SlideShare a Scribd company logo

What is new in CFEngine 3.6

RUDDER
RUDDER

This talk will introduce new CFEngine 3.6 features, we have these bullet points: User promises TLS protocol Math expressions Dynamic inputs New language functions Tags Data containers File templating Presentation by Kristian Amlie of CFEngine, given at CfgMgmtCamp 2014 in Ghent

TechnologyEducation
1 of 34
Download to read offline
What is new in CFEngine 3.6 www.cfengine.com
What is new • • • • • • • • User promises TLS protocol Math expressions Dynamic inputs New language functions Tags Data containers File templating
User promises
User promises • A new promise type • Manage local users on hosts • Make promises about user characteristics • UID • Group membership • Home directory • Password • Shell • Description
User promises - Example bundle agent my_bundle { users: “joe” policy => “present”, group_primary => “users”, groups_secondary => { “printers”, “db_users” }, home_dir => “/nfs/home/joe”, home_bundle => setup_home_dir(“joe”); }
TLS protocol
TLS protocol • • • • Industry standard security protocol All traffic is fully encrypted Transparent to the user Old protocol • Deprecated, but still supported • Can be turned off after upgrade is complete
Math expressions
Math expressions • New math evaluation function: eval() • Works on strings • String contains expression to evaluate • Example: eval(“ceil($(sys.cpus) / 4)”) • Previously required shell script
Math expressions • Accepts common math operators: +, -, *, / • Some less common ones too: ^, **, % • Many common math functions • ceil, floor, log10, log2, log, sqrt, sin, cos, tan, asin, acos, atan, abs, step • Mathematical constants • e, log2e, log10e, ln2, ln10, pi, pi_2, pi_4, 1_pi, 2_pi, 2_srqtpi, sqrt2, sqrt1_2 • SI-units: K, M, G, T, P
Dynamic inputs
Dynamic inputs • 3.5: • Input files can only be defined in promises.cf • Inconvenient; all file additions require editing promises.cf • 3.6: • file control bodies can contain input files • Body can be specified once per file • body file control { inputs => “input_file.cf”; }
Dynamic inputs - Example • promises.cf body common control { inputs => { “input_file.cf” }; } • input_file.cf body file control { inputs => { “nested_input_file.cf” }; }
New language functions
New language functions • findfiles(glob1, glob2, ...) • Returns a list of files that match glob pattern • makerule(target, sources) • Determines whether target needs to be rebuilt from sources • Inspired by the Unix make program • packagesmatching(...) • Returns list of installed packages • List can be filtered by name, version and architecture
New language functions • canonifyuniquely(test) • Convert a string into a legal class name • Unlike canonify, name is guaranteed to be unique. • Useful when making class names from a list of files • bundlesmatching(regex, tag1, ...) • Returns bundles matching criteria • Result can be used in a methods promise • Very powerful together with findfiles
bundlesequence - Example • bundle common global { vars: “policies” slist => findfiles (“/var/cfengine/inputs/*.cf”); “bundles” slist => bundlesmatching (“.*”, “production”); } body common control { inputs => { @(global.policies) }; bundlesequence => { @(global.bundles) }; }
