Distributed Systems Administration Utilities User's Guide, Linux, March 2009
Figure 2-1 cfengine Overview
1
3
4
5
2
cfexecd
cron
+ /var/opt/dsau/cfengine/inputs
-update.conf
-cfagent.conf
-cfservd.conf
-cfrun.hosts
+ /var/opt/dsau/cfengine/inputs
-update.conf
-cfagent.conf
-cfservd.conf
-cfrun.hosts
cfservd
cfservd
cfagent
cfrun
Master Server
Client
cfagent
cfexecd
cfron
Master Policy Files:
+/dir/cfengine_master/master_files/
-<reference files>
+/dir/cfengine_master/inputs/
-update.conf
-cfagent.conf
-cfservd.conf
-cfrun.hosts
1. The administrator is logged into the master configuration synchronization server and makes
a change to be propagated out to the managed clients, using the cfrun command. cfrun
checks the file cfrun.hosts for the list of managed clients. Note that the master server
can be a client of itself. In this diagram, there are two clients, the master server and a remote
client.
2. cfrun contacts cfservd on each managed client, which in turn invokes cfagent.
3. cfagent first checks the master server for an updated copy of theupdate.conf file and
transfers it to the client if needed.
4. If a standalone system is the master server, by default the master copy of update.conf is
located in /var/opt/dsau/cfengine_master/inputs/. The master copies of other
configuration files such as cfagent.conf, cfservd.conf, cf.main, and cfrun.hosts
are also located here. If the master server is a Serviceguard cluster, the master configuration
files are located in the mount point associated with the package. For example, if this mount
point is named csync, the path would be /csync/dsau/cfengine_master/inputs.
5. When copying the configuration files to the local system, cfagent places them in /var/
opt/dsau/cfengine/inputs for both standalone systems and clusters. cfagent first
evaluates the contents of update.conf in order to update any changed cfengine binaries
(if any) and gets the latest version of the policy files (cfagent.conf and related files).
cfagent then evaluates cfagent.conf to determine if the client is in the desired state. If
there are deltas, cfagent performs the defined actions to correct the client’s configuration.
2.2 cfengine Master Server Deployment Models
The cfengine master server can be a standalone HP-UX system servicing groups of distributed
clients. The clients can themselves be standalone systems or members of a Serviceguard cluster.
If you are already using a Systems Insight Manager central management server, this can be an
ideal system to use as a cfengine master server. Master servers can also act as clients and the
configuration synchronization tasks can be performed on these systems as well as the remote
clients.
If you are managing Serviceguard clusters, cfengine can be deployed strictly for intra-cluster use
to synchronize the members of a single cluster. In this configuration, cfservd is configured as
a package for high availability but the only cfengine clients are the cluster members themselves.
The package’s DNS name/IP address is the name for the cfengine master server.
In addition to providing configuration synchronization as an intra-cluster service, another
Serviceguard configuration has the cluster providing the highly available configuration
2.2 cfengine Master Server Deployment Models 19