What's the right way to switch from CFEngine to Rudder?

We have an existing cfengine3-community installation with lots of custom promises and it runs on about 50 machines. I'm interested in switching to Rudder, and I'm wondering about the best way to migrate. The newest version of Rudder seems to be based on cfengine 3.6.3, and we're running the latest cfengine, which is 3.7.1. So there's some syntax incompatibility. Would it work to just swap in the newest cfengine binaries? If not, what's the proper way to migrate?


Solution 1:

Rudder can run side by side with CFEngine. They use different ports for client-server communication (5309 for Rudder) and different paths (/var/rudder/cfengine-community) so they can work together on the system.

The best strategy would be to have both of them running on yout nodes, and transcript your policies one by one into Rudder (by defining Directives and applying them in Rules, or creating your own Techniques with the Graphical Technique Editor), and disabling the migrating policies in CFEngine.

Direct transcription is quite fast (all bricks are available in Rudder and easy to use); but it is a good opportunity to review:

  1. the relevance of the policies - we often find dead code in migration
  2. the application of policies - it can be that some policies should apply on more (or sometimes less) nodes than they are really aplpied on
  3. the correctness of policies - you get reporting with Rudder, which shows if policies are correctly applied and works. It may be that some of them where failling before without you knowing it, because there were no reports.

Solution 2:

rudder use an embedded cfengine-community which is not incompatible with an independant cfengine installation (path are different).

There are some cfengine pactches maintained by Rudder team so I think it will be not a good idea to swap the binaries.

For the incompatibility I don't know, but I know you will need to add some information in your promises to report the state inside Rudder.