CFEngine

Palo Alto, CA, USA
2008
  |  By Ole Herman Elgesem
Today, we are pleased to announce the release of CFEngine 3.23.0! This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS.(CFEngine 3.24 LTS is scheduled to release summer 2024). The codename for this release is anniversary, as this year is CFEngine’s 30th anniversary.
  |  By Craig Comstock
For CFEngine we manage several public and private repositories of code in GitHub for our Open Source and Enterprise products. In order to ensure quality we run many checks on the code both with nightly builds as well as on each pull request. We use a Jenkins server for nightlies which also includes more extensive deployment tests on all of the platforms we support. Previously we had used Travis for many of these checks but that system started to show its age and limitations.
  |  By Nick Anderson
This question was covered in The Agent is In, Episode 27 CFEngine Q&A: Policy Questions. Testing is an important part of the software life-cycle. Writing tests for your CFEngine policy can help to bring improved assurance that your policy behaves as expected. Follow along and write your first test policy.
  |  By Nick Anderson
This question was covered in The Agent is In, Episode 27 CFEngine Q&A: Policy Questions. Given the following JSON, how can I get a list containing just the values of name?
  |  By Ole Herman Elgesem
Today, we are pleased to announce the release of CFEngine 3.22.0! The focus of this new version has been coordination. This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS.(CFEngine 3.24 LTS is scheduled to release summer 2024).
  |  By Nick Anderson
Traditionally, CFEngine policy sets are managed as a whole. When upgrading the Masterfiles Policy Framework (MPF)1 users must download the new version of the policy framework and integrate it into the existing policy set, carefully diffing the vendored policy files against their currently integrated policy. Updates to policy authored by others must be sought out and similarly integrated.
  |  By Nick Anderson
Having a list of software that is allowed to be installed on a host is a strategy to prevent and fix security gaps and maintain compliance with operational guidelines. This zero-trust methodology ensures that only explicitly permitted applications are allowed to be present on a host unlike package block-listing which enumerates an explicit list of software that is not allowed to be present. In fact, with a software allow-list, you are essentially block-listing everything except the software you allow.
  |  By Lars Erik Wik
Opening and reading files may cause your program to block indefinitely, which is a major problem for configuration management tools like CFEngine. What if we make a program that can check if these file operations would block indefinitely, before using them? Unfortunately our good friend Alan Turing proved that such programs are not theoretically possible.
  |  By ChiaCheng Lu
Using CFEngine there are many ways to group and classify your hosts. In order to group their hosts, our users use a combination of JSON files, CFEngine policy language (with variables, classes, and class expressions), host specific data and host filters in Mission Portal. With these features you can choose which hosts to show in reports, and you can make decisions on what changes to make on which hosts.
  |  By Jeff Carlson
I have stopped using my Linux distro’s package manager, and you should, too. Maybe I should clarify that. I don’t install software with my distro’s package manager any more. I still upgrade my system. I became influenced by a few different factors. Top among these is something required in certain industries called a change advisory board or committee.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.
  |  By CFEngine
"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

CFEngine®, Inc., a pioneer in IT Automation at Web-scale, enables organizations to become more agile and thrive in the Cloud Era by radically simplifying, automating and transforming the way they build, deliver and consume IT infrastructure and applications.

With CFEngine, some of the largest IT organizations provision resources and deploy new applications orders of magnitude faster, while ensuring continuous availability, security and compliance in large-scale, very dynamic and highly complex environments.

Automate large-scale, complex and mission critical IT infrastructure.

  • Speed: Written in C. The leanest and fastest solution in the industry with execution time less than 1 second.
  • Security: The open source configuration solution with the best security record.
  • Stability: The most mature solution in the industry, conducting hundreds of billions of compliance checks in large-scale production environments.
  • Scalability: Deploy a model-based configuration change across 50,000 servers in 5 minutes.

CFEngine has users in more than 100 countries, including many of the world’s largest financial organizations such as JPMC, as well as companies like LinkedIn, Chevron, DirecTV, Locaweb, and Deutsche Telekom.