LISA’11: BoFs – Bcfg2

Print Friendly, PDF & Email

The Bcfg2 BoF requires a bit of extra writeup due to some interesting new features for the now released 1.2 version.

  • TGenshi is now supported inside the Cfg plugin directory thereby making the layout cleaner.
  • A new plugin FileProbe allows for files generated on the host to be pulled back into the central repo and verified in the future. You can choose to restore the original or pull the new file back.
  • Updates have been made to the reporting web interface.
  • bcfg2-admin viz now generates for individual hosts.
  • For the future there are some new ideas of how to perform ordering and orchestration. Possibly because of some requests/suggestions taken from the workshop on Sunday.

Loads of other stuff too.

A BoF held immediately after by Wireless Generation detailed some really interesting uses of Bcfg2. Some ideas to take back to work are:

  • Use git and gerrit code review to ensure that changes go through a peer review process before going live.
  • Configure a Jenkins server to run build tests on bcfg2 repo code before allowing the changes to be applied to prod; these test are exactly the ones I recently listed on the central wiki. Basically generate the config for all hosts with bcfg2-info buildall we could augment this with bcfg2-info showclient and diff to the old version.
  • Use a separate repository to hold sensitive data, passwords, SSL keys. Not using svn means we can’t use authnz webdav policy, but as discussed afterwards it’s possible to circumvent the security. Having a 2nd repo is a slight hack as there’s no way to natively do ganular permissions in git.