ITIL, but what we -believe is CFEngine and its more recent innovations can @emph{bridge -the gap} between the technology of distributed systems management and -business-driven IT Service Management. -To make the case we must show: - -@enumerate -@item How ITIL terminology relates to the terminology of CFEngine and hence -to a traditional system administrator's language, and -@item Which parts (processes and activities) of -ITIL can be (partially) supported by CFEngine, and how. -@end enumerate - -These are the main goals of the subsequent chapters. - - - -@c ********************************************************************** -@node A meeting of mind-sets, Using CFEngine to implement ITIL objectives, ITIL past and present, Top -@chapter ITIL and CFEngine comparison - -To summarize the results of the previous chapters, it can be said that -the goals of ITIL and the purpose of CFEngine are quite different: -ITIL gives recommendatory guidance in process- and service- oriented -IT Service Management, while CFEngine provides a powerful solution -framework for a variety of common network and systems administration -tasks. In other words: - -@enumerate -@item The scope of ITIL is much broader than traditional systems administration, but: Portions of systems administration and configuration management tasks take place in the context of certain ITIL processes. - -@item CFEngine was not designed to replace ITSM tools like trouble ticket systems (TTS), workflow management or CMDBs, but: in the more technical areas of IT Service Management, CFEngine is able to support ITIL processes in their activities. -@end enumerate - -@image{scope2,10cm,,Scope of ITIL and CFEngine,png} - -The goal of this document is to give an overview on how CFEngine can -be used to support selected IT Service Management tasks according to -ITIL. - - -@menu -* Which ITIL processes apply to CFEngine?:: -* ITIL terminology:: -@end menu - -@c ********************************************************************** -@node Which ITIL processes apply to CFEngine?, ITIL terminology, A meeting of mind-sets, A meeting of mind-sets -@section Which ITIL processes apply to CFEngine? - -@image{itilfcaps,10cm,,FCAPS and ITIL,png} - -In version 2, ITIL divides itself into @emph{service -support} and @emph{service delivery}. For -instance, service support might mean having a number of CFEngine -experts who can diagnose problems, or who have sufficient knowledge -about CFEngine to solve problems using the software. It could also -mean having appropriate tools and mechanisms in place to carry out the -tasks. Service delivery is about how these people make their knowledge -available through formal processes, how available are they and how -much work can they cope with? CFEngine enables a few persons to -perform a lot of work very cheaply, but we should not forget to track our performance -and quality for the process of continual improvement. - -Service support is composed of a number of issues: -@itemize -@item Incident management: collecting and dealing with incidents. -@item Problem management: root cause analysis and designing long term countermeasures. -@item Configuration management: maintaining information about hardware and software and -their interrelationships. -@item Change management: implementing major sequenced changes in the infrastructure. -@item Release management: planning and implementing major ``product'' changes. -@end itemize -Although the difference between change management and release -management is not completely clear in ITIL, we can think of a release -as a change in the nature of the service, while change management -deals with alterations possibly still within the scope of the same release. -Thus is release is a more major change. - -Service delivery, on the other hand, is dissected as follows: -@itemize -@item Service Level Management -@item Problem management -@item Configuration management -@item Change management -@item Release management -@end itemize -These issues are somewhat clearer once we understand the usage of the -terms ``problem'', ``service'' and ``configuration''. Once again, it -is important that we don't mix up configuration management in ITIL -with configuration management as used in a Unix parlance. - -The notion of system administration in the sense of Unix does not -exist in ITIL. In the world of business, reinvented through the eyes -of ITIL's mentors, system administration and all its functions are -wrapped in a model of service provision. - - -@menu -* Configuration Management CM:: -* Asset Management what is it used for?:: -* Change management:: -* Change management vs convergence:: -* Release management:: -* Incident and problem management:: -* Service Level Management SLM:: -@end menu - -@c ********************************************************************** -@node Configuration Management CM, Asset Management what is it used for?, Which ITIL processes apply to CFEngine?, Which ITIL processes apply to CFEngine? -@subsection ITIL Configuration Management (CM) - -Perhaps the most obvious example is the term configuration management. - -@table @i -@item Configuration Management -The process (and life-cycle) responsible for maintaining information -about configuration items (CI) required to deliver an IT service, -including their relationships. -@end table - -As we see, this is comparable to our intuitive idea of ``asset -management'', but with ``relationships'' between the items -included. ITIL also defines ``Asset Management'' as ``a process -responsible for tracking and reporting the value of financially valuable assets'' -and is a component of ITIL Configuration Management. - -In the CFEngine world, configuration management involves planning, -deciding, implementing (``base-lining'') and verifying (``auditing'') -the inventory. It also involves maintaining the security and privacy -of the data, so that only authorized changes can be made and private -assets are not made public. - -In this document we shall try not to mix the ITIL concept with the -more prosaic system administration notion of a configuration which -includes the current state of software configuration on the -individual computers and routers in a network. - -Since CFEngine is a completely distributed system that deals with -individual devices on a one-by-one basis, we must interpret this asset -management at two levels: - -@itemize -@item The local assets of an individual device at the level of virtual -structures and containers within it: files, attributes, software packages, -virtual machines, processes etc. This is the traditional domain of automation -for CFEngine's autonomic agent. - -@item The collective assets of a network of such devices. -@end itemize -Since a single host can be thought of as a network of assets connected -through virtual pathways, it really isn't such a huge leap to see the -whole network in a similar light. This is especially true when many of the -basic resources are already shared objects, such as shared storage. - - -@c *******************************************************************' -@node Asset Management what is it used for?, Change management, Configuration Management CM, Which ITIL processes apply to CFEngine? -@subsection CMDB Asset Management - -Why bother to collect an inventory of this kind? Is it bureaucracy -gone mad, or do we need it for insurance purposes? Both of these -things are of course possibilities. - -The data in an ITIL Configuration Management Database (CMDB) can be -used for planning the future and for knowing how to respond to -incidents, in other words for service level management (SLM) and for -capacity planning. An organization needs to know what resources it -has to know whether its can deliver on its promises. -Moreover, for finance and insurance it is clearly a sound policy to have a database of -assets. - -For continuity management, risk analysis and redundancy assessment we -need to know how much equipment is in use and how much can be brought -in at a moment's notice to solve a business problem. These are a few -of the reasons why we need to keep track of assets. - -@c *********************************************************** -@node Change management, Change management vs convergence, Asset Management what is it used for?, Which ITIL processes apply to CFEngine? -@subsection Change management in the enterprise - -If we make changes to a technical installation, or even a business -process, this can affect the service that customers experience. -Major changes to service delivery are often written into service level -agreements since they could result in major disruptions. -Details of changes need to be known by a help-desk and service personnel. - - -The decision to make a change is more than a single person -should usually. It requires consultation at different levels -of process. An advisory board for changes takes on this role, -whether it is an informal board that communicates electronically -or a physical committee ``with six or more legs and no brain''. - -@c *********************************************************** -@node Change management vs convergence, Release management, Change management, Which ITIL processes apply to CFEngine? -@subsection Change management vs convergence - -We should be especially careful here to decide what we mean by -change. ITIL assumes a traditional model of change management that -CFEngine does not need. ITIL's ideas apply to the management of -CFEngine's configuration, not the way in which CFEngine carries out its -work. - -In traditional idea of change management you start by ``base-lining'' a -system, or establishing a known starting configuration. Then you -assume that things only change when you actively implement a change, -such as ``rolling out a new version'' or committing a release. This, -of course, is very optimistic. - -In most cases all kinds of things change beyond our control. Items are -stolen, things get broken by accident and external circumstances -conspire to confound the order we would like to preserve. The idea -that only authorized people make changes is nonsense. - -CFEngine takes a different view. It thinks that changes in -circumstances are part of the picture, as well as changes in inventory -and releases. It deals with the idea of ``convergence''. In this way -of thinking, the configuration details might be changing at random in -a quite unpredictable way, and it is our job to continuously monitor -and repair general dilapidation. Rather than assuming a constant state -in between changes, CFEngine assumes a constant ``ideal state'' or -@emph{goal} to be achieved between changes. An important thing to realize about including -changes of external circumstances is that you cannot ``roll back'' -circumstances to an earlier state -- they are beyond our control. - -@c *********************************************************** -@node Release management, Incident and problem management, Change management vs convergence, Which ITIL processes apply to CFEngine? -@subsection Release management - -A @emph{release} is a collection of authorized changes to a system. -One part of Change Management is therefore @emph{Release Management}. -A release is generally a larger umbrella under which many smaller -changes are made. It is major change. -Changes are assembled into @emph{releases} and then they are rolled out. - -In fact release management, as described by ITIL, has nothing to do -with change management. It is rather about the management of -designing, testing and scheduling the release, i.e. everything to do with -the release process except the explicit implementation of it. -@emph{Deployment} or @emph{rollout} describe the physical movement of -configuration items as part of a release process. - - - -@node Incident and problem management, Service Level Management SLM, Release management, Which ITIL processes apply to CFEngine? -@subsection Incident and problem management - -ITIL distinguishes between @emph{incidents} and @emph{problems}. An incident is -an event that might be problematic, but in general would observe -incidents over some length of time and then diagnose @emph{problems} based -on this experience. - -@table @i -@item Incident -An event or occurrence that demands a response. -@end table - -One goal of CFEngine is to plan pro-actively to handle incidents -automatically, thus taking them off the list of things to worry about. - -@table @i -@item Problem -A pattern of consequence arising from certain incidents that is detrimental -to the system. It is often a negative trend that needs to be addressed. -@end table - - -Changes can introduce new incidents. -An integrated way to make the tracking of cause and effect easier is -clearly helpful. If we are the cause of our own problems, we are in -trouble! - - -@c *********************************************************** -@node Service Level Management SLM, , Incident and problem management, Which ITIL processes apply to CFEngine? -@subsection Service Level Management (SLM) - -Also loosely referred to as Quality of Service. This is the -process of making sure that Service Level Promises are kept, -or Service Level Agreements (SLA) are adhered to. -We must assess the impact of changes on the ability to deliver -on promises. - - -@node ITIL terminology, , Which ITIL processes apply to CFEngine?, A meeting of mind-sets -@section ITIL terminology - -Like many other areas of wishful standardization, ITIL elevates itself -to a state of importance by using multitude of acronyms and -specialized terms. Not all of these are as intuitive as one might -hope for and many simply seem beyond necessity. However, to understand -the writing, we need to know a few of them and also understand how -they differ from similar terms in system administration and the world -of CFEngine. In the appendix, we list with comments about the most important -of these terms. The figure shows a scatter-plot of these terms. - - -@image{topic,10cm,,ITIL terminology,png} - -@c *********************************************************** -@node Using CFEngine to implement ITIL objectives, Summary, A meeting of mind-sets, Top -@chapter Using CFEngine to implement ITIL objectives - -How does CFEngine fit into the management of a service organization? -There are several ways: -@itemize -@item It offers a rapid detection and repair of faults that help to avoid formal incidents. -@item It simplifies the deployment (release) of services. -@item Allows resources to be understood and planned better. -@end itemize -These properties allow for greater @emph{predictability} -of system services and therefore they contribute to customer confidence. - - -@menu -* Infrastructure or management?:: -* How can CFEngine or promises help?:: -* What is maintenance?:: -* Incident Management vs Maintenance:: -* Rollout and installation:: -* Change Management in ITIL:: -* Release Management in ITIL:: -* Configuration version control and rollback:: -* Availability and Capacity Management:: -@end menu - -@node Infrastructure or management?, How can CFEngine or promises help?, Using CFEngine to implement ITIL objectives, Using CFEngine to implement ITIL objectives -@section Infrastructure or management? - -Any tool for assisting with change management lies somewhere between -ITIL's notion of change management and the infrastructure itself. It -must essentially be part of both (see figure). This applies -to CFEngine too. - - -@image{cfinf,10cm,,CFEngine is both infrastructure and a part responsible for infrastructure.,png} - - -CFEngine can manage itself as well as other resources: itself, its -software, its policy and the resulting plans for the configuration of -the system. In other words, CFEngine is itself part of the infrastructure -that we might change. - -@c *********************************************************** -@node How can CFEngine or promises help?, What is maintenance?, Infrastructure or management?, Using CFEngine to implement ITIL objectives -@section How can CFEngine or promises help an enterprise - -@menu -* Traditions:: -* Modelling of policy:: -* Uniformity:: -@end menu - -@c *********************************************************** -@node Traditions, Modelling of policy, How can CFEngine or promises help?, How can CFEngine or promises help? -@subsection Traditional IT Management - -Traditional methods of managing IT infrastructure involve working from -crisis to crisis -- waiting for `incidents' to occur and then initiating fire -suppression responses or, if there is time, proactive changes. With CFEngine, -these can be combined and made into a management @emph{service}, with -continuous service quality. - -CFEngine can assist with: -@enumerate -@item Maintenance assurance. -@item Reporting for auditing. -@item Change management. -@item Security verification. -@end enumerate - -Promise theory comes with a couple of principles: -@enumerate -@item Separation of concerns. -@item Fundamental attention to autonomy of parts. -@end enumerate - -@c *********************************************************** -@node Modelling of policy, Uniformity, Traditions, How can CFEngine or promises help? -@subsection Modelling policy - -Other approaches to discussing organization talk about the separation -of concerns, so why is promise theory special? Object Orientation -(OO) is an obvious example. Promise theory is in fact quite different to -object orientation (which is a misnomer). - -Object orientation asks users to model abstract classes (roles) long -before actual objects with these properties exist. It does not provide -a way to model the instantiated objects that later belong to those -classes. It is mainly a form of information structure -modelling. Object orientation models only abstract patterns, not -concrete organizations. - -Promise theory on the other hand considers only actual existing objects -(which it calls agents) and makes no presumptions that any -two of these will be similar. Any patterns that might emerge can be -exploited, but they are not imposed at the outset. Promise theory's -insistence on autonomy of agents is an extreme viewpoint from which -any other can be built (just as atoms are a basic building block from which -any substance can be built) so there is no loss of generality by making -this assumption. - -In other words, OO is a design methodology with a philosophy, whereas -promises are a model for an arbitrary existing system. - -@node Uniformity, , Modelling of policy, How can CFEngine or promises help? -@subsection Uniformity - -The traditional production-line paradigm for management of IT systems -involves reducing the number of variations -- often simply making -all systems identical for mass-production. However, as quoted at the -beginning of chapter 2, the purpose of advanced technology is to -enable us to cope with variation. CFEngine makes managing variations simple. -Some organizations might simply want to have a uniform configuration on -all their hardware, but what does this mean if the basic hardware is -different? - -In CFEngine we understand that ``similar'' should be based on how -systems behave not what their disk images look like. Two systems that -make the same promises ought to behave in the same way, if the promises -are at a high enough level. But what if two different operating systems -promised to never have a file called @code{/etc/passwd}? A windows machine -would not care too much, but a Unix system would be paralyzed. - -Promises and system configuration are related: configuration affects -behaviour and behaviour is what we promise. Clearly we cannot expect -very high level promises to be simply translated into configurations -however. The fact that we make promises about system configuration -says nothing certain about the promise that results from changing -it. That depends on many other factors. Thus we must be careful to think about -what a promise means. - -@table @i -@item Fundamental assumption -The basic assumption of configuration management is that a specific -configuration determines the resulting behaviour of a system. This -assumption is completely unproven, and is sometimes obviously false. -At best there is a correlation between configuration and -behaviour. This is what makes IT management challenging. The things we -can change do not necessarily give us the control we would like. -@end table - - -@c *********************************************************** -@node What is maintenance?, Incident Management vs Maintenance, How can CFEngine or promises help?, Using CFEngine to implement ITIL objectives -@section What is maintenance? - -Maintenance is a process that ITIL does not formally spend any time -on explicitly, but it is central to real-world quality control. - -Imagine that you decide to paint your house. Release 1 is going to be -white and it is going to last for 6 years. Then release 2 is going to -be pink. We manage our painting service and produce release -1 with all of the care and quality we expect. Job done? No. - -It would be wrong for us to assume that the house will stay this fine -colour for 6 years. Wind, rain and sunshine will spoil the paint over -time and we shall need to touch up and even repaint certain areas in -white to maintain release 1 for the full six years. Then when it is time -for release 2, the same kind of maintenance will be required for that too. - -Unless we read between the lines, it would seem that ITIL's answer to -this is to wait for a crisis to take place (an incident). We then -mobilize some kind of response team. But how serious an incident do we -require and what kind of incident response is required? A graffiti artist? -A lightening strike? A bird anoints the paint-work? CFEngine is -like the gardener who patrols the grounds constantly plucking weeds, -before the flower beds are overrun. Call it continual improvement if -you like: the important thing is that the process your be pro-active -and not too expensive. - -Maintenance is necessary because we do not control all of the -changes that take place in a system. There is always some kind of -``weather'' that we have to work against. CFEngine is about this -process of Maintenance. We call it ``convergence'' to the ideal state, -where the ideal state is the specified version release. -Keep this in mind as you read about ITIL change management. - -@c *********************************************************** -@node Incident Management vs Maintenance, Rollout and installation, What is maintenance?, Using CFEngine to implement ITIL objectives -@section Incident Management vs Maintenance - -CFEngine employs the idea of continual maintenance (we paint the fence -on a regular basis to protect it). ITIL, on the other hand, moves from -release to release (this year we paint the fence red, next year green) -and does not recognize the effect of gradual entropic decay of state -(the fence's colour fades gradually due to the harsh -environment). Instead ITIL deals with events (graffiti and tagging of -the fence) which must be corrected. While it is true that these -incidents are maintenance, the repairs are more costly to initiate if -they occur as exceptional events than if we are used to repainting the -fence on a regular basis. - - -@image{cf_evm,10cm,,An exemplary Event Management process on the basis of ITIL V3,png} - -The figures above show ITIL processes for the handling of -events and incidents. They show the aspects of dealing with events that are -mainly human oriented, and those events in shaded boxes that can be automated -using CFEngine. - -In the figure above we see that there must be a basic monitor at -the top of the process chain which is responsible for observing -events. This fits well with the view of promise theory in which a -neutral observer is required to measure the state of different -component agents in the system. Not all events are necessarily -relevant or interesting so we can filter these based on a -policy. CFEngine's event monitors come from two sources: cfagent (for -monitoring the state of promises which are being managed - e.g. the -proverbial colour of the fence) and cfenvd (for passively monitoring -the environment - e.g. the brightness of the sunshine or the amount of -rainfall impacting on the fence). - -@itemize -@item CFEngine filters events through its -class interface. All events observed in CFEngine are @emph{classified} -and made available to the environment. - -@item CFEngine logs events by routing messages to email or to syslog (by asking -@code{inform=true} or @code{syslog=true} or @code{audit=true}). - -@item The daemon @code{cfenvd} auto-correlates events. The tool @code{cfbrain} -will cross correlate events, further classifying the outcomes as part of the -environment. - -@item Events can be triggered by attaching promises to event-driven classes -in the cfagent configuration. e.g. - -@smallexample - -processes: - - www_in_high_anomaly:: - - ``apache'' signal=term - -alerts: - - www_in_high_anomaly:: - - ShowState(www.in) - -@end smallexample -For more devastating incidents, we can arrange for more information to -be output. An incident is really only an event of some special -significance. Diagnosing an incident requires either human -intervention or pre-cached insight on the part of the promises we -make. If we can make a specific promise then the diagnosis that this promise -has not been kept can easily be turned into a specific repair. For example, - -We might note a sudden burst of smtp traffic, or a sudden decrease in free disk space. -These events can be anticipated if one knows a benign cause, such as email -was shutdown for maintenance, or the host is a new mail-server that has never seen -traffic before. - -@end itemize - -@image{cf_im,10cm,,An exemplary Incident Management process on the basis of ITIL V3,png} - -@c *********************************************************** -@node Rollout and installation, Change Management in ITIL, Incident Management vs Maintenance, Using CFEngine to implement ITIL objectives -@section Rollout and installation - -When setting up hosts, ITIL actually makes a techical recommendation. -This is unusual for ITIL as it generally does not get mixed up in the -details of management, only the processes. ITIL recommends -``base-lining'' systems from a @emph{gold server}, i.e. a system that is -thought to be ``perfect'' enough to act as a model for all other -systems. Once a server has been base-lined from the golden image, -various customizations can be made relative to this known state. ITIL -sees this as a way of achieving consistency. - -We believe that ITIL exceeds its technical competence in making this a -recommendation. True enough, this has traditionally been a way of -performing a rollout, but the approach has been superceded by better -technology. The gold server approach is not the recommended CFEngine -way. In fact a golden-image approach wastes a fundamental flexibility -that CFEngine offers, namely the possibility to allow @emph{variations} (see -the quote by Alvin Toffler at the start of chapter 2). - -When we baseline a system from a gold-server, we are planning to make all -hosts basically the same. However, this is neither necessary nor cost-saving -if you use CFEngine. - -CFEngine places no restrictions on the approach used to roll out -hosts. Rather than requiring you to start from a known state, it -allows you to specify the @emph{final} state for any initial -state. This means you can migrate hosts gradually to a policy state -without having to reinstall them. We can consider the end result of a -CFEngine policy process to be ``the release''. In CFEngine this is -equivalent to a sufficiently comprehensive configuration policy. - -The message here is that CFEngine allows you to achieve predictable -results without the need for a gold server. Nevertheless, it is helpful -to begin a system based on a reliable substrate. It is like making a good -sandwich: it helps to have a perfect piece of bread to build on, but it's what -you put on top that is most important. You just need to know what you are starting -with, and then most things can be fixed to satisfaction. -We recommend: - -@itemize -@item Start with some kind of standard image to start (a predictable substrate). - -It is does not necessarily matter what it is as long as it behaves predictably. -e.g. install from known DVD, or install from net-boot or even from a gold server. - -@item Customize the basic working system using CFEngine. -There are two possible approaches to this: - -i) Copy constant ``gold'' overlays or patches into place from a trusted source -to customize the system. - -@itemize -@item Add more operating system packages. -@item Insert special files (config, data etc). -@item Run post-processing scripts. -@end itemize - -ii) Edit system directly with CFEngine -@itemize -@item Documented automatically by cfagent promises. -@item Can always customize after that too (phase 3)! -@end itemize -@end itemize - - - -@menu -* Customize by constant fixed overlay:: -* Overlay an expandable template:: -* Direct customization:: -@end menu - -@c *********************************************************** -@node Customize by constant fixed overlay, Overlay an expandable template, Rollout and installation, Rollout and installation -@subsection Customize by constant/fixed ``gold'' overlay - -The first alternative is to install a fixed patch to a system -from a known gold-server. -The basic pattern is this: - - -@smallexample -copy: - - /source/file - - dest=/dest/file - server=gold_server -@end smallexample - -In this example, we simply install a new file into a known location. -This is the simplest way of customizing a host, but it lacks flexibility. - -@c *********************************************************** -@node Overlay an expandable template, Direct customization, Customize by constant fixed overlay, Rollout and installation -@subsection Overlay an expandable template with CFEngine - -A more sophisticated approach is to download a parameterized template -from a repository or gold server. This template contains context -dependent variables that can be expanded in situ by CFEngine. There -are two stages to this: first we copy the template to a temporary -location, then we edit the final file location, insert the template -and expand its variables. By following this procedure, the result -satisfies CFEngine's principles of @emph{convergence}. - - -@smallexample -copy: - -/source/file - dest=/tmp/file - server=gold_server - -editfiles: - -@{ /dest/file - -EmptyEntireFilePlease -InsertFile ``/tmp/file'' -ExpandVariables -@} -@end smallexample - - -@c *********************************************************** -@node Direct customization, , Overlay an expandable template, Rollout and installation -@subsection Direct customization by CFEngine - -A final approach to customization is to apply direct -editing operations to implement the required customization. - -@smallexample -editfiles: - -@{ /dest/file - -ReplaceAll ``X'' With ``Y'' -AppendIfNoSuchLine ``ABC'' -@} -@end smallexample - -This approach is useful for small corrections, that require -unsophisticated editing, but it becomes quickly cumbersome -for more complex tasks. - - -@node Change Management in ITIL, Release Management in ITIL, Rollout and installation, Using CFEngine to implement ITIL objectives -@section Change Management in ITIL - -ITIL proposes that there should be an integrated approach to change and -configuration management. Clearly changes to a system result in new -configurations. However, changes can also be unplanned involuntary -faults (ITIL discusses these as @emph{incidents}). - - -ITIL does not want unplanned changes, however we know that they happen. -CFEngine does not elevate deviations from policy to the level of an -incident normally, it simply fixes problems immediately. However, we do not -alway have enough information about changes to allow CFEngine to make repairs, -so we need a way of monitoring for unexpected change. - - -Change management in CFEngine is a subtle topic, because CFEngine does -not fully subscribe to the model of change that ITIL does. In CFEngine's -view of the world, all changes are changes no matter how or why they -occur. In ITIL's world view, there are planned changes, there are -releases and there are ``incidents''. - -ITIL therefore distinguishes between planned and unplanned changes that -affect service delivery. CFEngine on the other hand cares only about -what promises have been made about the system and whether or not these -have been kept. - -CFEngine can detect changes because it effectively performs a constant -audit of the system's promises. We should understand CFEngine's change -detection in two ways: changes that impact the performance or quality -of services - -@itemize -@item with respect to the quality of the system configuration service (i.e. CFEngine's service) -@item with respect to the quality of services supported by the system configurations (e.g. other services -like web services) -@end itemize -To CFEngine, changes only matter if they impact the promises that have -been codified as policy. Even events that CFEngine calls ``anomalies'', -detected and classified continuously, are only considered -interesting if policy determines them to be restricted, thus every -single state change can be considered either ``within tolerances'' -(insignificant) or ``out of tolerance'' (significant). ITIL is only a -heuristic set of guidelines and is not technically sophisticated -enough to be able to make this kind of distinction. - -Let's make an approximate mapping between ITIL concepts and CFEngine change -and the comment critically on it. - -@table @i -@item ITIL - CFEngine -@item Incident -Promise not kept -@item Change -Configuration version/content update -@item Release -Policy change -@end table - -@menu -* Software packaging:: -* Rollback or remediation:: -* Monitoring file changes:: -* Hashes and Message Digests:: -* Computing hashes:: -* Neighbourhood watch and tampering:: -@end menu - -@c *********************************************************** -@node Software packaging, Rollback or remediation, Change Management in ITIL, Change Management in ITIL -@subsection Software packaging in ITIL - -ITIL considers releases to be entire integrated systems that are -versioned. Most operating systems work at a smaller level of -granularity than this. Software version control using package -managers to version individual software packages. Although such -package managers resolve dependencies, they do not version -entire conglomerates of software. Software comes in large -packages for two main reasons: - -@itemize -@item Operating system installation (all or nothing). -@item Functional role adaptation (specialized workstation). -@end itemize -Different organizational roles require different ITIL services -to support them, and hence different software to deliver them. - -CFEngine deals with versioned data management in two ways: -@itemize -@item File copying from master source (by date-stamp or checksum). -@item Package installation and verification (using local package managers). -@end itemize -Package managers handle the installation and update of packages -easily, but they do not always add institutional adaptational -control in a way that can be tied into a classification of -hosts in an organization's network. CFEngine can use its -classification of hosts to customize further. We simply -attach relevant clusters of packages to different classes -of host to ensure that specific workstations are -properly adapted to service their tasks. - -Not all software comes in operating system (vendor/provider) -approved packages, but CFEngine can also handle software -that is zipped, tar-ed or bundled in any other manner. - -The following example policies illustrates some of the @code{copy} rule type's capabilities, - including some of the options we just considered: - - -@smallexample - -control: - DefaultCopyType = ( mtime ) - SplayTime = ( 15 ) - sourcehost = ( source.CFEngine.org ) - -copy: -# Copy dat/doc files if not too big - /usr/local/data dest=/archive/data - include=*.dat include=*.doc exclude=test.* - recurse=inf backup=false size<500m - -# Retrieve configuration file from master - /depot/hosts.deny server=$(sourcehost) - dest=/etc/hosts.deny owner=root group=0 mode=644 - backup=off force=on timestamps=keep - -# Transmit shadow password file encrypted - /depot/shadow server=\$(sourcehost) dest=/etc/shadow - owner=0 group=0 mode=600 encrypt=true -@end smallexample - - -The first rule specifies that @file{.dat} and @file{.doc} files within the -@file{/usr/local/data} directory tree be copied to @file{/archive/data}, -provided that the source files have been modified more recently then -their counterpart in the target directory and that they are smaller than 500 MB. In addition, files having -the name @file{test} are also excluded. Existing files will be overwritten without being saved. - -The second rule unconditionally replaces the local -@file{/etc/hosts.deny} file with one from the system -@code{source.CFEngine.org}, retaining the timestamps from the source -file. This rule also specifies the ownership and mode for the target -file. - -The third rule is similar to the second one, retrieving another file -from the same remote system. In this case, however, the file will be -copied only when the remote file is more recent than the local -copy. When the file is copied, the previous version will be retained, -and the file contents will be encrypted at it is transmitted across -the network. - - -CFEngine can also automate software package management and -installation. Policies for these items are specified in the @code{packages} stanza. Here are some examples: - - -@smallexample - -control: # Define package manager \& install command - linux:: DefaultPkgMgr = ( rpm ) - redhat:: RPMInstallCommand = ( "/usr/sbin/up2date %s" ) - suse:: RPMInstallCommand = ( "/usr/sbin/yast2 -i %s" ) - -packages: - nagios version=2.4 cmp=ge - pstree action=install -@end smallexample - - -The settings in the @code{control} section specify the package -management software that is in use as well as the command used to -install a software package. These directives illustrate the use of -operating system-based classes within policies for defining a -different installation command for different Linux distributions. - -In the @code{packages} stanza, the first rule checks whether Nagios is -installed. A warning will be generated if the package is not present -at all or if the installed version is earlier than version 2.4. The -second rule checks for the @code{pstree} package, and installs it if -it is not present on the system. - -The following parameterized method-promise installs -its first argument in the prefixed location given by the second -argument. It collects the tar file, unpacks it, configures and -compiles it, then tidies its files. - - -@smallexample - -# -# Build GNU sources and install -# - -control: - - actionsequence = ( methods ) - -methods: - - InstallTar(CFEngine-2.1.0b7,/local/gnu) - - action=cf.install - returnvars=null - returnclasses=null - server=localhost - -@end smallexample - - -We must install the method in the trusted modules directory (normally -@code{/var/cfengine/modules} or WORKDIR/modules). - - -@smallexample - -# -# cf.install -# - -control: - - MethodName = ( InstallTar ) - MethodParameters = ( filename prefix ) - path = ( /usr/local/gnu/bin ) - TrustedWorkDir = ( /tmp ) - TrustedSources = ( /depot ) - TrustedSourceServer = ( localhost ) - - actionsequence = ( copy editfiles shellcommands tidy ) - -copy: - - $(TrustedSources)/$(filename).tar.gz - dest=$(TrustedWorkDir)/$(filename).tar.gz - server=$(TrustedSourceServer) - -shellcommands: - - "$(path)/tar zxf $(filename).tar.gz" chdir=$(TrustedWorkDir) - - "$(TrustedWorkDir)/$(filename)/configure --prefix=$(prefix)" - chdir=$(TrustedWorkDir)/$(filename) - define=okay - - okay:: - - "$(path)/make" - chdir=$(TrustedWorkDir)/$(filename) - -tidy: - - $(TrustedWorkDir) pattern=$(filename) r=inf rmdirs=true age=0 - -@end smallexample - -@c *********************************************************** -@node Rollback or remediation, Monitoring file changes, Software packaging, Change Management in ITIL -@subsection Rollback or remediation - -The ability to go back to an earlier ``release'' or state is often -referred to as rollback. ITIL calls it remediation. The notion is -closely connected with process management, and both ITIL and -traditional management techniques value this by default. It is assumed -practice. - -CFEngine does not encourage rollback however. Why not? Because it -required destructive intervention and CFEngine's model is based on -on-the-fly change. To go back to a previous state, a system must be -stopped, reinitialized (perhaps from backup) and restarted. This -requires service to stop and all run-time state is lost. - -CFEngine's approach to this would be to revert @emph{policy} to its -previous state. The system would then roll into its desired state (as -if going forwards). Nothing would be restored from separate backup -media (see figure). - -@image{roll-forward,15cm,,Move from one fixed point to another and back.,png} - -The difference here is the assumption about how and when changes -occur. A sequence of step by step transitions sounds innocent, but it -is unstable to unexpected changes. ITIL and many other change -management models assumes that no unauthorized changes occur between -releases. If they do, they are handled as incidents. By separating -releases from incidental changes, we get led into thinking that -we can in fact revert by destructive intervention. - -In fact reversion has inevitable consequences. We must make a choice. - -@itemize -@item Revert entire state, except we lose runtime state. - -In this case, we essential revert the entire system from a back up of -its saved state. (Some virtual machines can save runtime state for -resumption, but this can become stale, e.g. for network connections, -as it is meaningless to rollback part of a dialogue.) This operation -results in catastrophic change. - -@item Revert managed state, on the fly. - -This is CFEngine's default behaviour. To go back to a previous state, -simply change the policy back to a previous version. This will not -necessarily revert the entire state of the system, but everything that -is covered by policy will be reverted. -@end itemize - -Some tools allow you to rollback without reverting from -backup. CFEngine disallows this on principle as it requires -human judgement to perform correctly. It cannot be automated without -uncertain results. In fact CFEngine -retains the necessary information to allow managed changes to be -reversed to some extent. The point however is that one can only -guarantee the content of managed objects, so simply reversing a change -will not necessarily take us back to the same state -- so we consider this -to be fundamentally too risky. - -@c *********************************************************** -@node Monitoring file changes, Hashes and Message Digests, Rollback or remediation, Change Management in ITIL -@subsection Monitoring file changes - -CFEngine can monitor absolute and relative states -of a system. A simple way to measure relative change is -to use a database of checksums. - -@smallexample -control: - - ChecksumUpdates = ( true ) - ChecksumPurge = ( true ) - -files: - - /my/important/files - - recurse=inf - checksum=md5 - owner=root,daemon - group=0,1,4 -@end smallexample - - -Change monitoring is about detecting when stored data, or other -measurable aspects of a computer system change. A change detection -system is not normally concerned with the reason for a change, but if -you are monitoring for change then we shall take it for granted -somehow that you are expecting to find changes that you didn't plan -for yourself. - -@c *********************************************************** -@node Hashes and Message Digests, Computing hashes, Monitoring file changes, Change Management in ITIL -@subsection Hashes and Message Digests - -The most important bulk of information on a computer is its filesystem -data. Change detection for filesystems uses a technique made famous in -the program Tripwire, which collects a ``snapshot" of the system in the -form of a database of file checksums (cryptographic hashes) and -permissions and rechecked the system against this database at regular -intervals. Tripwire examines files, and looks for change in their -contents or their attributes. This is a very simple (even simplistic) -view of change. If a legitimate change is made to the system, such a -system responds to this as a potential threat. Databases must then be -altered, or rebuilt. - -A cryptographic hash (also called a @i{digest}) is an algorithm that -reads (digests) a file and computes a single number (the hash value) -that is based on the contents. If so much as a single bit in the file -changes then the value of the hash will change. You can compute -hash values manually, for example: - -@smallexample - -host$ openssl md5 CFEngine-2.2.4a.tar.gz -MD5(CFEngine-2.2.4a.tar.gz)= 6d2b31c4814354c65cbf780522ba6661 - -@end smallexample - -There are several kinds of hash function. The most common ones are MD5 -and SHA1. Recently both of the algorithms that create these hashes -have been superceded by the newer SHA2. CFEngine supports MD5 and SHA1 -and it will support SHA2 as soon as the OpenSSL library supports an -interface to the new algorithm. - -@c *********************************************************** -@node Computing hashes, Neighbourhood watch and tampering, Hashes and Message Digests, Change Management in ITIL -@subsection Computing hashes or digests - -CFEngine has adopted something like the Tripwire model, but with a few -provisoes. Tripwire assumes that all change is unauthorized (it makes -an incident out of any observed change). CFEngine cannot reasonably take this viewpoint. CFEngine expects -systems to change dynamically, so it allows users to define a policy -for what changes are considered to be okay. - -Integrity checks on files whose contents are supposed to be static are -a good way to detect tampering with the system, from whatever -source. Running MD5 or SHA1 checksums of files regularly provides us -with a way of determining even the smallest changes to file contents. - -To use the checksum based change detection we first ask CFEngine to -collect MD5 hash data for specified files. Here is an excerpt from a -CFEngine configuration program that would check the /usr/local -filesystem for file changes. Note that it excludes files such as log -files that we therefore allow to change (log files are supposed to -change): - -@smallexample -files: - - /usr/local owner=root,bin,man - mode=o-w # check permissions separately - r=inf - checksum=best # switch on change detection - action=warnall - ignore=logs - exclude=*.log - - # repeat for other files or directories - -@end smallexample - -The first time we run this, CFEngine collects data and treats all files -as ``unchanged''. It builds a database of the checksums. The next time the -rule is checked, cfagent recomputes the checksums and compares the new values -to the `reference' values stored in the database. If no change has occurred, -the two should match. If they differ, then the file as changed and a warning -is issued. - -@smallexample -cf:nexus: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -cf:nexus: SECURITY ALERT: Checksum (md5) for /etc/passwd changed! -cf:nexus: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -@end smallexample - -This message is designed to be visible. If you do not want the embracing -rows of `!' characters, then this control directive turns them off: - -@smallexample -control: - - Exclamation = ( off ) -@end smallexample -The next question to ask is: what happens if the change that was -detected is actually okay (which is almost always the case in practice). -If you activate this option: -@smallexample -control: - - ChecksumUpdates = ( on ) -@end smallexample -Then, as soon as a change has been detected, the database is updated -and the message will not be repeated. If this is set to @code{off}, -which is the default, then warning messages will be printed each time -the rule is checked. - -New files are automatically detected, as they are not in the database. -If you want to be notified when files are deleted, then set the option - -@smallexample -control: - - ChecksumPurge = ( on ) -@end smallexample - -@c *********************************************************** -@node Neighbourhood watch and tampering, , Computing hashes, Change Management in ITIL -@subsection Neighbourhood watch and tampering - -Message digests are supposed to be unbreakable, tamperproof -technologies, but of course everything can be broken by a sufficiently -determined attacker. Suppose someone wanted to edit a file and alter -the CFEngine checksum database to cover their tracks. If they had -broken into your system, this is potentially easy to do. How can we -detect whether this has happened or not? - -A simple solution to this problem is to use another checksum-based -operation to copy the database to a completely different host. By using -a copy operation based on a checksum value, we can also remotely detect -a change in the checksum database itself. - -Consider the following code: - -@smallexample -# Neighbourhood watch - -control: - - allpeers = ( - SelectPartitionNeighbours(/path/hostlist,\#,random,4) - ) - -copy: - - /var/cfengine/checksum\_digests.db - - dest=/safekeep/chkdb_$(this) - type=checksum - server=$(allpeers) - inform=true # warn of copy - backup=timestamp - define=tampering - -alert: - - tampering:: - - 'Digest tampering detected on a peer' -@end smallexample - - -It works by building a list of neighbours for each host. The function -@smallexample -SelectPartitionNeighbours -@end smallexample -can be used for this. Using a file which -contains a list of all hosts running CFEngine (e.g. the @code{cfrun.hosts} file), -we create a list of hosts to copy databases it from. Each host in the -network therefore takes on the responsibility to watch over its neighbours. - -The copy rule attempts to copy the database to some file in a safekeeping -directory. We label the destination file with @code{$(this)} which becomes -the name of the server from which the file was collected. Finally, we backup -any successful copies using a timestamp to retain a complete record of all changes -on the remote host. Each time a change is detected, a copy will be kept of the -old. The rule contains triggers to issue alerts and warnings also just to make -sure the message will be heard. - -In theory, all four neighbours should signal this change. If an attacker -had detailed knowledge of the system, he or she might be able to subvert -one or two of these before the change was detected, but it is unlikely that -all four could be covered up. At any rate, this approach maximizes the -chances of change detection. - -Finally, in order to make this copy, you must, of course, grant access to the -database in @code{cfservd.conf}. - - -@smallexample -# cfservd.conf - -admit: - -any:: - - /var/cfengine/checksum_digests.db mydomain.tld -@end smallexample - - -Let us now consider what happens if an attacker changes a file an edits -the checksum database. Each of the four hosts that has been designated -a neighbour will attempt to update their own copy of the database. If the -database has been tampered with, they will detect a change in the md5 -checksums of the remote copy versus the original. The file will therefore -be copied. - -It is not a big problem that others have a copy of your checksum -database. They cannot see the contents of your files from this. A -possibly greater problem is that this configuration will unleash an -avalanche of messages if a change is detected. This makes messages visible at least. - - - - -@c *********************************************************** -@node Release Management in ITIL, Configuration version control and rollback, Change Management in ITIL, Using CFEngine to implement ITIL objectives -@section Release Management in ITIL - -Release management, as defined by ITIL (section 9 of BS15000-2), is a -management function rather than a machine implementation -operation. It includes all aspects of designing, planning and scheduling -changes, but does not include the implementation. - -CFEngine can help with the final stages of software release -management, namely deployment of software components and -configuration. However, the bulk of this item concerns the human -process of decision-making. - -@itemize -@item Creating a schedule and policy for releases. -@item Acquiring of completing the components for release. -@item Assigning roles for responsibility. -@item Labelling release items uniquely for tracking. -@item Documentation updates. -@item Testing prior to release. -@end itemize -CFEngine is not a tool for assisting in this kind of process. Some -kind of process planning tool and revision control system could work -for this. - -CFEngine has features that can be considered in the context of this -work, however. - -@itemize -@item packages - -@item files - -@item copy - -@end itemize - -ITIL frequently works with the idea of a @emph{baseline state} -While CFEngine has no problem working with the idea of a baseline configuration, -it is designed to exceed this assumption of maintenance from release to release. -ITIL does not adequately address the need for on-the-fly maintenance; it only -models large-jump changes, not error corrections. CFEngine, on the other hand, makes -no distinction between a large and a small change, thus users of CFEngine must make -a value judgement about the nature of such changes. - - -@c *********************************************************** -@node Configuration version control and rollback, Availability and Capacity Management, Release Management in ITIL, Using CFEngine to implement ITIL objectives -@section Version control and rollback - - - -CFEngine does not provide specific tools for versioning configuration -specifications. It is rather recommended to use a tool such as subversion -for this. - -Subversion maintains its own revision numbers that are not -visible to CFEngine however. -It is useful to be able to refer to version numbers also -in CFEngine. From software release 2.2.2 a version string -can be added to files as follows: -@smallexample -control: - -cfinputs_version = ( 1.2.3 ) -Auditing = ( on ) - -@end smallexample -This -defines the version number of a set of configuration files -which is referred to in auditing and error messages. - - -When CFEngine saves the current -version of a file that it is modifying or replacing, by default such -files are given a new extension and remain within the same directory -which they were encountered. Alternatively, one can specify a -repository directory to which such files can be moved instead. The -repository location is specified in the @code{control} section: -@smallexample -control: - Repository = ( /var/spool/CFEngine ) -@end smallexample -Files moved to the repository are given names reflecting their full path, with slashes replaced -by underscore characters. For some, this creates a clearer overview of the -changes that have occurred. - -The repository is used by @code{disable}, @code{editfiles}, @code{links}, and @code{copy} rule types; -@code{copy} and @code{disable} allow you to override repository use or to specify an alternate -repository directory via their @code{repository} option. - - -You should never edit the production version of a policy directly, but rather edit a -separate development area and publish the changes once tested. The ITIL change management -process is applicable to this human change (much more relevant that the machine changes -made by CFEngine itself.). - - -@menu -* Delegating responsibility to multiple groups:: -@end menu - -@c *********************************************************** -@node Delegating responsibility to multiple groups, , Configuration version control and rollback, Configuration version control and rollback -@subsection Delegating responsibility - -CFEngine has no meta-access control mechanism which can decide who may -write policy rules. To create such a mechanism, there would have to be -a monitor which could identify users, and an authority mechanism that -would disallow certain users to write rules of certain types about -certain objects on certain hosts. Clearly it is @emph{possible} -to create such a system, but it would be both technically -difficult, very cumbersome to use and would add a whole new level -of complexity to policy and potential error to the configuration process. - -To keep matters as simple as possible, CFEngine avoids this and -proposes a different approach. Promise theory allows us to model the -security implications of this (see the figure of the bow-tie -structure). A simple method of delegating is the following. - -@enumerate -@item Delegate responsibility for different issues to admin teams 1,2,3, etc. -@item Make each of these teams responsible for version control of their own -configuration rules. -@item Make an intermediate agent responsible for collating and vetting the rules, checking for -irregularities and conflicts. This agent must promise to disallow rules by -one team that are the responsibility of another team. The agent could be a -layer of software, but a cheaper and more manageable solution is the make this -another group of one or more humans. - -@item Make the resulting collated configuration version controlled. Publish -approved promises for all hosts to download from a trusted source. - - -@end enumerate - -A review procedure for policy promises is a good -solution if you want to delegate responsibility for different parts of -a policy to different sources. Human judgement is irreplaceable, and tools -can be added to make conflicts easier to detect. - -Promise theory underlines that, if a host of computing device accepts -policy from any source, then it is alone and entirely responsible for -this decision. The ultimate responsibility for the published version -policy is the vetting agent. This creates a shallow hierarchy, but -there is no reason why this formal body could not be comprised of -representatives from the multiple teams. - -@image{delegate,10cm,,Delegation of responsibility requires vetting access,png} - - -@c *********************************************************** -@node Availability and Capacity Management, , Configuration version control and rollback, Using CFEngine to implement ITIL objectives -@section Availability and Capacity Management - -CFEngine records all manner of information about the behaviour of computers during -its efforts to keep promises. These data offer the potential of mining for building -up a picture of the behaviour of an entire datacentre or organization, perhaps even -multiple domains. - -CFEngine's environment daemon further collects patterns of environmental influence -of hosts in a resource non-intensive manner. -These data contain much information to enable capacity planning. - -We should add a warning however. Capacity planning requires a considerable -amount of data and analysis, as well as a sound and critical judgement of the -data. Resource and performance management are such complex issues that -no simple recipe or checklist can replace the judgement of an experienced -engineer. However, CFEngine can supply data to such an engineer. - -@enumerate -@item Performance measurements (@code{cfshow -p}) allow the average throughput of a server in terms -of time to completion of service. If service times are too long, this is an indication -(but not proof) that hardware should be upgraded. - -@item Activity levels are graphed per service. These indicate the level of traffic -coming into the different servers. Evidence of a ceiling limit on the throughput (clipping -in the time-series) can show insufficient throughput. - -@item Distribution graphs of fluctuations about the mean can also show evidence -of ceiling limits. Asymmetric distributions show when the majority of -service requests tend to bunch at a high level (probable stress on -server) or at a low level (over dimensioned server). -@end enumerate - -The level of technical understanding to make sound judgements based on -these data goes somewhat beyond the scope of this document. This -motivates us to create better tools for CFEngine that can make these -analyses more accessible to users. However, this must be deferred for another -occasion. - - -@c *********************************************************** -@node Summary, ITIL glossary, Using CFEngine to implement ITIL objectives, Top -@chapter Summary - -We have described the basics of CFEngine and ITIL and shown a number -of areas where the two can be integrated. - - -@itemize -@item CFEngine users can benefit from the disciplines that ITIL brings. -@item ITIL can benefit from the predictability that CFEngine brings. -@end itemize - - - - - -@menu -* How we wrote this document:: -* Road-map for adoption:: -@end menu - -@c *********************************************************** -@node How we wrote this document, Road-map for adoption, Summary, Summary -@section How we wrote this document, Promise concepts voluntary cooperation, Summary, Summary - - -So, if ITIL is so great, did we use it to manage the process of -writing this document? Authoring a document and authoring a policy -have much in common, so let us spend a moment to examine the process -of checks and balances that we have used to produce this text. - -The answer to our question is both yes and no, and while this might -sound rather unhelpful, we suggest that it is in fact a significant -answer; indeed it is the @emph{right} answer in response to any -question about best practices because such recipes must always be -applied to a specific context. - -There are sensible and ridiculous ways to implement a set of -recommendations. ITIL users should expect to adapt its generalized -ideas to each set of special circumstances. To do this here, we have -used the parts of ITIL that make particular sense for authoring, and -we have also used CFEngine's model of promises or voluntary -cooperation to understand how to implement them. - -For example, ITIL suggests forming committees for discussing and -deciding change. A committee is a cumbersome device when the total -number of people involved in the entire process is two. Nevertheless, -the role of the committee is relevant (i.e. the promises it makes to -bring the process to completion), and this is where promise theory -helps us to make sense of the ``dumb rules''. We have multiple opinions -and multiple pairs of eyes for quality control as well as for inspiration. - -@menu -* ITIL concepts for authoring:: -* Promise concepts voluntary cooperation:: -@end menu - -@node ITIL concepts for authoring, Promise concepts voluntary cooperation, How we wrote this document, How we wrote this document -@subsection ITIL concepts for authoring, Promise concepts voluntary cooperation, Summary, Summary - -Several parts of ITIL are quite relevant to authoring. - -@itemize -@item @emph{Service management.} A document provides an information service to its clients (the readers). -It promises to be accurate to within reasonable limits. - -@item @emph{Release management.} Each version of our document can be considered a release -which undergoes a continual improvement cycle, constantly being evaluated and -changed in accordance with events and incidents that occur. - -@item @emph{Incidents.} An incident is something that impacts on the service. An incident -could be the discovery of an error in the text. It could be a disagreement between -the authors or a misunderstanding on the part of the reader. There have been many incidental -changes based on discussions in our teams. - -@item @emph{Impact.} The impact of the incident is the potential damage caused by the incident, -or the usefulness of the discovery. Incidents are not necessarily negative events. They -can be events which point out improvements. - -@item @emph{Request for change.} One of the authors asks to make changes to the text. - -@item @emph{Change management.} Each identified change can be evaluated for its potential -impact (benefit or confusion). If there are many changes to be made, priority can be -assigned to them. When should the changes be implemented? - -@end itemize - -@c *********************************************************** -@node Promise concepts voluntary cooperation, , ITIL concepts for authoring, How we wrote this document -@subsection Promising voluntary cooperation, Road-map for adoption, Summary, Summary - - -What does promise theory say about collaborative authoring? - -First of all, it begins by saying that each individual in the process -of authoring has independent knowledge and should be represented as a -separate agent. It tells us that promises to cooperate will be needed -to integrate the information. - -However, more than that, promises tell us that each section of the -text is an ``agent'' which can change or behave independently. In -other words, we can manage the parts independently, but again we need -to promise to coordinate those parts. So promise theory asks us first -to identify the agents (the topics in the document) that will be -interacting and then find out what promises they need to make to carry -out their function. - -Because of the individual nature of the parts, we can associate an -individual author to each. To bring them together we need a further -agent or individual to collate independent ideas and policy sources -into a single coherent whole. Thus promises shows us a basic -``bow-tie'' structure for integrating and correlating independent -sources and then making the results available to independent users -(see figure). This is not the only solution to the -problem of vetting that promises predicts, but it is the simplest -one. Also it is the approach that ITIL approves -- making a someone -responsible for the job. - -We emphasize that promise theory does not tell us the specifics of how -to implement solutions, it only tells us what elements are needed and -how they should interact. So we might implement agents as people, as -different computers, or as different user accounts within the same computer. -As long as the elements can keep the necessary promises, it does not matter. - - -So how did we write our document? In fact we did not use a very -strict ITIL-like change management process when writing the first -versions of our document. Such a process could have strangled our work -in the creative stage and doubled the time it took to write. Rather, we worked -in an @emph{ad hoc} way by voluntary cooperation. Each of us promised -to write about certain topics and work on the text independently. We -worked as autonomous agents, and we used Subversion (a version control -and sharing system) to keep the working document. Subversion is itself -a third agent which promises to accept changes one at a time from -either of the two authors and then make these changes available again -to both authors. This agent performs no vetting or control other than -ordering the changes. - -The authors have to promise to one another to resolve any conflicts or -disagreements, but promises do not suggest how this might take place. -(ITIL, on the other hand, does offer suggestions for this resolution process). - -ITIL seems to work best once a service is up and running, or once a -basic version of a document exists. It does not say so much about the -creative act, except to think of it as a release. - -What ITIL is weak at is parallelization of effort. ITIL's processes are -serialized processing models. In our first creative versions, we -converged in parallel onto an approximate result, each working -separately. This is very efficient but it can lead to duplication of -work or inconsistency. Serialization is needed to resolve consistency -issues precisely, but it leads to unnecessary waiting in some cases. - - -@node Road-map for adoption, , How we wrote this document, Summary -@section Road-map for adoption - -Below we indicate a checklist of ITIL compliant steps for using CFEngine -in a machine life-cycle. - - -@enumerate -@item Set up cfagent running at scheduled interval X. This is the Service Level Agreement. - -@item Set up versioning of policy. - -@item Set up delegation of authorship. - -@item Run cfenvd for passive monitoring. Run cfagent for active monitoring. - -@end enumerate - -Release: - -@enumerate - -@item Select installation medium e.g. DVD, net-boot with hooks to CFEngine. - -@item Start with essential promises, and formulate the configuration policy. - -@item Use ITIL processes for deciding and refining configuration promises. - -@item Evaluation and monitoring of promises using cfagent and cfenvd. - -@item Use cfagent for monitor changes using cryptographic checksums. - -@item Develop recovery plans. Use CFEngine to automate backup of data and -automate the duplication of servers for load balancing and redundancy. - -@end enumerate - - - - -@c -------------------------------------------------------------------- - -@node ITIL glossary, , Summary, Top -@chapter ITIL glossary - -This section lists some of the many terms from ITIL, especially the ISO/IEC 20000 -version of the text, and offers some comments and translations into common CFEngine -terminology. - - - -@menu -* Active Monitoring:: -* Availability:: -* Alert:: -* Audit :: -* Baseline:: -* Benchmark :: -* Capability:: -* Change record:: -* Chronological Analysis:: -* Configuration:: -* Configuration Item (CI):: -* Configuration Management Database CMDB :: -* Document:: -* Emergency Change:: -* Error:: -* Event:: -* Exception:: -* Failure:: -* Incident:: -* Monitoring:: -* Passive Monitoring:: -* Policy:: -* Proactive Monitoring:: -* Problem:: -* Promise:: -* Reactive Monitoring:: -* Record:: -* Recovery:: -* Remediation:: -* Repair:: -* Release:: -* Request for Change:: -* Resilience:: -* Restoration:: -* Role:: -* Service desk:: -* Service Level Agreement:: -* Service Management:: -* Warning:: -@end menu - -@node Active Monitoring, Availability, ITIL glossary, ITIL glossary -@section Active Monitoring - -Monitoring of a configuration item or IT service that uses automated regular checks to discover the current status. - -@cartouche -CFEngine performs programmed checks of all of its promises each time cfagent is started. -Cfagent is, in a sense, an active monitor for a set of promises that are described in its -configuration file. -@end cartouche - -@node Availability, Alert, Active Monitoring, ITIL glossary -@section Availability - -The ability of a component or service to perform its required function. - -Availability = Hours operational / Agreed service hours - - -@cartouche -Availability or intermittency in CFEngine refers to the responsiveness of -hosts in a network when remotely connecting to cfservd. - -Intermittency = Successful~ attempts / Total Attempts - -@end cartouche -This is a measurement that cfagent automatically makes. - -@node Alert, Audit , Availability, ITIL glossary -@section Alert - -A warning that a threshold has been reached, something has changed or a failure has occurred. - - -@cartouche -A CFEngine alert fits this description quite well. -Most alerts are user-defined, but a few are side effects of certain configuration -rules. -@end cartouche - -@node Audit , Baseline, Alert, ITIL glossary -@section Audit - - -A formal inspection and verification to check whether a standard or -set of guidelines is being followed. - - - - -@cartouche -CFEngine's notion of an audit is more like the notion from system -accounting. However, the data generated by this extra logging -information could be collected and used in a more detailed examination -of CFEngine's operations, suitable for use in a formal inspection -(e.g. for compliance). -@end cartouche - - -@node Baseline, Benchmark , Audit , ITIL glossary -@section Baseline - - -A snapshot of the state of a service or an individual configuration -item at a point in time - - -@cartouche -In CFEngine parlance, we refer to this as an initial state or -configuration. In principle a CFEngine initial state does not have to -be a known-base line, since the changes we make will not generally be -relative to an existing configuration. CFEngine encourages users to -define the final state (regardless of initial state). -@end cartouche - - -@node Benchmark , Capability, Baseline, ITIL glossary -@section Benchmark - -The recorded state of something at a specific point in time. - - -@cartouche -CFEngine does not use this term in any of its documentation, though -our general understanding of a ``benchmark'' is that of a standardized -performance measurement under special conditions. CFEngine regularly -records state and performance data in a variety of ways, for example -when making file copies. -@end cartouche - -@node Capability, Change record, Benchmark , ITIL glossary -@section Capability - -The ability of someone or something to carry out an activity. - - -@cartouche -CFEngine does not use this concept specifically. The notion of a capability -is terminology used in role-based access control. -@end cartouche - -@node Change record, Chronological Analysis, Capability, ITIL glossary -@section Change record - -A record containing details of which configuration items are affected -and how they are affected by an authorized change. - - - -@cartouche -CFEngine's default modus operandi is to @emph{not} record changes made -to a system unless requested by the user. Changes can be written as -log entries or audit entries by switching on reporting.@end cartouche - -Consider a typical CFEngine promise (to ensure that a destination file -is a copy of a source). Three levels of change recording can be -added in CFEngine 2: -@smallexample - -copy: - - /source/file dest=/destination/file - - inform=true - syslog=true - audit=true -@end smallexample -An ``inform'' promise means that cfagent promises to notify the -changes to its standard output (which is usually sent by email or -printed on a console output). A ``syslog'' promise implies that -cfagent will log the message to the system log daemon. Both of the -foregoing messages give only a simple message of actual changes. An -``audit'' promise is a promise to record extensive details about the -process that cfagent undergoes in its checking of other promises. - - -@node Chronological Analysis, Configuration, Change record, ITIL glossary -@section Chronological Analysis - -An analysis based on the timeline of recorded events (used to help identify possible causes of problems). - - - -@cartouche -A timeline analysis could easily be carried out based on audit -information, system logs and cfenvd behavioural records. -@end cartouche - -@node Configuration, Configuration Item (CI), Chronological Analysis, ITIL glossary -@section Configuration - -A group of configuration items (CI) that work together to deliver an IT service. - -@cartouche -A configuration is the current state of resources on a system. This is, in -principle, different from the state we would like to achieve, or what has -been promised. -@end cartouche - -@node Configuration Item (CI), Configuration Management Database CMDB , Configuration, ITIL glossary -@section Configuration Item (CI) - -A component of an infrastructure which is or will be under the control -of configuration management. - - -@cartouche -A configuration item is any object making a promise -in CFEngine. We often speak of the promise object, or ``promiser''.@end cartouche - -@node Configuration Management Database CMDB , Document, Configuration Item (CI), ITIL glossary -@section Configuration Management Database (CMDB) - -Database containing all the relevant details of each configuration -item and details of the important relationships between them. - - -@cartouche - -CFEngine has no asset database except for its own list of -promises. The only relationships is cares about are those which are -explicitly coded as promises. In the future, CFEngine 3 is likely -to extend the notion of promises to allow more general records of the -CMDB kind, but only to the extent that they can be verified autonomically. -@end cartouche - -@node Document, Emergency Change, Configuration Management Database CMDB , ITIL glossary -@section Document - -Information and its supporting medium. - - - -@cartouche -ITIL originally considered a document to be only a container for -information. In version 3 it considers also the medium on which -the data are recorded, i.e. both the file and the filesystem on which it resides.