CFEngine configuration management tool up close and in-depth
CFEngine is a widely known and used configuration management tool. Learn about its primary features and functions and if and how your organization could benefit from it.
The CFEngine configuration management tool is used to automate the packaging and provisioning of software into an organization's operational IT environment. CFEngine software is used by companies such as LinkedIn, mobile telecoms company Orange, PayPal Holdings, Percolate and Locaweb.
CFEngine is seen by many as "the grandfather of configuration management tools". It started as a project by Mark Burgess while working as a post-doctorate fellow at Oslo University in 1993, as a means of automating much of the mundane tasks of managing a group of workstations. The original CFEngine has been considerably reritten to get to its third generation.
CFEngine's current stable release is 3.7.4, released in August 2016. It is available under the GPLv3 license.
CFEngine software is written in C. As such, its footprint tends to be smaller than those CM systems built in Ruby or Python.
CFEngine operates in a client-server mode, with a master server managing agents on remote nodes.
The main differentiator for CFEngine configuration management is in using a desired state model. Rather than gathering all the steps that are required to make a change to a target node, the system administrator defines what the final state should be. CFEngine then takes the steps necessary to create such a final state. Within CFEngine, this is called a convergent approach. These final state declarations are built up as promises or policy statements.
Users state that the learning curve for CFEngine is pretty steep, because they are required to understand the nuances of the different operating systems of the nodes under CFEngine's management.
The versions available for CFEngine configuration management
CFEngine comes in two basic versions. The Community Version is free and open source. CFEngine Enterprise adds considerable extra functionality, including a graphical user interface. This GUI also enables users to run IT compliance reports and it provides a real-time security dashboard. Enterprise can be downloaded and used free on up to 25 nodes. CFEngine Enterprise's pricing is a little more opaque than most other CM tools. Whereas others provide public pricing based on a per node per annum basis, CFEngine requires potential subscribers to contact a salesperson to enter into negotiations. Anecdotally, it appears that CFEngine is willing to create a price that is highly customized to an organization's actual IT platform.
CFEngine is published on a long-term support (LTS) model. Major releases are introduced into the market every 18 months, with the functionality guaranteed to be supported with an overlap between releases. Non-LTS releases are issued on an approximate six month basis, with functionality that is liable to change when it is rolled up into the next LTS release.
CFEngine used to be supported on a range of OS tiers, with differing support structures around each tier. CFEngine has now abandoned this approach, with a single group of supported OSes. The list of supported OSes is:
As CFEngine has been around for a long time, it has a set of loyal followers. The company claims that CFEngine manages millions of servers across over 100 countries. It runs a help forum on Google+, along with a code and module repository on GitHub.
Unless others are willing to climb the steep learning curve necessary for CFEngine, this is a tool best suited for large, complex organizations with a strong need for granular control via scripts created by highly-skilled IT professionals.