On 9/22/10 10:29 AM, "Francisco Reyes" <li...@stringsutils.com> wrote:
> With lots of help from Michael Ciavarella I got an initial test setup going.
> The first thing that became obvious is that there wasn't a straightfoward
> way to define groups of machines for receiving certain tasks/files.
>
> Looking at the official tutorial at
> http://www.cfengine.org/manuals/cf3-tutorial.html#Decisions I see that one
> can do something like:
> "alt_class" or => { "linux", "solaris", fileexists("/etc/fstab") };
>
> Could one just use fileexists to define classes to target different machine
> types?
>
> For example creating:
> /cfengine-machine-type-smtp
> /cfengine-machine-type-web
> /cfengine-machine-type-db
>
> So each type of machine would only have one of the 3 files and then I would
> use fileexists to define the proper soft class for the machine.
>
> Is that a reasonable approach or is there some other better way to have
> groups of types of machines?
How many hosts? Machine types?
What you propose will work, but might not scale as you wish.
For starters (I know it is just boring semantics, sorry if it points out the
obvious) -- pick some central dir (beside /) to hold your semaphores (files)
lest your fs become untidy.
Determining a host's "role" by absence or presence of a file (perhaps
touched as part of your net-install/provisioning?) will work, but you could
also use RegCmp and hostname patterns (e.g. prod-ldap-master01)... There
are many possible implementations, but your idea is sound.
One thing I would suggest for any larger site (and any site will be larger
some day) is to build an inventory management database early on. Ours has a
notion of "role" derived from various things like location, environment,
product and purpose. We have a module that pulls this information from the
central database (caching locally for some period of time). Then if we want
to change the role of 100 machines, we don't need to manipulate files...just
run a SQL to update the database, and grab some coffee. We use import a
lot, so there is a minimal set of "common" policy which gets ran everywhere,
and the rest only runs on hosts matching specific roles.
--
Mike Hoskins : micho...@cisco.com : +1 (415) 506-UNIX (8649)
He knows not how to know who knows not also how to unknow.
-- Sir Richard Burton
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