@end cartouche - -@node Emergency Change, Error, Document, ITIL glossary -@section Emergency Change - -A change that must be introduced as soon as possible -- for example to -solve a major incident or to implement a critical security patch. - - - -@cartouche -CFEngine has no specific concept for this. -@end cartouche - -@node Error, Event, Emergency Change, ITIL glossary -@section Error - -A design flaw or malfunction that causes a failure. - - - -@cartouche -CFEngine often uses the term configuration error to mean a deviation of -a configuration from its promised state. The ITIL meaning of the term would -translated into ``bug in the CFEngine software'' or ``bug in the -promised configuration''. -@end cartouche - - -@node Event, Exception, Error, ITIL glossary -@section Event - -A change of state that has significance for the management of a -configuration item or IT service. - - - -@cartouche -The same basic definition applies to CFEngine also, but CFEngine makes -all such events into @emph{classes}, since its approach to observing -the environment is to measure and then classify it into approximate -expected states. CFEngine class attributes (usually from cfenvd) may -be considered as event notifications as they change. -@end cartouche - -@node Exception, Failure, Event, ITIL glossary -@section Exception, Failure, Event, Summary - -An @b{event} that is generated when a service or device is currently operating abnormally. - - - -@cartouche -A state in which configuration policy is violated (could lead to a -warning or an automated correction). -@end cartouche - - -@node Failure, Incident, Exception, ITIL glossary -@section Failure - -Loss of ability to operate to specification or to deliver the required output. - - - -@cartouche -ITIL's idea of a failure is something that prevents a promise from being kept. -CFEngine's autonomy model means that it is unlikely for such a failure -to occur, since promises are only allowed to be made about resources for which -we have all privileges. Occasionally, environmental issues might interfere and -lead to failure. -@end cartouche - -@node Incident, Monitoring, Failure, ITIL glossary -@section Incident - -Any event that is not expected in normal operations and which might -cause a degradation of service quality. - - - -@cartouche -CFEngine's philosophy of convergence gives us only one option for -interpreting this term, namely as a temporary deviation from promised -behaviour. A deviation must be temporary if CFEngine is operating -continually, since it will repair any problem on its next invocation -round. Events which do not impact promises made by CFEngine are of no -interest to CFEngine, since autonomy means it cannot be responsible -for anything beyond its own promises. -@end cartouche - -@node Monitoring, Passive Monitoring, Incident, ITIL glossary -@section Monitoring - -Repeated observation of a configuration item, IT service or process in -order to detect events and ensure that the current status is known. - - - -@cartouche -CFEngine incorporates a number of different kinds of monitoring, including monitoring of kept -configuration-promises and passive monitoring of behaviour. -@end cartouche - -@node Passive Monitoring, Policy, Monitoring, ITIL glossary -@section Passive Monitoring - -Monitoring of a configuration item or IT service that relies on an alert or notification to discover the current status. - - - -@cartouche -Cfenvd is CFEngine's passive monitoring component. It observes system -related behaviour and learns about it. It assumes that there is likely -to be a weekly periodicity in the data in order to best handle its -statistical inference. -@end cartouche - -@node Policy, Proactive Monitoring, Passive Monitoring, ITIL glossary -@section Policy - -Formally documented management expectations and intentions. Policies -are used to direct decisions, and to ensure consistent and appropriate -development and implementation of processes, standards, roles, -activities, IT infrastructures, etc. - - -@cartouche -CFEngine's configuration policy is an automatable set of promises -about the static and runtime state of a computer. Roles are identified -by the kinds of behaviour exhibited by resources in a network. We say -that a number of resources (hosts or smaller configuration objects) -play a specific promised role if they make identical promises. Any resource can -play a number of roles. Decisions in CFEngine are made entirely on the basis -of the result of monitoring a host environment. -@end cartouche - -@node Proactive Monitoring, Problem, Policy, ITIL glossary -@section Proactive Monitoring, Problem, Policy, Summary - -Monitoring that looks for patterns of events to predict possible future failures. - - - -@cartouche -All CFEngine monitoring is pro-active in the sense that it can lead to automated follow-up actions. -@end cartouche - -@node Problem, Promise, Proactive Monitoring, ITIL glossary -@section Problem - -Unknown underlying cause of one or more incidents. - - - -@cartouche -A repeated deviation from policy that suggests a change of policy or -specific counter-measures. A promise needs to be reconsidered or new promises -are required. -@end cartouche - -@node Promise, Reactive Monitoring, Problem, ITIL glossary -@section Promise, Reactive Monitoring, Problem, Summary - -ITIL does not define this term, although promises are deployed in -various ways -- for instance in terms of cooperation, communication -interfaces within or between processes or contractual relationships as -defined by Service Level Agreements, Operational Level Agreements and -Underpinning Contracts. - - - -@cartouche -A promise in CFEngine is a single rule in the CFEngine language. The promiser is the resource -whose properties are described, and the promisee is implicitly the CFEngine monitor. -@end cartouche - -@node Reactive Monitoring, Record, Promise, ITIL glossary -@section Reactive Monitoring - -Monitoring that takes action in response to an event -- for example -submitting a batch job when the previous job completes, or logging an -incident when an error occurs. - - - -@cartouche -The concept of reactive monitoring is unclear because the duration of an event and the speed of -a response are undefined. In a sense, all CFEngine monitoring is potentially reactive. It is possible -to attach actions which keep promises to any observable condition discernable by CFEngine's monitor. -CFEngine is not usually considered event driven however, since it does not react ``as soon as possible'' -but at programmed intervals. -@end cartouche - -@node Record, Recovery, Reactive Monitoring, ITIL glossary -@section Record - -Information in readable form that is maintained by the service provider about operations. - - - -@cartouche -A log entry or database item. -@end cartouche - -@node Recovery, Remediation, Record, ITIL glossary -@section Recovery - -Returning a Configuration Item or an IT service to a working -state. Recovering of an IT service often includes recovering data to a -known consistent state. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. -@end cartouche - -@node Remediation, Repair, Recovery, ITIL glossary -@section Remediation - -Recovery to a known state after a failed change or release. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. - -However, this concept is like the notion of ``rollback'' which often involves a more -significant restoration of a system from backup. This is discussed later. -@end cartouche - -@node Repair, Release, Remediation, ITIL glossary -@section Repair - -The replacement or correction of a failed configuration item. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation.@end cartouche - -@node Release, Request for Change, Repair, ITIL glossary -@section Release, Request for Change, Repair, Summary - -A collection of new or changed configuration items that are introduced together. - - - -@cartouche -An instantiation of the entire CFEngine system under a specific -version of a policy, i.e. a specific set of promises. -@end cartouche - -@node Request for Change, Resilience, Release, ITIL glossary -@section Request for Change - -A form to be completed requesting the need for change. This is to be followed up. - - - -@cartouche -This has no counterpart in CFEngine. It is part of human communication -which coordinates autonomous machines. Clearly autonomous computers do not -listen to change requests from other computers, but when machines cooperate -in clusters or groups they take suggestions from the collaborative process. -An RFC in an ITIL sense is part of an organizational process that goes beyond - CFEngine's level of jurisdiction. This is an example of what ITIL adds to -the autonomous CFEngine model. -@end cartouche - -@menu -* Abandon Autonomy?:: -@end menu - -@node Abandon Autonomy?, , Request for Change, Request for Change -@subsection Abandon Autonomy? - -Why not simply abandon autonomy of machines if this seems to interfere -with the need for organizational change? There are good reasons why -autonomy is the correct model for resources. Autonomy reduces the risk to a -resource of attack, mistake and error propagation. - -ITIL's processes exist precisely to minimize the risk of negative -impact of change, so the goals are entirely compatible. When an organization -discusses a change it examines information from possible several autonomous -systems and discusses how they will change their pattern of collaboration. -There is no point in this process at which it is necessary for one of the -systems to give up its autonomy. - - -@node Resilience, Restoration, Request for Change, ITIL glossary -@section Resilience - -The ability of a configuration item or IT service to resist failure or to recover quickly following a failure. - - - -@cartouche -CFEngine's purpose is to make a system resilient to unpredictable change.@end cartouche - -@node Restoration, Role, Resilience, ITIL glossary -@section Restoration - -Actions taken to return an IT service to the users after repair and recovery from an incident. - - - -@cartouche -All CFEngine promises refer to the state of a system that is desired. The promises are -automatically enforced, hence CFEngine recovers a system (in principle) on every invocation. -CFEngine always returns to a known state, due to the property of ``convergence''. There is no -distinction between the concepts of repair, recovery or remediation. - -However, this concept seems to suggest a more catastrophic failure -which often involves a more significant restoration of a system from -backup. This is discussed later. -@end cartouche - -@node Role, Service desk, Restoration, ITIL glossary -@section Role - -A set of responsibilities, activities and authorities granted to a person or a team. Roles are defined in processes. - - - -@cartouche -A role in CFEngine is a class of agents that make the same kind of promise. The type -of role played by the class is determined by the nature of the promise they make. e.g. -a promise to run a web server would naturally lead to the role ``web server''. -@end cartouche - -@node Service desk, Service Level Agreement, Role, ITIL glossary -@section Service desk - -Interface between users and service provider. - - - -@cartouche -A help desk. This is not formally part of CFEngine's tool set. -@end cartouche - -@node Service Level Agreement, Service Management, Service desk, ITIL glossary -@section Service Level Agreement - -A written agreement between the service provider that documents agreed -services, levels and penalties for non-compliance. - - - -@cartouche -An agreement assumes a set of promises that propose behaviour and an -acceptance of those promises by the client. If we assume that the -users are satisfied with out policies, then an SLA can be -interpreted as a combination of a configuration policy -(configuration service promises), and the CFEngine execution -schedule. -@end cartouche - - -@node Service Management, Warning, Service Level Agreement, ITIL glossary -@section Service Management - - The management of services. - - - -@cartouche -Same.@end cartouche - -@node Warning, , Service Management, ITIL glossary -@section Warning - -An @b{event} that is generated when a service or device is approaching its threshold. - - - -@cartouche -A message generated in place of a correction to system state when a deviation from policy is detected. -Note that CFEngine is not based on fixed thresholds. All ``thresholds'' for action or warning -are defined as a matter of policy. -@end cartouche - - - - - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf3-glossary.texinfo b/docs/guides/cf3-glossary.texinfo deleted file mode 100644 index d815119c56..0000000000 --- a/docs/guides/cf3-glossary.texinfo +++ /dev/null @@ -1,274 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-glossary.info -@settitle CFEngine Glossary -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine Glossary -@subtitle A CFEngine Handbook -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2009- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, , (dir), (dir) -@top CFEngine Glossary -@end ifnottex - -@table @emph - -@item Agent -A piece of software that runs independently and automatically to carry out a task (think software robot). -Inn CFEngine, the agent is called @code{cf-agent} and is responsible for making changes to computers. - -@item Amber host -A host that has repaired more than 20% of its scheduled promises in the past 5 minutes. -(See yellow host.) - -@item Body -A promise body is the description of exactly what is promised (as -opposed to what/who is making the promise). The term `body' is used in -the CFEngine syntax to mean a small template that can be used to -contribute as part of a larger promise body. - -@item Bundle -In CFEngine, a bundle refers to a collection of promises that has a name. - -@item CDP -Content Driven Policy. A way of simplifying the way users provide -information to CFEngine about policy by hiding the overhead of policy -coding. A CDP is a set of promises that is designed to solve a -particular task in a standard way. Users provide only a little data in -the form of a simple spreadsheet of data in a table. - -@item CFEngine -The name of the CFEngine Company, as well as the name of the Software. CFEngine comes from -a contraction of `ConFiguration Engine'. - -@item CFEngine 3.x -Major version 3 of the CFEngine software, started in 2008 and going up -to the present day. This comes in several @emph{editions}, both Open Source and Commercial. - -@item CFEngine Community Edition -Free and Open Source edition of the CFEngine software, published under the GPL3 license, -and optionally under the COSL license. - -@item CFEngine Community Open Promise-Body Library -A collection of standard definitions that is open to the user community for comment and standardization. - -@item CFEngine Enterprise -Refers to commercial (paid) editions of the CFEngine software, published under the COSL license. CFEngine Nova was renamed to CFEngine Enterprise in version 2.2 (2012). - -@item CFEngine Nova -The first enterprise edition of CFEngine, that automatically creates a simple `star network' -mangement model for hosts in an environment. Was renamed to CFEngine Enterprise in version 2.2 (2012). - -@item ChangeLog -A file used to describe the changes made since the last version of the software. - -@item CMDB -A Configuration Management Database. A term coined as part of the IT Infrastructure Library (ITIL) -as an outgrowth of an inventory database. - -@item CMS -Content Management System. A kind of editor for maintaining something (often web pages). - -@item Code branch -The development of software is a branching process. At certain times, -the software code splits into different versions following different -paths. Each path needs to be maintained separately for a while. This -often happens when a release is made, because one wants to freeze the -development of a public release (allowing nevertheless for some minor -bugfixes), while continuing to add features to a branch leading to -future versions. - -@item COPBL -CFEngine Community Open Promise-Body Library (abbrev: CFEngine standard library). -A collection of standard definitions. - -@item COSL license -The Commercial Open Source License used for the CFEngine - -@item CSS -Cascading Style Sheets. Part of Web technology used to describe page design. - - -@item Diff -A `diff' is a report (originally that generated by the UNIX @code{diff} command) that -details the differences between two files. The term is often used as slang meaning a file comparison. - -@item GPL3 -The GNU Public License, version 3. - -@item Green Host -A host for which more than 80% of all promises are kept. - -@item GUI -Graphical User Interface. - -@item Host -UNIX terminology for a computer the runs `guest programs'. In practice, `host' -is a synonym for `computer'. - -@item Hub -A host that works as a -single point of management in a local `star-network'. The term hub is -sometimes used to mean policy distribution server. In CFEngine Enterprise a -separate software component, @code{cf-hub}, does report collection from all CFEngine -managed hosts. The -term hub means the centre of a wheel, from which multiple spokes -emerge. - -@item Knowledge Map -A master index of all the information known about a CFEngine managed environment, represented as -a set of web pages with an interactive interface based on a `semantic web'. The CFEngine Mission Portal provides a -web-based interface for browsing this knowledge map index. - -@item Mission -The mission refers to the raison d'\hat etre of an organization. CFEngine's -task is to support this mission by keeping a set of promises for its IT infrastructure. - -@item Mission Portal -The name given to the user interface used in commercial CFEngine editions, where -all reports and progress summaries are kept. - -@item Modular license -A license granting partial functionality to an Enterprise Edition of CFEngine. - -@item LDAP -The Lightweight Directory Access Protocol. A kind of `phone book' service providing information -about persons and computers in an organization. - -@item Libraries -A library generally refers to collection of standardized CFEngine code -that can be reused in different scenarios and environments. This might -be bundles of promises, or reusable body-parts. - -@item Packages -Software binaries or executable files. The CFEngine company compiles and tests software -into packages suitable for different platforms. - -@item Platforms -This usually refers to an operating system type, e.g. Linux (in its many flavours), or -Windows, etc. Platforms are described using short identifiers, e.g. RH5, REL5, SuSE 11, SLES, etc. - -@item Knowledge Map -Content portal containing datacentre information, privately managed -knowledge resources and CFEngine documentation. - -@item PCI compliance -Payment Card Industry Data Security Standard (PCI DSS) is a set of -requirements designed to ensure that ALL companies that process, store -or transmit credit card information maintain a secure environment. - -@item Promise -The CFEngine software manages every intended system outcome as `promises' to be kept. -A CFEngine Promise corresponds roughly to a rule in other software products, but importantly -promises are always things that can be kept and repaired continuously, on a real time basis, -not just once at install-time. - -@item Policy -A policy is a set of intentions about the system, coded as a list of -promises. A policy is not a standard, but the result of specific -organizational management decisions. - -@item Semantic web -A form of web content in which hyperlinks always explain the meaning of the -information they point to, in relation to the -subject of interest. Semantic web technologies include RDF, Topic Maps etc. - -@item Server -A term used in many different ways, riddled with confusion. A server -is strictly a piece of software that runs on some computer in -order to perform a service, e.g. a web server is a program that -makes a computer part of the World Wide Web. For historical reasons, -certain computers are referred to as servers, especially when kept in -datacentres because such computers often run services. In CFEngine, @code{cf-serverd} -is a software component that serves files from one computer to another. -All computers are recommended to run @code{cf-serverd}, making all computers CFEngine servers, -whether they are laptops, phones or datacentre computers. - -@item Service Catalogue -A kind of directory of `services' provided in an environment. The concept of a service -could be anything from a human help desk to a machine controlled email subsystem. -In the CFEngine Mission Portal, the service catalogue (for maintenance) treats promise-bundles of promises as low-level -maintenance services, and relates these to high level business goals. - -@item SOX Compliance -Sarbanes-Oxley Act compliance. An audited accolade for financial data security -required by all companies on the New York stock exchange. - -@item Standard library -The CFEngine Standard library is a collection of standardized definitions (see COPBL). - -@item Template -A template is an incomplete piece of CFEngine code, with blanks to fill in. It is often -a policy fragment that can be re-used in different scenarios. This is often used interchangeably -with the term `library'. - -@item UI -User interface. - -@item Yellow host. -See amber host. - -@end table - - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf3-installation.texinfo b/docs/guides/cf3-installation.texinfo deleted file mode 100644 index cd0274b33d..0000000000 --- a/docs/guides/cf3-installation.texinfo +++ /dev/null @@ -1,277 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-installation.info -@settitle CFEngine Installation Guide -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine Installation Guide -@subtitle A CFEngine Handbook -@author CFEngine AS - - -@page - -@cartouche -@quotation -This short guide explains how to install the software and get it running. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, CFEngine Installation Guide, (dir), (dir) -@top CFEngine Installation Guide -@end ifnottex - -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@menu -* CFEngine Installation Guide:: -@end menu - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** -@node CFEngine Installation Guide, , Top, Top -@chapter CFEngine Installation Guide - -The quickest way to get started with CFEngine is to download and install binary packages, available from @url{http://cfengine.com/inside/myspace}. Installing and bootstrapping @footnote{CFE Community 3.2 and up} these is a trivial operation, putting you two steps away from testing your first CFEngine policies. The other option is to download and compile the source code, available from @url{http://cfengine.com/source_code}. - -This guide assumes that you are logged in as root, use @code{sudo} if you wish to install from a regular user account (e.g. @code{host$ sudo rmp -ihv} @i{packages}). - -@menu -* Install from packages:: -* Build from source (CFE Community):: -* Bootstrap from source:: -* Check installation:: -* Next steps:: -@end menu - -@node Install from packages, Build from source (CFE Community), CFEngine Installation Guide, CFEngine Installation Guide -@section Install from packages - -@menu -* Unpack the software:: -* Bootstrap CFEngine:: -@end menu - -@node Unpack the software, Bootstrap CFEngine, Install from packages, Install from packages -@subsection Unpack the software - -System specific commands to unpack the software: -@table @i -@item Red Hat or SUSE family -@example -host# rpm -ihv @var{packages} -@end example - -@item Debian family -@example -host# dpkg --install @var{packages} -@end example -@end table - -The below examples are given for a Red Hat or SUSE, adapt them according to your system. To unpack: - -@example - host# rpm -ihv cfengine-community-3.x.y.rpm -@end example - - -@node Bootstrap CFEngine, , Unpack the software, Install from packages -@subsection Bootstrap CFEngine -@cartouche -The below procedure is valid for CFE Nova and CFE Community v3.2 and up (packages for v3.2 will be released soon). For earlier versions of CFE Community binaries, you may proceed directly to section 1.5 Next steps. -@end cartouche - -This procedure applies to all hosts, but you should bootstrap the hub (policy server) first. Find the hostname or IP address of the hub, here we assume the address is '123.456.789.123' (do not bootstrap with a localhost address). -@verbatim - - host# /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 - -@end verbatim - -CFEngine will output diagnostic information upon bootstrap (written to command line and syslog; cf-agent will also return a value: ERROR: 1, SUCCESS: 0). Error messages will be displayed if bootstrapping failed, pursue these to get and indication of what went wrong and correct accordingly. If all is well you should see the following in the output: - -@verbatim - --> Bootstrap to 123.456.789.123 completed successfully - -@end verbatim - -@sp 1 -CFEngine should now be up and running on your system. It will copy its default policy files into @file{masterfiles} on the hub (policy server) provided that the directory is empty (fresh install). When the clients are bootstrapped, they will contact the hub and copy them to their @file{inputs} directory. - - -@node Build from source (CFE Community), Bootstrap from source, Install from packages, CFEngine Installation Guide -@section Build from source - -See reference manual or INSTALL file in source code for dependencies. To build from source: -@verbatim - host# tar zxf cfengine-3.x.y.tar.gz - host# cd cfengine-3.x.y - host# ./configure - host# make - host# make install -@end verbatim - - -@node Bootstrap from source, Check installation, Build from source (CFE Community), CFEngine Installation Guide -@section Bootstrap from source - -Find the hostname or IP address of the hub, here we assume the address is '123.456.789.123' (do not bootstrap with a localhost address). - -@noindent On the hub (policy server): -@verbatim - host# /var/cfengine/bin/cf-key - host# cp /var/cfengine/share/CoreBase/*.cf /var/cfengine/masterfiles/ - host# /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end verbatim - -@itemize -@item The first run of cf-key will complain but it will create the local work directory tree, @code{/var/cfengine}, as well as a public and private key. -@item We use "cp" to populate the the binaries cache in @code{/var/cfengine/bin/}. -@item We also use "cp" to populate the @code{masterfiles} directory with the default configuration. -@item The bootstrapping will configure the hub and make CFEngine run in the background. -@end itemize - -@noindent On the clients (all other machines): -@verbatim - host# /var/cfengine/bin/cf-key - host# /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end verbatim - -@itemize -@item The first run of cf-key will complain but it will create the local work directory tree, @code{/var/cfengine}, as well as a public and private key. -@item Then we use "cp" to populate the the binaries cache in @code{/var/cfengine/bin/}. -@item The bootstrapping will contact the hub (policy server), fetch the default configuration (policy files) to place them in @code{/var/cfengine/inputs/}, and make CFEngine run in the background. -@end itemize - -@sp 1 -CFEngine should now be up and running on your system. - - -@node Check installation, Next steps, Bootstrap from source, CFEngine Installation Guide -@section Check installation - -@cartouche -The below procedure is valid for CFE Nova and CFE Community v3.2 and up (packages for v3.2 will be released soon). -@end cartouche - -The default configuration of CFEngine does nothing other than look after itself, running in the background. CFEngine will not display any messages if everything is OK, it will only look for -possible policy updates from @file{/var/cfengine/masterfiles} -on the hub (policy server). - -How to actively assess the success of your installation: - -@enumerate -@item Look at the process list on the systems with @samp{ps waux | grep cf}. -You should be able to see @code{cf-execd} running, and eventually other processes from -the CFEngine suite like @code{cf-monitord} @code{cf-serverd}. CFE Nova users should -also eventually see @code{cf-hub} running on the hub. Note that it may take 5--10 minutes before all the -processes get started. - -@item Look for files in @file{/var/cfengine/inputs} (Unix) -or @file{C:\Program Files\Cfengine\inputs} (Windows). -@end enumerate - -@node Next steps, , Check installation, CFEngine Installation Guide -@section Next steps - -We recommend the following reading: - -@itemize -@item CFEngine Concepts: @url{http://cfengine.com/manuals/cf3-conceptguide.html} -@item Get started, first promises: @url{http://cfengine.com/manuals/cf3-getstarted.html} -@end itemize - -@noindent For a complete overview: -@itemize -@item Tutorial: @url{http://cfengine.com/manuals/cf3-tutorial.html} -@item Reference manual: @url{http://cfengine.com/manuals/cf3-Reference.html} -@end itemize - -@noindent Links to external resources: -@itemize -@item Getting Started with CFEngine 3 by Vertical Sysadmin:@* -@url{http://www.verticalsysadmin.com/cfengine/Getting_Started_with_CFEngine_3.pdf} -@item CFEngine 3 Beginning Examples:@* -@url{http://www.verticalsysadmin.com/cfengine/beginning_examples/}@* -This is, basically, a selection from /var/cfengine/share/doc/examples/ which has over 200 examples. -@item "CFEngine 3 Tutorial" by Neil Watson:@* -@url{http://watson-wilson.ca/2011/05/cfengine-3-cookbook-begins.html} -@end itemize - -@c ------------------------------------------------------------------ - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/cf3-quickstart.texinfo b/docs/guides/cf3-quickstart.texinfo deleted file mode 100644 index 07fd0dc674..0000000000 --- a/docs/guides/cf3-quickstart.texinfo +++ /dev/null @@ -1,630 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-quickstart.info -@settitle CFEngine Quick Start Guide -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine Quick Start Guide -@subtitle A CFEngine Handbook -@subtitle Updated 26. February 2013 @c also update in ifnottex section below -@author CFEngine AS - - -@page - -@cartouche -@quotation -This short guide explains how to install the software and get it running. -@end quotation -@end cartouche - -@vskip 0pt plus 1filll -Copyright @copyright{} 2011- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -Updated 26. February 2012 -@node Top, Welcome to CFEngine!, (dir), (dir) -@top CFEngine Quick Start Guide - -@menu -* Welcome to CFEngine!:: -* CFEngine by Example:: -* Next steps:: -@end menu -@end ifnottex - -@contents - - - - - -@node Welcome to CFEngine!, CFEngine by Example, Top, Top -@unnumberedsec Welcome to CFEngine! - -CFEngine is a systems management tool designed to help you configure -and automate your IT infrastructure. It can expertly handle any number -of tasks, ranging from the standardization of server builds to the -deployment and management of software and services. In terms of real -time administration, CFEngine has the ability to maintain system -security from both a file system and process perspective and report on -environmental health and status. - -@menu -* CFEngine Automation Overview:: -* CFEngine Components -- What Are they and How Do They Work?:: -* Hubs:: -@end menu - -@node CFEngine Automation Overview, CFEngine Components -- What Are they and How Do They Work?, Welcome to CFEngine!, Welcome to CFEngine! -@unnumberedsubsec CFEngine Automation Overview - -CFEngine is a distributed solution that is completely independent of -host operating systems, network topology or system processes. You -describe the ideal state of a given system by creating promises -and the CFEngine agent ensures that the necessary steps are taken to -achieve this state. Automation in CFEngine is executed through a -series of components that run locally on all managed nodes. - -@node CFEngine Components -- What Are they and How Do They Work?, Hubs, CFEngine Automation Overview, Welcome to CFEngine! -@unnumberedsubsec CFEngine Components -- What Are they and How Do They Work? - -The power behind CFEngine lies in its components and the scripting -language used to interact with them. Once you know the scripting -language, you can clearly and specifically express your desired end -state, allowing CFEngine to achieve your goals with precision. - -There are a number of components in CFEngine, with each component -performing a unique function. The following components form the basis -of automation: - -@table @code -@item cf-execd -The cf-execd process can be likened to the cron process in UNIX/Linux or the Windows Scheduler. It runs as a daemon and its job is to start the cf-agent process at a specified time interval. This user configurable interval defaults to 5 minutes. -@item cf-agent -Is an agent that is called by the cf-execd process. The cf-agent component does the heavy work of system automation and maintenance. -@item cf-serverd -The cf-serverd process is used to distribute policy and/or data files. -@end table - -In conjunction with the process/agents listed, CFEngine needs to know -what you would like to automate, maintain or configure. For this -purpose, CFEngine has two additional components: promises and -policies. A promise is a statement, written in plain text using the -CFEngine language, that describes the desired state of a system. A -policy is a collection of one or more related promises, which is -executed every time the cf-agent runs. - -Next are the actual working files which are processed by CFEngine -whenever the cf-agent process runs. Perhaps the most important file is -the default policy file, which is called promises.cf. It is stored -locally on every host, enabling execution with or without network -dependencies. If you would like to update a policy, you simply make a -change to the desired policy file on the hub/policy server, then update promises.cf accordingly. Each client Agent will -automatically pull the new version in, then execute the new -instructions on the next run. - -@node Hubs, , CFEngine Components -- What Are they and How Do They Work?, Welcome to CFEngine! -@unnumberedsubsec Hubs, Servers and Clients - -Once CFEngine is installed on a system, it can function as either a -standalone client or as a part of a multi-node infrastructure. -Clients are designed to pull policies from either a CFEngine policy -server/hub, or, from themselves in the absence of a -policy server. If a system is dedicated as a CFEngine policy server or -hub, it is still a client that will maintain it's own state regardless -of it's function to the rest of CFEngine infrastructure. In addition, -a client can assume various roles in any given infrastructure; be it a -version control repository, distribution server or end host. - -Checkpoint: - -@itemize -@item CFEngine uses agents and language to perform automation and configuration tasks -@item Instructions written in CFEngine syntax are known as promises -@item One or more related promises can be written into a text file known as a policy -@item The promise.cf file references policy files that each system will run in order to perform local automation, configuration and security tasks -@item CFEngine maintains a desired system state on networked systems by utilizing client initiated pull technology; changes are never pushed or forced -@item Networked CFEngine clients will check its policy server/hub in order pull new policy changes when they are updated -@item The cf-agent process verifies the promises.cf file, then applies the policies to ensure that all promises are being kept -@item The cf-execd daemon starts cf-agent process on a regular intervals -@item The cf-serverd runs on a hub or server and allows client systems to retrieve policy changes and files. -@end itemize - -@node CFEngine by Example, Next steps, Welcome to CFEngine!, Top -@unnumberedsec CFEngine by Example - -For the purpose of these exercises, it would be ideal to have 2 test -systems available for CFEngine installation and configuration. You -will name the first test system cfhub and the second system, which you -will use in Step 3, will be named cfhost. Although installation and -testing on a single host will sufficiently demonstrate the power of -promises and policies, using 2 or more systems will allow you to -experience what CFEngine brings to the table in terms of multi-system -management. - -@menu -* Installation:: -* CFEngine File Structure:: -* Create and Manually Execute a Policy:: -* CFEngine Client:: -@end menu - -@node Installation, CFEngine File Structure, CFEngine by Example, CFEngine by Example -@unnumberedsubsec Installation - -The CFEngine package comes in many different flavors. For Linux -systems, CFEngine is available as a pre-compiled binary for many -distributions, including: Debian, Fedora, RHEL, SuSE and Ubuntu. These -packages are available from @url{http://cfengine.com/inside/myspace}. To -unpack the binaries (you must install them as root): - -@table @i -@item CFEngine 3 Enterprise Installation: - -@noindent For CFEngine 3 Enterprise, you will designate one at least one server as the hub, which should be installed first. - -CFEngine 3 Enterprise is provided in three packages (two hub and one client package). These are the three packages (inside the respective hub and client listings found under each platform in the software download page, example for 64 bit rpm packages): - -@itemize - -@item hub/cfengine-nova-3.0.xxx.x86_64.rpm -@item hub/cfengine-nova-expansion-3.0.xxx.x86_64.rpm -@item client/cfengine-nova-3.0.xxx.x86_64.rpm -@end itemize - -The difference between the two cfengine-nova-3.0.xxx packages (for hub and client) is that the agent binaries for the hub are linked to the MongoDB library while the binary for clients are not. Installing a client package on the hub will result in a database connection error, the Mission Portal will not be available and reports will not be collected. Installing the hub package on clients will result in error reports stating that the agent failed to connect to MongoDB (because it is not existent in client packages; danger of filling up error logs), but otherwise functionality will be assured. Please take care to install the correct packages on the corresponding nodes. The expansion package is only installed on the policy hub. You should install and set up the hub first. - -@table @i -@item RedHat/SuSE -@smallexample -rpm -ihv cfengine-nova-.rpm -rpm -ihv cfengine-nova-expansion-.rpm -@end smallexample - -@item Debian/Ubuntu -@smallexample -dpkg --install cfengine-nova-.deb -dpkg --install cfengine-nova-expansion..deb -@end smallexample -@end table - -@sp 1 -To install CFEngine 3 Enterprise on non-Hub systems: -@table @i -@item RedHat/SuSE -@smallexample -rpm -ihv cfengine-nova-.rpm -@end smallexample -@item Debian/Ubuntu -@smallexample -dpkg --install cfengine-nova-.deb -@end smallexample -@end table - -@sp 1 -@noindent On the hub, a public key has now been created in - -@file{/var/cfengine/ppkeys/localhost.pub} - -@noindent as part of the package -installation. You should send this public key to CFEngine Support as -an attachment in the ticket system, to obtain a license file -license.dat. Save the returned license file to -@file{/var/cfengine/masterfiles/license.dat} on the hub before continuing. - -For more details on software licensing see: - -@url{https://cfengine.com/software/Licensing.pdf} - -@item Community Installation: - -Prior to installing CFEngine, you should first ensure that the following packages are installed: - -@table @r -@item @b{OpenSSL} -Open source Secure Sockets Layer for encryption.@*URL: @url{http://www.openssl.org} -@item @b{Tokyo Cabinet} (version 1.4.42 or later) -Lightweight flat-file database system.@*URL: @url{http://fallabs.com/tokyocabinet/} -@item @b{PCRE} -Perl Compatible Regular Expression library.@*URL: @url{http://www.pcre.org/} - -@item -On Windows machines, you need to install the basic Cygwin DLL from @url{http://www.cygwin.com} -in order to run CFEngine. -@end table - -If they are not installed, then you can easily install them using the appropriate package manager: - -@table @i -@item Debian/Ubuntu: -@code{apt-get install libtokyocabinet-dev libpcre3-dev libssl-dev} -@item CentOS/RedHat: -@code{yum install tokyocabinet-devel pcre openssl} -@item SuSE: -@code{zypper install libtokyocabinet-devel pcre libopenssl} -@end table - -Once the prerequisites are installed or verified, you may proceed to the CFEngine installation. - -@table @i -@item RedHat/SuSE: -@code{rpm -ihv cfengine-community-3.x.y.rpm} -@item Debian/Ubuntu: -@code{dpkg --install cfengine-community-3.x.y.deb} -@end table - -For other UNIX/Linux systems, you may download and compile the source code, which is available from http://cfengine.com/source_code. -@end table - -@node CFEngine File Structure, Create and Manually Execute a Policy, Installation, CFEngine by Example -@unnumberedsubsec CFEngine File Structure - - -The CFEngine application is fully contained within the @file{/var/cfengine} -directory tree. For CFEngine 3 Entprise files will also be placed in the operating system -specific web document root (for instance in /var/www/ on Debian/Ubuntu). Although you will get to know this file system -intimately as you progress, here is a quick breakdown of the directory -structure and some of the files and functions associated with each -subdirectory: - -@table @file -@item /var/cfengine/bin - Consists of the agents and daemons that run CFEngine, including: - -@itemize -@item @file{cf-agent} - Agent: Executes the promises.cf file; ensures that all promises are being kept -@item @file{cf-execd} - Daemon: Starts the cf-agent process at a specified time interval. -@item @file{cf-serverd} - Daemon: Provides network services; used to distribute policy and data files -@item @file{cf-monitord} - Daemon: Collects system statistics -@item @file{cf-promises} - Agent: Verifies CFEngine's configuration syntax -@item @file{cf-runagent} - Agent: Contacts a remote system to run cf-agent -@item @file{cf-report} - Agent: Extracts and presents report data in HTML,XML or graph formats -@item @file{cf-know} - Agent (CFEngine Enterprise only): Builds knowledge maps based on promises and data -@end itemize - -@item /var/cfengine/masterfiles - -Policy repository which grants access to local or bootstrapped -CFEngine clients when they need to update their policies. Policies -obtained from @file{/var/cfengine/masterfiles} are then cached in -@file{/var/cfengine/inputs} for local policy execution. The -@file{cf-agent} executable does not execute policies directly from -this repository. - -@item /var/cfengine/inputs - Cached policy repository located on a CFEngine client. The @file{cf-agent} executable executes policies from this repository. - -@item /var/cfengine/outputs - Directory where @file{cf-agent} creates its output files. - -@item /var/cfengine/ppkeys - Directory used to store encrypted public/private keys for CFEngine client/server network communications. - -@item /var/cfengine/reports - Directory used to store reports generated by cf-report . - -@item /var/cfengine/lib - Directory to store shared objects and dependencies that are in the bundled packages. - -@end table - -@node Create and Manually Execute a Policy, CFEngine Client, CFEngine File Structure, CFEngine by Example -@unnumberedsubsec Create and Manually Execute a Policy - - -If you have ever taken a course in programming, then you are probably -familiar with the Hello World program. For CFEngine 3, the Hello -World policy would look like this: - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} - -bundle agent test -{ -reports: - cfengine_3:: - "Hello world!"; -} -@end verbatim - -This policy can be manually run by performing the following steps: - -@enumerate -@item Log on to the new host; copy and paste the above Hello World script into a text file named @file{/var/cfengine/inputs/test.cf} - -@item Verify the syntax by running cf-promises -- if verification is successful, you will see no output: - -@smallexample -root@@cfhub # cf-promises -f /var/cfengine/inputs/test.cf -@end smallexample - -@item Execute the policy -- if everything was successful, the string @samp{R: Hello World!} will be outputted immediately below the command: - -@smallexample -root@@cfhub # cf-agent -f /var/cfengine/inputs/test.cf -R: Hello world! -@end smallexample - -@end enumerate - -Like many languages, CFEngine has a structure which allows -declarations, variables and classes. The body structure is a place to -list constraints and items that control the flow of a policy. It can -be seen as a template macro (similar to the main() function in c) that -organizes promise attributes. The bundle structure can be viewed as a -collection of promises under a single name, much like a subroutine in -other languages. - - -Looking at the `Hello World' promise syntax, you will notice that it -starts with the following body structure: - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} -@end verbatim - -In this example, the body common control is used to control promise behavior by calling the bundle agent test, which is a collection of promise attributes: - -@verbatim -bundle agent test -{ -reports: - cfengine_3:: - "Hello world!"; -} -@end verbatim - -This bundle structure contains a special type of promise known as -reports: , which will automatically output `Hello World' if all -conditions of the promise are kept. Finally, there is the @code{cfengine_3::} -class. This class is defined by CFEngine out of the box. When it's -used in a promise, it checks to see that the CFEngine client is -running version 3. - -So, to summarize; the promise that you just wrote and executed checked -that the version of CFEngine you are running is at version 3; and if -it is at version 3, it sent the Hello World string to the command -line. - -Now that you have a better understanding of how the syntax works, we -will go over the method we used to execute the policy. The policy that -you wrote, test.cf was manually executed by the cf-agent binary. Prior -to running the @file{cf-agent} command, you checked the promise syntax by -running the @file{cf-promises} binary: -@smallexample -root@@cfhub # cf-promises -f /var/cfengine/inputs/test.cf -@end smallexample -Normally, cf-promises is automatically executed by cf-agent as part of -its run time operations, where, by default, it verifies the -configuration syntax in the @file{promises.cf} file. By adding the -f flag -and specifying a file name and path, you directed cf-promises to check -and verify the specified file only: test.cf. In addition, we chose to -run the policy manually, which is why we invoked cf-agent from the -command line: -@smallexample -root@@cfhub # cf-agent -f /var/cfengine/inputs/test.cf -@end smallexample -As a rule, CFEngine is fully automated and the cf-agent binary is -started by the cf-execd daemon at a user specified interval (defaults -to 5 minutes). Again, in this instance, the agent was manually started -using the -f flag to execute the specified file. - -If you would like to experiment with promise construction and manual -execution, the following link will take you to a web based site -designed for that purpose: Quickstart Promise Editor - @url{http://cfengine.com/policy_wizard/} - -@node CFEngine Client, , Create and Manually Execute a Policy, CFEngine by Example -@unnumberedsubsec CFEngine Client, Server Operations - -In Step 2, we demonstrated how CFEngine operates as a standalone -system. While there may be a few instances where running CFEngine on a -standalone system is ideal; the real power of CFEngine lies in its -ability to perform multiple tasks in a multi-tiered network -environment. To demonstrate the working relationship between a -CFEngine policy server and client, we will set up a client named -cfhost and configure it to pull and execute policies from the cfhub -system, which will be set up as the policy server. Before we start, -it might be helpful to get a `look' at how CFEngine maintains a -configured state in a networked environment. Note that the revision -control system is optional. You only need to place your policy file -into the @file{/var/cfengine/masterfiles} directory, then update the -promises.cf file accordingly. - - -@image{qs1,12cm,,,png} - -The objective of this exercise is to check that a file named -@file{cf_test_file} exists on both the CFEngine policy server and client. If -it does not exists, we are instructing CFEngine to create -it. Additionally, we are directing CFEngine to ensure that the -permissions are set to 644; that it is owned by root; and the group -ownership is the @samp{sys} group. - -@enumerate -@item Create a second test system and name it cfhost. -@item Log on to cfhost; install and configure CFEngine according to the instructions given in Step 1. -@item Open a new terminal window and log on to cfhub. -@item Find the hostname or IP address of cfhub, here we will assume the address is 172.16.100.134 -@item Designate cfhub as the policy server by bootstrapping it using its own IP address: - -@smallexample -root@@cfhub# /var/cfengine/bin/cf-agent --bootstrap 172.16.100.134 -@end smallexample - -@item CFEngine will output diagnostic information upon bootstrap. If all is well you should see the following in the output: - -@smallexample --> Bootstrap to 172.16.100.134 completed successfully -@end smallexample - -@item Return to cfhost and bootstrap it to the IP address of the policy server cfhub: 172.16.100.134 - -@smallexample -root@@cfhost# /var/cfengine/bin/cf-agent --bootstrap 172.16.100.134 -@end smallexample - -Ensure that the bootstrap was successful. If you have problems with this step, the most common issues are related to: - -@table @i -@item Firewall -Make sure port 5308 is open for both incoming and outgoing traffic. -@item Policy access control list (acl) -By default, the hub is available to clients that reside in the same class B network. If some clients are not part of that network, make sure the IPs are added to the acl in @file{/var/cfengine/masterfiles/def.cf}, @code{bundle common def}: -@verbatim - "acl" slist => { - - # Assume /16 LAN clients to start with - "$(sys.policy_hub)/16", - # Add clients' IP addresses (or IP range) here (for - # example: an acl of 192.168.0.0/16 would allow all - # clients that have an IP address that starts with - # 192.168 to connect to the hub) -@end verbatim -@item cf-serverd is not running on the hub -The CFEngine component @code{cf-serverd} takes care of all CFEngine communication. It can take a few minutes after you bootstrapped the hub to itself before this component is started, just wait a bit and retry. -@end table - -@item On cfhub, go to the /var/cfengine/masterfiles directory, create a new file and name it cftest1.cf, then copy the following lines into it: - -@verbatim -bundle agent test -{ -files: - "/tmp/cf_test_file" - comment => "Promise that a plain file exists with stated permissions", - perms => mog("644", "root", "sys"), - create => "true"; -} -@end verbatim - -@item Open the /var/cfengine/masterfiles/promises.cf file and locate the body common control - section: - -@verbatim -body common control -{ -bundlesequence => { "main" }; -inputs => { - "cfengine_stdlib.cf", - }; -version => "Community Promises.cf 1.0.0"; -} -@end verbatim - -Modify this section by adding the new bundle name in the bundlesequence and file name in the input section: - -@verbatim -body common control -{ -bundlesequence => { "main","test" }; - inputs => { - "cfengine_stdlib.cf", - "cftest1.cf", - }; - version => "Community Promises.cf 1.0.0"; -} -@end verbatim - -@item Save the /var/cfengine/masterfiles/promises.cf file. - -@item Return to cfhost and manually start the agent by running: @samp{/var/cfengine/bin/cf-agent -Kv}. The @samp{-K} switch will bypass any locks and the @samp{-v} switch will allow you to see the actual output. - -@item After the agent runs successfully, check to see if the promise was kept by looking for the @file{/tmp/cf_test_file} file on both cfhub and cfhost. -@end enumerate - -Additionally, take a look at the @file{/var/cfengine/inputs} on cfhost; you -will now see the cftest1.cf file, which was moved from cfhub. You will -also notice that the original promises.cf file has been saved and the -@file{promises.cf} file from cfhub is now in its place. - -The exercise above was a simple example utilizing a very -straightforward client/ server setup. CFEngine can scale to fit any -existing environment as illustrated in the image below: - -@image{qs2,12cm,,,png} - -In this example, there are multiple policy distribution servers. Each -policy server acts as a discrete distribution point for policies that -are unique to a specific subset of hosts. Additionally, a CFEngine 3 -Enterprise Hub can act as a policy distribution point for Windows and Macs. The Enterprise Hub also -provides a management and reporting Web interface for all of the -systems that it manages. - -We hope that this document has been a helpful first step in your quest -to unleash the power of CFEngine in your environment! For more -information, please visit the CFEngine Web Site, where you will find a -wealth of documentation; including tips, tricks, tutorial's, manual's, -references, How-To's and cookbooks. - - -@node Next steps, , CFEngine by Example, Top -@unnumberedsec Next steps - -We recommend the following reading: - -@itemize -@item CFEngine Concepts: @url{http://cfengine.com/manuals/cf3-conceptguide.html} -@item Get started, first promises: @url{http://cfengine.com/manuals/cf3-tutorial.html#First-promises} -@end itemize - -@noindent For a complete overview: -@itemize -@item Tutorial: @url{http://cfengine.com/manuals/cf3-tutorial.html} -@item Reference manual: @url{http://cfengine.com/manuals/cf3-Reference.html} -@end itemize - -@noindent Links to external resources: -@itemize -@item Getting Started with CFEngine 3 by Vertical Sysadmin:@* -@url{http://www.verticalsysadmin.com/cfengine/Getting_Started_with_CFEngine_3.pdf} -@item CFEngine 3 Beginning Examples:@* -@url{http://www.verticalsysadmin.com/cfengine/beginning_examples/}@* -This is, basically, a selection from /var/cfengine/share/doc/examples/ which has over 200 examples. -@item "CFEngine 3 Tutorial" by Neil Watson:@* -@url{http://watson-wilson.ca/2011/05/cfengine-3-cookbook-begins.html} -@end itemize - - -@bye diff --git a/docs/guides/cf3-solutions.texinfo.in b/docs/guides/cf3-solutions.texinfo.in deleted file mode 100644 index f9cf041caf..0000000000 --- a/docs/guides/cf3-solutions.texinfo.in +++ /dev/null @@ -1,4365 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-solutions.info -@settitle CFEngine Solutions -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine 3 Solution Guide -@subtitle A CFEngine Handbook -@author CFEngine AS - -@c @smallbook - -@fonttextsize 10 - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2008- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, Introduction , (dir), (dir) -@top CFEngine-Solutions -@end ifnottex - - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@iftex -@contents -@end iftex - -@menu -* Introduction :: -* High level:: -* Low level:: -@end menu - - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** -@node Introduction , High level, Top, Top -@chapter Introduction - -CFEngine 3 has been redesigned to allow modular solution building in -terms of a simple, regular language. This guide explains how to use -the CFEngine Community Open Promise-Body Library to express some -simple idioms and approaches for solving common system problems. - -The solutions presented here are necessarily generic and incomplete, -since local environmental issues always define the boundaries of a -solution in a real setting. A solution guide does not present -finished solutions, but rather hints about how to achieve such -solutions with standardized idioms. - -CFEngine gives you great freedom to craft specific solutions, without -the need for low level coding. For most tasks, you will find the -standardized templates sufficient for your needs, but the possibilties -do not stop there. - -The following resources are available as a supplement to this guide: - -@itemize -@item Community Open Promise-Body Library, the nuts'n'bolts definitions for the solutions presented here: @url{http://cfengine.com/manuals/CfengineStdLibrary.html} -@item Tutorial: @url{http://cfengine.com/manuals/cf-manuals/cf3-tutorial.html } -@item Reference manual: @url{http://cfengine.com/manuals/cf-manuals/cf3-Reference.html } -@end itemize - -If you need assistance in formulating specific solutions for your -system environment, contact CFEngine's Professional Services at -@code{contact@@CFEngine.com}; - -@menu -* Begin - Get started:: -* Create files and directories:: -* Copy single files:: -* Copy directory trees:: -* Editing password or group files:: -* Editing password or group files custom:: -* Disabling and rotating files:: -@c * unit_disable_and_rotate_files.cf:: -@c * unit_disable.cf:: -* Hashing for change detection - tripwire:: -* Command or script execution:: -* Kill process:: -* Restart process:: -* Check filesystem space:: -* Mount a filesystem:: -* Software and patch installation:: -@end menu - -@node Begin - Get started, Create files and directories, Introduction , Introduction -@section Begin - Get Started - -To get started with CFEngine, you can imagine the following template for entering examples. -This part of the code is common to all the examples. @c We include it below for completeness, -@c but you might also like to hide is in yours. - -@verbatim - -body common control -{ -bundlesequence => { "main" }; -inputs => { "cfengine_stdlib.cf" }; -} - - -bundle agent main -{ -# example -} - -@end verbatim -@noindent Then you enter the cases as below. The general pattern -of the syntax is like this (colors in html version: red, CFEngine word; blue, user-defined word): - -@verbatim -# The general pattern - -bundle component name(parameters) -{ -what_type: - where_when:: - - # Traditional comment - - "promiser" -> { "promisee1", "promisee2" }, - comment => "The intention ...", - handle => "unique_id_label", - attribute_1 => body_or_value1, - attribute_2 => body_or_value2; -} - -@end verbatim - -@c ...................................... -@menu -* Create files and directories:: -* Copy single files:: -* Copy directory trees:: -* Editing password or group files:: -* Editing password or group files custom:: -* Disabling and rotating files:: -@c * unit_disable_and_rotate_files.cf:: -@c * unit_disable.cf:: -* Hashing for change detection - tripwire:: -* Command or script execution:: -* Kill process:: -* Restart process:: -* Check filesystem space:: -* Mount a filesystem:: -* Software and patch installation:: -@end menu - -@node Create files and directories, Copy single files, Begin - Get started, Introduction -@section Create files and directories - -Create files and directories and set permissions. - -@verbatim -#CFEexample:unit_create_filedir.cf -@end verbatim - -@c ...................................... -@node Copy single files, Copy directory trees, Create files and directories, Introduction -@section Copy single files - -Copy single files, locally (@code{local_cp}) or from a remote site (@code{secure_cp}). The Community Open Promise-Body Library (COPBL; @file{cfengine_stdlib.cf}) should be included in the @file{/var/cfengine/inputs/} directory and input as below. - -@verbatim -#CFEexample:unit_copy_copbl.cf -@end verbatim - -@c ...................................... -@node Copy directory trees, Editing password or group files, Copy single files, Introduction -@section Copy directory trees - -Copy directory trees, locally (@code{local_cp}) or from a remote site (@code{secure_cp}). (@code{depth_search => recurse("")}) defines the number of sublevels to include, (@code{"inf"}) gets entire tree. - -@verbatim -#CFEexample:unit_copydir_copbl.cf -@end verbatim - -@c ...................................... -@node Editing password or group files, Editing password or group files custom, Copy directory trees, Introduction -@section Editing password or group files - -To change the password of a system, we need to edit a file. A file is -a complex object -- once open there is a new world of possible -promises to make about its contents. CFEngine has bundles of promises -that are specially for editing. - -@verbatim -#CFEexample:unit_edit_passwd_file_basic.cf -@end verbatim - -@c ...................................... -@node Editing password or group files custom, Disabling and rotating files, Editing password or group files, Introduction -@section Editing password or group files custom - -In this example the bundles from the Community Open Promise-Body Library are included directly in the policy instead of being input as a separate file. - -@verbatim -#CFEexample:unit_edit_passwd_file.cf -@end verbatim - - -@c ...................................... -@node Disabling and rotating files, Hashing for change detection - tripwire, Editing password or group files custom, Introduction -@section Disabling and rotating files - -Use the following simple steps to disable and rotate files. See the Community Open Promise-Body Library if you wish more details on what @code{disable} and @code{rotate} does. - -@verbatim -#CFEexample:unit_disable.cf -@end verbatim - -@c ...................................... -@node Hashing for change detection - tripwire, Command or script execution, Disabling and rotating files, Introduction -@section Hashing for change detection (tripwire) - -Change detection is a powerful and easy way to monitor your environment, increase awareness and harden your system against security breaches. - -@verbatim -#CFEexample:unit_change_detect.cf -@end verbatim - -@c ...................................... -@node Command or script execution, Kill process, Hashing for change detection - tripwire, Introduction -@section Command or script execution - -Execute a command, for instance to start a MySQL service. Note that simple shell commands like @code{rm} or @code{mkdir} cannot be managed by CFEngine, so none of the protections that CFEngine offers can be applied to the process. Moreover, this starts a new process, adding to the burden on the system. See CFEngine 3 Best Practices @url{http://cfengine.com/manuals/cf3-bestpractice.html} for more information on how to best write policies. - -@verbatim -#CFEexample:unit_commands.cf -@end verbatim - -@c ...................................... -@node Kill process, Restart process, Command or script execution, Introduction -@section Kill process - -@verbatim -#CFEexample:unit_process_kill.cf -@end verbatim - -@c ...................................... -@node Restart process, Check filesystem space, Kill process, Introduction -@section Restart process - -A basic pattern for restarting processes: -@verbatim -#CFEexample:unit_process_restart_basic.cf -@end verbatim -This can be made more sophisticated to handle generic lists: -@verbatim -#CFEexample:unit_process_restart.cf -@end verbatim - -Why? Separating this into two parts gives a high level of control -and conistency to CFEngine. There are many options for command execution, like -the ability to run commands in a sandbox or as `setuid'. These should not be -reproduced in @code{processes}. - -@c ...................................... -@node Check filesystem space, Mount a filesystem, Restart process, Introduction -@section Check filesystem space - -@verbatim -#CFEexample:unit_diskfree.cf -@end verbatim - -@c ...................................... -@node Mount a filesystem, Software and patch installation, Check filesystem space, Introduction -@section Mount a filesystem - -@verbatim -#CFEexample:unit_mount_fs.cf -@end verbatim - -@c ...................................... -@node Software and patch installation, , Mount a filesystem, Introduction -@section Software and patch installation - -Example for Debian: -@verbatim -#CFEexample:unit_package_apt.cf -@end verbatim -Examples MSI for Windows, by name: -@verbatim -#CFEexample:unit_package_msi_file.cf -@end verbatim -Windows MSI by version: -@verbatim -#CFEexample:unit_package_msi_version.cf -@end verbatim -Examples for solaris are more complex: -@verbatim -#CFEexample:unit_package_solaris.cf -@end verbatim -Examples for yum based systems: -@verbatim -#CFEexample:unit_package_yum.cf -@end verbatim -SuSE Linux's package manager zypper is the most powerful alternative: -@verbatim -#CFEexample:unit_package_zypper.cf -@end verbatim - - - - - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** -@node High level, Low level, Introduction , Top -@chapter High level - -@page -@c ----------------------------------------------------------------------- -@menu -* Centralized Management:: -* All hosts the same:: -* Variation in hosts:: -* Updating from a central hub:: -* Change detection:: -* Garbage collection:: -* Distribute root passwords:: -* Distribute ssh keys:: -* Laptop support configuration:: -* Find MAC address:: -* Log rotation:: -* Manage a system file:: -* Simple template:: -* Simple versioned template:: -* Macro template:: -* Custom editing:: -* Manage a system process:: -* Ensure running:: -* Ensure not running:: -* Prune processes:: -* Manage users:: -* Add users:: -* Remove users:: -* Postfix mail configuration:: -* Set up HPC clusters:: -* Set up name resolution:: -* Set up sudo:: -* Set up a web server:: -* Templating:: -@end menu - - -@node Centralized Management, All hosts the same, High level, High level -@section Centralized Management - -These examples show a simple setup for starting with a central approach to management of -servers. Centralization of management is a simple approach suitable for small environments -with few requirements. It is useful for clusters where systems are all alike. - -@c ----------------------------------------------------------------------- -@menu -* All hosts the same:: -* Variation in hosts:: -* Updating from a central hub:: -@end menu - -@node All hosts the same, Variation in hosts, Centralized Management, High level -@section All hosts the same - -This shows the simplest approach in which all hosts are the same. It is too simple -for most environments, but it serves as a starting point. Compare it to the next -section that includes variation. - -@verbatim - -body common control - { - bundlesequence => { "central" }; - } - - -############################################ - -bundle agent central - -{ -vars: - - "policy_server" string => "myhost.domain.tld"; - - "mypackages" slist => { - "nagios" - "gcc", - "apache2", - "php5" - }; - -files: - - # Password management can be very simple if all hosts are identical - - "/etc/passwd" - - comment => "Distribute a password file", - perms => mog("644","root","root"), - copy_from => secure_cp("/home/mark/LapTop/words/RoadAhead","$(policy_server)"); - -packages: - - "$(mypackages)" - - package_policy => "add", - package_method => generic; - - -# Add more promises below ... - -} - - -######################################################### -# Server config -######################################################### - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1", "10.20.30" }; -allowallconnects => { "127.0.0.1" , "::1", "10.20.30" }; -trustkeysfrom => { "127.0.0.1" , "::1", "10.20.30" }; -# allowusers -} - -######################################################### - -bundle server access_rules() - -{ -access: - - # myhost.domain.tld makes this file available to 10.20.30* - - myhost_domain_tld:: - - "/etc/passwd" - - admit => { "127.0.0.1", "10.20.30" }; -} - -@end verbatim - - -@c ----------------------------------------------------------------------- -@node Variation in hosts, Updating from a central hub, All hosts the same, High level -@section Variation in hosts - - -@verbatim - -body common control - { - bundlesequence => { "central" }; - } - - -############################################ - -bundle agent central - -{ -classes: - - "mygroup_1" or => { "myhost", "host1", "host2", "host3" }; - "mygroup_2" or => { "host4", "host5", "host6" }; - -vars: - - "policy_server" string => "myhost.domain.tld"; - - mygroup_1:: - - "mypackages" slist => { - "nagios" - "gcc", - "apache2", - "php5" - }; - - mygroup_2:: - - "mypackages" slist => { - "apache" - "mysql", - "php5" - }; - - -files: - - # Password management can be very simple if all hosts are identical - - "/etc/passwd" - - comment => "Distribute a password file", - perms => mog("644","root","root"), - copy_from => secure_cp("/etc/passwd","$(policy_server)"); - -packages: - - "$(mypackages)" - - package_policy => "add", - package_method => generic; - - -# Add more promises below ... - -} - - -######################################################### -# Server config -######################################################### - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1", "10.20.30" }; -allowallconnects => { "127.0.0.1" , "::1", "10.20.30" }; -trustkeysfrom => { "127.0.0.1" , "::1", "10.20.30" }; -# allowusers -} - -######################################################### - -bundle server access_rules() - -{ -access: - - # myhost.domain.tld makes this file available to 10.20.30* - - myhost_domain_tld:: - - "/etc/passwd" - - admit => { "127.0.0.1", "10.20.30" }; -} - -@end verbatim - -@c ----------------------------------------------------------------------- -@node Updating from a central hub, Change detection, Variation in hosts, High level -@section Updating from a central hub - - -The configuration bundled with the CFEngine source code contains an -example of centralized updating of policy that covers more subtleties -than this example, and handles fault tolerance. Here is the main idea -behind it. For simplicity, we assume that all hosts are on network -10.20.30.* and that the central policy server/hub is 10.20.30.123. - -@verbatim - -bundle agent update -{ -vars: - - "master_location" string => "/var/cfengine/masterfiles"; - - "policy_server" string => "10.20.30.123"; - comment => "IP address to locate your policy host."; - -files: - - "$(sys.workdir)/inputs" - - perms => system("600"), - copy_from => remote_cp("$(master_location)",$(policy_server)), - depth_search => recurse("inf"); -} - -####################################################### - -body server control - -{ -allowconnects => { "127.0.0.1" , "10.20.30" }; -allowallconnects => { "127.0.0.1" , "10.20.30" }; -trustkeysfrom => { "127.0.0.1" , "10.20.30" }; -} - -####################################################### - -bundle server access_rules() -{ -access: - - 10_20_30_123:: - - "/var/cfengine/masterfiles" - - admit => { "127.0.0.1", "10.20.30" }; -} - - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Change detection, Garbage collection, Updating from a central hub, High level -@section Change detection - - -@verbatim - -body common control - -{ -bundlesequence => { "testbundle" }; - -inputs => { "cfengine_stdlib.cf" }; -} - -######################################################## - -bundle agent testbundle - -{ -files: - - "/usr" - - changes => detect_all_change, - depth_search => recurse("inf"), - action => background; -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Garbage collection, Distribute root passwords, Change detection, High level -@section Garbage collection - - -@verbatim - -body common control -{ -bundlesequence => { "garbage_collection" }; -inputs => { "cfengine_stdlib.cf" }; -} - - -bundle agent garbage_collection -{ -files: - - Sunday:: - - "$(sys.workdir)/nova_repair.log" - - comment => "Rotate the promises repaired logs each week", - rename => rotate("7"), - action => if_elapsed("10000"); - - "$(sys.workdir)/nova_notkept.log" - - comment => "Rotate the promises not kept logs each week", - rename => rotate("7"), - action => if_elapsed("10000"); - - "$(sys.workdir)/promise.log" - - comment => "Rotate the promises not kept logs each week", - rename => rotate("7"), - action => if_elapsed("10000"); - - any:: - - "$(sys.workdir)/outputs" - - comment => "Garbage collection of any output files", - delete => tidy, - file_select => days_old("3"), - depth_search => recurse("inf"); - - "$(sys.workdir)/" - - comment => "Garbage collection of any output files", - delete => tidy, - file_select => days_old("14"), - depth_search => recurse("inf"); - - # Other resources - - "/tmp" - - comment => "Garbage collection of any temporary files", - delete => tidy, - file_select => days_old("3"), - depth_search => recurse("inf"); - - "/var/log/apache2/.*bz" - - comment => "Garbage collection of rotated log files", - delete => tidy, - file_select => days_old("30"), - depth_search => recurse("inf"); - - "/var/log/apache2/.*gz" - - comment => "Garbage collection of rotated log files", - delete => tidy, - file_select => days_old("30"), - depth_search => recurse("inf"); - - "/var/log/zypper.log" - - comment => "Prevent the zypper log from choking the disk", - rename => rotate("0"), - action => if_elapsed("10000"); - -} - - -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Distribute root passwords, Distribute ssh keys, Garbage collection, High level -@section Distribute root passwords - - -@verbatim -###################################################################### -# -# Root password distribution -# -###################################################################### - -body common control - -{ -version => "1.2.3"; -bundlesequence => { "SetRootPassword" }; -} - -######################################################## - -bundle common g -{ -vars: - - "secret_keys_dir" string => "/tmp"; -} - -######################################################## - -bundle agent SetRootPassword - -{ -files: - - "/var/cfengine/ppkeys/rootpw.txt" - - copy_from => scp("$(sys.fqhost)-root.txt","master_host.example.org"); - - # or $(pw_class)-root.txt - - # Or get variables directly from server woth Nova - - "remote-passwd" string => remotescalar("rem_password","127.0.0.1","yes"); - - # Test this on a copy - - "/tmp/shadow" - - edit_line => SetRootPw; - -} - -######################################################## - -bundle edit_line SetRootPw - { - vars: - - # Assume this file contains a single string of the form root:passwdhash: - # with : delimiters to avoid end of line/file problems - - "pw" int => readstringarray("rpw","$(sys.workdir)/ppkeys/rootpw.txt", - "#[^\n]*",":","1","200"); - - field_edits: - - "root:.*" - - # Set field of the file to parameter - - edit_field => col(":","2","$(rpw[1])","set"); - } - -######################################################## - -bundle server passwords -{ -vars: - - # Read a file of format - # - # classname: host1,host2,host4,IP-address,regex.*,etc - # - - "pw_classes" int => readstringarray("acl","$(g.secret_keys_dir)/classes.txt", - "#[^\n]*",":","100","4000"); - "each_pw_class" slist => getindices("acl"); - -access: - - "/secret/keys/$(each_pw_class)-root.txt" - - admit => splitstring("$(acl[$(each_pw_class)][1])" , ":" , "100"), - ifencrypted => "true"; - -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Distribute ssh keys, Laptop support configuration, Distribute root passwords, High level -@section Distribute ssh keys - - -@verbatim -# Assume that we have collected all users' public keys into a single source area -# on the server. First copy the ones we need to localhost, and then edit them into -# the the user's local keyring. - - # vars: - # - # "users" slist => { "user1", "user2", ...}; - # - # methods: - # - # "any" usebundle => allow_ssh_login_from_authorized_keys(@(users),"sourcehost"); - # - -######################################################################## - -bundle agent allow_ssh_rootlogin_from_authorized_keys(user,sourcehost) -{ -vars: - - "local_cache" string => "/var/cfengine/ssh_cache"; - "authorized_source" string => "/master/CFEngine/ssh_keys"; - -files: - - "$(local_cache)/$(user).pub" - - comment => "Copy public keys from a an authorized cache into a cache on localhost", - perms => mo("600","root"), - copy_from => remote_cp("$(authorized_source)/$(user).pub","$(sourcehost)"), - action => if_elapsed("60"); - - "/root/.ssh/authorized_keys" - - comment => "Edit the authorized keys into the user's personal keyring", - edit_line => insert_file_if_no_line_matching("$(user)","$(local_cache)/$(user).pub"), - action => if_elapsed("60"); -} - -######################################################################## - -bundle agent allow_ssh_login_from_authorized_keys(user,sourcehost) -{ -vars: - - "local_cache" string => "/var/cfengine/ssh_cache"; - "authorized_source" string => "/master/CFEngine/ssh_keys"; - -files: - - "$(local_cache)/$(user).pub" - - comment => "Copy public keys from a an authorized cache into a cache on localhost", - perms => mo("600","root"), - copy_from => remote_cp("$(authorized_source)/$(user).pub","$(sourcehost)"), - action => if_elapsed("60"); - - "/home/$(user)/.ssh/authorized_keys" - - comment => "Edit the authorized keys into the user's personal keyring", - edit_line => insert_file_if_no_line_matching("$(user)","$(local_cache)/$(user).pub"), - action => if_elapsed("60"); -} - -######################################################################## - -bundle edit_line insert_file_if_no_line_matching(user,file) -{ -classes: - - "have_user" expression => regline("$(user).