Forum: CFEngine Help
Subject: Re: Applying a promise to all hosts in a network from a single policy
server.
Author: phnakarin
Link to topic: https://cfengine.com/forum/read.php?3,24036,24041#msg-24041
You should have a promise to pull the files from the hub. This process
considers to be done before executing your main policy.
For example, I put an update promise in a file called failsafe.cf and my client
will pull the latest policy from hub:/var/lib/cfengine3/masterfiles to
clients:/var/lib/cfengine3/inputs
# Example contents of failsafe.cf
body common control
{
bundlesequence => { "update" };
}
bundle agent update
{
files:
"/var/lib/cfengine3/inputs"
comment => "Copy policy updates from master source on policy server",
copy_from => u_rcp("/var/lib/cfengine3/masterfiles","10.130.221.138"),
depth_search => u_recurse("inf"),
file_select => u_input_files;
}
###
body file_select u_input_files
{
leaf_name => { ".*.cf",".*.dat",".*.txt" };
file_result => "leaf_name";
}
body copy_from u_rcp(from,server)
{
source => "$(from)";
compare => "digest";
trustkey => "true";
!am_policy_hub::
servers => { "$(server)" };
}
body depth_search u_recurse(d)
{
depth => "$(d)";
exclude_dirs => { "\.svn" };
}
and run it such "cf-agent -f failsafe.cf && cf-agent -f promises.cf"
I don't use a package provided by Ubuntu, but CFEngine AS
(http://www.cfengine.com). I notice that a working directory is different.
(confusing for me indeeds) Anyhow, I would suggest to use a package from the
site because they introduce a simple way to bootstrap clients to the hub. You
would probably have your system (client-server) running in 5 minutes.
Cheers,
--Nakarin
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
