Recently we introduced new feature where you can trigger agent runs and report collection from the Mission Portal UI.
This required our daemon cf-execd to behave a bit differently when periodic agent runs occur. Previously the daemon would create a new thread in which to run cf-agent, capture output, wait for completion and move on.
We changed the behavior so that the daemon forks itself and then fork/execs cf-agent as before, with the forked cf-execd processing agent run output. When the agent is finished the forked cf-execd process is left a zombie/defunct. The daemon wakes up every minute to see if it should do an agent run. The next time the original daemon cf-execd “wakes up” it will clean up that defunct forked cf-execd.
A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.
Interested in extending the CFEngine DSL to support your own custom promise types?
Herman (Product Manager) walks us through implementing custom promise type in python.
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
This year, we are improving CFEngine’s ease of use, so it should come as no surprise that we need to rethink our documentation site. For software like CFEngine, great documentation is not just “nice to have”, but a must for our users, both beginners and experienced.
CFEngine has helped DevOps teams to automate their day-to-day tasks and make better decisions by providing a holistic overview of their systems. Part of our responsibility is to help users quickly understand how to conduct standard jobs while giving them insight into the possibilities of the product and features they might find useful next.
Looking to be more efficient writing CFEngine policy?
Nick Anderson (Doer of Things) walks us through setting up Spacemacs for CFEngine. Get syntax highlighting, on the fly error checking, function prototypes, integration with the venerable org-mode and more!
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
In the upcoming CFEngine 3.20 release we are making a change in the behaviour of the create attribute for the files promises that manage the entire content of a file. This includes promises with the template methods mustache, inline_mustache and cfengine; as well as promises with the content attribute.
The motivation behind these new changes is two-fold; make it easier to learn CFEngine policy language and understand what policy is doing, and to prevent CFEngine from creating empty configuration files.
A recent change in the Masterfiles Policy Framework (MPF) is renaming bundle agent main to bundle agent mpf_main.
This change is intended to make it easier to run individual parts of your policy leveraging the library main bundle functionality (bundle agent __main__).
Library main bundles were first introduced in CFEngine 3.12.0. The functionality allows for the definition of bundle agent __main__. When this bundle definition is present in the policy entry (the first policy file that CFEngine reads) the bundle is understood to be used as the default bundlesequence.
The CFEngine team is pleased to announce a competition for students in Norway. We want you to write a module in Python, and submit it to CFEngine Build. Your module will be Open Source (MIT License), available for our community of users worldwide. CFEngine is a programming language, and modules can be added to do whatever the user needs, so the possibilities are endless. You can look at some examples for inspiration at the end of this blog post.
Databases are great for data processing and storage. However, in many cases it is better or easier to work with data in files on a file system, some tools even cannot access the data in any other way. When a database (DB) is created in a database management system (DBMS) using a file system as its data storage, it of course uses files on the given file system to store the data. But working with those files outside of the DBMS, even for read-only access to the data stored in the DB, is practically impossible. So what can be done if some setup requires data in files while at the same time, the data processing and storage requires a use of a DB(MS)? The answer is synchronization between two storage places – a DB and files. It can either be from the DB to the files where the files are then treated as read-only for the parties working with the data, or with modifications of the files being synchronized to the DB. In the former setup, the DB is the single source of truth – the data in the files may be out of sync, but the DB has the up to date version. In the latter setup, the DB provides a backup or alternative read-only access to the data that is primarily stored in the files or the files provide an alternative write-only access to the DB. A two-way synchronization and thus a combination of read and write access in both places, the DB and the files, should be avoided because it's very hard (one could even say impossible) to properly implement mechanisms ensuring data consistency. Both between the two storages, but even in each of them alone.
Looking to be more efficient writing CFEngine policy?
Michael Bolen (Founder, CISOfy and author of Lynis) gives us some history on Lynis (including how to pronounce it, spoiler it’s “lee nus”). Nick Anderson (Doer of Things, Northern.tech) shows off reporting Lynis scan findings with CFEngine Enterprise and the lynis CFEngine build module.
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
