I need to deploy cfengine in a multi-platform/os/site environment and
one of
The obvious tasks is to deploy files on all machines.
The idea was to set up a repository with a standard set of file
extensions per master file like
$repo/file.$(host)
$repo/file.$(domain)
$repo/file.$(os)
.
.
$repo/file
... and then use the same copy rules for files that differ between
platforms/sites
("hierarchical copy" in Cfengine2 jargon, Cfengine2s' "singlecopy=on").
I used this approach
With Cfengine2 (using variables as file extensions) successfully for
years - the most specific
file found in the repository is applied To the host.
The same can be accomplished in Cfengine3 (3.5.0p1 Community Edition)
with a repository
layout described above, "files_single_copy => { ".*" }" in "body agent
control" and the
following files: statement in site.cf:
files:
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(host)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(site)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(domain)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(osversion)-$(osarch)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(osversion)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile.$(os)");
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => fcopy("$(policyhost)",
"$(repo}/common/root/testfile");
No problem with that - the first file on the list that is found on
policyhost is applied to the machine, but
With more files of that type site.cf quickly becomes a pure writing
exercise (with the potential of
Introducing inconsistencies).
Now comes the question:
Thinking about the flexibility Cfengine3 is supposed to provide I assume
there is a more efficient way to
Use the same set of copy rules for many files (i.e. bringing the 7
statements per file down to one) like:
"/root/testfile"
perms => mug("0600", "root", "root"),
copy_from => mostspecific("$(policyhost)",
"$(repo)/common/root/testfile");
... where "mostspecific" iterates through the list of standard
extensions ($(host), $(site), $(domain) ...)
and falls back to "testfile" if a more specific file is not available.
Any glues on how to implement that ?
--
Christian Korschan
Network Administrator
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
