Recently support for Windows PowerShell was merged into the Enterprise Windows version of CFEngine. PowerShell is Microsoft’s enhanced shell, intended for more advanced system administration and programming tasks.
The change to CFEngine means you can seamlessly use PowerShell in your configuration policies, just like the normal “cmd” shell. It’s very easy, for example, say you have the following bundle:
bundle agent mybundle { vars: "mymessage" string => execresult("echo This is a message from cmd", "useshell"); reports: "$(mymessage)"; } This uses the regular “cmd” shell. To switch to PowerShell, just replace it with the following:
Over the last year we have changed the way we test our software from a manual process to a highly automated process. This new system is capable of taking a change from our source code repository and follow it all the way up to where we update our internal staging servers, thus giving us incredibly valuable information while keeping manual intervention to a minimum.
Overview Our test system consist of the following pieces:
If you are a programmer, you probably know and maybe even love the sprintf family of functions, which format output based on a format specification and on some input data. Here’s a description of the formats available in the GNU libc implementation.
I wrote an implementation called format() which will be in the upcoming 3.5.0 release. The format() function offers string and number formatting. To reduce the chance of security compromises, you can’t print pointer offsets or single characters for instance. The available specifiers are:
Last week, we revamped the way CFEngine formats output. You can continue to use the old output format by specifying the option –legacy-output (-l), but this is considered deprecated and may be removed in a future version.
The key features of the new output format is as follows.
Consistent look for all messages, as formatting is taken care of by the logger. Separate formatting for terminal, syslog, and (eventually) file. Attempts to follow conventions for formatting to separate sinks. ISO 8601 timestamps to terminal. Every statement is single line. No banners and decorations within messages. Conventions for how to write messages. Logging levels (e.g. specifying –verbose always implies –inform), aligning with syslog levels. Logging system knows about evaluation state and may format messages conditioned on what the CFEngine is currently trying to do. This is perhaps best illustrated by an example (in this case, written to terminal).
IT-organizations around the world face constant pressure to do more, do it faster and with fewer resources. They are seen as cost centers and as such benchmarked against the performance of nimbler competitors and the public cloud providers.
IT-organizations feel that pressure from multiple sources at the same time. The CFO compares his internal IT-budgets with the costs of public cloud offerings and demands comparable savings. The lines of business know they can get the latest applications and platforms within minutes in the public cloud and complain about the slowness of their internal IT department. And the end-users expect continuous availability of all IT-services. Add Moore’s law to describe the growth in scale and complexity of the IT infrastructure, and it becomes understandable why CIOs have the shortest tenure of all C-level executives.
Over the past month we have removed a bit of functionality for CFEngine. These were features that were useful (cf-report) and good ideas (knowledge management), but the implementation was either in an unfinished state or the design had unclear semantics (outputs promise type).
In order to get a smoother transition for existing policy, we have introduced GCC-style warnings for cf-promises, initially to warn users about removed or deprecated syntax. Deprecated syntax warnings signal that the feature will be removed in a future version, but is still functional with the current version. Removed syntax warnings signal that the feature has been removed.
Authored by Brian Bennett of Digital Elf
I’ve been working a lot with CFEngine newbies. CFEngine has been described as flour, eggs, milk and butter. All the ingredients needed to make a cake. Getting the new CFEngine user to recognize, then become excited about the possibilities that CFEngine provides they are now faced with the question of “What next?”
Indeed, anybody can throw some flour, eggs, milk and butter into a bowl, mix and bake it. But will it taste good?
The March snapshot release of CFEngine Community and Enterprise has just hit our webservers. The releases are called 3.5 Beta1 and 3.1 Beta1, respectively, and just as last month: this is work in progress.
Community Some low level changes have been introduced. It is now possible to have empty lists in policies, there is no need to use “cf_null” anymore.
We have continued our architectural work and we have changed FatalError for other less problematics error conditions along the code. This allows us to have a better error handling than what we used to have.
CFEngine is very easy to install – just one package per operating system if you are using one of the pre-compiled packages we provide for the Community or for Enterprise editions.
We wanted to bring an equally effortless experience to the task of starting CFEngine; bootstrapping a client to a policy server.
Previously, this has been done by running
/var/cfengine/bin/cf-agent --bootstrap --policy-server <IP> which looks simple enough. However, the problem is that bootstrap and policy server are tightly connected - it does not make much sense to run them independently (bootstrap was actually just a shorthand for -f failsafe.cf).
The February snapshot release of CFEngine Community and Enterprise has just hit our webservers. The releases are called 3.5 Alpha2 and 3.1 Alpha2, respectively, and just as last month: this is work in progress.
Community Those of you who keep track of the commits in our github repository or follow us on twitter will have noticed that the code refactoring has continued this month, and that some good things have happend in the wake of this:
