[%CFEngine_include_markdown(include-install-bootstrap-configure-summary.markdown)%]
Check the [Pre-Installation Checklist][Pre-Installation Checklist] and [Supported Platforms and Versions][Supported Platforms and Versions] for requirements and other information that is useful for the installation procedure.
CFEngine Enterprise is provided in two packages; one is for the Policy Server (hub) and the other is for each Host (client).
Note: See [Installing Community][Installing Community] for the community version of CFEngine)
Log in as root and then follow these steps to install CFEngine Enterprise:
On the designated Policy Server, install the cfengine-nova-hub
package:
[RedHat/CentOS/SUSE] $ rpm -i <server hub package>.rpm
[Debian/Ubuntu] $ dpkg -i <server hub package>.deb
On each Host, install the cfengine-nova
package:
[RedHat/CentOS/SUSE] $ rpm -i <agent package>.rpm
[Debian/Ubuntu] $ dpkg -i <agent package>.deb
Note: Install actions logged to /var/logs/cfengine-install.log
.
Bootstrapping a client means to configure it initially. With CFEngine, the default bootstrap:
sys.policy_hub
) and public key, and gives the server the client’s key to establish trust (see [Bootstrapping][Networking#Bootstrapping])/var/cfengine/masterfiles
on the policy server (AKA sys.masterdir
) to /var/cfengine/inputs
(AKA sys.inputdir
). See update.cf
for details.Run the bootstrap command, first on the policy server:
Find the IP address of your Policy Server:
$ ifconfig
Run the bootstrap command:
$ sudo /var/cfengine/bin/cf-agent --bootstrap <IP address of policy server>
The bootstrap command must then be run on any client attaching itself to this server, using the ip address of the policy server (i.e. exactly the same as the command run on the policy server itself).
CFEngine itself is configured through policy as well (see [Components and Common Control][] and
[Masterfiles Policy Framework][] for details). The following basic changes to the default policy will configure
cf-serverd
and cf-execd
for your environment.
By default an email a summary of any cf-agent
run initiated by cf-execd
. You
may want to adjust the mailto or mailfrom. If you have a centralized reporting
system like CFEngine Enterprise you may wish to disable agent emails all
together.
The preferred way of setting def.mailfrom
is from the
[augments file][Augments].
{
"vars": {
"mailfrom": "sender@your.domain.here",
"mailto": "recipient@your.domain.here"
}
}
Alternatively you can alter the setting in def.cf
.
Note: On some systems these modifications should hopefully work without needing to make any additional changes elsewhere. However, any emails sent from the system might also end up flagged as spam and sent directly to a user’s junk mailbox.
Note: It’s best practice to restart daemons after adjusting it’s settings to ensure they have taken effect.
The preferred way to disable the agent from sending emails is to define
cfengine_internal_disable_agent_email
from the [augments file][Augments].
{
"classes": {
"cfengine_internal_disable_agent_email": [ "any" ]
}
}
Alternatively you can define the class from def.cf
.
Note: It’s best practice to restart daemons after adjusting it’s settings to ensure they have taken effect.
Edit /etc/hosts
and add an entry for the IP address and hostname of the server.
See: [What steps should I take after installing CFEngine Enterprise?][FAQ#What steps should I take after installing CFEngine Enterprise]
Although most install procedures follow the same general workflow, there are several ways of installing CFEngine depending on your environment and which version of CFEngine you are using.