Show posts tagged:
mission-portal

How to use a different ports for Mission Portal

Out of the box, Mission Portal uses port 80 for HTTP and 443 for HTTPS traffic. These ports are widely used for web services, which makes the initial setup straightforward. However, there are several reasons why you might want to change these default ports: Port conflicts: other services on your system might already be using ports 80 or 443. Security concerns: well-known ports are common targets for attacks. Compliance requirements: your organization’s policies might restrict the use of standard web ports. Changing default ports Note: The custom port configuration feature described below is available in CFEngine Enterprise master (nigthlies), 3.25.0 (to be released this winter) or later.

November 7, 2024

Change in behavior: CFEngine roles inventory attribute

This is a heads up to anyone upgrading to CFEngine 3.24.0 or newer versions, about a small change that can be considered a breaking change. In CFEngine versions prior to 3.24.0, the CFEngine roles inventory attribute showed up in Mission Portal with the value policy_server for the hub, and as (Not reported) for all the other hosts (clients). The technical reason for this was that the policy_server class was tagged with inventory,attribute_name=CFEngine roles. Now, (in 3.24.0+) the CFEngine roles attribute will show the roles Client, Policy server, and Reporting hub, as shown and explained below.

July 23, 2024

CFEngine 3.24 LTS released - Consistency

Today, we are pleased to announce the release of CFEngine 3.24.0! The code word for this release is consistency. This release also marks an important event, the beginning of the 3.24 LTS series, which will be supported for 3 years. Several new features have been added since the release of CFEngine 3.21 LTS, in the form of non-LTS releases. In this blog post we’ll highlight the most important features since the previous LTS release, even though some of them technically landed in intermediate non-supported releases.

July 22, 2024

Configure which hosts can participate in CFEngine infrastructure management

Two modules are available for this task: allow-all-hosts and allow-hosts. The first module, allow-all-hosts, configures the most open situation which is to accept hosts from anywhere. This is only recommended in network restricted environments such as a local machine’s virtual machine network or other such closed down situations. The second module, allow-hosts, uses cfbs module input to let you decide which hosts (specified by IP addresses and subnets) are allowed to connect to your hub, authenticate, fetch policy, etc. This is by far the more common scenario.

Posted by Craig Comstock
May 6, 2024

Show notes: The agent is in - Episode 36 - Upgrading to Enterprise

It’s easy to switch from Community to Enterprise. Craig demonstrates the process of migrating from Community to Enterprise and touches on using many of the available components and tools from cf-remote to cf-net and so much in-between. Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.

Posted by Nick Anderson
April 25, 2024

CFEngine 3.23 released - Anniversary

Today, we are pleased to announce the release of CFEngine 3.23.0! This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS. (CFEngine 3.24 LTS is scheduled to release summer 2024). The codename for this release is anniversary, as this year is CFEngine’s 30th anniversary. CFEngine was initially released in 1993, and to mark this special occasion we’ve created a limited edition anniversary coin:

December 6, 2023

Show notes: The agent is in - Episode 31 - Sneak peek of CFEngine 3.23

Join the team for a sneak peek of what’s coming in 3.23.0. Herman joins Cody, Craig and Nick to discuss what’s new in the upcoming release of CFEngine 3.23.0. We look at improvements to Groups in Mission Portal with easier ways to specify specific hosts that should or should not be part of the group based on reported attributes. This new functionality makes it much easier to affect change across a set of hosts without touching policy.

Posted by Nick Anderson
November 30, 2023

Show notes: The agent is in - Episode 29 - Basic Docker inventory with CFEngine

Ever been curious about Docker details or the cruft that has built up and could be cleared out? Craig, Cody, and Nick chat about some of the work Craig has been doing recently, using Docker in development and CI. Craig shows how to develop policy to inventory various Docker details like image names, counts of dangling images, and reclaimable disk space. Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.

Posted by Nick Anderson
September 28, 2023

Show notes: The agent is in - Episode 26 - Demo of CFEngine 3.22

Have you seen what’s new in CFEngine 3.22.0? Ole Herman Elgesem, CFEngine Product Manager joins Cody, Craig and Nick to give a tour of the changes in recently released CFEngine 3.22.0 Mission Portal. See how filters have been improved and how the new Groups feature makes it easier to affect change across your infrastructure and enforce package compliance with a new module, packages-allowlist-snapshot from CFEngine Build. Video The video recording is available on YouTube:

Posted by Nick Anderson
June 29, 2023

CFEngine 3.22 released - Coordination

Today, we are pleased to announce the release of CFEngine 3.22.0! The focus of this new version has been coordination. This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS. (CFEngine 3.24 LTS is scheduled to release summer 2024). What’s new New host filters The host filter from inventory reports have been upgraded. You can now add rules based on classes, such as linux, windows, redhat, ubuntu, xen, policy_server, cfengine_3_21, ipv4_172_31, etc:

June 16, 2023