*","$(this.promiser)"); - -insert_lines: - - !have_user:: - - "$(file)" - insert_type => "file"; -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Laptop support configuration, Find MAC address, Distribute ssh keys, High level -@section Laptop support configuration - -Laptops do not need a lot of confguration support. IP addresses are -set by DHCP and conditions are changeable. But you want to set your -DNS search domains to familiar settings in spite of local DHCP -configuration, and another useful trick is to keep a regular backup of -disk changes on the local disk. This won't help against disk -destruction, but it is a huge advantage when your user accidentally -deletes files while travelling or offline. - -@verbatim -####################################################### -# -# Laptop -# -####################################################### - -body common control - -{ -bundlesequence => { - "update", - "garbage_collection", - "main", - "backup", - }; - -inputs => { - "update.cf", - "site.cf", - "library.cf" - }; -} - -####################################################### - -body agent control -{ -# if default runtime is 5 mins we need this for long jobs -ifelapsed => "15"; -} - -####################################################### - -body monitor control -{ -forgetrate => "0.7"; -} - -####################################################### - -body executor control - -{ -splaytime => "1"; -mailto => "mark@iu.hio.no"; -smtpserver => "localhost"; -mailmaxlines => "30"; - -# Instead of a separate update script, now do this - -exec_command => "$(sys.workdir)/bin/cf-agent -f failsafe.cf && $(sys.workdir)/bin/cf-agent"; -} - -####################################################### -# General site issues can be in bundles like this one -####################################################### - -bundle agent main - -{ -vars: - - "component" slist => { "cf-monitord", "cf-serverd" }; - - # - - - - - - - - - - - - - - - - - - - - - - - - - -files: - - "$(sys.resolv)" # test on "/tmp/resolv.conf" # - - create => "true", - edit_line => resolver, - edit_defaults => def; - -processes: - - "$(component)" restart_class => canonify("start_$(component)"); - - # - - - - - - - - - - - - - - - - - - - - - - - - - -commands: - - "$(sys.workdir)/bin/$(component)" - - ifvarclass => canonify("start_$(component)"); -} - -####################################################### -# Backup -####################################################### - -bundle agent backup -{ -files: - - "/home/backup" - - copy_from => cp("/home/mark"), - depth_search => recurse("inf"), - file_select => exclude_files, - action => longjob; - -} - -####################################################### -# Garbage collection issues -####################################################### - -bundle agent garbage_collection -{ -files: - - "$(sys.workdir)/outputs" - - delete => tidy, - file_select => days_old("3"), - depth_search => recurse("inf"); - - -} - -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Find MAC address, Log rotation, Laptop support configuration, High level -@section Find the MAC address - -Finding the ethernet address can be hard, but on Linux it is straightforward. - -@verbatim -bundle agent test -{ -vars: - -linux:: - "interface" string => execresult("/sbin/ifconfig eth0","noshell"); - -solaris:: - "interface" string => execresult("/usr/sbin/ifconfig bge0","noshell"); - -freebsd:: - "interface" string => execresult("/sbin/ifconfig le0","noshell"); - -darwin:: - "interface" string => execresult("/sbin/ifconfig en0","noshell"); - -classes: - - linux:: - - "ok" expression => regextract( - ".*HWaddr ([^\s]+).*(\n.*)*", - "$(interface)", - "mac" - ); - - solaris:: - - "ok" expression => regextract( - ".*ether ([^\s]+).*(\n.*)*", - "$(interface)", - "mac" - ); - - freebsd:: - - "ok" expression => regextract( - ".*ether ([^\s]+).*(\n.*)*", - "$(interface)", - "mac" - ); - - darwin:: - - "ok" expression => regextract( - "(?s).*ether ([^\s]+).*(\n.*)*", - "$(interface)", - "mac" - ); - -reports: - -ok:: - - "MAC address is $(mac[1])"; - -} - -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Log rotation, Manage a system file, Find MAC address, High level -@section Log rotation - - -@verbatim - -body common control - { - bundlesequence => { "testbundle" }; - } - - -############################################ - -bundle agent testbundle - -{ -files: - - "/home/mark/tmp/rotateme" - - rename => rotate("4"); -} - -############################################ - -body rename rotate(level) - -{ -rotate => "$(level)"; -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Manage a system file, Simple template, Log rotation, High level -@section Manage a system file - - -@menu -* Simple template:: -* Simple versioned template:: -* Macro template:: -* Custom editing:: -@end menu - -@node Simple template, Simple versioned template, Manage a system file, High level -@section Simple template - -@verbatim -bundle agent hand_edited_config_file -{ -vars: - - "file_template" string => - -" -# Syntax: -# -# IP-Address Full-Qualified-Hostname Short-Hostname -# - -127.0.0.1 localhost -::1 localhost ipv6-localhost ipv6-loopback -fe00::0 ipv6-localnet -ff00::0 ipv6-mcastprefix -ff02::1 ipv6-allnodes -ff02::2 ipv6-allrouters -ff02::3 ipv6-allhosts -10.0.0.100 host1.domain.tld host1 -10.0.0.101 host2.domain.tld host2 -10.0.0.20 host3.domain.tld host3 -10.0.0.21 host4.domain.tld host4 -"; - -############################################################## - -files: - - "/etc/hosts" - - comment => "Define the content of all host files from this master source", - create => "true", - edit_line => append_if_no_lines("$(file_template)"), - edit_defaults => empty, - perms => mo("$(mode)","root"), - action => if_elapsed("60"); -} - -@end verbatim - - -@node Simple versioned template, Macro template, Simple template, High level -@section Simple versioned template - -The simplest approach to managing a file is to maintain a master copy by hand, keeping it -in a version controlled repository (e.g. svn), and installing this version on the end machine. - -We'll assume that you have a version control repository that is located on some independent server, and has been -checked out manually once (with authentication) in @file{/mysite/masterfiles}. - -@verbatim -bundle agent hand_edited_config_file -{ -vars: - - "masterfiles" string => "/mysite/masterfiles"; - "policy_server" string => "policy_host.domain.tld"; - -files: - - "/etc/hosts" - - comment => "Synchronize hosts with a hand-edited template in svn", - perms => m("644"), - copy_from => remote_cp("$(masterfiles)/trunk/hosts_master","$(policy_server)"); - -commands: - - - "/usr/bin/svn update" - - comment => "Update the company document repository including manuals to a local copy", - contain => silent_in_dir("$(masterfiles)/trunk"), - ifvarclass => canonify("$(policy_server)"); - -} - -@end verbatim - -@node Macro template, Custom editing, Simple versioned template, High level -@section Macro template - -The next simplest approach to file management is to add variables to -the template that will be expanded into local values at the end -system, e.g. using variables like @samp{$(sys.host)} for the name of -the host within the body of the versioned template. - -@verbatim -bundle agent hand_edited_template -{ -vars: - - "masterfiles" string => "/mysite/masterfiles"; - "policy_server" string => "policy_host.domain.tld"; - -files: - - "/etc/hosts" - - comment => "Synchronize hosts with a hand-edited template in svn", - perms => m("644"), - create => "true", - edit_line => expand_template("$(masterfiles)/trunk/hosts_master"), - edit_defaults => empty, - action => if_elapsed("60"); - -commands: - - - "/usr/bin/svn update" - - comment => "Update the company document repository including manuals to a local copy", - contain => silent_in_dir("$(masterfiles)/trunk"), - ifvarclass => canonify("$(policy_server)"); - -} - -@end verbatim - -@noindent The macro template file may contain variables, as below, -that get expanded by CFEngine. - -@smallexample -# Syntax: -# -# IP-Address Full-Qualified-Hostname Short-Hostname -# - -127.0.0.1 localhost $(sys.host) -::1 localhost ipv6-localhost ipv6-loopback -fe00::0 ipv6-localnet -ff00::0 ipv6-mcastprefix -ff02::1 ipv6-allnodes -ff02::2 ipv6-allrouters -ff02::3 ipv6-allhosts -10.0.0.100 host1.domain.tld host1 -10.0.0.101 host2.domain.tld host2 -10.0.0.20 host3.domain.tld host3 -10.0.0.21 host4.domain.tld host4 - -# Add below this line - -$(definitions.more_hosts) -@end smallexample - - -@node Custom editing, Manage a system process, Macro template, High level -@section Custom editing - -If you do not control the starting state of the file, because it is distributed by -an operating system vendor for instance, then editing the final state is the best approach. -That way, you will get changes that are made by the vendor, and will ensure your own -modifications are kept even when updates arrive. - -@verbatim -bundle agent modifying_managed_file -{ -vars: - - "data" slist => { "10.1.2.3 sirius", "10.1.2.4 ursa-minor", "10.1.2.5 orion"}; - -files: - - "/etc/hosts" - - comment => "Append a list of lines to the end of a file if they don't exist", - perms => m("644"), - create => "true", - edit_line => append_if_no_lines("modifying_managed_file.data"), - action => if_elapsed("60"); - - -} - -@end verbatim - -Another example shows how to set the values of variables -using a data-driven approach and methods from the -standard library. -@verbatim -####################################################### -# -# Edit variable = value in a text file -# -####################################################### - -body common control - -{ -bundlesequence => { "testsetvar" }; -} - -####################################################### - -bundle agent testsetvar - -{ -vars: - - "v[variable_1]" string => "value_1"; - "v[variable_2]" string => "value_2"; - -files: - - "/tmp/test_setvar" - - edit_line => set_variable_values("testsetvar.v"); -} - -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Manage a system process, Ensure running, Custom editing, High level -@section Manage a system process - -@menu -* Ensure running:: -* Ensure not running:: -* Prune processes:: -@end menu - -@node Ensure running, Ensure not running, Manage a system process, High level -@section Ensure running - -The simplest example might look like this: - -@verbatim - -bundle agent restart_process -{ -processes: - - "httpd" - - comment => "Make sure apache web server is running", - restart_class => "restart_httpd"; - -commands: - - restart_httpd:: - - "/etc/init.d/apache2 restart"; - -} - -@end verbatim - - -This example shows how the CFEngine components could be started using a pattern. -@verbatim - -bundle agent CFEngine_processes -{ -vars: - - "components" slist => { "cf-execd", "cf-monitord", "cf-serverd", "cf-hub" }; - -processes: - - "$(components)" - - comment => "Make sure server parts of CFEngine are running", - restart_class => canonify("start_$(component)"); - -commands: - - "$(sys.workdir)/bin/$(component)" - - comment => "Make sure server parts of CFEngine are running", - ifvarclass => canonify("start_$(components)"); - -} - -@end verbatim - -@node Ensure not running, Prune processes, Ensure running, High level -@section Ensure not running - - -@verbatim - -bundle agent restart_process -{ -vars: - - "killprocs" slist => { "snmpd", "gameserverd", "irc", "crack" }; - -processes: - - "$(killprocs)" - - comment => "Make processes are not running", - signals => { "term", "kill" }; -; -} - -@end verbatim - -@node Prune processes, Manage users, Ensure not running, High level -@section Prune processes - -This example kills processes owned by a particular user that have exceeded 100000 bytes of -resident memory. - -@verbatim - -body common control -{ -bundlesequence => { "testbundle" }; -} - -######################################################## - -bundle agent testbundle - -{ -processes: - - ".*" - - process_select => big_processes("mark"), - signals => { "term" }; -} - -######################################################## - -body process_select big_processes(o) - -{ -process_owner => { "$(o)" }; -rsize => irange("100000","900000"); -process_result => "rsize.process_owner"; -} - -@end verbatim - - - - - - -@page -@c ----------------------------------------------------------------------- -@node Manage users, Add users, Prune processes, High level -@section Manage users - -There are many approaches to managing users. You can edit system files like @file{/etc/passwd} -directly, or you can use commands on some systems like @samp{useradd} or @samp{adduser}. -In all cases it is desirable to make this a data-driven process. - -@menu -* Add users:: -* Remove users:: -@end menu - -@node Add users, Remove users, Manage users, High level -@section Add users - -A simple approach which adds new users to the password file, and to a -group called @samp{users} in the group file. Is shown below. This example -does not edit the shadow file. A simple pattern that can be modified for -use is shown below. - -Note that, although this is a simple minded approach, it is the most efficient -of the approaches shown here as all operations can be carried out in a single -operation for each file. -@verbatim -bundle agent addusers -{ -vars: - - # Add some users - - "pw[mark]" string => "mark:x:1000:100:Mark Burgess:/home/mark:/bin/bash"; - "pw[fred]" string => "fred:x:1001:100:Right Said:/home/fred:/bin/bash"; - "pw[jane]" string => "jane:x:1002:100:Jane Doe:/home/jane:/bin/bash"; - - "users" slist => getindices("pw"); - -files: - - "/etc/passwd" - edit_line => append_users_starting("addusers.pw"); - -# "/etc/shadow" -# edit_line => append_users_starting("$(users):defaultpasswd:::::::"); - - "/etc/group" - edit_line => append_user_field("users","4","@(addusers.users)"); - - "/home/$(users)/." - - create => "true", - perms => mog("755","$(users)","users"); -} - -@end verbatim - -A second approach is to use the shell commands supplied by some operating systems; -this assumes that suitable defaults have been set up manually. Also the result -is not repairable in a simple convergent manner. The command needs to edit multiple -files for each user, and is quite inefficient. - -@verbatim -bundle agent addusers -{ -vars: - - "users" slist => { "mark", "fred", "jane" }; - -commands: - - "/usr/sbin/useradd $(users)"; -} - -@end verbatim -An alternative approach is to use a method to wrap around the handling of a user. -Although this looks nice, it is less efficient than the first method because it -must edit the files multiple times. -@verbatim -bundle agent addusers -{ -vars: - - # Add some users - - "pw[mark]" string => "mark:x:1000:100:Mark Burgess:/home/mark:/bin/bash"; - "pw[fred]" string => "fred:x:1001:100:Right Said:/home/fred:/bin/bash"; - "pw[jane]" string => "jane:x:1002:100:Jane Doe:/home/jane:/bin/bash"; - - "users" slist => getindices("pw"); - -methods: - - "any" usebundle => user_add("$(users)","$(pw[$(users)])"); - -} - -bundle agent user_add(x,pw) -{ -files: - - "/etc/passwd" - edit_line => append_users_starting("addusers.pw"); - -# "/etc/shadow" -# edit_line => append_users_starting("$(users):defaultpasswd:::::::"); - - "/etc/group" - edit_line => append_user_field("users","4","@(addusers.users)"); - - "/home/$(users)/." - - create => "true", - perms => mog("755","$(users)","users"); -} - -@end verbatim - - -@node Remove users, Postfix mail configuration, Add users, High level -@section Remove users - - -@page -@c ----------------------------------------------------------------------- -@node Postfix mail configuration, Set up HPC clusters, Remove users, High level -@section Postfix mail configuration - -@verbatim -####################################################### -# -# Postfix -# -####################################################### - -body common control - -{ -any:: - - bundlesequence => { - postfix - }; -} - -####################################################### - -bundle agent postfix - -{ -vars: - - "prefix" string => "/etc"; - "smtpserver" string => "localhost"; - "mailrelay" string => "mailx.example.org"; - -files: - - "$(prefix)/main.cf" - edit_line => prefix_postfix; - - "$(prefix)/sasl-passwd" - create => "true", - perms => mo("0600","root"), - edit_line => append_if_no_line("$(smtpserver) _$(sys.fqhost):chmsxrcynz4etfrejizhs22"); -} - -####################################################### -# For the library -####################################################### - -bundle edit_line prefix_postfix - -{ -# -# Value have the form NAME = "quoted space separated list" -# -vars: - - "ps[relayhost]" string => "[$(postfix.mailrelay)]:587"; - "ps[mydomain]" string => "iu.hio.no"; - "ps[smtp_sasl_auth_enable]" string => "yes"; - "ps[smtp_sasl_password_maps]" string => "hash:/etc/postfix/sasl-passwd"; - "ps[smtp_sasl_security_options]" string => ""; - "ps[smtp_use_tls]" string => "yes"; - "ps[default_privs]" string => "mailman"; - "ps[inet_protocols]" string => "all"; - "ps[inet_interfaces]" string => "127.0.0.1"; - - "parameter_name" slist => getindices("ps"); - -delete_lines: - - "$(parameter_name).*"; - -insert_lines: - - "$(parameter_name) = $(ps[$(parameter_name)])"; - -} - -######################################################## - -bundle edit_line AppendIfNSL(parameter) - { - insert_lines: - - "$(parameter)"; # This is default - } - -@end verbatim - - - -@node Set up HPC clusters, Set up name resolution, Postfix mail configuration, High level -@section Set up HPC clusters - -HPC cluster machines are usually all identical, so the CFEngine -configuration is very simple. HPC clients value CPU and memory -resources, so we can shut down unnecessary services to save CPU. -We can also change the scheduling rate of CFEngine to run less frequently, -and save a little: - -@verbatim - -####################################################### - -body executor control - -{ -splaytime => "1"; -mailto => "cfengine@example.com"; -smtpserver => "localhost"; -mailmaxlines => "30"; - -# Once per hour, on the hour - -schedule => { "Min00_05" }; -} - -####################################################### - -bundle agent services_disable -{ -vars: - - # list all of xinetd services (case sensitive) - - "xinetd_services" slist => { - "imap", - "imaps", - "ipop2", - "ipop3", - "krb5-telnet", - "klogin", - "kshell", - "ktalk", - "ntalk", - "pop3s", - - }; -methods: - - # perform the actual disable all xinetd services according to the list above - - "any" usebundle => disable_xinetd("$(xinetd_services)"); - -processes: - - "$(xinetd_services)" - - signals => { "kill" }; - -} - -############################################################################### - -bundle agent disable_xinetd(name) -{ - vars: - "status" string => execresult("/sbin/chkconfig --list $(name)", "useshell"); - - classes: - "on" expression => regcmp(".*on.*","$(status)"); - - commands: - on:: - "/sbin/chkconfig $(name) off", - comment => "disable $(name) service"; - - reports: - on:: - "disable $(name) service."; - -} -@end verbatim - - - - - -@page -@c ----------------------------------------------------------------------- -@node Set up name resolution, Set up sudo, Set up HPC clusters, High level -@section Set up name resolution - -There are many ways to do name resolution setup@footnote{In CFEngine 2 -there is a separate action type for configuring the system -resolver. In CFEngine 3 this has been deprecated for this standard -method using the basic functionality of CFEngine.} We write a reusable -bundle using the editing features. - -A simple and straightforward approach is to maintain -a separate modular bundle for this task. This avoids -too many levels of abstraction and keeps all the information -in one place. We implement this as a simple editing promise -for the @file{/etc/resolv.conf} file. -@verbatim - -bundle agent system_files - -{ -files: - - "$(sys.resolv)" # test on "/tmp/resolv.conf" # - - comment => "Add lines to the resolver configuration", - create => "true", - edit_line => resolver, - edit_defaults => std_edits; - - # ...other system files ... - -} - -####################################################### - -bundle edit_line resolver - -{ -delete_lines: - - # delete any old name servers or junk we no longer need - - "search.*"; - "nameserver 80.65.58.31"; - "nameserver 80.65.58.32"; - "nameserver 82.103.128.146"; - "nameserver 78.24.145.4"; - "nameserver 78.24.145.5"; - "nameserver 128.39.89.10"; - -insert_lines: - - "search mydomain.tld" location => start; - - special_net:: - - "nameserver 128.39.89.8"; - "nameserver 128.39.74.66"; - - !special_net:: - - "nameserver 128.38.34.12"; - - any:: - - "nameserver 212.112.166.18"; - "nameserver 212.112.166.22"; -} - -@end verbatim - -A second approach is to try to conceal the operational details -behind a veil of abstraction. - -@verbatim - -bundle agent system_files -{ -vars: - - "searchlist" string => "iu.hio.no CFEngine.com"; - - "nameservers" slist => { - "128.39.89.10", - "128.39.74.16", - "192.168.1.103" - }; -files: - - "$(sys.resolv)" # test on "/tmp/resolv.conf" # - create => "true", - edit_line => doresolv("$(s)","@(this.n)"), - edit_defaults => empty; - - # .... - -} - -####################################################### - -bundle edit_line doresolv(search,names) - -{ -insert_lines: - "search $(search)"; - "nameserver $(names)"; -} - -@end verbatim - -@noindent DNS is not the only name service, of course. -Unix has its older @file{/etc/hosts} file which can also -be managed using file editing. We simply append this to the -@code{system_files} bundle. - -@verbatim -bundle agent system_files -{ - -# ... - -files: - - "/etc/hosts" - - comment => "Add hosts to the /etc/hosts file", - edit_line => fix_etc_hosts; -} - -########################################################### - -bundle edit_line fix_etc_hosts -{ -vars: - - "names[127.0.0.1]" string => "localhost localhost.CFEngine.com"; - "names[128.39.89.12]" string => "myhost myhost.CFEngine.com"; - "names[128.39.89.13]" string => "otherhost otherhost.CFEngine.com"; - - # etc - - "i" slist => getindices("names"); - -insert_lines: - - "$(i) $(names[$(i)])"; - -} - -@end verbatim - - - - - -@page -@c ----------------------------------------------------------------------- -@node Set up sudo, Set up a web server, Set up name resolution, High level -@section Set up sudo - -Setting up @code{sudo} is straightforward, and is best managed by copying trusted -files from a repository. -@verbatim -bundle agent system_files -{ -vars: - - "masterfiles" string => "/subversion_projects/masterfiles"; - -# ... - -files: - - "/etc/sudoers" - - comment => "Make sure the sudo configuration is secure and up to date", - perms => mog("440","root","root"), - copy_from => secure_cp("$(masterfiles)/sudoers","$(policy_server)"); - -} - -@end verbatim - - - - - -@page -@c ----------------------------------------------------------------------- -@node Set up a web server, Templating, Set up sudo, High level -@section Set up a web server - -Adapt this template to your operating system by adding multiple -classes. Each web server runs something like the present module, -which is entered into the bundlesequence like this: - -@verbatim -##################################################### -# -# Apache webserver module -# -##################################################### - -bundle agent web_server(state) -{ -vars: - - "document_root" string => "/"; - - #################################################### - # Site specific configuration - put it in this file - #################################################### - - "site_http_conf" string => "/home/mark/CFEngine-inputs/httpd.conf"; - - #################################################### - # Software base - #################################################### - - "match_package" slist => { - "apache2", - "apache2-mod_php5", - "apache2-prefork", - "php5" - }; - - ######################################################### - -processes: - - web_ok.on:: - - "apache2" - - restart_class => "start_apache"; - - off:: - - "apache2" - - process_stop => "/etc/init.d/apache2 stop"; - - - ######################################################### - -commands: - - start_apache:: - - "/etc/init.d/apache2 start"; # or startssl - - ######################################################### - -packages: - - "$(match_package)" - - package_policy => "add", - package_method => zypper, - classes => if_ok("software_ok"); - - ######################################################### - -files: - - software_ok:: - - "/etc/sysconfig/apache2" - - edit_line => fixapache, - classes => if_ok("web_ok"); - - ######################################################### - -reports: - - !software_ok.on:: - - "The web server software could not be installed"; - - ######################################################### - -classes: - - "on" expression => strcmp("$(state)","on"); - "off" expression => strcmp("$(state)","off"); -} - -####################################################### -# For the library -####################################################### - -bundle edit_line fixapache - -{ -vars: - - "add_modules" slist => { - "ssl", - "php5" - }; - - "del_modules" slist => { - "php3", - "php4", - "jk" - }; - -insert_lines: - - "APACHE_CONF_INCLUDE_FILES=\"$(web_server.site_http_conf)\""; - -field_edits: - - ##################################################################### - # APACHE_MODULES="actions alias ssl php5 dav_svn authz_default jk" etc.. - ##################################################################### - - "APACHE_MODULES=.*" - - # Insert module "columns" between the quoted RHS - # using space separators - - edit_field => quotedvar("$(add_modules)","append"); - - "APACHE_MODULES=.*" - - # Delete module "columns" between the quoted RHS - # using space separators - - edit_field => quotedvar("$(del_modules)","delete"); - - # if this line already exists, edit it - -} - -@end verbatim - - - - -@page -@c ----------------------------------------------------------------------- -@node Templating, , Set up a web server, High level -@section Templating - -With CFEngine you have a choice between editing `deltas' into files -or distributing more-or-less finished templates. Which method you -should choose depends should be made by whatever is easiest. - -@itemize -@item If you are managing only part of the file, and something else (e.g. a package manager) -is managing most of it, then it makes sense to use CFEngine file editing. - -@item If you are managing everything in the file, then it makes sense to make the edits -by hand and install them using CFEngine. You can use variables within -source text files and let CFEngine expand them locally in situ, so -that you can make generic templates that apply netwide. - -@end itemize -Example template: - -@verbatim -# -# System file X -# - -MYVARIABLE = something or other -HOSTNAME = $(sys.host) # CFEngine fills this in - -# ... - -@end verbatim -To copy and expand this template, you can use a pattern like this: -@verbatim - -bundle agent test -{ -methods: - - "any" usebundle => get_template("/etc/sudoers","400"); - "any" usebundle => get_template("/etc/hosts","644"); - -} - -@end verbatim -The the following driving code (based on `copy then edit') can be -placed in a library, after configuring to your environmental -locations: - -@verbatim -bundle agent get_template(final_destination,mode) -{ -vars: - - # This needs to ne preconfigured to your site - - "masterfiles" string => "/home/mark/tmp"; - "this_template" string => lastnode("$(final_destination)","/"); - -files: - - "$(final_destination).staging" - - comment => "Get template and expand variables for this host", - perms => mo("400","root"), - copy_from => remote_cp("$(masterfiles)/templates/$(this_template)","$(policy_server)"), - action => if_elapsed("60"); - - "$(final_destination)" - - comment => "Expand the template", - create => "true", - edit_line => expand_template("$(final_destination).staging"), - edit_defaults => empty, - perms => mo("$(mode)","root"), - action => if_elapsed("60"); - -} - -@end verbatim - - - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** -@node Low level, , High level, Top -@chapter Low level - - - -@c ----------------------------------------------------------------------- - - - -@c ----------------------------------------------------------------------- -@menu -* Aborting execution:: -* ACL file example:: -* ACL generic example:: -* ACL secret example:: -* Active directory example:: -* Active list users directory example:: -* Active directory show users example:: -* Add lines to a file:: -* Add users to passwd and group:: -* Add software packages to the system:: -* Add variable definitions to a file:: -* Application baseline:: -* Array example:: -* Back references in filenames:: -* BSD flags:: -* Change directory for command:: -* Check file or directory permissions:: -* Class match example:: -* Client-server example:: -* Commands example:: -* Commenting lines in a file:: -* Copy files:: -* Copy and flatten directory:: -* Copy then edit:: -* Creating files and directories:: -* Database creation:: -* Deleting lines from a file:: -* Deleting lines exception:: -* Editing files:: -* Editing tabular files:: -* Environment variables:: -* Execresult example:: -* Inserting lines in a file:: -* Get a list of users:: -* Global classes:: -* Guest environments:: -* Hello world:: -* LDAP interactions:: -* Linking files:: -* Listing files-pattern in a directory:: -* Locate and transform files:: -* Logging:: -* Measurements:: -* Methods:: -* Method validation:: -* Mount NFS filesystem:: -* Ordering promises:: -* Process management:: -* Read from a TCP socket:: -* Resolver management:: -* Search and replace text:: -* Selecting a region in a file:: -* Service management (windows):: -* Set up a PXE boot server:: -* Tidying garbage files:: -* Software distribution:: -* Trigger classes:: -* Unmount NFS filesystem:: -* Web server modules:: -* Warn if matching line in file:: -* Windows registry:: -* unit_registry_cache.cf:: -* unit_registry.cf:: -@end menu - - - - - - - - - - -@node Aborting execution, ACL file example, Low level, Low level -@section Aborting execution -@verbatim -#CFEexample:unit_abort.cf -@end verbatim - - -@node ACL file example, ACL generic example, Aborting execution, Low level -@section ACL file example -@verbatim -#CFEexample:unit_acl.cf -@end verbatim - -@node ACL generic example, ACL secret example, ACL file example, Low level -@section ACL generic example -@verbatim -#CFEexample:unit_acl_generic.cf -@end verbatim - -@node ACL secret example, Active directory example, ACL generic example, Low level -@section ACL secret example -@verbatim -#CFEexample:unit_acl_secret.cf -@end verbatim - - - -@node Active directory example, Active list users directory example, ACL secret example, Low level -@section Active directory example -@verbatim -#CFEexample:active_directory.cf -@end verbatim - - - -@node Active list users directory example, Active directory show users example, Active directory example, Low level -@section Active list users directory example -@verbatim -#CFEexample:unit_activedirectory_listusers.cf -@end verbatim - -@node Active directory show users example, Add lines to a file, Active list users directory example, Low level -@section Active directory show users example -@verbatim -#CFEexample:unit_activedirectory_showuser.cf -@end verbatim - - - - - -@node Add lines to a file, Add users to passwd and group, Active directory show users example, Low level -@section Add lines to a file - -There are numerous approaches to adding lines to a file. -Often the order of a configuration file is unimportant, we just need to ensure -settings within it. A simple way of adding lines is show below. - -@verbatim -body common control - -{ -any:: - - bundlesequence => { "insert" }; -} - -####################################################### - -bundle agent insert - -{ -vars: - - "lines" string => - " - One potato - Two potato - Three potatoe - Four - "; - -files: - - "/tmp/test_insert" - - create => "true", - edit_line => append_if_no_line("$(insert.lines)"); - -} - -@end verbatim -Also you could write this using a list variable: -@verbatim -body common control - -{ -any:: - - bundlesequence => { "insert" }; -} - -####################################################### - -bundle agent insert - -{ -vars: - - "lines" slist => { "One potato", "Two potato", - "Three potatoe", "Four" }; - -files: - - "/tmp/test_insert" - - create => "true", - edit_line => append_if_no_line("@(insert.lines)"); - -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Add users to passwd and group, Add software packages to the system, Add lines to a file, Low level -@section Add users to passwd and group - -Add lines to the password file, and users to group if they are not already there. -@verbatim - -body common control -{ -bundlesequence => { "addpasswd" }; -inputs => { "cf_std_library.cf" }; -} - -bundle agent addpasswd -{ -vars: - - # want to set these values by the names of their array keys - - "pwd[mark]" string => "mark:x:1000:100:Mark Burgess:/home/mark:/bin/bash"; - "pwd[fred]" string => "fred:x:1001:100:Right Said:/home/fred:/bin/bash"; - "pwd[jane]" string => "jane:x:1002:100:Jane Doe:/home/jane:/bin/bash"; - - "users" slist => getindices("pwd"); - -files: - - "/etc/passwd" - - create => "true", - edit_line => append_users_starting("addpasswd.pwd"); - - "/etc/group" - - edit_line => append_user_field("users","4","@(addpasswd.users)"); - -} - -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Add software packages to the system, Add variable definitions to a file, Add users to passwd and group, Low level -@section Add software packages to the system - -@verbatim -# -# Package managment -# - -body common control -{ -bundlesequence => { "packages" }; -} - -############################################# - -bundle agent packages -{ -vars: - - "match_package" slist => { - "apache2", - "apache2-mod_php5", - "apache2-prefork", - "php5" - }; -packages: - - solaris:: - - "$(match_package)" - - package_policy => "add", - package_method => solaris; - - redhat|SuSE:: - - "$(match_package)" - - package_policy => "add", - package_method => yum; - -} -@end verbatim - -Note you can also arrange to hide all the differences between package managers -on an OS basis, but since some OSs have multiple managers, this might not -be 100 percent correct. - -@page -@c ----------------------------------------------------------------------- -@node Add variable definitions to a file, Application baseline, Add software packages to the system, Low level -@section Add variable definitions to a file e.g. @file{/etc/system} - -@verbatim - -body common control -{ -bundlesequence => { "setvars" }; -inputs => { "cf_std_library.cf" }; -} - - -bundle agent setvars -{ -vars: - - # want to set these values by the names of their array keys - - "rhs[lhs1]" string => " Mary had a little pig"; - "rhs[lhs2]" string => "Whose Fleece was white as snow"; - "rhs[lhs3]" string => "And everywhere that Mary went"; - - # oops, now change pig -> lamb - -files: - - "/tmp/system" - - create => "true", - edit_line => set_variable_values("setvars.rhs"); - -} - -@end verbatim - -@noindent Results in: - -@verbatim -lhs1= Mary had a little pig -lhs2=Whose Fleece was white as snow -lhs3=And everywhere that Mary went -@end verbatim - -@noindent An example of this would be to add variables to @file{/etc/sysctl.conf} on Linux: - - -@verbatim - -body common control -{ -bundlesequence => { "setvars" }; -inputs => { "cf_std_library.cf" }; -} - - -bundle agent setvars -{ -vars: - - # want to set these values by the names of their array keys - - "rhs[net/ipv4/tcp_syncookies]" string => "1"; - "rhs[net/ipv4/icmp_echo_ignore_broadcasts]" string => "1"; - "rhs[net/ipv4/ip_forward]" string => "1"; - - # oops, now change pig -> lamb - -files: - - "/etc/sysctl" - - create => "true", - edit_line => set_variable_values("setvars.rhs"); - -} - -@end verbatim - - - - -@menu -* Application baseline:: -* Array example:: -* Back references in filenames:: -* BSD flags:: -* Change directory for command:: -@end menu - -@node Application baseline, Array example, Add variable definitions to a file, Low level -@section Application baseline -@verbatim -#CFEexample:app_baseline.cf -@end verbatim - - - - -@node Array example, Back references in filenames, Application baseline, Low level -@section Array example -@verbatim -#CFEexample:unit_arrays.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - -@node Back references in filenames, BSD flags, Array example, Low level -@section Backreferences in filenames -@verbatim -#CFEexample:unit_backreferences_files.cf -@end verbatim - - - - - - -@node BSD flags, Change directory for command, Back references in filenames, Low level -@section BSD flags -@verbatim -#CFEexample:unit_bsdflags.cf -@end verbatim - - - - - - - - - - - - - - - - - - -@page -@c ----------------------------------------------------------------------- - -@node Change directory for command, Check file or directory permissions, BSD flags, Low level -@section Change directory for command -@verbatim -#CFEexample:unit_chdir.cf -@end verbatim - - - - - -@node Check file or directory permissions, Class match example, Change directory for command, Low level -@section Check file or directory permissions - - -@verbatim - -bundle agent check_perms -{ -vars: - - "ns_files" slist => { - "/local/iu/logs/admin", - "/local/iu/logs/security", - "/local/iu/logs/updates", - "/local/iu/logs/xfer" - }; -files: - - NameServers:: - - "/local/dns/pz" - - perms => mo("644","dns") - depth_search => recurse("1"), - file_select => exclude("secret_file"); - - "/local/iu/dns/pz/FixSerial" - - perms => m("755"), - file_select => plain; - - "$(ns_files)" - - perms => mo("644","dns"), - file_select => plain; - - - "$(ftp)/pub" - perms => mog("644","root","other"); - - "$(ftp)/pub" - perms => m("644"), - depth_search => recurse("inf"); - - "$(ftp)/etc" perms => mog("111","root","other"); - "$(ftp)/usr/bin/ls" perms => mog("111","root","other"); - "$(ftp)/dev" perms => mog("555","root","other"); - "$(ftp)/usr" perms => mog("555","root","other"); -} -@end verbatim - - - - - -@menu -* Class match example:: -* Client-server example:: -* Commands example:: -* Commenting lines in a file:: -@end menu - -@node Class match example, Client-server example, Check file or directory permissions, Low level -@section Class match example -@verbatim -#CFEexample:unit_classmatch.cf -@end verbatim - - - -@node Client-server example, Commands example, Class match example, Low level -@section Client-server example -@verbatim -#CFEexample:unit_server_copy_localhost.cf - -@end verbatim - - - -@node Commands example, Commenting lines in a file, Client-server example, Low level -@section Commands example -@verbatim -#CFEexample:unit_commands.cf -@end verbatim - - - -@node Commenting lines in a file, Copy files, Commands example, Low level -@section Commenting lines in a file - -@verbatim -#CFEexample:unit_edit_comment_lines.cf -@end verbatim - -@verbatim -#CFEexample:unit_hashcomment.cf -@end verbatim - - -@verbatim -#CFEexample:unit_hashuncomment.cf -@end verbatim - - -@node Copy files, Copy and flatten directory, Commenting lines in a file, Low level -@section Copy files - -@verbatim -files: - - "/var/cfengine/inputs" - - handle => "update_policy", - perms => m("600"), - copy_from => u_scp("$(master_location)",@(policy_server)), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - -@end verbatim - - - - - - - -@menu -* Copy and flatten directory:: -@end menu - -@node Copy and flatten directory, Copy then edit, Copy files, Low level -@section Copy and flatten directory -@verbatim -#CFEexample:unit_server_flatcopy_localhost.cf - -@end verbatim - - - - -@node Copy then edit, Creating files and directories, Copy and flatten directory, Low level -@section Copy then edit a file convergently - -To convergently chain a copy followed by edit, you need a staging file. -First you copy to the staging file. Then you edit the final file and -insert the staging file into it as part of the editing. This is convergent -with respect to both stages of the process. - -@verbatim -bundle agent master -{ -files: - - "$(final_destination)" - - create => "true", - edit_line => fix_file("$(staging_file)"), - edit_defaults => empty, - perms => mo("644","root"), - action => ifelapsed("60"); -} - -# - -bundle edit_line fix_file(f) -{ -insert_lines: - - "$(f)" - - # insert this into an empty file to reconstruct - - insert_type => "file"; - -replace_patterns: - - "searchstring" - - replace_with => With("replacestring"); -} - - -@end verbatim - - - - - - -@menu -* Creating files and directories:: -* Database creation:: -* Deleting lines from a file:: -* Deleting lines exception:: -@end menu - -@node Creating files and directories, Database creation, Copy then edit, Low level -@section Creating files and directories -@verbatim -#CFEexample:unit_create_filedir.cf -@end verbatim - - - -@page -@c ----------------------------------------------------------------------- - -@node Database creation, Deleting lines from a file, Creating files and directories, Low level -@section Database creation -@verbatim -#CFEexample:unit_createdb.cf - -@end verbatim - -@verbatim -#CFEexample:sql_table_structure.cf - -@end verbatim - - -@node Deleting lines from a file, Deleting lines exception, Database creation, Low level -@section Deleting lines from a file -@verbatim -#CFEexample:unit_deletelines.cf -@end verbatim - - -@node Deleting lines exception, Editing files, Deleting lines from a file, Low level -@section Deleting lines exception -@verbatim -#CFEexample:unit_edit_deletenotmatch.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Editing files, Editing tabular files, Deleting lines exception, Low level -@section Editing files - -This is a huge topic. See also @xref{Add lines to a file}, @xref{Editing tabular files}, etc. -Editing a file can be complex or simple, depending on needs. - -Here is an example of how to comment out lines matching a number of patterns: -@verbatim -###################################################################### -# -# Comment lines -# -###################################################################### - -body common control - -{ -version => "1.2.3"; -bundlesequence => { "testbundle" }; -inputs => { "cf_std_library.cf" }; -} - -######################################################## - -bundle agent testbundle - -{ -vars: - - "patterns" slist => { "finger.*", "echo.*", "exec.*", "rstat.*", - "uucp.*", "talk.*" }; - -files: - - "/etc/inetd.conf" - - edit_line => comment_lines_matching("@(testbundle.patterns)","#"); -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- -@node Editing tabular files, Guest environments, Editing files, Low level -@section Editing tabular files - -@verbatim - -###################################################################### -# -# File editing -# -# Normal ordering: -# - delete -# - replace | colum_edit -# - insert -# -###################################################################### - - -body common control - -{ -version => "1.2.3"; -bundlesequence => { "testbundle" }; -} - -######################################################## - -bundle agent testbundle - -{ -vars: - - "userset" slist => { "one-x", "two-x", "three-x" }; - -files: - - # Make a copy of the password file - - "/home/mark/tmp/passwd" - - create => "true", - edit_line => SetUserParam("mark","6","/set/this/shell"); - - "/home/mark/tmp/group" - - create => "true", - edit_line => AppendUserParam("root","4","@(userset)"); - -commands: - - "/bin/echo" args => "$(userset)"; - -} - -######################################################## - -bundle edit_line SetUserParam(user,field,val) - { - field_edits: - - "$(user):.*" - - # Set field of the file to parameter - - edit_field => col(":","$(field)","$(val)","set"); - } - -######################################################## - -bundle edit_line AppendUserParam(user,field,allusers) - { - vars: - - "val" slist => { @(allusers) }; - - field_edits: - - "$(user):.*" - - # Set field of the file to parameter - - edit_field => col(":","$(field)","$(val)","alphanum"); - - } - -######################################## -# Bodies -######################################## - -body edit_field col(split,col,newval,method) - -{ -field_separator => "$(split)"; -select_field => "$(col)"; -value_separator => ","; -field_value => "$(newval)"; -field_operation => "$(method)"; -extend_fields => "true"; -} - - -@end verbatim - - - -@menu -* Environment variables:: -* Execresult example:: -* Inserting lines in a file:: -* Get a list of users:: -* Global classes:: -* Guest environments:: -* Hello world:: -* LDAP interactions:: -* Linking files:: -* Listing files-pattern in a directory:: -* Locate and transform files:: -* Logging:: -* Measurements:: -* Methods:: -* Method validation:: -* Mount NFS filesystem:: -@end menu - -@node Environment variables, Execresult example, Guest environments, Low level -@section Environment variables -@verbatim -#CFEexample:unit_env.cf -@end verbatim - - -@node Execresult example, Inserting lines in a file, Environment variables, Low level -@section Execresult example -@verbatim -#CFEexample:unit_execresult.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - -@node Inserting lines in a file, Get a list of users, Execresult example, Low level -@section Inserting lines in a file -@verbatim -#CFEexample:unit_edit_insert_fuzzylines.cf - -@end verbatim - - -@verbatim -#CFEexample:unit_edit_insert_lines.cf - -@end verbatim - -@verbatim -#CFEexample:unit_edit_insert_lines_silly.cf - -@end verbatim - -@page -@c ----------------------------------------------------------------------- - - - - - -@node Get a list of users, Global classes, Inserting lines in a file, Low level -@section Get a list of users -@verbatim -#CFEexample:unit_getusers.cf -@end verbatim - - - -@node Global classes, Hello world, Get a list of users, Low level -@section Global classes -@verbatim -#CFEexample:unit_classes_global.cf - -@end verbatim - -@node Guest environments, Environment variables, Editing tabular files, Low level -@section Guest environments - -@verbatim -#CFEexample:guest_environment_kvm.cf - -@end verbatim - -@verbatim -#CFEexample:unit_test_environment.cf - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - -@node Hello world, LDAP interactions, Global classes, Low level -@section Hello world -@verbatim -#CFEexample:unit_helloworld.cf - -@end verbatim - -@page -@c ----------------------------------------------------------------------- - -@node LDAP interactions, Linking files, Hello world, Low level -@section LDAP interactions -@verbatim -#CFEexample:unit_ldap.cf - -@end verbatim - - -@node Linking files, Listing files-pattern in a directory, LDAP interactions, Low level -@section Linking files -@verbatim -#CFEexample:unit_linking.cf - -@end verbatim - -Removing deadlinks from a directory: -@verbatim -#CFEexample:unit_remove_deadlinks.cf - -@end verbatim - - - - - -@node Listing files-pattern in a directory, Locate and transform files, Linking files, Low level -@section Listing files-pattern in a directory -@verbatim -#CFEexample:unit_lsdir.cf - -@end verbatim - - -@node Locate and transform files, Logging, Listing files-pattern in a directory, Low level -@section Locate and transform files -@verbatim -#CFEexample:unit_locate_files_and_compress.cf -@end verbatim - -@node Logging, Measurements, Locate and transform files, Low level -@section Logging -@verbatim -#CFEexample:unit_log_private.cf - -@end verbatim - - -@verbatim -#CFEexample:unit_syslog2.cf -@end verbatim - -@verbatim -#CFEexample:unit_syslog.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - - - - -@node Measurements, Methods, Logging, Low level -@section Measurements - -@verbatim -#CFEexample:unit_measure_log.cf -@end verbatim - -@verbatim -#CFEexample:unit_measurements.cf -@end verbatim - - -@node Methods, Method validation, Measurements, Low level -@section Methods -@verbatim -#CFEexample:unit_method.cf -@end verbatim - -@node Method validation, Mount NFS filesystem, Methods, Low level -@section Method validation -@verbatim -#CFEexample:unit_method_validate.cf -@end verbatim - -@node Mount NFS filesystem, Ordering promises, Method validation, Low level -@section Mount NFS filesystem -@verbatim -#CFEexample:unit_mount_fs.cf -@end verbatim - - - - -@page -@node Ordering promises, Process management, Mount NFS filesystem, Low level -@section Ordering promises - - -This counts to five by default. If we change @samp{/bin/echo one} -to @samp{/bin/echox one}, then the command will fail, causing us -to skip five and go to six instead. - -This shows how dependencies can be chained in spite of the -order of promises in the bundle. - -Normally the order of promises in a bundle is followed, within each -promise type, and the types are ordered according to @i{normal -ordering}. - -@verbatim -#CFEexample:unit_ordering.cf -@end verbatim - - - - - - - - -@page -@c ----------------------------------------------------------------------- - - - -@menu -* Process management:: -* Read from a TCP socket:: -* Resolver management:: -* Search and replace text:: -* Selecting a region in a file:: -* Service management (windows):: -@end menu - -@node Process management, Read from a TCP socket, Ordering promises, Low level -@section Process management -@verbatim -#CFEexample:unit_process_kill.cf -@end verbatim - -@verbatim -#CFEexample:unit_process_matching2.cf -@end verbatim - - -@verbatim -#CFEexample:unit_process_matching3.cf -@end verbatim - -@verbatim -#CFEexample:unit_process_matching.cf -@end verbatim - -@verbatim -#CFEexample:unit_process_restart_basic.cf -@end verbatim - - -@verbatim -#CFEexample:unit_process_restart.cf -@end verbatim - -@verbatim -#CFEexample:unit_process_signalling.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - -@node Read from a TCP socket, Resolver management, Process management, Low level -@section Read from a TCP socket -@verbatim -#CFEexample:unit_readtcp.cf - -@end verbatim - - - - -@node Resolver management, Search and replace text, Read from a TCP socket, Low level -@section Resolver management -@verbatim -#CFEexample:unit_resolveconf.cf -@end verbatim - - - - -@page -@c ----------------------------------------------------------------------- - -@node Search and replace text, Selecting a region in a file, Resolver management, Low level -@section Search and replace text -@verbatim -#CFEexample:unit_edit_replace_string.cf -@end verbatim - - - -@node Selecting a region in a file, Service management (windows), Search and replace text, Low level -@section Selecting a region in a file -@verbatim -#CFEexample:unit_select_region.cf -@end verbatim - - - - -@node Service management (windows), Set up a PXE boot server, Selecting a region in a file, Low level -@section Service management (windows) -@verbatim -#CFEexample:unit_service_disable.cf -@end verbatim - - -@verbatim -#CFEexample:unit_service_start.cf -@end verbatim - - - -@node Set up a PXE boot server, Tidying garbage files, Service management (windows), Low level -@section Set up a PXE boot server - -Use CFEngine to set up a PXE boot server. - -@verbatim -body common control -{ - bundlesequence => { "pxe" }; - inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" }; -} - - -# -# PXE boot server -# - - -bundle agent pxe -{ -vars: - - "software" slist => { - "atftp", - "dhcp-server", - "syslinux", - "apache2" - }; - - - "dirs" slist => { - "/tftpboot", - "/tftpboot/CFEngine/rpm", - "/tftpboot/CFEngine/inputs", - "/tftpboot/pxelinux.cfg", - "/tftpboot/kickstart", - "/srv/www/repos" - }; - - "tmp_location" string => "/tftpboot/CFEngine/inputs"; - - # Distros that we can install - - - "rh_distros" slist => { "4.7", "5.2" }; - "centos_distros" slist => { "5.2" }; - - # File contents of atftp configuration - - - "atftpd_conf" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promising state. ### - -########################################### - - -ATFTPD_OPTIONS=\"--daemon \" -ATFTPD_USE_INETD=\"no\" -ATFTPD_DIRECTORY=\"/tftpboot\" -ATFTPD_BIND_ADDRESSES=\"\" - "; - - # File contents of DHCP configuration - - - "dhcpd" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promising state. ### - -########################################### - - -DHCPD_INTERFACE=\"eth0\" -DHCPD_RUN_CHROOTED=\"yes\" -DHCPD_CONF_INCLUDE_FILES=\"\" -DHCPD_RUN_AS=\"dhcpd\" -DHCPD_OTHER_ARGS=\"\" -DHCPD_BINARY=\"\" - "; - - "dhcpd_conf" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promising state. ### - -########################################### - - -allow booting; -allow bootp; -ddns-update-style none; ddns-updates off; - subnet 192.168.0.0 netmask 255.255.255.0 { - range 192.168.0.20 192.168.0.254; - default-lease-time 3600; - max-lease-time 4800; - option routers 192.168.0.1; - option domain-name \"test.CFEngine.com\"; - option domain-name-servers 192.168.0.1; - next-server 192.168.0.1; - filename \"pxelinux.0\"; - } - group { - host node1 { - # Dummy machine - - hardware ethernet 00:0F:1F:94:FE:07; - fixed-address 192.168.0.11; - option host-name \"node1\"; - } - host node2 { - # Dell Inspiron 1150 - - hardware ethernet 00:0F:1F:0E:70:E7; - fixed-address 192.168.0.12; - option host-name \"node2\"; - } - } - "; - - # File contains of Apache2 HTTP configuration - - - "httpd_conf" string => - " -# Repository for RHEL5 - - -Options Indexes -AllowOverride None - -Alias /repos /srv/www/repos - -# PXE boot server - - -Options Indexes -AllowOverride None - -Alias /distro/rhel/5.2 /tftpboot/distro/RHEL/5.2 - - -Options Indexes -AllowOverride None - -Alias /distro/rhel/4.7 /tftpboot/distro/RHEL/4.7 - - -Options Indexes -AllowOverride None - -Alias /distro/centos/5.2 /tftpboot/distro/CentOS/5.2 - - -Options Indexes -AllowOverride None - -Alias /kickstart /tftpboot/kickstart - - -Options Indexes -AllowOverride None - -Alias /CFEngine /tftpboot/CFEngine - "; - - # File contains of Kickstart for RHEL5 configuration - - - "kickstart_rhel5_conf" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promissing state. ### - -########################################### - - -auth --useshadow --enablemd5 -bootloader --location=mbr -clearpart --all --initlabel -graphical -firewall --disabled -firstboot --disable -key 77244a6377a8044a -keyboard no -lang en_US -logging --level=info -url --url=http://192.168.0.1/distro/rhel/5.2 -network --bootproto=dhcp --device=eth0 --onboot=on -reboot -rootpw --iscrypted $1$eOnXdDPF$279sQ//zry6rnQktkATeM0 -selinux --disabled -timezone --isUtc Europe/Oslo -install -part swap --bytes-per-inode=4096 --fstype=\"swap\" --recommended -part / --bytes-per-inode=4096 --fstype=\"ext3\" --grow --size=1 - -%packages -@core -@base -db4-devel -openssl-devel -gcc -flex -bison -libacl-devel -libselinux-devel -pcre-devel -#httpd - -device-mapper-multipath --sysreport - -%post -cd /root -rpm -i http://192.168.0.1/CFEngine/rpm/CFEngine-3.0.1b1-1.el5.i386.rpm -#/sbin/chkconfig httpd on - -cd /etc/yum.repos.d -wget http://192.168.0.1/repos/RHEL5.Base.repo -rpm --import /etc/pki/rpm-gpg/* -yum clean all -yum update -mkdir -p /root/CFEngine_init -cd /root/CFEngine_init -wget -nd -r http://192.168.0.1/CFEngine/inputs/ -/var/cfengine/bin/cf-agent -B -/var/cfengine/bin/cf-agent - "; - - # File contains of PXElinux boot menu - - - "pxelinux_boot_menu" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promissing state. ### - -########################################### - - -boot options: - rhel5 - install 32 bit i386 RHEL 5.2 (MANUAL) - rhel5w - install 32 bit i386 RHEL 5.2 (AUTO) - rhel4 - install 32 bit i386 RHEL 4.7 AS (MANUAL) - centos5 - install 32 bit i386 CentOS 5.2 (Desktop) (MANUAL) - "; - # File contains of PXElinux default configuration - - - "pxelinux_default" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promissing state. ### - -########################################### - - -default rhel5 -timeout 300 -prompt 1 -display pxelinux.cfg/boot.msg -F1 pxelinux.cfg/boot.msg - -# install i386 RHEL 5.2 - -label rhel5 - kernel vmlinuz-RHEL5U2 - append initrd=initrd-RHEL5U2 load_ramdisk=1 ramdisk_size=16384 install=http://192.168.0.1/distro/rhel/5.2 - -# install i386 RHEL 5.2 using Kickstart - -label rhel5w - kernel vmlinuz-RHEL5U2 - append initrd=initrd-RHEL5U2 load_ramdisk=1 ramdisk_size=16384 ks=http://192.168.0.1/kickstart/kickstart-RHEL5U2.cfg - -# install i386 RHEL 4.7 - -label rhel4 - kernel vmlinuz-RHEL4U7 - append initrd=initrd-RHEL4U7 load_ramdisk=1 ramdisk_size=16384 install=http://192.168.0.1/distro/rhel/4.7 - -# install i386 CentOS 5.2 - -label centos5 - kernel vmlinuz-CentOS5.2 - append initrd=initrd-CentOS5.2 load_ramdisk=1 ramdisk_size=16384 install=http://192.168.0.1/distro/centos/5.2 - "; - - # File contains of specified PXElinux default to be a RHEL5 webserver - - - "pxelinux_rhel5_webserver" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promissing state. ### - -########################################### - - -# install i386 RHEL 5.2 using Kickstart - -default rhel5w -label rhel5w - kernel vmlinuz-RHEL5U2 - append initrd=initrd-RHEL5U2 load_ramdisk=1 ramdisk_size=16384 ks=http://192.168.0.1/kickstart/kickstart-RHEL5U2.cfg - "; - - # File contains of a local repository for RHEL5 - - - "rhel5_base_repo" string => - " -########################################### - -### This file is protected by CFEngine. ### - -### Whatever you do, it will be changed ### - -### back to a promissing state. ### - -########################################### - - -# Local Repository - -[Server] -name=Server -baseurl=http://192.168.0.1/repos/rhel5/Server/ -enable=1 -[VT] -name=VT -baseurl=http://192.168.0.1/repos/rhel5/VT/ -enable=1 -[Cluster] -name=Cluster -baseurl=http://192.168.0.1/repos/rhel5/Cluster/ -enable=1 -[ClusterStorage] -name=Cluster Storage -baseurl=http://192.168.0.1/repos/rhel5/ClusterStorage/ -enable=1 - "; -##################################################### - - - -files: - - packages_ok:: - - # Create files/dirs and edit the new files - - - "/tftpboot/distro/RHEL/$(rh_distros)/." - create => "true"; - - "/tftpboot/distro/CentOS/$(centos_distros)/." - create => "true"; - - "$(dirs)/." - create => "true"; - - "/tftpboot/pxelinux.cfg/boot.msg" - create => "true", - perms => mo("644","root"), - edit_line => append_if_no_line("$(pxelinux_boot_menu)"), - edit_defaults => empty; - - "/tftpboot/pxelinux.cfg/default" - create => "true", - perms => mo("644","root"), - edit_line => append_if_no_line("$(pxelinux_default)"), - edit_defaults => empty; - - "/tftpboot/pxelinux.cfg/default.RHEL5.webserver" - create => "true", - perms => mo("644","root"), - edit_line => append_if_no_line("$(pxelinux_rhel5_webserver)"), - edit_defaults => empty; - - "/tftpboot/kickstart/kickstart-RHEL5U2.cfg" - create => "true", - perms => mo("644","root"), - edit_line => append_if_no_line("$(kickstart_rhel5_conf)"), - edit_defaults => empty; - - "/srv/www/repos/RHEL5.Base.repo" - create => "true", - perms => mo("644","root"), - edit_line => append_if_no_line("$(rhel5_base_repo)"), - edit_defaults => empty; - - # Copy files - - - "/tftpboot" - - copy_from => local_cp("/usr/share/syslinux"), - depth_search => recurse("inf"), - file_select => pxelinux_files, - action => immediate; - - "$(tmp_location)" - - perms => m("644"), - copy_from => local_cp("/var/cfengine/inputs"), - depth_search => recurse("inf"), - file_select => input_files, - action => immediate; - - # Edit atftp, dhcp and apache2 configurations - - - "/etc/sysconfig/atftpd" - edit_line => append_if_no_line("$(atftpd_conf)"), - edit_defaults => empty, - classes => satisfied("atftpd_ready"); - - "/etc/sysconfig/dhcpd" - edit_line => append_if_no_line("$(dhcpd)"), - edit_defaults => empty; - - "/etc/dhcpd.conf" - edit_line => append_if_no_line("$(dhcpd_conf)"), - edit_defaults => empty, - classes => satisfied("dhcpd_ready"); - - "/etc/apache2/httpd.conf" - edit_line => append_if_no_line("$(httpd_conf)"), - edit_defaults => std_defs, - classes => satisfied("apache2_ok"); - - # Make a static link - - - "/tftpboot/pxelinux.cfg/C0A8000C" - link_from => mylink("/tftpboot/pxelinux.cfg/default.RHEL5.webserver"); - - # Hash comment some lines for apaches - - - apache2_ok:: - "/etc/apache2/httpd.conf" - edit_line => comment_lines_matching_apache2("#"), - classes => satisfied("apache2_ready"); - -commands: - - # Restart services - - atftpd_ready:: - "/etc/init.d/atftpd restart"; - - dhcpd_ready:: - "/etc/init.d/dhcpd restart"; - - apache2_ready:: - "/etc/init.d/apache2 restart"; - - -##################################################### - - -packages: - - ipv4_192_168_0_1:: - # Only the PXE boot server - - - "$(software)" - - package_policy => "add", - package_method => zypper, - classes => satisfied("packages_ok"); - -} - -##################################################### - -########### *** Bodies are here *** ################# - -##################################################### - - -body file_select pxelinux_files - -{ -leaf_name => { "pxelinux.0" }; - -file_result => "leaf_name"; -} - -##################################################### - - -body copy_from mycopy_local(from,server) - -{ -source => "$(from)"; -compare => "digest"; -} - -######################################################### - - -body link_from mylink(x) -{ -source => "$(x)"; -link_type => "symlink"; -} - -####################################################### - - -body classes satisfied(new_class) - -{ -promise_kept => { "$(new_class)"}; -promise_repaired => { "$(new_class)"}; -} - -####################################################### - - -bundle edit_line comment_lines_matching_apache2(comment) - { - - vars: - "regex" slist => { "\s.*Options\sNone", "\s.*AllowOverride\sNone", "\s.*Deny\sfrom\sall" }; - - replace_patterns: - - "^($(regex))$" - replace_with => comment("$(comment)"); - } - -####################################################### - -body file_select input_files -{ - leaf_name => { ".*.cf",".*.dat",".*.txt" }; - file_result => "leaf_name"; -} - -####################################################### - -@end verbatim - - - -@page -@c ----------------------------------------------------------------------- -@node Tidying garbage files, Software distribution, Set up a PXE boot server, Low level -@section Tidying garbage files - -Emulating the `tidy' feature of CFEngine 2. - -@verbatim -####################################################### -# -# Deleting files, like cf2 tidy age=0 r=inf -# -####################################################### - -body common control - -{ - any:: - - bundlesequence => { "testbundle" }; -} - -############################################ - -bundle agent testbundle - -{ -files: - - "/tmp/test" - - delete => tidyfiles, - file_select => zero_age, - depth_search => recurse("inf"); -} - -######################################################### - -body depth_search recurse(d) - -{ -#include_basedir => "true"; -depth => "$(d)"; -} - -######################################################### - -body delete tidy - -{ -dirlinks => "delete"; -rmdirs => "false"; -} - -######################################################### - -body file_select zero_age - -# -# we can build old "include", "exclude", and "ignore" -# from these as standard patterns - these bodies can -# form a library of standard patterns -# - -{ -mtime => irange(ago(1,0,0,0,0,0),now); -file_result => "mtime"; -} - -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - -@menu -* Software distribution:: -* Trigger classes:: -@end menu - -@node Software distribution, Trigger classes, Tidying garbage files, Low level -@section Software distribution -@verbatim -#CFEexample:unit_software_dist.cf -@end verbatim - - -@page -@c ----------------------------------------------------------------------- - - -@node Trigger classes, Unmount NFS filesystem, Software distribution, Low level -@section Trigger classes -@verbatim -#CFEexample:unit_edit_triggerclass.cf -@end verbatim - - - -@page -@c ----------------------------------------------------------------------- -@node Unmount NFS filesystem, Web server modules, Trigger classes, Low level -@section Unmount NFS filesystem - - -@verbatim -##################################################################### -# Mount NFS -##################################################################### - -body common control - -{ -bundlesequence => { "mounts" }; -} - -##################################################################### - -bundle agent mounts - -{ -storage: - - # Assumes the filesystem has been exported - - "/mnt" mount => nfs("server.example.org","/home"); -} - -###################################################################### - -body mount nfs(server,source) - -{ -mount_type => "nfs"; -mount_source => "$(source)"; -mount_server => "$(server)"; -edit_fstab => "true"; -unmount => "true"; -} -@end verbatim - -@page -@c ----------------------------------------------------------------------- -@node Web server modules, Warn if matching line in file, Unmount NFS filesystem, Low level -@section Web server modules - -The problem of editing the correct modules into the list of standard -modules for the Apache web server. This example is based on the -standard configuration deployment of SuSE Linux. Simply provide the -list of modules you want and another list that you don't want. - -@verbatim -####################################################### -# -# Apache 2 reconfig - modelled on SuSE -# -####################################################### - -body common control - -{ -any:: - - bundlesequence => { - apache - }; -} - -####################################################### - -bundle agent apache - -{ -files: - - SuSE:: - - "/etc/sysconfig/apache2" - - edit_line => fixapache; -} - -####################################################### -# For the library -####################################################### - -bundle edit_line fixapache - -{ -vars: - - "add_modules" slist => { - "dav", - "dav_fs", - "ssl", - "php5", - "dav_svn", - "xyz", - "superduper" - }; - - "del_modules" slist => { - "php3", - "jk", - "userdir", - "imagemap", - "alias" - }; - -insert_lines: - - "APACHE_CONF_INCLUDE_FILES=\"/site/masterfiles/local-http.conf\""; - -field_edits: - - ##################################################################### - # APACHE_MODULES="authz_host actions alias ..." - ##################################################################### - - # Values have the form NAME = "quoted space separated list" - - "APACHE_MODULES=.*" - - # Insert module "columns" between the quoted RHS - # using space separators - - edit_field => quotedvar("$(add_modules)","append"); - - "APACHE_MODULES=.*" - - # Delte module "columns" between the quoted RHS - # using space separators - - edit_field => quotedvar("$(del_modules)","delete"); - - # if this line already exists, edit it - -} - -@end verbatim - - - - - - - -@page -@c ------------------------------------------------------------------------- - -@menu -* Warn if matching line in file:: -* Windows registry:: -* unit_registry_cache.cf:: -* unit_registry.cf:: -@end menu - -@node Warn if matching line in file, Windows registry, Web server modules, Low level -@section Warn if matching line in file -@verbatim -#CFEexample:unit_warnifline.cf - -@end verbatim - - -@node Windows registry, unit_registry_cache.cf, Warn if matching line in file, Low level -@section Windows registry -@verbatim -#CFEexample:unit_getregistry.cf -@end verbatim - -@node unit_registry_cache.cf, unit_registry.cf, Windows registry, Low level -@section unit_registry_cache.cf -@verbatim -#CFEexample:unit_registry_cache.cf -@end verbatim - -@node unit_registry.cf, , unit_registry_cache.cf, Low level -@section unit_registry.cf -@verbatim -#CFEexample:unit_registry.cf -@end verbatim - - - - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - - -@ifhtml -@html - - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf3-tutorial.texinfo b/docs/guides/cf3-tutorial.texinfo deleted file mode 100644 index 1f6aef0ce9..0000000000 --- a/docs/guides/cf3-tutorial.texinfo +++ /dev/null @@ -1,3585 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-tutorial.info -@settitle CFEngine 3 Tutorial -@setchapternewpage odd -@c %** end of header - -@titlepage -@title CFEngine 3 Tutorial -@subtitle A CFEngine AS workbook -@author Mark Burgess @@ CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1fill -Copyright @copyright{} 2011 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, System automation, (dir), (dir) -@top CFEngine-Tutorial -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - - - -@c ********************************************************************** -@menu -* System automation:: -* The components of CFEngine:: -* Bodies and bundles:: -* First promises:: -* A simple crash course in concepts:: -* Using CFEngine as a front-end for cron:: -* Network services:: -* Knowledge Management:: -@end menu - -@node System automation, The components of CFEngine, Top, Top -@chapter System automation - - -@menu -* Managing diverse and challenging environments seamlessly and invisibly:: -* Managing expectations - a theory of promises:: -* Why automation?:: -* Scaling up:: -* How do you view CFEngine:: -@end menu - -@node Managing diverse and challenging environments seamlessly and invisibly, Managing expectations - a theory of promises, System automation, System automation -@section Managing diverse and challenging environments seamlessly and invisibly - -The future is never far away. -Our dream of a future in which smart computing devices are embedded into -the very fabric of our environment has crept slowly into being. Today, -smart operating systems like Linux and Windows are used on embedded devices -and mobile phones. -Mark Weiser of Xerox PARC once wrote: - -@quotation -@i{"The most profound technologies are those that disappear. They weave -themselves into the fabric of every day life until they are -indistinguishable from it."} -@end quotation - -Today many are talking about Cloud Computing as another manifestation -of this dream, in which computing service is not only everywhere, but -nowhere -- or more correctly, spread out across the planet in -data centers, instead of our offices and homes. This is one aspect of -making computing into something we take for granted. At the -foundations of any such technology are the tools required to implement -mass configuration with surgical precision. CFEngine is such a tool. - -CFEngine was designed to enable scalable configuration management, for -the -whole system life-cycle, in any kind of environment. -Almost every other system for configuration assumes that there will be -a reliable network in place and that changes will be pushed out -top-down from an authoritative node. Those systems are useless in -environments like - -@itemize -@item Mobile systems with partial or unreliable connectivity (e.g. a -submarine). -@item Systems where bandwidths are very low (e.g. a satellite or space -probe). -@item Systems where computing power is very low (e.g. ad hoc sensors -or kitchen appliances). -@end itemize - -CFEngine does not need reliable infrastructure. It works -opportunistically in almost any environment, using few resources. It -has few software dependencies. So, not only does it work in all of the -traditional fixed-plan scenarios, but it is capable of working in -totally ad hoc deployment: an temporary incident room, a submarine -drifting on and off line, a satellite or a robot explorer. - -One could argue `well I don't need that kind of system, because my -network is reliable'. However, your network is not as reliable as you -think, and mobility is an increasingly important topic. Even with a -very strong redundant network, the services that support the network -can be paralyzed by any of a number of failed dependencies or -mishaps. It is crucial in a modern pervasive environment that systems -remain available, fault tolerant and as far as possible independent of -external requirements. This is how to build scalable and reliable -services. - -@cartouche -CFEngine works in all the places you think it should, and all the new -places you haven't even thought of yet. How do we know? Because it -is based on almost 20 years of careful research and experience. -@end cartouche - - -@node Managing expectations - a theory of promises, Why automation?, Managing diverse and challenging environments seamlessly and invisibly, System automation -@section Managing expectations - a theory of promises - -One of the hardest things in management is to make everyone aware of -their roles and tasks, and to be able to rely on others to do the same. -@i{Trust} is an economic time-saver. If you can't trust you have to -verify, -and that is expensive. - -To improve trust we make promises. A promise is the documentation of an -intention to act or behave in some manner. This is what we need to -learn to -trust systems, no matter whether they are machines or humans. - -One CFEngine user once said to me, that the thing that had helped him -the most in deploying CFEngine was its design based around voluntary -cooperation. ``Our main problems were not technical but political -- -getting everyone to agree in all of our departments around the -world''. This was because, for all the technology, it is people who -make the decisions and people need to feel that the system is -empowering rather than disempowering them. - -@cartouche - -CFEngine works on a simple notion of promises. Everything in -CFEngine can be thought of as a promise to be kept by different -resources in the system. - -Combining promises with patterns to describe where and when -promises should apply is what CFEngine is all about. - -@end cartouche - - -@node Why automation?, Scaling up, Managing expectations - a theory of promises, System automation -@section Why automation? - - -Humans are good at making decisions and awful at reliable -implementation. Machines are pitiful at making decisions and very -good at reliable implementation. It makes sense to let each side do -the job that they are good at. - -The main problem in managing systems is a loss of self-discipline. -Discipline -does not imply that order have to be barked from a central command. It -only requires that every part of the system knows its job and carries -is out seamlessly and flawlessly. - -Skilled workers tend to think that it is enough to be smart. In fact -this is wrong: smart people tend to be problem solvers and will -happily solve the same problem many times, wasting time and -effort. Moreover, human intervention is often based on panic and lack -of understanding so every time someone logs onto a system by hand, -they jeopardize everyone's understanding of the system. Only the -self-discipline of stable procedures leads to predictability. - -Ad hoc changes are bad because: -@itemize -@item Others have no idea what happened. -@item There is no record of changes or intentions. -@item A scar is left from the change. -@end itemize - - -People often rile against automation saying that it dehumanizes their -work. In fact the opposite is true: forcing humans to do the work of -machines, in repetitive and reliable ways is what dehumanizes people. -The only way to make progress with a bad habit is to recognize it and -be willing to abandon the habit. - - -@node Scaling up, How do you view CFEngine, Why automation?, System automation -@section Scaling up - -In the past, the only way to scale up system numbers was to make all -systems identical. This is no longer true. - -In the late 1960s journalist and futurist Alvin Toffler sketched a -pretty compelling vision of the western world and its post-industrial -future. His book Future Shock, which appeared in 1970, was really a -reaction to the cold-war fears about a communist industrial state in -which mass production made everything and everyone identical and -indistinguishable. His book was really a rebuttal to all those who -argued that industrialization and mass production implied that -everything had to be exactly the same, and I recommend reading it - it -is very well written and has many lessons for us today. But from his -rather long diatribe, I wrote down a single sentence which for me sums -up the lesson that we have failed to learn: - -@quotation -@i{"As technology becomes more sophisticated, the cost of introducing -variations declines."