Saturday, January 14, 2012

How to Install & Configure Cfengine (v3) on CentOS 6

In this short tutorial I will demonstrate how to quickly install and configure Cfengine (version 3.x) on CentOS 6 x64 box and also show a basic example of this great automation tool, let's get started:

First, install the needed pre-requirements (EPEL/RPMforge provide these):

#yum install openssl openssl-devel db4 db4-devel flex pcre pcre-devel openldap gcc -y

Next, download the latest version source (3.2.3 at the moment of writing) and install it:

#wget http://cfengine.com/source-code/download?file=cfengine-3.2.3.tar.gz -O /root/cfengine-3.2.3.tar.gz
#tar xvzf cfengine-3.2.3.tar.gz; cd cfengine-3.2.3/
#./configure
#make
#make install

Now we will create the needed folders for CF under /var to work as should ,we will  also copy all relevant binaries and configuration files:

#mkdir -p  /var/cfengine/{masterfiles,bin,inputs}
#cp -rp /usr/local/share/cfengine/masterfiles/*.cf /var/cfengine/masterfiles/
#cp -rp /usr/local/share/cfengine/masterfiles/*.cf /var/cfengine/inputs/
#cp -rp /usr/local/sbin/cf-* /var/cfengine/bin/

Test the installation with:
#cf-promises -v

On the last line output you should get:
cf3>  -> Inputs are valid

Now, in order to demonstrate Cfengine abilities we will create a new file under /tmp called "cftest" with premissions of 744 and owner root.

In order to do that we will create a special configuration input file under:
/var/cfengine/inputs, called cftest.cf

So, let's see what we got inside of the configuration file:



#cat /var/cfengine/inputs/cftest.cf

body common control
{
# Define a bundle sequence
bundlesequence => { "checkperms" };
# Include cfengine_stdlib.cf
inputs => { "cfengine_stdlib.cf" };
version => "1.0.0";
 }
bundle agent checkperms        
{
files:                   
"/tmp/cftest"
create => "true",                             
perms => m("744");
}

Let's verify it's syntax with cf-promise:
#cf-promise -f /var/cfengine/inputs/cftest.cf

We will see that there is no file called cftest under /tmp ,prior running cf-agent.
# ls -l /tmp/cftest
ls: cannot access /tmp/cftest: No such file or directory

Now for the run:
#cf-agent -f /var/cfengine/inputs/cftest.cf

Lets check what's under /tmp:
# ls -l /tmp/cftest
-rwxr--r-- 1 root root 0 Jan 14 01:14 /tmp/cftest


Great, the file was created with the right permissions, just as we wanted. 
This is just the most basic example, via Cfengine you can do much much more, more practical examples to come so stay tuned!

3 comments:

Anonymous said...

Great post..right to the point..thanks!!!

Anonymous said...

Thanks for this short howto, that's exactly what I was waiting :)

Anonymous said...

Works fine.. Great post

You told you would post later but u didn't :(