2010/2/9 Mark Burgess :
>
> Could be, you could try upgrading to svn
Tested with SVN rev 785 : no more "Body type mismatch" indeed. No more
conflict between body names and package_policy values. Great !
Frederic
___
Help-cfengine mailing list
Help-cfeng
Mark Burgess wrote:
>> It's hard to imagine something that can't be described in perl - or a
>> seasoned sysadmin that doesn't already know how to do it (perhaps badly,
>> but odds are good that 90% of the job can be done with existing CPAN
>> modules...). Suppose you need to work with a proce
Steve, thanks for good and helpful feedback.
M
st...@echo.id.au wrote:
> Hi List
>
> As a newbie just starting to understand CFEngine 3, I'd like to offer a
> couple of feedback points on the documentation, based on my progress to
> date.
>
> The "Getting Started" page offers little in the way
> It's hard to imagine something that can't be described in perl - or a
> seasoned sysadmin that doesn't already know how to do it (perhaps badly,
> but odds are good that 90% of the job can be done with existing CPAN
> modules...). Suppose you need to work with a process that exposes its
>
Actually, I can just stop talking at this point, as Justin just reads my
thoughts and a
nswers so eloquently! Thanks, Justin.
Justin Lloyd wrote:
> Cfengine 3 is young but I think that with a strong community, over time
> the COPBL will develop into something like what you're describing (or
> s
Les, this is what you are looking for, I believe
http://www.cfengine.org/cftimes/articles/21.html
It is a revamp of something we've tried before, but now we have the Cfengine
company
backing up the development, and much improved software.
Cfengine looks different from other languages b
You took the words right out of my mouth! :-)
What the cf-monitord (new v3 cfenvd) was designed to do with its Nova
extensions was to
eliminate the need for SNMP by providing Unix-like sensors based on file
streams and
regular expressions (the two things that make Unix infinitely superior to
a
Sorry, I'm a little late to the table, Justin is right that I don't see a
future for SNMP,
so there won't be any direct integration there (but still possible to use a
perl script or
something like that with cfengine and use the tools provided in cf-monitord).
Direct
writes to syslog and event v
Hi List
As a newbie just starting to understand CFEngine 3, I'd like to offer a
couple of feedback points on the documentation, based on my progress to
date.
The "Getting Started" page offers little in the way of useful information
for a beginner. Personally, I'm not interested in knowing that
Co
On 2/9/2010 5:28 PM, Justin Lloyd wrote:
> Cfengine 3 is young but I think that with a strong community, over time
> the COPBL will develop into something like what you're describing (or
> something more grassroots could emerge, much like CPAN did).
I don't think CPAN could exist without support f
Cfengine 3 is young but I think that with a strong community, over time
the COPBL will develop into something like what you're describing (or
something more grassroots could emerge, much like CPAN did).
As for the language, it's different because it's not a programming
language but a platform-inde
On 2/9/2010 4:23 PM, Justin Lloyd wrote:
>
> In a small team of admins, like mine, everyone will need to become a
> Cfengine admin and getting people accustomed to a particular model of
> system administration may find the transition to the Cfengine way of
> thinking could be a challenge.
As someo
On 2/9/10 2:16 PM, "Justin Lloyd" wrote:
> Syslog-ng is what we've historically used for centralized logging and
> I'll be revamping it with v3 later this year. Combined with a
> logwatching tool, it makes a powerful combination with an snmp-based
> monitoring tool. Intuitively, I like better the
I understand what Mark is saying, but there are two ways I can see of
looking at an "under the hood" analogy. Looking at the complexity of an
engine, that engine could either be the configuration engine itself
(i.e. Cfengine) or it could be the source code. Looking at Cfengine's
source, it's quite
Syslog-ng is what we've historically used for centralized logging and
I'll be revamping it with v3 later this year. Combined with a
logwatching tool, it makes a powerful combination with an snmp-based
monitoring tool. Intuitively, I like better the idea of remote
monitoring of Cfengine cf-execd pro
On 2/9/10 1:09 PM, "Justin Lloyd" wrote:
> Has anyone done any investigation into having a monitoring tool like
> Zenoss (which we use), Nagios, or OpenNMS watch for repairs? At the very
> least, centralizing at least some of Cfengine hosts' logs and using a
> log-watching tool like Swatch or Splu
We'll probably use Zenoss to ensure the proper Cfengine processes are
running, though maybe just the cf-execd processes since those in turn
can watch cf-serverd and cf-monitord. (How I wish Linux had something
like Solaris' Service Management Facility (SMF).) Along those same
lines, we'll make use
On 2/9/2010 3:09 PM, Justin Lloyd wrote:
> Has anyone done any investigation into having a monitoring tool like
> Zenoss (which we use), Nagios, or OpenNMS watch for repairs? At the very
> least, centralizing at least some of Cfengine hosts' logs and using a
> log-watching tool like Swatch or Splun
On Wed, Feb 10, 2010 at 8:09 AM, Justin Lloyd wrote:
> Has anyone done any investigation into having a monitoring tool like
> Zenoss (which we use), Nagios, or OpenNMS watch for repairs?
