-
Notifications
You must be signed in to change notification settings - Fork 5
Home
In the first stage The CFEngine Roadshow was just a small Debian host, a portable Intel NUC, that accomodated up to 20 virtual Debian servers on the local machine. This ran at The CFEngine Roadshow Maiden Voyage at Cohesion, October 9th 2014, by Martin Simons and Hans Spaans. It was then that Antal Lohmann suggested to make The CFEngine Roadshow an example Open Source showcase.
The second edition of The CFEngine Roadshow was at T-Dose October 26th in Eindhoven. The intention was to have an interactive mulitple platform demonstration, but the configuration was far from ready. We had Centos, Ubuntu, Debian and openSuse machines that were managed by CFEngine to a certain extent. The differences between the Linux flavors were not covered beyond very basic elements.
After October 26th Ted Zlatanov came into play and introduced the concept of having The CFEngine Roadshow setup on top of the standard masterfiles.
The goal of CFEngine Roadshow Team is to provide the following:
- A rich coherent setup of cooperating servers
- To support multiple platforms and offer support to add more platforms
- To have a dynamic setup, so that each and every node only receives policies that are relevant to the host
- To offer an interactive demonstration during which attendees are allowed to login to configured machines
- To offer interactive configuration so that attendees are allowed to have nodes configured by The CFEngine Roadshow policy Hub
The CFEngine Roadshow uses an arbitrary naming convention: rrrrooeddll# Where
- rrrr is a mnemonic for the role and thus the installed software
- oo stands for organisation
- e one letter for environment
- dd two letters for department
- ll two letters for location
- one digit for instance.
Example: Tomcat webserver running the sample app: tctswhpdclo1.example.com
- tcts stands for Tomcat Webserver running the standard sample application that comes with every install
- wh stands for Webhuis
- stands for production
- dc stands for data center
- sw stands for Schoolweg It is Open Source, so this can change whenever needed.
A strong host naming convention is of great value. The CFEngine Roadshow relied heavily on dynamic policies in the past, but by making use of variables that are present, be it implicitly or not, most of the policies are now collected by making use of:
- The role, derived from the name
- Platform policies, just by using the sys variables
- Organisation, environment, department ande location policies are derived from the hotname
There still is some dynamic in the policies. A role is implemented by components that are specified in the the. The agent is only able to collect those specific policies when executing the role.
The CFEngine Roadshow has two classes of servers:
- Utility servers, belonging to The CFEngine Roadshow set of cooperating servers
- Common nodes Common nodes all are accessible with the special private key available here: http://wiki.webhuis.nl/index.php/The_CFengine_Roadshow. Utility servers are only accessible with a private key only available to the inner circle.
The CFEngine Roadshow aims at offering support for single task nodes.
- Webserver
- Nameserver
- Database server
- nfs server
- File server
The CFEngine Roadshow supports complex roles though. For instance
- pdns nameserver with sql backend
- ips, Intrusion prevention gateway operating as a proxy
- Tomcat sample application, sample.war
- Husdon, useless if you are a CFEngine user
- Jenkins, useless if you are a CFEngine user
- TestWeb
- more apps will follow.
The CFEngine Roadshow will support the following webservers
- web, tomcat
- wjb, jBoss
- wap, Apache2 webserver
- wng, nginx webserver
- Mysql
- Postgresql
- MariaDB
- Powerdns (pdns)
- mysql backend
- postgresql backend
- mariaDB backend
- Sambaserver
- nfs server
- backup / recovery
First the generation script:
#!/bin/bash
lvcreate -L ${rvg_size} -n ${fqdn}-rvg ${lvm_root_vg}
pause 5
virt-install --connect qemu:///system -n ${fqdn} -r ${vm_mem_size} --vcpu=1 --disk path=${lvm_root_vg}/${fqdn}-rvg \
-l ${netboot} --os-type linux --os-variant ${debian} --accelerate --network=bridge:br0 --hvm --vnc --debug \
--extra-args "auto=true preseed/url=${preseed} netcfg/disable_dhcp=true netcfg/get_ipaddress=${ip} netcfg/get_netmask=${netmask}
netcfg/get_gateway=${gateway} netcfg/get_nameservers=${nameserver} hostname=${fqdn}"
echo "Domein generatie in gang" Feeding data to the script:
#!/bin/bash
export domU="debian8-master"
export rvg_size="2G"
export vm_mem_size="256"
export domein="webhuis.nl"
export fqdn=${domU}.${domein}
export netboot="http://mirror.webhuis.nl/debian/dists/jessie/main/installer-amd64"
export debian="debianwheezy"
export preseed="http://mirror.webhuis.nl/roadshow-preseed-noswap-jessie.cfg"
export ip="10.168.0.19"
export netmask="255.255.0.0"
export gateway="10.168.0.1"
export nameserver="10.168.255.254"
export lvm_root_vg='/dev/kvm-roadshow'
. /usr/local/bin/generate-domU.sh It can be observed that The CFEngine Roadshow uses very minimal servers. You can replace the install source by a mirror of your choice. The provided preseed file guarantees the creation of a really minimal images