New language functions • Plenty of others • data_readstringarray • readjson • data_readstringarrayidx • storejson • datastate • string_downcase • datatype • string_head • getclassmetatags • string_length • getvariablemetatags • string_reverse • max • string_tail • mean • string_upcase • mergedata • variablesmatching • min • variance • parsejson
Tags
Tags • Labels that you can attach to bundles and promises • Certain functions can filter based on tags • bundlesmatching • classesmatching • variablesmatching
Tags - Example • bundle agent my_bundle { meta: ### Bundle tags “tags” => { “experimental” }; vars: ### Variable tags “db_server” string => “106.54.21.90”, meta => { “mysql”, “trusted” }; classes: ### Class tags “experimental” expression => “any”, meta => { “tier_spec” }; }
Data containers
Data containers • Structured containers (JSON) • “container” data => parsejson('[ { “user”: “joe”, “groups”: “users” }, { “user”: “jack”, “groups”: “admins” }, ]'); • reports: “$(container[1][user])”; • --> R: jack
Data containers • Can read JSON files • readjson(filename, maxbytes) • Or fields from a text file • data_readstringarray (filename, comment, split, maxentries, maxbytes) • data_readstringarrayidx (filename, comment, split, maxentries, maxbytes) • Convert back to JSON • storejson(data_container)
Data containers - Example • records.txt: • joe,/nfs/home/joe,Joe Smith jack,/home/jack,Jack Jensen • Resulting JSON after data_readstringarrayidx • [ [ “joe”, “/nfs/home/joe”, “Joe Smith” ], [ “jack”, “/home/jack”, “Jack Jensen” ] ]
Data containers - Example • records.txt: • joe,/nfs/home/joe,Joe Smith jack,/home/jack,Jack Jensen • policy.cf: • vars: “users” data => data_readstringarrayidx (“records.txt”, “”, “,”, 10, 4000); “index” slist => getindices(“users”); users: “$(users[$(index)][0])” home_dir => “$(users[$(index)][1])”, description => “$(users[$(index)][2])”, policy => “present”;
File templating
File templating • New templating engine: Mustache • Based on the Mustache templating language • http://mustache.github.io/
File templating - Example • promises.cf: • files: "/etc/motd" edit_line => motd_edit, edit_defaults => empty; } bundle edit_line motd_edit { insert_lines: “Welcome to this CFEngine managed machine.”; “This machine pulls policy from $(sys.policy_hub).”; } • Result: • Welcome to this CFEngine managed machine. This machine pulls policy from 10.80.80.1.
File templating - Example • promises.cf: • files: "/etc/motd" edit_template => "template.mustache", template_method => "mustache"; • template.mustache: • Welcome to this CFEngine managed machine. This machine pulls policy from {{vars.sys.policy_hub}}. • Result: • Welcome to this CFEngine managed machine. This machine pulls policy from 10.80.80.1.
Miscellaneous • cf-serverd allows distinct key/IP/hostname access controls • New “shortcut” constraint in server policy allows non-absolute paths in copy_from promises • New log format • Many new built-in variables: • sys.uptime, sys.masterdir, this.promiser_ppid, ... • LMDB replaces Tokyo Cabinet as database backend • Calls to execresult and returnszero are now cached instead of executing repeatedly
Questions? www.cfengine.com
Questions? • • • • • • • • User promises TLS protocol Math expressions Dynamic inputs New language functions Tags Data containers File templating www.cfengine.com
Thank you! www.cfengine.com

Recommended

11 advanced replication
11 advanced replication11 advanced replication
11 advanced replicationdarwinodb
 
26 io -ii file handling
26 io -ii file handling26 io -ii file handling
26 io -ii file handlingRavindra Rathore
 
Course 102: Lecture 8: Composite Commands
Course 102: Lecture 8: Composite Commands Course 102: Lecture 8: Composite Commands
Course 102: Lecture 8: Composite Commands Ahmed El-Arabawy
 
Mastering the MongoDB Javascript Shell
Mastering the MongoDB Javascript ShellMastering the MongoDB Javascript Shell
Mastering the MongoDB Javascript ShellScott Hernandez
 
Kicking ass with redis
Kicking ass with redisKicking ass with redis
Kicking ass with redisDvir Volk
 
Mastering the MongoDB Shell
Mastering the MongoDB ShellMastering the MongoDB Shell
Mastering the MongoDB ShellMongoDB
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Shell Tips & Tricks
Shell Tips & TricksShell Tips & Tricks
Shell Tips & TricksMongoDB
 

Recommended

11 advanced replication
11 advanced replication11 advanced replication
11 advanced replicationdarwinodb
 
26 io -ii file handling
26 io -ii file handling26 io -ii file handling
26 io -ii file handlingRavindra Rathore
 
Course 102: Lecture 8: Composite Commands
Course 102: Lecture 8: Composite Commands Course 102: Lecture 8: Composite Commands
Course 102: Lecture 8: Composite Commands Ahmed El-Arabawy
 
Mastering the MongoDB Javascript Shell
Mastering the MongoDB Javascript ShellMastering the MongoDB Javascript Shell
Mastering the MongoDB Javascript ShellScott Hernandez
 
Kicking ass with redis
Kicking ass with redisKicking ass with redis
Kicking ass with redisDvir Volk
 
Mastering the MongoDB Shell
Mastering the MongoDB ShellMastering the MongoDB Shell
Mastering the MongoDB ShellMongoDB
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Shell Tips & Tricks
Shell Tips & TricksShell Tips & Tricks
Shell Tips & TricksMongoDB
 
Session 23 - JDBC
Session 23 - JDBCSession 23 - JDBC
Session 23 - JDBCPawanMM
 
Session 22 - Java IO, Serialization
Session 22 - Java IO, SerializationSession 22 - Java IO, Serialization
Session 22 - Java IO, SerializationPawanMM
 
general protocol basics
general protocol basicsgeneral protocol basics
general protocol basicsAravindan A
 
Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities Ahmed El-Arabawy
 
14 file handling
14 file handling14 file handling
14 file handlingAPU
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to RedisDvir Volk
 
Course 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking HelpCourse 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking HelpAhmed El-Arabawy
 
Exported resources design patterns
Exported resources design patternsExported resources design patterns
Exported resources design patternsYevgeny Trachtinov
 
Java Input Output and File Handling
Java Input Output and File HandlingJava Input Output and File Handling
Java Input Output and File HandlingSunil OS
 
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...Abdulrazak Zakieh
 
Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9David Calavera
 
OrientDB
OrientDBOrientDB
OrientDBaemadrid
 
The emerging world of mongo db csp
The emerging world of mongo db cspThe emerging world of mongo db csp
The emerging world of mongo db cspCarlos Sánchez Pérez
 
Cross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul HakimCross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul HakimCefalo
 
ERRest and Dojo
ERRest and DojoERRest and Dojo
ERRest and DojoWO Community
 
Redis SoCraTes 2014
Redis SoCraTes 2014Redis SoCraTes 2014
Redis SoCraTes 2014steffenbauer
 
Session 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise JavaSession 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise JavaPawanMM
 
Everything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus scriptEverything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus scriptBill Buchan
 
PHP Data Objects
PHP Data ObjectsPHP Data Objects
PHP Data ObjectsPrashant Marathe
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBGreat Wide Open
 
Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01walaba06
 
DSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & ConfigurationDSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & ConfigurationDuraSpace
 

More Related Content

What's hot

Session 23 - JDBC
Session 23 - JDBCSession 23 - JDBC
Session 23 - JDBCPawanMM
 
Session 22 - Java IO, Serialization
Session 22 - Java IO, SerializationSession 22 - Java IO, Serialization
Session 22 - Java IO, SerializationPawanMM
 
general protocol basics
general protocol basicsgeneral protocol basics
general protocol basicsAravindan A
 
Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities Ahmed El-Arabawy
 
14 file handling
14 file handling14 file handling
14 file handlingAPU
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to RedisDvir Volk
 
Course 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking HelpCourse 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking HelpAhmed El-Arabawy
 
Exported resources design patterns
Exported resources design patternsExported resources design patterns
Exported resources design patternsYevgeny Trachtinov
 
Java Input Output and File Handling
Java Input Output and File HandlingJava Input Output and File Handling
Java Input Output and File HandlingSunil OS
 
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...Abdulrazak Zakieh
 
Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9David Calavera
 
Cross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul HakimCross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul HakimCefalo
 
