Cfengine Training Course Program

CFENGINE TRAINING COURSE PROGRAM

VERSION 5.1 DECEMBER 10TH 2015

Normation SAS 87 rue de Turbigo SAS au capital de 21 000 € 75003 Paris RCS Paris 519 451 686 / 00025 France Déclaration d'activité de formateur enregistrée sous le numéro 11 94 08020 94 auprès Telephone : +33 (0)1 83 62 26 96 du préfet de région d'Ile-de-France Fax : +33 (0)1 83 62 29 38 Email : [email protected] CFEngine Training Course program

CONTENTS

1. Normation, the company...... 3 1.1. Introduction...... 3 1.2. Our values...... 3 1.3. Our people...... 3 1.4. Our key partner: CFEngine...... 4 2. Our CFEngine training courses...... 5 2.1. Training modules...... 5 2.2. Target audience...... 5 2.3. Pre-requisites...... 6 2.4. Courses available...... 6 3. CFEngine Fundamentals (3 days)...... 8 4. CFEngine 3.6-3.7-3.8 refresher (1 day)...... 10

Page 2/11 CFEngine Training Course program

1. NORMATION, THE COMPANY

1.1. Introduction

Normation is an open source software company offering enterprises the ability to gain control over their IT infrastructure through automation and continuous configuration assessment.

Normation is also the company behind the open source configuration management and audit solution, Rudder. Today, Rudder is deployed in production enterprise sites across both Europe and North America. Normation continues to evolve Rudder in collaboration with the Rudder community.

Normation offers professional consulting, training and support. Our specialities are configuration management, continuous integration, continuous deployment, package management, Rudder, CFEngine, LDAP and Scala.

Normation is based in Paris, France, and works with customers across Europe and North America.

1.2. Our values

Normation has embedded the following values throughout the organization:

• Reliability: Proving, at each and every opportunity, our ability to be your expert partner on mission critical projects.

• Self-transcendence: Constantly trying to go beyond what we know to be possible, reaching around and beyond our limits – what are limits for, if we cannot challenge them?

• Innovation: Fostering creativity, knowledge and experience to deliver better solutions for our customers.

• Humility: Accepting that several possibilities exist and diverge, and all bring value to our vision.

1.3. Our people

Normation's greatest asset is its people.

As well as providing the core team of architects and developers for Rudder, one of Normation's consultants is a recognized CFEngine Community Champion (C3), and several of Normation's staff are regular contributors to the CFEngine open source project.

Normation's team also possesses an extensive history of over 10 years of expertise, code, bug fixing and documentation contributions to other open source projects.

Page 3/11 CFEngine Training Course program

1.4. Our key partner: CFEngine

Normation's software solutions are built with mature, proven software components. These components are considered to be the best-of-breed in their domain, benefit from extensive enterprise adoption and active communities of practice.

CFEngine (established in Oslo and the Silicon Valley since 2008)

This company supports technical development for the open source configuration management tool of the same name, and builds a commercial version for the enterprise (CFEngine Enterprise).

CFEngine is a strategic partner for Normation, with whom we share a vision of the next generation of configuration management for IT infrastructure.

This partner can support us as part of our activity around CFEngine problems, in any case our close ties to the CFEngine open source community might not be sufficient to help us.

Page 4/11 CFEngine Training Course program

2. OUR CFENGINE TRAINING COURSES

2.1. Training modules

Normation is the preferred training partner for CFEngine in Europe, providing training courses on the subject of the configuration management tool CFEngine 3.

These courses may be given either on-site (internal training within a company for their employees), or in public/open enrolment sessions (open to a mix of people, signing up on a per person basis).

Courses would be typically one of the following lengths: • A three day course covering main concepts • An additional one day to improve or refresh existing knowledge and cover advanced topics and best practices for optimal deployments

• Up to five days, for specially tailored courses (on-site only)

Three days is the preferred training length: a single day may serve as an introduction but is too short to make substantial technical progress, but five days can be an exhausting experience both for trainer and trainee. A three day training program contains a high proportion of practical hands-on work, discussion and evaluation.

Courses are given in small groups (no more than 10 trainees) and alternate between theoretical presentations to the whole class and hands-on practical exercises, which allow for individual interaction between trainees and the trainer. These interactions make sure everyone is on the same page, and can be used to go deeper into specific subjects on request of individual trainees.

Our training program and handouts were created by our CFEngine Community Champions. All courses are given by a trainer who is a recognized CFEngine expert and has received certified CFEngine training.

2.2. Target audience

The following categories of professionals will benefit from CFEngine training courses:

• System administrators: ◦ In companies already using CFEngine (or having recently decided to) that need to learn to use or implement it, or gain knowledge on best practices, ◦ With CFEngine 2 experience that need to learn about CFEngine 3, ◦ Interested in DevOps principles and curious to learn about configuration management tools in general

• Technical leaders: ◦ In companies considering implementing some form of configuration management, that need to understand the advantages of this practice (CFEngine is an example of such a tool),

Page 5/11 CFEngine Training Course program

◦ In companies considering using a configuration management tool, seeking information and understanding on how CFEngine works and it's pros and cons in relation to other similar tools.

Note: A technical leader as described above may be anyone in an organization with a need to understand the technologies used, although not necessarily make use of them himself, such as a team leader of a sysadmin group, a technical expert whose role is to advise on trends in tools or a technically inclined IT manager.

