Difference between revisions of "Cfengine: Getting started"
(No difference)
|
Latest revision as of 10:49, 22 November 2006
Contents
Building RPMS
cfengine is easy to build, either directly from source or from source RPMS. The src.rpm provided in the DAG repository builds, without patching, on SL3 i386 and SL4 x86_64.
Building an RPM will probably make deployment across your cluster easier.
Installing cfengine
Well, you know what to do with an RPM, don't you?
Toe in the Water
It's a good idea to take an isolated node and run cfengine here to play with what it can do before embarking on a cluster wide installation.
Create the file /var/cfengine/inputs/cfagent.conf:
control: any:: actionsequence = ( files links copy ) files: any:: # Check the ownership and mode of this file # touch action will create it if it does not exist /tmp/cfengine_is_good mode=0644 owner=root group=root action=touch links: any:: # Create a soft link /tmp/how_is_cfengine -> /tmp/cfengine_is_good copy: any:: # Copy a file /etc/group dest=/tmp/group
Now run cfengine:
node140:/var/cfengine/inputs# cfagent -qv Setting cfengine new port to 48148 Setting cfengine old port to 5308 Reference time set to Fri Nov 17 12:26:39 2006 GNU Configuration Engine - 2.1.20 Free Software Foundation 1994- Donated by Mark Burgess, Faculty of Engineering, Oslo University College, Norway ------------------------------------------------------------------------ Host name is: node140.beowulf.cluster Operating System Type is linux Operating System Release is 2.4.21-47.ELhugemem Architecture = i686 Using internal soft-class linux for host linux The time is now Fri Nov 17 12:26:39 2006 ------------------------------------------------------------------------ Additional hard class defined as: 32_bit Additional hard class defined as: linux_2_4_21_47_ELhugemem Additional hard class defined as: linux_i686 Additional hard class defined as: linux_i686_2_4_21_47_ELhugemem Additional hard class defined as: linux_i686_2_4_21_47_ELhugemem__1_SMP_Thu_Jul_20_09_37_25_CDT_2006 GNU autoconf class from compile time: compiled_on_linux_gnu Address given by nameserver: 10.141.0.140 Interface 1: lo Interface 2: eth1 Trying to locate my IPv6 address Looking for environment from cfenvd... Loading environment... Environment data loaded cfengine:node140: No preconfiguration file $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ * (Changing context state to: update) * $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Looking for an input file /var/cfengine/inputs/update.conf (No file /var/cfengine/inputs/update.conf) Finished with /var/cfengine/inputs/update.conf Skipping update.conf (-F=0) $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ * (Changing context state to: main) * $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ --------------------------------------------------------------------- Loading persistent classes --------------------------------------------------------------------- --------------------------------------------------------------------- Loaded persistent memory --------------------------------------------------------------------- Looking for environment from cfenvd... Loading environment... Environment data loaded Looking for an input file /var/cfengine/inputs/cfagent.conf Finished with cfagent.conf Defined Classes = ( 10_141_0 10_141_0_140 32_bit Day17 Friday Hr12 Hr12_Q2 Min25_30 Min26 November Q2 Yr2006 any beowulf_cluster cfengine_2 cfengine_2_1 cfengine_2_1_20 cluster compiled_on_linux_gnu entropy_cfengine_in_low entropy_dns_in_low entropy_dns_out_low entropy_ftp_in_low entropy_ftp_out_low entropy_icmp_in_low entropy_icmp_out_low entropy_irc_in_low entropy_irc_out_low entropy_misc_in_low entropy_misc_out_low entropy_netbiosdgm_in_low entropy_netbiosdgm_out_low entropy_netbiosns_in_low entropy_netbiosns_out_low entropy_netbiosssn_in_low entropy_netbiosssn_out_low entropy_nfsd_in_low entropy_nfsd_out_low entropy_smtp_in_low entropy_smtp_out_low entropy_ssh_out_low entropy_tcpack_in_low entropy_tcpack_out_low entropy_tcpfin_in_low entropy_tcpfin_out_low entropy_tcpsyn_in_low entropy_tcpsyn_out_low entropy_udp_in_low entropy_udp_out_low entropy_www_in_low entropy_www_out_low entropy_wwws_in_low entropy_wwws_out_low i686 ipv4_10 ipv4_10_141 ipv4_10_141_0 ipv4_10_141_0_140 linux linux_2_4_21_47_ELhugemem linux_i686 linux_i686_2_4_21_47_ELhugemem linux_i686_2_4_21_47_ELhugemem__1_SMP_Thu_Jul_20_09_37_25_CDT_2006 net_iface_eth1 net_iface_lo node140 node140_beowulf_cluster