} -@end quotation - -In other words, any half-decent technology for mass production would -help us to be more sophisticated and multifaceted, not less. -In an age when you can get business cards printed on demand from an -ATM at the airport, and personalized coffee mugs in the blink of an -eye, there is no reason to perpetuate the myth that massive -infrastructure requires monolithic replication, and yet people still -do. Network engineers do, and system administrators do. They even say -that this is essential for scalability. - -The importance of Toffler's message was that the economics of mass -production are not at odds with the economics of adaptation, but 40 -years later, we are still re-learning that lesson. - - -@node How do you view CFEngine, , Scaling up, System automation -@section How do @i{you} view CFEngine? - -CFEngine is a framework. It is not so complex, but it is certainly -extensive. -Often when trying to describe CFEngine, it seems that there is too -much to -tell and it is hard to convey in a simple way what the software can do. -The picture below shows a few ways in which you can think of CFEngine. - -@center @image{boxes,13cm,,CFEngine application areas,png} - -For many users, CFEngine is simply a configuration tool -- -i.e. software for deploying and patching systems according to a -policy. Policy is described using promises -- indeed, every statement -in CFEngine 3 is a promise to be kept at some time or location. More -than this, however, CFEngine is not like most automation tools that -`roll out' an image of some software once and hope for the best. Every -promise that you make in CFEngine is continuously verified and -maintained. It is not a one-off operation, but an encapsulated process -that repairs itself should anything deviate from the policy. - -That clearly places CFEngine in the realm of automation, which often -begs the question: so it's just another scripting language? Certainly -CFEngine contains a powerful scripting language, but it is not like -any other. CFEngine is not a low level language like Perl, Python or -Ruby; it is a language of promises, in which you express very high -level intentions about the system and the inner details figure out the -algorithms needed to implement the result. We'll return to this below. - -For many, CFEngine is a tool for implementing security hardening -procedures on systems, and monitoring them continuously thereafter. -This is certainly a major application area. CFEngine has a reputation -for being reliable and secure. That is because its basic design is -secure: it is not possible to send information about policy to -CFEngine from outside the system. If access has been granted, it is -only possible to send a few simple protocol requests of limited length -to the server. This makes the design safer than most firewalls. -Most servers fail security tests because it is possible to send -data to them. - - -The ability to describe almost any kind of policy for a system means -that we can suggest promises that a system should make and comply -with. Thus CFEngine can also be thought of as a compliance engine. -It is easily used to comply with frameworks like SOX, `EUROSOX' (the -EU 8th Data Directive), ITIL and standards like ISO 17799, ISO 20000, -etc. - -Finally, although CFEngine was not initially conceived for monitoring, -it -contains one of the most flexible and lightweight monitoring engines -around. You can extract data about system configuration, usage, -resources and log data and turn this into readable reports. CFEngine's -ability to discover and extract information about the system, combined -with its reporting means that you can turn the system into a simple -Configuration Management Database. In the Community edition, -monitoring is a zero-touch background process. With CFEngine -commercial extensions, there is almost no limit to the kind of -monitoring promises you can make, and without the embarrassing resource -spikes that many monitoring systems produce. - -Above all, CFEngine is aimed to promote human understanding of complex -processes. Its promises are easily documentable using comments that -the system remembers and reminds us about in error reporting. It hides -irrelevant and transitory details of implementation so that the -@i{intentions} behind the promises are highlighted for all to see. -This means that the knowledge of your organization can be encoded into -the CFEngine language. - -@cartouche -@i{WHY DOES KNOWLEDGE MATTER? There are two reasons: the first is that -technical descriptions are hard to remember. You might understand -your configuration decisions when you are writing them, but a few -months later when something goes wrong, you will probably have forgotten -what you were thinking. That costs you time and effort to diagnose. -The second reason is that organizations are fragile to the loss -of those individuals who code policy. If they leave, often there is -no one left who can understand or fix the system. Only with proper -documentation is it possible to immunize against loss.} -@end cartouche - - - - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node The components of CFEngine, Bodies and bundles, System automation, Top -@chapter The components of CFEngine - -CFEngine comprises a number of components. In this chapter we'll -consider how to -build them and what they are for. - - -@menu -* Installation:: -* Work directory:: -* The players:: -* About the CFEngine architecture:: -* The policy decision flow:: -* Getting started with the Community Edition:: -@end menu - -@node Installation, Work directory, The components of CFEngine, The components of CFEngine -@section Installation - - -To install CFEngine, you will need a few packages. You require: - -@table @r -@item @b{OpenSSL} -Open source Secure Sockets Layer for encryption.@*URL: @url{http://www.openssl.org -} -@item @b{Tokyo Cabinet} (version 1.4.42 or later) -Lightweight flat-file database system.@*URL: @url{http://fallabs.com/tokyocabinet/} -@item @b{PCRE} -Perl Compatible Regular Expression library.@*URL: @url{http://www.pcre.org/} - -@item -On Windows machines, you need to install the basic Cygwin DLL from -@url{http://www.cygwin.com} -in order to build CFEngine Community. -@end table - -Additional functionality (some of which is available only in -commercial extensions) also becomes available if other libraries are -present, e.g. OpenLDAP, client libraries for MySQL and PostgreSQL, -etc. It is possible to run CFEngine without these, but related -functionality will be missing. - -Unless you have purchased ready-to-run binaries, or are using a -package distribution, you will need to compile CFEngine. For this you -will also need a build environment with @code{gcc}, @code{flex}, -and @code{bison}. - -@noindent -The preferred method of installation is then - -@smallexample -tar zxf CFEngine-x.x.x.tar.gz -cd CFEngine-x.x.x -./configure -make -make install -@end smallexample - -@noindent -This results in binaries being installed in @file{/var/cfengine/bin}. - - -@node Work directory, The players, Installation, The components of CFEngine -@section The work directory - -CFEngine keeps a work space directory for its own use. The default -location for this is @file{/var/cfengine} when run as the root user, and -@code{~/.cfagent} for other users. - - -@w{} -@smallexample -/var/cfengine -/var/cfengine/bin -/var/cfengine/inputs -/var/cfengine/outputs -@end smallexample -@c chew end Work directory - -A trusted cache of the input files must now be maintained in the -@file{inputs} subdirectory. When CFEngine is invoked by the scheduler, -it expects to read only from this directory. It is up to the user to -keep this cache updated, on each host (this is arranged by the default -configuration files). - -Unlike CFEngine 2, CFEngine 3 does not recognize the -@code{CF-INPUTS} environment variable. - -The @file{outputs} directory is now a record of spooled run-reports. -These -are often mailed to the administrator by @code{cf-execd}, or can be -copied -to another central location and viewed in an alternative browser. - - - -@node The players, About the CFEngine architecture, Work directory, The components of CFEngine -@section The players - -A CFEngine system is something like an orchestra. -It is composed of any number of computers (players), each of which has -its -own copy of the music and knows what to play. It might or might not have -a conductor to help coordinate the individual parts -- that's up to you. - -CFEngine's software agents run on each individual computer but can -communicate if they need to, as depicted the figure below. This means -you don't have to arrange risky login credentials to run your network --- and if something goes wrong with the communications network, -CFEngine is where it needs to be to repair or protect the system -during the outage. - -@image{components,10cm,,CFEngine components,png} - -If the network is not working, CFEngine just skips these parts and -continues -with what it can do. It is fault tolerant and opportunistic. - -@table @emph - -@item cf-promises -The promise verifier and compiler. This is used to pre-check a set of -configuration promises before attempting to execute. - -@item cf-agent - -This is the instigator of change. The agent is the part of CFEngine -that manipulates -system resources. - -@item cf-serverd - -The server is able to share files and receive requests to execute -existing policy on an individual machine. It is not possible to send -(push) new information to CFEngine from outside. - -@item cf-execd - -This is a scheduling daemon (which can either supplement or replace -@code{cron}). It also works as a wrapper, executing and collecting the -output of @code{cf-agent} and E-mailing it if necessary to a system -account. - -@item cf-runagent - -This is a helper program that can talk to @code{cf-serverd} and -request that it execute @code{cf-agent} with its existing policy. It -can thus be used to simulate a push of changes to CFEngine hosts, if -their policy includes that they check for updates. - -@item cf-report - -This generates summary and other reports in a variety of formats for -export or integration with other systems. - -@item cf-know - -This agent can generate an ISO standard Topic Map from a number of -promises about system knowledge. It is used for rendering documentation -as a `semantic web'. - -@end table - - - - - - -@node About the CFEngine architecture, The policy decision flow, The players, The components of CFEngine -@section About the CFEngine architecture - -This section explains how CFEngine will operate autonomously in a -network, under your guidance. If your site is large (thousands of -servers) you should spend some time discussing with CFEngine experts -how to tune this description to your environment as @emph{scale} -requires you to have more infrastructure, and a potentially more -complicated configuration. The essence of any CFEngine deployment -is the same. - - - -There are four commonly cited phases in managing systems, summarized -as follows: - -@itemize -@item Build -@item Deploy -@item Manage -@item Audit -@end itemize - -These separate phases originate with a model of system management -based on transactional changes. CFEngine's conception of management -is somewhat different, as transaction processing is not a good model for -system management, but we can use this template to see how -CFEngine works differently. - -@table @emph -@item Build -A system is based on a number of decisions and resources that need to -be `built' before they can be implemented. Building the trusted -foundations of a system is the key to guiding its development. You -don't need to decide every detail, just enough to build trust and -predictability into your system. - -In CFEngine, what you build is a template of proposed promises for the -machines in an organization such that, if the machines all make and -keep these promises, the system will function seamlessly as -planned. This is how it works in a human organization, and this is how -is works for computers too. - -@item Deploy -Deploying really means implementing the policy that was already -decided. In transaction systems, one tries to push out changes one by -one, hence `deploying' the decision. In CFEngine you simply publish -your policy (in CFEngine parlance these are `promise proposals') and -the machines see the new proposals and can adjust accordingly. Each -machine runs an agent that is capable of implementing policies and -maintaining them over time without further assistance. - -@item Manage -Once a decision is made, unplanned events will occur. Such -incidents traditionally set off alarms and humans rush to make new -transactions -to repair them. In CFEngine, the autonomous agent manages the system, -and you only have to deal with rare events that cannot be dealt with -automatically. - -@item Audit -In traditional configuration systems, the outcome is far from clear -after a one-shot transaction, so one audits the system -to determine to discover what actually happened. In CFEngine, changes -are not just initiated once, but locally audited and maintained. -Decision outcomes are assured by design in CFEngine and maintained -automatically, so the main worry is managing conflicting -intentions. Users can sit back and examine regular reports of -compliance generated by the agents, without having to arrange -for new `roll out' transactions. - -@end table - -@cartouche -@emph{ROLL-OUT and ROLL-BACK? You should not think of CFEngine as a -roll-out system, i.e. one that attempts to force out absolute changes -and perhaps reverse them in case of error. Roll-out and roll-back are -theoretically flawed concepts that only sometimes work in practice. -With CFEngine, you publish a sequences of policy revisions, always -moving forward (because like it or not, time only goes in one -direction). All of the desired-state changes are managed locally by -each individual computer, and continuously repaired to ensure on-going -compliance with policy. } -@end cartouche - -@node The policy decision flow, Getting started with the Community Edition, About the CFEngine architecture, The components of CFEngine -@section The policy decision flow - -CFEngine does not make absolute choices for you, like other -tools. Almost everything about its behaviour is matter of policy and -can be changed. However, a structure for use, like the following, is -recommended (see the following figure). - -In order to keep operations as simple as possible, CFEngine maintains -a private working directory on each machine referred to in -documentation as WORKDIR and in policy by the variable -@code{$(sys.workdir)}. By default, this is located at -@file{/var/cfengine} or @file{C:\var\CFEngine}. It contains everything -CFEngine needs to run. - -The figure below shows how decisions flow through the parts of a system. - -@image{arch,15cm,,The CFEngine architecture,png} - - -@itemize -@item -It makes sense to have a single point of coordination. Decisions are -therefore usually made in a single location (the Policy Definition -Point). The history of decisions and changes can be tracked by a -version control system of your choice (e.g. Subversion, CVS, etc.). - -@item -Decisions are made by editing CFEngine's policy file -@file{promises.cf} (or one of its included sub-files). This process is -carried out off-line. - -@item -Once decisions have been formalized and coded, this new policy is -copied @emph{manually} (a human decision) to a @emph{decision -distribution point}, which by default is located in the directory -@file{/var/cfengine/masterfiles} on all policy distribution servers. - -In this introduction, we shall assume that there is only one central -policy distribution server, a specially-appointed server which is -referred to simple as the @code{policy server}. - - -@item -Every client machine contacts the policy server and downloads these -updates. The policy server can be replicated if the number of clients -is very large, but we shall assume here that there is only one policy -server. -@end itemize - -Once a client machine has a copy of the policy, it extracts only those -promise proposals that are relevant to it, and implements any changes -without human assistance. This is how CFEngine manages change. - -@cartouche - -@emph{WHY DO THIS? CFEngine tries to minimize dependencies by decoupling -processes. By following this pull-based architecture, CFEngine will -tolerate network outages and will recover from deployment errors -easily. By placing the burden of responsibility for decision at the -top, and for implementation at the bottom, we avoid needless fragility -and keep two independent quality assurance processes apart.} - -@end cartouche - - -@node Getting started with the Community Edition, , The policy decision flow, The components of CFEngine -@section Getting started with the Community Edition - -The quickest way to get started with CFEngine is to download and install binary packages, available from @url{http://cfengine.com/inside/myspace}. Installing and bootstrapping these is a trivial operation, putting you two steps away from testing your first CFEngine policies. - -@cartouche -Note: There is a bug in Community 3.3.0 where the default policy files are not copied to @code{/var/cfengine/masterfiles} upon bootstrap. Workaround consists in manually copying these files before bootstrapping: -@verbatim -cp /var/cfengine/share/CoreBase/*.cf /var/cfengine/masterfiles/ -@end verbatim -This will be corrected in a bugfix release coming soon. -@end cartouche - -This procedure applies to all hosts, but you should bootstrap the hub (policy server) first. Find the hostname or IP address of the hub, here we assume the address is '123.456.789.123' (do not bootstrap with a localhost address). -@verbatim - - host# /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 - -@end verbatim - -CFEngine will output diagnostic information upon bootstrap (written to command line and syslog; cf-agent will also return a value: ERROR: 1, SUCCESS: 0). Error messages will be displayed if bootstrapping failed, pursue these to get and indication of what went wrong and correct accordingly. If all is well you should see the following in the output: - -@verbatim - --> Bootstrap to 123.456.789.123 completed successfully - -@end verbatim - -As an alternative to installing binary packages, the following steps outline the procedure when you have built from source (available from @url{http://cfengine.com/source_code}). You will then need to copy the distributed policy files that were installed in -@file{/var/cfengine/share/CoreBase/} to a policy distribution point, like -this: - -@enumerate -@item Decide on your policy server. - -@item Become root or Administrator on that server. - -@item Create the policy source directory and populate the cache: -@smallexample - host# /var/cfengine/bin/cf-key - host# cp /var/cfengine/share/CoreBase/*.cf /var/cfengine/masterfiles/ - host# /var/cfengine/bin/cf-agent --bootstrap 123.456.789.123 -@end smallexample -@end enumerate - -@sp 1 -CFEngine should be up and running on your system after the bootstrap. It will copy its default policy files into @file{/var/cfengine/masterfiles} on the hub (policy server) provided that the directory is empty (fresh install). This directory is the definition point for your policy, meaning that clients will contact the hub and copy these files to their @file{/var/cfengine/inputs} directory. Note that the policy hub also works as a client against itself, so it too will copy from @file{/var/cfengine/masterfiles} to @file{/var/cfengine/inputs}. You should browse the files in @file{/var/cfengine/masterfiles} to see what they contain, and perhaps make some alterations to adapt to your environment. - -To see which CFEngine processes are running: - -@smallexample - -host# ps waux | grep cf- - -@end smallexample - -Note: If you have manually configured a different location for the -CFEngine work directory, -you will need to adapt these lines above to replace @file{/var/ -CFEngine} with the path -you have configured; e.g. Debian based packages feel that @file{/var/ -lib/CFEngine} -is the right location for this. - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node Bodies and bundles, First promises, The components of CFEngine, Top -@chapter Bodies and bundles - -To emphasize the fact that CFEngine is not an imperative programming -language, and to keep closely to the nomenclature of Promise Theory, -CFEngine uses two concepts throughout: bundles and bodies. - - -@menu -* Bodies:: -* Bundles:: -* A simple syntax pattern:: -@end menu - -@node Bodies, Bundles, Bodies and bundles, Bodies and bundles -@section Bodies - -Promises are the fundamental statements in CFEngine. Promises are the policy atoms. -If there is no promise, nothing happens. - -However, promises can become quite complicated and readability becomes -an issue, so it is useful to have a way of breaking them down into independent -components. The structure of a promise is this: - -@table @i -@item Promiser -This is the object that formally makes the promise. It is always the @i{affected object}, -since objects can only make promises about their own state or behavior in CFEngine. - -@item Promisee (optional) -This is a possible stakeholder, someone who is interested in the outcome of the -promise. It is used as documentation, and it is used for reasoning in the commercial -CFEngine product. - -@item Promise body -Everything else about a promise is defined in the body of the promise. -We use this word in the sense of `body of a contract' or the `body of a document' -(like @code{}) tags in HTML, for example. - -A promise body is a list of declarations of the following form: - -@verbatim -CFEngine_attribute_type => user_defined_value or template -@end verbatim - -@end table - -@menu -* Body parts:: -* Control bodies:: -@end menu - -@node Body parts, Control bodies, Bodies, Bodies -@subsection Body parts - -The CFEngine reserved word @code{body} is used to define -@i{parameterized templates} for bodies to hide the details of complex -promise specifications. For complex body lists, you must fill in a -body declaration as an `attachment' to the promise, e.g. - -@verbatim -files: - - "/tmp/promiser" # Promiser - - perms => myexample; # The body is just one line, - # but needs an attachment - -@end verbatim -The attachment is declared like this, with a `type' that matches the left -hand side of the declaration in the promise: -@verbatim -body perms myexample -{ -mode => "644"; -owners => { "mark", "sarah", "angel" }; -groups => { "users", "sysadmins", "mythical_beasts" }; -} -@end verbatim -The structure is this: - -@sp 1 -@cartouche -@smallexample - - @var{promiser} - - @b{LVALUE} => @var{RVALUE} - -.. - -body @b{LVALUE} @var{RVALUE} -@{ -@b{LVALUE} => @var{RVALUE}; -@b{LVALUE} => @var{RVALUE}; -@} -@end smallexample -@end cartouche -@sp 1 - -Another way of looking at it is this: - -@sp 1 -@cartouche -@smallexample - - @var{promiser} - - @b{CFEngine_word} => @var{user_defined_value} - -.. - - body @b{CFEngine_word} @var{user_defined_value} - @{ - @b{CFEngine_word} => @var{user_defined_value}; - @b{CFEngine_word} => @var{user_defined_value}; - ... - @} - -@end smallexample -@end cartouche -@sp 1 - -Body attachments are required items. You cannot choose to put the -attachments in-line. This is a lesson that was learned from CFEngine -2. Readability is quickly lost if too many details are placed in-line. - -@center @image{body_bundle,10cm} - -@node Control bodies, , Body parts, Bodies -@subsection Control bodies - -Some promises in CFEngine are implicit. They are hard-coded into the program. -For example, the fact that CFEngine looks for a number of files to read and -will execute them in a sequence is hard coded. You cannot change this. -However, you can change the behavior of such promises by setting control -parameters. These are formally parts of the `promise body' for these hard-coded -promises, so we use the body structure to set them. Each agent has a special -body whose name is @code{control}; e.g. - -@verbatim -body agent control -{ -bundlesequence => { "test" }; -} -@end verbatim - - -@node Bundles, A simple syntax pattern, Bodies, Bodies and bundles -@section Bundles - -A bundle is a simple concept. A bundle is merely a collection of promises -in a `sub-routine-like' container. The purpose of bundles is to allow -you greater flexibility to break down the contents of your policies and -give them names. Bundles also allow you to re-use promise code by -parameterizing it. - -Like bodies, bundles also have `types'. Bundles belong to the agent that -is used to keep the promises in the bundle. So @code{cf-agent} has bundles -declared as - -@verbatim -bundle agent my_name -{ -} -@end verbatim - -@noindent The @code{cf-serverd} program has bundles declared as: -@verbatim -bundle server my_name -{ -} -@end verbatim -@noindent and so on. - - - -@menu -* Bundle scope:: -@end menu - -@node Bundle scope, , Bundles, Bundles -@subsection Bundle scope - -Variables and classes defined inside bundles are not directly visible outside. -All variables in CFEngine are globally accessible, however if you refer to a variable -by @samp{$(unqualified)}, then it is assumed to belong to the current bundle. To -access any other (scalar) variable, you must qualify the name using the name of -the bundle in which it is defined: -@samp{$(bundle_name.qualified)}. - -Some promise types, like @code{var}, @code{classes} may be made -by any agent. These are called @code{common} promises. Bundles of type @code{common} -are special. They may contain common promises. -Classes defined in common bundles have global scope. - -@node A simple syntax pattern, , Bundles, Bodies and bundles -@section A simple syntax pattern - -The syntax of CFEngine follows a simple pattern in all cases. Once you have learned this pattern, -it will make sense anywhere in the program. The figure below illustrates -this pattern. Some words are reserved by CFEngine, and are used as types or categories -for talking about promises. Other words (in blue) are to be defined by you. -Look at the examples and try to identify these patterns yourself. - -@image{cfengineword,14cm} - - -@c ***************************************************** -@c * CHAPTER -@c ***************************************************** - -@node First promises, A simple crash course in concepts, Bodies and bundles, Top -@chapter How to execute and test a CFEngine policy - - -You do not need root privilege to use CFEngine. Most experiments can -be safely tested as an ordinary user. You should spend some time -experimenting with small examples before setting out to configure a -system. To do that you should log onto your system as a regular -unprivileged user and set up: - -@smallexample -host$ /var/cfengine/bin/cf-key -host$ cp /var/cfengine/bin/cf-* ~/.cfagent/bin -@end smallexample - -@noindent CFEngine wants to see copies of its binaries in its -work directory. For a regular user this lies in @file{~/.cfagent} -rather than @file{/var/cfengine}. You should now be ready to go. - -@c ........................................................................ - -@menu -* Hello world:: -* Checking a file:: -* Changing a password:: -* The update bundle - provisioning:: -* Reporting:: -* cf-execd:: -@end menu - -@node Hello world, Checking a file, First promises, First promises -@section Hello world - -Here is the simplest `Hello world' program in CFEngine 3: - -@verbatim - -# Every policy must have a bundlesequence - -body common control -{ -bundlesequence => { "test" }; -} - -# - -bundle agent test -{ -reports: # This is a promise type - - cfengine_3:: # This is a class context (the promise will only - # be kept on a CFEngine_3 system) - - "Hello world"; # This is a simple promise (it generates a report - # that says "Hello world") -} - -@end verbatim - -@noindent Type this in to a file, e.g. @samp{emacs ~/test.cf}. Then -check -the syntax like this -@smallexample -/var/cfengine/bin/cf-promises -f ~/test.cf -@end smallexample -If all is well there should be no output. -Now execute as follows: -@smallexample -/var/cfengine/bin/cf-agent -f ~/test.cf -@end smallexample -You should see this: -@smallexample -R: Hello world -@end smallexample -The @samp{R:} tells you this is the output from a report (as opposed -to a log @samp{L:}, or the quoted output of some embedded program -@samp{Q:}). - - -@noindent This is not a typical CFEngine program, primarily because -CFEngine is not -normally meant to print messages except in exceptional circumstances. -As a starter -however, it is reassuring to see some output. - -If you repeat the command immediately nothing will happen. But if you -wait -a minute, it will work again. Run the command in verbose mode (use the -@code{-v} or the @code{--verbose} switch) to see why: - -@smallexample -/var/cfengine/bin/cf-agent --verbose -f ~/test.cf -@end smallexample -Now you will see: -@smallexample -cf3> ========================================================= -cf3> reports in bundle hello (1) -cf3> ========================================================= -cf3> -cf3> XX Nothing promised here [lock.hello.reports..Hello_worl] (0/1 -minutes elapsed) -cf3> -@end smallexample -This tells you that CFEngine believes it is too soon to try to keep -this promise -again. The time it sets on this is determined by the @code{ifelapsed} -parameter, which -can be set individually for every promise. You can also ask CFEngine -to ignore these -locks using the @samp{-K} option. - -Before the `Hello world' string, you see the class expression -@samp{cfengine_3::}. This is how CFEngine makes decisions. The -promise to print the message will only apply if this condition is -true. To see that this class is true for the execution, look at the -verbose output from the command you just typed. You will see something -like this: - -@smallexample -Defined Classes = ( any verbose_mode Tuesday Hr08 Morning Min48 -Min45_50 Q4 Hr08_Q4 Day7 July Yr2009 Lcycle_2 GMT_Hr6 linux atlas -undefined_domain 64_bit linux_2_6_27_23_0_1_default x86_64 -linux_x86_64 linux_x86_64_2_6_27_23_0_1_default -linux_x86_64_2_6_27_23_0_1_default__1_SMP_2009_05_26_17_02_05__0400 -compiled_on_linux_gnu localhost_localdomain localhost net_iface_lo -net_iface_wlan0 ipv4_192_168_1_100 ipv4_192_168_1 ipv4_192_168 -ipv4_192 fe80__21c_bfff_fe6e_70ef CFEngine_3_0_2b4 CFEngine_3_0 -@b{CFEngine_3} SuSE lsb_compliant suse suse_n/a suse_11_1 suse_11 -agent ) -@end smallexample -i.e. a list of all the currently defined classes. Any one of these -classes -(or a combination) could have been used to label the promise. -That is the way CFEngine points to which promises will be kept in which -scenarios. - -A final thing to note: if you try to process this using the -@samp{cf-promises -r} command, you will see something like this: - -@smallexample -atlas$ ~/LapTop/CFEngine3/trunk/src/cf-promises -r -f ~/test.cf -Summarizing promises as text to ~/test.cf.txt -Summarizing promises as html to ~/test.cf.html -@end smallexample - -@noindent The @samp{-r} option produces a report. Examine the files -produced: - -@smallexample -cat ~/test.cf.txt -firefox ~/test.cf.html -@end smallexample - -You will see a summary of how CFEngine interprets the files, either in -HTML or text. All the CFEngine components will produce debugging file -with an expanded view when using this option -(e.g. for the configuration file named @file{promise_output_agent.h}, -they will create the files @file{promise_output_agent.html} and -@file{promise_output_agent.txt}). - - - - -@c --------------------------------------------------------------------------- -@node Checking a file, Changing a password, Hello world, First promises -@section Checking a file - -Type in the following example: - -@verbatim - -body common control -{ -bundlesequence => { "test" }; -inputs => { "cfengine_stdlib.cf" }; -} - -bundle agent test -{ -files: - -# This is a throw-away comment, below is a full-bodied promise - -"/tmp/testfile" # promiser - - comment => "This is for keeps...", # Live comment - create => "true", # Constraint 1 - perms => m("612"); # Constraint 2, rw---x-w- - -} - -@end verbatim - -In the CFEngine Community Open Promise-Body Library (CFEngine_stdlib.cf) is a library of -definitions that can be obtained from the CFEngine website. It should be -included in the @file{inputs} directory and input as above. -Within that file, the template @samp{m} is defined: -@verbatim -# This is a trivial body template, which makes parameterizing -# the promise body tidier and re-usable - -body perms m(x) -{ -mode => "$(x)"; -} - -@end verbatim -This example shows how additional attributes are added to the body of -the promise. The right hand side of the @code{perms} declaration is a -template which we have called @samp{m()}, which uses a parameter. The -template is defined below the bundle of promises that uses it, showing -how we can create re-usable sets of parameters. In this case, the -example is trivial, but we have barely begun. When things get more -sophisticated, we shall hide a huge amount of detail in these -parameters, thus keeping the main promise uncluttered and its -intention clear. - -@cartouche - -In every `promise constraint' of the form @samp{left-hand-side => -right-hand-side}, the left hand side is a CFEngine reserved word, and -the right hand side is a decision you make, possibly expressed in -terms of standard templates. - -@end cartouche - -Now execute @code{cf-agent} with this promise: -@smallexample -@b{host$} /var/cfengine/bin/cf-agent -f /tmp/test.cf -I --> Object /tmp/testfile had permission 600, changed it to 612 - -@b{host$} ls -l /tmp/testfile --rw---x-w- 1 mark users 33 2009-06-30 06:06 /tmp/testfile -@end smallexample -The @samp{-I} flag tells CFEngine to `inform' us about changes only. -This provides a digestible amount of output that is more than the -default (which is to only report un-fixable problems or explicit -reports). We see that CFEngine creates the file as ordered, and sets -the permissions appropriately. Now try to change the permissions: -@smallexample -@b{host$} chmod 400 /tmp/testfile - -@b{host$} ls -l /tmp/testfile --r-------- 1 mark users 33 2009-06-30 06:06 /tmp/testfile - -@b{host$} /var/cfengine/bin/cf-agent -f /tmp/test.cf -I --> Object /tmp/testfile had permission 400, changed it to 612 - -@b{host$} ls -l /tmp/testfile --rw---x-w- 1 mark users 33 2009-06-30 06:06 /tmp/testfile -@end smallexample -Once again, remember the comment about locking and @code{ifelapsed} -from the previous example. - - -Notice that this promise does not have a class expression like -@code{cfengine_3::}. -The default class @code{any::} applies if nothing is stated, which means -`anytime, anyplace, anywhere'. - - - -@c --------------------------------------------------------------------------- -@node Changing a password, The update bundle - provisioning, Checking a file, First promises -@section Changing a password - -To change root password of a system, we need to edit a file. A file is -a complex object -- once open there is a new world of possible -promises to make about its contents. CFEngine has bundles of promises -that are specially for editing. Make a copy of a shadow file and copy -it to @file{/tmp} so that you can play with it. -@verbatim - -body common control -{ -bundlesequence => { "test" }; -inputs => { "cfengine_stdlib.cf" }; -} - -bundle agent test -{ -files: - -"/tmp/shadow" - comment => "Set the root password", - edit_line => set_user_field("root",2,"xyajd673j.ajhfu"); - -} -@end verbatim -This is all we need to see on first inspection to understand the -promise that is being -made. - - - -@node The update bundle - provisioning, Reporting, Changing a password, First promises -@section The update bundle - provisioning - -The default CFEngine configuration contains a bundle of promises that -copies the CFEngine binaries into the cache directory and copies -the policy files from the server into the default location. This example -is for local copying from file to file on the filesystem. Later, when we -set up a server component, you will be able to copy from a remote host. -This is a simple example of system provisioning, with automated update. - -@verbatim - -bundle agent update -{ -vars: - -# A standard location for the source point -"master_location" string => "/var/cfengine/masterfiles"; - -files: - -"/var/cfengine/inputs" - - comment => "Update the policy files from the master", - perms => u_m("600"), - copy_from => u_cp("$(master_location)","localhost"), - depth_search => u_recurse("inf"); -} - -@end verbatim -These promises contain several attributes in their bodies that we have -not seen yet. The @code{copy_from} attribute tells CFEngine how to -source -(copy) a file from a master location. The @code{depth_search} tells it -to search recursively through the sub-directories and their files. - -Try changing the source files and executing the agent. - -Again there are library reusable templates: -@verbatim - -body perms u_m(p) -{ -mode => "$(p)"; -} - -# - -body copy_from u_cp(from,server) -{ -servers => { "$(server)", "failover.example.org" }; -source => "$(from)"; -compare => "digest"; -} - -# - -body depth_search u_recurse(d) -{ -depth => "$(d)"; -exclude_dirs => { "\.X11", ".*kde.*", "logs", "log" }; -} - -@end verbatim - -@noindent Here is an exercise: try using the reference manual to look up -the elements in this example. See if you can understand all the parts. - - -@node Reporting, cf-execd, The update bundle - provisioning, First promises -@section Reporting - -CFEngine contains a report generator called @file{cf-report}. It is -configured -using control parameters described in the next chapter. Try: - -@verbatim -host$ /var/cfengine/bin/cf-report -host$ ls ~/.cfagent/reports -host$ mywebbrowser ~/.cfagent/reports/performance.html -@end verbatim - -Most of these reports will be blank at the start, until you have run -CFEngine -on some significant promises. - -@node cf-execd, , Reporting, First promises -@section @code{cf-execd} - -CFEngine contains a service for running the agent with its default -configuration in @file{WORKDIR/inputs/promises.cf} called the -exec-daemon. If you execute the binary directly it will go into the -background and execute @file{cf-agent} every five minutes by default, -with its default policy. - -You can try running it in the foreground: - -@verbatim -host$ /var/cfengine/bin/cf-execd -F -@end verbatim - -When you run CFEngine like this, any output that comes from CFEngine -is collected -and placed in @file{WORKDIR/outputs}. If you have configured an email -address and -your host is running an SMTP service, then it will be sent as email. -To configure -this you would add a control body to the @file{promises.cf} file - -@verbatim -body executor control - -{ -splaytime => "1"; -mailto => "cfengine_mail@example.org"; -smtpserver => "localhost"; -mailmaxlines => "30"; -} - -@end verbatim -These other lines change different aspects of the hard-wired behavior -of the -executor, e.g. a load-balancing time delay before execution of the -agent, a mail address, -the name or IP address of an SMTP (mail) service, and the maximum -number of lines -of output to be included in any email sent. - -You should start to see a pattern in the way CFEngine is configured. -In the next -chapter, we'll look at these general matters. - - - - -@c -------------------------------------------------------------------------- -@node A simple crash course in concepts, Using CFEngine as a front-end for cron, First promises, Top -@chapter A simple crash course in concepts - - -@menu -* Rules are promises:: -* Control promises:: -* Variables:: -* Decisions:: -* Loops:: -* The main promise types:: -@end menu - -@node Rules are promises, Control promises, A simple crash course in concepts, A simple crash course in concepts -@section Rules are promises - -Everything in CFEngine 3 can be interpreted as a promise. Promises can -be made about all kinds of different subjects, from file attributes, -to the execution of commands, to access control decisions and -knowledge relationships. - -This simple but powerful idea allows a very practical uniformity in -CFEngine syntax. There is only one grammatical form for statements in -the language that you need to know and it looks generically like this: - -@smallexample - -type: - -classes:: - - "promiser" -> @{ "promisee1", "promisee2", ... @} - - attribute_1 => value_1, - attribute_2 => value_2, - ... - attribute_n => value_n; - -@end smallexample - -@noindent -We speak of a promiser (the abstract object making the promise), the -promisee is the abstract object to whom the promise is made, and then -there is a list of associations that we call the `body' of the -promise, which together with the promiser-type tells us what it is all -about. - -@cartouche -The promiser is always the object -affected by the promise. -@end cartouche - -Not all of these elements are necessary every time. Some promises -contain a lot of implicit behavior. In other cases we might want to -be much more explicit. For example, the simplest reports promise -looks like this: - -@smallexample - -reports: - -"hello world"; - -@end smallexample - -And the simplest commands promise looks like this - -@smallexample - -commands: - -"/bin/echo hello world"; - -@end smallexample - -@noindent -This promise has default attributes for everything except the -`promiser', i.e. the -command string that promises to execute. -A more complex promise contains many attributes: - -@smallexample - -# Promise type -files: - -# promiser -> promisee (no curly braces needed if only one) -"/home/mark/tmp/test_plain" -> "system blue team", - - # attribute => value - comment => "This comment follows the rule for knowledge integration", - perms => owner("@@(usernames)"), - create => "true"; - -@end smallexample -The list of promisees is not used by CFEngine except for -documentation, just -as the comment attribute (which can be added to any promise) has no -actual function -other than to provide more information to the user in error tracing -and auditing. - -You see several kinds of object in this example. All literal strings -(e.g. @code{"true"}) in CFEngine 3 must be quoted. This provides -absolute consistency and makes type-checking easy and error-correction -powerful. All function-like objects (e.g. @code{users("..")}) are -either built-in -special functions or parameterized templates which contain the `meat' -of the right hand -side. - - -@node Control promises, Variables, Rules are promises, A simple crash course in concepts -@section Control promises - -Certain promises that CFEngine components make are hard-wired into their -code. For example, the promise to email output to an appropriate -address, or the promise to wait until a certain time has elapsed before -checking a promise again (@code{ifelapsed}). Although these promises are -hard-wired, their behavior can be changed. In CFEngine, behavior is -always -constrained by the promise body. Thus hard-wired behavior is altered by -changing the control body for each. You can find these alterable -parameters -in the reference manual. - -The most important bundle is the @code{common} bundle, that is read by -all components of CFEngine. It contains the list of promise bundles -that should be read in and examined for promise suggestions. From the -@file{promises.cf} file: - -@verbatim - -body common control -{ -bundlesequence => { - "update", - "garbage_collection", - "main", - "cfengine" - }; - -inputs => { - "update.cf", - "site.cf", - "library.cf" - }; -} - -####################################################### - -body agent control -{ -# if default runtime is 5 mins we need this for long jobs -ifelapsed => "15"; -} - -####################################################### - -body monitor control -{ -forgetrate => "0.7"; -histograms => "true"; -} - -####################################################### - -body executor control - -{ -splaytime => "1"; -mailto => "cfengine_mail@example.org"; -smtpserver => "localhost"; -mailmaxlines => "30"; -} - -####################################################### - -body runagent control -{ -hosts => { - "127.0.0.1" - # , "myhost.example.com:5308", ... - }; - -} - -####################################################### - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1" }; -allowallconnects => { "127.0.0.1" , "::1" }; -trustkeysfrom => { "127.0.0.1" , "::1" }; - -# Make updates and runs happen in one - -cfruncommand => "$(sys.workdir)/bin/cf-agent -f failsafe.cf && -$(sys.workdir)/bin/cf-agent"; -allowusers => { "root" }; -} - -@end verbatim - - -@node Variables, Decisions, Control promises, A simple crash course in concepts -@section Variables - -Variables (or "variable definitions") are also promises -- the promise to -represent their values. We can write these in -any promise bundle. CFEngine recognizes two object types: scalars and -lists (lists contain 0 or more objects), as well as -three data-types (string, integer and real). Typing in CFEngine is -dynamic, as in -Perl and other scripting languages. Thus variables of any data-type -may be used as strings. - - -@menu -* Scalar variable expansion:: -* List variables:: -* List variable substitution and expansion:: -@end menu - -@node Scalar variable expansion, List variables, Variables, Variables -@subsection Scalar variables - -Scalar variables hold a single value. The are declared as follows: - -@smallexample -bundle @i{} name -@{ -vars: - -"my_scalar" string => "String contents..."; - "my_int" int => "1234"; - "my_real" real => "567.89"; - -@} - -@end smallexample - -The @samp{@i{}} indicates that any kind of bundle applies here. -Scalar variables are referenced by @samp{$(name)} (or -@samp{$@{name@}}) and they represent -a single value at a time. - -@itemize -@item Scalars that are written without a context, e.g. @samp{$(myvar)} -are local to the current bundle. - -@item Scalars are globally available everywhere provided one -uses the context to verify them e.g. @samp{$(context.myvar)} -may be written to access the variable `myvar' in bundle `context'. -@end itemize - -@c ----------------------------------------------------------------------- -@node List variables, List variable substitution and expansion, Scalar variable expansion, Variables -@subsection List variables - -List variables hold several values. The are declared as follows: - -@smallexample -bundle @i{} name -@{ -vars: - - "my_slist" slist => @{ "list", "of", "strings" @}; - "my_ilist" ilist => @{ "1234", "5678" @}; - "my_rlist" rlist => @{ "567.89" @}; - -@} - -@end smallexample -An entire list is referred to with the at symbol @samp{@@}, but it does -not usually make sense to use this reference in a string. For instance -@smallexample - -reports: - - cfengine_3:: - - "My list is @@(my_slist)"; - -@end smallexample -@noindent means nothing and cannot be expanded (it does not generate an -error, but instead inserts the text @@(my_slist) into the string); but if -we use the scalar reference to a list variable, CFEngine will iterate over -the values in -the list essentially making this into a list of promises. - -@noindent To summarize: -@itemize - -@item Scalar references to @i{local} list variables imply iteration, -e.g. -suppose we have local list variable @samp{@@(list)}, then the -scalar @samp{$(list)} implies an iteration over every value of the -list. - - -@item Lists can be passed in their entirety in any context -where a list is expected as @samp{@@(list)}., e.g. - -@verbatim - -vars: - -"longlist" slist => { @(shortlist), "plus", "plus" }; - -"shortlist" slist => { "you", "me" }; - -@end verbatim - -The declaration order does not matter -- CFEngine will execute the promise -to assign the variable @samp{@@(shortlist)} before the promise to assign the -variable @samp{@@(longlist)}. - -@item Only local lists can be expanded directly. Thus @samp{$(list)} -can be expanded but not @samp{$(context.list)}. Global -list references have to be mapped into a local context if you want to -use them for iteration. See the reference manual for more information. - -@end itemize - -@c ----------------------------------------------------------------------- -@node List variable substitution and expansion, , List variables, Variables -@subsection Associative arrays - -Associative array variables also hold several values. The are declared -as follows: - -@smallexample -bundle @i{} name -@{ -vars: - - "switches[mellow]" int => "1"; - "switches[relaxed]" int => "1"; - "off_keys" slist => @{ "red", "grouchy", "coarse", "febrile" @}; - "switches[$(off_keys)]" int => "0"; - -@} - -@end smallexample - -See the reference manual for information on the @samp{getindices} function -and other details of associative arrays. - -@node Decisions, Loops, Variables, A simple crash course in concepts -@section Decisions - -CFEngine decisions are made behind the scenes and the results of -certain true/false propositions are cached in Booleans referred to as -`classes'. There are no if-then-else statements in CFEngine; all -decisions are made with classes. - -CFEngine runs on every computer individually and each time it wakes up -the underlying generic agent platform discovers and classifies -properties of the environment or context in which it runs. This -information -is effectively cached and may be used to make decisions about -configuration. - -Classes fall into hard (discovered) and soft (user-defined) types. A -single hard class can be one of several things: - -@itemize @bullet - -@item The name of an operating system architecture e.g. -@code{ultrix}, @code{sun4}, etc. - -@item The unqualified name of a particular host. If your system -returns a fully -qualified domain name for your host, CFEngine truncates it at the -first dot. Note: @code{www.sales.company.com} and -@code{www.research.company.com} have the same unqualified name -- @code{www}. - -@item The name of a user-defined group of hosts. - -@item A day of the week (in the form @code{Monday, Tuesday, -Wednesday, ..}). - -@item An hour of the day, current time zone (in the form @code{Hr00, -Hr01 ... Hr23}). - -@item An hour of the day GMT (in the form @code{GMT_Hr00, GMT_Hr01 ... -GMT_Hr23}). -This is consistent the world over, in case you need virtual -simultaneity of change -coordination. - -@item Minutes in the hour (in the form @code{Min00, Min17 ... Min45}). - -@item A five minute interval in the hour (in the form @code{Min00_05, -Min05_10 ... Min55_00}) - -@item The quarter-hour (in the form @code{Q1, Q2, Q3, Q4}). - -@item A day of the month (in the form @code{Day1, Day2, ... Day31}). - -@item A month (in the form @code{January, February, ... December}). - -@item A year (in the form @code{Yr1997, Yr2004}). - -@item A shift in @code{Night,Morning,Afternoon,Evening}, which fall -into six hour blocks -starting at 00:00 hours. - -@item A `lifecycle index', which is the year number modulo 3 (used in -long term resource memory). - -@item An arbitrary user-defined string. - -@item The IP address octets of any active interface (in the form -@code{@w{ipv4_192_0_0_1}}, -@code{@w{ipv4_192_0_0}}, @code{@w{ipv4_192_0}}, @code{@w{ipv4_192}}). - -@end itemize - -@c chew end Hard classes - -To see all of the classes define on a particular host, run - -@smallexample -host# cf-promises -v -@end smallexample -as a privileged user. Note that some of the classes are set only -if a trusted link can be established with cfenvd, i.e. if both -are running with privilege, and the @file{/var/cfengine/state/env_data} -file is secure. More information about classes can be found in -connection with -@code{allclasses}. - -User-defined or soft classes are defined in bundles. Bundles of type -@code{common} yield classes that are global in scope, whereas in all -other bundle types classes are local. Soft classes are evaluated when -the -bundle is evaluated. They can be based on test functions or simply from -other classes: - -@verbatim - -bundle agent myclasses -{ -classes: - -"solinus" expression => "linux||solaris"; - -# List form useful for including functions - -"alt_class" or => { "linux", "solaris", fileexists("/etc/fstab") }; - -"oth_class" and => { fileexists("/etc/shadow"), fileexists("/etc/ -passwd") }; - -reports: - -alt_class:: - - # This will only report "Boo!" on linux, solaris, or any system - # on which the file /etc/fstab exists - "Boo!"; -} - -@end verbatim - -@noindent Classes may be combined with the operators listed here in order -from highest to lowest precedence: - -@table @samp -@item () -The parenthesis group operator. -@item ! -The NOT operator. -@item . -The AND operator. -@item & -The AND operator (alternative). -@item | -The OR operator. -@item || -The OR operator (alternative). -@end table - -@noindent -So the following expression would be only true on Mondays or Wednesdays -from 2:00pm to 2:59pm on Windows XP systems: - -@example - -(Monday|Wednesday).Hr14.WinXP:: - -@end example - -@noindent Consider the following more advanced example. Promises in bundles -of type @samp{common} are global in scope -- all other promises are local to -the scope of their bundle. - - -@verbatim - -body common control -{ -bundlesequence => { "g","ls_1", "ls_2" }; -} - -################################# - -bundle common g -{ -classes: - -# The promise "zero" is always satisfied , and is global in scope -"zero" expression => "any"; - -} - -################################# - -bundle agent ls_1 -{ -classes: - -# The promise "one" is always satisfied , and is local in scope to ls_1 -"one" expression => "any"; -} - -################################# - -bundle agent ls_2 -{ -classes: - -# The promise "two" is always satisfied , and is local in scope to ls_2 -"two" expression => "any"; - -reports: - -zero.!one.two:: - - # This report @b{will} be generated - "Success"; -} - -@end verbatim - -Here we see that class @samp{zero} is global while classes @samp{one} -and @samp{two} are local. -The report `Success' result is therefore true because only @samp{zero} -and @samp{two} are in scope in the @samp{ls_2} bundle (and the class -expression for bundle @samp{ls_2} requires that both @samp{zero} and -@samp{two} be true and that @samp{one} not be true). - - - - -@node Loops, The main promise types, Decisions, A simple crash course in concepts -@section Loops -If you are looking for loops in CFEngine then we need to reprogram you -a little, as you are thinking like a programmer! CFEngine is not a -programming language that is meant to give you low level control, but -rather a set of declarations that embody processes. It's the difference -between the gears on a bicycle and the automated transmission in a -transporter. - -Loops are executed implicitly in CFEngine, but there is no visible -mechanism for it -- because that would steal attention from the -intention of the promises. The way to express them is through lists. - -Loops are really a way to iterate a variable over a list. Try the -following. - -@verbatim - -body common control - -{ -bundlesequence => { "example" }; -} - -########################################################### - -bundle agent example - -{ -vars: - -# This is a list - -"component" slist => { "cf-monitord", "cf-serverd", "cf-execd" }; - -# This is an associative array - -"array[cf-monitord]" string => "The monitor"; -"array[cf-serverd]" string => "The server"; -"array[cf-execd]" string => "The executor, not executionist"; - -reports: - -cfengine_3:: - -"$(component) is $(array[$(component)])"; - -} - -@end verbatim -The output looks something like this: -@smallexample - -/var/cfengine/bin/cf-agent -f ./unit_loops.cf -K - -R: cf-monitord is The monitor -R: cf-serverd is The server -R: cf-execd is The executor, not executionist - -@end smallexample -You see from this that, if we refer to a list variable using the -scalar reference -operator @samp{$()}, CFEngine interprets this to mean ``please iterate -over all -values of the list''. Thus, we have effectively a `foreach' loop, without the -attendant syntax. - -@c --------------------------------------------------------------------------- -@node The main promise types, , Loops, A simple crash course in concepts -@section The main promise types - -@noindent The following promise types may be used in any bundle: -@table @code -@item vars -A promise to be a variable, representing a value. -@item classes -A promise to be a class representing a state of the system. -@item reports -A promise to report a message. -@end table - -@noindent These additional promise types may be used only in agent bundles -@table @code -@item commands -A promise to execute a command. -@item databases -A promise to configure a database. -@item files -A promise to configure a file, including its existence, attributes and -contents. -@item interfaces -A promise to configure a network interface. -@item methods -A promise to take on a whole bundle of other promises. -@item packages -A promise to install a package. -@item storage -A promise to verify attached storage. -@end table - -@noindent These promise types belong to other components: -@table @code -@item access -A promise to grant or deny access to file objects in @code{cf-serverd}. -@item measurements -A promise to measure or sample data from the system, for monitoring or -reporting in @code{cf-monitord} (CFEngine Nova and above). -@item roles -A promise to allow certain users to activate certain classes when -executing @code{cf-agent} remotely, in @code{cf-serverd}. -@item topics -A promise to associate knowledge with a name, and possibly other -topics, in @code{cf-know}. -@item occurrences -A promise to point or refer to a knowledge resource, in @code{cf-know}. -@end table - -@node Using CFEngine as a front-end for cron, Network services, A simple crash course in concepts, Top -@chapter Using CFEngine as a front-end or replacement for cron - - -@menu -* Do I need cron?:: -* The single cron job approach:: -* Structuring commands promises:: -* Splaying host times:: -* Building flexible time classes:: -* Scheduling interval:: -@end menu - -@node Do I need cron?, The single cron job approach, Using CFEngine as a front-end for cron, Using CFEngine as a front-end for cron -@section Do I need cron? - -The Unix cron command is a useful beast, but a dumb one. One of -CFEngine's strengths is its use of classes to identify systems from a -single file or set of files. Many administrators think that it would -be nice if the cron daemon also worked in this way. One possible way -of setting up cron from a global configuration would be to use the -CFEngine file editing capability to edit each cron file -separately. That would be missing an obvious opportunity however. - -A much better way is to use CFEngine's time classes to work like a -user interface for cron. This allows you to have a single, central -CFEngine file which contains all the cron jobs on your system without -losing any of the fine control which cron affords you. All of the -usual advantages apply: -@itemize @bullet - -@item -It is easier to keep track of what cron jobs are running on the -system when you have everything in one place. - -@item -You can use all of your carefully crafted groups and user-defined -classes to identify which host should run which programs. -@end itemize -@cindex Cron jobs, controlling with CFEngine - -The central idea behind this scheme is to set up a regular cron job on -every system which executes @code{cf-agent} at frequent intervals. Each time -@code{cf-agent} is started, it evaluates time classes and executes the -shell commands defined in its configuration file. In this way we use -@code{cf-agent} as a wrapper for the cron scripts, so that we can use -CFEngine's classes to control jobs for multiple hosts. CFEngine's time -classes are at least as powerful as @code{cron}'s time specification -possibilities, and they add control over location too. This does not -restrict you in any way, @xref{Building flexible time classes}. The -only price is the overhead of parsing the CFEngine configuration file -which is insignificant. - -@cartouche -DO I NEED TO USE CRON? No. With CFEngine's @code{cf-execd} you don't -@i{have} to use cron -- CFEngine can schedule itself. Whether you -choose to run @code{cf-execd} in daemon mode, or in wrapper mode is -entirely up to you. In the commercial versions of CFEngine, the exec -daemon has sophisticated features for reliability. In the Community -Edition, you might feel comfortable having something independent -watching over CFEngine, especially during binary updates during which -live programs can die from faults. -@end cartouche - -@node The single cron job approach, Structuring commands promises, Do I need cron?, Using CFEngine as a front-end for cron -@section The single cron job approach - -To be more concrete, imagine installing the following @file{crontab} -file onto every host on your network: - -@cartouche -@smallexample -# -# Global Cron file -# -*/5 * * * * /var/cfengine/bin/cf-execd -F - -@end smallexample -@end cartouche - -@noindent - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node Structuring commands promises, Splaying host times, The single cron job approach, Using CFEngine as a front-end for cron -@section Structuring commands promises - -The structure of a promise bundle needs to reflect your policy for -running jobs on the system. You need to switch on relevant tasks and -switch off unwanted tasks depending on the time of day. This can be -done by placing individual actions under classes which restrict the -times at -which they are executed, - -@smallexample - -@var{promise-type}: - - @var{time-based classes::} - - @var{Promise} - -@end smallexample - -@noindent For example: - -@verbatim -bundle agent example -{ -commands: - -# Exec during the first quarter-hour after noon - - Hr12.Q1:: - - "/path/myscript -arg1 -arg2"; - -# Exec during any second quarter-hour - - Q2:: - - "/path/otherscript"; - -# Exec during the intervals 00:10 through 00:15 and 12:45 through 12:55 -# (English says ``and'', but logic says ``if this interval or that is true'' - - Hr00.Min10_15||Hr12.Min45_55:: - - "/path/amongstourscripts"; - -} - -@end verbatim - -@noindent If you want to get fancy, you can set parameters for the -execution of the script -by building a container for it that traps its output and privileges -(this applies to root only, -since only root has this power to change privilege). - -@verbatim -bundle agent example -{ -commands: - -# Exec on the first quarter after noon - - Hr12.Q1:: - - "/path/myscript -arg1 -arg2", - - contain => jail("nobody","true"); -} - -# ... - -body contain jail(owner,devnull) -{ -exec_owner => "$(owner)"; # run with this setuid -no_output => "$(devnull)"; # like > /dev/null 2>&1 -umask => "77"; # set process umask -} - -@end verbatim -The @samp{contain}ment body provides a safe and flexible environment in which -to embed scripts. - -The time resolution of the classes is limited by how often you execute -CFEngine -either using cron or @code{cf-execd}. Five minutes is the recommended -scheduling interval. - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node Splaying host times, Building flexible time classes, Structuring commands promises, Using CFEngine as a front-end for cron -@section Splaying host times - -In a network of thousands of computers, many agents could start -executing and downloading resources from a server at the same time. -For instance, if a thousand cf-agents all suddenly wanted to copy a -file from a master source simultaneously this would lead to a big load -on the server. We can prevent this from happening by introducing a -time delay which is unique for each host and not longer than some -given interval; @code{cf-execd} uses a hashing algorithm to generate -a number -between zero and a maximum value in minutes which you define, like -this: - -@verbatim - -body executor control - -{ -splaytime => "10"; # Minutes -} - -@end verbatim - -@noindent -If this number is non-zero, @code{cf-execd} goes to sleep after -parsing its configuration file and reading the clock. Every machine's -@code{cf-execd} will go to sleep for a different length of time, which -is no longer than the time specified. - -A hashing algorithm, based on the fully qualified name of the host, is -used to compute a unique time for hosts. The shorter the interval, the -more clustered the hosts will be. The longer the interval, the lighter -the load on your servers. This `splaying' of the run times will -lighten the load on servers, even if they come from domains not under -your control but have a similar cron policy. - - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node Building flexible time classes, Scheduling interval, Splaying host times, Using CFEngine as a front-end for cron -@section Building flexible time classes - -Each time CFEngine is run, it reads the system clock and defines -classes based on the time and date (see reference manual). - -Time classes based on the precise minute at which cfagent started are -unlikely to be directly useful in policy (except in the -@code{cf-execd} schedule). Many things could conspire to delay the -precise time -at which cfagent were started. The real purpose in being able to -detect the precise start time is to define composite classes which -refer to arbitrary intervals of time. To do this, we use the -@code{group} or @code{classes} action to create an alias for a group -of time values. -@cindex Grouping time values -@cindex @code{groups} and time intervals -Here are some creative examples: - -@smallexample - -classes: # synonym groups: - -"LunchAndTeaBreaks" expression => "!(Saturday|Sunday).(Hr12|Hr10|Hr15)"; - -"NightShift" or => @{ "Hr22", "Hr23", "Night" @}; - -"ConferenceDays" or => @{ "Day26", "Day27", "Day29", "Day30" @}; - -"TimeSlices" or => @{ "Min01", "Min02", "Min03", "Min10_15" - "Min33", "Min34", "Min35" @}; - -"Exception" not => "Hr12.Min15_20"; - -@end smallexample -@noindent -In the first three examples, the left hand sides of the assignments are -effectively the ORed result of the right hand side. Thus if any -classes in the braces is defined, the left hand side class -will become defined. This provides a flexible and readable way of -specifying intervals of time within a program, without having to -use @samp{|} and @samp{.} operators everywhere. - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node Scheduling interval, , Building flexible time classes, Using CFEngine as a front-end for cron -@section Choosing a scheduling interval - -How often should you call your global CFEngine configuration? There -are several -things to think about: - -@itemize @bullet - -@item -How much fine control do you need? Running cron jobs once each hour is -usually enough for most tasks, but you might need to exercise finer -control for a few special tasks. - -@item -Are you going to verify the entire CFEngine configuration file -or just selected promises? - -@end itemize - -CFEngine has an intelligent locking and timeout policy which should be -sufficient to handle hanging shell commands from previous crons so that -no overlap can take place. - - - -@node Network services, Knowledge Management, Using CFEngine as a front-end for cron, Top -@chapter Network services - -@c --------------------------------------------------------------------------- - - -This chapter describes how you can set up a CFEngine network service -to handle -remote file distribution and remote execution of CFEngine without having -to open your hosts to possible attack using the @code{rsh} protocols. - - -@menu -* What services?:: -* How services work:: -* Remote access explained:: -@end menu - -@node What services?, How services work, Network services, Network services -@section CFEngine network services - -By starting the daemon called @code{cf-serverd}, you can set up a line -of -communication between hosts, allowing them to exchange files across -the network or execute CFEngine remotely on another system. -CFEngine network services are built around the following components: - -@table @code - -@item cf-agent -The configuration engine's only contact with the network is via -remote copy requests. It does not and cannot grant any access to a -system from the network. It is only able request access to files from -the -server component. - -@item cf-serverd -A daemon which acts as both a file server and a remote-@code{cf-agent} -executor. This daemon authenticates requests from the network and -processes them according to rules specified in the server control body -and server bundles containing @code{access} promises. - -@item cf-runagent -This is a simple initiation program which can be used -to run @code{cf-agent} on a number of remote hosts. It cannot -be used to tell @code{cf-agent} what to do, it can only ask @code{cf- -serverd} -on the remote host to run the @code{cf-agent} with its existing -configuration. -Privileges can be granted to users to provide a kind of Role Based -Access Control (RBAC) -to certain parts of the existing policy. - -@end table - -@noindent -With these components you have everything you need to do effective -distribution of resources (provisioning) of systems. - - -@c ------------------------------------------------------------------------------- -@c SECTION -@c ------------------------------------------------------------------------------- - -@node How services work, Remote access explained, What services?, Network services -@section How services work - - -@c ........................................... -@c SUBSECTION -@c ........................................... - - -@menu -* Remote file distribution:: -* Remote execution of cfagent:: -@end menu - -@node Remote file distribution, Remote execution of cfagent, How services work, How services work -@subsection Remote file distribution - -This section describes how you can set up @code{cf-serverd} as a -remote file -server which can result in the distribution of files to client hosts in -a secure a reliable manner. - -An important difference between CFEngine and other systems has to do -with the way files are distributed. CFEngine uses a `pull' rather -than a `push' model for distributing network files. A majority of -systems (probably) for instance, works by forcing an image of the -files on one server machine onto all clients. This happens in the manner -of an attack -- indeed the recipients are often required to open various -ports and accept whatever they get. CFEngine will not support this kind -of technology as a matter of principle. - -With the `push' approach files get changed when the distributor wishes -it and the clients have no choice but to live with the consequences. -CFEngine, on the other hand, works by @i{voluntary cooperation}. Hosts -are allowed to remain in control of their defenses and protect -themselves against attacks and pushes if they want to. - -In fact, CFEngine cannot (by design) force its will onto other hosts, -nor can it be forced. In order to distribute it can at best signal -all machines and ask them to collect files if they are willing. In other -words, CFEngine simulates a `push' model by polling each client and -running the local CFEngine configuration script giving the host the -chance to `pull' any updated files from the remote server, but leaving -it up to the client machine to decide whether or not it wants to -update. - -Also, in contrast to programs like @code{rdist} which distribute files -over many hosts, CFEngine does not require any general @code{root} -access to a system using the @file{.rhosts} file or the -@file{/etc/hosts.equiv} file. It is sufficient to run the daemon as -root. You can not run it by adding it to the @file{/etc/inetd.conf} -file on your system however. -@cindex @file{/etc/inetd.conf} file and CFEngine -The restricted functionality of the daemon protects your system from -attempts to execute general commands as the root user using @code{rsh}. - -To remotely access files on a server you use a @code{copy_from} -attribute -in a @file{files} promise: - -@verbatim -bundle agent example -{ -files: - -"/var/cfengine/inputs" - - perms => m("600"), - copy_from => remote_cp("$(master_location)","localhost"), - depth_search => recurse("inf"), - action => immediate; - -} - -# Library template - -body copy_from remote_cp(from,server) -{ -servers => { "$(server)" }; -source => "$(from)"; -compare => "mtime"; -} - -@end verbatim -@noindent -Assuming that the @code{cf-serverd} daemon is running on @var{server- -host}, @code{cf-agent} -will make contact with the daemon and attempt to obtain information -about the file. During this process, CFEngine verifies that the system -clocks of the two hosts are reasonably synchronized. If they are not, -it will not permit remote copying unless @code{denybadclocks} is false -in the server control body. - -If @code{cf-agent} determines that a file needs to be updated from a -remote -server it begins copying the remote file to a new file on the same -filesystem as the destination-file. This file has the suffix -@file{.cfnew}. - -Only when the file has been successfully collected will @code{cf- -agent} make a -copy of the old file, (see @code{repository} in the Reference manual), -and rename the new file into place. This behavior is designed to avoid -race-conditions which can occur during network connections and indeed -any operations which take some time. If files were simply copied -directly to their new destinations it is conceivable that a network -error could interrupt the transfer leaving a corrupted file in place. -@code{cf-agent} places a timeout of a few seconds on network -connections to -avoid hanging processes. - -Normally the daemon sleeps, waiting for connections from the network. -Such a connection may be initiated by a request for remote files from a -running @code{cf-agent} program on another host, or it might be -initiated by -the program @code{cf-runagent} which simply asks the -host running the daemon to run @code{cf-agent} or @code{cf-execd} -program locally. - -@c ........................................... -@c SUBSECTION -@c ........................................... - -@node Remote execution of cfagent, , Remote file distribution, How services work -@subsection Remote execution of @code{cf-agent} - -Occasionally you will want to run @code{cf-agent} immediately in order -to implement a change in configuration as quickly as possible on one -or more hosts. It would then be inconvenient to have to log onto every -host in order to do this manually. - -If your scheduling interval is often enough, this should be -unnecessary since CFEngine will already have run by the time you -manage to log on -- and the parallelism means that an entire network -can be altered in minutes without the delay of waiting for centralized -control. - -But you might want to send a special signal, e.g. run policy with a -special class activated on just a few machines. Then a better way is -to issue a simple command which contacts the remote host and runs -@code{cf-agent} with role based access control, providing the -immediate output on your own screen: - -@smallexample - -host$ cf-runagent -H @var{remote-host} -v - -@var{output....