Hi everyone,
Recently we have been thinking about how to make initial steps with setting up CFEngine easier. One way of making CFEngine easier to set up is to remove the need to manually specify the IP address of the policy hub for bootstrapping a client. We decided to use Zeroconf service discovery implemented in Avahi library. This post will explain how this works.
Registering the Policy Server
First step after after setting up a Policy Server is to register it as a remote service using Avahi. All the user have to do is simply to execute cf-serverd with -A/–generate-avahi-config option. This will generate config file cfengine-hub.service in /etc/avahi/services and restart avahi-daemon to make the service visible in the network.
Bootstrapping client
This process is as easy as registering the Policy Server. Simply run cf-agent with -B/–bootstrap option. If no IP address is specified, cf-agent will automatically search for a Policy Server. Once the server registered in the network will be found, cf-agent will bootstrap to it automatically with out any further intervention from the user. In case there will be more than one Policy Server registered, list of available servers will be displayed and the user will be asked to bootstrap manually.
Limitations
Unless reflector mode is enabled in Avahi configuration, automatic bootstrap will be limited to local network. In the current state automatic bootstrap is meant to run only on Linux systems.
Dynamic libraries
We thought that the user should decide if this functionality will be enable or not. That is why Avahi is not bundled into the CFEngine packages. Instead if Avahi libraries are present in the system they will be automatically loaded during runtime. Cf-agent will look for libraries in standard install locations, depending on Linux distribution and architecture. In case the libraries are installed in different location, the user just needs to create environmental variable AVAHI_PATH and specify there location of libavahi-client. This variable will be used by cf-agent to load libraries.