I use Nagios to capture the tail of promises.log. This is mainly to verify
that cfengine is in fact running (
Has anyone done any investigation into having a monitoring tool like
Zenoss (which we use), Nagios, or OpenNMS watch for repairs? At the very
least, centralizing at least some of Cfengine hosts' logs and using a
log-watching tool like Swatch or Splunk would be a step in the right
direction.
Team C
I just started skimming over the COPBL and wanted to perhaps kick off a
suggestions thread:
body depth_search infinite {
depth => "inf";
}
I couldn't think of a good name for this next one, but it would ensure
that only a single specified line of text is in a file, only deleting
what doesn't
On 2/9/10 9:11 AM, "Tim Cutts" wrote:
> On 9 Feb 2010, at 4:59 pm, John G. Heim wrote:
>> I have a couple of problems the biggest is that I don't know how to
>> get the
>> cfengine server to know that when I'm doing a reinstall, it has to
>> accept a
>> new key. When I run cfagent on the new inst
You need to study more before making a statement like this. It's like saying --
when I
lift the hood of my car I don't like seeing that the engine is complex. You
have no right
to make my engine complex.
I have been trying to encourage people to use a standard set of promise bodies
and *not*
q
On 2/9/10 10:30 AM, "Andrew J. Millar"
wrote:
>> bundle agent test
>> {
>> files:
>> "/root"
>> create => "true",
>> perms => m("700"),
>> file_select => folder(".ssh"),
>> depth_search => recurse("1");
>>
>> "/root/.ssh/authorized_keys"
>> create => "true",
>> perm
The trouble with this type of raw email notification is lack of
correlation and reliability. If the MTA is out of action you'll get no
notice. If the agent attempts repeated repairs repeated emails are
sent. This can be very disheartening.
As has been mentioned a monitoring and alerting syste
If you adapt to using the standard library, then you should not see any of
these "under
the hood" details. This is the way to go forward.
M
Andrew J. Millar wrote:
>> Might be something like this following;
>>
>> bundle agent test
>> {
>> files:
>> "/root"
>> create => "true",
>> per
>
> Might be something like this following;
>
> bundle agent test
> {
> files:
> "/root"
> create => "true",
> perms => m("700"),
> file_select => folder(".ssh"),
> depth_search => recurse("1");
>
> "/root/.ssh/authorized_keys"
> create => "true",
> perms => m("60
I appreciate the thoughtful responses. To restate one of my original
thoughts on this, in general Cfengine shouldn't be making a lot of
repairs, because a repair means something went wrong, for which the
underlying cause should be prioritized and investigated. There are of
course certain kinds of p
On Feb 9, 2010, at 5:55 PM, Andrew J. Millar wrote:
>
>
> If I add in depth_search include_basedir => "true", it changes the permissions
> recursively, which isn't what I want. How can I make this apply only to the
> directory I've specified in the same way it works fine for the authorized_key
>
On 9 Feb 2010, at 4:59 pm, John G. Heim wrote:
> Hi,
>
> I am trying to configure our automatic linux install system (Fully
> Automated
> Install or FAI) to do a mimimal debian linux install and then to run
> cfengine to install all of the config files and additional packages. I
> already have
Hi,
I am trying to configure our automatic linux install system (Fully Automated
Install or FAI) to do a mimimal debian linux install and then to run
cfengine to install all of the config files and additional packages. I
already have cfengine to do stuff like copying a ntp.conf file to the lin
Hi everyone
I'm struggling with managing permissions of a directory - my aim is to ensure
/root/.ssh has mode 700, but without needing to recurse through it. With a
promise such as the following, cf-agent states
cf3 -> Promise to skip base directory /root/.ssh/.
body common control {
bundleseq
Hi,
I'm trying to append an entry in the hosts file for the host that is
currently running CF Engine.
I've tried several different things but don't seem to be getting
anywhere, does anyone know how to do this?
For example:
10.10.10.10 host1.domain.name.com host1
10.10
Could be, you could try upgrading to svn
lefollfr wrote:
> Isn't it something similar to the problem described with variable
> declaration in Bug-cfengine thread "Bug when using a string variable
> with the same value as a perms body promise name" ?
> _
Isn't it something similar to the problem described with variable
declaration in Bug-cfengine thread "Bug when using a string variable
with the same value as a perms body promise name" ?
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cf
Jonathan Clarke wrote :
> It looks like you may need unique names for body and bundle items, even if
> they are of the same type...
Hello Jonathan,
Thank you for the reply.
But oops ... I notice that I wrote : package_method "update" ... where my
problem is with : package_policy "update".
In t
36 matches
Mail list logo
