CFEngine
This article relies largely or entirely on a single source. (August 2014) |
CFEngine is a configuration management system, written by Mark Burgess. Its primary function is to provide automated configuration and maintenance of large-scale computer systems, including the unified management of servers, desktops, consumer and industrial devices, embedded network devices, mobile smartphones, and tablet computers.
Released under the terms of the GNU General Public License, CFEngine is free software.
History
The CFEngine project began in 1993 as a way for author Mark Burgess (then a post-doctoral fellow of the Royal Society at Oslo University, Norway) to get his work done by automating the management of a small group of workstations in the Department of Theoretical Physics. Burgess managed Unix workstations, scripting and fixing problems for users manually. Scripting took too much time, the flavours of Unix were significantly different, and scripts had to be maintained for multiple platforms, drowning in exception logic. After discussing the problems with a colleague, Burgess wrote the first version of CFEngine (the configuration engine) which was published as an internal report[4] and presented at the CERN computing conference. It gained significant attention from a wider community because it hid platform differences using a domain-specific language.
A year later, Burgess finished his post-doc but decided to stay in Oslo and took a job lecturing at Oslo University College. Here he realized that there was little or no research being done into configuration management, and he set about applying the principles of scientific modelling to understanding computer systems.He developed the notion of convergent operators, which remains a core of CFEngine.
In 1998 Burgess wrote "Computer Immunology", a paper at the USENIX/LISA98 conference.[5] It laid out a manifesto for creating self-healing systems, reiterated a few years later by IBM in their form of Autonomic Computing. This started a research effort which led to a major re-write, CFEngine 2, which added features for machine learning, anomaly detection and secure communications.
Between 1998 and 2004, CFEngine grew in adoption along with the popularity of Linux as a computing platform. During this time, Mark Burgess developed promise theory, a model of distributed cooperation for self-healing automation.[6][7] In 2008, after more than five years of research, CFEngine 3 was introduced, which incorporated promise theory as "a way to make CFEngine both simpler and more powerful at the same time", according to Burgess. The most significant re-write of the project to date, CFEngine 3 also integrated knowledge management and discovery mechanisms—allowing configuration management to scale to automate enterprise-class infrastructure.
In June 2008 the company CFEngine AS was formed as a collaboration between author Mark Burgess, Oslo University College and the Oslo Innovation Centre in order to support users of CFEngine. In April 2009, the company launched the first commercial version of CFEngine - CFEngine Enterprise. The Enterprise version can be downloaded for free for up to 25 agents (clients). February 2011, the company received its first round of funding, from FERD Capital.[8] The company has offices in Oslo, Norway and Mountain View, California, USA.
In 2017, the company changed its name to Northern.tech, to reflect that it is working on multiple software products, not only CFEngine.[9]
Design
One of the main ideas in CFEngine is that changes in computer configuration should be carried out in a convergent manner.[10][11] This means that each change operation made by the agent should have the character of a fixed point. Rather than describing the steps needed to make a change, CFEngine language describes the final state in which one wants to end up. The agent then ensures that the necessary steps are taken to end up in this "policy compliant state". Thus, CFEngine can be run again and again, whatever the initial state of a system, and it will end up with a predictable result. CFEngine supports the item of statistical compliance with policy, meaning that a system can never guarantee to be exactly in an ideal or desired state, rather one approaches (converges) towards the desired state by best-effort, at a rate that is determined by the ratio of the frequency of environmental change to the rate of CFEngine execution.[12]
CFEngine provides an operating system-independent interface to Unix-like host configuration. It requires some expert knowledge to deal with peculiarities of different operating systems, but has the power to perform maintenance actions across multiple hosts. CFEngine can be used on Windows hosts as well, and is widely used for managing large numbers of Unix hosts that run heterogeneous operating systems, e.g. Solaris, Linux, AIX, Tru64 and HP-UX.[citation needed]
Users
CFEngine is used in both large and small companies, as well as in many universities and governmental institutions.[citation needed] The largest reported datacenter under management of CFEngine is above a million servers, while sites as large as 40,000 machines are publicly reported (LinkedIn[13]), while sites of several thousand hosts running under CFEngine are common.[citation needed] According to statistics from CFEngine AS, probably several million computers run CFEngine around the world, and users from more than 100 countries have been registered.
Research
Shortly after its inception, CFEngine inspired a field of research into automated configuration management. The CFEngine project claims to attempt to place the problem of configuration management in a scientific framework. Its author Mark Burgess has developed a range of theoretical tools and results to talk about the problem, and has written several text books and monographs explaining them.[citation needed]
See also
- Comparison of open-source configuration management software
- Anomaly-based intrusion detection system
- Host-based intrusion detection system
- Rudder (software)
References
- ^ CFEngine Team & Community. "CFEngine 3.22.0 released". Northern.tech AS.
- ^ CFEngine Team & Community. "CFEngine 3.21.3 released". Northern.tech AS.
- ^ CFEngine Team & Community. "CFEngine 3.18.6 released". Northern.tech AS.
- ^ Burgess, Mark. "University of Oslo : Cfengine V2.0 : A network configuration tool" (PDF). Iu.hio.no. Archived from the original (PDF) on 2013-07-23. Retrieved 2013-09-08.
- ^ Burgess, Mark (December 1998). "Computer Immunology" (PDF). Usenix.org. Retrieved 2013-09-08.
- ^ Burgess, Mark; Couch, Alva (2006-11-28). "Autonomic Computing Approximated by Fixed-Point Promises, Proceedings of First IEEE International Workshop on Modelling Autonomic Communication Environments (MACE2006)" (PDF). pp. 197–222. Archived from the original (PDF) on 2012-04-25.
- ^ Hogg, Scott (July 1, 2014). "Promise Theory". Network World. Retrieved September 1, 2023.
- ^ "Cfengine Completes Series A Investment" (Press release). Oslo, Norway: PRNewswire. 2011-04-04. Retrieved 2014-08-22.
- ^ "Welcome to Northern.tech". northern.tech. Retrieved 2019-09-24.
- ^ Burgess, Mark (Summer 1995). "Cfengine: a site configuration engine" (PDF). USENIX Computing Systems. 8 (3). Berkeley, CA, USA: USENIX. Retrieved 2014-08-22.
- ^ Burgess, Mark (2003-11-29). "Configurable immunity for evolving human-computer systems". Science of Computer Programming. 51 (3): 197–213. doi:10.1016/j.scico.2003.12.004.
- ^ Burgess, Mark (2003). "On the theory of system administration". Science of Computer Programming. 49 (1–3): 1–46. doi:10.1016/j.scico.2003.08.001.
- ^ "CFEngine Case Study - LinkedIn Infrastructure and Operations Automation at WebScale" (PDF). CFEngine AS. November 2014.