cluster:Cfengine/228/client
Contents |
Cfengine/228/client
Prepare
- Operating system
- Scientific Linux version 4.5 64 bit
Optimizing the configuration:
Use minimal operating system installation without firewall. To verify installed packages use the command
-
rpm -qa | grep package_name
Install the following additional packages:
-
yum -y install wget yum rpm make gcc gcc-c++ tar sed zlib openssl
After the installation is complete, turn off any unnecessary services (like gpm, sendmail, cups, haldaemon, messagebus, pcmcia, anacron, atd) with the following command:
-
chkconfig <SERVICE> off
Configure the following settings for the server:
- Additional software packages
- Berkeley DB version 4
- OpenSSL (openssl.i686 krb5-libs.i386 openldap.i386 cyrus-sasl.i386 compat-openldap.i386)
- Firewall configuration
Port 5308 should be open (how to open port in firewall).
administrator's script: prepare.sh
#!/bin/bash# prepare cfengine client for installation# Dependencies: You must have a working Berkeley DB (version 4)and OpenSSL installation,#with headers and library files.yum -y install db4
yum -y install openssl.i686 krb5-libs.i386 openldap.i386 cyrus-sasl.i386 compat-openldap.i386
exit 0
Install
The following steps are needed to install a Cfengine Client on all middleware frontends and worker nodes as root user:
administrator's script: install.sh
#!/bin/bash# install cfengine client# Set BASE_URL linkBASE_URL="http://mirror.scc.kit.edu/downloads/rpms/cfengine/2009.1"
# Download packages:cd /tmp
#When installing on a Scientific Linux client please use this Package Version:PACKAGE_VERSION="SL4.5/cfengine/cfengine-2.2.8-1.el4.rf.x86_64"
#When installing on a SuSe (SLES 10)client please use this Package Version:PACKAGE_VERSION="SLES10/cfengine/cfengine-2.2.8-15.1.x86_64"
# Installrpm -ivh ${BASE_URL}/${PACKAGE_VERSION}.rpm
# If you are installing the Cfengine Client on Scientific Linux you have to do the following:mkdir -p /var/cfengine/outputs
chmod go-rx /var/cfengine/outputs
# If you are installing the Cfengine Client on Suse (SLES10 SP1) you have to do the following:mkdir /var/cfengine/
mkdir /var/cfengine/inputs
mkdir /var/cfengine/outputs
mkdir /var/cfengine/ppkeys
chmod go-rx /var/cfengine/inputs
chmod go-rx /var/cfengine/outputs
chmod go-rx /var/cfengine/ppkeys
#generate a client key by using the '''cfkey''' command.
Configure
Note: cfengine server IP: xx.xx.x.xx, cfengine client IP: yy.yy.y.yy
administrator's script: configure.sh
#!/bin/bash# configure cfengine client# key exchange between server and client# copy server public key to client:scp root@xx.xx.x.xx:/var/cfengine/ppkeys/localhost.pub \
root@<b>yy.yy.y.yy</b>:/var/cfengine/ppkeys/root-xx.xx.x.xx.pub
# copy client public key to server:scp root@<b>yy.yy.y.yy</b>:/var/cfengine/ppkeys/localhost.pub \
root@xx.xx.x.xx:/var/cfengine/ppkeys/root-<b>yy.yy.y.yy</b>.pub
# copy the first configuration file from server to client:scp root@xx.xx.x.xx:/var/cfengine/masterfiles/inputs/update.conf \
root@<b>yy.yy.y.yy</b>:/var/cfengine/inputs/
# Start cfengine on client# first start of cfengine to get he whole configuration files from server to client:cfagent -q -v --update-only
# first start of cfengine to get the files which should be distributed:cfagent -q -v
cfshow --last-seencfshow --performanceexit 0
Proceed
To start/stop cfengine use the commands:
administrator's script: proceed.sh
#!/bin/bash# Start cfengine on client# first start of cfengine to get he whole configuration files from server to client:cfagent -q -v --update-only
# start of cfengine to get the files which should be distributed:cfagent -q -v
cfshow --last-seencfshow --performanceexit 0
Initial test
Try examining the output:
administrator's script: test.sh
#!/bin/bash# test cfengine server installation# Try examining the output:cfagent -p -d3
exit 0
Update
To update/reinstall/delete cfengine packages, use:
administrator's script: update.sh
#!/bin/bash#update cfengine# Reinstall packages:rpm -Uvh --force package-to-reinstall.rpm
# delete installation:rpm -evh --force package-to-delete.rpm
exit 0
