On 21 Jan 2010, at 9:00 am, Erlend Leganger wrote: > I have played with cfengine for a while and set up an environment > with about > 20 client machines.One day /var/cfengine/inputs was empty on one of > these > machines. I don't know why and it was easy to fix, but I wasn't > warned about > it - I came across it by accident. So, how many of my cfengine- > activated > clients do really run cfengine? I ended up visiting all of them and > found a > few more with problems - such a brute force method doesn't scale well. > > How do you monitor this? Maybe activate a policy from time to time > to send > an email to you? Analyse the log files to verify that all clients > check in > every hour (my clients are on an hourly cf-execd)? Use other tools > such as > ganglia/nagios/icinga? Any best practice here?
On my cfengine2 setup, I run a cron job on the policy server, which looks at the directory containing lastseen databases. There should be a lastseen database in there for each host that cfengine has ever seen. The script looks for any of these which haven't called in for more than 24 hours. It looks them up in DNS - if they don't exist in DNS, it assumes it's an old machine that has been decommissioned, and removes the lastseen database for it. Otherwise, it reports to me in a mail which machines have not reported in to cfengine in the last 24 hours. Something like this one, from last night: nmapi-test does not exist - removing # Hosts that have not run Cfengine client recently (21/2236) agressotraindb bc-9-1-01 dbdeskpro16379 ensdb-2-05 hpgen-1-04 isg-dev1 isg-dev2 isg-dev3-10g isg-dev4-10g mascot-1-10 mascot-1-11 mascot-1-12 mascot-1-14 ocs-dr02 sf-1-1-07 ssgtest1b ssgtest3 t70-lin vm-dhcp-32 webdbsrv4b where As you can guess from the names, most of these machines are test machines, so it's not surprising they're a bit broken. :-) Of course, this doesn't tell me how many machines we have which have *never* run cfengine. Regards, Tim -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
