Purpose: There is a lot to know about CFEngine, which can make it hard for people new to the subject. The purpose of this guide is to lay out the resources available to CFEngine students and to orient them to this body of knowledge to speed their journey into practical system automation with CFEngine 3.
The guide is based largely on the materials of cfengine.com with full gratitude to Mark Burgess for continuously raising the bar in the field of system administration.
Comments welcome, please email me.
- CFEngine Quickstart: a Quick Start Guide. Build and install from source; or install a package. Then either set up CFEngine to run from cron; or start learning by running individual examples.
- CFEngine 3 Concept Guide: an abbreviated version of the CFEngine tutorial. Topics include: Introduction – System automation; The components of CFEngine; Bodies and bundles; A simple crash course in concepts; Knowledge Management.
- Glossary of Terms
- Tutorial: Covers the following topics:
- CFEngine 3 Best Practices: A guide to CFEngine 3 best practices.
- Troubleshooting: A guide to debugging and reporting errors. The three common types of problems and how to handle them: CFEngine appears to hang; segmentation fault; memory leak. Common misunderstandings: CFEngine does not always work – only sometimes; I am seeing multiple cf-agents in the process table, building up.
- CFEngine Solutions: a Solutions Guide. Basic examples (copying files, restarting processes, etc.). High level solutions (adding users, setting up clusters, etc.). Lots of low level examples (reading from a TCP socket, setting up a PXE boot server, etc.). VERY USEFUL IN LEARNING CFENGINE.
- Reference Manual: Everything about CFEngine. Auto-generated from the source code. You’ll likely spend most of your time in the Bundles for agent section. INDISPENSABLE IN USING CFENGINE.
- Syntax: A companion to the Reference Manual, the syntax guide details all the parts of the CFEngine language and how they relate to each other. A must read for aspiring CFEngine gurus.
- Mark Burgess’s Introduction to CFEngine 3: four videos comprising Mark’s day class on CFEngine (find them at the top of the linked Training page):
- Introduction and motivation
- Understanding patterns and knowledge
- Client-Server basics
- Recap and the CFEngine landscape
- CFEngine 3 Practical Examples: A collection of practical examples to help learn CFEngine 3. Use “ls -1” to display them in order (they are arranged from basic to more advanced).
- CFEngine 3 Cookbook: A growing collection of practical examples well explained. Neil’s writing helped many sysadmins start with CFEngine 2 and 3.
CFEngine Policy Source Code Libraries
- CFEngine Community Open Promise-Body Library a.k.a. COPBL, a.k.a. cfengine_stdlib.cf). Please read the purpose of the COPBL
- Modular Bundles: intended as a library of CFengine promise bundles. Has not been updated in over a year.
- Orion Cloud Pack: another library of CFEngine promise bundles. Configure more than 20 popular services. (Intended to be used on Amazon EC2 but could work in lots of environments.) Has not been updated in 9 months. Also: demo video and documentation.
- Index of Third-party Shared Policies: CFEngine users have shared some policies outside the above libraries.
- CFEngine 3 Practical Examples: See “Learning CFEngine” above.
- CFEngine 3 Cookbook: See “Learning CFEngine” above.
- There is a large (and growing) number of guides on various topics: devops, file editing, adopting CFEngine, etc. Check Special Topics for the full list.
- Nova Quick Start Guide: helps you install Nova and gives an overview of the beautiful admin GUI (the “Mission Portal”).
- CFEngine Nova Technical Supplement: details Nova installation, admin GUI, and Nova capabilities:
- Business integration
- Monitoring extensions
- Database control
- File ACLs
- Server extensions
- Environments and workflows
- Content-Driven Policies (Community Edition can do this too)
- Windows-specific features
Video presentations demonstrating key capabilities of CFEngine Community and Enterprise editions. The below content is straight from www.cfengine.com:
|CFEngine and Change Detection – CFEngine offers extensive tripwire functionality. Combined with CFEngine auto-repair functionality you can ensure policy compliance on files and directories. In this video you will see how CFEngine detects file creation, file change and file deletion. Use CFEngine to secure your files and prevent unauthorized changes. With CFEngine you can keep track of all configuration changes and view them in detailed reports.|
|CFEngine and Apache Webserver – This demo shows you how CFEngine can manage one Apache webserver to ensure server availability and uptime. Use policies to define how to manage your webservers, and CFEngine will make sure your webserver are compliant with your policies. Avoid any downtime due to misconfigured or accidentally deleted files.|
|CFEngine and Windows Registry – This demo shows you how CFEngine can manage the Windows registry. With CFEngine you can make sure the registry always stays compliant with your policies. Manage the whole registry or just specific keys and / or key-values.|
|CFEngine and PXE Boot – CFEngine manages your servers and networks of machines throughout the life-cycle. Use CFEngine during the build and deploy phase by creating PXE-boot servers controlled and deployed by CFEngine. Based on policies you can turn any server into whatever configuration setting you like, independent of operating system and required services. This demo will show how to create a CFEngine PXE-boot server and then install Redhat on a clean machine using CFEngine. PS: This demo has sound.|
|The Orion Cloud Pack – Three Steps you need to bring reliability and efficiency to Managed Services running out of the Amazon Cloud. Set up and tear down machines as you like, and bring instant configuration and compliance, with self-healing to your business.|
|CFEngine Computer-Process Management – Use CFEngine to manage your computer-processes. Use application-availability policies to ensure uptime at all times. CFEngine starts, deletes and/or restart processes, all according to your policies. In this video we will show how CFEngine restarts a broken Apache-server. The demo will show how CFEngine can kill a process, and how it automatically (the CFEngine Agent) restarts the same process.|
|CFEngine DNS Resolver – This clip shows how cfengine can deal with a very common issue in network configuration: setting up the name-server bindings. DNS configuration is sometimes done by DHCP, but statically configured servers can be maintained by CFEngine directly. We show how CFEngine repairs a damaged configuration file to ensure the correct settings.|
- Command Reference: a summary of command line options for each CFEngine component.