When working with CFEngine, it’s common to hear advice about separating data from policy. Separating data from policy allows for separation of concerns, delegation of responsibilities and integration with other tooling. Each organization is different, and a strategy that works well in one environment may not work as well in a similar environment of another organization, so CFEngine looks to provide various generic ways to leverage external data. For example, Augments (def.
CFEngine is well suited for use in IoT environments due to it’s portability, size, and performance. There already exists a meta layer for including the CFEngine community client and Masterfiles Policy Framework in Yocto Project builds. This enables developing policy to:
ensure a service stays running track changes to important files monitor a value over time for normalcy Let’s walk through bringing up a qemu environment with CFEngine and ensure that a few basic things work: ensure the udev service stays running, tracking changes to important files like /etc/group and a look at monitoring capabilities.
Manually managing groups on a large infrastructure can be a tedious task, and is therefore best suited through automation software like CFEngine. Unfortunately - at time of writing - CFEngine does not have any built-in promise types for managing groups. But fear not; in CFEngine 3.17, custom promise types were introduced. This new exhilarating feature does not only allow for members of our community to make their own custom promise types, but also lets the CFEngine Core developers prototype new future promise types.
Come see what’s new in CFEngine policy management!
Herman (Product Manager) introduces and demonstrates new tooling, the CFEngine Build System (cfbs). cfbs is a command line tool to facilitate policy management and consuming modules written by others.
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
Using modules, you can add custom promise types to CFEngine, to manage new resources. In this blog post, I’d like to introduce some of the first official modules, namely git and systemd promise types. They were both written by Fabio Tranchitella, who normally works on our other product, Mender.io. He decided to learn some CFEngine and within a couple of weeks he’s contributed 3 modules, showing just how easy it is to implement new promise types.
Interested writing CFEngine policy faster?
Jeff (CFEngine Community user) demonstrates his YASnippet library for CFEngine to make writing CFEngine policy significantly faster.
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
Links Jeff Carlson’s YASnippet library for CFEngine Connect on LinkedIn w/ Cody, Craig, or Jeff Carlson All Episodes
Today, we are pleased to announce the release of CFEngine 3.18.0! The focus of this new version has been extensibility. It also marks an important event, the beginning of the 3.18 LTS series, which will be supported for 3 years.
Several new features have been added since the release of CFEngine 3.15 LTS, in the form of non-LTS releases. In this blog post we’ll primarily focus on what is new in 3.
Interested in seeing promise results (KEPT, REPAIRED, NOTKEPT) overlaid on top of the policy itself?
Craig (Digger) and Nick (Doer of Things) kick off the new series, “The agent is in” and take a look at the policy analyzer in CFEngine Enterprise Mission Portal.
Video The video recording is available on YouTube:
At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees.
I have a setup at home where I keep a local git server running on a Raspberry Pi 3 which contains personal/work journal, dotfiles and a personal policy repository. It was set up manually so before adding a new git repository for a family password store I set about retrofiting the configuration in CFEngine. The goal in this blog is to ensure that what I have already is managed by CFEngine and that what I want to add, /srv/git/passwords.
CFEngine 3.17.0 introduced custom promise types, which enable CFEngine users to extend core functionality and policy language in a simple way. As an example of the power and simplicity of this new feature, I will show a promise type that helps to observe a website’s status. The module which implements this promise type was written in a couple of hours.
Creating a promise type for whether a site is up We will use Python and the CFEngine library to implement a promise module.
