[[!meta title="cdist - usable configuration management"]] .. . .x+=:. s dF @88> z` ^% :8 '88bu. %8P . <k .88 . '*88888bu . .@8Ned8" :888ooo .udR88N ^"*8888N .@88u .@^%8888" -*8888888 <888'888k beWE "888L ''888E` x88: `)8b. 8888 9888 'Y" 888E 888E 888E 8888N=*8888 8888 9888 888E 888E 888E %8" R88 8888 9888 888E 888F 888E @8Wou 9% .8888Lu= ?8888u../ .888N..888 888& .888888P` ^%888* "8888P' `"888*"" R888" ` ^"F 'Y" "P' "" "" [[!toc levels=2]] ## Introduction cdist is an alternative to other configuration management systems like [cfengine](http://www.cfengine.org/), [bcfg2](http://trac.mcs.anl.gov/projects/bcfg2), [chef](http://wiki.opscode.com/display/chef/) and [puppet](http://www.puppetlabs.com/). But cdist ticks differently, here is the feature set that makes it unique: [[!table data=""" Keywords | Description Simplicity | There is only one type to extend cdist called ***type*** Design | Type and core cleanly seperated Design | Sticks completly to the KISS (keep it simple and stupid) paradigma Design | Meaningful error messages - do not lose time debugging error messages Design | Consistency in behaviour, naming and documentation Design | No surprise factor: Only do what is obviously clear, no magic Design | Define target state, do not focus on methods or scripts Small core | cdist's core is very small - less code, less bugs Fast development | Focus on straightforwardness of type creation is a main development objective Requirements, Scalability | No central server needed, cdist operates in push mode and can be run from any computer Requirements, Scalability, Upgrade | cdist only needs to be updated on the master, not on the target hosts Requirements, Security | Uses well-know [SSH](http://www.openssh.com/) as transport protocol Requirements, Simplicity | Requires only shell and SSH server on the target UNIX | Reuse of existing tools like cat, find, mv, ... UNIX, familar environment, documentation | Is available as manpages and HTML UNIX, simplicity, familar environment | cdist is written in POSIX shell UNIX, simplicity, familar environment | cdist is configured in POSIX shell """]] ### Documentation The cdist documentation is included as manpages in the distribution. You can [browse the documentation for the latest version online](man) as well. ### OS support cdist was tested or is know to run on at least * [Archlinux](http://www.archlinux.org/) * [Debian](http://www.debian.org/) * [Fedora](http://fedoraproject.org/) * [Gentoo](http://www.gentoo.org/) * [Mac OS X](http://www.apple.com/macosx/) * [OpenBSD](http://www.openbsd.org) * [Redhat](http://www.redhat.com/) * [Ubuntu](http://www.ubuntu.com/) ## Requirements ### Server * A posix like shell * SSH-Client ### Client ("target host") * A posix like shell * SSH-Server ## Getting cdist You can clone cdist from git, which gives you the advantage of having a version control in place for development of your own stuff as well. ### Installation To install cdist, execute the following commands: git clone git://git.schottelius.org/cdist cd cdist export PATH=$PATH:$(pwd -P)/bin # If you want the manpages (requires gmake and asciidoc to be installed) ./build.sh man export MANPATH=$MANPATH:$(pwd -P)/doc/man Afterwards you can run ***cdist-quickstart*** to get an impression on how to use cdist. ### Available versions There are at least the following branches available: * master: the development branch * 1.6: New types, cleaned up \_\_package* types, internal cleanup Old versions: * 1.5: Focus on object orientation instead of global stage orientation * 1.4: Support for redefiniton of objects (if equal) * 1.3: Support for local and remote code execution (current stable) * 1.2: Dependencies supported * 1.1: \_\_file to \_\_file, \_\_directory, \_\_link migration * 1.0: First official release Other branches may be available for features or bugfixes, but they may vanish at any point. To select a specific branch use # Generic code git checkout -b <name> origin/<name> # Stay on a specific version version=1.6 git checkout -b $version origin/$version ### Mirrors * git://github.com/telmich/cdist.git ([github](https://github.com/telmich/cdist)) * git://git.sans.ethz.ch/cdist ([sans](http://git.sans.ethz.ch/?p=cdist;a=summary)) ## Update To upgrade cdist in the current branch use git pull # Also update the manpages ./build.sh man export MANPATH=$MANPATH:$(pwd -P)/doc/man If you stay on a version branche (i.e. 1.0, 1.1., ...), nothing should break. The master branch on the other hand is the development branch and may not be working, break your setup or eat the tree in your garden. ### Upgrading from 1.5 to 1.6 * If you used **\_\_package_apt --preseed**, you need to use the new type **\_\_debconf_set_selections** instead. * The **\_\_package** types accepted either --state deinstalled or --state uninstaaled. Starting with 1.6, it was made consistently to --state removed. ### Upgrading from 1.3 to 1.5 No incompatiblities. ### Upgrading from 1.2 to 1.3 Rename **gencode** of every type to **gencode-remote**. ### Upgrading from 1.1 to 1.2 No incompatiblities. ### Upgrading from 1.0 to 1.1 In 1.1 the type **\_\_file** was split into **\_\_directory**, **\_\_file** and **\_\_link**. The parameter **--type** was removed from **\_\_file**. Thus you need to replace **\_\_file** calls in your manifests: * Remove --type from all \_\_file calls * If type was symlink, use \_\_link and --type symbolic * If type was directory, use \_\_directory ## Support ### IRC You can join the development ***IRC channel*** [#cLinux on irc.freenode.org](irc://irc.freenode.org/#cLinux). ### Mailing list Bug reports, questions, patches, etc. should be send to the [cdist mailing list](http://l.schottelius.org/mailman/listinfo/cdist). ## Commercial support You can request commercial support for cdist from [my company](http://firma.schottelius.org/english/). ## Used by If you're using cdist, feel free to send a report to the mailing list. Interesting information are for instance * Which services do you manage? * How many machines do you manage? * What are the pros/cons you see in cdist? * General comments/critics ### Nico Schottelius, Systems Group ETH Zurich and privately Yes, I'm actually eating my own dogfood and currently managing * [plone](http://plone.org/) (cms) * [moinmoin](http://moinmo.in/) (wiki) * [apache](http://httpd.apache.org/) (webserver) * [kerberos (mit)](http://web.mit.edu/kerberos/) (authentication) * [nss-pam-ldapd](http://arthurdejong.org/nss-pam-ldapd/) (authentication) * [ircd-hybrid](http://www.ircd-hybrid.org/) (chat) * [stunnel](http://stunnel.mirt.net/) (SSL tunnel) * [mercurial-server](http://www.lshift.net/mercurial-server.html) (version control) * [xfce](http://www.xfce.org/) (lightweight desktop environment) * [slim](http://slim.berlios.de/) (graphical login manager for X11) with cdist on more than **60** production machines of the [Systems Group](http://www.systems.ethz.ch) at the [ETH Zurich](http://www.ethz.ch) as well at home. ### Steven Armstrong, CBRG ETH Zurich The CBRG is managing most of their compute clusters with cdist.