Show posts by author:
Dimitrios Apostolou

CFEngine at Configuration Management Camp 2016

CFEngine AS was present in the Configuration Management Camp that took place in Gent, Belgium the 1st and 2nd February of 2016. This is the event on open source configuration management tools, scheduled immediately following FOSDEM and is located close to Brussels, so it usually has thousands of attendants. This year’s main track topics mostly revolved around security, orchestration, and application containers. We had a separate room for CFEngine and Rudder related topics with an exciting schedule:

February 16, 2016

Securely deploying CFEngine on untrusted networks

CFEngine’s trust model is based on the secure exchange of keys. This exchange of keys between client and hub, can either happen manually or automatically. Usually this step is automated as a dead-simple “bootstrap” procedure: cf-agent --bootstrap $HUB_IP It is presumed that during this first key exchange, the network is trusted, and no attacker will hijack the connection. After “bootstrapping” is complete, the node can be deployed in the open internet, and all connections are considered secure. However there are cases where initial CFEngine deployment is happening over an insecure network, for example the Internet. In such cases we already have a secure channel to the clients, usually ssh, and we use this channel to manually establish trust from the hub to the clients and vice-versa.

April 22, 2015

Announcing new mailing list for developers: dev-cfengine

Dear CFEngine Community, we are proud to announce our new mailing list: dev-cfengine. Given that the contributions in both Core and Masterfiles repositories have been steadily increasing, the need for such a list became apparent. While patch submissions and code reviews will still be taking place using GitHub’s pull requests, this list serves the purpose of facilitating any other discussion on the development of CFEngine. We are looking forward to seeing the community being active on that list. In addition, we, the CFEngine developers, are planning to participate with all our discussions that do not touch on CFEngine Enterprise. Regards, CFEngine AS

October 20, 2014