Cfengine Help: Hostname based classes and virtual machines in Cfengine 3

Sat, 21 May 2011 02:40:11 -0700 

Forum: Cfengine Help
Subject: Hostname based classes and virtual machines in Cfengine 3
Author: dnaeon
Link to topic: https://cfengine.com/forum/read.php?3,22131,22131#msg-22131

Hello,

I know that this topic has been quite a lot discussed here, but my situation is 
a bit different :)

I'm running Cfengine 3 and to group my systems into classes I'm using the 
system's hostnames.

An example configuration I have is like this:


classes:

    "domain1" or => {
        classify("www-proxy.domain1.org"),
        classify("mysql.domain1.org")
    };

    "domain2" or => {
        classify("www-proxy.domain2.org"),
        classify("mysql.domain2.org")
    };

    "policy_servers" or => {
        classify("$(g.policyhost)")
    };


My Cfengine 3 setup runs under FreeBSD Jails - both policy servers and clients 
are inside FreeBSD Jails and it works fine as expected. The soft classes match 
the hostnames defined in the above configuration, promises are executed for the 
specific classes, etc..

The problem comes when you try to run Cfengine 3 on the host system itself. 
That is because when running cf-agent(8) on the host it defines the hard 
classes for all interfaces (which also include the jails interfaces) and the 
Jail's hostnames in the form of host_domain_org (for example mysql_domain1_org 
from the above configuration).

I know that this is a normal behaviour for the agent to define hard classes for 
the interfaces it discovers, but this also means that the host inherits classes 
which are not meant for it. 

For example my policy server (g.policyhost) is running on the same physical 
host that I want to have Cfengine 3 agent. When you run cf-agent(8) on the host 
machine, the host machine also inherits the soft class "policy_servers" and 
that messes up the configuration, because g.policyhost is running on the host 
machine. 

This is not relevant for FreeBSD jails only, but I know that for Linux vservers 
it's the same thing.

My question is - can we define a soft class based on the "real" hostname, for 
example "www.domain1.org", and not "www1_domain1_org" as Cfengine does? If that 
is possible then I think the host won't inherit the virtual machines classes as 
well, but only those for which it is defined to have.

Sorry for the long post :)

Any feedback is appreciated.

Regards,
Marin

_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to