CFEngine

Last updated
CFEngine
Initial release1993
Stable release
3.23.0, [1] 3.21.4, [2] 3.18.7, [3] / January 11th, 2024
Repository
Operating system Cross-platform
Platform Unix-like, Windows
Type Configuration management System administration Network management
License GNU General Public License version 3
Website cfengine.com

CFEngine is a configuration management system, written by Mark Burgess. Its primary function is to provide automated configuration and maintenance of large-scale computer systems, including the unified management of servers, desktops, consumer and industrial devices, embedded network devices, mobile smartphones, and tablet computers.

Contents

Released under the terms of the GNU General Public License, CFEngine is free software.

History

The CFEngine project began in 1993 as a way for author Mark Burgess (then a post-doctoral fellow of the Royal Society at Oslo University, Norway) to get his work done by automating the management of a small group of workstations in the Department of Theoretical Physics. Burgess managed Unix workstations, scripting and fixing problems for users manually. Scripting took too much time, the flavours of Unix were significantly different, and scripts had to be maintained for multiple platforms, drowning in exception logic. After discussing the problems with a colleague, Burgess wrote the first version of CFEngine (the configuration engine) which was published as an internal report [4] and presented at the CERN computing conference. It gained significant attention from a wider community because it hid platform differences using a domain-specific language.

A year later, Burgess finished his post-doc but decided to stay in Oslo and took a job lecturing at Oslo University College. Here he realized that there was little or no research being done into configuration management, and he set about applying the principles of scientific modelling to understanding computer systems.He developed the notion of convergent operators, which remains a core of CFEngine.

In 1998 Burgess wrote "Computer Immunology", a paper at the USENIX/LISA98 conference. [5] It laid out a manifesto for creating self-healing systems, reiterated a few years later by IBM in their form of Autonomic Computing. This started a research effort which led to a major re-write, CFEngine 2, which added features for machine learning, anomaly detection and secure communications.

Between 1998 and 2004, CFEngine grew in adoption along with the popularity of Linux as a computing platform. During this time, Mark Burgess developed promise theory, a model of distributed cooperation for self-healing automation. [6] [7] In 2008, after more than five years of research, CFEngine 3 was introduced, which incorporated promise theory as "a way to make CFEngine both simpler and more powerful at the same time", according to Burgess. The most significant re-write of the project to date, CFEngine 3 also integrated knowledge management and discovery mechanisms—allowing configuration management to scale to automate enterprise-class infrastructure.

In June 2008 the company CFEngine AS was formed as a collaboration between author Mark Burgess, Oslo University College and the Oslo Innovation Centre in order to support users of CFEngine. In April 2009, the company launched the first commercial version of CFEngine - CFEngine Enterprise. The Enterprise version can be downloaded for free for up to 25 agents (clients). February 2011, the company received its first round of funding, from FERD Capital. [8] The company has offices in Oslo, Norway and Mountain View, California, USA.

In 2017, the company changed its name to Northern.tech, to reflect that it is working on multiple software products, not only CFEngine. [9]

Design

One of the main ideas in CFEngine is that changes in computer configuration should be carried out in a convergent manner. [10] [11] This means that each change operation made by the agent should have the character of a fixed point. Rather than describing the steps needed to make a change, CFEngine language describes the final state in which one wants to end up. The agent then ensures that the necessary steps are taken to end up in this "policy compliant state". Thus, CFEngine can be run again and again, whatever the initial state of a system, and it will end up with a predictable result. CFEngine supports the item of statistical compliance with policy, meaning that a system can never guarantee to be exactly in an ideal or desired state, rather one approaches (converges) towards the desired state by best-effort, at a rate that is determined by the ratio of the frequency of environmental change to the rate of CFEngine execution. [12]

CFEngine provides an operating system-independent interface to Unix-like host configuration. It requires some expert knowledge to deal with peculiarities of different operating systems, but has the power to perform maintenance actions across multiple hosts. CFEngine can be used on Windows hosts as well, and is widely used for managing large numbers of Unix hosts that run heterogeneous operating systems, e.g. Solaris, Linux, AIX, Tru64 and HP-UX.[ citation needed ]

Users

CFEngine is used in both large and small companies, as well as in many universities and governmental institutions.[ citation needed ] The largest reported datacenter under management of CFEngine is above a million servers, while sites as large as 40,000 machines are publicly reported (LinkedIn [13] ), while sites of several thousand hosts running under CFEngine are common.[ citation needed ] According to statistics from CFEngine AS, probably several million computers run CFEngine around the world, and users from more than 100 countries have been registered.

Research

Shortly after its inception, CFEngine inspired a field of research into automated configuration management. The CFEngine project claims to attempt to place the problem of configuration management in a scientific framework. Its author Mark Burgess has developed a range of theoretical tools and results to talk about the problem, and has written several text books and monographs explaining them.[ citation needed ]

See also

Related Research Articles

<span class="mw-page-title-main">Sun Microsystems</span> American computer company, 1982–2010

Sun Microsystems, Inc. was an American technology company that sold computers, computer components, software, and information technology services and created the Java programming language, the Solaris operating system, ZFS, the Network File System (NFS), and SPARC microprocessors. Sun contributed significantly to the evolution of several key computing technologies, among them Unix, RISC processors, thin client computing, and virtualized computing. Notable Sun acquisitions include Cray Business Systems Division, Storagetek, and Innotek GmbH, creators of VirtualBox. Sun was founded on February 24, 1982. At its height, the Sun headquarters were in Santa Clara, California, on the former west campus of the Agnews Developmental Center.

<span class="mw-page-title-main">HP-UX</span> Operating system

HP-UX is Hewlett Packard Enterprise's proprietary implementation of the Unix operating system, based on Unix System V and first released in 1984. Current versions support HPE Integrity Servers, based on Intel's Itanium architecture.

<span class="mw-page-title-main">Configuration management</span> Process for maintaining consistency of a product attributes with its design

Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. The CM process is widely used by military engineering organizations to manage changes throughout the system lifecycle of complex systems, such as weapon systems, military vehicles, and information systems. Outside the military, the CM process is also used with IT service management as defined by ITIL, and with other domain models in the civil engineering and other industrial engineering segments such as roads, bridges, canals, dams, and buildings.

<span class="mw-page-title-main">Server (computing)</span> Computer to access a central resource or service on a network

In computing, a server is a piece of computer hardware or software that provides functionality for other programs or devices, called "clients". This architecture is called the client–server model. Servers can provide various functionalities, often called "services", such as sharing data or resources among multiple clients or performing computations for a client. A single server can serve multiple clients, and a single client can use multiple servers. A client process may run on the same device or may connect over a network to a server on a different device. Typical servers are database servers, file servers, mail servers, print servers, web servers, game servers, and application servers.

<span class="mw-page-title-main">Apollo Computer</span> Manufacturer of Apollo/Domain workstations in the 1980s

Apollo Computer Inc., founded in 1980 in Chelmsford, Massachusetts, by William Poduska and others, developed and produced Apollo/Domain workstations in the 1980s. Along with Symbolics and Sun Microsystems, Apollo was one of the first vendors of graphical workstations in the 1980s. Like computer companies at the time and unlike manufacturers of IBM PC compatibles, Apollo produced much of its own hardware and software.

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">USENIX</span> Organization supporting operating system research

USENIX is an American 501(c)(3) nonprofit membership organization based in Berkeley, California and founded in 1975 that supports advanced computing systems, operating system (OS), and computer networking research. It organizes several conferences in these fields.

<span class="mw-page-title-main">Project Athena</span> 1983 joint project by MIT, IBM and DEC

Project Athena was a joint project of MIT, Digital Equipment Corporation, and IBM to produce a campus-wide distributed computing environment for educational use. It was launched in 1983, and research and development ran until June 30, 1991. As of 2023, Athena is still in production use at MIT. It works as software that makes a machine a thin client, that will download educational applications from the MIT servers on demand.

<span class="mw-page-title-main">IXI Limited</span> British company specialising in Unix software

IXI Limited was a British software company that developed and marketed windowing products for Unix, supporting all the popular Unix platforms of the time. Founded in 1987, it was based in Cambridge. The product it was most known for was X.desktop, a desktop environment graphical user interface built on the X Window System. IXI was acquired by the Santa Cruz Operation (SCO) in February 1993.

MOSIX is a proprietary distributed operating system. Although early versions were based on older UNIX systems, since 1999 it focuses on Linux clusters and grids. In a MOSIX cluster/grid there is no need to modify or to link applications with any library, to copy files or login to remote nodes, or even to assign processes to different nodes – it is all done automatically, like in an SMP.

Autonomic computing (AC) is distributed computing resources with self-managing characteristics, adapting to unpredictable changes while hiding intrinsic complexity to operators and users. Initiated by IBM in 2001, this initiative ultimately aimed to develop computer systems capable of self-management, to overcome the rapidly growing complexity of computing systems management, and to reduce the barrier that complexity poses to further growth.

<span class="mw-page-title-main">RISC iX</span> Discontinued Unix operating system

RISC iX is a discontinued Unix operating system designed to run on a series of workstations based on the Acorn Archimedes microcomputer. Heavily based on 4.3BSD, it was initially completed in 1988, a year after Arthur but before RISC OS. It was introduced in the ARM2-based R140 workstation in 1989, followed up by the ARM3-based R200-series workstations in 1990.

<span class="mw-page-title-main">Mark Burgess (computer scientist)</span>

Mark Burgess is an independent researcher and writer, formerly professor at Oslo University College in Norway and creator of the CFEngine software and company, who is known for work in computer science in the field of policy-based configuration management.