} - -@end smallexample - -@itemize @bullet - -@item -You avoid having to log in on a remote host in order to reconfigure -it. - -@item -Users other than root can run @code{cf-agent} to fix any problems with -the system, with access granted to individuals and classes. - -@end itemize - -A potential disadvantage with any such system is that malicious users -might be able to run @code{cf-agent} on remote hosts. The fact that -non-root users can execute @code{cf-agent} is not a problem in itself, -after all the most malicious thing they would be able to do would be -to check the system configuration and repair any problems. No one can -tell @code{cf-agent} what to do using the @code{cf-runagent} program, it is only -possible to run an existing configuration. But a more serious concern -is that malicious users might try to run @code{cf-agent} repeatedly -(so-called `Denial of Service' attack) so that a system became -burdened with running @code{cf-agent} constantly. -To protect against this, the server uses the same @code{ifelapsed} locks -to complement access controls. - -@node Remote access explained, , How services work, Network services -@section Remote access explained - - -@menu -* Server connection:: -* Remote access troubleshooting:: -* Key exchange:: -* Time windows:: -* Other users than root:: -* Encryption:: -@end menu - -@node Server connection, Remote access troubleshooting, Remote access explained, Remote access explained -@subsection Server connection - -In order to connect to the CFEngine server you need -@table @emph -@item A public-private key pair. -To create a key pair, run -@smallexample -cf-key -@end smallexample -@item An IP (v4 or v6) address. -You must be online with a configured network address. -@item A client program -Both @code{cf-agent} and @code{cf-runagent} are clients that can connect -to the server. - -@item Permission to connect to the server, and -The server control body must grant access to your computer and public -key by name or IP address, by listing it in one of the lists (see -below). - -@item Your public key must be trusted by the server, and you must -trust the server's public key - -By mutually trusting each others' keys, client and server agree -to use that key as a sufficient identifier for the computer. - -@item Permission to access something - -Your host name or IP address must be mentioned in an @code{access} -promise inside a server bundle, made by the file that you are -trying to access. -@end table - -If all of the above criteria are met, connection will be established -and data will be transferred between client and server. The client can -only send short requests, following the CFEngine protocol. The server -can return data in a variety of forms, usually files, but sometimes -console output. - - -@node Remote access troubleshooting, Key exchange, Server connection, Remote access explained -@subsection Remote access troubleshooting - -When setting up @code{cf-serverd}, you might see the error message - -@verbatim -Unspecified server refusal -@end verbatim - -This means that @code{cf-serverd} is unable or is unwilling to -authenticate the connection from your client machine. The message is -generic: it is deliberately non-specific so that anyone attempting to -attack or exploit the service will not be given information which -might be useful to them. There is a simple checklist for curing this -problem: - -@enumerate -@item -Make sure that the domain variable is set in the configuration files -read by both client -and server; alternatively use @code{skipidentify} and -@code{skipverify} to decouple DNS from the -the authentication. - -@item -Make sure that you have granted access to your client in the server body - -@smallexample - -body server control -@{ -allowconnects => @{ "127.0.0.1" , "::1" @var{...etc} @}; -allowallconnects => @{ "127.0.0.1" , "::1" @var{...etc} @}; -trustkeysfrom => @{ "127.0.0.1" , "::1" @var{...etc} @}; -@} - -@end smallexample - -@item -Make sure you have created valid keys for the hosts using @code{cf-key}. -@item -If you are using secure copy, make sure that you have created a key -file and that you have distributed and installed it to all -participating hosts in your cluster. -@end enumerate - -@noindent Always remember that you can run CFEngine in verbose or -debugging modes to see how the authentication takes place: - -@verbatim -cf-agent -v -cf-serverd -v -@end verbatim - -@code{cf-agent} reports that access is denied regardless of the nature -of the error, to avoid giving away information which might be used by -an attacker. To find out the real reason for a denial, use verbose -@samp{-v} or -even debugging mode @samp{-d2}. - - -@node Key exchange, Time windows, Remote access troubleshooting, Remote access explained -@subsection Key exchange - -The key exchange model used by CFEngine is based on that used by -OpenSSH. It is a peer to peer exchange model, not a central -certificate authority model. This means that there are no scalability -bottlenecks (at least by design, though you might introduce your own -if you go for an overly centralized architecture). - -The problem of key distribution is the conundrum of every public key -infrastructure. Key exchange is handled automatically by CFEngine and -all you -need to do is to decide which keys to trust. - -When public keys are offered to a server, they could be accepted -automatically on trust because no one is available to make a decision -about them. This would lead to a race to be the first to submit a key -claiming identity. - -Even with DNS checks for correct name/IP address correlation (turned -off with @code{skipverify}), it might be possible to submit a false -key to a server. - -The server @code{cf-serverd} blocks the acceptance of unknown keys by -default. In order to accept such a new key, the IP address of the -presumed client must be listed in the @code{trustkeysfrom} stanza. -Once a key -has been accepted, it will never be replaced with a new key, thus no -more trust is offered or required. - -Once you have arranged for the right to connect to the server, you -must decide which hosts will have access to which files. This is done -with @code{access} rules. - -@verbatim - -bundle server access_rules() - -{ -access: - -"/path/file" - - admit => { "127.0.0.1", "127.0.0.2", "127.0.0.3" }, - deny => { "192.*" }; -} - -@end verbatim - -On the client side, i.e. @code{cf-runagent} and @code{cf-agent}, there -are three issues: - -@enumerate -@item -Choosing which server to connect to. -@item -Trusting the identity of any previously unknown servers, i.e. trusting -the server's public key to be its and no one else's. (The issues here -are -the same as for the server.) -@item -Choosing whether data transfers should be encrypted (with -@code{encrypt}). -@end enumerate - -Because there are two clients for connecting to @code{cf-serverd} -(@code{cf-agent} and @code{cf-runagent}), there are also two ways on -managing trust of server keys by a client. One is an automated option, -setting the option -@code{trustkey} in a @code{copy_from} stanza, e.g. - -@verbatim - -body copy_from example - { - # .. other settings .. - trustkey => "true"; - } - -@end verbatim - -Another way is to run @code{cf-runagent} in interactive mode. When you -run @code{cf-runagent}, unknown -server keys are offered to you interactively (as with @code{ssh}) for -you to -accept or deny manually: - -@smallexample - -WARNING - You do not have a public key from host ubik.iu.hio.no = -128.39.74.25 - Do you want to accept one on trust? (yes/no) ---> - -@end smallexample - -@node Time windows, Other users than root, Key exchange, Remote access explained -@subsection Time windows (races) - -Once public keys have been exchanged from client to server and from -server to client, the issue of trust is solved according to public key -authentication schemes. You only need to worry about trust when one side -of a connection has never seen the other side before. - -Often you will have a central server and many client satellites. Then -the best way to transfer all the keys is to set the @code{trustkey} -flags on server and clients sides to coincide with a time at which you -know that @code{cf-agent} will be run, and when a spoofer is unlikely -to be able to interfere. - -This is a once-only task, and the chance of an attacker being able to -spoof a key-transfer is small. It would require skill and -inside-information about the exchange procedure, which would tend to -imply that the trust model was already broken. - -Another approach would be to run @code{cf-runagent} against all the -hosts -in the group from the central server and accept the keys one by one, -by hand, though there is little to be gained from this. - -Trusting a host for key exchange is unavoidable. There is no clever -way to avoid it. Even transferring the files manually by diskette, and -examining every serial number of the computers you have, the host has -to trust the information you are giving it. It is all based on -assertion. You can make it almost impossible for keys to be faked -or attacked, but you cannot make it absolutely impossible. Security is -about managing reasonable levels of risk, not about magic. - -All security is based on a moment of trust at some point in -time. Cryptographic key methods only remove the need for a repeat of -the trust decision. After the first exchange, trust is no longer needed, -because they keys allow identity to be actually verified. - -Even if you leave the trust options switched on, you are not blindly -trusting the hosts you know about. The only potential insecurity lies -in any new keys that you have not thought about. If you use wildcards -or IP prefixes in the trust rules, then other hosts might be able to -spoof their way in on trust because you have left open a hole for them -to exploit. That is why it is recommended to return the system to the -default state of zero trust immediately after key transfer, by -commenting out the trust options. - - -It is possible, though somewhat laborious to transfer the keys out of -band, by copying @file{/var/cfengine/ppkeys/localhost.pub} to -@code{/var/cfengine/ppkeys/user-aaa.bbb.ccc.mmm} (assuming IPv4) on -another host. e.g. - -@smallexample - -localhost.pub -> root-128.39.74.71.pub - -@end smallexample - -This would be a silly way to transfer keys between nearby hosts that you -control yourself, but if transferring to long distance, remote hosts -it might be an easier way to manage trust. - -@node Other users than root, Encryption, Time windows, Remote access explained -@subsection Other users than root - -CFEngine normally runs as user "root" (except on Windows which does -not normally have a root user), i.e. a privileged administrator. If -other users -are to be granted access to the system, they must also generate a key -and go through the same process. In addition, the users must be added -to the server configuration file. - -@node Encryption, , Other users than root, Remote access explained -@subsection Encryption - -CFEngine provides encryption for keeping file contents private during -transfer. It is assumed that users will use this judiciously. There is -nothing to be gained by encrypting the transfer of public files -- -overt use of encryption just contributes to global warming, burning -unnecessary CPU cycles without offering any security. - -The main role for encryption in configuration management is for -authentication. CFEngine always uses encrypted for authentication, so -none of the encryption settings affect the security of authentication. - - - - -@node Knowledge Management, , Network services, Top -@chapter Knowledge Management - - -A unique aspect of CFEngine, that is fully developed in the commercial -editions of the software, its ability to enable integrated knowledge -management as part of an automation process, and to use its configuration -technology as a `semantic' documentation engine. - -@image{topicmap,15cm,,,png} - -Knowledge management is the challenge of our times. Organizations -frequently waste significant effort re-learning old lessons because they have -not been documented and entered into posterity. Now you can alleviate -this problem with some simple rules of thumb and even build -sophisticated index-databases of documents. - - -@menu -* Promises and Knowledge:: -* The basics of knowledge:: -* Annotating promises:: -* A promise model of topic maps:: -* What topic maps offer:: -* The nuts and bolts of topic maps:: -* Example of topics promises:: -* Modeling configuration promises as topic maps:: -@end menu - -@node Promises and Knowledge, The basics of knowledge, Knowledge Management, Knowledge Management -@section Promises and Knowledge - -The learning curve for configuration management systems has been the -brunt of frequent criticism over the years. Users are expected to either -confront the informational complexity of systems at a detailed level, or -abandon the idea of fine control altogether. This has led either to -information overload or over-simplification. The ability to cope with -information complexity is therefore fundamental to IT management - -CFEngine introduced the @emph{promise model} for configuration in -order to flatten out this learning curve. It can lead to -simplifications in use, because a lot of the thinking has been done -already and is encapsulated into the model. One of its special -properties is that it is both a model for system behavior and a model -for knowledge representation (this is what declarative languages seek -to be, of course). More specifically, it incorporated a subset of the -ISO standard for `Topic Maps', an open technology for semantic -indexing of information resources. By bringing together these two -technologies (which are highly compatible), we end up with a seamless -front-end for sewing together and browsing system information. - -Knowledge management is a field of research in its own right, and it -covers a multitude of issues both human and technological. Most would -agree that knowledge is composed of facts and relationships and that -there is a need both for clear definitions and semantic context to -interpret knowledge properly; but how do we attach @emph{meaning} to -raw information without ambiguity? - -Knowledge has quite a lot in common with configuration: what after all -is -knowledge but a configuration of ideas in our minds, or on some -representation medium (paper, silicon etc). It is a coded pattern, -preferably one that we can agree on and share with others. Both -knowledge and configuration management are about describing patterns. -A simple knowledge model can be used to represent a policy or -configuration; conversely, a simple model of policy configuration can -manufacture a knowledge structure just as it might manufacture -a filesystem or a set of services. - - -@node The basics of knowledge, Annotating promises, Promises and Knowledge, Knowledge Management -@section The basics of knowledge - -Knowledge only truly begins when we write things down: - -@itemize -@item The act of formulating something in writing brings a discipline -of thought than often lends clarity to an idea. -@item You never confront an idea fully until you try to put it into -language. -@item Any written record that is kept allows others to read it and -pass on the knowledge. -@end itemize - -The trouble is that writing is something people don't like to do, and -few are very good at. To an engineer, it can feel like a waste of -time, especially during a busy day, to break off from the doing to -write about the doing. Also, writing requires a spurt of creative -thinking and engineers are often more comfortable with manipulating -technical patterns and notations than writing fluent linguistic -formulations that seem overtly long-winded. - -CFEngine tries to bridge this gap by making documentation simple and -part of the technical configuration. CFEngine's knowledge agent then -uses AI and network science algorithms to construct a readable -documentation from these technical annotations. It can do this because -a lot of thought has already gone into the meaning of the promise -model. - -@node Annotating promises, A promise model of topic maps, The basics of knowledge, Knowledge Management -@section Annotating promises - -The beginning of knowledge is to annotate the technical specifications. -Remember that the point of a promise is to convey an @i{intention}. -When writing promises, get into the habit of giving every promise a -comment that explains its intention. Also, expect to give special -promises -@i{handles}, or helpful labels that can be used to refer to them by in -other -promise statements. A handle could be something dumb like `xyz', but -you should -try to use more meaningful titles to help make references clear. - -@verbatim - -files: - -"/var/cfengine/inputs" - - handle => "update_policy", - comment => "Update the CFEngine input files from the policy server", - perms => system("600"), - copy_from => rcp("$(master_location)","$(policy_server)"), -depth_search => recurse("inf"), -file_select => input_files, - action => immediate; - -@end verbatim -@noindent If a promise affects another promise in some way, you can -make the affected one -promise one of the promisees, like this: - -@verbatim - -access: - -"/master/CFEngine/inputs" -> { "update_policy", "other_promisee" }, - -handle => "serve_updates", - admit => { "217.77.34.*" }; - -@end verbatim - -@noindent Conversely, if a promise might depend on another in some -(even indirect) way, document this too. - -@verbatim - -files: - -"/var/cfengine/inputs" - - handle => "update_policy", - comment => "Update the CFEngine input files from the policy -server", - depends_on => { "serve_updates" }, - perms => system("600"), - copy_from => rcp("$(master_location)","$(policy_server)"), -depth_search => recurse("inf"), -file_select => input_files, - action => immediate; - -@end verbatim - -@noindent This use of annotation is the first level of documentation -in CFEngine. -The annotations are used internally by CFEngine to provide meaningful -error messages with context and to compute dependencies that reveal -the existence of process chains. These can be turned into a topic map -for browsing the policy relationships is a web browser, using -@code{cf-know}. - - -@cartouche -The CFEngine Knowledge Map is only available in commercial editions -of the software, where the necessary support to set up and maintain -this technology can be provided. -@end cartouche - - -@node A promise model of topic maps, What topic maps offer, Annotating promises, Knowledge Management -@section A promise model of topic maps - -CFEngine's model of promises can also be used to promise information -and its relevance in different contexts. The Knowledge agent @code{cf-know} -understands three kinds of promise. - -@table @code -@item topics: -A topic is merely a string that can be associated with another string. It represents a `subject to be talked about'. -Like other promise types, you can use contexts, which are formed from other topics expressions to limit the scope of -the current topic promise. -@item things: -Things are a simplified interface to topics, that were introduced to make it easier -for users to contribute knowledge about more concrete `things', or less abstract ideas. -A challenge with knowledge management is the abstract and technical nature of the models -one must use to represent it. Things attempt to make that task easier. -@item occurrences: -An occurrence is a reference to a document or a piece of text that actually represents -knowledge content about the topic concerned. Occurrences are generally URLs or strings -explaining things or topics. -@end table - -@node What topic maps offer, The nuts and bolts of topic maps, A promise model of topic maps, Knowledge Management -@section What topic maps offer - -CFEngine is capable of automating the documentation of a policy, using basic annotations provided above, as a -knowledge map. They require very little effort from the user. If you -are using the Community Edition of CFEngine, you can develop a topic -map, but we do not support the backend technology without a -commercial license. In either case, once you become familiar with the -use of Topic Maps, you will want to extend your knowledge manually to -incorporate things like: - -@itemize -@item Local (high level) policy documents -@item Related databases, such as CMDBs -@end itemize - -@noindent So let us spend a while showing how to encode knowledge in -topic maps -using @code{cf-know}. - -The kind of result you can expect is shown in the pictures below. The -example figures show typical pages generated by the knowledge agent -@code{cf-know}. The first of these shows how we use the technology to -power the web knowledge base in the commercial CFEngine product. - -In this use, all of the data are based on documentation for -the CFEngine software, and most of the relationships are manually -entered. - -For a second example, consider how CFEngine can generate such a -knowledge map analysis of its own configuration (self-analysis). The -data in the images below describe the CFEngine configuration -promises. One such page is generated, for instance, for each policy -promise, and pages are generated for reports from different computers -etc. You can also create you own `topic pages' for any local -(enterprise) information that you have. - -In this example, the promise has been given the promise-handle -@code{update_policy}, and the associations and the lower graph shows -how this promise relates to other promises through its documented -dependencies (these are documented from the promisees and -@code{depends_on} attributes of other promises.). - -The example page shows two figures, one above the other. -The upper figure shows the thirty nearest topics (of any kind) that -are related to this one. -Here the relationships are unspecific. This diagram can reveal -pathways to related information -that are often unexpected, and illustrates relationships that broaden -one's understanding -of the place the current promise occupies within the whole. - -Although the graphical illustrations are just renderings of -semantic associations shown more fully in text, they are useful for -visualizing -several levels of depth in the associative network. This can be -surprisingly useful for brainstorming and reasoning alike. In -particular, one can see the other promises that could be affected if -we were to make a change to the current promise. Such impact analyses -can be crucial to planning change and release management of policy. - - - -@cartouche - -A knowledge base is a slightly improved implementation of a Topic Map which is an ISO -standard technology. A topic map works like an index that can point to -many different kinds of external resources, and may contain simple -text and images internally. So you use it to bind together documents -of any kind. A CFEngine knowledge base is not a new document format, it -is an overlay map that joins ideas and resources together, and -displays relationships. - -@end cartouche - - - - -@node The nuts and bolts of topic maps, Example of topics promises, What topic maps offer, Knowledge Management -@section The nuts and bolts of topic maps - - -@menu -* Topic map definitions:: -@end menu - -@node Topic map definitions, , The nuts and bolts of topic maps, The nuts and bolts of topic maps -@subsection Topic map definitions - -Topic maps are really electronic indices, but they form and work like -webs. -A topic is the technical representation of a `subject', i.e. anything -you might want -to discuss, abstract or physical e.g. an item of `abstract -knowledge', which probably has a number of concrete exemplars. It -might be a person, a machine, a quality, etc. - -Topics can be classified into boxes called @emph{topic-types} so that -related -things can be collated and unrelated things can be separated, e.g. -types allow us to distinguish between @code{rmdir} the Unix utility -and @code{rmdir} the Unix system-call. - -Each typed topic can further point to a number of references or -exemplars called @emph{occurrences}. For instance, an occurrence of -the topic `computer' might include books, web documents, database -entries, physical manifestations, or any other information. An -occurrence is a reference that exemplifies the abstract -topic. Occurrence references are like the page numbers in an -index. - - -A book index typically has `see also' references which point from one -topic to another. -Topic Maps allow one to define any kind of @emph{association} between -topics. Unlike an ordinary index, a topic map has a rich (potentially -infinite) variety of cross reference types. -For instance, -@smallexample -topic_1 ``is a kind of'' topic_2 -topic_1 ``is improved by'' topic 2 -topic_1 ``solves the problem of'' topic_2 -@end smallexample - -@noindent The topic map model thus has three levels of containers: - -@table @emph -@item Contexts -The box into which we classify a topic to disambiguate different -topics with the same name (`in the context of')@footnote{Here, CFEngine differs from the topic map standard in allowing contexts -to be overlapping sets, rather than mutually exclusive `types'. -CFEngine is guided by Promise Theory in this respect in order to enable -distributed cooperation and the development of a free and emergent ontology.}. - -@item Topics/Things -The representation of a subject (an index term). - -@item Occurrence Types -A term that explains how an actual document occurrence relates -to the topic is claims to say something about. e.g. (tutorial, manual, -or -example, definition, photo-album etc). - -@item Occurrences -Specific information resources: these are pointers to the actual -documents -that we want to read (like page numbers in an index). -@end table - - -Contexts map conveniently into CFEngine classes. -Topics map conveniently into promisers. -Occurrences also map to promisers of a different type. -These three label different levels of granularity of meaning. Contexts -represent a set of topics that might be relevant, which in turn encompass a set of -occurrences of resources that contain actual information about the topics in that context. The primacy of topics in this -stems from their ability to form networks by @emph{association}. - -The classic approach to information modeling is to build a -hierarchical decomposition of non-overlapping objects. Data are -manipulated into non-overlapping containers which often prove -to be overly restrictive. Topic maps allow us to avoid the kinds of -mistakes that have led to monstrosities like the Common Information -Model (CIM) with its @emph{thousands} of strictly non-overlapping type -categories. - -Each topic allows us to effectively `shine a light' onto the -occurrences of information that highlight the concepts pertinent to -the topic somehow. - - -@node Example of topics promises, Modeling configuration promises as topic maps, The nuts and bolts of topic maps, Knowledge Management -@section Example of topics promises - -You can use @code{cf-know} to render a topic map either as text (for -command line -use) or as HTML (for web rendering). We begin with the text rendering -as it requires less -infrastructure. You will just need a database. - -Try typing in the following knowledge promises: - -@smallexample - -body common control -@{ -bundlesequence => @{ "tm" @}; -@} - -################################################### - -bundle knowledge tm -@{ -topics: - - -"server" comment => "Common name for a computer in a desktop"; -"desktop" comment => "Common name for a computer for end users"; - -programs:: # context of programs - -"httpd" comment => "A web service process"; -"named" comment => "A name service process"; - -services:: - -"WWW" comment => "World Wide Web service", - association => a("is implemented by", - "programs::httpd", - "implements"); - - # if we don't specify a context, it is "any" - -"WWW" association => a("looks up addresses with", - "named", - "serves addresses to"); - -occurrences: - -httpd:: - "http://www.apache.org" - represents => @{ "website" @}; - -@} - -################################################### - -body association a(f,name,b) - -@{ -forward_relationship => "$(f)"; -backward_relationship => "$(b)"; -associates => @{ $(name) @}; -@} -@end smallexample - -@noindent The simplified things interface is similar, but uses fixed relations: - -@verbatim -bundle knowledge company_knowledge -{ -things: - regions:: - - "EMEA" comment => "Europe, The Middle-East and Africa"; - "APAC" comment => "Asia and the Pacific countries"; - - countries:: - "UK" synonyms => { "Great Britain" }, - is_located_in => { "EMEA", "Europe" }; - - "Netherlands" synonyms => { "Holland" }, - is_located_in => { "EMEA", "Europe" }; - - "Singapore" is_located_in => { "APAC", "Asia" }; - - locations:: - "London_1" is_located_in => { "London", "UK" }; - "New_Jersey" is_located_in => { "USA" }; - - networks:: - - "192.23.45.0/24" comment => "Secure network, zone 0. Single octet for corporate offices", - is_connected_to => { "oslo-hub-123" }; - -@end verbatim - -@menu -* Analyzing and indexing the policy:: -* cf-know:: -@end menu - -@node Analyzing and indexing the policy, cf-know, Example of topics promises, Example of topics promises -@subsection Analyzing and indexing the policy - -CFEngine can analyze the promises you have made, index and cross -reference them using the command: - -@verbatim -# cf-promises -r -@end verbatim -Normally, the default policy in Nova/Enterprise will perform this -command each time the policy is changed. - -@node cf-know, , Analyzing and indexing the policy, Example of topics promises -@subsection @code{cf-know} - -CFEngine's knowledge agent @code{cf-know} allows you to make promises -about knowledge and its inter-relationships. It is not specifically a -generic topic map language: rather it provides a powerful configuration -language for managing a knowledge base that can be compiled into a -topic map. - -To build a topic map from a set of knowledge promises in @file{knowledge.cf}, you would write: - -@verbatim -# cf-know -b -f ./knowledge.cf -@end verbatim - -The syntax of this file is hinted at below. -The full ISO standard topic map model is too rich to be a useful tool -for system knowledge management. However, this is where powerful -configuration management can help to simplify the process: encoding a -topic map is a complex problem in configuration, which is exactly what -CFEngine is for. CFEngine's topic map promises have the following -form: - -@smallexample - -bundle knowledge example -@{ -topics: - -topic_type_context:: # canonical container - -"Topic name" # short topic name - - comment => "Use this for a longer description", - association => a("forward assoc to","Other topic","backward assoc"); - - "Other topic"; - -occurrences: - -Topic_name:: # Topic - - "http://www.example.org/document.xyz" # URI to instance - - represents => @{ "Definition", "Tutorial"@}; # sub-types -@} - -@end smallexample -The association body templates look like this: -@verbatim - -body association a(f,name,b) -{ -forward_relationship => "$(f)"; -backward_relationship => "$(b)"; -associates => { $(name) }; -} - -@end verbatim - - - -@cartouche - -Promise theory adds a clear structure to the topic map ontology, which -is highly beneficial as experience shows that weak conceptual models -lead to poor knowledge maps. - -@end cartouche - - -@node Modeling configuration promises as topic maps, , Example of topics promises, Knowledge Management -@section Modeling configuration promises as topic maps - -We can model topic maps as promises within CFEngine; the -question then remains as to how to use topic maps to model -configurations so that CFEngine users can navigate the documented -promises using a web browser and be able to see all of the -relationships between otherwise isolated and fragmentary rules. This -will form the basis of a semantic Configuration Management Database -(sCMDB) for the CFEngine software. The key to making these ends meet -is to see the configuration of the topic map as a number öf promises -made in the abstract space of topics and the turning each promise into -a meta-promise that models the configuration as a topic with attendant -associations. Consider the following CFEngine promise. - -@verbatim - -bundle agent update -{ -files: - -any:: - -``/var/cfengine/inputs'' -> { ``policy_team'', ''dependent'' }, - - comment => ``Check policy updates from source'', - perms => true, - mode => 600, - copy_from => true, - copy_source => /policy/masterfiles, - compare => digest, - depth_search => true, - depth => inf, - ifelapsed => 1; - -} -@end verbatim - -This system configuration promise can be mapped by CFEngine into a -number of other promise proposals intended for the @code{cf-know} -agent. Suppressing some of the details, we have: - -@verbatim - -type_files:: - -"/var/cfengine/inputs" - association => a("promise made in bundle","update","bundle -contains promise"); -"/var/cfengine/inputs" - association => a("specifies body type","perms","is specified in"); -"/var/cfengine/inputs" - association => a("specifies body type","mode","is specified in"); -"/var/cfengine/inputs" - association => a("specifies body type","copy_from","is specified -in"); - -# etc ... - -occurrences: - -_var_CFEngine_inputs:: - - "promise_output_common.html#promise__var_CFEngine_inputs_update_cf_13" - represents => { "promise definition" }; - -@end verbatim -Note that in this mapping, the actual promise (viewed as a real world -entity) is an occurrence of the topic `promise'; at the same time each -promise could be discussed as a different topic allowing -meta-modeling of the entity-relation model in the real-world -data. Conversely the topics themselves become configuration items or -`promisers' in the promise model. The effect is to create a navigable -semantic web for traversing the policy; this documents the structure -and intention of the policy using a small ontology of standard -concepts and can be extended indefinitely by human domain experts. - - - - - -@chapter More... - -@cartouche - -You will find extensive help, examples and documentation as part of -the commercial -CFEngine support. Visit the website @url{http://www.cfengine.com} for more -details. - -@end cartouche - - - - -@c ======================================================================== -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ======================================================================== - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/cf3-upgrade.texinfo b/docs/guides/cf3-upgrade.texinfo deleted file mode 100644 index 5ebf1f161b..0000000000 --- a/docs/guides/cf3-upgrade.texinfo +++ /dev/null @@ -1,2389 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf3-upgrade.info -@settitle Upgrading from CFEngine 2 to 3 -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Upgrading from CFEngine 2 to 3 -@subtitle A CFEngine Handbook -@author CFEngine AS - -@c @smallbook - - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2009- CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - -@ifnottex -@node Top, General remarks and expectations, (dir), (dir) -@top CFEngine-Best-Practices -@end ifnottex -@iftex -@contents -@end iftex - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 -

Summary of contents

-@end html -@end ifhtml - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@menu -* General remarks and expectations:: -@c * Automated translation with cfconvert:: -* Conversion Strategy:: -* Translation Codebook:: -@end menu - -@c @node General remarks and expectations, Automated translation with cfconvert, Top, Top -@node General remarks and expectations, Conversion Strategy, Top, Top -@chapter General remarks and expectations - -This document concerns the translation of system configuration -policies from the legacy CFEngine 2 language to the new CFEngine 3 -promise language. CFEngine 3 is a new language that was designed with -careful research to satisfy the needs of system configuration in a -@i{convergent} fashion. - - -@menu -* On the translation of policies:: -* On best practices:: -* Completely new features:: -@end menu - -@node On the translation of policies, On best practices, General remarks and expectations, General remarks and expectations -@section On the translation of policies - -Translating one language directly into another rarely makes sense. -Every language has its quirks and idioms that make some formulations -more natural than others. - -In migrating from CFEngine 2 to CFEngine 3, you will see that the -novelty is more of a dialect than an unrelated language. The -underlying parameterization of the promises is the same, and you will -recognize the main features, even if they are inflected with an -`accent'. - -This suggests that translation might be easy. However, we don't want -you to trivialize this translation, as there are new mechanisms in -CFEngine 3 that bring new benefits, and this means that simple and -direct translation can be a poor choice that misses the opportunity -for improvement. In this guide the principles for translation are -simply as follows: - -@itemize -@item We make as direct a translation as possible, -sometimes offering alternatives that better illustrate CFEngine 3 paradigms. - -@item We use standardized templates from the -@i{CFEngine Community Open Promise-Body Library} to simplify -the translation. However, readers should understand that -in every `constraint' expression in CFEngine, of the form, -@verbatim - - LHS => RHS - -@end verbatim -@noindent the left hand side is always a pre-defined CFEngine word, -and the right hand side is always a user-defined term. In other words, -if you don't like the choices we have made, you can make your own -choices on the right hand side. -@end itemize - - -@node On best practices, Completely new features, On the translation of policies, General remarks and expectations -@section On `best practices' - -There are new features in CFEngine 3 that we strongly recommend you -use. Perhaps the most useful practice is to make use of the standard -library of template parts for promise bodies and bundles, called te -@i{CFEngine Community Open Promise-Body Library}. This is available -from the CFEngine website. By standardizing simple template -names, you will be able to communicate more effectively with others, -and facilitate knowledge efficiency in your organization. - -Another feature is the ability to annotate or comment promises in a -way that follows the promise through its lifecycle. This is part of -the strategy of integrated knowledge management (see the Special -Topics Guide on this subject). - -@cartouche -@verbatim - -files: - - "/etc/passwd" -> "stakeholder" - - comment => "Verify the integrity of the password file to change", - content => detect_all_changes; - -@end verbatim -@end cartouche -When a promise has a comment, this comment will be used to mark logs -entries and error messages, providing context to these events for -effective knowledge management. - -You can give each promise a name, if you like, to make it easy to refer to -or search for. We call this the promise `handle'. - -@cartouche -@verbatim - -files: - - "/etc/passwd" -> "stakeholder" - - handle => "passwd_change", - comment => "Verify the integrity of the password file to change", - content => detect_all_changes; - -@end verbatim -@end cartouche -You can use this handle to document relationships between promises. -For example, consider this hypothetical promise: -@cartouche -@verbatim - -files: - - "/etc/group" - - handle => "group_change", - comment => "Add new users to the user groups", - depends_on => { "passwd_change", "other_promise" }, - edit_line => fix_groups; - -@end verbatim -@end cartouche -In CFEngine Nova and other commercial editions of the software, -this documentation is automatically turned into browsable system -documentation. - -@node Completely new features, , On best practices, General remarks and expectations -@section Completely new features - -The CFEngine 3 Community Edition has many new features over CFEngine -2, and CFEngine Nova and the other commercial editions have many -features over the Community Edition. You can write promises in the -Community Edition for any of the commercial features without error -- -these will just not be functional in the Community Edition. This makes it -easy to upgrade (or downgrade) freely. - -New features in CFEngine 3 Community Edition include: - -@itemize -@item All the components of CFEngine are now configurable and they read -the same configuration file or files. In other words, you no longer have to -maintain a separate input file for the server and the agent -- self-contained -configurations can be made for all parts of the system in one. - -@item Promises now have containers called @i{promise bundles}. There is no analogue -of promise bundles in CFEngine 2, so you will need to sort through your -promises and divide them into suitable bundles yourself, making sure to -give each a sensible name. - -@item Powerful pattern matching and expression features that simplify the promises -by allowing a consistent promises to be made from a whole set of objects according to -a programmed pattern. - -@item Consistent use of Perl Compatible Regular Expressions for text matching. - -@item Array and list handling functions allow powerful associative patterns. - -@item Basic tools for Knowledge Management integrated with the configuration -technology. - -@item Generic package management. - -@item Role based access control for remote activation of special promises. - -@end itemize - - -New features in CFEngine Nova include: - -@itemize - -@item Automated Knowledge Management and analysis - -@item Database management promises. - -@item LDAP integration. - -@item Extended and integrated lightweight monitoring capabilities. - -@item Service and virtualization abstractions. - -@item Full native Windows support and promise types. - -@end itemize - -@c ################################################################# - -@c @node Automated translation with cfconvert, Translation Codebook, General remarks and expectations, Top -@c @chapter Automated translation with @code{cfconvert} -@node Conversion Strategy, Translation Codebook, General remarks and expectations, Top -@chapter Conversion Strategy - -@c CFEngine offers a commercial core transformation program, @code{cfconvert}, that performs a reasonable translation of CFEngine 2 code into CFEngine 3 code. The output of this program should work with either the Community Edition or Enterprise level editions of the software. - -@c The software may be obtained with a one-time closed-source license, that includes maintainence in case of problems. This can be combined with Professional Services from CFEngine if necessary to provide a `best effort' conversion. - - -@menu -@c * Automatic Conversion Strategy:: -* Converting by module:: -* Assembling a compilable file set:: -* Validating the conversion:: -* Optimizing the configuration:: -@end menu - -@c @node Automatic Conversion Strategy, Converting by module, Automated translation with cfconvert, Automated translation with cfconvert -@c @section Automatic Conversion Strategy - -@c No software can make a complete, `ready to go' translation of a configuration policy, as there are several decisions to be made when converting, as well as knowledge management features to be added. Below we offer recommendations for conversion using the @code{cfconvert} program. - -@c To begin conversion, we assume that you have a @file{cfagent.conf} master file that possibly includes a number of imported files, and that there are variables and classes defined throughout these. - -@c @menu -@c * How long will it take to convert?:: -@c * One chunk at a time:: -@c @end menu - -@c @node How long will it take to convert?, One chunk at a time, Automatic Conversion Strategy, Automatic Conversion Strategy -@c @subsection How long will it take to convert? - -@c If you are focused on the task, and you do not intend to re-organize the configuration dramatically, you can expect to be able to create a compilable version of a CFEngine configuration in the space of an hour. - -@c Filling in blanks, checking the correctness of the result and documenting it fully will take longer. It could take hours or days, depending on how many lines of code you have to convert. This is a tedious process, but one that will be a one-off burden and will bring great value to your operations. The conversion utility can shave off hundred of hours of manual labour from a hand-coded conversion. - -@c @node One chunk at a time, , How long will it take to convert?, Automatic Conversion Strategy -@c @subsection One chunk at a time - -@c You can convert as much or as little of a configuration as you like in one go. The simplest conversion approach is to feed the whole configuration to @code{cfconvert} in one bite. - -@c @sp 1 -@c @verbatim -@c host# export CFINPUTS=`pwd` -@c host# cfconvert -@c @end verbatim -@c @sp 1 -@c The converted output is written to a sub-directory @file{cf_conversion}. - -@c @smallexample - -@c CFEngine Conversion Utility (beta) - -@c -> Matrix from /usr/local/sbin/cfconvert -@c -> INPUTS from . /CFEngineProjects/Test_Client/CFEngine_2_config/ -@c -> OUTPUTS at /tmp/cf_conversion_output -@c -> Commencing pre-scan for common environment -@c -> Pre-scan complete -@c -> Scanning for recognizable control settings -@c -> > convert control setting EmailMaxLines -@c -> > convert control setting cfinputs_version -@c -> > convert control setting smtpserver -@c -> > convert control setting Inform -@c -> > convert control setting AddInstallables -@c -> > convert control setting workdir -@c -> > convert control setting Syslog -@c -> > convert control setting moduledirectory -@c -> > convert control setting moduledirectory -@c -> Start main promise bundle -@c -> Import files detected -@c -> delta-Transformation of "cfagent.global.conf" -@c -> delta-Transformation of "cfagent.freebsd.conf" -@c -> delta-Transformation of "cfagent.ntp.conf" -@c -> delta-Transformation of "cfagent.named.conf" -@c -> delta-Transformation of "cfagent.perfsonarServers.conf" -@c -> delta-Transformation of "cfagent.perfsonar.conf" -@c -> delta-Transformation of "cfagent.owmesh.conf" -@c -> delta-Transformation of "cfagent.owamp.conf" -@c -> delta-Transformation of "cfagent.perfsonarBUOY.conf" -@c -> delta-Transformation of "cfagent.syslog.conf" -@c -> delta-Transformation of "cfagent.bwctl.conf" -@c -> delta-Transformation of "cfagent.perfsonarBUOY.conf" -@c -> delta-Transformation of "cfagent.syslog.conf" -@c -> delta-Transformation of "cfagent.pinger.conf" -@c -> delta-Transformation of "cfagent.perfsonarBUOY.conf" -@c -> delta-Transformation of "cfagent.owmesh.conf" -@c -> delta-Transformation of "cfagent.perfsonarBUOY.conf" -@c -> delta-Transformation of "cfagent.owmesh.conf" -@c -> delta-Transformation of "cfagent.LSRegistration.conf" -@c -> delta-Transformation of "cfagent.freebsd.i386.packages" -@c -> Converting cfservd.cf -@c -> Writing promises.cf -@c -> 11238 lines of core transformed - -@c @end smallexample - -@node Converting by module, Assembling a compilable file set, Conversion Strategy, Conversion Strategy -@section Converting by module - -To optimize the translation, you should think about the modularity of -your code. First, look at how your CFEngine 2 configuration is -modularized and consider how you want your final CFEngine 3 -configuration to be modularized. CFEngine 3 has `promise bundles' as -modular entities (like subroutines or methods in other languages). -The typical procedure is to take each file and convert it into -a separate bundle. This makes each module into a separate entity -in the integrated knowledge management. - -There are potentially many ways to cut the cake, however. You can organize your -configuration, by operating system, by service, by geography, -etc. We recommend that you make separate bundles for each `issue', -`service' or slice of the system that you are managing. Bundles should -`bundle together' related promises. - - -@node Assembling a compilable file set, Validating the conversion, Converting by module, Conversion Strategy -@section Assembling a compilable file set - -The next step is to move as quickly as possible to a compilable -CFEngine 3 configuration. You will be tweaking and perfecting this -basic file set for ever more, but the sooner you have a syntactically -valid file, the sooner you will benefit from the CFEngine tools. - -@enumerate -@item Start by copying the Community Open Promise Body Library from the www.CFEngine.org -website into the @file{CFEngine3} directory. We will base the converted -configuration on these industry standard templates. - -@item Now create the new master configuration file -@file{CFEngine3/promises.cf}. This will replace the -@file{CFEngine2/cfagent.conf} file. - -Suppose you start with a top level @code{cfagent.conf} that is organized -as in the example below, - -@sp 1 - -@cartouche -@verbatim - -control: - - # .... - -import: - - any:: - - cfagent.global.conf - - freebsd:: - - cfagent.freebsd.conf - - 123.456.789:: - - cfagent.usa.conf - - MailServers:: - - cfagent.email.conf - -@end verbatim -@end cartouche - -@sp 1 -This file is typically converted to something of the following form. -@sp 1 - - -@verbatim - -body agent control -{ -# this is where control settings will go -} - -body executor control -{ -# this is where control settings will go -} - -##################################################### - -body common control -{ -# Keep the bundlesequence simple - -bundlesequence => { "g", "main" }; - -# The equivalent of imports - -inputs => { - "cfagent.freebsd.cf", - "cfagent.usa.conf", - "cfagent.email.conf", - # ... - "cfengine_stdlib.cf" - }; -} - -##################################################### - -bundle common g -{ -vars: - - "localroot" string => "/a/b/c"; - "cfsrvhost" string => "198.129.252.125"; - "masterBuild" string => "/usr/local/CFEngine_export/RELEASE/build"; - -classes: - - # ... - -} - -##################################################### - -bundle agent main -{ -methods: - - any:: - "any" usebundle => global_stuff; - - freebsd:: - "any" usebundle => freebsd_stuff; - - MailServers:: - "any" usebundle => mail_stuff; - - -} -@end verbatim - - -@item Compare these two control files above. -Notice that there is no @code{actionsequence} in the CFEngine 3 -configuration. CFEngine 3 can determine an order more automatically -using a best-effort heuristic algorithm.@footnote{Some scheduling -tools talk about `sorting of dependencies' to determine order, but -this is not possible in a dynamic environment, since you don't know -which dependencies will be in play until after the sort.} All we need -to do is include the different bundles in the basic order that we want -and CFEngine will do the rest. - -@end enumerate - - -@node Validating the conversion, Optimizing the configuration, Assembling a compilable file set, Conversion Strategy -@section Validating the conversion - -Validating the conversion is potentially an arduous process and -the work is not over yet. Because CFEngine 3 uses body templates to -simplify the appearence of promises, and promote the reusability of -code, the conversion requires us to create these. @c The @code{cfconvert} utility attempts to construct best-effort proposal for these. If it is possible to convert using standard body templates, nothing more is needed. However, some translations require custom templates; the conversion utility creates a proposal and leaves the custom body or bundle in-line (in comment form) to allow you to compare the CFEngine 2 and CFEngine 3 versions of the promises more easily. For example: - -@c @verbatim -@c "/etc/somefile" # -> { "optional_promisee_list" }, - -@c comment => "...", -@c # handle => "...", -@c # depends_on => { "..." ...}, - -@c perms => mog("0440","root","wheel"), -@c copy_from => remote_cp("$(master)/etc/somefile","$(cfsrvhost)"), - -@c # More accurate translation requires custom coding.. -@c # body copy_from custom_body -@c # { -@c # servers => { "$(master)/etc/somefile"}, -@c # trustkey => "false"; -@c # compare => "digest"; -@c # } -@c -@c action => if_elapsed("60"); - -@c @end verbatim -@c It is up to you to decide whether you want to use the commented proposal. In some cases there is no solution in terms of standard bodies, and you must use the commented proposal or some version of it. In that case, you should copy the commented text to a location outside the current promise bundle, e.g. by pasting it into a separate library file, and there uncomment it. Don't forget to ensure that the file is included in the @code{inputs} lists. - -@c Any items that the conversion program does not know how to convert will also be commented out for manual attention. - -To complete the conversion, you will need to: - -@enumerate -@item Check that the intention of the converted promise matches the orginal. -@item Check that variable references are ok - global ones can be referenced with def.varname (if they are defined in the bundle common def) -@item Insert comments -@item Simplifying repeated patterns using lists. -@item Run through cf-promises -@end enumerate - - - - -@node Optimizing the configuration, , Validating the conversion, Conversion Strategy -@section Optimizing the configuration - -You could optimize by not importing files that you don't need on all systems. -This reduces memory and processing time. To do this, you can adapt the -@file{inputs} and @file{bundlesequence} of the converted file appropriately. - - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@node Translation Codebook, , Conversion Strategy, Top -@chapter Translation Codebook - -@c ................................................................. -@menu -* upgrading from CFEngine 2 acl:: -* upgrading from CFEngine 2 admit:: -* upgrading from CFEngine 2 alerts:: -* upgrading from CFEngine 2 binservers:: -* upgrading from CFEngine 2 broadcast:: -* upgrading from CFEngine 2 control:: -* upgrading from CFEngine 2 classes:: -* upgrading from CFEngine 2 copy:: -* upgrading from CFEngine 2 defaultroute:: -* upgrading from CFEngine 2 deny:: -* upgrading from CFEngine 2 disks:: -* upgrading from CFEngine 2 directories:: -* upgrading from CFEngine 2 disable:: -* upgrading from CFEngine 2 editfiles:: -* upgrading from CFEngine 2 files:: -* upgrading from CFEngine 2 filters:: -* upgrading from CFEngine 2 groups:: -* upgrading from CFEngine 2 homeservers:: -* upgrading from CFEngine 2 ignore:: -* upgrading from CFEngine 2 import:: -* upgrading from CFEngine 2 interfaces:: -* upgrading from CFEngine 2 links:: -* upgrading from CFEngine 2 mailserver:: -* upgrading from CFEngine 2 methods:: -* upgrading from CFEngine 2 miscmounts:: -* upgrading from CFEngine 2 mountables:: -* upgrading from CFEngine 2 processes:: -* upgrading from CFEngine 2 packages:: -* upgrading from CFEngine 2 rename:: -* upgrading from CFEngine 2 required:: -* upgrading from CFEngine 2 resolve:: -* upgrading from CFEngine 2 scli:: -* upgrading from CFEngine 2 shellcommands:: -* upgrading from CFEngine 2 strategies:: -* upgrading from CFEngine 2 tidy:: -* upgrading from CFEngine 2 unmount :: -@end menu - -@node upgrading from CFEngine 2 acl, upgrading from CFEngine 2 admit, Translation Codebook, Translation Codebook -@section upgrading from CFEngine 2 @samp{acl} - -File Access Control Lists have been completely re-implemented in -CFEngine 3. They are only available now in the commercial version of -CFEngine, but with the benefit a unifying, platform-independent (least -common denominator) model (in addition to system specific models) for -Posix, Solaris, Linux, Windows and other ACL models. - -@verbatim - -files: - - /some/path - - acl=myacl - action=fixall - -######################################## - -acl: - - { myacl - - fstype:posix - method:overwrite - mask:*:rwx - user:*:rwx - group:*:r-x - other:*:r - user:www:=rwx - user:mark:=rwx - default_mask:=rwx - default_user:=rwx - default_group:=r - default_other:=r - } - -@end verbatim - -In CFEngine Nova, this would become approximately: - -@cartouche -@verbatim - -bundle agent acls - -{ -files: - - "/some/path" - - acl => myacl; -} - -######################################### - -body acl myacl - -{ -acl_method => "overwrite"; -acl_type => "posix"; -acl_directory_inherit => "specify"; - -aces => { - "mask:rwx", - "user:*:rwx", - "group:*:r,-x", - "all:r", - "user:www:=rwx", - "user:mark:=rwx" - }; - -specify_inherit_aces => - { - "mask:=rwx", - "user:*:=rwx", - "group:*:=r", - "all:=r" - }; -} - -@end verbatim -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 admit, upgrading from CFEngine 2 alerts, upgrading from CFEngine 2 acl, Translation Codebook -@section upgrading from CFEngine 2 @samp{admit} - -The admit declarations belong to the server configuration. -@verbatim -admit: # or grant: - - /export/nexus/local/gnu/bin/CFEngine *.example.com - /export/waldo/local/gnu/bin/CFEngine *.example.com - - /export/nexus/local *.example.com - /export/nexus/ud dax.example.com - /export/nexus/u4 dax.example.com dump-truck.example.com - /etc *.example.com - -@end verbatim - -@noindent These are translated as @code{access} promises: -@cartouche -@smallformat -@verbatim - -bundle server rules -{ -access: - - "/export/nexus/local/gnu/bin/CFEngine" admit => { ".*.example.com" }; - "/export/waldo/local/gnu/bin/CFEngine" admit => { ".*.example.com" } - - "/export/nexus/local" admit => { ".*.example.com" }; - "/export/nexus/ud" admit => { "dax.example.com"}; - "/export/nexus/u4" admit => { "dax.example.com", "dump-truck.example.com" }; - "/etc" admit => { ".*.example.com" }; -} -@end verbatim -@end smallformat -@end cartouche - - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 alerts, upgrading from CFEngine 2 binservers, upgrading from CFEngine 2 admit, Translation Codebook -@section upgrading from CFEngine 2 @samp{alerts} - -In CFEngine 2, the term for reporting was `alert'. This seemed too reactionary. - -@verbatim - -alerts: - - myclass:: - - "Reminder: say hello every hour" - - ifelapsed=60 - - nfsd_in_high_dev2:: - - "High NFS server access rate 2dev at $(host)" - - ShowState(incoming.nfs) - -@end verbatim -In CFEngine 3, you would write: -@cartouche -@verbatim - -reports: - - myclass:: - - "Reminder: say hello every hour" - - action => ifelapsed("60"); - - nfsd_in_high_dev2:: - - "High NFS server access rate 2dev at $(host)" - - showstate => { "incoming.nfs" }; - -@end verbatim -@end cartouche -CFEngine 3 extends the possiblities for messaging considerably. -CFEngine Nova generates many standard reports automatically. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 binservers, upgrading from CFEngine 2 broadcast, upgrading from CFEngine 2 alerts, Translation Codebook -@section upgrading from CFEngine 2 @samp{binservers} - -The CFEngine Mount Model has been deprecated in version 3. The introduction of the -automounter largely superceded the use of this model, and while it is still possible -to use CFEngine as a static automounter, there is no longer any need for an explicit -definition of its parts, as simple pattern matching combined with mount promises -suffices to solve this problem, @xref{upgrading from CFEngine 2 miscmounts}. - -@verbatim -control: - - site = ( mysite ) - - MountPattern = ( /$(site)/$(host) ) - HomePattern = ( home? ) - - actionsequence = - ( - mountall - mountinfo - addmounts - mountall - ) - -mountables: - - any:: - - serv1:/mysite/serv1/home1 - serv1:/mysite/serv1/home2 - serv1:/mysite/serv1/local - serv3:/mysite/serv3/local1 - serv3:/mysite/serv3/local2 - serv4:/mysite/serv4/homeA - serv4:/mysite/serv4/homeB - -binservers: - - group1:: - - serv1 serv2 - - group2:: - - serv3 - -@end verbatim -@noindent In CFEngine 3, you might write this: - -@cartouche -@smallformat -@verbatim - -storage: - - group1:: - - "/mysite/serv1/local" mount => nfs("serv1","/mysite/serv1/local"); - - group2:: - - "/mysite/serv3/local1" mount => nfs("serv3","/mysite/serv3/local1"); - "/mysite/serv3/local2" mount => nfs("serv3","/mysite/serv3/local2"); - - # Or use lists to iterate this - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 broadcast, upgrading from CFEngine 2 control, upgrading from CFEngine 2 binservers, Translation Codebook -@section upgrading from CFEngine 2 @samp{broadcast} - -This is deprecated in CFEngine 3. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 control, upgrading from CFEngine 2 classes, upgrading from CFEngine 2 broadcast, Translation Codebook -@section upgrading from CFEngine 2 @samp{control} - -In CFEngine 2, the @code{control} part has two muddled functions: - -@itemize -@item Setting parameters that control the internal behaviour of CFEngine. - - These are details that adjust the behaviour of promises that are hard-coded -into CFEngine. Thus, they belong formally in @code{body} declarations according to -the CFEngine 3 promise model. - -@item Defining user variables (macros). - -These are actual user-defined promises (the promise that a certain name -will represent a certain value). They are thus represented as @code{vars} -promises in CFEngine 3. -@end itemize -Note that there is no @code{actionsequence} in CFEngine 3. It is no longer needed -and can be ignored. - -The following CFEngine 2 code -@verbatim -control: - - Access = ( root ) # Only root should run this - - site = ( iu ) - domain = ( iu.hio.no ) - sysadm = ( CFEngine@example.com ) - smtpserver = ( smtp@example.com ) - - # Welcome to Norway...! - - timezone = ( MET CET ) - - # - # Where backup files (for copy/tidy) are kept - # - - Repository = ( /var/spool/CFEngine ) - - SplayTime = ( 4 ) - - OutputPrefix = ( "cf:$(host)" ) - - IfElapsed = ( 15 ) - ExpireAfter = ( 240 ) - - - SensibleSize = ( 1000 ) - SensibleCount = ( 2 ) - EditfileSize = ( 40000 ) - - cfbin = ( /var/cfengine/bin ) - gnu = ( "/local/gnu" ) - ftp = ( /local/iu/ftp ) - -@end verbatim -@noindent translates in CFEngine 3 into several pieces: -@cartouche -@verbatim -# Hard-coded promise parameters, common to all parts - -body common control -{ -bundlesequence => { "global_promises" }; -} - -# Hard-coded promise parameters for cf-agent - -body agent control -{ -default_repository => "/var/spool/CFEngine"; -ifelapsed => "15"; -expireafter => "240"; -sensiblesize => "1000"; -sensiblecount => "2"; -editfilesize => "40000"; -} - -# Hard-coded promise parameters for cf-execd - -body executor control -{ -splaytime => "4"; -mailto => "cfengine@example.com"; -smtpserver => "smtp.example.com"; -} - -# User defined promises common to all parts - -bundle common global_promises -{ -vars: - - "cfbin" string => "/var/cfengine/bin"; - "gnu" string => "/local/gnu"; - "ftp" string => "/local/iu/ftp"; - -} - -@end verbatim -@end cartouche -Note that @code{vars} promises that are declared @samp{common} are -seen by all bundles and all agents. It is also possible to have -variables in @samp{agent} or @samp{server} bundles that are seen only by -those parts of CFEngine. - -Control information from the @file{cfservd.conf} file goes naturally into -a control body: - -@verbatim -control: - - cfrunCommand = ( "/var/cfengine/bin/cfagent" ) - AllowConnectionsFrom = ( 127.0.0.1 ::1 ) - AllowMultipleConnectionsFrom = ( 127.0.0.1 ::1 ) - TrustKeysFrom = ( 127.0.0.1 ::1 ) - AllowUsers = ( root mark ) - -@end verbatim -@noindent becomes: -@cartouche -@smallformat -@verbatim - -body server control - -{ -allowconnects => { "127.0.0.1" , "::1" }; -allowallconnects => { "127.0.0.1" , "::1" }; -trustkeysfrom => { "127.0.0.1" , "::1" }; -cfruncommand => - "$(sys.workdir)/bin/cf-agent -f failsafe.cf && $(sys.workdir)/bin/cf-agent"; -allowusers => { "mark", "root" }; -} - -@end verbatim -@end smallformat -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 classes, upgrading from CFEngine 2 copy, upgrading from CFEngine 2 control, Translation Codebook -@section upgrading from CFEngine 2 @samp{classes} - -@verbatim - -classes: # same as groups - - Setup_SSH_OK = ( '/usr/bin/test -f /etc/ssh2/ssh2_config' ) - science = ( saga tor odin ) - notthis = ( !this ) - ip_in_range_1 = ( IPRange(129.0.0.1-15) ) - ip_in_range_2 = ( IPRange(129.0.0.1/24) ) - compute_nodes = ( HostRange(cpu-,1-32) ) - science = ( +science-allhosts ) - physics_theory = ( +@physics-theory-sun4 dirac feynman schwinger ) - group1 = ( +mynetgroup -specialhost -otherhost ) - group2 = ( +bignetgroup -smallnetgroup ) - SpecialTimes = ( Hr00 Monday Day1 ) - -@end verbatim -These promises translate into CFEngine 3 as: -@cartouche -@smallformat -@verbatim - -classes: - - "Setup_SSH_OK" expression => fileexists("/etc/ssh2/ssh2_config"); - "science" or => { "saga", "tor", "odin" }; - "notthis" expression => "!this"; - "ip_in_range" expression => iprange("129.0.0.1-15"); - "ip_in_range" expression => iprange("129.0.0.1/24"); - "compute_nodes" expression => hostrange("cpu-","1-32"); - "science" expression => hostinnetgroup("science-allhosts"); - - "physics_theory" or => { - hostinnetgroup("physics-theory-sun4", - "dirac", - "feynman", - "schwinger" - }; - - "group1" and => { - hostinnetgroup("mynetgroup"), - "!specialhost", - "!otherhost - }; - - "helper" expression => hostinnetgroup(smallnetgroup"); - "group2" and => { hostinnetgroup("bignetgroup"), "!helper" }; - "SpecialTimes" or => { "Hr00", "Monday", "Day1" }; - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 copy, upgrading from CFEngine 2 defaultroute, upgrading from CFEngine 2 classes, Translation Codebook -@section upgrading from CFEngine 2 @samp{copy} - - -Copying of files from one location to another had the following form in CFEngine 2: -@smallformat -@verbatim - -copy: - - /masterfiles/hosts.deny dest=/etc/hosts.deny mode=644 server=nexus - - !(dax|cube|sigmund):: - - /masterfiles/hosts.allow dest=/etc/hosts.allow mode=644 server=nexus - - 128_39_89.!securehosts:: - - /masterfiles/ssh_banner_message_89 dest=/etc/ssh2/ssh_banner_message - mode=644 owner=root group=root - encrypt=true - -@end verbatim -@end smallformat - -In CFEngine 3, beware that the order of the source and destination have been reversed -to follow the general principle in CFEngine 3 that the affected object (in this case the -destination) is always the first object in the promise (the promiser). - -@cartouche -@smallformat -@verbatim - -files: - - "/etc/hosts.deny" - copy_from => remote_cp("/masterfiles/hosts.deny","nexus"), - perms => m("644"); - - # - - !(dax|cube|sigmund):: - - "/etc/hosts.allow" - copy_from => remote_cp("/masterfiles/hosts.allow","nexus"), - perms => m("644"); - - # - - 128_39_89.!securehosts:: - - "/etc/ssh2/ssh_banner_message" - copy_from => secure_cp("/masterfiles/ssh_banner_message_89") - perms => mog("644","root","root"); - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 defaultroute, upgrading from CFEngine 2 deny, upgrading from CFEngine 2 copy, Translation Codebook -@section upgrading from CFEngine 2 @samp{defaultroute} - -This function is deprecated in CFEngine 3. Today it can normally be implemented by editing -a file. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 deny, upgrading from CFEngine 2 disks, upgrading from CFEngine 2 defaultroute, Translation Codebook -@section upgrading from CFEngine 2 @samp{deny} - -@verbatim - -deny: - - $(public)/special *.moneyworld.com - -@end verbatim -@noindent becomes: -@cartouche -@verbatim -access: - - "$(public)/special" - - deny => { "*.moneyworld.com" }; - -@end verbatim -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 disks, upgrading from CFEngine 2 directories, upgrading from CFEngine 2 deny, Translation Codebook -@section upgrading from CFEngine 2 @samp{disks} - -@verbatim - -disks: - - /usr - - freespace=10% - -@end verbatim - -@noindent becomes -@cartouche -@verbatim - -storage: - - "/usr" - - volume => min_free_space("10%"); - -@end verbatim -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 directories, upgrading from CFEngine 2 disable, upgrading from CFEngine 2 disks, Translation Codebook -@section upgrading from CFEngine 2 @samp{directories} - -@verbatim - -directories: - - /usr/local/bin - - mode=755 - owner=root - group=wheel -@end verbatim - -@noindent becomes -@cartouche -@verbatim - -files: - - "/usr/local/bin/." - - create => "true", - perms => mog("755","root","wheel"); - -@end verbatim -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 disable, upgrading from CFEngine 2 editfiles, upgrading from CFEngine 2 directories, Translation Codebook -@section upgrading from CFEngine 2 @samp{disable} - -Disabling files has many meanings in CFEngine 2. It covers log rotation as well as file disablement. -@verbatim - -disable: - - /usr/bin/rsh - /var/log/xferlog rotate=3 - /local/etc/fingerdir/userdata rotate=empty - -@end verbatim - -@cartouche -@verbatim - -files: - - "/usr/bin/rsh" rename => disable; - - "/var/log/xferlog" - rename => rotate("3"); - - "/local/etc/fingerdir/userdata" - rename => rotate("0"); - -@end verbatim -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 editfiles, upgrading from CFEngine 2 files, upgrading from CFEngine 2 disable, Translation Codebook -@section upgrading from CFEngine 2 @samp{editfiles} - - - -File editing is a complex subject. A few examples are provided. -@smallformat -@verbatim - -editfiles: - - !rom21X:: - - { /etc/ssh2/sshd2_config - - ReplaceAll "PrintMotd.*yes" With "PrintMotd no" - ReplaceAll ".*Ssh1Compatibility.*yes.*" With "Ssh1Compatibility no" - AppendIfNoSuchLine "Ssh1Compatibility no" - HashCommentLinesMatching ".*Sshd1Path.*" - DeleteLinesMatching ".*PasswordAuthentication.*" - DeleteLinesMatching ".*PubkeyAuthentication.*" - DeleteLinesMatching ".*AllowCshrcSourcingWithSubsystems.*" - } - - -@end verbatim -@end smallformat - -@cartouche -@smallformat -@verbatim - -files: - - !rom21X:: - - "/etc/ssh2/sshd2_config" - - edit_line => ssh_config; - - -# .. - -bundle edit_line ssh_config -{ -replace_patterns: - - "PrintMotd.*yes" - replace_with => all("PrintMotd no"); - - ".*Ssh1Compatibility.*yes.*" - replace_with => value("Ssh1Compatibility no"); - - ".*Sshd1Path.*" - replace_with => comment("#"); - -delete_lines: - - ".*PasswordAuthentication.*"; - ".*PubkeyAuthentication.*"; - ".*AllowCshrcSourcingWithSubsystems.*"; - -insert_lines: - - "Ssh1Compatibility no"; -} - -@end verbatim -@end smallformat -@end cartouche - - - -@smallformat -@verbatim - -editfiles: - - { /etc/shells - - AppendIfNoSuchLine "/bin/tcsh" - AppendIfNoSuchLine "/bin/bash" - AppendIfNoSuchLine "/local/gnu/bin/bash" - } - - -@end verbatim -@end smallformat - - -@cartouche -@smallformat -@verbatim - -vars: - - "lines" slist => { "/bin/tcsh", "/bin/bash", "/local/gnu/bin/bash" }; - -files: - - "/etc/shells" - - edit_line => append_if_no_lines(@(lines)); - - -@end verbatim -@end smallformat -@end cartouche - -or an alternative solution -@cartouche -@smallformat -@verbatim - -files: - - "/etc/shells" - - edit_line => shells; - -# .. - -bundle edit_line shells -{ -insert_lines: - - "/bin/tcsh"; - "/bin/bash"; - "/local/gnu/bin/bash"; -} - - -@end verbatim -@end smallformat -@end cartouche - - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 files, upgrading from CFEngine 2 filters, upgrading from CFEngine 2 editfiles, Translation Codebook -@section upgrading from CFEngine 2 @samp{files} - -The @code{files} action in CFEngine 2 was mostly about permissions. In CFEngine 3, all file -related operations are collected under this banner. - -@smallformat -@verbatim - -files: - - PrimeServers:: - - /local/dns/pz - - owner=dns - mode=644 - action=fixall - recurse=1 - exclude=Fixserial - - /local/dns/pz/Fixserial - m=755 - action=fixplain - - NameServers:: - - /local/logs/admin - - o=dns - m=644 - act=fixplain - - /local/logs/security - - o=dns - m=644 - act=fixplain - - /local/logs/updates - - o=dns - m=644 - act=fixplain - - /local/logs/xfer o=dns m=644 act=fixplain - - # - # Make sure anonymous ftp areas have the correct - # protection, or logins won't be able to read files - # - - $(ftp)/pub mode=644 o=root g=other act=fixall - $(ftp)/pub mode=644 act=fixall r=inf - - $(ftp)/etc mode=111 o=root g=other act=fixdirs - $(ftp)/usr/bin/ls mode=111 o=root g=other act=fixall - $(ftp)/dev mode=555 o=root g=other act=fixall - $(ftp)/usr mode=555 o=root g=other act=fixdirs - - -@end verbatim -@end smallformat -@noindent may be translated into: -@cartouche -@smallformat -@verbatim - -vars: - - "ns_files" slist => { - "/local/logs/admin", - "/local/logs/security", - "/local/logs/updates", - "/local/logs/xfer" - }; -files: - - PrimeServers:: - - "/local/dns/pz" - - perms => mo("644","dns") - depth_search => recurse("1"), - file_select => exclude("FixSerial"); - - "/local/dns/pz/FixSerial" - - perms => m("755"), - file_select => plain; - - NameServers:: - - "$(ns_files)" - - perms => mo("644","dns"), - file_select => plain; - - # - # Make sure anonymous ftp areas have the correct - # protection, or logins won't be able to read files - # - - "$(ftp)/pub" - perms => mog("644","root","other"); - - "$(ftp)/pub" - perms => m("644"), - depth_search => recurse("inf"); - - "$(ftp)/etc" perms => mog("111","root","other"); - "$(ftp)/usr/bin/ls" perms => mog("111","root","other"); - "$(ftp)/dev" perms => mog("555","root","other"); - "$(ftp)/usr" perms => mog("555","root","other"); - -@end verbatim -@end smallformat -@end cartouche - - - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 filters, upgrading from CFEngine 2 groups, upgrading from CFEngine 2 files, Translation Codebook -@section upgrading from CFEngine 2 @samp{filters} - -Filters have been redefined as `select' body templates. Filters exist for processes -and files in CFEngine 2. These translate into keywords @code{process_select} -and @code{file_select}. - -@smallformat -@verbatim - -filters: - - { testfilteralias - - Owner: "mark" - Group: "cfengine" - Type: "dir|link" - - Result: "Type|(Owner.Group)" # Both owner AND group required correct - } - -@end verbatim -@end smallformat -@noindent becomes - -@cartouche -@smallformat -@verbatim - -body file_select testfilteralias - -{ -search_owners => { "mark" }; -search_groups => { "cfengine" }; -file_types => { "dir","symlink" }; - -file_result => "file_types|(owners.groups)"; -} - -@end verbatim -@end smallformat -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 groups, upgrading from CFEngine 2 homeservers, upgrading from CFEngine 2 filters, Translation Codebook -@section upgrading from CFEngine 2 @samp{groups} - -Groups are a synonym for classes, -see @xref{upgrading from CFEngine 2 classes}. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 homeservers, upgrading from CFEngine 2 ignore, upgrading from CFEngine 2 groups, Translation Codebook -@section upgrading from CFEngine 2 @samp{homeservers} - -The CFEngine Mount Model has been deprecated in version 3. The introduction of the -automounter largely superceded the use of this model, and while it is still possible -to use CFEngine as a static automounter, there is no longer any need for an explicit -definition of its parts, as simple pattern matching combined with mount promises -suffices to solve this problem, @xref{upgrading from CFEngine 2 miscmounts}. - - -@smallformat -@verbatim -control: - - site = ( mysite ) - - MountPattern = ( /$(site)/$(host) ) - HomePattern = ( home? ) - - actionsequence = - ( - mountall - mountinfo - addmounts - mountall - ) - -mountables: - - any:: - - serv1:/mysite/serv1/home1 - serv1:/mysite/serv1/home2 - serv1:/mysite/serv1/local - serv3:/mysite/serv3/local1 - serv3:/mysite/serv3/local2 - serv4:/mysite/serv4/homeA - serv4:/mysite/serv4/homeB - -homeservers: - - group1:: - - serv1 serv2 - - group2:: - - serv4 - -@end verbatim -@end smallformat -In CFEngine 3, you might write this: - -@cartouche -@smallformat -@verbatim - -storage: - - group1:: - - "/mysite/serv1/home1" mount => nfs("serv1","/mysite/serv1/home1"); - "/mysite/serv1/home2" mount => nfs("serv1","/mysite/serv1/home2"); - - group2:: - - "/mysite/serv4/homeA" mount => nfs("serv4","/mysite/serv3/homeA"); - "/mysite/serv4/homeB" mount => nfs("serv4","/mysite/serv3/homeB"); - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 ignore, upgrading from CFEngine 2 import, upgrading from CFEngine 2 homeservers, Translation Codebook -@section upgrading from CFEngine 2 @samp{ignore} - -Ignore is used in CFEngine 2 to skip directories or filenames during -searches. CFEngine 3 does not have a global list for this, but uses -local lists analogous to the @samp{ignore=} attributes. - -To make a global list in CFEngine 3, you can simply define a list of names and attach it to any promise -in the program. Instead of CFEngine 2: - -@smallformat -@verbatim - -ignore: - - one - two - three - -@end verbatim -@end smallformat -@noindent we use: -@cartouche -@smallformat -@verbatim - -bundle common defs -{ -vars: - - "ignore_list" slist => { "one", "two", "three" }; -} - -# ... - -bundle agent filestuff -{ -files: - - "/mypath" - - depth_search => recurse_ignore("inf",@(defs.ignore_list)); -} - -@end verbatim -@end smallformat -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 import, upgrading from CFEngine 2 interfaces, upgrading from CFEngine 2 ignore, Translation Codebook -@section upgrading from CFEngine 2 @samp{import} - -@verbatim -import: - - one.cf - two.cf - three.cf - -@end verbatim -@noindent becomes -@cartouche -@verbatim -bundle common control -{ -inputs => { "one.cf", "two.cf", "three.cf" }; -} -@end verbatim -@end cartouche - -In CFEngine 3, file imports are no longer order sensitive in the manner of CFEngine 2. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 interfaces, upgrading from CFEngine 2 links, upgrading from CFEngine 2 import, Translation Codebook -@section upgrading from CFEngine 2 @samp{interfaces} - -This promise type has been temporarily placed on hold, pending -future developments. Interface management has become much -simpler since the early days of CFEngine, but this will eventually -include routing promises for network management. - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 links, upgrading from CFEngine 2 mailserver, upgrading from CFEngine 2 interfaces, Translation Codebook -@section upgrading from CFEngine 2 @samp{links} - - -Linking files in CFEngine 2: - -@verbatim - -links: - - nexus:: - - /etc/rsyncd.conf -> /local/etc/rsyncd.conf - - -@end verbatim - -In CFEngine 3 this becomes -@cartouche -@verbatim - -files: - - nexus:: - - "/etc/rsyncd.conf" - - link_from => ln_s("/local/etc/rsyncd.conf"); - -@end verbatim -@end cartouche -Linking directories of multiple children: -@verbatim - -links: - - /usr/local/bin +> /usr/local/lib/perl/bin - /opt +>! /local - - -@end verbatim - -In CFEngine 3 this becomes -@cartouche -@verbatim - -files: - - "/usr/local/lib/perl/bin" => linkchildren("/usr/local/bin"); - "/local" => linkchildren("/opt"); - -@end verbatim -@noindent Or alternatively, use recursive copy with @code{linkcopy_patterns => @{ ".