We are now happy to release the 6th update to the CFEngine 3.10 LTS series. This update comes with many important stability and performance improvements and is thus well worth the upgrade from an older version of 3.10 LTS. Looking at the CFEngine release schedule, we can see that CFEngine 3.10 LTS is maintained and supported until December 27th, 2019.That is the end of this year, so you should start planning on upgrading to CFEngine 3.12 LTS, or the upcoming 3.15.0 LTS that is scheduled to be released around the same time as 3.10 reaches its end of life. 3.10.6 LTS is a maintenance release (also known as a patch release), with the goal to increase the stability and reliability for CFEngine users and enable a safe upgrade path. As such, this release primarily includes bug fixes and low-risk changes that do not impact the compatibility between previous patch releases. Do you want to start contributing to CFEngine, but are unsure how? Here are some nifty tricks.
About a year ago, I wrote a small python script to automate installing and bootstrapping CFEngine on virtual machines in AWS. It had some hard coded IP addresses that I needed to update when I spawned new hosts, but other than that, it worked well. During manual testing, it saved me a lot of time instead of having to do things manually. Deploying CFEngine normally consists of these steps:
Determine what CFEngine package to use. Download appropriate package if you haven’t already - curl. Copy the package to the host - scp. Log into the host - ssh. Install the package - rpm / dpkg. Bootstrap CFEngine - cf-agent -B. At a company hackathon I decided to make my script into something better, something that would be useful to my colleagues, and maybe even CFEngine users in general. Enter cf-remote.
cf-runagent is a component for triggering remote agent runs using the CFEngine network protocol. It does not allow for arbitrary commands to be executed, but rather asks the remote host to run the policy it already has. To trigger cf-runagent from other systems or web interfaces, you want to be able to run it as non-root.
Install and bootstrap I will use cf-remote to set up a demo hub running CFEngine Enterprise 3.12.1:
CFEngine is very simple to set up and use, especially if all of the clients and the hub are going to be using the same promises. But what if there are certain things you want to enforce on a hub and not a client? What if there are certain things you want to enforce on a client but not on a hub? For example, if you are using the Git Setup, you want the hub to pull from the Git repository, but you don’t want the clients to do this. You want the hub to make those changes available to the clients only after it’s verified them. So how do you have a promise that only enforces on the hub, and not on a client? A simple solution is to use the am_policy_hub class to conditionally pull from Git if the server is a hub:
The CFEngine policy analyzer is an awesome new service introduced in CFEngine 3.13. The policy analyzer allows you to quickly debug policies and inspect what is going on under hood of CFEngine. A known challenge with CFEngine, and most DSL based automation tools, relates to understanding what is actually going on during live operations. Many users view it as “black-box magic”. Unfortunately, the amount of magic and the size of the black box increases with the level of automation. This is undesirable. Enter the policy analyzer.
This post was syndicated with permission from the original source.
CFEngine 3.12.0 introduced the augments key to the Augments file format. If you are not already familiar with Augments, check it out. It’s a very easy way to define classes and variables very early during agent execution, before policy.
The new augments key allows you to merge additional data in the augments format on top of the base augments. I However, there is, I think, still a simple way to accomplish this. This can provide a flexible way of providing different data to different sets of machines.
CFEngine 3.12.1 LTS has now been released. This release brings many stability and performance improvements to the 3.12 LTS series. It is a stable and well-tested version of CFEngine. We wish to extend a big thanks to the ecosystem that helps make CFEngine great by reporting bugs, contributing fixes and suggesting new and improved functionality. Without you, CFEngine would not be the powerful, high performance, widely used product we all appreciate today! We hope and think this release meets the high standards we know all our users have. That is why you chose CFEngine in the first place! This is a good time to start thinking about updating to 3.12, as this is the best and most long-term solution available. You can read more about our supported versions here, but in short, we can highlight that:
Today we are very happy to announce the release of CFEngine 3.13.0. This is a non-LTS release, introducing new features and functionality. There is a lot happening with CFEngine these days! This release is closely following last weeks release of CFEngine 3.10.5 LTS, and soon we will also release the next patch version of our 3.12 LTS series. So keep following our updates!
Contribute to CFEngine Did you know that CFEngine is a dual license open source project? And not only that, we are encouraging community contributions, and are always looking for ways to improve and grow our ecosystem. We encourage you to contribute and participate in the fun development of CFEngine! Do you want to start contributing but are unsure how?
This post was syndicated with permission from the original source.
How do you deal with config files that need different settings based on various services that are running on a host and cooperate with other teams? It’s a common question, and it came up on in #cfengine on libera.chat recently.
The issue is that team A might be working on package A, which requires some environment variables set. But team B might be working on a totally different thing – and want to achieve the same thing. I hoped to give them a bit of ’library’ code to take care of it, rather than have them touch a centralized environment-setting policy file.
Today we are very happy to announce the maintenance release of CFEngine 3.10.5. This is an update to the LTS 3.10 series, adding improved stability, several bug fixes and increased performance. 3.10 LTS is the successor of 3.7 LTS that, since August 2018, is no longer supported. We recommend everyone still using CFEngine 3.7 to upgrade to either 3.10 or 3.12. We are available to support you with such an upgrade if you need it. 3.10.5 LTS is a maintenance release (also known as a patch release), with the goal to increase the stability and reliability for CFEngine users and enable a safe upgrade path. As such, this release primarily includes bug fixes and low-risk changes that do not impact the compatibility between previous patch releases. Looking at the CFEngine release schedule, we can see that