<span class="mw-page-title-main">Özalp Babaoğlu</span> Turkish computer scientist (born 1955)

Özalp Babaoğlu, is a Turkish computer scientist. He is currently professor of computer science at the University of Bologna, Italy. He received a Ph.D. in 1981 from the University of California at Berkeley. He is the recipient of 1982 Sakrison Memorial Award, 1989 UNIX InternationalRecognition Award and 1993 USENIX AssociationLifetime Achievement Award for his contributions to the UNIX system community and to Open Industry Standards. Before moving to Bologna in 1988, Babaoğlu was an associate professor in the Department of Computer Science at Cornell University. He has participated in several European research projects in distributed computing and complex systems. Babaoğlu is an ACM Fellow and has served as a resident fellow of the Institute of Advanced Studies at the University of Bologna and on the editorial boards for ACM Transactions on Computer Systems, ACM Transactions on Autonomous and Adaptive Systems and Springer-Verlag Distributed Computing.


This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

Torch Computers Ltd was a computer hardware company with origins in a 1982 joint venture between Acorn Computers and Climar Group that led to the development of the Communicator or C-series computer, a system based on the BBC Micro with a Z80 second processor and integral modem, intended as a viewdata terminal.

<span class="mw-page-title-main">Promise theory</span>

Promise Theory is a method of analysis suitable for studying any system of interacting components. In the context of information science, Promise Theory offers a methodology for organising and understanding systems by modelling voluntary cooperation between individual actors or agents, which make public their 'intentions' to one another in the form of promises. Promise Theory is grounded in graph theory and set theory.

Progress Chef is a configuration management tool written in Ruby and Erlang. It uses a pure-Ruby, domain-specific language (DSL) for writing system configuration "recipes". Chef is used to streamline the task of configuring and maintaining a company's servers, and can integrate with cloud-based platforms such as Amazon EC2, Google Cloud Platform, Oracle Cloud, OpenStack, IBM Cloud, Microsoft Azure, and Rackspace to automatically provision and configure new machines. Chef contains solutions for both small and large scale systems.

<span class="mw-page-title-main">X.desktop</span>

X.desktop was an early desktop environment graphical user interface built on the X Window System. It was developed and sold during the late 1980s and early 1990s by IXI Limited, a British software house based in Cambridge. Versions of X.desktop were available for over 30 different UNIX operating system platforms and it was licensed to various vendors, including IBM, Compaq, Locus Computing Corporation, BiiN and Acorn Computers, the latter licensing it in 1988 for its future workstation products.

<span class="mw-page-title-main">HCR Corporation</span> Canadian software company

Human Computing Resources Corporation, later HCR Corporation, was a Canadian software company that worked on the Unix operating system and system software and business applications for it. Founded in 1976, it was based in Toronto.

References

  1. CFEngine Team & Community. "CFEngine 3.23.0 released". Northern.tech AS.
  2. CFEngine Team & Community. "CFEngine 3.21.4 released". Northern.tech AS.
  3. CFEngine Team & Community. "CFEngine 3.18.7 released". Northern.tech AS.
  4. Burgess, Mark. "University of Oslo : Cfengine V2.0 : A network configuration tool" (PDF). Iu.hio.no. Archived from the original (PDF) on 2013-07-23. Retrieved 2013-09-08.
  5. Burgess, Mark (December 1998). "Computer Immunology" (PDF). Usenix.org. Retrieved 2013-09-08.
  6. Burgess, Mark; Couch, Alva (2006-11-28). "Autonomic Computing Approximated by Fixed-Point Promises, Proceedings of First IEEE International Workshop on Modelling Autonomic Communication Environments (MACE2006)" (PDF). pp. 197–222. Archived from the original (PDF) on 2012-04-25.
  7. Hogg, Scott (July 1, 2014). "Promise Theory". Network World. Retrieved September 1, 2023.
  8. "Cfengine Completes Series A Investment" (Press release). Oslo, Norway: PRNewswire. 2011-04-04. Retrieved 2014-08-22.
  9. "Welcome to Northern.tech". northern.tech. Retrieved 2019-09-24.
  10. Burgess, Mark (Summer 1995). "Cfengine: a site configuration engine" (PDF). USENIX Computing Systems. Berkeley, CA, USA: USENIX. 8 (3). Retrieved 2014-08-22.
  11. Burgess, Mark (2003-11-29). "Configurable immunity for evolving human-computer systems". Science of Computer Programming. 51 (3): 197–213. doi: 10.1016/j.scico.2003.12.004 .
  12. Burgess, Mark (2003). "On the theory of system administration". Science of Computer Programming. 49 (1–3): 1–46. doi: 10.1016/j.scico.2003.08.001 .
  13. "CFEngine Case Study - LinkedIn Infrastructure and Operations Automation at WebScale" (PDF). CFEngine AS. November 2014.