*" @}} -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 mailserver, upgrading from CFEngine 2 methods, upgrading from CFEngine 2 links, Translation Codebook -@section upgrading from CFEngine 2 @samp{mailserver} - -This section has been deprecated in CFEngine 3. It can be handled by @code{mount} promises. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 methods, upgrading from CFEngine 2 miscmounts, upgrading from CFEngine 2 mailserver, Translation Codebook -@section upgrading from CFEngine 2 @samp{methods} - - -In CFEngine 2, methods were experimental. Methods are ways of making -subroutines of CFEngine code. They were executed as separate programs following a -special protocol, and could be activated remotely. - -There is no direct mapping between methods in CFEngine 2 and CFEngine -3. In CFEngine 3, methods are simply bundles of promises that are -executed as a group. These bundles can be parameterized and re-used. -They are what methods should have been in CFEngine 2. Remote methods, -are not implemented in CFEngine 3. Instead CFEngine Nova provides the -means for agents to share data remotely by `voluntary cooperation'. - -@smallformat -@verbatim -# cfagent.conf - -control: - -actionsequence = ( methods ) - -################################################# - -methods: - - SimpleMethod(null) - - action=cf.simple - returnvars=null - returnclasses=null - server=localhost - -@end verbatim -@end smallformat -and -@smallformat -@verbatim -# cf.simple - -control: - - MethodName = ( SimpleMethod ) - MethodParameters = ( null ) - actionsequence = ( timezone ) - -classes: - - dummy = ( any ) - - #################################################### - -alerts: - - dummy:: - - "This simple method does nothing" - - ReturnVariables(void) - ReturnClasses(void) -@end verbatim -@end smallformat -This can be achieved more simply in CFEngine 3 as: - -@cartouche -@verbatim -bundle agent parent -{ -methods: - - "some_id" usebundle => SimpleMethod; - -#... -} - -bundle agent SimpleMethod -{ -classes: - - "dummy" expression => "any"; - -reports: - - dummy:: - - "This simple method does nothing"; -} -@end verbatim -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 miscmounts, upgrading from CFEngine 2 mountables, upgrading from CFEngine 2 methods, Translation Codebook -@section upgrading from CFEngine 2 @samp{miscmounts} - - -@smallformat -@verbatim - -miscmounts: - - host:/foo /mnt/foo - - myserver:/$(site)/libraryserver/data1 - /mnt/data1 ro - - # consistent syntax - - myserver:/$(site)/libraryserver/data2 - /mnt/data2 mode=ro - - -@end verbatim -@end smallformat - -@cartouche -@smallformat -@verbatim - -storage: - - "/foot" mount => nfs("host","/foo"); - - "/$(site)/libraryserver/data1" - - mount => nfs_p("myserver","/$(site)/libraryserver/data1","ro"); - - "/$(site)/libraryserver/data2" - - mount => nfs_p("myserver","/$(site)/libraryserver/data2","ro"); - - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 mountables, upgrading from CFEngine 2 processes, upgrading from CFEngine 2 miscmounts, Translation Codebook -@section upgrading from CFEngine 2 @samp{mountables} - -This list has been deprecated in CFEngine 3, see @xref{upgrading from CFEngine 2 miscmounts}. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 processes, upgrading from CFEngine 2 packages, upgrading from CFEngine 2 mountables, Translation Codebook -@section upgrading from CFEngine 2 @samp{processes} - -In CFEngine 2 process promises were muddled with commands that were used to restart -processes that were not running. The led to inconsistency in the handling of commands. -CFEngine 3 separates commands to restart processes so that the full range of -promise attributes can be applied during process start control. -@verbatim - -processes: - - "inetd" - - signal=hup - - "bootp" - - signal=kill - exclude=rpc.bootparamd - - "cfservd" - - restart "/usr/local/sbin/cfservd" - useshell=false - - # matches=>6 warn number of matches is greater than or equal to 6 - # matches=1 warn if not exactly 1 matching process - # matches=<2 warn if there are less than or equal to 2 matching processes - -@end verbatim -@noindent Translates to: -@cartouche -@verbatim - -processes: - - "inetd" - signals => { "hup" }; - - "bootp" - signals => { "kill" }, - process_select => exclude_procs(".*rpc.bootparamd.*"); - - - "cf-serverd" - restart_class => "start_cfserverd"; - - # process_count => check_range(cfserv,6,inf); warn number of matches is greater than or equal to 6 - # process_count => check_range(cfserv,1,1); warn if not exactly 1 matching process - # process_count => check_range(cfserv,0,2); warn if there are less than or equal to 2 matching processes - -commands: - - start_cfserverd:: - - "/usr/local/sbin/cf-serverd"; - -reports: - - cfserv_out_of_range:: - - "cf-serverd is out of control!!"; - -@end verbatim -@end cartouche -We can make use of lists to simplify the checking of multiple processes: -@verbatim - -processes: - - Syslogdhup:: - - "Syslogd" signal=hup - - any:: - - "snmp" signal=kill - "powerd" signal=kill - "mibiisa" signal=kill - -@end verbatim -becomes: -@cartouche -@verbatim - -vars: - - "kill_list" slist => { "snmp", "powerd", "mibiisa" }; - -processes: - - Syslogdhup:: - - "Syslogd" signals => { "hup" }; - - any:: - - "$(kill_list)" signals => { "kill" }; - -@end verbatim -@end cartouche -Lists can also be used to simplify process starting. The following script -@smallformat -@verbatim - -processes: - - "named" restart "/local/sbin/named -u dns" - useshell=false - inform=true - - "cfservd" restart "/var/cfengine/bin/cfservd" - "cfenvd" restart "/var/cfengine/bin/cfenvd" - "cfexecd" restart "/var/cfengine/bin/cfexecd" - -@end verbatim -@end smallformat -@noindent would translate more efficiently into: -@cartouche -@smallformat -@verbatim -vars: - - "daemons" slist => { "cf-monitord", "cf-serverd", "cf-execd" }; - -processes: - - "named" restart_class => "restart_named"; - - "$(daemons)" restart_class => canonify("start_$(component)"); - -commands: - - "/bin/echo /var/cfengine/bin/$(component)" - ifvarclass => canonify("start_$(component)"); - - restart_named:: - - "/local/sbin/named -u dns" - action => inform; - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 packages, upgrading from CFEngine 2 rename, upgrading from CFEngine 2 processes, Translation Codebook -@section upgrading from CFEngine 2 @samp{packages} - -Package handling in CFEngine 3 is far superior and more flexible than in CFEngine 2. -There are many ways to code packages promises. Here is a simple way to code -specific lists of versioned packages. In CFEngine 2 one might write: - -@smallformat -@verbatim - -packages: - - autoconf-2.13.000227_6 version=2.13.000227_6 cmp=ge action=install - automake-1.9.6_3 version=1.9.6_3 cmp=ge action=install - gmake-3.81_3 version=3.81_3 cmp=ge action=install - help2man-1.36.4_2 version=1.36.4_2 cmp=ge action=install - mysql-server-5.0.67 version=5.0.67 cmp=ge elsedefine=InstallMySQL - - # ... - -@end verbatim -@end smallformat -@noindent This could be translated efficiently using an associative array: -@cartouche -@smallformat -@verbatim -vars: - - "v[autoconf-2.13.000227_6]" string => "2.13.000227_6" - "v[automake-1.9.6_3]" string => "1.9.6_3" - "v[gmake-3.81_3]" string => "3.81_3" - "v[help2man-1.36.4_2]" string => "1.36.4_2" - - # ... - - "packages" slist => getindices("v"); - -packages: - - "$(packages)" - - package_policy => "add", - package_method => freebsd, - package_select => ">=", - package_version => "$(v[$(package)])"; - -@end verbatim -@end smallformat -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 rename, upgrading from CFEngine 2 required, upgrading from CFEngine 2 packages, Translation Codebook -@section upgrading from CFEngine 2 @samp{rename} - -This is an alias, see @xref{upgrading from CFEngine 2 disable}. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 required, upgrading from CFEngine 2 resolve, upgrading from CFEngine 2 rename, Translation Codebook -@section upgrading from CFEngine 2 @samp{required} - -This is an alias, see @xref{upgrading from CFEngine 2 disks}. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 resolve, upgrading from CFEngine 2 scli, upgrading from CFEngine 2 required, Translation Codebook -@section upgrading from CFEngine 2 @samp{resolve} - -The special resolver configuration in CFEngine 2 has been deprecated in favour of using -straightforward editing commands to manage the resolver file. The special variable -@code{$(sys.resolv)} points to the system's current resolver configuration file. -Thus the CFEngine 2 configuration: -@smallformat -@verbatim - -resolve: - - "search iu.hio.no CFEngine.com" - 128.39.89.10 - 158.36.85.10 - 129.241.1.99 - -@end verbatim -@end smallformat -@noindent may be translated as: -@cartouche -@smallformat -@verbatim - -vars: - - "r" slist => { "128.39.89.10", "158.36.85.10", "129.241.1.99" }; - -files: - - "$(sys.resolv)" - - edit_line => resolvconf("iu.hio.no CFEngine.com",@(mybundle.r)); - # edit_default => empty; - -@end verbatim -@end smallformat -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 scli, upgrading from CFEngine 2 shellcommands, upgrading from CFEngine 2 resolve, Translation Codebook -@section upgrading from CFEngine 2 @samp{scli} - -SCLI (SNMP Command Line Interface) promises are deprecated in CFEngine -3. There are no plans to integrate CFEngine directly with SNMP. - -Users of CFEngine Nova can use the generic @code{measurement} promises -to encapsulate SNMP monitoring into the CFEngine framework if -necessary. - -@page -@c ................................................................. -@node upgrading from CFEngine 2 shellcommands, upgrading from CFEngine 2 strategies, upgrading from CFEngine 2 scli, Translation Codebook -@section upgrading from CFEngine 2 @samp{shellcommands} - -Shellcommands scheduled the execution of scripts and programs external -to the CFEngine framework in CFEngine 2. The following examples - -@verbatim -shellcommands: - - nexus:: - - "/usr/sbin/shareall" - - ifelapsed=240 - - cube.nfs_update:: - - "/etc/init.d/nfs-server restart > /dev/null 2>&1" - -@end verbatim -@noindent may be translated as: - -@cartouche -@verbatim -commands: - - nexus:: - - "/usr/sbin/shareall" - - action => ifelapsed("240"); - - cube.nfs_update:: - "/etc/init.d/nfs-server restart > /dev/null 2>&1" - - contain => in_shell; - -@end verbatim -@end cartouche - - -@page -@c ................................................................. -@node upgrading from CFEngine 2 strategies, upgrading from CFEngine 2 tidy, upgrading from CFEngine 2 shellcommands, Translation Codebook -@section upgrading from CFEngine 2 @samp{strategies} - -Strategies in CFEngine 2 define probabilistic classes. -This has become part of a @code{classes} promise is CFEngine 3. - -@verbatim -strategies: - - { spread_load - - percent_10: "1" - percent_30: "3" - precent_60: "6" - } - -@end verbatim -@noindent translates as: -@cartouche -@verbatim - -classes: - - "percent" dist => { "10", "30", "60" }; - -@end verbatim -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 tidy, upgrading from CFEngine 2 unmount , upgrading from CFEngine 2 strategies, Translation Codebook -@section upgrading from CFEngine 2 @samp{tidy} - -@verbatim - -tidy: - - /tmp/ pattern=* recurse=inf age=1 - /var/tmp pattern=* recurse=inf age=2 - / pattern=core r=1 a=0 - /etc pattern=core r=1 a=0 - -@end verbatim -@noindent This may be translated into the following: -@cartouche -@verbatim - -files: - - "/tmp" - - depth_search => recurse("1"), - file_select => name_age(".*","1"); - - "/var/tmp" - - depth_search => recurse("inf"), - file_select => name_age(".*","2"); - - "/" - depth_search => recurse("1"), - file_select => name_age("core","0"); - - "/etc" - depth_search => recurse("1"), - file_select => name_age("core","0"); - -@end verbatim -@end cartouche - -@page -@c ................................................................. -@node upgrading from CFEngine 2 unmount , , upgrading from CFEngine 2 tidy, Translation Codebook -@section upgrading from CFEngine 2 @samp{unmount} - -@verbatim - -unmount: - - /mnt -@end verbatim - -@noindent Translates to: - -@cartouche -@verbatim - -storage: - - "/mnt" mount => unmount; - -@end verbatim -@end cartouche - -@c ========================================================================= -@c @node Index, , CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - -@ifhtml -@html - -@contents -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye - diff --git a/docs/guides/cf_Quickref3.texinfo b/docs/guides/cf_Quickref3.texinfo deleted file mode 100644 index 01e385c275..0000000000 --- a/docs/guides/cf_Quickref3.texinfo +++ /dev/null @@ -1,569 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c The file is structured like a programming language. Each chapter -@c starts with a chapter comment. -@c -@c Menus list the subsections so that an online info-reader can parse -@c the file hierarchically. -@c -@c *********************************************************************** -@c %** start of header -@setfilename cf-QuickRef3.info -@settitle Quick Reference Guide for CFEngine 3 -@c @setchapternewpage odd -@c %** end of header - -@smallbook -@titlepage -@title Quick Reference Guide for CFEngine 3 -@subtitle A CFEngine AS workbook -@author CFEngine AS - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2012 CFEngine AS - -@end titlepage - - -@c *************************** File begins here ************************ - -@ifnottex -@node Top, Command reference, (dir), (dir) -@top CFEngine-Reference -@end ifnottex - -@ifinfo -@dircategory CFEngine Training -@direntry -* CFEngine Modularization: - CFEngine is a language based tool specifically - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo - - -@ifhtml -@html -

COMPLETE TABLE OF CONTENTS

 - -

Summary of contents

- -@end html -@end ifhtml - -@iftex -@contents -@end iftex - -@c ********************************************************************** -@c CHAPTER -@c ********************************************************************** - -@menu -* Command reference:: -@end menu - -@node Command reference, , Top, Top -@chapter Command reference - - -@menu -* cf-promises - CFEngine's promise analyzer:: -* cf-agent - CFEngine's change agent:: -* cf-serverd - CFEngine's server agent:: -* cf-execd - CFEngine's execution agent:: -* cf-monitord - CFEngine's monitoring agent:: -* cf-runagent - Run agent:: -* cf-report - CFEngine's reporting agent:: -* cf-know - CFEngine's knowledge agent:: -* cf-key:: -@end menu - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-promises - CFEngine's promise analyzer, cf-agent - CFEngine's change agent, Command reference, Command reference -@section cf-promises - CFEngine's promise analyzer - - -The promise agent is a validator and analysis tool for -configuration files belonging to any of the components -of CFEngine. Configurations that make changes must be -approved by this validator before being executed. - -@table @samp - -@item --help -(-h) - Print the help message -@item --bundlesequence -(-b @var{value}) - Use the specified bundlesequence for verification -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --dry-run -(-n) - All talk and no action mode - make no changes, only inform of promises not kept -@item --version -(-V) - Output the version of the software -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --define -(-D) @var{value} - Define a list of comma separated classes to be defined at the start of execution -@item --negate -(-N) @var{value} - Define a list of comma separated classes to be undefined at the start of execution -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --analysis -(-a) - Perform additional analysis of configuration -@item --reports -(-r) - Generate reports about configuration - -@end table - -Debug levels: 1=parsing, 2=running, 3=summary, 4=expression eval - - - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-agent - CFEngine's change agent, cf-serverd - CFEngine's server agent, cf-promises - CFEngine's promise analyzer, Command reference -@section cf-agent - CFEngine's change agent - -The main CFEngine agent is the instigator of change -in the system. In that sense it is the most important -part of the CFEngine suite. - - -@table @samp -@item --bootstrap -(-B) - Bootstrap CFEngine to the given policy server IP or hostname -@item --bundlsequence -(-b) - Set or override bundlesequence from command line -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --define -(-D @var{value}) - Define a list of comma separated classes to be defined at the start of execution -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --dry-run -(-n) - All talk and no action mode - make no changes, only inform of promises not kept -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --help -(-h) - Print the help message -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --negate -(-N @var{value}) - Define a list of comma separated classes to be undefined at the start of execution -@item --no-lock -(-K) - Ignore locking constraints during execution (ifelapsed/expireafter) if "too soon" to run -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --version -(-V) - Output the version of the software - -@end table - -Debug levels: 1=parsing, 2=running, 3=summary, 4=expression eval - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-serverd - CFEngine's server agent, cf-execd - CFEngine's execution agent, cf-agent - CFEngine's change agent, Command reference -@section cf-serverd - CFEngine's server agent - - -The server daemon provides two services: it acts as a -file server for remote file copying and it allows an -authorized cf-runagent to start a cf-agent process and -set certain additional classes with role-based access -control. - - -@table @samp -@item --help -(-h) - Print the help message -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --version -(-V) - Output the version of the software -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --define -(-D @var{value}) - Define a list of comma separated classes to be defined at the start of execution -@item --negate -(-N @var{value}) - Define a list of comma separated classes to be undefined at the start of execution -@item --no-lock -(-K) - Ignore locking constraints during execution (ifelapsed/expireafter) if "too soon" to run -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --no-fork -(-F) - Run as a foreground processes (do not fork) -@item --ld-library-path -(-L @var{value}) - Set the internal value of LD_LIBRARY_PATH for child processes -@end table - -Debug levels: 1=parsing, 2=running, 3=summary, 4=expression eval - -@page -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-execd - CFEngine's execution agent, cf-monitord - CFEngine's monitoring agent, cf-serverd - CFEngine's server agent, Command reference -@section cf-execd - CFEngine's execution agent - -The executor daemon is a scheduler and wrapper for -execution of cf-agent. It collects the output of the -agent and can email it to a specified address. It can -splay the start time of executions across the network -and work as a class-based clock for scheduling. - -@table @samp - -@item --help -(-h) - Print the help message -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --dry-run -(-n) - All talk and no action mode - make no changes, only inform of promises not kept -@item --version -(-V) - Output the version of the software -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --define -(-D @var{value}) - Define a list of comma separated classes to be defined at the start of execution -@item --negate -(-N @var{value}) - Define a list of comma separated classes to be undefined at the start of execution -@item --no-lock -(-K) - Ignore locking constraints during execution (ifelapsed/expireafter) if "too soon" to run -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --no-fork -(-F) - Run as a foreground processes (do not fork) -@item --no-winsrv -(-W) - Do not run as a service on windows - use this when running from a command shell (commercial editions only) -@item --ld-library-path -(-L @var{value}) - Set the internal value of LD_LIBRARY_PATH for child processes - -@end table -Debug levels: 1=parsing, 2=running, 3=summary, 4=expression eval - - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-monitord - CFEngine's monitoring agent, cf-runagent - Run agent, cf-execd - CFEngine's execution agent, Command reference -@section cf-monitord - CFEngine's monitoring agent - -The monitoring agent is a machine-learning, sampling -daemon which learns the normal state of the current -host and classifies new observations in terms of the -patterns formed by previous ones. The data are made -available to and read by cf-agent for classification -of responses to anomalous states. - -@table @samp -@item --help -(-h) - Print the help message -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --dry-run -(-n) - All talk and no action mode - make no changes, only inform of promises not kept -@item --version -(-V) - Output the version of the software -@item --no-lock -(-K) - Ignore system lock -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --no-fork -(-F) - Run process in foreground, not as a daemon -@item --histograms -(-H) - Store informatino about histograms / distributions -@item --tcpdump -(-T) - Interface with tcpdump if available to collect data about network - -@end table - -Debug levels: 1=parsing, 2=running, 3=summary, - -@page -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-runagent - Run agent, cf-report - CFEngine's reporting agent, cf-monitord - CFEngine's monitoring agent, Command reference -@section cf-runagent - Run agent - - -The run agent connects to a list of running instances of -the cf-serverd service. The agent allows a user to -forego the usual scheduling interval for the agent and -activate cf-agent on a remote host. Additionally, a user -can send additional classes to be defined on the remote -host. Two kinds of classes may be sent: classes to decide -on which hosts the agent will be started, and classes that -the user requests the agent should define on execution. -The latter type is regulated by cfserverd's role based -access control. - - -@table @samp -@item --help -(-h) - Print the help message -@item --background -(-b @var{value}) - Parallelize connections (50 by default) -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --dry-run -(-n) - All talk and no action mode - make no changes, only inform of promises not kept -@item --version -(-V) - Output the version of the software -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --define-class -(-D @var{value}) - Define a list of comma separated classes to be sent to a remote agent -@item --select-class -(-s @var{value}) - Define a list of comma separated classes to be used to select remote agents by constraint -@item --inform -(-I) - Print basic information about changes made to the system, i.e. promises repaired -@item --remote-options -(-o @var{value}) - Pass options to a remote server process -@item --diagnostic -(-x) - Activate internal diagnostics (developers only) -@item --hail --H value - Hail the following comma-separated lists of hosts, overriding default list -@item --interactive -(-i) - Enable interactive mode for key trust -@item --query -(-q @var{value}) - Query a server for a knowledge menu (commercial editions only) -@item --timeout -(-t @var{value}) - Connection timeout, seconds - -@end table - -Debug levels: 1=parsing, 2=running, 3=summary, 4=expression eval - - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-report - CFEngine's reporting agent, cf-know - CFEngine's knowledge agent, cf-runagent - Run agent, Command reference -@section cf-report - CFEngine's reporting agent - -The reporting agent is a merger between the older -CFEngine programs cfshow and cfenvgraph. It outputs -data stored in CFEngine's embedded databases in human -readable form. - - -@table @samp - -@item --help -(-h) - Print the help message -@item --class-regex -(-c @var{value}) - Specify a class regular expression to search for -@item --csv -(-C) - Enable CSV output mode in hub queries -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --inform -(-I) - Output information about actions performed by the agent -@item --version -(-V) - Output the version of the software -@item --no-lock -(-K) - Ignore ifelapsed locks -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --hostkey -(-k @var{value}) - Specify a hostkey to lookup -@item --html -(-H) - Print output in HTML -@item --xml -(-X) - Print output in XML -@item --version -(-V) - Print version string for software -@item --purge -(-P) - Purge data about peers not seen beyond the threshold horizon for assumed-dead -@item --erasehistory -(-E @var{value}) - Erase historical data from the cf-monitord monitoring database -@item --nova-export -(-x @var{value}) - Export Nova reports to file - delta or full report (commercial editions only) -@item --nova-import -(-i @var{value}) - Import Nova reports from file - specify the path (only on Nova policy hub) -@item --outputdir -(-o @var{value}) - Set output directory for printing graph data -@item --promise-handle -(-p @var{value}) - Specify a promise-handle to look up -@item --query-hub -(-q @var{value}) - Query hub database interactively with optional regex search string -@item --titles -(-t) - Add title data to generated graph files -@item --timestamps -(-T) - Add a time stamp to directory name for graph file data -@item --resolution -(-R) - Print graph data in high resolution -@item --show -(-1 @var{value}) - Show data matching named criteria (software,variables,classes) -@item --syntax -(-S) - Print a syntax summary for this CFEngine version -@item --syntax-export -(-s) - Export a syntax tree in Javascript format -@item --no-error-bars -(-e) - Do not add error bars to the printed graphs -@item --no-scaling -(-n) - Do not automatically scale the axes -@item --remove-hosts, -(-r @var{value}) - Remove comma separated list of IP address entries from the hosts-seen database -@end table - - -@page -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-know - CFEngine's knowledge agent, cf-key, cf-report - CFEngine's reporting agent, Command reference -@section cf-know - CFEngine's knowledge agent - -The knowledge management agent is capable of building -an analysing a semantic knowledge network. It can -configure a relational database to contain an ISO -standard topic map and permit regular-expression based -searching of the map. Analysis of the semantic network -can be performed providing graphical output of the data, -and cfknow can assemble and converge the reference manual -for the current version of the CFEngine software. - - -@table @samp - -@item --help -(-h) - Print the help message -@item --build -(-b) - Build and store topic map in the CFDB -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --version -(-V) - Output the version of the software -@item --file -(-f @var{value}) - Specify an alternative input file than the default -@item --manual -(-m) - Generate reference manual from internal data -@item --manpage -(-M) - Generate reference manpage from internal data -@item --stories -(-z @var{value}) - Look up stories for a given topic on the command line -@item --syntax -(-S @var{value}) - Print a syntax summary of the optional keyword or this CFEngine version -@item --topics -(-T) - Show all topic names in CFEngine -@item --test -(-t @var{value}) - Generate test data -@item --removetest -(-r) - Remove test data -@item --updatetest -(-u) - Update test data - -@end table -Debug levels: 1=parsing, 2=running, 3=summary, 4 - - -@c ********************************************************************** -@c SECTION -@c ********************************************************************** - -@node cf-key, , cf-know - CFEngine's knowledge agent, Command reference -@section cf-key - -@table @samp - -@item --help -(-h) - Print the help message -@item --debug -(-d @var{value}) - Set debugging level 0,1,2,3 -@item --verbose -(-v) - Output verbose information about the behaviour of the agent -@item --version -(-V) - Output the version of the software -@item --output-file -(-f @var{value}) - Specify an alternative output file than the default (localhost.*) -@item --show-hosts -(-s) - Show lastseen hostnames and IP addresses -@item --remove-keys -(-r @var{value}) - Remove keys for specified hostname/IP from lastseen database -@item --print-digest -(-p @var{pubkeyfile}) - Print digest of the specified public key file -@item --trust-key -(-t @var{pubkeyfile}) - Make cf-serverd/cf-agent trust the specified public key -@end table - - - - -@c ========================================================================= -@c @node Index, CFEngine Methods, Top -@c @unnumbered Concept Index -@c @printindex cp -@c ========================================================================= - -@ifhtml -@html - -@end html -@end ifhtml - -@ifhtml -@html - - -@end html -@end ifhtml - -@bye diff --git a/docs/guides/cf_evm.png b/docs/guides/cf_evm.png deleted file mode 100644 index 650e1605ce..0000000000 Binary files a/docs/guides/cf_evm.png and /dev/null differ diff --git a/docs/guides/cf_im.png b/docs/guides/cf_im.png deleted file mode 100644 index b23f01980f..0000000000 Binary files a/docs/guides/cf_im.png and /dev/null differ diff --git a/docs/guides/cfcomdoc.css b/docs/guides/cfcomdoc.css deleted file mode 100644 index fb04c5c968..0000000000 --- a/docs/guides/cfcomdoc.css +++ /dev/null @@ -1,187 +0,0 @@ - -@font-face { - font-family: 'CFE_FONT'; - src: url('fonts/eot/opensans-regular-webfont.eot'); - src: local('☺'), url('fonts/ttf/opensans-regular-webfont.ttf') format('truetype'), url('fonts/svg/opensans-regular-webfont.svg') format('svg'); - font-weight: normal; - font-style: normal; -} -pre { - background-color: #EEFFDD; - border: 1px solid #CCCCCC; - font-family: courier; - margin-bottom: 10px; - margin-top: 10px; - padding: 5px; - font-size: 90%; - } -pre.display { font-family:inherit } -pre.format { font-family:inherit } -pre.smallexample -pre.smalllisp, -pre.smallformat, -pre.smalldisplay { - font-size: 90%; -} - -span.sc { font-variant:small-caps } -span.roman { font-family:serif; font-weight:normal; } -span.sansserif { font-family:sans-serif; font-weight:normal; } - -body { - font: 90% 'CFE_FONT', arial, Helvetica,sans-serif; - color: #646464; - padding: 10px 20px; - width: 960px; - margin: 0 auto; -} -.node -{ - text-align: right; - padding: 2px; - font-size: smaller; -} -.node hr { - border: 0; - width: 100%; - color: #CCC; - background-color: #CCC; - height: 5px; -} -.section { - padding-right: 0px; - padding-bottom: 0px; - padding-left: 0px; -} - -h1 { - font-size: 26px; - font-weight: normal; - line-height: 32px; - margin: 32px 0 16px; - text-align: left; - text-transform: uppercase; -} - -h2 { - color: #9E9981 !important; - font-size: 16px; - line-height: 18px; - font-weight: normal; - margin: 16px 0 26px; - text-align: left; -} -h3 { - margin-top: 3px; - margin-right: 0px; - margin-bottom: 10px; - margin-left: 0px; - line-height: 20px; - font-size: 16px; - font-weight: normal; -} - -.contents -{ - background-color: #CCC; - padding-top: 2px; - padding-right: 2px; - padding-bottom: 2px; - padding-left: 10px; -} - -.index-cp -{ -background: #fff url(index-cp.png) right repeat-y; -} - -.index-vr -{ -background: #fff url(index-vr.png) right repeat-y; -} - -.index-mb -{ -background: #eee url(index-faq.png) right repeat-y; -} - -table.border -{ - border-color: #666; - border-width: 0px; -} - -FONT.liten {font-size: 80%; } - -.tynn { - font-family: Arial, Helvetica, sans-serif; - font-size: smaller; - font-style: normal; - font-weight: lighter; - margin-bottom: 0em; - font-size: 11pt; -} -.verbatim { - color: #000; - margin-top: 0px; - margin-right: 0px; - margin-bottom: 20px; - margin-left: 0px; -} -.example { - color: #000; - width: 100%; - margin-top: 0px; - margin-right: 0px; - margin-bottom: 20px; - margin-left: 0px; -} -.smallexample { - color: #000; - padding-top: 10px; - padding-right: 30px; - padding-bottom: 5px; - padding-left: 30px; - margin-top: 0px; - margin-right: 0px; - margin-bottom: 0px; - margin-left: 0px; -} -.cartouche { - padding: 5px; - font-style: italic; - font-size: 85%; -} - -table.cartouche { - border: none !important; -} - - .cartouche td { - background: none !important; - border: none !important; - padding: 5px; - -/* background-color: #ddd; - border: 1px solid #ccc; - padding: 5px;*/ -} - -A:link { color: #2c2e70 } -A:visited { color: black } -A:active { color: #600041 } -dt em {font-weight: bold} -/* don't change this rule */ -pre.sp { - background: none !important; - border:none !important -} -/* --- */ -/*code hightlight*/ -.red { color: #b80047; font-weight: bold; } - -.blue { color: blue; /*font-weight: bold;*/ } - -.green { color: darkgreen; } - -.comment { font-style: italic; } diff --git a/docs/guides/cfdiag.png b/docs/guides/cfdiag.png deleted file mode 100644 index d93b302ecd..0000000000 Binary files a/docs/guides/cfdiag.png and /dev/null differ diff --git a/docs/guides/cfengine-bdma.png b/docs/guides/cfengine-bdma.png deleted file mode 100644 index 70ba991f8e..0000000000 Binary files a/docs/guides/cfengine-bdma.png and /dev/null differ diff --git a/docs/guides/cfengine-schematic.png b/docs/guides/cfengine-schematic.png deleted file mode 100644 index 5b65828de5..0000000000 Binary files a/docs/guides/cfengine-schematic.png and /dev/null differ diff --git a/docs/guides/cfengineword.png b/docs/guides/cfengineword.png deleted file mode 100644 index 538d93bb32..0000000000 Binary files a/docs/guides/cfengineword.png and /dev/null differ diff --git a/docs/guides/cfinf.png b/docs/guides/cfinf.png deleted file mode 100644 index aeaa1525a8..0000000000 Binary files a/docs/guides/cfinf.png and /dev/null differ diff --git a/docs/guides/commitdlg.png b/docs/guides/commitdlg.png deleted file mode 100644 index dcba5fbc37..0000000000 Binary files a/docs/guides/commitdlg.png and /dev/null differ diff --git a/docs/guides/compliance.png b/docs/guides/compliance.png deleted file mode 100644 index f85addcb8e..0000000000 Binary files a/docs/guides/compliance.png and /dev/null differ diff --git a/docs/guides/components.png b/docs/guides/components.png deleted file mode 100644 index 82457cc480..0000000000 Binary files a/docs/guides/components.png and /dev/null differ diff --git a/docs/guides/convergence.pdf b/docs/guides/convergence.pdf deleted file mode 100644 index df328c7b10..0000000000 Binary files a/docs/guides/convergence.pdf and /dev/null differ diff --git a/docs/guides/convergence.png b/docs/guides/convergence.png deleted file mode 100644 index 529e5d99f6..0000000000 Binary files a/docs/guides/convergence.png and /dev/null differ diff --git a/docs/guides/coordination.png b/docs/guides/coordination.png deleted file mode 100644 index 40195602cc..0000000000 Binary files a/docs/guides/coordination.png and /dev/null differ diff --git a/docs/guides/copernicus-planets.png b/docs/guides/copernicus-planets.png deleted file mode 100644 index 8bd9cc04e7..0000000000 Binary files a/docs/guides/copernicus-planets.png and /dev/null differ diff --git a/docs/guides/copernicus.png b/docs/guides/copernicus.png deleted file mode 100644 index 289e1e1dab..0000000000 Binary files a/docs/guides/copernicus.png and /dev/null differ diff --git a/docs/guides/delegate.png b/docs/guides/delegate.png deleted file mode 100644 index ca75ea9e9b..0000000000 Binary files a/docs/guides/delegate.png and /dev/null differ diff --git a/docs/guides/demolish.png b/docs/guides/demolish.png deleted file mode 100644 index ce3c5ce772..0000000000 Binary files a/docs/guides/demolish.png and /dev/null differ diff --git a/docs/guides/dependency.png b/docs/guides/dependency.png deleted file mode 100644 index fa426ad971..0000000000 Binary files a/docs/guides/dependency.png and /dev/null differ diff --git a/docs/guides/detail.png b/docs/guides/detail.png deleted file mode 100644 index 39333efb6e..0000000000 Binary files a/docs/guides/detail.png and /dev/null differ diff --git a/docs/guides/dikw.png b/docs/guides/dikw.png deleted file mode 100644 index e86ba2e2c0..0000000000 Binary files a/docs/guides/dikw.png and /dev/null differ diff --git a/docs/guides/editor-svnpath.png b/docs/guides/editor-svnpath.png deleted file mode 100644 index fb4281a78b..0000000000 Binary files a/docs/guides/editor-svnpath.png and /dev/null differ diff --git a/docs/guides/editor.png b/docs/guides/editor.png deleted file mode 100644 index 26d540b455..0000000000 Binary files a/docs/guides/editor.png and /dev/null differ diff --git a/docs/guides/fed1.pdf b/docs/guides/fed1.pdf deleted file mode 100644 index 5e74c789ef..0000000000 Binary files a/docs/guides/fed1.pdf and /dev/null differ diff --git a/docs/guides/fed2.pdf b/docs/guides/fed2.pdf deleted file mode 100644 index a759eb8f00..0000000000 Binary files a/docs/guides/fed2.pdf and /dev/null differ diff --git a/docs/guides/fed2.png b/docs/guides/fed2.png deleted file mode 100644 index 1123661b6f..0000000000 Binary files a/docs/guides/fed2.png and /dev/null differ diff --git a/docs/guides/fed3.pdf b/docs/guides/fed3.pdf deleted file mode 100644 index 1d9f90850c..0000000000 Binary files a/docs/guides/fed3.pdf and /dev/null differ diff --git a/docs/guides/fed3.png b/docs/guides/fed3.png deleted file mode 100644 index 06b0360466..0000000000 Binary files a/docs/guides/fed3.png and /dev/null differ diff --git a/docs/guides/file_change_diffs.png b/docs/guides/file_change_diffs.png deleted file mode 100644 index c49b03befb..0000000000 Binary files a/docs/guides/file_change_diffs.png and /dev/null differ diff --git a/docs/guides/file_change_log.png b/docs/guides/file_change_log.png deleted file mode 100644 index ff0e0bf5ae..0000000000 Binary files a/docs/guides/file_change_log.png and /dev/null differ diff --git a/docs/guides/firewall.png b/docs/guides/firewall.png deleted file mode 100644 index 9278a23a97..0000000000 Binary files a/docs/guides/firewall.png and /dev/null differ diff --git a/docs/guides/hierarchy.png b/docs/guides/hierarchy.png deleted file mode 100644 index c1a29caad4..0000000000 Binary files a/docs/guides/hierarchy.png and /dev/null differ diff --git a/docs/guides/hostpage.png b/docs/guides/hostpage.png deleted file mode 100644 index f7f00e2dfc..0000000000 Binary files a/docs/guides/hostpage.png and /dev/null differ diff --git a/docs/guides/hub.png b/docs/guides/hub.png deleted file mode 100644 index 24fc4d42a8..0000000000 Binary files a/docs/guides/hub.png and /dev/null differ diff --git a/docs/guides/hubs.png b/docs/guides/hubs.png deleted file mode 100644 index b9bae9143f..0000000000 Binary files a/docs/guides/hubs.png and /dev/null differ diff --git a/docs/guides/img-src/MissionPlan.odg b/docs/guides/img-src/MissionPlan.odg deleted file mode 100644 index 7f7ae4e3f4..0000000000 Binary files a/docs/guides/img-src/MissionPlan.odg and /dev/null differ diff --git a/docs/guides/img-src/agility.fig b/docs/guides/img-src/agility.fig deleted file mode 100644 index e0644b20f9..0000000000 --- a/docs/guides/img-src/agility.fig +++ /dev/null @@ -1,50 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 2 0 1 0 7 50 -1 -1 0.000 1 0.0000 9877 4635 1237 765 8640 3870 11115 5400 -1 2 0 1 0 7 50 -1 -1 0.000 1 0.0000 9877 4635 1237 765 8640 3870 11115 5400 -1 2 0 1 0 7 50 -1 -1 0.000 1 0.0000 6662 3185 1237 765 5425 2420 7900 3950 -1 2 0 1 0 7 50 -1 -1 0.000 1 0.0000 3197 1925 1237 765 1960 1160 4435 2690 -1 2 0 1 0 30 50 -1 20 0.000 1 0.0000 3197 4985 1237 765 1960 4985 4434 4985 -1 2 0 1 0 30 50 -1 20 0.000 1 0.0000 3242 6875 1237 765 2005 6875 4479 6875 -1 2 0 1 0 30 50 -1 20 0.000 1 0.0000 3242 8720 1237 765 2005 8720 4479 8720 -1 2 0 1 0 30 50 -1 20 0.000 1 0.0000 6797 6065 1237 765 5560 6065 8034 6065 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 3150 4050 3150 2970 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4590 2295 5310 2655 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4725 6705 5490 6390 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4545 5265 5445 5625 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4500 8460 5895 7020 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 8145 5625 8730 5220 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 6750 4185 6750 4995 -4 0 0 50 -1 16 18 0.0000 4 210 1140 9360 4725 AGILITY\001 -4 0 0 50 -1 16 18 0.0000 4 270 1980 5760 3285 Required speed\001 -4 0 0 50 -1 16 18 0.0000 4 270 2010 5805 6165 Available speed\001 -4 0 0 50 -1 16 18 0.0000 4 210 1110 2565 1800 Business\001 -4 0 0 50 -1 16 18 0.0000 4 270 1485 2520 2205 Imperatives\001 -4 0 0 50 -1 16 18 0.0000 4 270 1230 2565 5085 Reliability\001 -4 0 0 50 -1 16 18 0.0000 4 210 795 2745 6705 Useful\001 -4 0 0 50 -1 16 18 0.0000 4 270 1155 2655 7200 Capacity\001 -4 0 0 50 -1 16 18 0.0000 4 210 1410 2520 8595 Ease / cost\001 -4 0 0 50 -1 16 18 0.0000 4 270 1260 2610 9000 of change\001 -4 0 0 50 -1 16 12 1.5708 4 165 3225 855 8910 ----------------Infrastructure ----------------\001 -4 0 0 50 -1 16 12 1.5708 4 210 3210 1350 8955 ---------------- CFEngine ------------------\001 diff --git a/docs/guides/img-src/arch.fig b/docs/guides/img-src/arch.fig deleted file mode 100644 index 3fb3111eda..0000000000 --- a/docs/guides/img-src/arch.fig +++ /dev/null @@ -1,84 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -0 32 #649075 -0 33 #990000 -0 34 #af714e -1 3 0 1 0 1 50 -1 20 0.000 1 0.0000 2970 1620 459 459 2970 1620 3060 2070 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 1125 5130 162 162 1125 5130 1287 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 1755 5130 162 162 1755 5130 1917 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 2565 5130 162 162 2565 5130 2727 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 3150 5130 162 162 3150 5130 3312 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 3735 5130 162 162 3735 5130 3897 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 4545 5130 162 162 4545 5130 4707 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 5265 5130 162 162 5265 5130 5427 5130 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 5805 5130 162 162 5805 5130 5967 5130 -1 3 0 1 0 33 50 -1 20 0.000 1 0.0000 4590 3645 363 363 4590 3645 4953 3645 -1 3 0 1 0 32 50 -1 20 0.000 1 0.0000 5940 1710 1274 1274 5940 1710 7214 1710 -1 3 0 1 0 33 50 -1 20 0.000 1 0.0000 1350 3690 363 363 1350 3690 1713 3690 -1 3 0 1 0 33 50 -1 20 0.000 1 0.0000 3015 3690 363 363 3015 3690 3378 3690 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 495 5130 162 162 495 5130 657 5130 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 3780 1620 4320 1620 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1620 3240 2565 2070 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 3015 3195 3015 2250 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 3465 2070 4365 3105 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 540 4905 1035 4095 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 675 4905 2745 4230 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1710 4860 1485 4185 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1215 4905 4410 4140 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1125 4905 1215 4230 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 5175 4815 4815 4185 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 5760 4860 4995 4140 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 5085 4860 3195 4185 -4 0 0 50 -1 16 18 0.0000 4 225 1005 5310 1530 Version\001 -4 0 0 50 -1 16 18 0.0000 4 225 975 5310 1875 Control\001 -4 0 0 50 -1 16 18 0.0000 4 285 1440 5310 2220 Repository\001 -4 0 0 50 -1 16 18 0.0000 4 225 1335 -1710 5175 End hosts\001 -4 0 0 50 -1 16 18 0.0000 4 285 2880 -1620 1710 Policy Definition Point\001 -4 0 0 50 -1 16 18 0.0000 4 225 2580 -1710 3645 Distribution servers\001 -4 0 0 50 -1 12 14 0.0000 4 210 3750 5445 3645 /var/cfengine/masterfiles\001 -4 0 0 50 -1 12 14 0.0000 4 210 3000 6255 5175 /var/cfengine/inputs\001 -4 0 0 50 -1 12 14 0.0000 4 210 1350 -1125 2205 /any/path\001 -4 0 0 50 -1 0 12 0.0000 4 135 795 3600 1305 TESTING\001 diff --git a/docs/guides/img-src/authdir.fig b/docs/guides/img-src/authdir.fig deleted file mode 100644 index 5d266f7060..0000000000 --- a/docs/guides/img-src/authdir.fig +++ /dev/null @@ -1,33 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1800 5040 4365 5040 4365 6390 1800 6390 1800 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4725 5040 7290 5040 7290 6390 4725 6390 4725 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 7695 5040 10260 5040 10260 6390 7695 6390 7695 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4770 1710 7335 1710 7335 3060 4770 3060 4770 1710 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 0 3 - 2 1 1.00 60.00 120.00 - 5760 3060 3465 3645 2880 5040 - 0.000 -1.000 0.000 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 0 2 - 2 1 1.00 60.00 120.00 - 5895 3105 5985 4995 - 0.000 0.000 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 0 3 - 2 1 1.00 60.00 120.00 - 6615 3105 8325 3645 8910 5040 - 0.000 -1.000 0.000 -4 0 0 50 -1 14 18 0.0000 4 195 1125 2340 5805 user1\001 -4 0 0 50 -1 14 18 0.0000 4 195 1125 5085 5760 user2\001 -4 0 0 50 -1 14 18 0.0000 4 195 1125 8190 5715 user3\001 -4 0 0 50 -1 14 18 0.0000 4 240 3150 4545 2610 authorized_dir\001 diff --git a/docs/guides/img-src/brainbrawn.fig b/docs/guides/img-src/brainbrawn.fig deleted file mode 100644 index 4bccdbb9ca..0000000000 --- a/docs/guides/img-src/brainbrawn.fig +++ /dev/null @@ -1,49 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 900 900 900 7650 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 7650 7650 7650 900 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4050 900 3150 3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4050 900 4950 3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 3150 3150 1800 5400 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 3150 3150 3600 5400 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4950 3150 4500 5400 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4950 3150 6300 5400 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4500 5400 3150 7650 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4500 5400 4050 7650 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4500 5400 4950 7650 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4500 5400 5850 7650 -4 0 0 50 -1 16 18 0.0000 4 285 2385 8100 7650 Brawn (hands on)\001 -4 0 0 50 -1 16 18 0.0000 4 285 2235 8100 1350 Brain (hands off)\001 -4 0 0 50 -1 16 18 0.0000 4 225 1755 3150 8100 Worker/slave\001 -4 0 0 50 -1 16 18 0.0000 4 225 1950 3600 450 Leader/master\001 diff --git a/docs/guides/img-src/central_pull.fig b/docs/guides/img-src/central_pull.fig deleted file mode 100644 index 827434c05b..0000000000 --- a/docs/guides/img-src/central_pull.fig +++ /dev/null @@ -1,32 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1755 1890 343 343 1755 1890 1890 2205 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1395 4095 343 343 1395 4095 1530 4410 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1845 6255 343 343 1845 6255 1980 6570 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3870 7785 343 343 3870 7785 4005 8100 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6210 3825 805 805 6210 3825 6570 4545 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 7 0 1 2 - 0 0 1.00 60.00 120.00 - 5490 3420 2160 2070 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 7 0 1 2 - 0 0 1.00 60.00 120.00 - 5400 3915 1935 4140 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 7 0 1 2 - 0 0 1.00 60.00 120.00 - 5535 4320 2205 6075 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 7 0 1 2 - 0 0 1.00 60.00 120.00 - 5940 4590 4140 7380 -4 0 0 50 -1 16 18 0.0000 4 285 1110 765 1260 host pull\001 -4 0 0 50 -1 16 18 0.0000 4 285 1110 315 3465 host pull\001 -4 0 0 50 -1 16 18 0.0000 4 285 1110 675 5760 host pull\001 -4 0 0 50 -1 16 18 0.0000 4 285 1110 1890 7560 host pull\001 -4 0 0 50 -1 16 18 0.0000 4 285 3930 7200 4005 HUB (RBAC for change only)\001 -4 0 0 50 -1 1 17 0.0000 4 255 1095 6255 4995 read only\001 diff --git a/docs/guides/img-src/central_push.fig b/docs/guides/img-src/central_push.fig deleted file mode 100644 index ba0a728e16..0000000000 --- a/docs/guides/img-src/central_push.fig +++ /dev/null @@ -1,35 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1755 1890 343 343 1755 1890 1890 2205 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1395 4095 343 343 1395 4095 1530 4410 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 1845 6255 343 343 1845 6255 1980 6570 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3870 7785 343 343 3870 7785 4005 8100 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6210 3825 805 805 6210 3825 6570 4545 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 5490 3420 2160 2070 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 5400 3915 1935 4140 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 5535 4320 2205 6075 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 5940 4590 4140 7380 -4 0 0 50 -1 16 18 0.0000 4 225 1500 765 1260 host RBAC\001 -4 0 0 50 -1 16 18 0.0000 4 225 1500 315 3465 host RBAC\001 -4 0 0 50 -1 16 18 0.0000 4 225 1500 675 5760 host RBAC\001 -4 0 0 50 -1 16 18 0.0000 4 225 1500 1890 7560 host RBAC\001 -4 0 0 50 -1 16 18 0.0000 4 225 1665 7200 4005 HUB PUSH \001 -4 0 0 50 -1 1 17 0.0000 4 195 1170 4545 7785 read/write\001 -4 0 0 50 -1 1 17 0.0000 4 195 1170 2565 6525 read/write\001 -4 0 0 50 -1 1 17 0.0000 4 195 1170 1755 4770 read/write\001 -4 0 0 50 -1 1 17 0.0000 4 195 1170 1710 2745 read/write\001 diff --git a/docs/guides/img-src/cfengine-bdma.fig b/docs/guides/img-src/cfengine-bdma.fig deleted file mode 100644 index 39e4bfd4af..0000000000 --- a/docs/guides/img-src/cfengine-bdma.fig +++ /dev/null @@ -1,81 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -0 32 #c6b797 -0 33 #eff8ff -0 34 #dccba6 -0 35 #404040 -0 36 #808080 -0 37 #c0c0c0 -0 38 #e0e0e0 -0 39 #8e8f8e -0 40 #aaaaaa -0 41 #555555 -0 42 #8e8e8e -0 43 #d7d7d7 -0 44 #aeaeae -0 45 #bebebe -0 46 #515151 -0 47 #e7e3e7 -0 48 #000049 -0 49 #797979 -0 50 #303430 -0 51 #414141 -0 52 #c7b696 -0 53 #414541 -5 1 0 7 20 20 37 -1 -1 0.000 0 1 1 0 5291.000 1148.530 3439 3267 5175 3960 7143 3267 - 1 1 1.00 72.37 144.74 -1 3 0 1 0 2 50 -1 20 0.000 1 0.0000 5400 4500 2423 2423 5400 4500 6300 6750 -2 4 0 1 0 6 50 -1 20 0.000 0 0 7 0 0 5 - 4500 3600 4500 450 450 450 450 3600 4500 3600 -2 4 0 1 0 6 50 -1 20 0.000 0 0 7 0 0 5 - 10350 8550 10350 5400 6300 5400 6300 8550 10350 8550 -2 4 0 1 0 6 50 -1 20 0.000 0 0 7 0 0 5 - 4500 8550 4500 5400 450 5400 450 8550 4500 8550 -2 3 0 3 20 20 37 -1 20 0.000 0 0 0 0 0 4 - 5430 5175 5820 5850 5040 5850 5430 5175 -2 3 0 1 20 20 37 -1 20 0.000 0 0 0 0 0 4 - 7200 3690 7470 3060 6750 3240 7200 3690 -2 4 0 1 0 6 50 -1 20 0.000 0 0 7 0 0 5 - 10350 3600 10350 450 6300 450 6300 3600 10350 3600 -2 4 0 1 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 6750 4275 6750 3150 4050 3150 4050 4275 6750 4275 -2 1 0 6 20 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 5.00 120.00 120.00 - 5400 4590 5400 4095 -3 2 0 7 20 20 37 -1 -1 0.000 0 1 0 3 - 1 1 1.00 60.00 120.00 - 4590 7830 5130 7380 5310 5400 - 0.000 -1.000 0.000 -3 2 0 7 20 20 37 -1 -1 0.000 0 1 0 3 - 1 1 1.00 60.00 120.00 - 6300 7830 5760 7380 5580 5400 - 0.000 -1.000 0.000 -3 2 0 6 20 7 50 -1 -1 0.000 0 1 0 4 - 1 1 5.00 120.00 120.00 - 5355 3330 5265 2295 4725 1620 3960 1440 - 0.000 -1.000 -1.000 0.000 -4 0 0 50 -1 16 20 0.0000 4 315 1020 7650 900 Deploy\001 -4 0 0 50 -1 16 20 0.0000 4 315 1170 1800 5850 Manage\001 -4 0 0 50 -1 16 20 0.0000 4 240 750 7875 5850 Audit\001 -4 0 0 50 -1 16 20 0.0000 4 240 735 1800 900 Build\001 -4 0 9 50 -1 18 14 0.0000 4 225 2100 6750 6525 Sample and report\001 -4 0 0 50 -1 18 22 0.0000 4 345 2880 4050 4950 Knowledge Base\001 -4 0 9 50 -1 18 14 0.0000 4 225 3285 6660 7830 Alarms about promised state\001 -4 0 9 50 -1 18 14 0.0000 4 180 2580 7110 2250 all automonous clients\001 -4 0 9 50 -1 18 14 0.0000 4 240 2325 7110 1890 Publish the policy to\001 -4 0 0 50 -1 16 20 0.0000 4 315 885 4950 3690 Policy\001 -4 0 9 50 -1 18 14 0.0000 4 225 3495 720 7875 Alarms about promised events\001 -4 0 9 50 -1 18 14 0.0000 4 225 1140 765 7155 self-repair\001 -4 0 9 50 -1 18 14 0.0000 4 240 2970 765 6840 Agents maintain state and\001 -4 0 9 50 -1 18 14 0.0000 4 240 2790 630 2835 Identify where and when\001 -4 0 9 50 -1 18 14 0.0000 4 225 2820 630 3105 promises should be kept\001 -4 0 9 50 -1 18 14 0.0000 4 225 3810 630 2340 Formulate desired state promises\001 -4 0 9 50 -1 18 14 0.0000 4 240 2820 630 1395 Investigate existing state\001 -4 0 8 50 -1 18 14 0.0000 4 240 2370 630 1845 Plan policy changes.\001 diff --git a/docs/guides/img-src/cfengine-schematic.fig b/docs/guides/img-src/cfengine-schematic.fig deleted file mode 100644 index 8eaf1d78dd..0000000000 --- a/docs/guides/img-src/cfengine-schematic.fig +++ /dev/null @@ -1,43 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 2 0 7 50 -1 -1 0.000 1 0.0000 6975 1800 1153 1153 6975 1800 7380 2880 -1 3 0 2 0 7 50 -1 -1 0.000 1 0.0000 2385 1890 1153 1153 2385 1890 2790 2970 -1 3 0 2 0 7 50 -1 -1 0.000 1 0.0000 4545 4365 1153 1153 4545 4365 4950 5445 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 3645 1845 5760 1845 -3 2 0 2 0 7 50 -1 -1 0.000 0 1 1 3 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 3240 4365 2250 4095 2025 3105 - 0.000 -1.000 0.000 -3 2 0 2 0 7 50 -1 -1 0.000 0 1 1 3 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 7020 2970 6750 4005 5760 4455 - 0.000 -1.000 0.000 -3 2 0 2 8 7 50 -1 -1 0.000 0 1 1 3 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 2745 810 2520 180 2250 675 - 0.000 -1.000 0.000 -4 0 20 50 -1 18 13 0.0000 4 195 2220 3600 2700 problem management\001 -4 0 20 50 -1 18 13 0.0000 4 195 2505 3780 5895 knowledge management\001 -4 0 20 50 -1 18 13 0.0000 4 150 630 6885 4365 CMDB\001 -4 0 8 50 -1 18 15 0.0000 4 240 750 2430 3600 policy\001 -4 0 20 50 -1 18 13 0.0000 4 195 2220 90 450 incident management\001 -4 0 0 50 -1 14 13 0.0000 4 180 1200 1755 1305 cf-agent\001 -4 0 0 50 -1 16 18 0.0000 4 285 1755 1485 2295 Management\001 -4 0 0 50 -1 16 18 0.0000 4 285 1785 1485 1890 Configuration\001 -4 0 0 50 -1 16 18 0.0000 4 285 1395 6300 2115 Monitoring\001 -4 0 0 50 -1 14 13 0.0000 4 135 1650 6165 1530 cf-monitord\001 -4 0 0 50 -1 16 18 0.0000 4 285 1470 3825 4320 Knowledge\001 -4 0 0 50 -1 14 13 0.0000 4 135 1050 4005 4860 cf-know\001 diff --git a/docs/guides/img-src/components.fig b/docs/guides/img-src/components.fig deleted file mode 100644 index a9c6b7e066..0000000000 --- a/docs/guides/img-src/components.fig +++ /dev/null @@ -1,74 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 3600 3150 5850 5850 -2 4 0 2 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 3600 2250 3600 1350 1350 1350 1350 2250 3600 2250 -2 4 0 2 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 3600 3600 3600 2700 1350 2700 1350 3600 3600 3600 -2 4 0 2 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 3600 4950 3600 4050 1350 4050 1350 4950 3600 4950 -2 4 0 2 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 3600 6300 3600 5400 1350 5400 1350 6300 3600 6300 -2 4 0 2 0 31 50 -1 20 0.000 0 0 7 0 0 5 - 3600 7650 3600 6750 1350 6750 1350 7650 3600 7650 -2 4 0 2 0 16 50 -1 20 0.000 0 0 7 0 0 5 - 8100 2250 8100 1350 5850 1350 5850 2250 8100 2250 -2 4 0 2 0 16 50 -1 20 0.000 0 0 7 0 0 5 - 8100 3600 8100 2700 5850 2700 5850 3600 8100 3600 -2 4 0 2 0 16 50 -1 20 0.000 0 0 7 0 0 5 - 8100 4950 8100 4050 5850 4050 5850 4950 8100 4950 -2 4 0 2 0 16 50 -1 20 0.000 0 0 7 0 0 5 - 8100 6300 8100 5400 5850 5400 5850 6300 8100 6300 -2 4 0 2 0 16 50 -1 20 0.000 0 0 7 0 0 5 - 8100 7650 8100 6750 5850 6750 5850 7650 8100 7650 -2 4 1 2 0 16 50 -1 -1 6.000 0 0 7 0 0 5 - 4050 8100 4050 900 900 900 900 8100 4050 8100 -2 4 1 2 0 16 50 -1 -1 6.000 0 0 7 0 0 5 - 8550 8100 8550 900 5400 900 5400 8100 8550 8100 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 1 3 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 1350 3150 675 2475 1350 1800 - 0.000 -1.000 0.000 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 1 3 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 3600 1800 4500 2475 3600 3150 - 0.000 -1.000 0.000 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 1 3 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 3600 3150 4500 3825 3600 4500 - 0.000 -1.000 0.000 -3 2 0 1 0 7 50 -1 -1 0.000 0 1 1 3 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 1350 4500 675 3825 1350 3150 - 0.000 -1.000 0.000 -3 2 0 2 0 7 50 -1 -1 0.000 0 1 1 2 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 3600 7200 5850 5850 - 0.000 0.000 -4 0 0 50 -1 16 18 0.0000 4 285 1530 1800 7200 cf-runagent\001 -4 0 0 50 -1 16 18 0.0000 4 225 1140 1800 1800 cf-execd\001 -4 0 0 50 -1 16 18 0.0000 4 285 1530 6300 7200 cf-runagent\001 -4 0 0 50 -1 16 18 0.0000 4 225 1140 6300 1800 cf-execd\001 -4 0 0 50 -1 16 18 0.0000 4 225 1515 1800 4500 cf-monitord\001 -4 0 0 50 -1 16 18 0.0000 4 225 1185 1800 5850 cf-server\001 -4 0 0 50 -1 16 18 0.0000 4 225 1515 6300 4500 cf-monitord\001 -4 0 0 50 -1 16 18 0.0000 4 225 1185 6300 5850 cf-server\001 -4 0 0 50 -1 16 18 0.0000 4 225 735 2025 675 host1\001 -4 0 0 50 -1 16 18 0.0000 4 225 735 6525 675 host2\001 -4 0 4 50 -1 16 22 0.0000 4 345 1290 1800 3150 cf-agent\001 -4 0 4 50 -1 16 22 0.0000 4 345 1290 6300 3150 cf-agent\001 diff --git a/docs/guides/img-src/coordination.fig b/docs/guides/img-src/coordination.fig deleted file mode 100644 index c424a2ba33..0000000000 --- a/docs/guides/img-src/coordination.fig +++ /dev/null @@ -1,37 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 1201 4388 186 186 1201 4388 1246 4568 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2551 4388 186 186 2551 4388 2596 4568 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 3901 4388 186 186 3901 4388 3946 4568 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2551 2138 186 186 2551 2138 2596 2318 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 7051 2138 186 186 7051 2138 7096 2318 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 5701 4388 186 186 5701 4388 5746 4568 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 7051 4388 186 186 7051 4388 7096 4568 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 8401 4388 186 186 8401 4388 8446 4568 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 1230 4365 2460 2325 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2580 4380 2565 2370 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 3855 4185 2745 2370 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 7031 2192 5723 4179 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 7069 2204 7056 4217 -2 1 0 2 0 7 50 -1 0 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 7120 2204 8338 4192 -4 0 0 50 -1 16 18 0.0000 4 225 1950 1313 5268 Uncoordinated\001 -4 0 0 50 -1 16 18 0.0000 4 225 1635 6377 5217 Coordinated\001 diff --git a/docs/guides/img-src/dikw.fig b/docs/guides/img-src/dikw.fig deleted file mode 100644 index 6e60bc9cc8..0000000000 --- a/docs/guides/img-src/dikw.fig +++ /dev/null @@ -1,29 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -5 1 0 1 0 7 50 -1 -1 0.000 0 0 0 0 1125.000 7875.000 900 6300 2250 6750 2700 8100 -5 1 0 1 0 7 50 -1 -1 0.000 0 0 0 0 670.459 8777.271 900 4005 4050 5400 5400 8100 -5 1 0 1 0 7 50 -1 -1 0.000 0 0 0 0 1254.852 8465.721 900 1620 6300 3825 8100 8100 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 900 8100 900 1350 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 900 8100 9900 8100 -4 0 0 50 -1 16 19 0.0000 4 225 2205 2250 6300 INFORMATION\001 -4 0 0 50 -1 16 19 0.0000 4 225 2040 4050 4950 KNOWLEDGE\001 -4 0 0 50 -1 16 19 0.0000 4 300 2100 7650 8550 Understanding\001 -4 0 0 50 -1 16 19 0.0000 4 210 1050 450 900 context\001 -4 0 0 50 -1 16 19 0.0000 4 225 1335 6525 3465 WISDOM\001 -4 0 0 50 -1 16 19 0.0000 4 300 750 7245 4095 why?\001 -4 0 0 50 -1 16 19 0.0000 4 270 1440 2880 6930 who,what,\001 -4 0 0 50 -1 16 19 0.0000 4 270 1725 2970 7425 when,where\001 -4 0 0 50 -1 16 19 0.0000 4 225 180 4725 7380 ?\001 -4 0 0 50 -1 16 19 0.0000 4 225 765 5040 5625 how?\001 -4 0 0 50 -1 16 19 0.0000 4 225 840 1260 7515 DATA\001 diff --git a/docs/guides/img-src/fed1.fig b/docs/guides/img-src/fed1.fig deleted file mode 100644 index 510380f145..0000000000 --- a/docs/guides/img-src/fed1.fig +++ /dev/null @@ -1,27 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -6 1350 2250 3600 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1350 2250 3600 2250 3600 5400 1350 5400 1350 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 1800 3150 promises.cf\001 --6 -6 4950 2250 7200 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 2250 7200 2250 7200 5400 4950 5400 4950 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 5400 3150 promises.cf\001 --6 -6 8550 2250 10800 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8550 2250 10800 2250 10800 5400 8550 5400 8550 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 9000 3150 promises.cf\001 --6 -4 0 0 50 -1 0 16 0.0000 4 240 1485 5310 5850 Department 2\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 9000 5850 Department 3\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 1710 5850 Department 1\001 diff --git a/docs/guides/img-src/fed2.fig b/docs/guides/img-src/fed2.fig deleted file mode 100644 index 40cd78cc37..0000000000 --- a/docs/guides/img-src/fed2.fig +++ /dev/null @@ -1,42 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -6 1350 2250 3600 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1350 2250 3600 2250 3600 5400 1350 5400 1350 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 1800 3150 promises.cf\001 --6 -6 4950 2250 7200 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 2250 7200 2250 7200 5400 4950 5400 4950 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 5400 3150 promises.cf\001 --6 -6 8550 2250 10800 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8550 2250 10800 2250 10800 5400 8550 5400 8550 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 9000 3150 promises.cf\001 --6 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 -3150 7200 -3150 7200 0 4950 0 4950 -3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2475 2250 5400 0 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 6075 2250 6075 0 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 9675 2250 6750 0 -4 0 0 50 -1 16 18 0.0000 4 285 1170 5400 -2250 import.cf\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 2025 1125 use "import"\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 8775 1125 use "import"\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 6300 2025 use "import"\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 8865 5715 Department 3\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 1665 5760 Department 1\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 5400 5805 Department 2\001 diff --git a/docs/guides/img-src/fed3.fig b/docs/guides/img-src/fed3.fig deleted file mode 100644 index 92bdf32e92..0000000000 --- a/docs/guides/img-src/fed3.fig +++ /dev/null @@ -1,48 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -6 1350 2250 3600 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1350 2250 3600 2250 3600 5400 1350 5400 1350 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 1800 3150 promises.cf\001 --6 -6 4950 2250 7200 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 2250 7200 2250 7200 5400 4950 5400 4950 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 5400 3150 promises.cf\001 --6 -6 8550 2250 10800 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8550 2250 10800 2250 10800 5400 8550 5400 8550 2250 -4 0 0 50 -1 16 18 0.0000 4 285 1545 9000 3150 promises.cf\001 --6 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 -3150 7200 -3150 7200 0 4950 0 4950 -3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2475 2250 5400 0 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 6075 2250 6075 0 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 9675 2250 6750 0 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 10485 -3150 12735 -3150 12735 0 10485 0 10485 -3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 9990 2250 11610 0 -4 0 0 50 -1 16 18 0.0000 4 285 1170 5400 -2250 import.cf\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 2025 1125 use "import"\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 8775 1125 use "import"\001 -4 0 0 50 -1 16 18 0.0000 4 285 1620 6300 2025 use "import"\001 -4 0 0 50 -1 16 18 0.0000 4 285 1335 10890 -2250 import2.cf\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 8865 5715 Department 3\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 1665 5760 Department 1\001 -4 0 0 50 -1 0 16 0.0000 4 240 1485 5400 5805 Department 2\001 diff --git a/docs/guides/img-src/firewall.fig b/docs/guides/img-src/firewall.fig deleted file mode 100644 index 07ca2ff683..0000000000 --- a/docs/guides/img-src/firewall.fig +++ /dev/null @@ -1,25 +0,0 @@ -#FIG 3.2 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 4 0 1 0 7 50 -1 -1 0.000 1 0.0000 1620 4207 614 614 1080 3915 2160 4500 -1 4 0 1 0 7 50 -1 -1 0.000 1 0.0000 7695 4297 614 614 7155 4005 8235 4590 -2 2 0 1 0 7 50 -1 47 0.000 0 0 -1 0 0 5 - 4050 2205 4995 2205 4995 7245 4050 7245 4050 2205 -3 2 0 3 0 7 50 -1 -1 0.000 0 1 0 3 - 1 1 3.00 180.00 360.00 - 2205 3915 4635 3420 7245 3870 - 0.000 -1.000 0.000 -3 2 0 3 0 7 50 -1 -1 0.000 0 1 0 3 - 1 1 3.00 180.00 360.00 - 7380 4815 4545 5355 2070 4680 - 0.000 -1.000 0.000 -4 0 0 50 -1 14 19 0.0000 4 165 1470 5535 3105 cfservd\001 -4 0 0 50 -1 14 19 0.0000 4 225 1890 5265 5805 ssh,rsync\001 -4 0 0 50 -1 18 19 0.0000 4 210 630 1350 6750 DMZ\001 -4 0 0 50 -1 18 19 0.0000 4 210 2085 6525 6750 Internal/Secure\001 diff --git a/docs/guides/img-src/hub.fig b/docs/guides/img-src/hub.fig deleted file mode 100644 index 76be5976fe..0000000000 --- a/docs/guides/img-src/hub.fig +++ /dev/null @@ -1,55 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -0 32 #648f75 -0 33 #980000 -0 34 #ae714e -1 3 0 1 0 33 50 -1 20 0.000 1 0.0000 1350 3690 363 363 1350 3690 1713 3690 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 2970 5355 162 162 2970 5355 3132 5355 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 3825 3915 162 162 3825 3915 3987 3915 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 3555 2025 162 162 3555 2025 3717 2025 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 1485 1350 162 162 1485 1350 1647 1350 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 -315 2025 162 162 -315 2025 -153 2025 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 -1080 3330 162 162 -1080 3330 -918 3330 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 -630 5400 162 162 -630 5400 -468 5400 -1 3 0 1 0 34 50 -1 20 0.000 1 0.0000 1215 5940 162 162 1215 5940 1377 5940 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1710 3330 3240 2205 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - -360 5175 990 4050 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 2745 5175 1665 4095 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1215 5535 1350 4275 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1928 3681 3510 3825 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - 1350 3195 1485 1710 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - -90 2295 990 3330 -2 1 0 2 0 17 50 -1 20 0.000 0 0 -1 1 1 2 - 1 1 1.00 60.00 120.00 - 1 1 1.00 60.00 120.00 - -630 3375 820 3589 -4 0 0 50 -1 16 18 0.0000 4 210 1260 -1710 5175 End hosts\001 -4 0 0 50 -1 16 18 0.0000 4 270 3675 -2835 4095 Distrbution /Aggregation Hub\001 diff --git a/docs/guides/img-src/hubs.fig b/docs/guides/img-src/hubs.fig deleted file mode 100644 index ead163ba2f..0000000000 --- a/docs/guides/img-src/hubs.fig +++ /dev/null @@ -1,46 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -5 1 0 1 0 7 50 -1 -1 0.000 0 0 1 0 8449.832 -2579.109 9810 4095 6885 4050 4500 2970 - 0 0 1.00 60.00 120.00 -5 1 0 1 0 7 50 -1 -1 0.000 0 1 1 0 8827.915 9673.658 9810 1215 7515 1260 4500 2340 - 0 0 1.00 60.00 120.00 -5 1 0 1 0 7 50 -1 -1 0.000 0 1 1 0 8160.000 5790.000 6570 585 4950 1395 4230 2025 - 0 0 1.00 60.00 120.00 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 945 720 318 318 945 720 1170 945 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 945 4320 318 318 945 4320 1170 4545 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 4140 630 318 318 4140 630 4365 855 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3240 5355 318 318 3240 5355 3465 5580 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6885 495 318 318 6885 495 7110 720 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 10125 1260 318 318 10125 1260 10350 1485 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6956 5377 318 318 6956 5377 7181 5602 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 10125 4095 318 318 10125 4095 10350 4320 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 7650 2655 1027 1027 7650 2655 8145 3555 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3465 2745 1027 1027 3465 2745 3960 3645 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 1170 945 2655 2115 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 1170 4095 2565 3240 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 3285 5085 3375 3780 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 6795 5085 4185 3510 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4005 900 3645 1665 -2 1 0 10 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 5 1 1.00 60.00 120.00 - 4545 2700 6705 2700 -4 0 0 50 -1 16 18 0.0000 4 225 1230 7065 2655 BACKUP\001 -4 0 0 50 -1 16 18 0.0000 4 225 645 7335 3150 HUB\001 -4 0 0 50 -1 16 18 0.0000 4 225 645 3150 2835 HUB\001 diff --git a/docs/guides/img-src/inherit.fig b/docs/guides/img-src/inherit.fig deleted file mode 100644 index 699be3fad6..0000000000 --- a/docs/guides/img-src/inherit.fig +++ /dev/null @@ -1,24 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4680 1575 6840 1575 6840 2700 4680 2700 4680 1575 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 3150 3645 5310 3645 5310 4770 3150 4770 3150 3645 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 6255 3645 8415 3645 8415 4770 6255 4770 6255 3645 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4275 3645 5490 2745 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 7200 3645 6030 2700 -4 0 0 50 -1 16 18 0.0000 4 225 1050 3645 4320 extends\001 -4 0 0 50 -1 16 18 0.0000 4 225 960 6885 4275 inherits\001 -4 0 0 50 -1 16 18 0.0000 4 225 780 5355 2250 BASE\001 diff --git a/docs/guides/img-src/intersect.fig b/docs/guides/img-src/intersect.fig deleted file mode 100644 index 673297c2a8..0000000000 --- a/docs/guides/img-src/intersect.fig +++ /dev/null @@ -1,16 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 2520 2475 2803 2803 2520 2475 4410 4545 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 2385 2835 1028 1028 2385 2835 2790 3780 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3105 5895 2776 2776 3105 5895 3915 8550 -4 0 0 50 -1 16 18 0.0000 4 225 600 2610 1035 linux\001 -4 0 0 50 -1 16 18 0.0000 4 225 720 5400 720 hosts\001 -4 0 0 50 -1 16 18 0.0000 4 225 885 1665 3015 debian\001 -4 0 0 50 -1 16 18 0.0000 4 225 1545 1980 6075 64 bit hosts\001 diff --git a/docs/guides/img-src/itilv3.fig b/docs/guides/img-src/itilv3.fig deleted file mode 100644 index 8024f1191d..0000000000 --- a/docs/guides/img-src/itilv3.fig +++ /dev/null @@ -1,15 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 900 900 12600 900 12600 8550 900 8550 900 900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 900 7650 12600 7650 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 900 1800 12600 1800 diff --git a/docs/guides/img-src/matrix1.fig b/docs/guides/img-src/matrix1.fig deleted file mode 100644 index c55b518f22..0000000000 --- a/docs/guides/img-src/matrix1.fig +++ /dev/null @@ -1,43 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1350 900 10800 900 10800 6795 1350 6795 1350 900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 2700 945 2700 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4050 900 4050 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 5400 900 5400 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 2250 10800 2250 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 3600 10800 3600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 4995 10755 4995 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 1665 1890 1890 2115 2475 1215 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2842 1865 3067 2090 3652 1190 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2932 3170 3157 3395 3742 2495 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 1717 4475 1942 4700 2527 3800 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2842 4520 3067 4745 3652 3845 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 4237 4475 4462 4700 5047 3800 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 5812 4475 6037 4700 6622 3800 -4 0 0 50 -1 16 17 0.0000 4 210 885 270 1620 Task 1\001 -4 0 0 50 -1 16 17 0.0000 4 210 885 225 4320 Task 3\001 -4 0 0 50 -1 16 17 0.0000 4 210 885 270 2970 Task 2\001 -4 0 0 50 -1 16 17 0.0000 4 210 840 1665 630 Host 1\001 -4 0 0 50 -1 16 17 0.0000 4 210 840 3015 630 Host 2\001 -4 0 0 50 -1 16 17 0.0000 4 210 840 4320 630 Host 3\001 diff --git a/docs/guides/img-src/matrix2.fig b/docs/guides/img-src/matrix2.fig deleted file mode 100644 index a190ce7851..0000000000 --- a/docs/guides/img-src/matrix2.fig +++ /dev/null @@ -1,43 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1350 900 10800 900 10800 6795 1350 6795 1350 900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 2700 945 2700 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4050 900 4050 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 5400 900 5400 6795 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 2250 10800 2250 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 3600 10800 3600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 1350 4995 10755 4995 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 1665 1890 1890 2115 2475 1215 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2842 1865 3067 2090 3652 1190 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2932 3170 3157 3395 3742 2495 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 1717 4475 1942 4700 2527 3800 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 2842 4520 3067 4745 3652 3845 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 4237 4475 4462 4700 5047 3800 -2 1 0 6 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 5812 4475 6037 4700 6622 3800 -4 0 0 50 -1 16 17 0.0000 4 210 975 1665 630 Class 1\001 -4 0 0 50 -1 16 17 0.0000 4 210 975 3015 630 Class 2\001 -4 0 0 50 -1 16 17 0.0000 4 210 975 4320 630 Class 3\001 -4 0 0 50 -1 16 17 0.0000 4 210 1305 -45 1665 Promise 1\001 -4 0 0 50 -1 16 17 0.0000 4 210 1305 -90 3060 Promise 2\001 -4 0 0 50 -1 16 17 0.0000 4 210 1305 -90 4410 Promise 3\001 diff --git a/docs/guides/img-src/nettolerance.fig b/docs/guides/img-src/nettolerance.fig deleted file mode 100644 index 7ef2997fe9..0000000000 --- a/docs/guides/img-src/nettolerance.fig +++ /dev/null @@ -1,149 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6030 4095 90 90 6030 4095 6030 4185 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10350 4140 90 90 10350 4140 10350 4230 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5670 5850 90 90 5670 5850 5670 5940 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7155 6120 90 90 7155 6120 7155 6210 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6705 3465 90 90 6705 3465 6705 3555 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6390 1710 90 90 6390 1710 6390 1800 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4950 2700 90 90 4950 2700 4950 2790 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5085 4815 90 90 5085 4815 5085 4905 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5085 4410 90 90 5085 4410 5085 4500 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4590 4455 90 90 4590 4455 4590 4545 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4770 5175 90 90 4770 5175 4770 5265 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5310 5400 90 90 5310 5400 5310 5490 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5220 5895 90 90 5220 5895 5220 5985 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5400 6480 90 90 5400 6480 5400 6570 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6120 6165 90 90 6120 6165 6120 6255 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6750 