Configuration Engine

Table of Contents

Die Configuration Engine von Marc Burgess findet man auf Wir verwenden derzeit Version 2.

Seltsames in CFEngine 2

An sich gefällt mir CFEngine 2 gut, aber im Parser stecken ein paar seltsame Eigenheiten.

Definition von Klassen

Bei der Definition von Klassen müssen Leerzeichen im Inneren der Klammern verwendet werden:

    TEST = ( linux ) # ok
    TEST =  (linux)  # error


Beim Aufruf von Funktionen werden Leerzeichen nach einem trennenden Komma dem nächsten Argument zugeschlagen:

    TEST = ( Strcmp("abc", "abc") ) # not equal!
    TEST = ( Strcmp("abc","abc") )  # equal


  • Marc Burgess . Analytical Network and System Administration: Managing Human-Computer Systems. John Wiley and Sons Ltd. 2004. 1ed. ISBN 0470861002 –
  • Diego Zamboni . Learning CFEngine 3 . O’Reilly . 2012 . 1ed . ISBN 978-1-449-31220-6


Angesichts des aktuellen Basis an vorhandener Konfiguration (~ 10.000 Zeilen) kann ein Umstieg nur schrittweise erfolgen - allerdings sollten sich die verschiedenen Programm zum Configuration Management eh nicht in die Quere kommen.

Configuration Engine 3

Configuration Engine 3 gefällt mir derzeit von allen Möglichkeiten am Besten!


Propellor is a configuration management system using Haskell and Git. Each system has a list of properties, which Propellor ensures are satisfied. Linux and FreeBSD are supported.

Propellor is configured via a git repository, which typically lives in ~/.propellor/ on your development machine. Propellor clones the repository to each host it manages, in a secure way.

Properties are defined using Haskell. Edit ~/.propellor/config.hs to get started. There is fairly complete API documentation, which includes many built-in Properties for dealing with Apt and Apache, Cron and Commands, Dns and Docker, etc.

There is no special language as used in puppet, chef, ansible, etc.. just the full power of Haskell. Hopefully that power can be put to good use in making declarative properties that are powerful, nicely idempotent, and easy to adapt to a system’s special needs!


  • Ich finde kein vernünftiges Tutorial, das einem Einsteiger das Konzept erklärt.


  • Haskell ist zwar eine untypische Sprache, aber zumindest für mich interessanter als eher konventionelle Sprachen wie Ruby.


SaltStack takes a new approach to infrastructure management by developing software that is easy enough to get running in seconds, scalable enough to manage tens of thousands of servers, and fast enough to control and communicate with them in milliseconds. SaltStack delivers a dynamic infrastructure communication bus used for orchestration, remote execution, configuration management and much more. The Salt open source project was launched in 2011 and today is the fastest-growing, most-active configuration management / systems management project in the world. SaltStack is the company responsible for keeping the Salt project healthy and dynamic. Salt remains 100% open.


  • Ich finde kein vernünftiges Tutorial, das einem Einsteiger das Konzept erklärt.
  • Das offizielle Manual ist als E-Book furchtbar zu lesen - komplett ungeeignet als Urlaubslektüre :)


Puppet, an automated administrative engine for your *nix systems, performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification.

Puppet can let you focus more on how things should be done and less on doing them. Let computers do what they are good at, precisely perform patterns, so you can focus on creating solutions. The act of specifying the services will help you clarify the systems you actually need and once your services are modelled using Puppet, your ability to scale and recover from hardware failure could just be plugging in a new blade, setting the hostname and starting puppet.


  • ruby - unpraktisch, weil bei uns sonst gar nicht verwendet
  • Syntax nicht so schön wie bei Cfengine2 - ähnlich Cfengine3
  • gravierende Skalierungsprobleme beim puppetmaster (Host zur Verteilung der Konfiguration) - Workarounds sind vorhanden


  • einfach erweiterbar


Chef is a systems integration framework, built to bring the benefits of configuration management to your entire infrastructure. With Chef, you can:

  • Manage your servers by writing code, not by running commands. (via Cookbooks)
  • Integrate tightly with your applications, databases, LDAP directories, and more. (via Libraries)
  • Easily configure applications that require knowledge about your entire infrastructure (“What systems are running my application?” “What is the current master database server?”) (via Search)


  • ruby - unpraktisch, weil bei uns sonst gar nicht verwendet


Ich find es etwas zweifelhaft, ob das Konzept auf viele Rechner skaliert.

Author: Andreas Hirczy

Created: 2018-03-23 Fri 12:15

Validate XHTML 1.0