From 46d519d33e2c50568aa4640252db7edb02222181 Mon Sep 17 00:00:00 2001 From: Narayan Desai Date: Mon, 14 Feb 2005 20:52:58 +0000 Subject: (Logical change 1.204) git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@867 ce84e21b-d406-0410-9b95-82705330c041 --- doc/concepts.xml | 110 ++++++++++++++++++++++++++++++++ doc/generators.xml | 181 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/install.xml | 111 ++++++++++++++++++++++++++++++++ doc/manual.xml | 60 ++++++++++++++++++ 4 files changed, 462 insertions(+) (limited to 'doc') diff --git a/doc/concepts.xml b/doc/concepts.xml index e69de29bb..f8fd60e26 100644 --- a/doc/concepts.xml +++ b/doc/concepts.xml @@ -0,0 +1,110 @@ + + Design Goals & Concepts + + + Bcfg2 was designed with several goals in mind. This section will + describe those goals, and how they were manifested in the + design. This section will also define important concepts used in + Bcfg2. + + +
+ Goals + + + + + Model configurations using declarative + semantics. Declarative semantics maximize the utility of + configuration management tools; they provide the most + flexibility for the tool to determine the right course of + action in any given situation. This means that users can + focus on the task of describing the desired configuration, + while leaving the task of transitioning clients states to + the tool. + + + + + Configuration descriptions should be comprehensive. This + means that configurations served to the client should be + sufficent to reproduce all desired functionality. This + assumption allows the use of heuristics to detect extra + configuration, aiding in reliable, comprehensive + configuration definitions. + + + + + Provide a flexible approach to user interactions. Most + configuration management systems take a rigid approach to + user interactions; that is, either the client system is + always correct, or the central system is. This means that + users are forced into an overly proscribed model where the + system asserts where correct data is. Configuration data + modification is frequently undertaken on both the + configuration server and clients. Hence, the existance of a + single canonical data location can easily pose a problem + during normal tool use. + + + Bcfg2 takes a different approach. The default assumption is + that data on the server is correct, however, the client has + options to run in two other modes. If the Bcfg2 client is + run in dry run mode, it can help to reconcile differences + between current client state and the configuration described + on the server. + + + The Bcfg2 client also searches for extra configuration; that + is, configuration that is not specified by the configuration + description. When extra configuration is found, either + configuration has been removed from the configuration + description on the server, or manual configuration has + occurred on the client. Options related to two-way + verification and removal are useful for configuration + reconciliation when interactive access is used. + + + + + Generators, and administrative applications. + + + + + Imcremental operations. + + + +
+ +
+ Important Concepts + + + Bundles + + + Bundles are groups of interdependent configuration + elements. Service configurations including software, + configuration files, and service activations are a good + example of bundles. When any of these components are + modified, all should be re-checked, and any associated + services should be restarted. We refer to this process as + coherent reconfiguration; this guarentees that all + configuration changes are active before reconfiguration + has completed. + + + + + Metadata + + + + + +
+ + \ No newline at end of file diff --git a/doc/generators.xml b/doc/generators.xml index e69de29bb..ee7a6a8be 100644 --- a/doc/generators.xml +++ b/doc/generators.xml @@ -0,0 +1,181 @@ + + Generators + + Generators are modules are are loaded by the Bcfg2 server, + based on directives in /etc/bcfg2.conf. They + provide concrete, fully-specified configuration entries for + clients. This chapter documents the function and usage of generators + bundled with Bcfg2 releases. It also describes the interface used to + communicate with generators; modeles implementing this interface can + provide configuration elements for clients based on any + representation or requirements that may exist. + + +
+ Bundled Generators + + This section describes the generators that come bundled with + Bcfg2. As a general rule, generators requiring more than one + configuration file will use a generator specific directory in the + configuration repository. + + +