Redis SoCraTes 2014
Redis SoCraTes 2014Redis SoCraTes 2014
Redis SoCraTes 2014steffenbauer
 
Session 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise JavaSession 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise JavaPawanMM
 
Everything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus scriptEverything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus scriptBill Buchan
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBGreat Wide Open
 

What's hot (20)

Session 23 - JDBC
Session 23 - JDBCSession 23 - JDBC
Session 23 - JDBC
 
Session 22 - Java IO, Serialization
Session 22 - Java IO, SerializationSession 22 - Java IO, Serialization
Session 22 - Java IO, Serialization
 
general protocol basics
general protocol basicsgeneral protocol basics
general protocol basics
 
Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities Course 102: Lecture 7: Simple Utilities
Course 102: Lecture 7: Simple Utilities
 
14 file handling
14 file handling14 file handling
14 file handling
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to Redis
 
Course 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking HelpCourse 102: Lecture 6: Seeking Help
Course 102: Lecture 6: Seeking Help
 
Exported resources design patterns
Exported resources design patternsExported resources design patterns
Exported resources design patterns
 
Java Input Output and File Handling
Java Input Output and File HandlingJava Input Output and File Handling
Java Input Output and File Handling
 
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
برنامج محادثة باستخدام الاستدعاء العكسي في استدعاء الطرق البعيدة بلغة الجافا ...
 
Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9Rubyspec y el largo camino hacia Ruby 1.9
Rubyspec y el largo camino hacia Ruby 1.9
 
OrientDB
OrientDBOrientDB
OrientDB
 
The emerging world of mongo db csp
The emerging world of mongo db cspThe emerging world of mongo db csp
The emerging world of mongo db csp
 
Cross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul HakimCross Origin Resource Sharing (CORS) - Azizul Hakim
Cross Origin Resource Sharing (CORS) - Azizul Hakim
 
ERRest and Dojo
ERRest and DojoERRest and Dojo
ERRest and Dojo
 
Redis SoCraTes 2014
Redis SoCraTes 2014Redis SoCraTes 2014
Redis SoCraTes 2014
 
Session 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise JavaSession 24 - JDBC, Intro to Enterprise Java
Session 24 - JDBC, Intro to Enterprise Java
 
Everything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus scriptEverything you ever wanted to know about lotus script
Everything you ever wanted to know about lotus script
 
PHP Data Objects
PHP Data ObjectsPHP Data Objects
PHP Data Objects
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDB
 

Similar to What is new in CFEngine 3.6

Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01walaba06
 
DSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & ConfigurationDSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & ConfigurationDuraSpace
 
La big datacamp-2014-aws-dynamodb-overview-michael_limcaco
La big datacamp-2014-aws-dynamodb-overview-michael_limcacoLa big datacamp-2014-aws-dynamodb-overview-michael_limcaco
La big datacamp-2014-aws-dynamodb-overview-michael_limcacoData Con LA
 
Introduction to firebidSQL 3.x
Introduction to firebidSQL 3.xIntroduction to firebidSQL 3.x
Introduction to firebidSQL 3.xFabio Codebue
 
Codeigniter Training Part3
Codeigniter Training Part3Codeigniter Training Part3
Codeigniter Training Part3Weerayut Hongsa
 
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...Peter Keane
 
[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the BasicsUlrich Krause
 
Whats new in MongoDB 24
Whats new in MongoDB 24Whats new in MongoDB 24
Whats new in MongoDB 24MongoDB
 
CNIT 152: 13 Investigating Mac OS X Systems
CNIT 152: 13 Investigating Mac OS X SystemsCNIT 152: 13 Investigating Mac OS X Systems
CNIT 152: 13 Investigating Mac OS X SystemsSam Bowne
 
Javase7 1641812
Javase7 1641812Javase7 1641812
Javase7 1641812Vinay H G
 
Linux System Programming - File I/O
Linux System Programming - File I/O Linux System Programming - File I/O
Linux System Programming - File I/O YourHelper1
 
