Great answer Aleksey! I can just add that, 2000 hosts per hub is a pessimistic estimate of the worst case scenario where you have bi-directional traffic (in the commercial version, which collects regular 5 minute monitoring and reporting data) and there is database replication going on for mission critical redundancy. All of these things add performance burdens that increase the cost of scaling.
Be careful of scaling comparisons made with other tools that typically throttle at 5-10 times slower update rates because of limitations in their software. That said, CFEngine *can* scale to the largest sizes, and it is the cheapest solution in terms of resources needed. Large scaling is a delicate engineering challenge, so no canned answers will fit every case. The special topics guide on scaling might help you, Jason. M On 04/14/2012 06:09 AM, Aleksey Tsalolikhin wrote: > On Fri, Apr 13, 2012 at 4:48 PM, Jason wrote: >> I've done a fair amount of reading on CFEngine 3, and I see references >> that it can scale, but I don't see how it can scale into the 100,000 + range. > Hi, Jason. Welcome and thanks for your interest. > >> Can CFEngine 3 support a distributed enterprise (Like the U.S. Army) with >> upwards of 1,000,000 nodes? > Yes, it can. It's designed to do so. Scalability is one of > CFEngine's characteristics > >> One of my specific concerns with scalablity is the capacity of each Hub, >> which >> seems to be around 2,000 clients. > Capacity varies based on policy size and whether you're transfering > binaries/packages in addition to the policy files. Additionally the > frequency of > clients connecting to the servers is a big factor -- one of the way CFEngine > networks can scale is by reducing the polling frequency, which, by default, > is every 5 minutes. Also there is a random sleep interval after > the scheduled run time (every 5 minutes) - the sleep interval is random > each time, between 0 and "splaytime" (which is 1 minute by default) -- you can > crank up splaytime to 5 minutes, and that reduces how many clients are hitting > the server concurrently. > > Practically speaking, a couple of CFEngine servers can handle tens of > thousands > of clients. Not theoretically speaking, mind you, but actually, in > production. > >> Another concern is the promise.cf file, which >> it seems would have to maintained separately for each major organization. > CFEngine is based on a model of voluntary cooperation which allows each major > organization to maintain their own policy set, or to subscribe to a > "global policy set" > while adding their own policy set to it. There is a lot of flexibility in the > CFEngine model, it's written from the ground up with the idea that there may > be > multiple departments/organizations involved and i t canaccommodate that in > various ways (via dynamic list of input files and dynamic list of groups of > promise bundles to run). > >> Another concern is reporting. Can this product really do rollup reporting >> for 1 >> million clients and servers? > That's an enterprise edition feature, I'll let the folks from CFEngine, Inc. > or > somebody with more Nova experience than yours truly answer that. > I've been running community edition and am looking forward to upgrading > to Nova this month. > > Again, welcome to the community. I've found the list to be VERY helpful. > > Yours, > Aleksey > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine -- CTO and Founder CFEngine http://www.cfengine.com http://www.markburgess.org Twitter: @markburgess_osl, @CFEngine_news _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
