-
Notifications
You must be signed in to change notification settings - Fork 67
Policies and Sketches
The CFEngine Design Center contains two types of content (Policies and Sketches) as well as a collection of useful management tools.
CFEngine policies and promises are core concepts in CFEngine. A promise is a statement, written in plain text, using the CFEngine language, that describes the desired state of a system, and a policy is a collection of one or more related promises. In CFEngine the cf-agent is constantly checking on systems and using policies to ensure that a system's promises are kept.
If your infrastructure includes MySQL, Apache, or Wordpress you'll need a policy that tells CFEngine where files are installed, and how services are started. CFEngine reads this detailed policy file and understands how to install, configure, and manage each component. Learning the syntax of policy files is essential for CFEngine users and this Design Center contains a collection of CFEngine policies to provide a starting point for executing complex tasks in CFEngine with little or no knowledge of the policy syntax.
Policy files are low-level configuration files that tell cf-agent what to do and when to do it. Policies are detailed definitions of promises alongside instructions for how to fulfill a promise. While Policies and Promises are the essential building blocks of CFEngine, by themselves they are not enough to enable sharing of common approaches to installing software.
For a higher level of configuration, the Design Center introduces a new concept - the CFEngine Sketch.
A CFEngine Sketch is a ready-to-use component containing a collection of one or more CFEngine Policies packaged with metadata to describe configuration parameters, dependencies, and other descriptive information such as who created a particular Sketch and the license for a particular Sketch. Using a Sketch is easy and sharing a Sketch is even easier - instead of copying a series of complicated policies into your own CFEngine configuration, you can reference a Sketch as a library and import it into your own CFEngine policies.
This ability to import a Sketch and reference it from your own CFEngine configuration gives you access to a library of reusable components without adding additional configuration to your own CFEngine projects. If you need to configure cron, MySQL, sshd, and an Apache Web Server, all of these are readily available Sketches that can be reused - you don't have to reinvent the wheel every time you need to use a common software component.
Sketches are organized into categories according to their functionality: web_servers, web_apps, security, and utilities are examples of categories you will find in the CFEngine Design Center. Most sketches are specialized for achieving a specific task or for maintaining a specific software package. Some software packages such as sshd may have single Sketch with a number of configurable parameters while some other software packages may grow to have multiple Sketches created for users with very distinct use cases.
The most important element of the CFEngine Design Center isn't an abstraction for capturing policies, promises, or sketches. The most important component in the CFEngine Design Center is the CFEngine community. This Design Center is the central resource that enables the community to come together and share ideas for how create smarter, more efficient approaches to software deployment and configuration.
If you have a good idea for configuring a software package, or if you see an improvement to an existing sketch, CFEngine invites you to contribute to this resource. As the Design Center is hosted on Github, contributing is easy: just fork the CFEngine Design Center repository and create custom sketches. Once you are ready, make a pull request. We look forward to your contributions.
A public repository for customizable CFEngine design patterns and code.