6165 90 90 6750 6165 6750 6255 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7425 6435 90 90 7425 6435 7425 6525 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7605 5850 90 90 7605 5850 7605 5940 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7155 5175 90 90 7155 5175 7155 5265 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6660 4050 90 90 6660 4050 6660 4140 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7065 3645 90 90 7065 3645 7065 3735 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7425 2970 90 90 7425 2970 7425 3060 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6885 2925 90 90 6885 2925 6885 3015 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6480 3105 90 90 6480 3105 6480 3195 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6840 2565 90 90 6840 2565 6840 2655 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6840 1755 90 90 6840 1755 6840 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6660 1080 90 90 6660 1080 6660 1170 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5940 1125 90 90 5940 1125 5940 1215 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5760 1890 90 90 5760 1890 5760 1980 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5985 2250 90 90 5985 2250 5985 2340 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5850 2700 90 90 5850 2700 5850 2790 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5220 2160 90 90 5220 2160 5220 2250 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4545 2655 90 90 4545 2655 4545 2745 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4680 3330 90 90 4680 3330 4680 3420 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5130 3375 90 90 5130 3375 5130 3465 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9630 3780 90 90 9630 3780 9630 3870 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10125 3285 90 90 10125 3285 10125 3375 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11115 3420 90 90 11115 3420 11115 3510 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10755 2610 90 90 10755 2610 10755 2700 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9720 2565 90 90 9720 2565 9720 2655 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9135 2970 90 90 9135 2970 9135 3060 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9045 2070 90 90 9045 2070 9045 2160 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9810 1755 90 90 9810 1755 9810 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10440 1755 90 90 10440 1755 10440 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11250 1485 90 90 11250 1485 11250 1575 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10215 1080 90 90 10215 1080 10215 1170 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11115 4590 90 90 11115 4590 11115 4680 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10530 4905 90 90 10530 4905 10530 4995 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9720 4635 90 90 9720 4635 9720 4725 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9180 5355 90 90 9180 5355 9180 5445 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10080 5670 90 90 10080 5670 10080 5760 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11070 5670 90 90 11070 5670 11070 5760 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11745 5220 90 90 11745 5220 11745 5310 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11700 6345 90 90 11700 6345 11700 6435 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9675 6435 90 90 9675 6435 9675 6525 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11610 2700 90 90 11610 2700 11610 2790 -1 3 1 3 0 7 50 0 -1 8.000 1 0.0000 11115 3420 407 407 11115 3420 11070 3825 -1 3 1 3 0 7 50 0 -1 8.000 1 0.0000 6075 4095 363 363 6075 4095 6030 4455 -1 3 1 3 0 7 50 0 -1 8.000 1 0.0000 6390 1710 274 274 6390 1710 6345 1980 -1 3 1 3 0 7 50 0 -1 8.000 1 0.0000 11115 4590 318 318 11115 4590 11070 4905 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4095 4905 2655 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6075 4095 6705 3465 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 7155 6210 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 5715 5850 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5985 4095 5085 4815 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 5310 5400 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 4815 5175 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 4545 4455 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 5085 4500 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 5130 3375 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 4725 3330 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 4545 2655 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5220 2115 4905 2700 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2700 5850 2700 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1755 5985 2295 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 5760 1890 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 6885 2565 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6795 1755 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6660 1035 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 5895 1035 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6480 3060 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6840 2925 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 7425 2925 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 7065 3645 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6660 4050 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6210 7155 5220 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6165 7560 5895 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6210 7425 6435 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6165 6795 6165 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5715 5895 6165 6165 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5670 5850 5400 6480 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5220 5895 5670 5850 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 6 - 9135 5355 9720 4635 9630 3735 9135 2970 9765 2520 9045 2070 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 5 - 9720 2520 9810 1755 10440 1800 10215 1080 11295 1485 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 4 - 10440 1755 10800 2655 10125 3285 9630 3825 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 7 - 9720 2565 10170 3330 10350 4140 11070 3465 11070 4590 11745 5220 - 11700 6345 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 5 - 11115 4590 10530 4950 10035 5670 9675 6480 11070 5670 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 2 - 10755 2655 11655 2700 -4 0 0 50 -1 16 18 0.0000 4 285 2940 6885 7515 Single points of failure\001 diff --git a/docs/guides/img-src/networks.fig b/docs/guides/img-src/networks.fig deleted file mode 100644 index 55d1212c64..0000000000 --- a/docs/guides/img-src/networks.fig +++ /dev/null @@ -1,195 +0,0 @@ -#FIG 3.2 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1350 1350 90 90 1350 1350 1350 1440 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 2745 1395 90 90 2745 1395 2745 1485 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 2295 1935 90 90 2295 1935 2295 2025 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1710 1980 90 90 1710 1980 1710 2070 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1395 2745 90 90 1395 2745 1395 2835 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1980 3825 90 90 1980 3825 1980 3915 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1125 4905 90 90 1125 4905 1125 4995 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1575 5625 90 90 1575 5625 1575 5715 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 2520 6255 90 90 2520 6255 2520 6345 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 2925 5175 90 90 2925 5175 2925 5265 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 3465 3915 90 90 3465 3915 3465 4005 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 3195 2880 90 90 3195 2880 3195 2970 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 3510 1890 90 90 3510 1890 3510 1980 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 1035 3915 90 90 1035 3915 1035 4005 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 945 6210 90 90 945 6210 945 6300 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6030 4095 90 90 6030 4095 6030 4185 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10350 4140 90 90 10350 4140 10350 4230 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5670 5850 90 90 5670 5850 5670 5940 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7155 6120 90 90 7155 6120 7155 6210 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6705 3465 90 90 6705 3465 6705 3555 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6390 1710 90 90 6390 1710 6390 1800 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4950 2700 90 90 4950 2700 4950 2790 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5085 4815 90 90 5085 4815 5085 4905 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5085 4410 90 90 5085 4410 5085 4500 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4590 4455 90 90 4590 4455 4590 4545 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4770 5175 90 90 4770 5175 4770 5265 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5310 5400 90 90 5310 5400 5310 5490 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5220 5895 90 90 5220 5895 5220 5985 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5400 6480 90 90 5400 6480 5400 6570 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6120 6165 90 90 6120 6165 6120 6255 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6750 6165 90 90 6750 6165 6750 6255 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7425 6435 90 90 7425 6435 7425 6525 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7605 5850 90 90 7605 5850 7605 5940 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7155 5175 90 90 7155 5175 7155 5265 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6660 4050 90 90 6660 4050 6660 4140 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7065 3645 90 90 7065 3645 7065 3735 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 7425 2970 90 90 7425 2970 7425 3060 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6885 2925 90 90 6885 2925 6885 3015 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6480 3105 90 90 6480 3105 6480 3195 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6840 2565 90 90 6840 2565 6840 2655 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6840 1755 90 90 6840 1755 6840 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 6660 1080 90 90 6660 1080 6660 1170 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5940 1125 90 90 5940 1125 5940 1215 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5760 1890 90 90 5760 1890 5760 1980 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5985 2250 90 90 5985 2250 5985 2340 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5850 2700 90 90 5850 2700 5850 2790 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5220 2160 90 90 5220 2160 5220 2250 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4545 2655 90 90 4545 2655 4545 2745 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 4680 3330 90 90 4680 3330 4680 3420 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 5130 3375 90 90 5130 3375 5130 3465 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9630 3780 90 90 9630 3780 9630 3870 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10125 3285 90 90 10125 3285 10125 3375 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11115 3420 90 90 11115 3420 11115 3510 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10755 2610 90 90 10755 2610 10755 2700 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9720 2565 90 90 9720 2565 9720 2655 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9135 2970 90 90 9135 2970 9135 3060 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9045 2070 90 90 9045 2070 9045 2160 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9810 1755 90 90 9810 1755 9810 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10440 1755 90 90 10440 1755 10440 1845 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11250 1485 90 90 11250 1485 11250 1575 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10215 1080 90 90 10215 1080 10215 1170 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11115 4590 90 90 11115 4590 11115 4680 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10530 4905 90 90 10530 4905 10530 4995 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9720 4635 90 90 9720 4635 9720 4725 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9180 5355 90 90 9180 5355 9180 5445 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 10080 5670 90 90 10080 5670 10080 5760 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11070 5670 90 90 11070 5670 11070 5760 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11745 5220 90 90 11745 5220 11745 5310 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11700 6345 90 90 11700 6345 11700 6435 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 9675 6435 90 90 9675 6435 9675 6525 -1 3 0 1 0 7 50 0 0 0.000 1 0.0000 11610 2700 90 90 11610 2700 11610 2790 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 2025 3870 1035 3915 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 2025 3825 1395 2790 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 2025 3825 1710 1980 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 2025 3825 1350 1350 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3870 2295 1980 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3825 2745 1395 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3825 3510 1890 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3825 3195 2880 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3870 3465 3960 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 2025 3870 2925 5175 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3870 2520 6300 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3825 1575 5670 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3870 1170 4950 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 1980 3825 945 6210 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4095 4905 2655 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6075 4095 6705 3465 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 7155 6210 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6030 4140 5715 5850 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5985 4095 5085 4815 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 5310 5400 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 4815 5175 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 4545 4455 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5085 4815 5085 4500 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 5130 3375 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 4725 3330 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2655 4545 2655 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5220 2115 4905 2700 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 4905 2700 5850 2700 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1755 5985 2295 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 5760 1890 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 6885 2565 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6795 1755 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6660 1035 6390 1710 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6390 1710 5895 1035 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6480 3060 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6840 2925 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 7425 2925 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 7065 3645 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 6705 3465 6660 4050 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6210 7155 5220 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6165 7560 5895 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6210 7425 6435 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 7155 6165 6795 6165 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5715 5895 6165 6165 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5670 5850 5400 6480 -2 1 0 1 0 7 50 0 0 0.000 0 0 -1 0 0 2 - 5220 5895 5670 5850 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 31 - 9720 6435 9180 5400 10080 5715 9720 4680 10530 4905 11070 5670 - 11700 6345 11745 5220 11115 4590 10350 4140 11115 3420 11655 2655 - 11250 1485 10170 1080 10440 1800 9810 1755 9045 2070 9720 2565 - 10440 1800 10755 2610 10125 3285 9090 2970 9765 2520 9810 1755 - 10215 1080 11655 2745 10755 2610 10350 4140 9630 3780 9720 4635 - 9180 5400 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 5 - 9675 6435 10080 5715 11115 5715 9675 6435 11745 6390 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 4 - 9630 3780 9135 3015 9000 2070 10215 1035 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 2 - 9135 2970 9180 5400 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 4 - 11160 3465 11160 4590 11655 2700 11745 5220 -2 1 0 1 0 7 50 0 -1 0.000 0 0 -1 0 0 7 - 11745 5220 11115 5670 11115 4590 10530 4950 10350 4185 10125 3285 - 9765 2565 -4 0 0 50 0 0 18 0.0000 4 195 255 1665 7560 (a)\001 -4 0 0 50 0 0 18 0.0000 4 195 255 5850 7605 (b)\001 -4 0 0 50 0 0 18 0.0000 4 195 255 10350 7560 (c)\001 diff --git a/docs/guides/img-src/paradigms.fig b/docs/guides/img-src/paradigms.fig deleted file mode 100644 index 53f66557cd..0000000000 --- a/docs/guides/img-src/paradigms.fig +++ /dev/null @@ -1,26 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 - 225 360 225 7920 12420 7920 -3 2 0 3 4 7 50 -1 -1 0.000 0 0 0 3 - 675 7290 6075 5265 9000 765 - 0.000 -1.000 0.000 -4 0 0 50 -1 18 23 0.0000 4 285 810 5895 8280 time\001 -4 0 0 50 -1 18 23 1.5708 4 375 4065 -225 5850 capability / scalability\001 -4 0 0 50 -1 18 23 0.0000 4 285 855 855 7290 rdist\001 -4 0 0 50 -1 18 23 0.0000 4 375 705 2160 6750 lcfg\001 -4 0 31 50 -1 16 23 0.0000 4 375 4035 2880 3690 Computer Immunology\001 -4 0 0 50 -1 18 23 0.0000 4 375 1965 3780 6075 cfengine 1\001 -4 0 0 50 -1 18 23 0.0000 4 330 1320 6300 4905 puppet\001 -4 0 0 50 -1 18 23 0.0000 4 375 1065 5670 5535 bcfg2\001 -4 0 0 50 -1 18 23 0.0000 4 375 1965 4230 4140 cfengine 2\001 -4 0 0 50 -1 18 23 0.0000 4 375 1965 7200 2250 cfengine 3\001 -4 0 0 50 -1 18 23 0.0000 4 375 2865 7560 540 cfengine NOVA\001 -4 0 31 50 -1 16 23 0.0000 4 360 2730 360 7740 Push templates\001 diff --git a/docs/guides/img-src/rbac.fig b/docs/guides/img-src/rbac.fig deleted file mode 100644 index 5454d0588f..0000000000 --- a/docs/guides/img-src/rbac.fig +++ /dev/null @@ -1,23 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 10080 2385 627 627 10080 2385 10305 2970 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 720 1440 4770 1440 4770 3555 720 3555 720 1440 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 4770 2205 9270 2205 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 9540 2655 6030 2655 -4 0 0 50 -1 16 18 0.0000 4 285 2265 1485 2160 privilege granting\001 -4 0 0 50 -1 16 18 0.0000 4 285 1785 1485 2850 service agent\001 -4 0 0 50 -1 16 18 0.0000 4 165 585 9765 2430 user\001 -4 0 0 50 -1 16 18 0.0000 4 285 1995 6165 2025 RBAC promise\001 -4 0 0 50 -1 16 18 0.0000 4 270 1920 7020 3105 request to use\001 diff --git a/docs/guides/img-src/redundhubs.fig b/docs/guides/img-src/redundhubs.fig deleted file mode 100644 index badda4f91f..0000000000 --- a/docs/guides/img-src/redundhubs.fig +++ /dev/null @@ -1,63 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5b -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -6 2835 2835 4455 4455 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3645 3645 796 796 3645 3645 4230 4185 -4 0 0 50 -1 16 24 0.0000 4 315 735 3285 3780 Hub\001 --6 -6 5625 2205 7245 3825 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6435 3015 796 796 6435 3015 7020 3555 -4 0 0 50 -1 16 24 0.0000 4 315 735 6075 3150 Hub\001 --6 -6 4905 4635 6525 6255 -1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 5715 5445 796 796 5715 5445 6300 5985 -4 0 0 50 -1 16 24 0.0000 4 315 735 5355 5580 Hub\001 --6 -6 7155 7245 8235 8325 -1 3 0 2 0 7 50 -1 -1 6.000 1 0.0000 7695 7785 485 485 7695 7785 7875 8235 -4 0 0 50 -1 16 24 0.0000 4 315 285 7560 7965 C\001 --6 -6 8505 5985 9585 7065 -1 3 0 2 0 7 50 -1 -1 6.000 1 0.0000 9045 6525 485 485 9045 6525 9225 6975 -4 0 0 50 -1 16 24 0.0000 4 315 285 8910 6705 C\001 --6 -6 9045 4095 10125 5175 -1 3 0 2 0 7 50 -1 -1 6.000 1 0.0000 9585 4635 485 485 9585 4635 9765 5085 -4 0 0 50 -1 16 24 0.0000 4 315 285 9450 4815 C\001 --6 -6 8865 2205 9945 3285 -1 3 0 2 0 7 50 -1 -1 6.000 1 0.0000 9405 2745 485 485 9405 2745 9585 3195 -4 0 0 50 -1 16 24 0.0000 4 315 285 9270 2925 C\001 --6 -1 3 1 2 0 7 50 -1 -1 6.000 1 0.0000 5265 4050 2763 2763 5265 4050 6660 6435 -1 3 0 2 0 7 50 -1 -1 6.000 1 0.0000 5715 5445 946 946 5715 5445 6120 6300 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 4410 3375 5625 3150 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 4095 4320 5085 4995 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 - 0 0 1.00 60.00 120.00 - 0 0 1.00 60.00 120.00 - 5895 4680 6210 3780 -2 1 0 2 0 7 50 -1 -1 6.000 0 0 -1 0 1 2 - 0 0 1.00 60.00 120.00 - 6255 6255 7380 7380 -2 1 0 2 0 7 50 -1 -1 6.000 0 0 -1 0 1 2 - 0 0 1.00 60.00 120.00 - 6660 5715 8595 6300 -2 1 0 2 0 7 50 -1 -1 6.000 0 0 -1 0 1 2 - 0 0 1.00 60.00 120.00 - 6615 5175 9135 4680 -2 1 0 2 0 7 50 -1 -1 6.000 0 0 -1 0 1 2 - 0 0 1.00 60.00 120.00 - 6435 4770 9000 3060 diff --git a/docs/guides/img-src/schedule_patterns.fig b/docs/guides/img-src/schedule_patterns.fig deleted file mode 100644 index 3a24c73263..0000000000 --- a/docs/guides/img-src/schedule_patterns.fig +++ /dev/null @@ -1,43 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2150 1650 180 180 2150 1650 2150 1830 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2150 2550 180 180 2150 2550 2150 2730 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2160 855 180 180 2160 855 2160 1035 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 2160 4500 180 180 2160 4500 2160 4680 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 3915 4500 180 180 3915 4500 3915 4680 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 5715 4500 180 180 5715 4500 5715 4680 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 5715 3645 180 180 5715 3645 5715 3825 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 5715 5400 180 180 5715 5400 5715 5580 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 5625 1710 180 180 5625 1710 5625 1890 -1 3 0 1 0 7 50 -1 0 0.000 1 0.0000 3915 1710 180 180 3915 1710 3915 1890 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2205 4500 3690 4500 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4140 4500 5490 3645 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4095 4500 5445 4500 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4095 4545 5490 5310 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2205 855 3735 1575 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2160 1665 3645 1710 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 2160 2610 3690 1845 -2 1 0 2 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 0 0 1.00 60.00 120.00 - 4185 1710 5400 1710 diff --git a/docs/guides/img-src/update.fig b/docs/guides/img-src/update.fig deleted file mode 100644 index fb5f2c58ce..0000000000 --- a/docs/guides/img-src/update.fig +++ /dev/null @@ -1,27 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 900 1350 3600 1350 3600 2700 900 2700 900 1350 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4950 1350 7650 1350 7650 2700 4950 2700 4950 1350 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9000 1350 11700 1350 11700 2700 9000 2700 9000 1350 -2 1 0 3 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 3600 2025 4950 2025 -2 1 0 3 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 1 1 1.00 60.00 120.00 - 7650 2025 9000 2025 -4 0 0 50 -1 16 18 0.0000 4 285 1935 9405 1890 Keep software\001 -4 0 0 50 -1 16 18 0.0000 4 225 1395 5610 1920 Determine\001 -4 0 0 50 -1 16 18 0.0000 4 225 2040 5310 2370 version on host\001 -4 0 0 50 -1 16 18 0.0000 4 285 2145 9315 2355 promise on host\001 -4 0 0 50 -1 16 18 0.0000 4 285 2385 1050 1905 Get package data\001 -4 0 0 50 -1 16 18 0.0000 4 225 1245 1650 2355 onto host\001 diff --git a/docs/guides/img-src/user2root.fig b/docs/guides/img-src/user2root.fig deleted file mode 100644 index 843a109f61..0000000000 --- a/docs/guides/img-src/user2root.fig +++ /dev/null @@ -1,30 +0,0 @@ -#FIG 3.2 Produced by xfig version 3.2.5 -Landscape -Center -Metric -A4 -100.00 -Single --2 -1200 2 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1800 5040 4365 5040 4365 6390 1800 6390 1800 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4725 5040 7290 5040 7290 6390 4725 6390 4725 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 7695 5040 10260 5040 10260 6390 7695 6390 7695 5040 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4770 1710 7335 1710 7335 3060 4770 3060 4770 1710 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 2 1 1.00 60.00 120.00 - 3060 5040 5220 3150 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 2 1 1.00 60.00 120.00 - 6030 5040 5985 3150 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 2 1 1.00 60.00 120.00 - 8820 5040 6660 3195 -4 0 0 50 -1 14 18 0.0000 4 195 1125 2340 5805 user1\001 -4 0 0 50 -1 14 18 0.0000 4 195 1125 5085 5760 user2\001 -4 0 0 50 -1 14 18 0.0000 4 195 1125 8190 5715 user3\001 -4 0 0 50 -1 14 18 0.0000 4 180 900 5580 2475 root\001 diff --git a/docs/guides/impact.png b/docs/guides/impact.png deleted file mode 100644 index 36b06e09d2..0000000000 Binary files a/docs/guides/impact.png and /dev/null differ diff --git a/docs/guides/influence_cfengine_inputs.png b/docs/guides/influence_cfengine_inputs.png deleted file mode 100644 index d3284d1784..0000000000 Binary files a/docs/guides/influence_cfengine_inputs.png and /dev/null differ diff --git a/docs/guides/inherit.png b/docs/guides/inherit.png deleted file mode 100644 index 13ca808d68..0000000000 Binary files a/docs/guides/inherit.png and /dev/null differ diff --git a/docs/guides/intermediate.png b/docs/guides/intermediate.png deleted file mode 100644 index af15a65c66..0000000000 Binary files a/docs/guides/intermediate.png and /dev/null differ diff --git a/docs/guides/intersect.png b/docs/guides/intersect.png deleted file mode 100644 index 9590507bd3..0000000000 Binary files a/docs/guides/intersect.png and /dev/null differ diff --git a/docs/guides/itilfcaps.png b/docs/guides/itilfcaps.png deleted file mode 100644 index 921e6e773f..0000000000 Binary files a/docs/guides/itilfcaps.png and /dev/null differ diff --git a/docs/guides/km1.png b/docs/guides/km1.png deleted file mode 100644 index d1f34f9b47..0000000000 Binary files a/docs/guides/km1.png and /dev/null differ diff --git a/docs/guides/km2.png b/docs/guides/km2.png deleted file mode 100644 index 827bd1e210..0000000000 Binary files a/docs/guides/km2.png and /dev/null differ diff --git a/docs/guides/km3.png b/docs/guides/km3.png deleted file mode 100644 index 089c25af6e..0000000000 Binary files a/docs/guides/km3.png and /dev/null differ diff --git a/docs/guides/km4.png b/docs/guides/km4.png deleted file mode 100644 index dcadfc3255..0000000000 Binary files a/docs/guides/km4.png and /dev/null differ diff --git a/docs/guides/km5.png b/docs/guides/km5.png deleted file mode 100644 index 86b28fd575..0000000000 Binary files a/docs/guides/km5.png and /dev/null differ diff --git a/docs/guides/km6.png b/docs/guides/km6.png deleted file mode 100644 index 438d2ee11c..0000000000 Binary files a/docs/guides/km6.png and /dev/null differ diff --git a/docs/guides/km7.png b/docs/guides/km7.png deleted file mode 100644 index 04c57abec5..0000000000 Binary files a/docs/guides/km7.png and /dev/null differ diff --git a/docs/guides/km8.png b/docs/guides/km8.png deleted file mode 100644 index 367c2ba45d..0000000000 Binary files a/docs/guides/km8.png and /dev/null differ diff --git a/docs/guides/km9.png b/docs/guides/km9.png deleted file mode 100644 index 0199c43136..0000000000 Binary files a/docs/guides/km9.png and /dev/null differ diff --git a/docs/guides/knowledge_bundle.png b/docs/guides/knowledge_bundle.png deleted file mode 100644 index 64981b3044..0000000000 Binary files a/docs/guides/knowledge_bundle.png and /dev/null differ diff --git a/docs/guides/matrix1.png b/docs/guides/matrix1.png deleted file mode 100644 index a7caff2213..0000000000 Binary files a/docs/guides/matrix1.png and /dev/null differ diff --git a/docs/guides/matrix2.png b/docs/guides/matrix2.png deleted file mode 100644 index 9bd31c04b3..0000000000 Binary files a/docs/guides/matrix2.png and /dev/null differ diff --git a/docs/guides/mission.png b/docs/guides/mission.png deleted file mode 100644 index 65ab91adfb..0000000000 Binary files a/docs/guides/mission.png and /dev/null differ diff --git a/docs/guides/monitor.png b/docs/guides/monitor.png deleted file mode 100644 index 3cb18292b8..0000000000 Binary files a/docs/guides/monitor.png and /dev/null differ diff --git a/docs/guides/nettolerance.png b/docs/guides/nettolerance.png deleted file mode 100644 index 4b04b320f7..0000000000 Binary files a/docs/guides/nettolerance.png and /dev/null differ diff --git a/docs/guides/networks.png b/docs/guides/networks.png deleted file mode 100644 index 796d51685a..0000000000 Binary files a/docs/guides/networks.png and /dev/null differ diff --git a/docs/guides/nova.png b/docs/guides/nova.png deleted file mode 100644 index 7bbc57a89e..0000000000 Binary files a/docs/guides/nova.png and /dev/null differ diff --git a/docs/guides/nova_const.png b/docs/guides/nova_const.png deleted file mode 100644 index 162c7dffe2..0000000000 Binary files a/docs/guides/nova_const.png and /dev/null differ diff --git a/docs/guides/novaarch.png b/docs/guides/novaarch.png deleted file mode 100644 index 7974aca19e..0000000000 Binary files a/docs/guides/novaarch.png and /dev/null differ diff --git a/docs/guides/paradigms.png b/docs/guides/paradigms.png deleted file mode 100644 index ea0d90d66f..0000000000 Binary files a/docs/guides/paradigms.png and /dev/null differ diff --git a/docs/guides/performance.png b/docs/guides/performance.png deleted file mode 100644 index b12df0a0b0..0000000000 Binary files a/docs/guides/performance.png and /dev/null differ diff --git a/docs/guides/postamble.texinfo b/docs/guides/postamble.texinfo deleted file mode 100644 index 3f20206432..0000000000 --- a/docs/guides/postamble.texinfo +++ /dev/null @@ -1,15 +0,0 @@ - - -@ifhtml -@html - -@end html -@end ifhtml - -@ifhtml -@contents -@end ifhtml - - -@bye - diff --git a/docs/guides/preamble.texinfo b/docs/guides/preamble.texinfo deleted file mode 100644 index f8ec853c2e..0000000000 --- a/docs/guides/preamble.texinfo +++ /dev/null @@ -1,98 +0,0 @@ -\input texinfo-altfont -\input texinfo-logo -\input texinfo -@selectaltfont{cmbright} -@setlogo{CFEngineFrontPage} - -@c ********************************************************************* -@c -@c This is a TEXINFO file. It generates both TEX documentation and -@c the "on line" documentation "info" files. -@c -@c *********************************************************************** - -@c %** start of header -@setfilename CfengineStdLibrary.info -@settitle Community Open Promise Body Library -@setchapternewpage odd -@c %** end of header - -@titlepage -@title Community Open Promise Body Library -@subtitle A CFEngine Standard -@author CFEngine AS - -@c @smallbook - -@fonttextsize 10 - -@page -@vskip 0pt plus 1filll -Copyright @copyright{} 2012 CFEngine AS -@end titlepage -@c *************************** File begins here ************************ -@ifinfo -@dircategory CFEngine Training -@direntry -* cfengine Reference: - CFEngine is a language based framework - designed for configuring and maintaining - Unix-like operating systems attached - to a TCP/IP network. -@end direntry -@end ifinfo -@ifnottex -@node Top, Basic company information and procedures, (dir), (dir) -@top CFEngine-Open-Promise-Body-Library -@end ifnottex -@ifhtml -@html -COMPLETE TABLE OF CONTENTS -

Summary of contents

-@end html -@end ifhtml -@iftex -@contents -@end iftex -@node The Purpose Of This Handbook -@chapter The Purpose Of This Handbook - -@sp 1 - -CFEngine is built on promises. Promises were chosen as the model for CFEngine's -configuration language, because they represent an expression of intention. - -If you are using custom scripts to manage your systems, you are using -@i{recipes}. Take a look at any cookbook and you will see that all -recipes look the same: take flour, eggs, butter, sugar ... and you -know nothing because you can make a hundred things from these steps. -If you don't make clear your intention, it is very hard to know what -the recipe is supposed to be: is it a cake, a waffle, a pastry? - -The same is true in system administration. Recipes are not merely -scripts, they encapsulate knowledge and experience. Their value is -in communicating @i{desired outcomes} or states. - -This library of standard components is like a cookbook that tells you -only how to make basics well. It gives these basic skills names and -therefore gives you a common vocabulary -- you will put together these -basics in creative ways to build your systems. - -@sp 2 - -@cartouche - -Please contribute to this guide by helping to develop a repertoire of -basic skills and names. This collection should be comprehensive but -parsimonious. Basics are only basics if they are few and carefully -thought out. This is a work in progress and your experience is welcome. - -This library will be moderated by CFEngine, and contributions and discussions -ca n be made to the help-cfengine@@cfengine.org mailing list. - -@end cartouche - - - - - diff --git a/docs/guides/promise_page.png b/docs/guides/promise_page.png deleted file mode 100644 index faff956db3..0000000000 Binary files a/docs/guides/promise_page.png and /dev/null differ diff --git a/docs/guides/qs1.png b/docs/guides/qs1.png deleted file mode 100644 index 708c27dfea..0000000000 Binary files a/docs/guides/qs1.png and /dev/null differ diff --git a/docs/guides/qs2.png b/docs/guides/qs2.png deleted file mode 100644 index 72ed30ef78..0000000000 Binary files a/docs/guides/qs2.png and /dev/null differ diff --git a/docs/guides/rbac.png b/docs/guides/rbac.png deleted file mode 100644 index 2f13877114..0000000000 Binary files a/docs/guides/rbac.png and /dev/null differ diff --git a/docs/guides/redundhubs.png b/docs/guides/redundhubs.png deleted file mode 100644 index efac20cdbd..0000000000 Binary files a/docs/guides/redundhubs.png and /dev/null differ diff --git a/docs/guides/role-define-loba.png b/docs/guides/role-define-loba.png deleted file mode 100644 index 61bee7f602..0000000000 Binary files a/docs/guides/role-define-loba.png and /dev/null differ diff --git a/docs/guides/roll-forward.png b/docs/guides/roll-forward.png deleted file mode 100644 index 7b641c58e1..0000000000 Binary files a/docs/guides/roll-forward.png and /dev/null differ diff --git a/docs/guides/savefiledlg.png b/docs/guides/savefiledlg.png deleted file mode 100644 index 942fea4071..0000000000 Binary files a/docs/guides/savefiledlg.png and /dev/null differ diff --git a/docs/guides/schedule_patterns.png b/docs/guides/schedule_patterns.png deleted file mode 100644 index 05010d9470..0000000000 Binary files a/docs/guides/schedule_patterns.png and /dev/null differ diff --git a/docs/guides/scope2.png b/docs/guides/scope2.png deleted file mode 100644 index 4f43f9e47d..0000000000 Binary files a/docs/guides/scope2.png and /dev/null differ diff --git a/docs/guides/service_catalogue.png b/docs/guides/service_catalogue.png deleted file mode 100644 index 3cdda02e43..0000000000 Binary files a/docs/guides/service_catalogue.png and /dev/null differ diff --git a/docs/guides/setuid.png b/docs/guides/setuid.png deleted file mode 100644 index 2cb431ee72..0000000000 Binary files a/docs/guides/setuid.png and /dev/null differ diff --git a/docs/guides/software.png b/docs/guides/software.png deleted file mode 100644 index b7e39b07d2..0000000000 Binary files a/docs/guides/software.png and /dev/null differ diff --git a/docs/guides/status.png b/docs/guides/status.png deleted file mode 100644 index 1e98e3103e..0000000000 Binary files a/docs/guides/status.png and /dev/null differ diff --git a/docs/guides/summary.png b/docs/guides/summary.png deleted file mode 100644 index 65ab91adfb..0000000000 Binary files a/docs/guides/summary.png and /dev/null differ diff --git a/docs/guides/timeseries.png b/docs/guides/timeseries.png deleted file mode 100644 index c11ea8b9a4..0000000000 Binary files a/docs/guides/timeseries.png and /dev/null differ diff --git a/docs/guides/topic.png b/docs/guides/topic.png deleted file mode 100644 index 9bcef12502..0000000000 Binary files a/docs/guides/topic.png and /dev/null differ diff --git a/docs/guides/topicmap.png b/docs/guides/topicmap.png deleted file mode 100644 index 4b28e9a99b..0000000000 Binary files a/docs/guides/topicmap.png and /dev/null differ diff --git a/docs/guides/trends.png b/docs/guides/trends.png deleted file mode 100644 index 0e55249fe4..0000000000 Binary files a/docs/guides/trends.png and /dev/null differ diff --git a/docs/guides/update.png b/docs/guides/update.png deleted file mode 100644 index c67b1c04cf..0000000000 Binary files a/docs/guides/update.png and /dev/null differ diff --git a/docs/guides/updatedialog.png b/docs/guides/updatedialog.png deleted file mode 100644 index aca7f06b9a..0000000000 Binary files a/docs/guides/updatedialog.png and /dev/null differ diff --git a/docs/guides/views.png b/docs/guides/views.png deleted file mode 100644 index f5fc7d6d38..0000000000 Binary files a/docs/guides/views.png and /dev/null differ diff --git a/docs/guides/weakest.png b/docs/guides/weakest.png deleted file mode 100644 index 72e56ab3a6..0000000000 Binary files a/docs/guides/weakest.png and /dev/null differ diff --git a/docs/guides/winevent-notkept-storage.png b/docs/guides/winevent-notkept-storage.png deleted file mode 100644 index 0aaf43ceb6..0000000000 Binary files a/docs/guides/winevent-notkept-storage.png and /dev/null differ diff --git a/docs/guides/winevent-repaired-acl-closeup.png b/docs/guides/winevent-repaired-acl-closeup.png deleted file mode 100644 index 31213a5d02..0000000000 Binary files a/docs/guides/winevent-repaired-acl-closeup.png and /dev/null differ diff --git a/docs/guides/winhello.png b/docs/guides/winhello.png deleted file mode 100644 index e6ff026505..0000000000 Binary files a/docs/guides/winhello.png and /dev/null differ diff --git a/docs/guides/winreg-create.png b/docs/guides/winreg-create.png deleted file mode 100644 index a1b5af79b5..0000000000 Binary files a/docs/guides/winreg-create.png and /dev/null differ diff --git a/docs/guides/winreg-delete.png b/docs/guides/winreg-delete.png deleted file mode 100644 index 131031fe3c..0000000000 Binary files a/docs/guides/winreg-delete.png and /dev/null differ diff --git a/docs/guides/winservice-disabled_policy.png b/docs/guides/winservice-disabled_policy.png deleted file mode 100644 index 68ff61cd07..0000000000 Binary files a/docs/guides/winservice-disabled_policy.png and /dev/null differ diff --git a/docs/guides/winservice-properties_name.png b/docs/guides/winservice-properties_name.png deleted file mode 100644 index 86e4126621..0000000000 Binary files a/docs/guides/winservice-properties_name.png and /dev/null differ diff --git a/docs/reference/CFEngineFrontPage.pdf b/docs/reference/CFEngineFrontPage.pdf deleted file mode 100644 index 26e35bee2f..0000000000 Binary files a/docs/reference/CFEngineFrontPage.pdf and /dev/null differ diff --git a/docs/reference/Makefile.am b/docs/reference/Makefile.am deleted file mode 100644 index f2df697100..0000000000 --- a/docs/reference/Makefile.am +++ /dev/null @@ -1,65 +0,0 @@ -TEX_INCLUDEDIR=$(srcdir)/../tex-include - -.PRECIOUS: ../../cf-gendoc/cf-gendoc - -../../cf-gendoc/cf-gendoc: - $(MAKE) -C ../../cf-gendoc $(AM_MAKEFLAGS) cf-gendoc - -cf3-Reference.texinfo: ../../cf-gendoc/cf-gendoc \ - generate_manual.cf \ - $(filter-out cf3-Reference.texinfo,$(wildcard *.texinfo)) \ - $(wildcard */*.texinfo) - $(AM_V_GEN)../../cf-gendoc/cf-gendoc -i . -o $@ - -%.html: %.texinfo - $(AM_V_GEN)$(MAKEINFO) \ - $^ -o $@ \ - -I $(TEX_INCLUDEDIR) \ - --error-limit=0 \ - --html \ - --css-include=../guides/cfcomdoc.css \ - --no-split - -TEXI2PDFFLAGS = -I $(TEX_INCLUDEDIR) --batch $(if $(filter-out 0,$(V)),,--quiet) - -%.pdf: %.texinfo - $(AM_V_GEN)$(srcdir)/../tools/texi2pdfclean $^ $(TEXI2PDF) -o $@ $(TEXI2PDFFLAGS) - - -if HTML_DOCS -html: cf3-Reference.html -endif - -if PDF_DOCS -pdf: cf3-Reference.pdf -endif - -REFDIR=$(DESTDIR)/$(projdocdir)/reference - -dist-reference-%: % - $(MKDIR_P) $(distdir)/$^ - $(INSTALL_DATA) $(subst *,\*,$(wildcard $(srcdir)/$^/*.texinfo)) $(distdir)/$^ - -dist-reference: $(addprefix dist-reference-,bodyparts bundletypes control functions promises varcontexts vars) - $(INSTALL_DATA) $(filter-out cf3-Reference.texinfo,$(wildcard $(srcdir)/*.texinfo)) $(distdir) - -if HTML_DOCS -install-html: html - $(MKDIR_P) $(REFDIR)/html - $(INSTALL_DATA) cf3-Reference.html $(REFDIR)/html - $(INSTALL_DATA) `$(srcdir)/../tools/extract-images cf3-Reference.texinfo | sort | uniq` $(REFDIR)/html -endif - -if PDF_DOCS -install-pdf: pdf - $(MKDIR_P) $(REFDIR)/pdf - $(INSTALL_DATA) cf3-Reference.pdf $(REFDIR)/pdf -endif - -all: html pdf -install-data-hook: install-html install-pdf -dist-hook: dist-reference - -EXTRA_DIST = CFEngineFrontPage.pdf NewLogo.pdf filelogic.png generate_manual.cf - -CLEANFILES = cf3-Reference.html cf3-Reference.pdf cf3-Reference.texinfo diff --git a/docs/reference/NewLogo.pdf b/docs/reference/NewLogo.pdf deleted file mode 100644 index cb51106b1d..0000000000 Binary files a/docs/reference/NewLogo.pdf and /dev/null differ diff --git a/docs/reference/bodyparts/abortbundleclasses_example.texinfo b/docs/reference/bodyparts/abortbundleclasses_example.texinfo deleted file mode 100644 index f90d56bdd3..0000000000 --- a/docs/reference/bodyparts/abortbundleclasses_example.texinfo +++ /dev/null @@ -1,56 +0,0 @@ - -This example shows how to use the feature to validate input to a method bundle. - -@verbatim - -body common control - -{ -bundlesequence => { "testbundle" }; -version => "1.2.3"; -} - -########################################### - -body agent control - -{ -abortbundleclasses => { "invalid.*" }; -} - -########################################### - -bundle agent testbundle -{ -vars: - - "userlist" slist => { "xyz", "mark", "jeang", "jonhenrik", "thomas", "eben" }; - -methods: - - "any" usebundle => subtest("$(userlist)"); - -} - -########################################### - -bundle agent subtest(user) - -{ -classes: - - "invalid" not => regcmp("[a-z]{4}","$(user)"); - -reports: - - !invalid:: - - "User name $(user) is valid at exactly 4 letters"; - - # abortbundleclasses will prevent this from being evaluated - invalid:: - - "User name $(user) is invalid"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/abortbundleclasses_notes.texinfo b/docs/reference/bodyparts/abortbundleclasses_notes.texinfo deleted file mode 100644 index 32aabca394..0000000000 --- a/docs/reference/bodyparts/abortbundleclasses_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -A list of regular expressions for classes, or class expressions that -@code{cf-agent} will watch out for. If any of these classes becomes -defined, it will cause the current bundle to be aborted. This may be -used for validation, for example. diff --git a/docs/reference/bodyparts/abortclasses_example.texinfo b/docs/reference/bodyparts/abortclasses_example.texinfo deleted file mode 100644 index 7695ab502a..0000000000 --- a/docs/reference/bodyparts/abortclasses_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - - body agent control - - { - abortclasses => { "danger.*", "should_not_continue" }; - } - -@end verbatim diff --git a/docs/reference/bodyparts/abortclasses_notes.texinfo b/docs/reference/bodyparts/abortclasses_notes.texinfo deleted file mode 100644 index 9dd158d160..0000000000 --- a/docs/reference/bodyparts/abortclasses_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - - -A list of class regular expressions that @code{cf-agent} will watch -out for. If any matching class becomes defined, it will cause the -current execution of @code{cf-agent} to be aborted. This may be used -for validation, for example. To handle class expressions, simply create -an alias for the expression with a single name. diff --git a/docs/reference/bodyparts/aces_example.texinfo b/docs/reference/bodyparts/aces_example.texinfo deleted file mode 100644 index b5c7d9585e..0000000000 --- a/docs/reference/bodyparts/aces_example.texinfo +++ /dev/null @@ -1,19 +0,0 @@ - -@verbatim - -body acl template - -{ -acl_method => "overwrite"; -acl_type => "posix"; -acl_default => "access"; - -aces => { - "user:*:r(wwx),-r:allow", - "group:*:+rw:allow", - "mask:x:allow", - "all:r" - }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/aces_notes.texinfo b/docs/reference/bodyparts/aces_notes.texinfo deleted file mode 100644 index 3ece242fc9..0000000000 --- a/docs/reference/bodyparts/aces_notes.texinfo +++ /dev/null @@ -1,87 +0,0 @@ - -POSIX ACL are available in CFEngine Community starting with -3.4.0. NTFS ACL are available with CFEngine Nova or above. Form of -the permissions is: - -@cartouche -@smallexample - aces => @{ - "@var{user:uid:mode[:perm_type]}", ..., - "@var{group:gid:mode[:perm_type]}", ..., - "@var{all:mode[:perm_type]}" - @}; -@end smallexample -@end cartouche - -@itemize -@item @code{user} indicates that the line applies to a user specified - by the user identitfier @code{uid}. @code{mode} is the permission - mode string. - -@item @code{group} indicates that the line applies to a group specified - by the group identitfier @code{gid}. @code{mode} is the permission - mode string. - -@item @code{all} indicates that the line applies to every - user. @code{mode} is the permission mode string. - -@item @code{uid} is a valid user identifier for the system and - cannot be empty. However, @code{uid} can be set to * as a synonym - for the entity that owns the file system object (e.g. user:*:r). - -@item @code{gid} is a valid group identifier for the system and - cannot be empty. However, in some acl types, @code{gid} can be set - to * to indicate a special group (e.g. in POSIX this refers to the - file group). - -@item @code{mode} is one or more strings - @code{op}|@code{perms}|(@code{nperms}); a concatenation of @code{op}, - @code{perms} and optionally (@code{nperms}), see below, separated - with commas (e.g. +rx,-w(s)). @code{mode} is parsed from left to - right. -@c TODO: include support for @code{fullaccess}, @code{noaccess}, -@c and @code{remove} - -@item @code{op} specifies the operation on any existing permissions, - if the defined ACE already exists. @code{op} can be =, empty, + or - -. = or empty sets the permissions to the ACE as stated, + adds and - - removes the permissions from any existing ACE. - @c TODO: what to do if + or - is used when ACE does not exist? - -@item @code{nperms} (optional) specifies file system specific - (native) permissions. Only valid if @code{acl_type} is - defined. @code{nperms} will only be enforced if the file object is - stored on a file system supporting the acl type set in - @code{acl_type} (e.g. @code{nperms} will be ignored if - @code{acl_type:}@code{ntfs} and the object is stored on a file system - not supporting ntfs ACLs). Valid values for @code{nperms} varies with - different ACL types, and is defined in subsequent sections. - -@item @code{perm_type} (optional) can be set to either @code{allow} or - @code{deny}, and defaults to @code{allow}. @code{deny} is only valid - if @code{acl_type} is set to an ACL type that support deny - permissions. A @code{deny} ACE will only be enforced if the file - object is stored on a file system supporting the acl type set in - @code{acl_type}. -@end itemize - -@code{gperms} (generic permissions) is a concatenation of zero or more -of the characters shown in the table below. If left empty, -none of the permissions are set. -@c TODO: Should be allowed to set no permissions (empty perms?) - - -@multitable @columnfractions .05 .2 .30 .35 -@headitem Flag @tab Description @tab Semantics on file @tab Semantics on directory - -@item @code{r} @tab Read @tab Read data, permissions, attributes @tab Read -directory contents, permissions, attributes -@item @code{w} @tab Write @tab Write data @tab Create, delete, rename subobjects -@item @code{x} @tab Execute @tab Execute file @tab Access subobjects -@end multitable - - -Note that the @code{r} permission is not neccessary to read an object's -permissions and attributes in all file systems (e.g. in POSIX, having -@code{x} on its containing directory is sufficient). - diff --git a/docs/reference/bodyparts/acl_directory_inherit_example.texinfo b/docs/reference/bodyparts/acl_directory_inherit_example.texinfo deleted file mode 100644 index 2754639781..0000000000 --- a/docs/reference/bodyparts/acl_directory_inherit_example.texinfo +++ /dev/null @@ -1,19 +0,0 @@ - -@verbatim - -body acl template - -{ -acl_method => "overwrite"; -acl_type => "posix"; -acl_default => "access"; - -aces => { - "user:*:rwx:allow", - "group:*:+rw:allow", - "mask:rx:allow", - "all:r" - }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/acl_directory_inherit_notes.texinfo b/docs/reference/bodyparts/acl_directory_inherit_notes.texinfo deleted file mode 100644 index 117b31f07e..0000000000 --- a/docs/reference/bodyparts/acl_directory_inherit_notes.texinfo +++ /dev/null @@ -1,14 +0,0 @@ - - - -Directories have ACLs associated with them, but they also have the -ability to inherit an ACL to sub-objects created within them. POSIX -calls the former ACL type "access ACL" and the latter "default ACL", -and we will use the same terminology. - -The constraint @code{acl_default} gives control over the -default ACL of directories. The default ACL can be left unchanged -(@code{nochange}), empty (@code{clear}), or be explicitly specified -(@code{specify}). In addition, the default ACL can be set equal to the -directory's access ACL (@code{parent}). This has the effect that child -objects of the directory gets the same access ACL as the directory. diff --git a/docs/reference/bodyparts/acl_method_example.texinfo b/docs/reference/bodyparts/acl_method_example.texinfo deleted file mode 100644 index 41fe4fefaa..0000000000 --- a/docs/reference/bodyparts/acl_method_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - -@verbatim - -body acl template - -{ -acl_method => "overwrite"; -acl_type => "posix"; -aces => { "user:*:rw:allow", "group:*:+r:allow", "all:"}; -} - -@end verbatim diff --git a/docs/reference/bodyparts/acl_method_notes.texinfo b/docs/reference/bodyparts/acl_method_notes.texinfo deleted file mode 100644 index c58c522079..0000000000 --- a/docs/reference/bodyparts/acl_method_notes.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - - -When defining an ACL, we can either use an existing ACL as the -starting point, or state all entries of the ACL. If we just care about -one entry, say that the superuser has full access, the @code{method} -constraint can be set to @code{append}, which is the default. This has -the effect that all the existing ACL entries that are not mentioned -will be left unchanged. On the other hand, if @code{method} is set to -@code{overwrite}, the resulting ACL will only contain the mentioned -entries. When doing this, it is important to check that all the -required ACL entries are set, e.g. owning user, group and all in Posix -ACLs. diff --git a/docs/reference/bodyparts/acl_type_example.texinfo b/docs/reference/bodyparts/acl_type_example.texinfo deleted file mode 100644 index de9d438554..0000000000 --- a/docs/reference/bodyparts/acl_type_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body acl template - -{ -acl_type => "ntfs"; -aces => { "user:Administrator:rwx(po)", "user:Auditor:r(o)"}; -} - -@end verbatim diff --git a/docs/reference/bodyparts/acl_type_notes.texinfo b/docs/reference/bodyparts/acl_type_notes.texinfo deleted file mode 100644 index 71960752cc..0000000000 --- a/docs/reference/bodyparts/acl_type_notes.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -ACLs are supported on multiple platforms, which may have different -sets of available permission flags. By using the constraint -@code{acl_type}, we can specify which platform, or ACL API, we are -targeting with the ACL. The default, @code{generic}, is designed to -work on all supported platforms. However, if very specific permission -flags are required, like ``Take Ownership'' on the NTFS platform, we -must set @code{acl_type} to indicate the target platform. Currently, -the supported values are @code{posix} and @code{ntfs}. diff --git a/docs/reference/bodyparts/action_example.texinfo b/docs/reference/bodyparts/action_example.texinfo deleted file mode 100644 index d76ae10bbc..0000000000 --- a/docs/reference/bodyparts/action_example.texinfo +++ /dev/null @@ -1,45 +0,0 @@ - -The following example shows a simple use of transaction control, -causing the promise to be verified as a separate background process. - -@verbatim - -body action background - -{ -action_policy => "warn"; -} - -@end verbatim -In the following example, the action includes the definition of a class -based on the actions that were performed. -@verbatim -bundle edit_line MarkNRoot - { - insert_lines: - - !pw_loaded:: - - "/etc/passwd" - - insert_type => "file", - action => defineclass("pw_loaded"); - - delete_lines: - - pw_loaded:: - - "(mark|root):.*" not_matching => "true"; - - } - -######################################################## - -body action defineclass(c) -{ -promise_repaired => { "$(c)" }; -persist_time => "0"; -} - -@end verbatim - diff --git a/docs/reference/bodyparts/action_notes.texinfo b/docs/reference/bodyparts/action_notes.texinfo deleted file mode 100644 index fb5b278bf3..0000000000 --- a/docs/reference/bodyparts/action_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -The @code{action} settings allow general transaction control to be -implemented on promise verification. Action bodies place limits on how -often to verify the promise and what classes to raise in the case that -the promise can or cannot be kept. - diff --git a/docs/reference/bodyparts/action_policy_example.texinfo b/docs/reference/bodyparts/action_policy_example.texinfo deleted file mode 100644 index cafb88fbcc..0000000000 --- a/docs/reference/bodyparts/action_policy_example.texinfo +++ /dev/null @@ -1,13 +0,0 @@ - -The following example shows a simple use of transaction control, -causing the promise to be verified as a separate background process. - -@verbatim - -body action background - -{ -action_policy => "warn"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/action_policy_notes.texinfo b/docs/reference/bodyparts/action_policy_notes.texinfo deleted file mode 100644 index 576fa8cdc6..0000000000 --- a/docs/reference/bodyparts/action_policy_notes.texinfo +++ /dev/null @@ -1,77 +0,0 @@ - -The @code{action} settings allow general transaction control to be -implemented on promise verification. Action bodies place limits on how -often to verify the promise and what classes to raise in the case that -the promise can or cannot be kept. - -Note that actions can be added to sub-bundles like methods and editing -bundles, and that promises within these do not inherit action settings -at higher levels. Thus, in the following example there are two levels -of action setting: - -@verbatim -######################################################## -# -# Warn if line matched -# -######################################################## - -body common control - -{ -bundlesequence => { "testbundle" }; -} - -######################################################## - -bundle agent testbundle - -{ -files: - - "/var/cfengine/inputs/.*" - - edit_line => DeleteLinesMatching(".*cfenvd.*"), - action => WarnOnly; -} - -######################################################## - -bundle edit_line DeleteLinesMatching(regex) - { - delete_lines: - - "$(regex)" action => WarnOnly; - - } - -######################################################## - -body action WarnOnly -{ -action_policy => "warn"; -} -@end verbatim - -The @code{action} setting for the @code{files} promise means that file -edits will not be committed to disk, only warned about. This is a master-level -promise that overrides anything that happens during the editing. The -@code{action} setting for the edit bundle means that the internal -memory modelling of the file will only warn about changes rather than -committing them to the memory model. This makes little difference to the -end result, but it means that CFEngine will report - -@smallexample -Need to delete line - ... - but only a warning was promised -@end smallexample - -@noindent Instead of - -@smallexample -Deleting the prpomised line ... -Need to save file - but only a warning was promised -@end smallexample - -@noindent In either case, no changes will be made to the disk, but the messages -given by @code{cf-agent} will differ. - diff --git a/docs/reference/bodyparts/addclasses_example.texinfo b/docs/reference/bodyparts/addclasses_example.texinfo deleted file mode 100644 index 519676db11..0000000000 --- a/docs/reference/bodyparts/addclasses_example.texinfo +++ /dev/null @@ -1,16 +0,0 @@ - -Add classes adds global, literal classes. The only predicates available during the control -section are hard-classes. - -@verbatim - -any:: - - addclasses => { "My_Organization" } - -solaris:: - - addclasses => { "some_solaris_alive", "running_on_sunshine" }; - - -@end verbatim diff --git a/docs/reference/bodyparts/addclasses_notes.texinfo b/docs/reference/bodyparts/addclasses_notes.texinfo deleted file mode 100644 index 1125743da0..0000000000 --- a/docs/reference/bodyparts/addclasses_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -Another place to make global aliases for system hardclasses. Classes -here are added unqeuivocally to the system. If classes are used to -predicate definition, then they must be defined in terms of global -hard classes. - diff --git a/docs/reference/bodyparts/admit_example.texinfo b/docs/reference/bodyparts/admit_example.texinfo deleted file mode 100644 index 8b23da008f..0000000000 --- a/docs/reference/bodyparts/admit_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim -access: - - "/home/mark/LapTop" - - admit => { "127.0.0.1", "192.168.0.1/24", ".*\.domain\.tld" }; - -@end verbatim diff --git a/docs/reference/bodyparts/admit_notes.texinfo b/docs/reference/bodyparts/admit_notes.texinfo deleted file mode 100644 index 4d9006356c..0000000000 --- a/docs/reference/bodyparts/admit_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -Admit promises grant access to file objects on the server. Arguments -may be IP addresses or hostnames, provided DNS name resolution is -active. In order to reach this stage, a client must first have passed -all of the standard connection tests in the control body. - -The lists may contain network addresses in CIDR notation or regular -expressions to match the IP address or name of the connecting host. diff --git a/docs/reference/bodyparts/agent_expireafter_example.texinfo b/docs/reference/bodyparts/agent_expireafter_example.texinfo deleted file mode 100644 index 80e8bb49e7..0000000000 --- a/docs/reference/bodyparts/agent_expireafter_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body executor control -{ -agent_expireafter => "120"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/agent_expireafter_notes.texinfo b/docs/reference/bodyparts/agent_expireafter_notes.texinfo deleted file mode 100644 index 2fee7099c6..0000000000 --- a/docs/reference/bodyparts/agent_expireafter_notes.texinfo +++ /dev/null @@ -1,19 +0,0 @@ -@noindent Sets a maximum time on any run of the command in @code{exec_command}. -If no data is received from the pipe opened to the process created with -@code{exec_command} after the time has elapsed, the process gets killed. - -@noindent Note that if you have long-running jobs, they may get killed -with this setting. Therefore, you should ensure it is higher than any run of -@code{cf-agent} that you want to leave alone. Alternatively, you can make -your jobs output something to STDOUT at least as often as this threshold. -This will reset the timer. - -@noindent The setting will effectively allow you to set a threshold on the -number of simultaneous agents that are running. For example, if you set it to -@code{120} and you are using a 5-minute agent schedule, a maximum of -120 / 5 = 24 agents should be enforced. - -@noindent @b{Default value}:@* -@* - -The default value is 10080 minutes (one week). diff --git a/docs/reference/bodyparts/agentaccess_example.texinfo b/docs/reference/bodyparts/agentaccess_example.texinfo deleted file mode 100644 index 249e379b6b..0000000000 --- a/docs/reference/bodyparts/agentaccess_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - - agentaccess => { "mark", "root", "sudo" }; - -@end verbatim diff --git a/docs/reference/bodyparts/agentaccess_notes.texinfo b/docs/reference/bodyparts/agentaccess_notes.texinfo deleted file mode 100644 index f46fa6516e..0000000000 --- a/docs/reference/bodyparts/agentaccess_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -A list of user names that will be allowed to attempt execution of the -current configuration. This is mainly a sanity check rather than a -security measure. - diff --git a/docs/reference/bodyparts/agentfacility_example.texinfo b/docs/reference/bodyparts/agentfacility_example.texinfo deleted file mode 100644 index e8f1645891..0000000000 --- a/docs/reference/bodyparts/agentfacility_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -agentfacility => "LOG_USER"; - -@end verbatim diff --git a/docs/reference/bodyparts/agentfacility_notes.texinfo b/docs/reference/bodyparts/agentfacility_notes.texinfo deleted file mode 100644 index 61cafc466a..0000000000 --- a/docs/reference/bodyparts/agentfacility_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -Sets the agent's syslog facility level. See the manual pages for -syslog. This is ignored on Windows, as CFEngine Nova creates event logs. - diff --git a/docs/reference/bodyparts/allclassesreport_example.texinfo b/docs/reference/bodyparts/allclassesreport_example.texinfo deleted file mode 100644 index 1655d4e996..0000000000 --- a/docs/reference/bodyparts/allclassesreport_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ -@verbatim -body agent control -{ -allclassesreport => "true"; -} -@end verbatim diff --git a/docs/reference/bodyparts/allclassesreport_notes.texinfo b/docs/reference/bodyparts/allclassesreport_notes.texinfo deleted file mode 100644 index 4822e943ae..0000000000 --- a/docs/reference/bodyparts/allclassesreport_notes.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@i{History}: Was introduced in 3.2.0, Nova 2.1.0 (2011) - - -This option determines whether state/allclasses.txt file is written to -disk during agent execution. This functionality is retained only for -CFEngine 2 compatibility as more convenient facilities exist in -CFEngine 3 language to achieve similar results. - -This option is turned off by default. diff --git a/docs/reference/bodyparts/allow_blank_fields_example.texinfo b/docs/reference/bodyparts/allow_blank_fields_example.texinfo deleted file mode 100644 index 5a8000d815..0000000000 --- a/docs/reference/bodyparts/allow_blank_fields_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body edit_field example -{ -# ... -allow_blank_fields => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/allow_blank_fields_notes.texinfo b/docs/reference/bodyparts/allow_blank_fields_notes.texinfo deleted file mode 100644 index 8f95f21da2..0000000000 --- a/docs/reference/bodyparts/allow_blank_fields_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - - -When editing a file using the field or column model, blank fields, especially -at the start and end are generally discarded. If this is set to true, CFEngine -will retain the blank fields and print the appropriate number of field separators. - - diff --git a/docs/reference/bodyparts/allowallconnects_example.texinfo b/docs/reference/bodyparts/allowallconnects_example.texinfo deleted file mode 100644 index 9760c54319..0000000000 --- a/docs/reference/bodyparts/allowallconnects_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - -@verbatim - -allowallconnects => { - "127.0.0.1", - "::1", - "200\.1\.10\..*", - "host\.domain\.tld", - "host[0-9]+\.domain\.com" - }; - -@end verbatim diff --git a/docs/reference/bodyparts/allowallconnects_notes.texinfo b/docs/reference/bodyparts/allowallconnects_notes.texinfo deleted file mode 100644 index 398181f320..0000000000 --- a/docs/reference/bodyparts/allowallconnects_notes.texinfo +++ /dev/null @@ -1,16 +0,0 @@ - -This list of regular expressions matches hosts that are allowed to -connect an umlimited number of times up to the maximum connection -limit. Without this, a host may only connect once (which is a very -strong constraint, as the host must wait for the TCP FIN_WAIT to -expire before reconnection can be attempted). - -In CFEngine 2 this corresponds to @code{AllowMultipleConnectionsFrom}. - -Note that @code{127.0.0.1} is a regular expression (i.e., ``127 any character -0 any character 0 any character 1''), but this will only match the IP address -@code{127.0.0.1}. Take care with IP addresses and domain names, as the -hostname regular expression @code{www.domain.com} will potentially match more -than one hostname (e.g., @code{wwwxdomain.com}, in addition to the desired -hostname @code{www.domain.com}). - diff --git a/docs/reference/bodyparts/allowconnects_example.texinfo b/docs/reference/bodyparts/allowconnects_example.texinfo deleted file mode 100644 index 059ccbd03e..0000000000 --- a/docs/reference/bodyparts/allowconnects_example.texinfo +++ /dev/null @@ -1,13 +0,0 @@ - -@verbatim - -allowconnects => { - "127.0.0.1", - "::1", - "200\.1\.10\..*", - "host\.domain\.tld", - "host[0-9]+\.domain\.com" - }; - -@end verbatim - diff --git a/docs/reference/bodyparts/allowconnects_notes.texinfo b/docs/reference/bodyparts/allowconnects_notes.texinfo deleted file mode 100644 index 0d53e03253..0000000000 --- a/docs/reference/bodyparts/allowconnects_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -If a client's identity matches an entry in this list it is granted to -permission to send data to the server port. Clients who are not in this -list may not connect or send data to the server. - -See also the warning about regular expressions in @code{allowallconnects}. diff --git a/docs/reference/bodyparts/allowusers_example.texinfo b/docs/reference/bodyparts/allowusers_example.texinfo deleted file mode 100644 index 2bb13eeead..0000000000 --- a/docs/reference/bodyparts/allowusers_example.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - - -@verbatim - -allowusers => { "cfengine", "root" }; - -@end verbatim diff --git a/docs/reference/bodyparts/allowusers_notes.texinfo b/docs/reference/bodyparts/allowusers_notes.texinfo deleted file mode 100644 index 05550c1277..0000000000 --- a/docs/reference/bodyparts/allowusers_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -The usernames listed in this list are those asserted as public key -identities during client-server connections. These may or may not -correspond to system identities on the server-side system. - diff --git a/docs/reference/bodyparts/alwaysvalidate_example.texinfo b/docs/reference/bodyparts/alwaysvalidate_example.texinfo deleted file mode 100644 index 8a6cb42a92..0000000000 --- a/docs/reference/bodyparts/alwaysvalidate_example.texinfo +++ /dev/null @@ -1,13 +0,0 @@ - -@verbatim - -body agent control -{ -Min00_05:: - - # revalidate once per hour, regardless of change in configuration - - alwaysvalidate => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/alwaysvalidate_notes.texinfo b/docs/reference/bodyparts/alwaysvalidate_notes.texinfo deleted file mode 100644 index 761af2b453..0000000000 --- a/docs/reference/bodyparts/alwaysvalidate_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -@i{History}: Was introduced in version 3.1.2,Nova 2.0.1 (2010) - -The agents @code{cf-agent}, and @code{cfserverd} etc can run @code{cf-promises} to validate -inputs before attempting to execute a configuration. As of version 3.1.2 core, this only -happens if the configuration file has changed to save CPU cycles. When this attribute is set, -@code{cf-agent} will force a revalidation of the input. diff --git a/docs/reference/bodyparts/and_example.texinfo b/docs/reference/bodyparts/and_example.texinfo deleted file mode 100644 index fffad2e7dd..0000000000 --- a/docs/reference/bodyparts/and_example.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -@verbatim - -classes: - - "compound_class" and => { classmatch("host[0-9].*"), "Monday", "Hr02" }; - -@end verbatim diff --git a/docs/reference/bodyparts/and_notes.texinfo b/docs/reference/bodyparts/and_notes.texinfo deleted file mode 100644 index 01ca3a3197..0000000000 --- a/docs/reference/bodyparts/and_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -If an expression contains a mixture of different object types that -need to be ANDed together, this list form is more convenient than -providing an expression. If all of the class expressions listed in the -RHS match, then the class on the LHS is defined. diff --git a/docs/reference/bodyparts/args_example.texinfo b/docs/reference/bodyparts/args_example.texinfo deleted file mode 100644 index f50d618f19..0000000000 --- a/docs/reference/bodyparts/args_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -commands: - - "/bin/echo one" - - args => "two three"; - -@end verbatim diff --git a/docs/reference/bodyparts/args_notes.texinfo b/docs/reference/bodyparts/args_notes.texinfo deleted file mode 100644 index 86f045e046..0000000000 --- a/docs/reference/bodyparts/args_notes.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -Sometimes it is convenient to separate the arguments to a command from -the command itself. The final arguments are the concatenation with one -space. So in the example above the command would be - -@verbatim - - /bin/echo one two three - -@end verbatim - diff --git a/docs/reference/bodyparts/associates_example.texinfo b/docs/reference/bodyparts/associates_example.texinfo deleted file mode 100644 index 967b064fa1..0000000000 --- a/docs/reference/bodyparts/associates_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - - -@verbatim - -body association example(literal,scalar,list) - -{ -#... -associates => { "literal", $(scalar), @(list)}; -} - -@end verbatim diff --git a/docs/reference/bodyparts/associates_notes.texinfo b/docs/reference/bodyparts/associates_notes.texinfo deleted file mode 100644 index c24badf443..0000000000 --- a/docs/reference/bodyparts/associates_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -An element of an association which is a list of topics to which the -current topic is associated. diff --git a/docs/reference/bodyparts/atime_example.texinfo b/docs/reference/bodyparts/atime_example.texinfo deleted file mode 100644 index 41d12a7942..0000000000 --- a/docs/reference/bodyparts/atime_example.texinfo +++ /dev/null @@ -1,20 +0,0 @@ - -@verbatim -body file_select used_recently -{ - -# files accessed within the last hour -atime => irange(ago(0,0,0,1,0,0),now); -file_result => "atime"; -} - - -body file_select not_used_much - -{ -# files not accessed since 00:00 1st Jan 2000 (in the local timezime) -atime => irange(on(2000,1,1,0,0,0),now); -file_result => "!atime"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/atime_notes.texinfo b/docs/reference/bodyparts/atime_notes.texinfo deleted file mode 100644 index 882112c770..0000000000 --- a/docs/reference/bodyparts/atime_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -A range of times during which a file was accessed can be specified in -a @code{file_select} body. (Like file filters in CFEngine 2.) - diff --git a/docs/reference/bodyparts/attribute_value_example.texinfo b/docs/reference/bodyparts/attribute_value_example.texinfo deleted file mode 100644 index 0e1ec83cdc..0000000000 --- a/docs/reference/bodyparts/attribute_value_example.texinfo +++ /dev/null @@ -1,7 +0,0 @@ -@verbatim - -body attribute_value example(s) -{ -attribute_value => "$(s)"; -} -@end verbatim diff --git a/docs/reference/bodyparts/attribute_value_notes.texinfo b/docs/reference/bodyparts/attribute_value_notes.texinfo deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/reference/bodyparts/audit_example.texinfo b/docs/reference/bodyparts/audit_example.texinfo deleted file mode 100644 index a19730ee28..0000000000 --- a/docs/reference/bodyparts/audit_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body action example -{ -# ... - -audit => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/audit_notes.texinfo b/docs/reference/bodyparts/audit_notes.texinfo deleted file mode 100644 index 03b7e13738..0000000000 --- a/docs/reference/bodyparts/audit_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - - -If this is set, CFEngine will perform auditing on this specific -promise. This means that all details surrounding the verification of -the current promise will be recorded in the audit database. The -database may be inspected with @code{cf-report}, or @code{cfshow} in -CFEngine 2. - diff --git a/docs/reference/bodyparts/auditing_example.texinfo b/docs/reference/bodyparts/auditing_example.texinfo deleted file mode 100644 index e337dd7773..0000000000 --- a/docs/reference/bodyparts/auditing_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -auditing => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/auditing_notes.texinfo b/docs/reference/bodyparts/auditing_notes.texinfo deleted file mode 100644 index cb46ab8b3a..0000000000 --- a/docs/reference/bodyparts/auditing_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - - -If this is set, CFEngine will perform auditing on promises in the -current configuration. This means that all details surrounding the -verification of the current promise will be recorded in the audit -database. The database may be inspected with @code{cf-report}, or -@code{cfshow} in CFEngine 2. diff --git a/docs/reference/bodyparts/authorize_example.texinfo b/docs/reference/bodyparts/authorize_example.texinfo deleted file mode 100644 index a76c177167..0000000000 --- a/docs/reference/bodyparts/authorize_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - - -@verbatim - -roles: - - ".*" authorize => { "mark", "marks_friend" }; - -@end verbatim diff --git a/docs/reference/bodyparts/authorize_notes.texinfo b/docs/reference/bodyparts/authorize_notes.texinfo deleted file mode 100644 index f76bb20c45..0000000000 --- a/docs/reference/bodyparts/authorize_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -Part of Role Based Access Control (RBAC) in CFEngine. The users listed -in this section are granted access to set certain classes by using the -remote @code{cf-runagent}. The user-names will refer to public key -identities already trusted on the system. diff --git a/docs/reference/bodyparts/background_children_example.texinfo b/docs/reference/bodyparts/background_children_example.texinfo deleted file mode 100644 index 4aa17805c5..0000000000 --- a/docs/reference/bodyparts/background_children_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body runagent control -{ -background_children => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/background_children_notes.texinfo b/docs/reference/bodyparts/background_children_notes.texinfo deleted file mode 100644 index 88b1de1877..0000000000 --- a/docs/reference/bodyparts/background_children_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -Causes the runagent to attempt parallelized connections to the servers. diff --git a/docs/reference/bodyparts/background_example.texinfo b/docs/reference/bodyparts/background_example.texinfo deleted file mode 100644 index 05977fe86c..0000000000 --- a/docs/reference/bodyparts/background_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body action example -{ -background => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/background_notes.texinfo b/docs/reference/bodyparts/background_notes.texinfo deleted file mode 100644 index d23bed88a6..0000000000 --- a/docs/reference/bodyparts/background_notes.