Re: Cfengine Help: How to configure a client machine to contact the policy server and downloads updates?

I'm using the Nova version of Cfengine, but perhaps it's the same in the community version. When I want to add a client, I would bootstrap it to the policy server: cf-agent -B -s And they do a key exchange to enable a trust relationship. I believe it works the same way - go to Section 2.6 of

Re: Feature Request: Directing cfengine to an IP:Port (like bindtointerface?)

nario to > make sure we understand > > M > > On 12/16/2010 04:03 PM, Deb Heller-Evans wrote: >> Seva, >> >> Yes, I think that's it. >> I wonder how hard it would be to add this functionality... >> >> deb >> >> On 12/16/10 6:53 AM, Sev

Feature Request: Directing cfengine to an IP:Port (like bindtointerface?)

ime for the feature request? > > 2010/12/16 Deb Heller-Evans: >> Thanks, Seve! Sorry, that was a typo on the port number. But, I think I >> didn't make my point very well. Let me try again. >> >> I am not wanting to change the port number. I need to direct communic

Re: Directing cfengine to an IP:Port (like bindtointerface?)

e VPN-GW + >> PortNumber (representing the target host) which will ultimately be >> directed to port 5306 on the target host. >> >> bintointerface in agent seems to be the closest to what I need, but it >> doesn't seem to have the ability to also assign a port

Re: MAX_FD complaints

Thanks! That helps. deb On 11/7/10 3:37 PM, Frans Lawaetz wrote: > As far as I know this is a bug with cf-execd where it does not release > file descriptors and eventually runs out of them. I have a weekly cron > job to restart cfengine3 services as a work around (non-ideal). > I haven't upgra

MAX_FD complaints

this complaint would be helpful... Thanks! -- Deb Heller-Evans1 Cyclotron Road Computer Systems Engineer Berkeley, CA 94720 ESnet http://www.es.net/ Desk: 510/495-2243 ___ Help-cfengine mailing list Help-cfengine@cfe

Multi-homed clients and authentication

Does anyone here have experience with multi-homed clients and authentication? I have a case whereby a client has two network interfaces, one is accesible as a management network interface, and one is not. For example, rainier-mgt.some.com - management, accessible via ssh; interface is NOT

Re: Nagios checks for cf-serverd

Yup. Talking to myself here... :-) I seem to have solved this by including the nagios probing hosts in the acl slist... If anyone has any better ideas, please let me know! On 8/20/10 9:56 AM, Deb Heller-Evans wrote: >Hi Guys, > > We use nagios to check port 5308 to make sur

Nagios checks for cf-serverd

Hi Guys, We use nagios to check port 5308 to make sure that cf-serverd is responding. However, each time that the port is checked, /var/log/messages records the probe: Aug 20 09:06:17 proserver cf-serverd[4356]: Not allowing connection from non-authorized IP 198.128.3.36 How can we allow

Re: tcpread help

Elegant! Thanks for sharing! Kind Regards, deb ツ Deb Heller-Evans1 Cyclotron Road Computer Systems Engineer Berkeley, CA 94720 ESnet http://www.es.net/ Desk: 510/495-2243 On Mon, 15 Mar 2010 14:26:24 -0700, Aleksey Tsalolikhin wrote: > Dear Neil, > >

Re: Version control best practices?

We're using a similar approach here with SVN, although we divvy the dir trees up between groups - Engineering and Systems Administration. I would like to pose a follow-on question to Jessica's: Using your favorite repository software (insert subversion, Bazaar, or whatever here), we would h

Re: Email notification of repairs

s to scale well over hundreds of systems, without the necessity of email floods. Haven't yet coupled Nagios with Cfengine, but it's on my horizon. Kind Regards, deb Deb Heller-Evans 1 Cyclotron Road Computer Systems Engineer Berkeley, CA 94720 ESnet http://www.es.net