CFEngine is built on promises. Promises were chosen as the model for CFEngine's configuration language, because they represent an expression of intention.
If you are using custom scripts to manage your systems, you are using recipes. Take a look at any cookbook and you will see that all recipes look the same: take flour, eggs, butter, sugar ... and you know nothing because you can make a hundred things from these steps. If you don't make clear your intention, it is very hard to know what the recipe is supposed to be: is it a cake, a waffle, a pastry?
The same is true in system administration. Recipes are not merely scripts, they encapsulate knowledge and experience. Their value is in communicating desired outcomes or states.
This library of standard components is like a cookbook that tells you only how to make basics well. It gives these basic skills names and therefore gives you a common vocabulary – you will put together these basics in creative ways to build your systems.
|
Please contribute to this guide by helping to develop a repertoire of basic skills and names. This collection should be comprehensive but parsimonious. Basics are only basics if they are few and carefully thought out. This is a work in progress and your experience is welcome. This library will be moderated by CFEngine, and contributions and discussions ca n be made to the help-cfengine@cfengine.org mailing list. |
body action bg(elapsed,expire)
{
=>
=>
=>
}
body action if_elapsed(x)
{
=>
=>
}
body action ifwin_bg
{
windows::
=>
}
body action immediate
{
=>
}
body action measure_performance(x)
{
=>
=>
=>
}
body action sample_rate(x)
{
=>
=>
}
body action warn_only
{
=>
=>
}
body changes detect_all_change # This is fierce, and will cost disk cycles { => => => }
body changes detect_content # This is a cheaper alternative { => => => }
body classes cf2_if_else(yes,no) # meant to match cf2 semantics { => => => => }
body classes if_else(yes,no)
{
=>
=>
=>
=>
=>
}
body classes if_notkept(x)
{
=>
=>
=>
}
body classes if_ok(x)
{
=>
=>
}
body classes if_repaired(x)
{
=>
}
body classes state_repaired(x)
{
=>
=>
}
# agent
body contain in_dir(s)
{
=>
}
body contain in_shell
{
=>
}
body contain jail(owner,root,dir)
{
=>
=>
=>
=>
}
body contain setuid(x)
{
=>
=>
}
body contain setuid_sh(x)
{
=>
=>
}
body contain setuidgid_sh(owner,group)
{
=>
=>
=>
}
body contain silent
{
=>
}
body contain silent_in_dir(s)
{
=>
=>
}
body copy_from local_cp(from)
{
=>
}
# Copy only if the file does not already exist, i.e. seed the placement
body copy_from no_backup_cp(from)
{
=>
=>
}
body copy_from no_backup_rcp(from,server)
{
=>
=>
=>
=>
}
body copy_from remote_cp(from,server)
{
=>
=>
=>
}
body copy_from secure_cp(from,server)
{
=>
=>
=>
=>
=>
}
body copy_from seed_cp(from)
{
=>
=>
}
body copy_from sync_cp(from,server)
{
=>
=>
=>
=>
}
body delete tidy
{
=>
=>
}
body depth_search recurse(d)
{
=>
=>
=>
}
body depth_search recurse_ignore(d,list)
{
=>
=>
}
body edit_defaults empty
{
=>
=>
=>
}
body edit_defaults std_defs
{
=>
=>
=>
}
body edit_field col(split,col,newval,method)
{
=>
=>
=>
=>
=>
=>
=>
}
body edit_field quoted_var(newval,method)
{
=>
=>
=>
=>
=>
=>
=>
}
body file_select by_name(names)
{
=>
=>
}
body file_select days_old(days)
{
=>
=>
}
body file_select dirs
{
=>
=>
}
body file_select ex_list(names)
{
=>
=>
}
body file_select exclude(name)
{
=>
=>
}
body file_select name_age(name,days)
{
=>
=>
=>
}
body file_select plain
{
=>
=>
}
body file_select size_range(from,to)
{
=>
=>
}
body link_from linkchildren(tofile)
{
=>
=>
=>
=>
=>
}
body link_from ln_s(x)
{
=>
=>
=>
}
body location start
{
=>
}
body match_value scan_log(line)
{
=>
=>
}
body mount nfs(server,source)
{
=>
=>
=>
=>
}
body mount nfs_p(server,source,perm)
{
=>
=>
=>
=>
=>
}
body mount unmount
{
=>
=>
=>
}
body package_method apt
{
=>
=>
=>
=>
=>
=>
have_aptitude::
=>
=>
=>
!have_aptitude::
=>
=>
=>
}
body package_method freebsd
{
any::
=>
# Could use rpm for this
=>
# Remember to escape special characters like |
=>
=>
=>
=>
=>
=>
=>
=>
}
body package_method solaris (pkgname, spoolfile, adminfile)
{
=>
=>
=>
=>
=>
=>
=>
=>
=>
=>
}
body package_method yum
{
=>
=>
# Remember to escape special characters like |
=>
=>
=>
=>
=>
=>
=>
=>
}
# The solaris package system is poorly designed, with too many different
# names to track. See the example in tests/units/unit_package_solaris.cf
# to see how to use this
body package_method zypper { => => => => => => => => => => => => => => => => }
body perms m(mode)
{
=>
}
body perms mo(mode,user)
{
=>
=>
}
body perms mog(mode,user,group)
{
=>
=>
=>
}
body perms og(u,g)
{
=>
=>
}
body perms owner(user)
{
=>
}
body process_count check_range(name,lower,upper)
{
=>
=>
}
body rename disable
{
=>
}
body rename rotate(level)
{
=>
}
body rename to(file)
{
=>
}
body replace_with comment(c)
{
=>
=>
}
body replace_with uncomment
{
=>
=>
}
body replace_with value(x)
{
=>
=>
}
body select_process exclude_procs(x)
{
=>
=>
}
body select_region INI_section(x)
{
=>
=>
}
body volume min_free_space(free)
{
=>
=>
=>
=>
}
bundle edit_line append_groups_starting(v) # For adding groups to /etc/group, needs => { vars: => classes: => insert_lines: "$($(v)[$(index)])", => }
bundle edit_line append_if_no_line(str)
{
insert_lines:
"$(str)";
}
bundle edit_line append_if_no_lines(list)
{
insert_lines:
"$(list)";
}
bundle edit_line append_user_field(group,field,allusers) # For adding users to to a file like /etc/group # at field position "field", comma separated subfields { vars: => field_edits: "$(group).*" => }
bundle edit_line append_users_starting(v) # For adding to /etc/passwd or etc/shadow, needs => { vars: => classes: => insert_lines: "$($(v)[$(index)])", => }
bundle edit_line comment_lines_containing(regex,comment) # Comment lines of a file containing a regex { replace_patterns: => }
bundle edit_line delete_lines_matching(regex)
{
delete_lines:
"$(regex)";
}
bundle edit_line expand_template(templatefile) # Read in the named text file and expand $(var) # inside the file { insert_lines: "$(templatefile)" => => }
bundle edit_line resolvconf(search,list) # search is the search domains with space # list is an slist of nameserver addresses { delete_lines: "search.*"; insert_lines: "search $(search)"; "nameserver $(list)"; }
bundle edit_line set_user_field(user,field,val) # Set the value of field number "field" in # a :-field formatted file like /etc/passwd { field_edits: "$(user).*" => }
bundle edit_line set_variable_values(v) # Sets the RHS of variables in the file of the form # LHS = RHS # Adds a new line if no LHS exists, repairs RHS values if one does exist # # To use: # 1) Define an array, where the keys are the LHS and the values are the RHS => => # 2) The parameter passed to the edit_line promise is the fully qualified # { vars: => # Be careful if the index string contains funny chars => field_edits: # match a line starting like the key = something "\s*$(index)\s*=.*" => => insert_lines: "$(index)=$($(v)[$(index)])", => }
bundle edit_line uncomment_lines_containing(regex,comment) # Uncomment lines of a file where the regex matches # the text after the comment string { replace_patterns: => }
bundle edit_line uncomment_lines_matching(regex,comment) # Uncomment lines of a file where the regex matches # the text after the comment string { replace_patterns: => }
bundle edit_line warn_lines_matching(regex)
{
delete_lines:
=>
}
Table of Contents