» CFEngine Provisioner

Provisioner name: cfengine

The Vagrant CFEngine provisioner allows you to provision the guest usingCFEngine. It can set up both CFEnginepolicy servers and clients. You can configure both the policy serverand the clients in a singlemulti-machine Vagrantfile.

Warning: If you are not familiar with CFEngine and Vagrant already,it is recommended to start with the shellprovisioner. However, if you are comfortable with Vagrant already, Vagrant is the best way to learn CFEngine.

Let us look at some common examples first. See the bottom of thisdocument for a comprehensive list of options.

» Setting up a CFEngine server and client

The CFEngine provisioner automatically installs the latestCFEngine Community packageson the VM, then configures and starts CFEngine according to yourspecification.

Configuring a VM as a CFEngine policy server is easy:

  1. Vagrant.configure("2") do |config|
  2.   config.vm.provision "cfengine" do |cf|
  3.     cf.am_policy_hub = true
  4.   end
  5. end

The host will automatically bebootstrappedto itself to become a policy server.

If you already have a working CFEngine policy server, you can get aCFEngine client installed and bootstrapped by specifying its IPaddress:

  1. Vagrant.configure("2") do |config|
  2.   config.vm.provision "cfengine" do |cf|
  3.     cf.policy_server_address = "10.0.2.15"
  4.   end
  5. end

» Copying files to the VM

If you have some policy or other files that you want to install bydefault on a VM, you can use the files_path attribute:

  1. Vagrant.configure("2") do |config|
  2.    config.vm.provision "cfengine" do |cf|
  3.       cf.am_policy_hub = true
  4.       cf.files_path = "cfengine_files"
  5.     end
  6.   end

Everything under cfengine_files/ in the Vagrant project directorywill be recursively copied under /var/cfengine/ in the VM, on top ofits default contents.

A common use case is to add your own files to/var/cfengine/masterfiles/ in the policy server. Assuming your extrafiles are stored under cfengine_files/masterfiles/, the line shownabove will add them to the VM after CFEngine is installed, but beforeit is bootstrapped.

» Modes of operation

The default mode of operation is :bootstrap, which results inCFEngine being bootstrapped according to the information provided inthe Vagrantfile. You can also set mode to :single_run, whichwill run cf-agent once on the host to execute the file specified inthe run_file parameter, but will not bootstrap it, so it will not beexecuted periodically.

The recommended mode of operation is :bootstrap, as you get the fullbenefits of CFEngine when you have it running periodically.

» Running a standalone file

If you want to run a standalone file, you can specify the run_fileparameter. The file will be copied to the VM and executed on its ownusing cf-agent. Note that the file needs to be a standalone policy,including its ownbody common control.

The run_file parameter is mandatory if mode is set to:single_run, but can also be specified when mode is set to:bootstrap - in this case the file will be executed after the hosthas been bootstrapped.

» Full Alphabetical List of Configuration Options

  • am_policy_hub (boolean, default false) determines whether the VM will beconfigured as a CFEngine policy hub (automatically bootstrapped toits own IP address). You can combine it with policy_server_addressif the VM has multiple network interfaces and you want to bootstrapto a specific one.
  • extra_agent_args (string, default nil) can be used to passadditional arguments to cf-agent when it is executed. For example,you could use it to pass the -I or -v options to enableadditional output from the agent.
  • classes (array, default nil) can be used to define additionalclasses during cf-agent runs. These classes will be defined usingthe -D option to cf-agent.
  • deb_repo_file (string, default"/etc/apt/sources.list.d/cfengine-community.list") specifies thefile in which the CFEngine repository information will be stored inDebian systems.
  • deb_repo_line (string, default "deb https://cfengine.com/pub/apt$(lsb_release -cs) main") specifies the repository to use for.deb packages.
  • files_path (string, default nil) specifies a directory that willbe copied to the VM on top of the default/var/cfengine/ (the contents of /var/cfengine/ will notbe replaced, the files will added to it).
  • force_bootstrap (boolean, default false) specifies whetherCFEngine will be bootstrapped again even if the host has alreadybeen bootstrapped.
  • install (boolean or :force, default true) specifies whetherCFEngine will be installed on the VM if needed. If you set thisparameter to :force, then CFEngine will be reinstalled even ifit is already present on the machine.
  • mode (:bootstrap or :single_run, default :bootstrap)specifies whether CFEngine will be bootstrapped so that it executesperiodically, or will be run a single time. If mode is set to:single_run you have to set run_file.
  • policy_server_address (string, no default) specifies the IPaddress of the policy server to which CFEngine will bebootstrapped. If am_policy_hub is set to true, this parameterdefaults to the VM's IP address, but can still be set (forexample, if the VM has more than one network interface).
  • repo_gpg_key_url (string, default"https://cfengine.com/pub/gpg.key") contains the URL to obtain theGPG key used to verify the packages obtained from the repository.
  • run_file (string, default nil) can be used to specify a fileinside the Vagrant project directory that will be copied to the VMand executed once using cf-agent. This parameter is mandatory ifmode is set to :single_run, but can also be specified whenmode is set to :bootstrap - in this case the file will beexecuted after the host has been bootstrapped.
  • upload_path (string, default "/tmp/vagrant-cfengine-file")specifies the file to which run_file (if specified) will be copiedon the VM before being executed.
  • yum_repo_file (string, default"/etc/yum.repos.d/cfengine-community.repo") specifies the file inwhich the CFEngine repository information will be stored in RedHatsystems.
  • yum_repo_url (string, default "https://cfengine.com/pub/yum/")specifies the URL of the repository to use for .rpm packages.
  • package_name (string, default "cfengine-community") specifiesthe name of the package used to install CFEngine.