CFEngine 3 Solutions


Next: , Previous: (dir), Up: (dir)

CFEngine-Solutions

COMPLETE TABLE OF CONTENTS

Summary of contents


Next: , Previous: Top, Up: Top

1 Introduction


Next: , Previous: Introduction, Up: Top

2 Common issues


Next: , Previous: Common issues, Up: Common issues

2.1 Ordering promises

This counts to five by default. If we change `/bin/echo one' to `/bin/echox one', then the command will fail, causing us to skip five and go to six instead.

This shows how dependencies can be chained in spite of the order of promises in the bundle.

Normally the order of promises in a bundle is followed, within each promise type, and the types are ordered according to normal ordering.

####################################################
#
# Counting by the numbers...
#
####################################################

body common control

{
bundlesequence => { "order" };
}

####################################################

bundle agent order

{
vars:

 "list" slist => { "three", "four" };

commands:

 ok_later::

   "/bin/echo five";

 otherthing::

   "/bin/echo six";

 any::

  "/bin/echo one"    classes => d("ok_later","otherthing");
  "/bin/echo two";
  "/bin/echo $(list)";

 preserved_class::

  "/bin/echo seven";

}

############################################

body classes d(if,else)

{
promise_repaired => { "$(if)" };
repair_failed => { "$(else)" };
persist_time => "0";
}



Next: , Previous: Ordering promises, Up: Common issues

2.2 Mount NFS filesystem

#####################################################################
# Mount NFS
#####################################################################

body common control

{
bundlesequence => { "mounts" };
}

#####################################################################

bundle agent mounts

{
storage:

  # Assumes the filesystem has been exported

  "/mnt" mount  => nfs("server.example.org","/home");
}

######################################################################

body mount nfs(server,source)

{
mount_type => "nfs";
mount_source => "$(source)";
mount_server => "$(server)";
edit_fstab => "true";
}


Next: , Previous: Mount NFS filesystem, Up: Common issues

2.3 Name resolution

In cfengine 2 there is a separate action type for configuring the system resolver. In cfengine 3 this has been deprecated for this standard method using the basic functionality of cfengine. We write a reusable bundle using the editing features.

#######################################################
#
# Resolve conf
#
#######################################################

bundle common g # globals
{
vars:

 "searchlist"  slist => { 
                        "search iu.hio.no", 
                        "search cfengine.com" 
                        };

 "nameservers" slist => { 
                        "128.39.89.10", 
                        "128.39.74.16",
                        "192.168.1.103"
                        };
classes:

  # This sets a class if we are in the name server list

  "am_name_server" expression => reglist("@(nameservers)","$(sys.ipv4[eth1])");
}

#######################################################

body common control

{
any::

  bundlesequence  => {
                     "g",
                     resolver(@(g.searchlist),@(g.nameservers))
                     };   

}

#######################################################

bundle agent resolver(s,n)

{
files:

  # When passing parameters down, we have to refer to
  # a source context

  "$(sys.resolv)"  # test on "/tmp/resolv.conf" #

      create        => "true",
      edit_line     => doresolv("@(this.s)","@(this.n)"),
      edit_defaults => reconstruct;
 # or edit_defaults => modify
}

#######################################################
# For the library
#######################################################

bundle edit_line doresolv(s,n)

{
vars:

 "line" slist => { @(s), @(n) };

insert_lines:

  "$(line)";

}

#######################################################

body edit_defaults reconstruct
{
empty_file_before_editing => "true";
edit_backup => "false";
max_file_size => "100000";
}

#######################################################

body edit_defaults modify
{
empty_file_before_editing => "false";
edit_backup => "false";
max_file_size => "100000";
}


Next: , Previous: Name resolution, Up: Common issues

2.4 Postfix mail configuration

#######################################################
#
# Postfix
#
#######################################################

body common control

{
any::

  bundlesequence  => {
                     postfix
                     };   
}

#######################################################

bundle agent postfix

{
vars:

 "prefix"     string => "/etc";
 "smtpserver" string => "mailx.example.org";
 "mailrelay"  string => "mailx.example.org";

files:

  "$(prefix)/main.cf"     
          edit_line => prefix_postfix;

  "$(prefix)/sasl-passwd" 
          create    => "true",
          perms     => system("0600","root"),
          edit_line => AppendIfNSL("$(smtpserver) _$(fqhost):chmsxrcynz4etzefabj9frejizhs22");
}

#######################################################
# For the library
#######################################################

bundle edit_line prefix_postfix

{
#
# Value have the form NAME = "quoted space separated list"
#
vars:

  "ps[relayhost]"                  string => "[$(postfix.mailrelay)]:587";
  "ps[mydomain]"                   string => "iu.hio.no";
  "ps[smtp_sasl_auth_enable]"      string => "yes";
  "ps[smtp_sasl_password_maps]"    string => "hash:/etc/postfix/sasl-passwd";
  "ps[smtp_sasl_security_options]" string => "";
  "ps[smtp_use_tls]"               string => "yes";
  "ps[default_privs]"              string => "mailman";
  "ps[inet_protocols]"             string => "all";
  "ps[inet_interfaces]"            string => "127.0.0.1";

  "parameter_name" slist => getindices("ps");

delete_lines: 

  "$(parameter_name).*";

insert_lines:

  "$(parameter_name) = $(ps[$(parameter_name)])";

}

########################################################

bundle edit_line AppendIfNSL(parameter)
  {
  insert_lines:

    "$(parameter)"; # This is default
  }

########################################
# Library Bodies
########################################

body replace_with All(x)

{
replace_value => "$(x)";
occurrences => "all";
}

#########################################################

body perms system(x,owner)

{
mode  => "0640";
owners => { "$(owner)", "root" };
}



Next: , Previous: Postfix mail configuration, Up: Common issues

2.5 Tidying garbage files

Emulating the `tidy' feature of cfengine 2.

#######################################################
#
# Deleting files, like cf2 tidy age=0 r=inf
#
#######################################################

body common control

{
 any::

  bundlesequence  => { "testbundle" };   
}

############################################

bundle agent testbundle

{
files:

  "/tmp/test" 

    delete => tidyfiles,
    file_select => zero_age,
    depth_search => recurse("inf");
}

#########################################################

body depth_search recurse(d)

{
#include_basedir => "true";
depth => "$(d)";
}

#########################################################

body delete tidy

{
dirlinks => "delete";
rmdirs   => "false"; 
}

#########################################################

body file_select zero_age

#
# we can build old "include", "exclude", and "ignore" 
# from these as standard patterns - these bodies can
# form a library of standard patterns
#

{
mtime     => irange(ago(1,0,0,0,0,0),now);  
file_result => "mtime"; 
}


Next: , Previous: Tidying garbage files, Up: Common issues

2.6 Unmount NFS filesystem

#####################################################################
# Mount NFS
#####################################################################

body common control

{
bundlesequence => { "mounts" };
}

#####################################################################

bundle agent mounts

{
storage:

  # Assumes the filesystem has been exported

  "/mnt" mount  => nfs("server.example.org","/home");
}

######################################################################

body mount nfs(server,source)

{
mount_type => "nfs";
mount_source => "$(source)";
mount_server => "$(server)";
edit_fstab => "true";
unmount => "true";
}


Previous: Unmount NFS filesystem, Up: Common issues

2.7 Web server modules

The problem of editing the correct modules into the list of standard modules for the Apache web server. This example is based on the standard configuration deployment of SuSE Linux. Simply provide the list of modules you want and another list that you don't want.

#######################################################
#
# Apache 2 reconfig - modelled on SuSE
#
#######################################################

body common control

{
any::

  bundlesequence  => {
                     apache
                     };   
}

#######################################################

bundle agent apache

{
files:

 SuSE::

  "/etc/sysconfig/apache2" 

     edit_line => fixapache;
}

#######################################################
# For the library
#######################################################

bundle edit_line fixapache

{ 
vars:

 "add_modules"     slist => { 
                            "dav", 
                            "dav_fs", 
                            "ssl", 
                            "php5", 
                            "dav_svn",
                            "xyz",
                            "superduper"
                            };

 "del_modules"     slist => { 
                            "php3",
                            "jk",
                            "userdir",
                            "imagemap",
                            "alias"
                            };

insert_lines:

 "APACHE_CONF_INCLUDE_FILES=\"/site/masterfiles/local-http.conf\"";

field_edits:

 #####################################################################
 # APACHE_MODULES="authz_host actions alias ..."
 #####################################################################

    # Values have the form NAME = "quoted space separated list"

   "APACHE_MODULES=.*"

      # Insert module "columns" between the quoted RHS 
      # using space separators

      edit_field => quotedvar("$(add_modules)","append");

   "APACHE_MODULES=.*"

      # Delte module "columns" between the quoted RHS 
      # using space separators

      edit_field => quotedvar("$(del_modules)","delete");

   # if this line already exists, edit it  

}

########################################
# Bodies
########################################

body edit_field quotedvar(newval,method)

{
field_separator => "\"";
select_field    => "2";
value_separator  => " ";
field_value     => "$(newval)";
field_operation => "$(method)";
extend_fields => "false";
allow_blank_fields => "true";
}


Previous: Common issues, Up: Top

3 Best practice

Table of Contents