XPages -Beyond the Basics
XPages -Beyond the BasicsXPages -Beyond the Basics
XPages -Beyond the BasicsUlrich Krause
 
How to use the new Domino Query Language
How to use the new Domino Query LanguageHow to use the new Domino Query Language
How to use the new Domino Query LanguageTim Davis
 
Hadoop 20111117
Hadoop 20111117Hadoop 20111117
Hadoop 20111117exsuns
 
Elk presentation 2#3
Elk presentation 2#3Elk presentation 2#3
Elk presentation 2#3uzzal basak
 
Webinar: Was ist neu in MongoDB 2.4
Webinar: Was ist neu in MongoDB 2.4Webinar: Was ist neu in MongoDB 2.4
Webinar: Was ist neu in MongoDB 2.4MongoDB
 
CNIT 121: 13 Investigating Mac OS X Systems
CNIT 121: 13 Investigating Mac OS X SystemsCNIT 121: 13 Investigating Mac OS X Systems
CNIT 121: 13 Investigating Mac OS X SystemsSam Bowne
 
CNIT 152 13 Investigating Mac OS X Systems
CNIT 152 13 Investigating Mac OS X SystemsCNIT 152 13 Investigating Mac OS X Systems
CNIT 152 13 Investigating Mac OS X SystemsSam Bowne
 
Using existing language skillsets to create large-scale, cloud-based analytics
Using existing language skillsets to create large-scale, cloud-based analyticsUsing existing language skillsets to create large-scale, cloud-based analytics
Using existing language skillsets to create large-scale, cloud-based analyticsMicrosoft Tech Community
 
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]RootedCON
 

Similar to What is new in CFEngine 3.6 (20)

Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01Dspace4 150227090306-conversion-gate01
Dspace4 150227090306-conversion-gate01
 
DSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & ConfigurationDSpace 4.2 Basics & Configuration
DSpace 4.2 Basics & Configuration
 
La big datacamp-2014-aws-dynamodb-overview-michael_limcaco
La big datacamp-2014-aws-dynamodb-overview-michael_limcacoLa big datacamp-2014-aws-dynamodb-overview-michael_limcaco
La big datacamp-2014-aws-dynamodb-overview-michael_limcaco
 
Introduction to firebidSQL 3.x
Introduction to firebidSQL 3.xIntroduction to firebidSQL 3.x
Introduction to firebidSQL 3.x
 
Codeigniter Training Part3
Codeigniter Training Part3Codeigniter Training Part3
Codeigniter Training Part3
 
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...
The Role of Atom/AtomPub in Digital Archive Services at The University of Tex...
 
[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics
 
Whats new in MongoDB 24
Whats new in MongoDB 24Whats new in MongoDB 24
Whats new in MongoDB 24
 
CNIT 152: 13 Investigating Mac OS X Systems
CNIT 152: 13 Investigating Mac OS X SystemsCNIT 152: 13 Investigating Mac OS X Systems
CNIT 152: 13 Investigating Mac OS X Systems
 
Javase7 1641812
Javase7 1641812Javase7 1641812
Javase7 1641812
 
Linux System Programming - File I/O
Linux System Programming - File I/O Linux System Programming - File I/O
Linux System Programming - File I/O
 
XPages -Beyond the Basics
XPages -Beyond the BasicsXPages -Beyond the Basics
XPages -Beyond the Basics
 
How to use the new Domino Query Language
How to use the new Domino Query LanguageHow to use the new Domino Query Language
How to use the new Domino Query Language
 
Hadoop 20111117
Hadoop 20111117Hadoop 20111117
Hadoop 20111117
 
Elk presentation 2#3
Elk presentation 2#3Elk presentation 2#3
Elk presentation 2#3
 
Webinar: Was ist neu in MongoDB 2.4
Webinar: Was ist neu in MongoDB 2.4Webinar: Was ist neu in MongoDB 2.4
Webinar: Was ist neu in MongoDB 2.4
 
CNIT 121: 13 Investigating Mac OS X Systems
CNIT 121: 13 Investigating Mac OS X SystemsCNIT 121: 13 Investigating Mac OS X Systems
CNIT 121: 13 Investigating Mac OS X Systems
 
CNIT 152 13 Investigating Mac OS X Systems
CNIT 152 13 Investigating Mac OS X SystemsCNIT 152 13 Investigating Mac OS X Systems
CNIT 152 13 Investigating Mac OS X Systems
 
Using existing language skillsets to create large-scale, cloud-based analytics
Using existing language skillsets to create large-scale, cloud-based analyticsUsing existing language skillsets to create large-scale, cloud-based analytics
Using existing language skillsets to create large-scale, cloud-based analytics
 
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
 

More from RUDDER

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?RUDDER
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofRUDDER
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?RUDDER
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?RUDDER
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0RUDDER
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?RUDDER
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolRUDDER
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?RUDDER
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?RUDDER
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?RUDDER
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)RUDDER
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)RUDDER
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresRUDDER
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kRUDDER
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in RudderRUDDER
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...RUDDER
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...RUDDER
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...RUDDER
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...RUDDER
 

More from RUDDER (20)

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management tool
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libres
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50k
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in Rudder
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...
 

Recently uploaded

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 

Recently uploaded (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 

What is new in CFEngine 3.6

  • 1. What is new in CFEngine 3.6 www.cfengine.com
  • 2. What is new • • • • • • • • User promises TLS protocol Math expressions Dynamic inputs New language functions Tags Data containers File templating
  • 4. User promises • A new promise type • Manage local users on hosts • Make promises about user characteristics • UID • Group membership • Home directory • Password • Shell • Description
  • 5. User promises - Example bundle agent my_bundle { users: “joe” policy => “present”, group_primary => “users”, groups_secondary => { “printers”, “db_users” }, home_dir => “/nfs/home/joe”, home_bundle => setup_home_dir(“joe”); }
  • 7. TLS protocol • • • • Industry standard security protocol All traffic is fully encrypted Transparent to the user Old protocol • Deprecated, but still supported • Can be turned off after upgrade is complete
  • 9. Math expressions • New math evaluation function: eval() • Works on strings • String contains expression to evaluate • Example: eval(“ceil($(sys.cpus) / 4)”) • Previously required shell script
  • 10. Math expressions • Accepts common math operators: +, -, *, / • Some less common ones too: ^, **, % • Many common math functions • ceil, floor, log10, log2, log, sqrt, sin, cos, tan, asin, acos, atan, abs, step • Mathematical constants • e, log2e, log10e, ln2, ln10, pi, pi_2, pi_4, 1_pi, 2_pi, 2_srqtpi, sqrt2, sqrt1_2 • SI-units: K, M, G, T, P
  • 12. Dynamic inputs • 3.5: • Input files can only be defined in promises.cf • Inconvenient; all file additions require editing promises.cf • 3.6: • file control bodies can contain input files • Body can be specified once per file • body file control { inputs => “input_file.cf”; }
  • 13. Dynamic inputs - Example • promises.cf body common control { inputs => { “input_file.cf” }; } • input_file.cf body file control { inputs => { “nested_input_file.cf” }; }
  • 15. New language functions • findfiles(glob1, glob2, ...) • Returns a list of files that match glob pattern • makerule(target, sources) • Determines whether target needs to be rebuilt from sources • Inspired by the Unix make program • packagesmatching(...) • Returns list of installed packages • List can be filtered by name, version and architecture
  • 16. New language functions • canonifyuniquely(test) • Convert a string into a legal class name • Unlike canonify, name is guaranteed to be unique. • Useful when making class names from a list of files • bundlesmatching(regex, tag1, ...) • Returns bundles matching criteria • Result can be used in a methods promise • Very powerful together with findfiles
  • 17. bundlesequence - Example • bundle common global { vars: “policies” slist => findfiles (“/var/cfengine/inputs/*.cf”); “bundles” slist => bundlesmatching (“.*”, “production”); } body common control { inputs => { @(global.policies) }; bundlesequence => { @(global.bundles) }; }
  • 18. New language functions • Plenty of others • data_readstringarray • readjson • data_readstringarrayidx • storejson • datastate • string_downcase • datatype • string_head • getclassmetatags • string_length • getvariablemetatags • string_reverse • max • string_tail • mean • string_upcase • mergedata • variablesmatching • min • variance • parsejson
  • 19. Tags
  • 20. Tags • Labels that you can attach to bundles and promises • Certain functions can filter based on tags • bundlesmatching • classesmatching • variablesmatching
  • 21. Tags - Example • bundle agent my_bundle { meta: ### Bundle tags “tags” => { “experimental” }; vars: ### Variable tags “db_server” string => “106.54.21.90”, meta => { “mysql”, “trusted” }; classes: ### Class tags “experimental” expression => “any”, meta => { “tier_spec” }; }
  • 23. Data containers • Structured containers (JSON) • “container” data => parsejson('[ { “user”: “joe”, “groups”: “users” }, { “user”: “jack”, “groups”: “admins” }, ]'); • reports: “$(container[1][user])”; • --> R: jack
  • 24. Data containers • Can read JSON files • readjson(filename, maxbytes) • Or fields from a text file • data_readstringarray (filename, comment, split, maxentries, maxbytes) • data_readstringarrayidx (filename, comment, split, maxentries, maxbytes) • Convert back to JSON • storejson(data_container)
  • 25. Data containers - Example • records.txt: • joe,/nfs/home/joe,Joe Smith jack,/home/jack,Jack Jensen • Resulting JSON after data_readstringarrayidx • [ [ “joe”, “/nfs/home/joe”, “Joe Smith” ], [ “jack”, “/home/jack”, “Jack Jensen” ] ]
  • 26. Data containers - Example • records.txt: • joe,/nfs/home/joe,Joe Smith jack,/home/jack,Jack Jensen • policy.cf: • vars: “users” data => data_readstringarrayidx (“records.txt”, “”, “,”, 10, 4000); “index” slist => getindices(“users”); users: “$(users[$(index)][0])” home_dir => “$(users[$(index)][1])”, description => “$(users[$(index)][2])”, policy => “present”;
  • 28. File templating • New templating engine: Mustache • Based on the Mustache templating language • http://mustache.github.io/
  • 29. File templating - Example • promises.cf: • files: "/etc/motd" edit_line => motd_edit, edit_defaults => empty; } bundle edit_line motd_edit { insert_lines: “Welcome to this CFEngine managed machine.”; “This machine pulls policy from $(sys.policy_hub).”; } • Result: • Welcome to this CFEngine managed machine. This machine pulls policy from 10.80.80.1.
  • 30. File templating - Example • promises.cf: • files: "/etc/motd" edit_template => "template.mustache", template_method => "mustache"; • template.mustache: • Welcome to this CFEngine managed machine. This machine pulls policy from {{vars.sys.policy_hub}}. • Result: • Welcome to this CFEngine managed machine. This machine pulls policy from 10.80.80.1.
  • 31. Miscellaneous • cf-serverd allows distinct key/IP/hostname access controls • New “shortcut” constraint in server policy allows non-absolute paths in copy_from promises • New log format • Many new built-in variables: • sys.uptime, sys.masterdir, this.promiser_ppid, ... • LMDB replaces Tokyo Cabinet as database backend • Calls to execresult and returnszero are now cached instead of executing repeatedly
  • 33. Questions? • • • • • • • • User promises TLS protocol Math expressions Dynamic inputs New language functions Tags Data containers File templating www.cfengine.com