Ensuring a particular process is running on a system is a common task for a system administrator, as processes are what provide all services available on a computer system.

Using CFEngine to ensure certain processes are running is extremely easy.

1. Create the policy

Create a new file called ensure_process.cf:


body common control                                 ①
{
      bundlesequence => { "main" };
      inputs => { "$(sys.libdir)/stdlib.cf" };
}

bundle agent main
{
  processes:                                        ②
      "/usr/sbin/ntpd"
        restart_class => "start_ntpd";

  commands:                                         ③
    start_ntpd::
      "/etc/init.d/ntp start";
}

This example is designed to be run on an Ubuntu 12.04 system, and assumes the ntp package is already installed).

Let us quickly explain this code:

In ① we see the body common control construct, which instructs CFEngine to run the bundle named “main”, and to load the CFEngine standard library.

In ②, the processes: promise checks for the existence of a running process whose name matches the string “/usr/sbin/ntpd”. If the process is found, nothing happens. But if it is not found, the start_ntpd class (a class is a named boolean attribute in the CFEngine policy language which can be used for decision making) will be set.

Finally, in ③ we react to the existence of the start_ntpd class (which means the process was not found) by running the command “/etc/init.d/ntp start”, which starts the ntp process.

2. Testing the policy

First, we verify that the ntpd process is not running:


# ps axuww | grep ntp

Then we run our CFEngine file:


# cf-agent ./ensure_process.cf
2014-03-20T06:33:56+0000   notice: /default/main/commands/'/etc/init.d/ntp start'[0]: Q: "...init.d/ntp star":  * Starting NTP server ntpd
Q: "...init.d/ntp star":    ...done.

Finally, we verify that ntpd is now running on the system:


# ps axuww | grep ntp
ntp       5756  0.3  0.1  37696  2172 ?        Ss   06:33   0:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 104:110

Congratulations!

That’s it! Every time CFEngine runs the policy, it will check for the process, and if it’s not there, will start it. This is how CFEngine maintains your system in the correct, desired state.






Please help us improve:

12 1

Do you have ideas / feedback to share with us? Send feedback