+ Cfg + + The Cfg generator provides a configuration file repository + that uses literal file contents to provide client-tailored + configuration file entries. The Cfg generator chooses which + data to provide for a given client based on the aspect-based + metadata system used for high-level client configuration. + + + The Cfg repository is structured much like the filesystem + hierarchy being configured. Each configuration file being + served has a corresponding directory in the configuration + repository. These directories have the same relative path as + the absolute path of the configuration file on the target + system. For example, if Cfg was serving data for the + configuration file /etc/services, then + its directory would be in the relative path + ./etc/services inside of the Cfg + repository. + + + Inside of this file-specific directory, three types of files + may exist. Base files are complete instances of configuration + file. Deltas are differences between a base file and the + target file contents. Base files and deltas are tagged with + metadata specifiers, which describe which groups of clients + the fragment pertains to. Configuration files are constructed + by finding the most specific base file and applying any more + specific deltas. + + + Specifiers are embedded in fragment filenames. For example, in + the fragment services.C99_webserver, + "C99_webserver" is the specifier. This specifier applies to + the class (C) webserver with a priority of 99. Other metadata + categories which can be used include bundle (B), profile (P), + hostname (H), attribute (A), and image (I). These are ordered + from least to most specific: image, profile, class, bundle, + and hostname. Global files are the least specific. Priorities + are used as to break ties. + + + Info files, named :info are used to + specify target configuration file metadata, such as owner, + group and permissions. If no :info is + provided, targets are installed with default + information. Default metadata is root ownership, root group + memberships, and 0644 file permissions. + + + Cfg generator :info files + + owner:root + group:root + perms:0755 + + + + + Cfg file repository example + + $ ls + :info passwd passwd.C99_chiba-login + passwd.H_bio-debian passwd.H_cvstest passwd.H_foxtrot + passwd.H_reboot passwd.H_rudy2 passwd.C99_netserv + passwd.B99_tacacs-server.cat passwd.H_adenine + + + + + In the previous example, there exists files with each of the + characteristics mentioned above. All files ending in ".cat" + are deltas; ones with ".H_" are host specific files. There + exists a base file, a :info file, two + class-specified base files, and a bundle-specified base file. + +
+ +
+ Pkgmgr + +
+ +
+ +
+ The Generator API + + The Bcfg2 core has a well-formed API used to call + generators. This mechanism allows all stock generators to be + runtime selected; no stock generators are required. The + generator API has two main functions. The first is communication + to the Bcfg2 core: the list of entries a particular generator + can bind must be communicated to the core so that the proper + generator can be called. The second function is the actual + production of client-specific configuration element data; this + data is then included in client configurations. + + + + The inventory function is provided by a python dictionary, + called __provides__ in each generator object. This dictionary + has a key for each type of configuration entry (ConfigFile, + Package, Directory, SymLink, Service), whose value is a + dictionary indexed by configuration element name. For example, + the data path to information about the service "sshd" could be + reached at __provides__['Service']['sshd']. The value of each of + these keys is a function that can be called to bind + client-specific values to a configuration entry. This function + is used in the next section. + + + + The handler function located by the __provides__ dictionary is + called with a static API. The function prototype for each of + these handlers is: + + + + The Generator handler API + + def Handler(self, entry, metadata): + generator logic here + + + + + The data supplied upon handler invokation includes two + parts. The first is the entry. This is a ElementTree.Element + object, which already contains the configuration element type + (ie Service) and name. All other data is bound into this object + in this function. The range of data bound depends on the data + type. The other data provided to handlers is client metadata, + information about the current client, including hostname, image, + profile, classes and bundles. The metadata is typically used to + choose entry contents. + +
+ +
+ Writing a Generator + + Writing a generator is a fairly straightforward task. At a high + level, generators are instantiated by the Bcfg2 core, and then + used to provide configuration entry contents. This means that + the two points where control passes into a generator from Bcfg2 + are during initial object instantiation, and every time a + generator-provided configuration entry is bound. + + + + Currently, generators must be written in python. They can + perform arbitrary operations, hence, a generator could be + written that executed logic in another language, but this + functionality is currently not implemented. + +
+ \ No newline at end of file diff --git a/doc/install.xml b/doc/install.xml index e69de29bb..83c7d824e 100644 --- a/doc/install.xml +++ b/doc/install.xml @@ -0,0 +1,111 @@ + + Installing Bcfg2 + + + Pre-requisites + + Bcfg2 is written in python using several modules not included + with most distributions. SSSlib, available from + ftp://ftp.mcs.anl.gov/pub/sss/, provides communication + abstraction. Element Tree, available from http://www.effbot.org + provides convenient XML handling. Bcfg2 uses FAM to coherently + cache files and update them when they change. + + ElementTree can be downloaded from + http://www.effbot.org/downloads. It can be installed by running + the setup script against the python installation. + + + $ python setup.py build +running build +running build_py +creating build +creating build/lib +creating build/lib/elementtree +copying elementtree/ElementInclude.py -> build/lib/elementtree +copying elementtree/ElementPath.py -> build/lib/elementtree +copying elementtree/ElementTree.py -> build/lib/elementtree +copying elementtree/HTMLTreeBuilder.py -> build/lib/elementtree +copying elementtree/SgmlopXMLTreeBuilder.py -> build/lib/elementtree +copying elementtree/SimpleXMLTreeBuilder.py -> build/lib/elementtree +copying elementtree/SimpleXMLWriter.py -> build/lib/elementtree +copying elementtree/TidyHTMLTreeBuilder.py -> build/lib/elementtree +copying elementtree/TidyTools.py -> build/lib/elementtree +copying elementtree/XMLTreeBuilder.py -> build/lib/elementtree +copying elementtree/__init__.py -> build/lib/elementtree +$ python setup.py install +... + + SSSlib can be downloaded from + ftp://ftp.mcs.anl.gov/pub/sss. It can either be built from source + or prebuilt packages can be downloaded from the same location. + + + + Bcfg2 Installation + + + + + Bcfg2 Initial Setup and Testing + Once the Bcfg2 software is installed, the configuration file + and repository must be created. The example configuration file in + bcfg2/examples/bcfg2.conf can be used, with + minor modifications. + + + bcfg2.conf + [server] + repository = /disks/bcfg2 + structures = Bundler,Base + generators = SSHbase,Cfg,Pkgmgr,Svcmgr + metadata = /disks/bcfg2/etc + + + This configuration file sets the location of the + configuration repository. It also activates two structures, and + four generators. Structures are components that generate + abstract configuration fragments. These are the form of the + configuration. Generators provide client-specific values for + each configuration settings contained in all abstract + configuration fragments. Both of these are described in Section + ???. + + + Daemon Configuration + Bcfg2 uses SSSlib, the + communication libraries from the Scalable Systems Software project + for communication abstraction. This library provides a unified + messaging interface on top of several wire protocols with + different authentication and encryption mechanisms. The default + protocol is "challenge" which is a challenge response protocol + with no data encryption. (SSL protection will be configured + later). SSSlib also includes service location functionality; + this allows software to locate components by name, regardless of + their respective network locations. This function is provided + with both static and dynamic implementations. Static component + location setup will be sufficient for most Bcfg2 deployments. + + + + Static component lookups depend on the file + /etc/sss.conf. This file contains + information about static service locations. This file must be + the same on the server and all clients for communication to work + properly. A location definition for the bcfg2 component will + allow all clients to find and connect to it. + + + /etc/sss.conf + + + + ]]> + + + This allows SSSlib to locate the bcfg2 component on the + machine bcfgserver, port 8052, with the wire protocol "challenge". + + + \ No newline at end of file diff --git a/doc/manual.xml b/doc/manual.xml index e69de29bb..159f98d3b 100644 --- a/doc/manual.xml +++ b/doc/manual.xml @@ -0,0 +1,60 @@ + + + +]> + + + Bcfg2 Manual + + Narayan + Desai + desai@mcs.anl.gov + + + Argonne National Laboratory + MCS Division + + February 2, 2005 + $Revision$ + February 2005 + + 2005 + Argonne National Laboratory + + + + + This manual is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of + the License, or (at your option) any later version. + + + This is distributed in the hope that it will be useful, + but without any warranty; without even the + implied warranty of merchantability or + fitness for a particular purpose. See the + GNU General Public License for more details. + + + + + + 0.6.4 + 2005/02/01 11:38:27 + + $Id$ + + + + + + + +&concepts; +&install; +&generators; + \ No newline at end of file -- cgit v1.2.3-1-g7c22