[Server-devel] Configuration Management Automation : cfpull

[Mike Dawson]

Hi,

This has been on my agenda for a while but only recently got around to
doing it ...

What we need is a mass way of configuration XS servers and XO clients
that works even with limited connectivity and when the machine is
sometimes connected and sometimes not...

cfengine is a very nice promise based tool for automating
configuration management - lets one edit config files, install
packages, fonts, etc.  The problem is with it's copy files method that
has a key exchange that expects the key coming from a given IP to be
the same each time (which is of course incompatible with NAT
firewalls, or no Internet access whatsoever).  One can install
cfengine2 just using the normal rpm package.

I've just experimented with a very small 'as is' script I've made
called cfpull that is a client based configuration pull that mirrors a
directory over http using wget and then invokes cfengine.  Any client
could be given any different configuration directory (e.g. one
directory for servers to follow and another for the XOs).

This needs to be secured but that should be pretty easy to do using
https / wget key checking.

If one didn't have an Internet connection one could simply copy with a
USB stick etc. the files instead of doing the http mirror and the
configuration system would work all the same.

http://www.paiwastoon.af/cfpull
http://www.paiwastoon.af/cfpull-settings
http://www.paiwastoon.af/cfagent.conf (this is just a cfagent.conf
written for our office)

For the XO there could then  be a script put into network manager :
http://magazine.redhat.com/2008/07/22/networkmanager-secret-weapon-for-the-linux-road-warrior/

Which should then run cfpull at a random time in between when it is
connected and the average length of time that the XO would be
connected for so as to spread the load on the network...

Any ideas / requests welcome...

Regards,

-Mike