Intoduction

CFEngine controls the configuration of many systems in the aglt2 cluster. The configuration settings are stored in an svn repository to aid in versioning and multiple user collaboration. The repository can be viewed online at https://ndt.aglt2.org/viewvc/cfengine/

Modifying existing configuration

In this tutorial we will modify the CFEngine configuration for the DNS servers by adding entries for a new UPS and push the results to them. The configuration is stored in an SVN repository. The SVN repository can be checked out and modified from any machine in the aglt2 cluster.

svn co svn+ssh://root@ndt.aglt2.org/cfengine/trunk

In this example we will use a copy of the repository that is already checked out. ssh into the cfengine server and enter the cfengine directory.

ssh root@msucfe.msulocal

cd /var/cfengine/svn-trunk

Here there are several directories. Here we are interested in masterfiles and tools.

First we enter the directory of the files of interest and edit them

cd masterfiles/stash/bind9/var-named/

Add the following line to rocks.domain (Note that it is ordered alphabetically by hostname):

ups-118-1 A 10.10.142.148

Then add the following line to reverse.rocks.domain.142.10.10

148 PTR ups-118-1.msulocal.

The serial number must be updated. Run the following script to automatically update it based on the date and time:

/var/cfengine/svn-trunk/masterfiles/stash/bind9/var-named/serial-touch.sh

Now we can push the changes to the server.

cd /var/cfengine/svn-trunk/tools

sh make-prod.sh

CFEngine should pull the new configuration to the DNS server within a couple of minutes, but a pull can also be initiated manually. In another terminal, ssh into the DNS server

ssh root@msuinfo.msulocal

The CFEngine log file can be checked in /var/cfengine/promise_summary.log

cat /var/cfengine/promise_summary.log

To force an update, use

cf-agent -K

Now in the original terminal, check that the DNS is working properly.

ping ups-118-1

When you have verified that the changes have been successful, commit the changes to SVN.

cd /var/cfengine/svn-trunk/

svn commit -m "Added DNS entry for rack 118 UPS"

Pushing changes to the server

The CFEngine server itself requires a slightly different process to commit changes to. Begin by logging in as root.

> $ ssh root@msucfe

> # sh /var/cfengine/svn-trunk/tools/make-master.sh

> # cf-agent -K

Improvements

Needs a better way to test updates before production deployment.

-- JamesKoll - 09 Nov 2012
Topic revision: r4 - 27 Nov 2012, JamesKoll
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback