[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Configuration Nightmare
|
From: |
Cory Omand |
|
Subject: |
Configuration Nightmare |
|
Date: |
Tue, 25 May 2004 07:41:50 -0700 |
Hello,
I'm attempting to set up a (relatively) small set of servers using
cfengine, and am having some (relatively) great difficulty in getting
the configuration to work as expected.
I followed through the two articles on ONLamp, and got the basic files
set up. I also went through the official cfengine tutorial, and saw a
great many things that were not addressed in the ONLamp article. I
actually managed to get the basic configuration off the ground using the
tutorial, but when I tried to recreate the same configuration using the
ONLamp examples, nothing works anymore -- at least nothing that requires
the cfengine_server group.
My primary issue at the moment is the following group definition, as
described in the ONLamp article:
# cfservd.conf
groups:
cfengine_server = ( server )
control:
cfengine_server::
AllowConnectionsFrom = (
<ip range>
)
TrustKeysFrom = (
<ip range>
)
...
The article does say that it is difficult to tell which variables are
user set, and which are standard cfengine variables. It does not
describe whether 'server' is one of these internal variables, or whether
it is something I'd need to set accordingly. I set it accordingly to my
server's FQDN:
groups:
cfengine_server = ( my.server.fqdn )
No matter if I leave it as 'server' or if I leave it as 'my.host.fqdn',
any control or actions are ignored on all servers, including the actual
cfengine_server machine. I've enabled the most insane debug level, and
it still gives me no clear clue as to why this variable is not matching
whatever it's trying to match...
Secondary issues:
1) I'm not clear, after having read through the tutorial, reference
guide, and the ONLamp articles, how the configurations are handled. If
I set a class like cfengine_server in cfservd.conf, is it automatically
made available to cfagent.conf and update.conf? The ONLamp article uses
the cfengine_server class across cfagent/cfservd/update.conf files...
This is cfengine 2.1.3 on Solaris 9. I am using the following config:
#
# update.conf
#
control:
actionsequence = ( copy directories links tidy )
domain = ( ExecResult(/usr/bin/domainname) )
TrustKeysFrom = ( 192.168.1.1 )
!cfengine_server::
SplayTime = ( 5 )
any::
workdir = ( /var/cfengine )
configroot = ( /cfengine )
server = ( my.server.fqdn )
copy:
$(configroot)/config/cfengine dest=$(workdir)
recurse=inf
ignore=CVS
server=$(server)
directories:
$(workdir)/bin
links:
$(workdir)/bin/cfagent -> /usr/local/tools/sbin/cfagent
tidy:
$(workdir)/outputs pattern=* age=7
#
# cfservd.conf
#
groups:
cfengine_server = ( my.server.fqdn )
control:
cfengine_server::
AllowConnectionsFrom = (
192.168.1.0/24
)
TrustKeysFrom = (
192.168.1.0/24
)
admit:
/var/cfengine/ppkeys/localhost.pub *
cfengine_server::
/cfengine *
#
# cfagent.conf
#
control:
domain = ( ExecResult(/usr/bin/domainname) )
workdir = ( /var/cfengine )
configroot = ( /cfengine )
import:
cfengine_server::
cvs.cf
any::
stdproc.cf
# cvs.cf
control:
actionseqeuence = ( shellcommands )
shellcommands:
"/bin/sh -c 'cd /cfengine; cvs update -d >/dev/null 2>/dev/null'"
# stdproc.cf
control:
actionsequence = ( processes editfiles )
processes:
"cfservd" restart "/usr/local/tools/sbin/cfservd"
"cfexecd" restart "/usr/local/tools/sbin/cfexecd"
editfiles:
{ /var/spool/cron/crontabs/root
AppendIfNoSuchLine "0 * * * * /usr/local/tools/sbin/cfexecd -F"
}
{ /etc/services
AppendIfNoSuchLine "cfengine 5308/tcp"
}
##### END OF FILES #####
Any assistance is greatly appreciated!
Regards,
C.
--
______________________
C. Omand
Sun Microsystems, Inc.
- Configuration Nightmare,
Cory Omand <=