agent bundles

MPF_class_recommendations

Prototype: MPF_class_recommendations

Implementation:

code
bundle agent MPF_class_recommendations
{
  meta:
    (policy_server|am_policy_hub).enterprise_edition::
      "tags" slist => { "cfengine_recommends" };

  reports:
      "`cfengine_internal_purge_policies` no longer has any effect. Please use `cfengine_internal_purge_policies_disabled` instead, to choose where you want to disable purging or remove the class completely if you want purging enabled everywhere (the new default in 3.18+)." -> { "CFE-3662" }
        if => "cfengine_internal_purge_policies";
}

ignore_interfaces_rx_reccomendations

Prototype: ignore_interfaces_rx_reccomendations

Description: Recommend completing migration of ignore_interfaces.rx from inputdir to workdir

Implementation:

code
bundle agent ignore_interfaces_rx_reccomendations
{
  meta:
      "tags" slist => { "cfengine_recommends" };

  classes:
      "ignore_interfaces_in_workdir_supported"
        and => { cf_version_minimum( "3.21.4" ),
                 not( cf_version_at( "3.22" ) ) },
        comment => concat( "CFEngine doesn't look for ignore_interfaces.rx in",
                           " workdir except for versions greater than or equal",
                           "to 3.21.4." );

      "ignore_interfaces_in_workdir" -> { "ENT-9402" }
        if => fileexists( "$(sys.workdir)/ignore_interfaces.rx" );

      "ignore_interfaces_in_inputdir" -> { "ENT-9402" }
        if => fileexists( "$(sys.inputdir)/ignore_interfaces.rx" );

  files:
    ignore_interfaces_in_workdir_supported.default:mpf_auto_migrate_ignore_interfaces_rx_to_workdir.ignore_interfaces_in_inputdir::
      "$(sys.workdir)/ignore_interfaces.rx" -> { "ENT-9402" }
        copy_from => local_dcp( "$(sys.inputdir)/ignore_interfaces.rx"),
        comment => concat( "Excluding interfaces should be done outside of the",
                           " policy input directory so that it's easier to",
                           " ignore different interfaces on different hosts.");

    ignore_interfaces_in_workdir_supported::

      "$(sys.inputdir)/ignore_interfaces.rx" -> { "ENT-9402" }
        delete => tidy,
        action => policy( "warn" ),
        comment => concat( "Excluding interfaces should be done outside of the",
                           " policy input directory so that it's easier to",
                           " ignore different interfaces on different hosts.",
                           " This file should be deleted once it's been migrated",
                           " to sys.workdir");

  reports:

    ignore_interfaces_in_workdir_supported.(ignore_interfaces_in_inputdir.!default:mpf_auto_migrate_ignore_interfaces_rx_to_workdir_reports_disabled)::
      "NOTICE: 'ignore_interfaces.rx' is present in '$(const.dollar)(sys.inputdir)' ('$(sys.inputdir)/ignore_interfaces.rx'). We recommend that it be removed and migrated to '$(const.dollar)(sys.workdir)' ('$(sys.workdir)/ignore_interfaces.rx')"
        if => not( fileexists( "$(sys.workdir)/ignore_interfaces.rx" ) );

    ignore_interfaces_in_workdir_supported.(ignore_interfaces_in_workdir.ignore_interfaces_in_inputdir).!default:mpf_auto_migrate_ignore_interfaces_rx_to_workdir_reports_disabled::
      "NOTICE: 'ignore_interfaces.rx' identical in '$(const.dollar)(sys.workdir)' and '$(const.dollar)(sys.inputdir)'. We recommend removing '$(const.dollar)(sys.inputdir)/ignore_interfaces.rx'"
        if => strcmp( readfile( "$(sys.workdir)/ignore_interfaces.rx"),
                      readfile( "$(sys.inputdir)/ignore_interfaces.rx") );

      "NOTICE: 'ignore_interfaces.rx' in '$(const.dollar)(sys.workdir)' and '$(const.dollar)(sys.inputdir)' but not identical. We recommend verifying the desired content of '$(const.dollar)(sys.workdir)/ignore_interfaces.rx', correcting it if necessary and removing '$(const.dollar)(sys.inputdir)/ignore_interfaces.rx'"
        if => not( strcmp( readfile( "$(sys.workdir)/ignore_interfaces.rx"),
                           readfile( "$(sys.inputdir)/ignore_interfaces.rx") ) );

}

postgresql_conf_recommendations

Prototype: postgresql_conf_recommendations

Description: Recommendations about the configuration of postgresql.conf for CFEngine Enterprise Hubs

Implementation:

code
bundle agent postgresql_conf_recommendations
{
  meta:

   (policy_server|am_policy_hub).enterprise_edition::

    "tags" slist => { "cfengine_recommends" };

  vars:
    "pgsql_conf" string => "$(sys.statedir)/pg/data/postgresql.conf";
    "mem_info_source" string => "/proc/meminfo";
      "mem_info_data"
        data => data_readstringarray( $(mem_info_source), "", "(:|\s+)", inf, inf),
        if => fileexists( $(mem_info_source) );

    "upper" string => "67108864"; # 64 * 1024 * 1024 in KB
    "lower" string => "3145728"; # 3 * 1024 * 1024 in KB

      "conf[maintenance_work_mem]"
        string => "2GB",
        if => isgreaterthan( "$(mem_info_data[MemTotal][1])", $(lower) ),
        comment => "If we have more than 2GB of memory available then we set the
        maintenance_work_memory to 2G to improve index creation, and
        vacuuming. Else we leave the default value.";

      "conf[shared_buffers]"
        string => "16GB",
        if => isgreaterthan( "$(mem_info_data[MemTotal][1])", $(upper) );

      "conf[effective_cache_size]"
        string => "11GB", # 70% of 16GB
        if => isgreaterthan( "$(mem_info_data[MemTotal][1])", $(upper) );

      "calculated_shared_buffers_MB"
        string => format( "%d0",
                          eval( "$(mem_info_data[MemTotal][1]) * 25 / 100 / 1024", "math", "infix"));

      "conf[shared_buffers]"
        string => concat( $(calculated_shared_buffers_MB), "MB"),
        if => and(
                   not( isvariable( "conf[maintenance_work_mem]" ) ),
                   not( isvariable( "conf[shared_buffers]" )));

      "calculated_effective_cache_size_MB"
        string => format( "%d0",
                          eval( "$(mem_info_data[MemTotal][1]) * 70 / 100 / 1024", "math", "infix"));

      "conf[effective_cache_size]"
        string => concat( $(calculated_effective_cache_size_MB), "MB"),
        if => and(
                   not( isvariable( "conf[maintenance_work_mem]" ) ),
                   not( isvariable( "conf[effective_cache_size]" )));

  files:
      "$(pgsql_conf)"
        edit_line => set_line_based("$(this.bundle).conf", "=", "\s*=\s*", ".*", "\s*#\s*"),
        classes => results( "bundle", "psql_conf_recommendations" ),
        action => policy( "warn" ),
        if => fileexists( $(pgsql_conf) );

  reports:
    psql_conf_recommendations_not_kept::
      "CFEngine Recommended Settings:";
      "shared_buffers = $(conf[shared_buffers])"
        if => isvariable( "conf[shared_buffers]" );
      "effective_cache_size = $(conf[effective_cache_size])"
        if => isvariable( "conf[effective_cache_size]" );
      "maintenance_work_mem = $(conf[maintenance_work_mem])"
        if => isvariable( "conf[maintenance_work_mem]" );
}