This policy ensures that memory_limit in php.ini is configured properly but the pattern is generically useful for any INI style config. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 bundle agent php_customiztions { meta: (policy_server|am_policy_hub).enterprise_edition:: "tags" slist => { "autorun" }; "description" string => "Tune php fo 60k hosts in Mission Portal"; vars: "php_ini[PHP][memory_limit]" string => "256M"; files: policy_server.
This tip comes from my good friend Aleksey Tsalolikin. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 bundle agent main { vars: # Creae a map of interface to MAC # Generate a classic array # Iterate over known interfaces, define interface as key and MAC as value "iface2mac[$(sys.interfaces)]" string => "$(sys.hardware_mac[$(sys.interfaces)])", meta => { "inventory", "attribute_name=$(sys.interfaces) MAC" }; reports: "$(sys.
It looks like ifvarclass is one of few places in CFEngine that does not automatically canonify: Is there a reason why ifvarclass – which takes a variable by design – does not automatically canonify that variable before checking if there’s a matching class? Yes, it's true that ifvarclass, and it's aliases if and unless do not automatically canonify when checking a class. Historically there was no automatic canonfication in cfengine.
How can I purge a package using the apt_get package_module? policy => purge doesn't work. present and absent are the package states, purge is an option for package manager. You should be able to use the options attribute since the apt_get package module supports it. 1 2 3 4 5 6 7 8 9 10 bundle agent main { packages: # Purging a package using the --purge option "screen" policy => "absent", package_module => apt_get, options => { "--remove" }; } Note that you can use any Configuration Item as well:
How can I make cfengine do things during a specific time window? You can find "time based classes" in the cf-promises --show-classes output, they are easily identified because they are tagged with time_based. For example: 1 cf-promises --show-classes | grep time | Day2 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Afternoon time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Day2 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Hr14 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Hr14_Q1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Lcycle_1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_March time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Min10 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Min10_15 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Q1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Thursday time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | GMT_Yr2017 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Hr08 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Hr08_Q1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Hr8 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Lcycle_1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | March time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Min10 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Min10_15 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Morning time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Q1 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Thursday time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | | Yr2017 time_based | cfengine_internal_time_based_autoremove | source=agent | hardclass | You can guard your promise with a time based class expression so that it can only execute during the 7:00 hour.
How do I format and convert time strings? The strftime() function takes unix epoch format as input and can format the time using the standard strftime templates. 1 2 3 4 5 6 7 bundle agent main { reports: "$(with)" with => strftime( localtime, "%FT%R:%S%Z", now() ); } R: 2018-01-27T15:47:14CST Output current time in ISO 8601 format Unfortunately there is currently no native way to convert from other inputs formats.
> Can we use uid/gid to set permissions instead of username and groupname? Yes, you sure can. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 bundle agent main { files: # Here we use username and groupname "/tmp/example" create => "true", perms => mog( "600", "root", "root" ); # Here we use uid and gid "/tmp/example" perms => mog( "600", 1000, 136 ); } body perms mog(mode,user,group) # @brief Set the file's mode, owner and group # @param mode The new mode # @param user The username of the new owner # @param group The group name { owners => { "$(user)" }; groups => { "$(group)" }; mode => "$(mode)"; } Example (/tmp/perms-example.
> Does CFEngine provide tool to render a mustache template? No, CFEngine doesn't have a standalone tool to render mustache. This online demo is a good place to quickly prototype a simple template and data set. Another option is to use a stand-alone policy file. Name the file whatever you like. It looks for json in a file named the same suffixed with .json, it looks for a mustache template named the same suffixed with .
Anyone interested in organizing Kansas Linux Fest in 2018? In 2016 and 2017 KLF was hosted in Wichita KS at Wichita State University. The prior two years organizers are a bit burned out and are taking a break. <ben_roose> Hi nickanderson, Sadly at the moment there is not a KLF 2018 planned. The few of us who created KLF 2017 are rather burned out and need a break this year :-( <ben_roose> However, if we can find some new people who are willing to take it on either in Wichita or somewhere else in Kansas, then we would be more than happy to assist in the infrastructure side and to consult as part of the conference …but as of now, we have not found any one new who wishes to take on this task for KLF 2018
Why doesn't body action if_elapsed work with vars type promises? Let's start with the details of body action if_elapsed. 1 2 3 4 5 6 7 body action if_elapsed(x) # @brief Evaluate the promise every `x` minutes # @param x The time in minutes between promise evaluations { ifelapsed => "$(x)"; expireafter => "$(x)"; } body action if_elapsed from the standard library The ifelapsed action body attribute is the number of minutes before next allowed assessment of a promise.