August 28, 2020

Using cf-remote to download and install CFEngine nightlies

This is a work related post. Nightly packages are very useful for testing new features of CFEngine. Right now, nightly packages can be used to test out these new features: Compliance Reports. Mission Portal Dark Mode. New host info page with variable pinning and copy buttons. Note that these features are in development, some parts may be unfinished or buggy. Nightly packages are not supported and should not be used in production environments. Read more

April 10, 2019

Running cf-runagent as non-root

I work at Northern.tech, developing CFEngine, a configuration management system. This is a work (CFEngine) related post. cf-runagent is a component for triggering remote agent runs using the CFEngine network protocol. It does not allow for arbitrary commands to be executed, but rather asks the remote host to run the policy it already has. To trigger cf-runagent from other systems or web interfaces, you want to be able to run it as non-root. Read more

March 18, 2019

Editing windows registry using PowerShell

CFEngine Enterprise supports Windows and Windows Registry manipulation. In CFEngine policy you can both read from and write to the registry. I needed a way to test these features, and I prefer ssh access over GUI, so I made this short reference. View See keys (folders) at a path: Get-ChildItem -Path "HKLM:\SOFTWARE\" See all properties (values) in key: Get-Item -Path "HKLM:\SOFTWARE\CFEngine\" See specific property in key: Get-ItemProperty -Path "HKLM:\SOFTWARE\CFEngine\" -Name "VERSION" Create Create a new key (folder) at a path: Read more

March 11, 2019

Introducing cf-remote: Tooling to deploy CFEngine

I work at Northern.tech, developing CFEngine, a configuration management system. This is a work (CFEngine) related post. About a year ago, I wrote a small python script to automate installing and bootstrapping CFEngine on virtual machines in AWS. It had some hard coded IP addresses that I needed to update when I spawned new hosts, but other than that, it worked well. During manual testing, it saved me a lot of time instead of having to do things manually. Read more

July 27, 2018

Using Systemd to ensure unit(s) run on one CPU core

This post is based on an excellent article from Red Hat: https://access.redhat.com/solutions/1445073 I’m a CFEngine developer, so this is a more work related post. CFEngine and Systemd In some performance critical situations, it makes sense to limit management software to a single CPU (core). We can do this using systemd and cgroups. CFEngine already provides systemd units on relevant platforms, we just need to tweak them. Tested using CFEngine 3.12 on CentOS 7. Read more

© Ole Herman Schumacher Elgesem 2019

Powered by Hugo & Kiss.