Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU

141

142

143

144

145

146

147

148

149

150

Conﬁguring a System

Using Distributed Systems Administration Utilities

Chapter 3146

A new tool in this toolkit is Conﬁguration Engine (cfengine). cfengine

is a popular open source tool for conﬁguration synchronization. It allows

policy-based or goal-based conﬁguration management that allows the

administrator to deﬁne the management actions to be applied to groups

of systems so those systems reach a desired state.

cfengine is a client/server based tool. A central conﬁguration master

system or policy server hosts a conﬁguration policy ﬁle which deﬁnes the

management actions to be performed on each managed client. The

conﬁguration master also hosts the “golden image” ﬁles, or reference

copies of ﬁles that should be distributed to the clients. The administrator

can use cfengine to perform tasks such as:

• Ensure that client systems are using a correct set of conﬁguration

ﬁles by copying over reference ﬁles or directories.

• Disable inappropriately conﬁgured ﬁles on the client.

• Check ﬁle permissions, ownership, and track checksum changes.

• Edit ﬁles.

• Execute speciﬁed shell commands on each client.

• Check for processes or signal processes.

• Check for speciﬁc ﬁlesystem mounts.

A Conﬁguration Synchronization Wizard (csync_wizard) is available to

help the administrator quickly conﬁgure cfengine for managing a set of

distributed systems or conﬁguring it as a highly available service in a

Serviceguard cluster.

cfengine Overview

The administrator starts by deﬁning a central system or Serviceguard

cluster to act as the master conﬁguration server or policy server. The

Conﬁguration Synchronization Wizard (csync_wizard) is a user-friendly

front-end to the initial conﬁguration process. This central system will

house the master policy ﬁles (for example, cfagent.conf) which deﬁne

the desired conﬁguration policies, and also reference copies or master

copies of ﬁles that should be distributed to the managed clients.

Each managed client copies down the master copies of the policy ﬁles

from the central conﬁguration server and evaluates its current state

versus the desired state deﬁned by the policy ﬁle. Any differences cause

conﬁgurations rules to run in order to resynchronize the client.