redhat scientific scientific_sl scientific_sl_3 scientific_sl_3_0 ) Negated Classes = ( ) Installable classes = ( no_default_route ) Global expiry time for locks: 120 minutes Global anti-spam elapse time: 1 minutes Extensions which should not be directories = ( ) Suspicious filenames to be warned about = ( ) Accepted domain name: beowulf.cluster LogDirectory = /var/cfengine Loaded /var/cfengine/ppkeys/localhost.priv Loaded /var/cfengine/ppkeys/localhost.pub Checksum database is /var/cfengine/checksum.db Default binary server seems to be node140 Reference time set to Fri Nov 17 12:26:39 2006 ********************************************************************* Main Tree Sched: files pass 1 @ Fri Nov 17 12:26:39 2006 ********************************************************************* Checking file(s) in /tmp/cfengine_is_good cfengine:node140: Cannot access file/directory /tmp/cfengine_is_good cfengine:node140: Creating file /tmp/cfengine_is_good, mode = 644 Saving the setuid log in /var/cfengine/cfagent.node140.beowulf.cluster.log ********************************************************************* Main Tree Sched: links pass 1 @ Fri Nov 17 12:26:39 2006 ********************************************************************* cfengine:node140: Linking files /tmp/how_is_cfengine -> /tmp/cfengine_is_good ********************************************************************* Main Tree Sched: copy pass 1 @ Fri Nov 17 12:26:39 2006 ********************************************************************* Checking copy from localhost:/etc/group to /tmp/group cfengine:node140: Object /tmp/group had permission 600, changed it to 644 Saving the setuid log in /var/cfengine/cfagent.node140.beowulf.cluster.log --------------------------------------------------------------------- Alerts --------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++ Summary of objects involved ++++++++++++++++++++++++++++++++++++++++ global update main
We ran cfengine with the flags -v, which made it verbose, and -q which made it 'quick' (not quiet!), meaning we told cfagent to run right away. When you have many, many nodes controlled by cfengine you'll use a Splaytime to make cfengine sleep for a random interval before running, so as not to overload the server, so it's worth knowing that the -q flag switches this off and gets cfengine to run right away.
The important thing to notice is the actions which cfengine took in the files, links and copy sections - here it carried out the instructions we had given it in cfagent.conf.
Note that the configuration file is divided into sections, the innermost stanzas with single colons (like files:), then there are class specifiers, the things which end in double colons, which restrict the following statements to that class of machines (of course, every client is always in the any: class). Following the class specfiers come statements that make cfengine do something.
Playing Around
Using the other cfengine documentation sources, you can play around with other things that cfengine can do:
Linking to the current Java SDK
control: any:: actionsequence = ( links ) scientific_sl_3:: java = ( j2sdk1.4.2_12 ) links: scientific_sl_3:: /usr/java/current -> /usr/java/$(java)
Define a variable pointing to the java sdk on SL3 and make a link to /usr/java/current. Note here the use of a class meaning that SL4 machines would not do this. You can see the extensive list of classes defined "for free" by cfengine by looking at the Defined Classes = section of the cfagent output above.
Editing Files
control: any:: actionsequence = ( editfiles ) torque:: torquesvr = ( 10.141.255.16 ) editfiles: torque:: { /var/spool/pbs/mom_priv/config AutoCreate AppendIfNoSuchLine "$pbsserver $(torquesvr)" }
In this case, for machines in the class torque, we ensure that the correct MOM configuration line exists, giving the IP of the torque server.
Defining Classes
In the above example torque is not a pre-defined class, so we'd want to add a group: section, which is where we tell cfengine which machines are in this class;
group: worker = ( HostRange(node,1-100) ) ce = ( svr016 ) torque = ( worker ce )
Here all hosts node001, node002, node003, node004, ... node100 are defined to be in the worker class, host svr016 is in the ce class and torque is the aggregation of these two classes.
Note that machines can be, and are, in many classes. In addition to the "for free" cfengine classes above, host001 will be in the worker class and in the torque class.