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -If possible, perform the verification of the current promise in the background. -This is advantageous only if the verification might take a significant -amount of time, e.g. in remote copying of filesystem/disk scans. - -On the windows version of CFEngine Nova, this can be useful if we -don't want to wait for a particular command to finish execution before -checking the next promise. This is particular for the windows platform -because there is no way that a program can start itself in the -background here (i.e. fork off a child process). However, file -operations can not be performed in the background on windows. diff --git a/docs/reference/bodyparts/before_after_example.texinfo b/docs/reference/bodyparts/before_after_example.texinfo deleted file mode 100644 index 7f618545b1..0000000000 --- a/docs/reference/bodyparts/before_after_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body location append - -{ -#... -before_after => "before"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/before_after_notes.texinfo b/docs/reference/bodyparts/before_after_notes.texinfo deleted file mode 100644 index 58115da65f..0000000000 --- a/docs/reference/bodyparts/before_after_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -Determines whether an edit will occur before or after the currently -matched line. diff --git a/docs/reference/bodyparts/binarypaddingchar_example.texinfo b/docs/reference/bodyparts/binarypaddingchar_example.texinfo deleted file mode 100644 index 10ca46b487..0000000000 --- a/docs/reference/bodyparts/binarypaddingchar_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -binarypaddingchar => "#"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/binarypaddingchar_notes.texinfo b/docs/reference/bodyparts/binarypaddingchar_notes.texinfo deleted file mode 100644 index 18efaea6af..0000000000 --- a/docs/reference/bodyparts/binarypaddingchar_notes.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -When editing binary files, it can be dangerous to replace a text -string with one that is longer or shorter as byte references and jumps -would be destroyed. CFEngine will therefore not allow replacements that -are larger in size than the original, but shorter strings can be padded -out to the same length. - -@noindent @b{Default value}:@* - -The @code{binarypaddingchar} defaults to the empty string (i.e., no padding) diff --git a/docs/reference/bodyparts/bindtointerface_example.texinfo b/docs/reference/bodyparts/bindtointerface_example.texinfo deleted file mode 100644 index 00444f240e..0000000000 --- a/docs/reference/bodyparts/bindtointerface_example.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - - -@verbatim - -bindtointerface => "192.168.1.1"; - -@end verbatim diff --git a/docs/reference/bodyparts/bindtointerface_notes.texinfo b/docs/reference/bodyparts/bindtointerface_notes.texinfo deleted file mode 100644 index 432b17cc21..0000000000 --- a/docs/reference/bodyparts/bindtointerface_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -On multi-homed hosts, the server and client can bind -to a specific interface for server traffic. The IP address -of the interface must be given as the argument, not the device name. diff --git a/docs/reference/bodyparts/bsdflags_example.texinfo b/docs/reference/bodyparts/bsdflags_example.texinfo deleted file mode 100644 index 1052df74a3..0000000000 --- a/docs/reference/bodyparts/bsdflags_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body perms example - -{ -bsdflags => { "uappnd","uchg","uunlnk","nodump", - "opaque","sappnd","schg","sunlnk" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/bsdflags_notes.texinfo b/docs/reference/bodyparts/bsdflags_notes.texinfo deleted file mode 100644 index 7f3c63382f..0000000000 --- a/docs/reference/bodyparts/bsdflags_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -The BSD Unices (FreeBSD, OpenBSD, NetBSD) and MacOSX have additional -filesystem flags which can be set. Refer to the BSD @code{chflags} -documentation for this. diff --git a/docs/reference/bodyparts/build_xpath_example.texinfo b/docs/reference/bodyparts/build_xpath_example.texinfo deleted file mode 100644 index 1bde002bd5..0000000000 --- a/docs/reference/bodyparts/build_xpath_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body build_xpath example(s) - { - build_xpath => "$(s)"; - } - -@end verbatim diff --git a/docs/reference/bodyparts/build_xpath_notes.texinfo b/docs/reference/bodyparts/build_xpath_notes.texinfo deleted file mode 100644 index ac35b3fbde..0000000000 --- a/docs/reference/bodyparts/build_xpath_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -Please note that when @code{build_xpath} is defined as an attribute, within -an @code{edit_xml} promise body, the tree described by the specified XPath will -be verified and built BEFORE other @code{edit_xml} promises within same promise -body. Therefore, the file will not be empty during the execution of such promises. diff --git a/docs/reference/bodyparts/bundle_return_value_index_example.texinfo b/docs/reference/bodyparts/bundle_return_value_index_example.texinfo deleted file mode 100644 index 515a0f3bb4..0000000000 --- a/docs/reference/bodyparts/bundle_return_value_index_example.texinfo +++ /dev/null @@ -1,40 +0,0 @@ - -@verbatim -body common control -{ -bundlesequence => { "test" }; -} - - -bundle agent test -{ -methods: - - "any" usebundle => child, - useresult => "my_return_var"; - - -reports: - - cfengine_3:: - - "My return was: \"$(my_return_var[1])\" and \"$(my_return_var[2])\""; - -} - -bundle agent child -{ -reports: - - cfengine_3:: - - # Map these indices into the useresult namespace - - "this is a return value" - bundle_return_value_index => "1"; - - "this is another return value" - bundle_return_value_index => "2"; - -} -@end verbatim diff --git a/docs/reference/bodyparts/bundle_return_value_index_notes.texinfo b/docs/reference/bodyparts/bundle_return_value_index_notes.texinfo deleted file mode 100644 index c5639439c0..0000000000 --- a/docs/reference/bodyparts/bundle_return_value_index_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -@i{History}: Was introduced in 3.4.0 (2012) - -It is currently believed that only scalar return values make sense, hence -return values are limited to scalars. diff --git a/docs/reference/bodyparts/bundlesequence_example.texinfo b/docs/reference/bodyparts/bundlesequence_example.texinfo deleted file mode 100644 index 473eb67ae7..0000000000 --- a/docs/reference/bodyparts/bundlesequence_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - -@verbatim -body common control - -{ -bundlesequence => { - update("policy_host.domain.tld"), - "main", - "cfengine2" - }; -} -@end verbatim diff --git a/docs/reference/bodyparts/bundlesequence_notes.texinfo b/docs/reference/bodyparts/bundlesequence_notes.texinfo deleted file mode 100644 index fcba2418e5..0000000000 --- a/docs/reference/bodyparts/bundlesequence_notes.texinfo +++ /dev/null @@ -1,57 +0,0 @@ - -The @code{bundlesequence} determines which of the compiled bundles -will be executed and in what order they will be executed. The list -refers to the names of bundles (which might be parameterized -function-like objects). - -The order in which you execute bundles can affect the outcome of your -promises. In general you should always define variables before you use them. - -The @code{bundlesequence} is like a genetic makeup of a machine. The bundles -act like characteristics of the systems. If you want different systems to have -different bundlesequences, distinguish them with classes: - -@verbatim -webservers:: - - bundlesequence => { "main", "web" }; - -others:: - - bundlesequence => { "main", "otherstuff" }; - -@end verbatim - -If you want to add a basic common sequence to all sequences, then use -global variable lists to do this: - -@verbatim -body common control -{ -webservers:: - - bundlesequence => { @(g.bs), "web" }; - -others:: - - bundlesequence => { @(g.bs), "otherstuff" }; - -} - -bundle common g -{ -vars: - - "bs" slist => { "main", "basic_stuff" }; -} - -@end verbatim - -@noindent @b{Default value}:@* -@* - -There is no default value for @code{bundlesequence}, and the absence of a -@code{bundlesequence} will cause a compilation error. A bundlesequence may -also be specified using the @code{-b} or @code{--bundlesequence} command line -option. - diff --git a/docs/reference/bodyparts/call_collect_interval_example.texinfo b/docs/reference/bodyparts/call_collect_interval_example.texinfo deleted file mode 100644 index 7714c02bb8..0000000000 --- a/docs/reference/bodyparts/call_collect_interval_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -call_collect_interval => "5"; - -@end verbatim diff --git a/docs/reference/bodyparts/call_collect_interval_notes.texinfo b/docs/reference/bodyparts/call_collect_interval_notes.texinfo deleted file mode 100644 index d930543e0d..0000000000 --- a/docs/reference/bodyparts/call_collect_interval_notes.texinfo +++ /dev/null @@ -1,89 +0,0 @@ - -@i{History}: Was introduced in 3.4.0, Enterprise 3.0.0 (2012) - -If option time is set, it causes the server daemon to peer with a policy -hub by attempting a connection at regular intervals of the value of the -parameter in minutes. - -This feature is designed to allow Enterprise report collection from -hosts that are not directly addressable from a hub data-aggregation -process. For example, if some of the clients of a policy hub are -behind a network address translator then the hub is not able to open a -channel to address them directly. The effect is to place a `collect -call' with the policy hub. - -If this option is set, the client's cf-serverd will `peer' with the -server daemon on a policy hub. This means that, cf-serverd on an -unreachable (e.g. NATed) host will attempt to report in to the -cf-serverd on its assigned policy hub and offer it a short time window -in which to download reports over the established connection. The -effect is to establish a temporary secure tunnel between hosts, -initiated from the satellite host end. The connection is made in such -a way that host autonomy is not compromised. Either hub may refuse or -decline to play their role at any time, in the usual way (avoiding DOS -attacks). Normal access controls must be set for communication in both -directions. - -Collect calling cannot be as efficient as data collection by the -cf-hub, as the hub is not able to load balance. Hosts that use this -approach should exclude themselves from the cf-hub data collection. - -The sequence of events is this: - -@itemize -@item Satellite cf-serverd connects to its registered policy hub -@item The satellite indentifies itself to authentication and access control -and sends a collect-call `pull' request to the hub -@item The hub might honour this, if the access control grants access. -@item If access is granted, the hub has @code{collect_window} seconds -to initiate a query to the satellite for its reports. -@item The policy hub indentifies itself to authentication and access control -and sends a query request to the hub to collect the reports. -@item When finished the satellite closes the tunnel. -@end itemize - -The full configuration would look something like this -@verbatim - -######################################################### -# Server config -######################################################### - -body server control - -{ -allowconnects => { "10.10.10" , "::1" }; -allowallconnects => { "10.10.10" , "::1" }; -trustkeysfrom => { "10.10.10" , "::1" }; - -call_collect_interval => "5"; -} - -######################################################### - -bundle server access_rules() - -{ -access: - - policy_hub:: - - "collect_calls" - resource_type => "query", - admit => { "10.10.10" }; # the apparent NAT address of the satellite - - satellite_hosts:: - - "delta" - comment => "Grant access to cfengine hub to collect report deltas", - resource_type => "query", - admit => { "policy_hub" }; - - "full" - comment => "Grant access to cfengine hub to collect full report dump", - resource_type => "query", - admit => { "policy_hub" }; -} - - -@end verbatim diff --git a/docs/reference/bodyparts/cancel_kept_example.texinfo b/docs/reference/bodyparts/cancel_kept_example.texinfo deleted file mode 100644 index 28f2f473bb..0000000000 --- a/docs/reference/bodyparts/cancel_kept_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body classes example -{ -cancel_kept => { "success", "kaplah" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/cancel_kept_notes.texinfo b/docs/reference/bodyparts/cancel_kept_notes.texinfo deleted file mode 100644 index 617c8ca37f..0000000000 --- a/docs/reference/bodyparts/cancel_kept_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -If the promise was already kept and nothing was done, cancel (undefine) any of -the listed classes so that they are no longer defined. - -Note that any strings passed to this list are automatically -canonified, so it is unecessary to call a canonify function on such inputs. - -@b{History}: This attribute was introduced in CFEngine version 3.0.4 (2010) diff --git a/docs/reference/bodyparts/cancel_notkept_example.texinfo b/docs/reference/bodyparts/cancel_notkept_example.texinfo deleted file mode 100644 index c79671fbd2..0000000000 --- a/docs/reference/bodyparts/cancel_notkept_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body classes example -{ -cancel_notkept => { "failure" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/cancel_notkept_notes.texinfo b/docs/reference/bodyparts/cancel_notkept_notes.texinfo deleted file mode 100644 index ad6086232c..0000000000 --- a/docs/reference/bodyparts/cancel_notkept_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -If the promise was not kept but nothing could be done, cancel (undefine) -any of the listed classes so that they are no longer defined. - -Note that any strings passed to this list are automatically -canonified, so it is unecessary to call a canonify function on such inputs. - -@b{History}: This attribute was introduced in CFEngine version 3.0.4 (2010) diff --git a/docs/reference/bodyparts/cancel_repaired_example.texinfo b/docs/reference/bodyparts/cancel_repaired_example.texinfo deleted file mode 100644 index fcd791683d..0000000000 --- a/docs/reference/bodyparts/cancel_repaired_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body classes example -{ -cancel_repaired => { "change_happened" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/cancel_repaired_notes.texinfo b/docs/reference/bodyparts/cancel_repaired_notes.texinfo deleted file mode 100644 index 5c7a168188..0000000000 --- a/docs/reference/bodyparts/cancel_repaired_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -If the promise was repaired and changes were made to the system, -cancel (undefine) any of the listed classes so that they are no longer defined. - -Note that any strings passed to this list are automatically -canonified, so it is unecessary to call a canonify function on such inputs. - -@b{History}: This attribute was introduced in CFEngine version 3.0.4 (2010) diff --git a/docs/reference/bodyparts/cfruncommand_example.texinfo b/docs/reference/bodyparts/cfruncommand_example.texinfo deleted file mode 100644 index 420def7ad7..0000000000 --- a/docs/reference/bodyparts/cfruncommand_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body server control - -{ -cfruncommand => "/var/cfengine/bin/cf-agent"; -} - - -@end verbatim diff --git a/docs/reference/bodyparts/cfruncommand_notes.texinfo b/docs/reference/bodyparts/cfruncommand_notes.texinfo deleted file mode 100644 index 83147fcc52..0000000000 --- a/docs/reference/bodyparts/cfruncommand_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -It is normal for this to point to the location of @code{cf-agent} but -it could also point to the @code{cf-execd}, or even another program or -shell command at your own risk. diff --git a/docs/reference/bodyparts/chdir_example.texinfo b/docs/reference/bodyparts/chdir_example.texinfo deleted file mode 100644 index 371641de8e..0000000000 --- a/docs/reference/bodyparts/chdir_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body contain example - -{ -chdir => "/containment/directory"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/chdir_notes.texinfo b/docs/reference/bodyparts/chdir_notes.texinfo deleted file mode 100644 index 43d273fe7f..0000000000 --- a/docs/reference/bodyparts/chdir_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -This command has the effect of placing the running command into a current working -directory equal to the parameter given, i.e. it works like the @samp{cd} shell command. diff --git a/docs/reference/bodyparts/check_foreign_example.texinfo b/docs/reference/bodyparts/check_foreign_example.texinfo deleted file mode 100644 index 632f562818..0000000000 --- a/docs/reference/bodyparts/check_foreign_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body volume example - -{ -#.. -check_foreign => "false"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/check_foreign_notes.texinfo b/docs/reference/bodyparts/check_foreign_notes.texinfo deleted file mode 100644 index 12780bb4e2..0000000000 --- a/docs/reference/bodyparts/check_foreign_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -CFEngine will not normally perform sanity checks on filesystems which -are not local to the host. If @code{true} it will ignore a partition's -network location and ask the current host to verify storage located -physically on other systems. diff --git a/docs/reference/bodyparts/check_root_example.texinfo b/docs/reference/bodyparts/check_root_example.texinfo deleted file mode 100644 index ba7d82537e..0000000000 --- a/docs/reference/bodyparts/check_root_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body copy_from example -{ -check_root => "true"; -} - -@end verbatim - diff --git a/docs/reference/bodyparts/check_root_notes.texinfo b/docs/reference/bodyparts/check_root_notes.texinfo deleted file mode 100644 index 49bfd864b1..0000000000 --- a/docs/reference/bodyparts/check_root_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -When copying files recursively (by depth search), this flag determines -whether the permissions of the root directory should be set from the -root of the source. The default is to check only copied file objects -and subdirectories within this root (false). diff --git a/docs/reference/bodyparts/checksum_alert_time_example.texinfo b/docs/reference/bodyparts/checksum_alert_time_example.texinfo deleted file mode 100644 index 55bbd391ad..0000000000 --- a/docs/reference/bodyparts/checksum_alert_time_example.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -@verbatim -body agent control -{ -checksum_alert_time => "30"; -} -@end verbatim diff --git a/docs/reference/bodyparts/checksum_alert_time_notes.texinfo b/docs/reference/bodyparts/checksum_alert_time_notes.texinfo deleted file mode 100644 index c8b202879d..0000000000 --- a/docs/reference/bodyparts/checksum_alert_time_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -When checksum changes trigger an alert, this is registered as a persistent class. -This value determines the longevity of that class. diff --git a/docs/reference/bodyparts/childlibpath_example.texinfo b/docs/reference/bodyparts/childlibpath_example.texinfo deleted file mode 100644 index 8e2a7cd9a9..0000000000 --- a/docs/reference/bodyparts/childlibpath_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -childlibpath => "/usr/local/lib:/usr/local/gnu/lib"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/childlibpath_notes.texinfo b/docs/reference/bodyparts/childlibpath_notes.texinfo deleted file mode 100644 index b85ffe56bf..0000000000 --- a/docs/reference/bodyparts/childlibpath_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -This string may be used to set the internal @code{LD_LIBRARY_PATH} -environment of the agent. diff --git a/docs/reference/bodyparts/chroot_example.texinfo b/docs/reference/bodyparts/chroot_example.texinfo deleted file mode 100644 index 41f9de40b6..0000000000 --- a/docs/reference/bodyparts/chroot_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body contain example - -{ -chroot => "/private/path"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/chroot_notes.texinfo b/docs/reference/bodyparts/chroot_notes.texinfo deleted file mode 100644 index ee9b474765..0000000000 --- a/docs/reference/bodyparts/chroot_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -Sets the path of the directory that will be experienced as the top-most -root directory for the process. In security parlance, this creates -a `sandbox' for the process. Windows does not support this feature. diff --git a/docs/reference/bodyparts/collapse_destination_dir_example.texinfo b/docs/reference/bodyparts/collapse_destination_dir_example.texinfo deleted file mode 100644 index ad3e891e92..0000000000 --- a/docs/reference/bodyparts/collapse_destination_dir_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - -@verbatim - -body copy_from mycopy(from,server) - -{ -source => "$(from)"; -servers => { "$(server)" }; -collapse_destination_dir => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/collapse_destination_dir_notes.texinfo b/docs/reference/bodyparts/collapse_destination_dir_notes.texinfo deleted file mode 100644 index 55a63c1f3a..0000000000 --- a/docs/reference/bodyparts/collapse_destination_dir_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -Under normal operations, recursive copies cause CFEngine to track subdirectories -of files. So, for instance, if we copy recurively from @file{src} to @file{dest}, -then @file{src/subdir/file} will map to @file{dest/subdir/file}. - -By setting this option to @samp{true}, the promiser destination -directory promises to aggregate files searched from all subdirectories -into itself, i.e. a single destination directory. diff --git a/docs/reference/bodyparts/collect_window_example.texinfo b/docs/reference/bodyparts/collect_window_example.texinfo deleted file mode 100644 index 3fb7f6ca07..0000000000 --- a/docs/reference/bodyparts/collect_window_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -collect_window => "15"; - -@end verbatim diff --git a/docs/reference/bodyparts/collect_window_notes.texinfo b/docs/reference/bodyparts/collect_window_notes.texinfo deleted file mode 100644 index e6adaf2212..0000000000 --- a/docs/reference/bodyparts/collect_window_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -@i{History}: Was introduced in 3.4.0, Enterprise 3.0.0 (2012) - -The time is measured in seconds, default value 10s. diff --git a/docs/reference/bodyparts/command_example.texinfo b/docs/reference/bodyparts/command_example.texinfo deleted file mode 100644 index a669784ec0..0000000000 --- a/docs/reference/bodyparts/command_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - -@verbatim - -body process_select example - -{ -command => "cf-.*"; - -process_result => "command"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/command_notes.texinfo b/docs/reference/bodyparts/command_notes.texinfo deleted file mode 100644 index ba47c46455..0000000000 --- a/docs/reference/bodyparts/command_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -This expression should match the entire @code{COMMAND} field of the -process table (not just a fragment). This field is usually the last -field on the line and thus starts with the first non-space character -and ends with the end of line. diff --git a/docs/reference/bodyparts/comment_example.texinfo b/docs/reference/bodyparts/comment_example.texinfo deleted file mode 100644 index f461ba9719..0000000000 --- a/docs/reference/bodyparts/comment_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -comment => "This comment follows the data for reference ...", - -@end verbatim diff --git a/docs/reference/bodyparts/comment_notes.texinfo b/docs/reference/bodyparts/comment_notes.texinfo deleted file mode 100644 index 766ef18bd6..0000000000 --- a/docs/reference/bodyparts/comment_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -Comments written in code follow the program, they are not merely discarded. -They appear in reports and error messages. diff --git a/docs/reference/bodyparts/compare_example.texinfo b/docs/reference/bodyparts/compare_example.texinfo deleted file mode 100644 index 053eb84dbd..0000000000 --- a/docs/reference/bodyparts/compare_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - - -@verbatim - -body copy_from example - -{ -compare => "digest"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/compare_notes.texinfo b/docs/reference/bodyparts/compare_notes.texinfo deleted file mode 100644 index 1889c7a724..0000000000 --- a/docs/reference/bodyparts/compare_notes.texinfo +++ /dev/null @@ -1,43 +0,0 @@ - -The default copy method is @samp{mtime} (modification time), meaning that -the source file is copied to the destination (promiser) file, if the -source file has been modified more recently than the destination. - -The different options are: -@itemize -@item -@code{mtime} CFEngine copies the file if the modification time of the source -file is more recent than that of the promised file - -@item -@code{ctime} CFEngine copies the file if the creation time of the source file -is more recent than that of the promised file - -@item -@code{atime} CFEngine copies the file if the modification time or creation -time of the source file is more recent than that of the promised file. If the -times are equal, a byte-for-bye comparison is done on the files to determine -if it needs to be copied. - -@item -@code{exists} CFEngine copies the file if the promised file does not already -exist. - -@item -@code{binary} CFEngine copies the file if they are both plain files and a -byte-for-byte comparison determines that they are different. If both are not -plain files, CFEngine reverts to comparing the @code{mtime} and @code{ctime} -of the files. If the source file is on a different machine (i.e., network -copy), then @code{hash} is used instead to reduce network bandwidth. - -@item -@code{hash} CFEngine copies the file if they are both plain files and a -message digest comparison indicates that the files are different. In -Enterprise versions of CFEngine version 3.1.0 and later, SHA256 is used as a -message digest hash to conform with FIPS; in older Enterprise versions of -CFEngine and all Community versions, MD5 is used. - -@item -@code{digest} a synonym for @code{hash} - -@end itemize diff --git a/docs/reference/bodyparts/copy_backup_example.texinfo b/docs/reference/bodyparts/copy_backup_example.texinfo deleted file mode 100644 index 7adbf1a838..0000000000 --- a/docs/reference/bodyparts/copy_backup_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body copy_from example -{ -copy_backup => "timestamp"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/copy_backup_notes.texinfo b/docs/reference/bodyparts/copy_backup_notes.texinfo deleted file mode 100644 index 75d733b1cc..0000000000 --- a/docs/reference/bodyparts/copy_backup_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -Determines whether a backup of the previous version is kept on the -system. This should be viewed in connection with the system repository, -since a defined repository affects the location at which the backup -is stored. See -@ref{default_repository in agent, ,default_repository} and -@ref{repository in files, ,repository} for further details. diff --git a/docs/reference/bodyparts/copy_patterns_example.texinfo b/docs/reference/bodyparts/copy_patterns_example.texinfo deleted file mode 100644 index 010ec796fe..0000000000 --- a/docs/reference/bodyparts/copy_patterns_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body link_from example -{ -copy_patterns => { "special_node1", "/path/special_node2" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/copy_patterns_notes.texinfo b/docs/reference/bodyparts/copy_patterns_notes.texinfo deleted file mode 100644 index edae69024c..0000000000 --- a/docs/reference/bodyparts/copy_patterns_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -During the linking of files, it is sometimes useful to buffer changes -with an actual copy, especially if the link is to an emphemeral file -system. This list of patterns matches files that arise during a -linking policy. A positive match means that the file should be copied -and updated by modification time. diff --git a/docs/reference/bodyparts/copy_size_example.texinfo b/docs/reference/bodyparts/copy_size_example.texinfo deleted file mode 100644 index b05a6c82ce..0000000000 --- a/docs/reference/bodyparts/copy_size_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body copy_from example -{ -copy_size => irange("0","50000"); -} - -@end verbatim diff --git a/docs/reference/bodyparts/copy_size_notes.texinfo b/docs/reference/bodyparts/copy_size_notes.texinfo deleted file mode 100644 index e6bac7c9f0..0000000000 --- a/docs/reference/bodyparts/copy_size_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -The use of the irange function is optional. Ranges may also be -specified as a comma separated numbers. diff --git a/docs/reference/bodyparts/copylink_patterns_example.texinfo b/docs/reference/bodyparts/copylink_patterns_example.texinfo deleted file mode 100644 index 2fe2b1b3fd..0000000000 --- a/docs/reference/bodyparts/copylink_patterns_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body copy_from example -{ -copylink_patterns => { "special_node1", "other_node.*" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/copylink_patterns_notes.texinfo b/docs/reference/bodyparts/copylink_patterns_notes.texinfo deleted file mode 100644 index c252a3a74b..0000000000 --- a/docs/reference/bodyparts/copylink_patterns_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - - -The matches are performed on the last node of the filename, i.e. the -file without its path. As windows does not support symbolic links, -this feature is not available there. diff --git a/docs/reference/bodyparts/create_example.texinfo b/docs/reference/bodyparts/create_example.texinfo deleted file mode 100644 index 7dde34afe7..0000000000 --- a/docs/reference/bodyparts/create_example.texinfo +++ /dev/null @@ -1,15 +0,0 @@ - -@verbatim - -files: - - "/path/plain_file" - - create => "true"; - - "/path/dir/." - - create => "true"; - -@end verbatim - diff --git a/docs/reference/bodyparts/create_notes.texinfo b/docs/reference/bodyparts/create_notes.texinfo deleted file mode 100644 index ff30058d86..0000000000 --- a/docs/reference/bodyparts/create_notes.texinfo +++ /dev/null @@ -1,18 +0,0 @@ - - -Directories are created by using the @samp{/.} to signify a directory type. -Note that, if no permissions are specified, mode 600 is chosen for a file, -and mode 755 is chosen for a directory. If you cannot accept these defaults, -you @i{should} specify permissions. - -Note that technically, @samp{/.} is a regular expression. However, it is -used as a special case meaning "directory". See the @b{filenames and regular -expressions} near the beginning of the section on -@ref{files in agent promises, ,files promises} for a more complete discussion. - -@b{Note:} In general, you should not use @code{create} with -@ref{copy_from in files, ,copy_from} or @ref{link_from in files, ,link_from} -in files promises. These latter attributes automatically -create the promised file, and using @code{create} may actually prevent the -copy or link promise from being kept (since @code{create} acts first, which -may affect file comparison or linking operations). diff --git a/docs/reference/bodyparts/csv2xml_example.texinfo b/docs/reference/bodyparts/csv2xml_example.texinfo deleted file mode 100644 index a7732ac387..0000000000 --- a/docs/reference/bodyparts/csv2xml_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body reporter control -{ -csv2xml => { "myreport.csv", "custom_report.csv" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/csv2xml_notes.texinfo b/docs/reference/bodyparts/csv2xml_notes.texinfo deleted file mode 100644 index ac234050fd..0000000000 --- a/docs/reference/bodyparts/csv2xml_notes.texinfo +++ /dev/null @@ -1,14 +0,0 @@ - -CSV files are easy to generate in CFEngine from individual promise logging functions. -XML is not easily generated due to its hierarchical structure. This function allows -@code{cf-report} to convert a CSV file into pidgin XML for convenience. The schema -has the general form: - -@verbatim - - - ... ... ... - ... ... ... - - -@end verbatim diff --git a/docs/reference/bodyparts/ctime_example.texinfo b/docs/reference/bodyparts/ctime_example.texinfo deleted file mode 100644 index 83ee006369..0000000000 --- a/docs/reference/bodyparts/ctime_example.texinfo +++ /dev/null @@ -1,13 +0,0 @@ - - -@verbatim - -body files_select example -{ -ctime => irange(ago(1,0,0,0,0,0),now); -file_result => "ctime"; -} - -@end verbatim - - diff --git a/docs/reference/bodyparts/ctime_notes.texinfo b/docs/reference/bodyparts/ctime_notes.texinfo deleted file mode 100644 index 2995b4414f..0000000000 --- a/docs/reference/bodyparts/ctime_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -The file's change time refers to both modification of content and attributes -such as permissions. On windows, @code{ctime} refers to creation time. diff --git a/docs/reference/bodyparts/data_type_example.texinfo b/docs/reference/bodyparts/data_type_example.texinfo deleted file mode 100644 index 009058a78e..0000000000 --- a/docs/reference/bodyparts/data_type_example.texinfo +++ /dev/null @@ -1,17 +0,0 @@ - -@verbatim - - "/bin/df" - - handle => "free_disk_watch", - stream_type => "pipe", - - data_type => "slist", - - history_type => "static", - units => "device", - match_value => file_systems, - action => sample_min(10,15); - - -@end verbatim diff --git a/docs/reference/bodyparts/data_type_notes.texinfo b/docs/reference/bodyparts/data_type_notes.texinfo deleted file mode 100644 index 4e55eac83c..0000000000 --- a/docs/reference/bodyparts/data_type_notes.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -When CFEngine (Nova) observes data, such as the attached partitions in -the example above, the datatype determines how that data will be -handled. Integer and real values, counters etc., are recorded as -time-series if the history type is `weekly', or as single values -otherwise. If multiple items are matched by an observation, -e.g. several lines in a file match the given regular expression, -then these can be made into a list by choosing @code{slist}, else -the first matching item will be selected. - diff --git a/docs/reference/bodyparts/database_columns_example.texinfo b/docs/reference/bodyparts/database_columns_example.texinfo deleted file mode 100644 index e688dd200b..0000000000 --- a/docs/reference/bodyparts/database_columns_example.texinfo +++ /dev/null @@ -1,18 +0,0 @@ - -@verbatim - - "cf_topic_maps/topics" - - database_operation => "create", - database_type => "sql", - database_columns => { - "topic_name,varchar,256", - "topic_comment,varchar,1024", - "topic_id,varchar,256", - "topic_type,varchar,256", - "topic_extra,varchar,26" - }, - - database_server => myserver; - -@end verbatim diff --git a/docs/reference/bodyparts/database_columns_notes.texinfo b/docs/reference/bodyparts/database_columns_notes.texinfo deleted file mode 100644 index 7d0ba7cae8..0000000000 --- a/docs/reference/bodyparts/database_columns_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -Columns are a list of tuplets (@var{Name,type,size}). Array items are triplets, and fixed size data elements are doublets. diff --git a/docs/reference/bodyparts/database_operation_example.texinfo b/docs/reference/bodyparts/database_operation_example.texinfo deleted file mode 100644 index 11eae7936c..0000000000 --- a/docs/reference/bodyparts/database_operation_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -database_operation => "create"; - -@end verbatim diff --git a/docs/reference/bodyparts/database_operation_notes.texinfo b/docs/reference/bodyparts/database_operation_notes.texinfo deleted file mode 100644 index 8b13789179..0000000000 --- a/docs/reference/bodyparts/database_operation_notes.texinfo +++ /dev/null @@ -1 +0,0 @@ - diff --git a/docs/reference/bodyparts/database_rows_example.texinfo b/docs/reference/bodyparts/database_rows_example.texinfo deleted file mode 100644 index d659a90783..0000000000 --- a/docs/reference/bodyparts/database_rows_example.texinfo +++ /dev/null @@ -1,20 +0,0 @@ - -@verbatim - -bundle agent databases - -{ -databases: - - windows:: - - # Regsitry has (value,data) pairs in "keys" which are directories - - "HKEY_LOCAL_MACHINE\SOFTWARE\CFEngine AS\CFEngine" - - database_operation => "create", - database_rows => { "value1,REG_SZ,new value 1", "value2,REG_DWORD,12345"} , - database_type => "ms_registry"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/database_rows_notes.texinfo b/docs/reference/bodyparts/database_rows_notes.texinfo deleted file mode 100644 index b55b9049d1..0000000000 --- a/docs/reference/bodyparts/database_rows_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -This constraint is used only in adding data to database columns. Rows are considered to be -instances of individual columns. - -In the case of the system registry on Windows, the rows represent data on data-value pairs. -The currently supported types (the middle field) for the Windows registry are @code{REG_SZ} (string), -@code{REG_EXPAND_SZ} (expandable string) and @code{REG_DWORD} (double word). diff --git a/docs/reference/bodyparts/database_type_example.texinfo b/docs/reference/bodyparts/database_type_example.texinfo deleted file mode 100644 index 4b861d430a..0000000000 --- a/docs/reference/bodyparts/database_type_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -database_type => "ms_registry"; - -@end verbatim diff --git a/docs/reference/bodyparts/database_type_notes.texinfo b/docs/reference/bodyparts/database_type_notes.texinfo deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/reference/bodyparts/db_server_connection_db_example.texinfo b/docs/reference/bodyparts/db_server_connection_db_example.texinfo deleted file mode 100644 index 7a631f8c06..0000000000 --- a/docs/reference/bodyparts/db_server_connection_db_example.texinfo +++ /dev/null @@ -1,15 +0,0 @@ - -@verbatim - -body database_server myserver(x) -{ -db_server_owner => "$(x)"; -db_server_password => ""; -db_server_host => "localhost"; -db_server_type => "$(mysql)"; -db_server_connection_db => "$(x)"; -} - -@end verbatim - -@noindent where @samp{x} is currently @code{mysql} or @code{postgres}. diff --git a/docs/reference/bodyparts/db_server_connection_db_notes.texinfo b/docs/reference/bodyparts/db_server_connection_db_notes.texinfo deleted file mode 100644 index aa1fec9764..0000000000 --- a/docs/reference/bodyparts/db_server_connection_db_notes.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -In order to create a database on a database server (all of which -practice voluntary cooperation), one has to be able to connect -to the server, however, without an existing database this is not allowed. -Thus, database servers provide a default database that can be connected -to in order to thereafter create new databases. These are called -@code{postgres} and @code{mysql} for their respective database servers. - -For the knowledge agent, this setting is made in the control body, -for database verification promises, it is made in the -@code{database_server} body. diff --git a/docs/reference/bodyparts/db_server_host_example.texinfo b/docs/reference/bodyparts/db_server_host_example.texinfo deleted file mode 100644 index e1542b8d02..0000000000 --- a/docs/reference/bodyparts/db_server_host_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -db_server_host => "sqlserv.example.org"; - -@end verbatim diff --git a/docs/reference/bodyparts/db_server_host_notes.texinfo b/docs/reference/bodyparts/db_server_host_notes.texinfo deleted file mode 100644 index a507e5ba47..0000000000 --- a/docs/reference/bodyparts/db_server_host_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -Hostname or IP address of the server. diff --git a/docs/reference/bodyparts/db_server_owner_example.texinfo b/docs/reference/bodyparts/db_server_owner_example.texinfo deleted file mode 100644 index 18419641d1..0000000000 --- a/docs/reference/bodyparts/db_server_owner_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -db_server_owner => "mark"; - -@end verbatim diff --git a/docs/reference/bodyparts/db_server_owner_notes.texinfo b/docs/reference/bodyparts/db_server_owner_notes.texinfo deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/reference/bodyparts/db_server_password_example.texinfo b/docs/reference/bodyparts/db_server_password_example.texinfo deleted file mode 100644 index 3a28c29c8c..0000000000 --- a/docs/reference/bodyparts/db_server_password_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -db_server_password => "xyz.1234"; - -@end verbatim diff --git a/docs/reference/bodyparts/db_server_password_notes.texinfo b/docs/reference/bodyparts/db_server_password_notes.texinfo deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/reference/bodyparts/db_server_type_example.texinfo b/docs/reference/bodyparts/db_server_type_example.texinfo deleted file mode 100644 index 063faf73a6..0000000000 --- a/docs/reference/bodyparts/db_server_type_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -db_server_type => "postgres"; - -@end verbatim diff --git a/docs/reference/bodyparts/db_server_type_notes.texinfo b/docs/reference/bodyparts/db_server_type_notes.texinfo deleted file mode 100644 index 8b13789179..0000000000 --- a/docs/reference/bodyparts/db_server_type_notes.texinfo +++ /dev/null @@ -1 +0,0 @@ - diff --git a/docs/reference/bodyparts/default_repository_example.texinfo b/docs/reference/bodyparts/default_repository_example.texinfo deleted file mode 100644 index 390a47f4dc..0000000000 --- a/docs/reference/bodyparts/default_repository_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -default_repository => "/var/cfengine/repository"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/default_repository_notes.texinfo b/docs/reference/bodyparts/default_repository_notes.texinfo deleted file mode 100644 index c3af8a854b..0000000000 --- a/docs/reference/bodyparts/default_repository_notes.texinfo +++ /dev/null @@ -1,13 +0,0 @@ - -If defined the default repository is the location where versions of -files altered by CFEngine are stored. This should be understood in -relation to the policy for @samp{backup} in copying, editing etc. If -the backups are time-stamped, this becomes effective a version control -repository. See also @ref{repository in files, ,repository} for a way -to locally override the global repository. - -Note that when a repository is specified, the files are stored using the -canonified directory name of the original file, concatenated with the name of -the file. So, for example, @file{/usr/local/etc/postfix.conf} would ordinarily -be stored in an alternative repository as -@file{_usr_local_etc_postfix.conf.cfsaved}. diff --git a/docs/reference/bodyparts/default_timeout_example.texinfo b/docs/reference/bodyparts/default_timeout_example.texinfo deleted file mode 100644 index 805d9d92ea..0000000000 --- a/docs/reference/bodyparts/default_timeout_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -default_timeout => "10"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/default_timeout_notes.texinfo b/docs/reference/bodyparts/default_timeout_notes.texinfo deleted file mode 100644 index e8428adab3..0000000000 --- a/docs/reference/bodyparts/default_timeout_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -The time is in seconds. It is not a guaranteed number, since it -depends on system behaviour. under Linux, the kernel version plays a -role, since not all system calls seem to respect the signals. - diff --git a/docs/reference/bodyparts/defaultcopytype_example.texinfo b/docs/reference/bodyparts/defaultcopytype_example.texinfo deleted file mode 100644 index f487cef689..0000000000 --- a/docs/reference/bodyparts/defaultcopytype_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body agent control -{ -#... -defaultcopytype => "digest"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/defaultcopytype_notes.texinfo b/docs/reference/bodyparts/defaultcopytype_notes.texinfo deleted file mode 100644 index bfa7bf01f7..0000000000 --- a/docs/reference/bodyparts/defaultcopytype_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -Sets the global default policy for comparing source and image in copy transactions. - diff --git a/docs/reference/bodyparts/delete_if_contains_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_contains_from_list_example.texinfo deleted file mode 100644 index c465a268cb..0000000000 --- a/docs/reference/bodyparts/delete_if_contains_from_list_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body delete_select example(s) -{ -delete_if_contains_from_list => { @(s) }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_contains_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_contains_from_list_notes.texinfo deleted file mode 100644 index 7cbb0da0d3..0000000000 --- a/docs/reference/bodyparts/delete_if_contains_from_list_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - - -Delete lines from a file if they contain the sub-strings listed. -Note that this determination is made only on promised lines (that is, this -attribute modifies the selection criteria, it does not make the initial -selection). diff --git a/docs/reference/bodyparts/delete_if_match_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_match_from_list_example.texinfo deleted file mode 100644 index abef80c702..0000000000 --- a/docs/reference/bodyparts/delete_if_match_from_list_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body delete_select example(s) -{ -delete_if_match_from_list => { @(s) }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_match_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_match_from_list_notes.texinfo deleted file mode 100644 index b8538d3ba3..0000000000 --- a/docs/reference/bodyparts/delete_if_match_from_list_notes.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -Delete lines from a file if the lines @i{completely} match any of -the regular expressions listed (that is, the regular expression -is anchored, @pxref{Anchored vs. unanchored regular expressions}). - -Note that the ``match'' determination is made only on promised lines (that is, this -attribute modifies the selection criteria, it does not make the initial -selection). - diff --git a/docs/reference/bodyparts/delete_if_not_contains_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_not_contains_from_list_example.texinfo deleted file mode 100644 index 198edfffbd..0000000000 --- a/docs/reference/bodyparts/delete_if_not_contains_from_list_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body delete_select discard(s) -{ -delete_if_not_contains_from_list => { "substring1", "substring2" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_not_contains_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_not_contains_from_list_notes.texinfo deleted file mode 100644 index db8f4c5f8f..0000000000 --- a/docs/reference/bodyparts/delete_if_not_contains_from_list_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -Delete lines from the file which do not contain the sub-strings listed. -Note that this determination is made only on promised lines (that is, this -attribute modifies the selection criteria, it does not make the initial -selection). diff --git a/docs/reference/bodyparts/delete_if_not_match_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_not_match_from_list_example.texinfo deleted file mode 100644 index 216a1fc59a..0000000000 --- a/docs/reference/bodyparts/delete_if_not_match_from_list_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body delete_select example(s) -{ -delete_if_not_match_from_list => { @(s) }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_not_match_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_not_match_from_list_notes.texinfo deleted file mode 100644 index 36357bde5c..0000000000 --- a/docs/reference/bodyparts/delete_if_not_match_from_list_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -Delete lines from a file unless the lines @i{completely} match any of -the regular expressions listed (that is, the regular expressions -are anchored, @pxref{Anchored vs. unanchored regular expressions}). - -Note that the ``match'' determination is made only on promised lines (that is, this -attribute modifies the selection criteria, it does not make the initial -selection). diff --git a/docs/reference/bodyparts/delete_if_not_startwith_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_not_startwith_from_list_example.texinfo deleted file mode 100644 index 3bf32a574c..0000000000 --- a/docs/reference/bodyparts/delete_if_not_startwith_from_list_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body delete_select example(s) -{ -delete_if_not_startwith_from_list => { @(s) }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_not_startwith_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_not_startwith_from_list_notes.texinfo deleted file mode 100644 index 7c01af0315..0000000000 --- a/docs/reference/bodyparts/delete_if_not_startwith_from_list_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -Delete lines from a file unless they start with the sub-strings in the list -given. Note that this determination is made only on promised lines (that is, -this attribute modifies the selection criteria, it does not make the initial -selection). diff --git a/docs/reference/bodyparts/delete_if_startwith_from_list_example.texinfo b/docs/reference/bodyparts/delete_if_startwith_from_list_example.texinfo deleted file mode 100644 index 8422531d8b..0000000000 --- a/docs/reference/bodyparts/delete_if_startwith_from_list_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body delete_select example(s) -{ -delete_if_startwith_from_list => { @(s) }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/delete_if_startwith_from_list_notes.texinfo b/docs/reference/bodyparts/delete_if_startwith_from_list_notes.texinfo deleted file mode 100644 index 4cf1654900..0000000000 --- a/docs/reference/bodyparts/delete_if_startwith_from_list_notes.texinfo +++ /dev/null @@ -1,33 +0,0 @@ - -Delete lines from a file if they begin with the sub-strings listed. -Note that this determination is made only on promised lines (that is, this -attribute modifies the selection criteria, it does not make the initial -selection). Therefore, if the file contains the following lines: - -@verbatim -start alpha igniter -start beta igniter -init alpha burner -init beta burner -stop beta igniter -stop alpha igniter -stop alpha burner -@end verbatim - -Then the following promise initially selects the four lines containing -@samp{alpha}, but is moderated by the @code{delete_select} attribute. Thus, -the promise will delete only the first and third lines of the file: - -@verbatim -bundle edit_line alpha -{ -delete_lines: - ".*alpha.*" - delete_select => starters; -} - -body delete_select starters -{ - delete_if_startwith_from_list => { "begin", "start", "init" }; -} -@end verbatim diff --git a/docs/reference/bodyparts/deny_example.texinfo b/docs/reference/bodyparts/deny_example.texinfo deleted file mode 100644 index 7e2b1a1199..0000000000 --- a/docs/reference/bodyparts/deny_example.texinfo +++ /dev/null @@ -1,16 +0,0 @@ - - -@verbatim - -bundle server access_rules() - -{ -access: - - "/path" - - admit => { ".*\.example\.org" }, - deny => { "badhost_1\.example\.org", "badhost_1\.example\.org" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/deny_notes.texinfo b/docs/reference/bodyparts/deny_notes.texinfo deleted file mode 100644 index 1c62ccf165..0000000000 --- a/docs/reference/bodyparts/deny_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -Denial is for special exceptions. A better strategy is always to grant -on a need to know basis. A security policy based on exceptions is a -weak one. - -Note that only regular expressions or exact matches are allowed in this -list, as non-specific matches are too greedy for denial. diff --git a/docs/reference/bodyparts/denybadclocks_example.texinfo b/docs/reference/bodyparts/denybadclocks_example.texinfo deleted file mode 100644 index 9f3e4f20db..0000000000 --- a/docs/reference/bodyparts/denybadclocks_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body server control -{ -#.. -denybadclocks => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/denybadclocks_notes.texinfo b/docs/reference/bodyparts/denybadclocks_notes.texinfo deleted file mode 100644 index b12a45f223..0000000000 --- a/docs/reference/bodyparts/denybadclocks_notes.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - -A possible form of attack on the fileserver is to request files based -on time by setting the clocks incorrectly. This option prevents -connections from clients whose clocks are drifting too far from the -server clock (where "too far" is currently defined as "more than an hour -off"). This serves as a warning about clock asynchronization -and also a protection against Denial of Service attempts based on -clock corruption. diff --git a/docs/reference/bodyparts/denyconnects_example.texinfo b/docs/reference/bodyparts/denyconnects_example.texinfo deleted file mode 100644 index 2799efb927..0000000000 --- a/docs/reference/bodyparts/denyconnects_example.texinfo +++ /dev/null @@ -1,8 +0,0 @@ - - -@verbatim -body server control -{ -denyconnects => { "badhost\.domain\.evil", "host3\.domain\.com" }; -} -@end verbatim diff --git a/docs/reference/bodyparts/denyconnects_notes.texinfo b/docs/reference/bodyparts/denyconnects_notes.texinfo deleted file mode 100644 index 8dfad71d76..0000000000 --- a/docs/reference/bodyparts/denyconnects_notes.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -Hosts or IP addresses that are explicitly denied access. This should -only be used in special circumstances. One should never grant generic -access to everything and then deny special cases. Since the default -server behaviour is to grant no access to anything, this list is -unnecessary unless you have already granted access to some set of -hosts using a generic pattern, to which you intend to make an exception. - -See also the warning about regular expressions in @code{allowallconnects}. diff --git a/docs/reference/bodyparts/depends_on_example.texinfo b/docs/reference/bodyparts/depends_on_example.texinfo deleted file mode 100644 index 7199b06c38..0000000000 --- a/docs/reference/bodyparts/depends_on_example.texinfo +++ /dev/null @@ -1,24 +0,0 @@ - -@verbatim - -body common control -{ -bundlesequence => { "one" }; -} - -bundle agent one -{ -reports: - - cfengine_3:: - - "two" - depends_on => { "handle_one" }; - - "one" - handle => "handle_one"; - -} - - -@end verbatim diff --git a/docs/reference/bodyparts/depends_on_notes.texinfo b/docs/reference/bodyparts/depends_on_notes.texinfo deleted file mode 100644 index 086f4ccc8e..0000000000 --- a/docs/reference/bodyparts/depends_on_notes.texinfo +++ /dev/null @@ -1,15 +0,0 @@ - -This is a list of promise handles for whom this promise is a -promisee. In other words, we acknowledge that this promise will be -affected by the list of promises whose handles are specified. - -It has the effect of partially ordering promises. - -As of version 3.4.0, promise this feature is active and may be -considered a short-hand for setting classes. If one promise depends on -a list of others, it will not be verified unless the dependent -promises have already been verified and kept: i.e. as long as the -dependent promises are either kept or repaired the dependee can be -verified. - -Handles in other namespaces may be referred to by @var{namespace:handle}. diff --git a/docs/reference/bodyparts/depth_example.texinfo b/docs/reference/bodyparts/depth_example.texinfo deleted file mode 100644 index 0be22615ef..0000000000 --- a/docs/reference/bodyparts/depth_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body depth_search example -{ -depth => "inf"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/depth_notes.texinfo b/docs/reference/bodyparts/depth_notes.texinfo deleted file mode 100644 index a075174e97..0000000000 --- a/docs/reference/bodyparts/depth_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -This was previous called `recurse' in earlier versions of CFEngine. -Note that the value @samp{inf} may be used for an unlimited value. - -When searching recursively from a directory, the parent directory is -not part of the search. It is only the anchor point. To alter the parent, -a separate non-recursive promise should be made. diff --git a/docs/reference/bodyparts/dirlinks_example.texinfo b/docs/reference/bodyparts/dirlinks_example.texinfo deleted file mode 100644 index 1a04b61388..0000000000 --- a/docs/reference/bodyparts/dirlinks_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body delete example -{ -dirlinks => "keep"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/dirlinks_notes.texinfo b/docs/reference/bodyparts/dirlinks_notes.texinfo deleted file mode 100644 index e7921a3d46..0000000000 --- a/docs/reference/bodyparts/dirlinks_notes.texinfo +++ /dev/null @@ -1,18 +0,0 @@ - -Links to directories are normally removed just like any other link or -file objects. By keeping directory links, you preserve the logical -directory structure of the file system so that a link to a directory -is not removed but is treated as a directory to be descended into. - -The value @code{keep} instructs CFEngine not to remove directory links. -The values @code{delete} and @code{tidy} are synonymous, and instruct -CFEngine to remove directory links. - -@noindent @b{Default value} (only if body is present):@* -@* - -The default value only has significance if there is a @code{delete} body -present. If there is no @code{delete} body, then files (and directory links) -are @b{not} deleted. - -@code{dirlinks => delete} diff --git a/docs/reference/bodyparts/disable_example.texinfo b/docs/reference/bodyparts/disable_example.texinfo deleted file mode 100644 index 43dee7b08a..0000000000 --- a/docs/reference/bodyparts/disable_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body rename example -{ -disable => "true"; -disable_suffix => ".nuked"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/disable_mode_example.texinfo b/docs/reference/bodyparts/disable_mode_example.texinfo deleted file mode 100644 index 7a6d431041..0000000000 --- a/docs/reference/bodyparts/disable_mode_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - - -@verbatim - -body rename example -{ -disable_mode => "0600"; -} - -@end verbatim - diff --git a/docs/reference/bodyparts/disable_mode_notes.texinfo b/docs/reference/bodyparts/disable_mode_notes.texinfo deleted file mode 100644 index da2c16e949..0000000000 --- a/docs/reference/bodyparts/disable_mode_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -To disable an executable it is not enough to rename it, you should also remove the -executable flag. - diff --git a/docs/reference/bodyparts/disable_notes.texinfo b/docs/reference/bodyparts/disable_notes.texinfo deleted file mode 100644 index bf4cb3717f..0000000000 --- a/docs/reference/bodyparts/disable_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -Disabling a file means making is impotent in the context in which it -has an effect. For executables this means preventing execution, for an -information file it means making the file unreadable. diff --git a/docs/reference/bodyparts/disable_suffix_example.texinfo b/docs/reference/bodyparts/disable_suffix_example.texinfo deleted file mode 100644 index 9a3dc812cd..0000000000 --- a/docs/reference/bodyparts/disable_suffix_example.texinfo +++ /dev/null @@ -1,12 +0,0 @@ - - -@verbatim - -body rename example -{ -disable => "true"; -disable_suffix => ".nuked"; -} - -@end verbatim - diff --git a/docs/reference/bodyparts/disable_suffix_notes.texinfo b/docs/reference/bodyparts/disable_suffix_notes.texinfo deleted file mode 100644 index 96a7d29149..0000000000 --- a/docs/reference/bodyparts/disable_suffix_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -To make disabled files in a particular manner, use this string suffix. -The default value is @file{.cf-disabled}. diff --git a/docs/reference/bodyparts/dist_example.texinfo b/docs/reference/bodyparts/dist_example.texinfo deleted file mode 100644 index b8d9b7dbd7..0000000000 --- a/docs/reference/bodyparts/dist_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -classes: - - "my_dist" - - dist => { "10", "20", "40", "50" }; - -@end verbatim diff --git a/docs/reference/bodyparts/dist_notes.texinfo b/docs/reference/bodyparts/dist_notes.texinfo deleted file mode 100644 index 20e17e2662..0000000000 --- a/docs/reference/bodyparts/dist_notes.texinfo +++ /dev/null @@ -1,15 +0,0 @@ - -Assign one generic class (always) and one additional class, randomly weighted -on a probability distribution. The sum of @code{10+20+40+50 = 120} in the -example above, so in generating a distribution, CFEngine picks a number -between @code{1-120}. This will generate the following classes: - -@smallexample -my_dist (always) -my_dist_10 (10/120 of the time) -my_dist_20 (20/120 of the time) -my_dist_40 (40/120 of the time) -my_dist_50 (50/120 of the time) -@end smallexample - -This was previous called a @samp{strategy} in CFEngine 2. diff --git a/docs/reference/bodyparts/domain_example.texinfo b/docs/reference/bodyparts/domain_example.texinfo deleted file mode 100644 index c40d2ec7af..0000000000 --- a/docs/reference/bodyparts/domain_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body common control -{ -domain => "example.org"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/domain_notes.texinfo b/docs/reference/bodyparts/domain_notes.texinfo deleted file mode 100644 index 9bde773b1f..0000000000 --- a/docs/reference/bodyparts/domain_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -There is no standard, universal or reliable way of determining the -DNS domain name of a host, so it can be set explicitly to simplify -discovery and name-lookup. - diff --git a/docs/reference/bodyparts/dryrun_example.texinfo b/docs/reference/bodyparts/dryrun_example.texinfo deleted file mode 100644 index 0bda0465c3..0000000000 --- a/docs/reference/bodyparts/dryrun_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -dryrun => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/dryrun_notes.texinfo b/docs/reference/bodyparts/dryrun_notes.texinfo deleted file mode 100644 index 011ec54480..0000000000 --- a/docs/reference/bodyparts/dryrun_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -If set in the configuration, CFEngine makes no changes to a -system, only reports what it needs to do. diff --git a/docs/reference/bodyparts/dynamicaddresses_example.texinfo b/docs/reference/bodyparts/dynamicaddresses_example.texinfo deleted file mode 100644 index f69d1a60a5..0000000000 --- a/docs/reference/bodyparts/dynamicaddresses_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body server control -{ -dynamicaddresses => { "dhcp_.*" }; -} - -@end verbatim diff --git a/docs/reference/bodyparts/dynamicaddresses_notes.texinfo b/docs/reference/bodyparts/dynamicaddresses_notes.texinfo deleted file mode 100644 index 37ccf70402..0000000000 --- a/docs/reference/bodyparts/dynamicaddresses_notes.texinfo +++ /dev/null @@ -1,7 +0,0 @@ - -The addresses or hostnames here are expected to have non-permanent -address-name bindings, we must therefor work harder to determine -whether hosts credentials are trusted by looking for existing public -keys in files that do not match the current hostname or IP. - -@b{This feature has been deprecated since 3.1.0.} This is now handled transparently. diff --git a/docs/reference/bodyparts/edit_backup_example.texinfo b/docs/reference/bodyparts/edit_backup_example.texinfo deleted file mode 100644 index 04c7256ccb..0000000000 --- a/docs/reference/bodyparts/edit_backup_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body edit_defaults example -{ -edit_backup => "timestamp"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/edit_backup_notes.texinfo b/docs/reference/bodyparts/edit_backup_notes.texinfo deleted file mode 100644 index 8b13789179..0000000000 --- a/docs/reference/bodyparts/edit_backup_notes.texinfo +++ /dev/null @@ -1 +0,0 @@ - diff --git a/docs/reference/bodyparts/edit_fstab_example.texinfo b/docs/reference/bodyparts/edit_fstab_example.texinfo deleted file mode 100644 index 49573e1912..0000000000 --- a/docs/reference/bodyparts/edit_fstab_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body mount example -{ -edit_fstab => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/edit_fstab_notes.texinfo b/docs/reference/bodyparts/edit_fstab_notes.texinfo deleted file mode 100644 index f19e1bdef5..0000000000 --- a/docs/reference/bodyparts/edit_fstab_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -The default behaviour is to not place edits in the file system table. diff --git a/docs/reference/bodyparts/edit_template_example.texinfo b/docs/reference/bodyparts/edit_template_example.texinfo deleted file mode 100644 index e4d3b86f26..0000000000 --- a/docs/reference/bodyparts/edit_template_example.texinfo +++ /dev/null @@ -1,56 +0,0 @@ - - -@verbatim -#This is a template file /templates/input.tmpl - -These lines apply to anyone - -[%CFEngine solaris.Monday:: %] -Everything after here applies only to solaris on Mondays -until overridden... - -[%CFEngine linux:: %] -Everything after here now applies now to linux only. - -[%CFEngine BEGIN %] -This is a block of text -That contains list variables: $(some.list) -With text before and after. -[%CFEngine END %] - -nameserver $(some.list) -@end verbatim - -For example: - -@verbatim -[%CFEngine any:: %] - - ServerAdmin $(stage_file.params[apache_mail_address][1]) - DocumentRoot /var/www/htdocs - ServerName $(stage_file.params[apache_server_name][1]) - AddHandler cgi-script cgi - ErrorLog /var/log/httpd/error.log - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - SSLEngine off - CustomLog /var/log/httpd/access.log - - -[%CFEngine webservers_prod:: %] -[%CFEngine BEGIN %] - - ServerAdmin $(stage_file.params[apache_mail_address][1]) - DocumentRoot /var/www/htdocs - ServerName $(stage_file.params[apache_server_name][1]) - AddHandler cgi-script cgi - ErrorLog /var/log/httpd/error.log - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - SSLEngine on - SSLCertificateFile $(stage_file.params[apache_ssl_crt][1]) - SSLCertificateKeyFile $(stage_file.params[apache_ssl_key][1]) - CustomLog /var/log/httpd/access.log - -[%CFEngine END %] -@end verbatim diff --git a/docs/reference/bodyparts/edit_template_notes.texinfo b/docs/reference/bodyparts/edit_template_notes.texinfo deleted file mode 100644 index efea0e704c..0000000000 --- a/docs/reference/bodyparts/edit_template_notes.texinfo +++ /dev/null @@ -1,26 +0,0 @@ - -@i{History}: Was introduced in 3.3.0, Nova 2.2.0 (2012) - -The template format uses inline tags to mark regions and classes. -Each line represents an @code{insert_lines} promise, unless the promises -are grouped into a block using: - -@verbatim -[%CFEngine BEGIN %] -... -[%CFEngine END %] -@end verbatim - -@noindent Variables, scalars and list variables are expanded within each -promise; so, if lines are grouped into a block, the whole block is repeated -when lists are expanded (see the Special Topics Guide on editing). - -If a class-context modified is used: - -@verbatim -[%CFEngine class-expression:: %] -@end verbatim -@noindent then the lines that follow are only inserted if the context -matches the agent's current context. This allows conditional insertion. - - diff --git a/docs/reference/bodyparts/editbinaryfilesize_example.texinfo b/docs/reference/bodyparts/editbinaryfilesize_example.texinfo deleted file mode 100644 index 68d894ebbd..0000000000 --- a/docs/reference/bodyparts/editbinaryfilesize_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - - -@verbatim - -body agent control -{ -edibinaryfilesize => "10M"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/editbinaryfilesize_notes.texinfo b/docs/reference/bodyparts/editbinaryfilesize_notes.texinfo deleted file mode 100644 index c521936064..0000000000 --- a/docs/reference/bodyparts/editbinaryfilesize_notes.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -The global setting for the file-editing safety-net for binary files (this -value may be overridden on a per-promise basis with @code{max_file_size}, -@xref{edit_defaults in files}. The default value for @code{editbinaryfilesize} -is @code{100k}. Note the use of special units is allowed, -@xref{Datatypes in CFEngine 3}, for a list of permissible suffixes. - -When setting limits, the limit on editing binary files should generally be -set higher than for text files. diff --git a/docs/reference/bodyparts/editfilesize_example.texinfo b/docs/reference/bodyparts/editfilesize_example.texinfo deleted file mode 100644 index e6b473f5d1..0000000000 --- a/docs/reference/bodyparts/editfilesize_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body agent control -{ -editfilesize => "120k"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/editfilesize_notes.texinfo b/docs/reference/bodyparts/editfilesize_notes.texinfo deleted file mode 100644 index e5e0591135..0000000000 --- a/docs/reference/bodyparts/editfilesize_notes.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -The global setting for the file-editing safety-net (this value may be -overridden on a per-promise basis with @code{max_file_size}, -@xref{edit_defaults in files}. Note the use of special units is -allowed, @xref{Datatypes in CFEngine 3}, for a list of permissible -suffixes. diff --git a/docs/reference/bodyparts/empty_file_before_editing_example.texinfo b/docs/reference/bodyparts/empty_file_before_editing_example.texinfo deleted file mode 100644 index a8f350753c..0000000000 --- a/docs/reference/bodyparts/empty_file_before_editing_example.texinfo +++ /dev/null @@ -1,9 +0,0 @@ - -@verbatim - -body edit_defaults example -{ -empty_file_before_editing => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/empty_file_before_editing_notes.texinfo b/docs/reference/bodyparts/empty_file_before_editing_notes.texinfo deleted file mode 100644 index 6ea31ca7d0..0000000000 --- a/docs/reference/bodyparts/empty_file_before_editing_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -Emptying a file before reconstructing its contents according to a -fixed recipe allows an ordered procedure to be convergent. - diff --git a/docs/reference/bodyparts/encrypt_example.texinfo b/docs/reference/bodyparts/encrypt_example.texinfo deleted file mode 100644 index 06b8c4dbf0..0000000000 --- a/docs/reference/bodyparts/encrypt_example.texinfo +++ /dev/null @@ -1,10 +0,0 @@ - -@verbatim - -body copy_from example -{ -servers => { "remote-host.example.org" }; -encrypt => "true"; -} - -@end verbatim diff --git a/docs/reference/bodyparts/encrypt_notes.texinfo b/docs/reference/bodyparts/encrypt_notes.texinfo deleted file mode 100644 index 753f43723c..0000000000 --- a/docs/reference/bodyparts/encrypt_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -Client connections are encrypted with using a Blowfish randomly -generated session key. The intial connection is encrypted using the -public/private keys for the client and server hosts. diff --git a/docs/reference/bodyparts/env_addresses_example.texinfo b/docs/reference/bodyparts/env_addresses_example.texinfo deleted file mode 100644 index 01dea3a51e..0000000000 --- a/docs/reference/bodyparts/env_addresses_example.texinfo +++ /dev/null @@ -1,18 +0,0 @@ - -@verbatim - -body environment_interface vnet(primary) -{ -env_name => "$(this.promiser)"; -env_addresses => { "$(primary)" }; - -host1:: - - env_network => "default_vnet1"; - -host2:: - - env_network => "default_vnet2"; - -} -@end verbatim diff --git a/docs/reference/bodyparts/env_addresses_notes.texinfo b/docs/reference/bodyparts/env_addresses_notes.texinfo deleted file mode 100644 index da1f6b7811..0000000000 --- a/docs/reference/bodyparts/env_addresses_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -The IP addresses of the virtual machine can be overridden here at run time. diff --git a/docs/reference/bodyparts/env_baseline_example.texinfo b/docs/reference/bodyparts/env_baseline_example.texinfo deleted file mode 100644 index ee7b25f879..0000000000 --- a/docs/reference/bodyparts/env_baseline_example.texinfo +++ /dev/null @@ -1,6 +0,0 @@ - -@verbatim - -env_baseline => "/path/to/image"; - -@end verbatim diff --git a/docs/reference/bodyparts/env_baseline_notes.texinfo b/docs/reference/bodyparts/env_baseline_notes.texinfo deleted file mode 100644 index 383030dc63..0000000000 --- a/docs/reference/bodyparts/env_baseline_notes.texinfo +++ /dev/null @@ -1,2 +0,0 @@ - -This function is for future development. diff --git a/docs/reference/bodyparts/env_cpus_example.texinfo b/docs/reference/bodyparts/env_cpus_example.texinfo deleted file mode 100644 index b0e69ed6a1..0000000000 --- a/docs/reference/bodyparts/env_cpus_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body environment_resources my_environment -{ -env_cpus => "2"; -env_memory => "512"; # in KB -env_disk => "1024"; # in MB -} - -@end verbatim diff --git a/docs/reference/bodyparts/env_cpus_notes.texinfo b/docs/reference/bodyparts/env_cpus_notes.texinfo deleted file mode 100644 index d808d093b8..0000000000 --- a/docs/reference/bodyparts/env_cpus_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -The maximum number of cores or processors in the physical environment will -set a natural limit on this value. - -This attribute conflicts with @code{env_spec}. diff --git a/docs/reference/bodyparts/env_disk_example.texinfo b/docs/reference/bodyparts/env_disk_example.texinfo deleted file mode 100644 index b0e69ed6a1..0000000000 --- a/docs/reference/bodyparts/env_disk_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body environment_resources my_environment -{ -env_cpus => "2"; -env_memory => "512"; # in KB -env_disk => "1024"; # in MB -} - -@end verbatim diff --git a/docs/reference/bodyparts/env_disk_notes.texinfo b/docs/reference/bodyparts/env_disk_notes.texinfo deleted file mode 100644 index 1374df7af2..0000000000 --- a/docs/reference/bodyparts/env_disk_notes.texinfo +++ /dev/null @@ -1,4 +0,0 @@ - -This parameter is currently unsupported, for future extension. - -This attribute conflicts with @code{env_spec}. diff --git a/docs/reference/bodyparts/env_memory_example.texinfo b/docs/reference/bodyparts/env_memory_example.texinfo deleted file mode 100644 index b0e69ed6a1..0000000000 --- a/docs/reference/bodyparts/env_memory_example.texinfo +++ /dev/null @@ -1,11 +0,0 @@ - -@verbatim - -body environment_resources my_environment -{ -env_cpus => "2"; -env_memory => "512"; # in KB -env_disk => "1024"; # in MB -} - -@end verbatim diff --git a/docs/reference/bodyparts/env_memory_notes.texinfo b/docs/reference/bodyparts/env_memory_notes.texinfo deleted file mode 100644 index d81c40bcfd..0000000000 --- a/docs/reference/bodyparts/env_memory_notes.texinfo +++ /dev/null @@ -1,5 +0,0 @@ - -The maximum amount of memory in the physical environment will set a -natural limit on this value. - -This attribute conflicts with @code{env_spec}. diff --git a/docs/reference/bodyparts/env_name_example.texinfo b/docs/reference/bodyparts/env_name_example.texinfo deleted file mode 100644 index 29b04c5783..0000000000 --- a/docs/reference/bodyparts/env_name_example.texinfo +++ /dev/null @@ -1,14 +0,0 @@ - -@verbatim -body environment_interface vnet(primary) -{ -env_name => "$(this.promiser)"; -env_addresses => { "$(primary)" }; - -host1:: - env_network => "default_vnet1"; - -host2:: - env_network => "default_vnet2"; -} -@end verbatim diff --git a/docs/reference/bodyparts/env_name_notes.texinfo b/docs/reference/bodyparts/env_name_notes.texinfo deleted file mode 100644 index db7565626f..0000000000 --- a/docs/reference/bodyparts/env_name_notes.texinfo +++ /dev/null @@ -1,3 +0,0 @@ - -The `hostname' of a virtual guest may or may not be the same as the identifier used -as `promiser' by the virtualization manager. diff --git a/docs/reference/bodyparts/env_network_example.texinfo b/docs/reference/bodyparts/env_network_example.texinfo deleted file mode 100644 index c31a408ed0..0000000000 --- a/docs/reference/bodyparts/env_network_example.texinfo +++ /dev/null @@ -1,16 +0,0 @@ - -@verbatim - -body environment_interface vnet(primary) - { - env_name => "$(this.promiser)"; - env_addresses => { "$(primary)" }; - - host1:: - env_network => "default_vnet1"; - - host2:: - env_network => "default_vnet2"; - } - -@end verbatim diff --git a/docs/reference/bodyparts/env_network_notes.texinfo b/docs/reference/bodyparts/env_network_notes.texinfo deleted file mode 100644 index 8b13789179..0000000000 --- a/docs/reference/bodyparts/env_network_notes.texinfo +++ /dev/null @@ -1 +0,0 @@ - diff --git a/docs/reference/bodyparts/env_spec_example.texinfo b/docs/reference/bodyparts/env_spec_example.texinfo deleted file mode 100644 index 4d4f8edc65..0000000000 --- a/docs/reference/bodyparts/env_spec_example.texinfo +++ /dev/null @@ -1,35 +0,0 @@ - - -@verbatim -body environment_resources virt_xml(host) -{ -env_spec => - -" - $(host) - - linux - /var/lib/xen/install/vmlinuz-ubuntu10.4-x86_64 - /var/lib/xen/install/initrd-vmlinuz-ubuntu10.4-x86_64 - kickstart=http://example.com/myguest.ks - - 131072 - 1 - - - - - - - - -