Cfengine
From Wikipedia, the free encyclopedia
 |
This article does not cite any references or sources. Please help improve this article by adding citations to reliable sources (ideally, using inline citations). Unsourced material may be challenged and removed. (May 2008) |
Cfengine is a policy-based configuration management system written by Mark Burgess at Oslo University College. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification.
The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration.
Contents |
[edit] Portability
Cfengine provides an operating system independent interface to Unix-like host configuration. It requires some expert knowledge to deal with peculiarities of different operating systems and can perform maintenance actions across multiple Unix-like servers. Cfengine can be used on Windows servers as well, and is widely used for managing large numbers of Unix servers that run heterogeneous operating systems e.g. Solaris, Linux, AIX and HPUX. Statistics collected by the supporting commercial company Cfengine AS indicate hundreds of thousands of hosts running cfengine, with the largest sites recorded at 30,000.
[edit] Research-based
Shortly after its inception, cfengine inspired a field of research into automated configuration management. The cfengine project claims to attempt to place the problem of configuration management in a scientific framework. Its author Mark Burgess has developed a range of important theoretical tools and results to talk about the problem, and has written several text books and monographs explaining these.
[edit] Commercialization
In June 2008 the company Cfengine AS was formed as a collaboration between author Mark Burgess, Oslo University College and the Oslo Innovation Centre in order to support users of cfengine.
[edit] Convergence
One of the main innovations of cfengine is the idea that changes in computer configuration should be carried out in a convergent manner. This means that each change operation made by the agent should have the character of a fixed point. Rather than describing the steps needed to make a change, cfengine describes the final state in which one wants to end up. The agent then ensures that the necessary steps are taken to end up in this "policy compliant state". Thus, cfengine can be run again and again, whatever the initial state of a system, and it will end up with a predictable result.
[edit] User base
Cfengine is used in both large and small companies, as well as in many universities and governmental institutions. Sites as large as 30,000 machines are reported, while sites of several thousand hosts running under cfengine are common.
[edit] See also
- Comparison of open source configuration management software
- Anomaly-based intrusion detection system
- Host-based intrusion detection system
