Today, we are pleased to announce the release of CFEngine 3.24.0! The code word for this release is consistency. This release also marks an important event, the beginning of the 3.24 LTS series, which will be supported for 3 years. Several new features have been added since the release of CFEngine 3.21 LTS, in the form of non-LTS releases.

Do you know how to quickly see what variables and classes are defined? Often, while developing CFEngine policy it’s convenient to emit a variable value or a report based on the presence of a class. For example: In some cases, this is because you are exploring what classes are available. In other cases, it might be DEBUG-related reports helping you understand how a variable is resolved during policy evaluation.

Ever want to get some data into CFEngine? Have you heard about the def.json Augments file?1 Augments are JSON data files that allow you to define classes and variables very early during agent initialization, before policy. Augments are practical in a variety of ways. Perhaps most notably for overriding policy defaults. Let’s look at a simple example.

Let’s talk about tags and how they can be useful for Inventory and Reporting. If you have been following along with the Feature Friday series you already heard about using tags to find currently defined classes, variables and bundles, but they are also very useful for reporting. In CFEngine Enterprise the inventory and attribute_name tags are special. A variable or class tagged with inventory becomes visible in the Inventory subsystem in Mission Portal with the name given in the attribute_name tag.

For security reasons, you generally want to uninstall talk, samba, and apache2 in your infrastructure. However, on your webservers, which have the webserver CFEngine class defined, you might want Apache to be installed. With the conditional-installer module, you can put talk,samba,apache2 in the list of packages to uninstall. And in the list of packages to install, you can put apache2 with the condition webserver. Hence, the module will install apache2 on your webservers and uninstall it everywhere else.

Did you know the Masterfiles Policy Framework (MPF) ships with a host info report? That’s right, you can simply run cf-agent --bundlesequence host_info_report and a report will be generated. command output It’s packed with information about the specific host. Let’s peek: command output Here are the section headers: command output Running with the show_software class defined will add information about installed packages command output command output Happy Friday!

Did you know bundles can have tags too? That’s right! You can tag a bundle by defining tags as a meta promise on a bundle. For example: You’ve likely encountered bundles tagged with autorun. These tags trigger automatic execution of bundles in lexical order whenever the services_autorun class is defined. However, you’re not limited to autorun. You can create custom tags to suite your specific needs.

Did you know you can find variables by name and tag? Like the ability to find currently defined classes (as described in Feature Friday #13: classesmatching()) that match a name or tag, you can find variables by name and tag. It’s a nifty capability. variablesmatching() returns a list of variable names that match the name and tag criteria.1 variablesmatching_as_data() returns a data container of the matching variables along with their values2.

Did you know you can find classes by name and tag? classesmatching() dynamically sources information from the current state. For example, let’s say you have classes representing a system’s role. Furthermore, let’s say that we want a host to only have a single role class defined. Finally, if we have more than one role class defined, then we don’t want to proceed.

Whether you are migrating from Ansible to CFEngine to gain some of the benefits of scale or autonomy or just need some functionality in an Ansible module, the ansible promise type can be a great tool to utilize. It also provides a compelling alternative to ansible-pull and works around some of the caveats included with that strategy. CFEngine has battle-tested features needed for the pull architecture.