2.3. Pre-requisites

Attendees should arrange to have a computer for the practical, hands-on exercises included in the training, which are a key part of the course.

This computer should be able to run some kind of Unix (Linux is advised). It is not important whether or not this is a Linux virtual machine though the computer will need to have network access enabled.

Some of the exercises involve installing operating system packages, so if you installed the operating system from a DVD, please also bring the installation media. If you are able to install software from an on-line repository (like yum, apt, or OpenSuSE repository) then you will not need the installation media.

2.4. Courses available

Normation has developed several standard CFEngine courses, presented in the following paragraphs of this document:

1. CFEngine Fundamentals: a three day course, including a non-technical half-day introduction to configuration management (definition, advantages/disadvantages) and CFEngine's architecture, followed by 2.5 days covering CFEngine fundamentals and everyday usage: installation, components, principles, language syntax, package and process management, presentation of more advanced concepts.

Learn CFEngine from scratch with a very hands-on approach, introducing concepts one by one. This three day course will give you full understanding of all the building blocks you need to use CFEngine, and explain the theory behind system automation as we go. No previous experience necessary, although basic Linux sysadmin skills are necessary.

Course materials and samples provided electronically, a free printed copy of the O'Reilly "Learning CFEngine 3" book for each attendee and a certificate of participation.

2. CFEngine 3.6-3.7-3.8 refresher: a one day course, designed to complement the initial three day course above or hands-on experience, to learn about all the new features in recent versions of CFEngine, and how they can improve your regular use of CFEngine.

Take one day to update your CFEngine knowledge and learn the latest and greatest features, complete with real-life examples. This short course will show you how to use and benefit from latest

Page 6/11 CFEngine Training Course program

changes and clarify upgrade paths. Designed for anyone with previous CFEngine experience or training. Our trainer will be happy to help you brush up on the basics if necessary too!

Course materials and samples provided electronically, a free printed copy of the O'Reilly "Learning CFEngine 3" book for each attendee and a certificate of participation.

A detailed description of the goals and benefits of each course is provided in the following chapters.

Page 7/11 CFEngine Training Course program

3. CFENGINE FUNDAMENTALS (3 DAYS)

CFEngine Fundamentals Module Theme: CFEngine 3 Level: Intermediate Attendees should be familiar with working on the Linux/UNIX command line and Prerequisites: Duration: 3 days regular system administration tasks (installing software, OS configuration, etc). Learn CFEngine from scratch with a very hands-on approach, introducing concepts one by one. This three day course will give you full understanding of all the building blocks you need to use CFEngine, and explain the theory behind system automation as we go. No previous experience necessary, although basic Linux sysadmin skills are necessary.

A non-technical introductory morning will provide attendees with an understanding of the aims, advantages and constraints of configuration management in modern IT Goals: environments, and it's link with the devops movement, before detailing CFEngine's role in this field, and will provide key points for planning and driving successful adoption.

The rest of this module goes into technical details of installing CFEngine, it's language's syntax, and the available features. These will be presented via real-world examples, set up by the trainees across many practical exercises.

After this course, attendees will know CFEngine's fundamentals, as well as our main recommendations to deploy a configuration management service based on CFEngine. • Course materials and samples provided electronically • A free printed copy of the O'Reilly "Learning CFEngine 3" book by Diego Takeaways: Zamboni for each attendee • Certificate of participation

Topics covered: • devops – what is it and why should I care? ◦ Origins and characteristics of the movement ◦ The CAMS acronym definition - Culture, Automation, Measure, Share ◦ Focus on automation

• Automating IT infrastructure ◦ Fundamental concepts in configuration management (convergence, idempotence, Single Copy Nirvana, ...) ◦ Advantages and drawbacks ◦ Comparison of the main approaches

• Keys to success for automation projects ◦ Context and requirements (team organization, goals, project leader, ...) ◦ Keys to success (training, internal processes, change management, ...)

Page 8/11 CFEngine Training Course program

◦ Pitfalls to avoid

• CFEngine architecture Agents, distributing policy, configuration references ◦ CFEngine, an agent based-system ◦ Distributing files ◦ Typical architecture

• The “desired state” model Make and keep “promises”, converging towards the desired state, differences with the procedural approach ◦ Promises ◦ Convergence ◦ Examples to illustrate this model's benefits

• First steps Installing CFEngine, running and debugging the agent, language syntax basics, convergence and conditional execution based on classes

• File templating Deploying static files, the Mustache templating language, generating dynamic files

• Service management Starting, stopping and managing standard system services

• The CFEngine language Promise attributes, variables, vocabulary, « body » containers, summary of all available types (promise types)

• CFEngine agent structure Installation locations, software components and daemons, entry points

• Simple file editing Editing existing files, line by line

• Advanced variables Using arrays, reading in parameters from an external files (Content Driven Policy or CDP)

• Client/Server Understanding and deploying a client/server architecture with CFEngine. Limitations and benefits.

Page 9/11 CFEngine Training Course program

4. CFENGINE 3.6-3.7-3.8 REFRESHER (1 DAY)

CFEngine 3.6-3.7-3.8 refresher Module Theme: CFEngine 3 Level: Advanced CFEngine Fundamentals module Prerequisites: Duration: 1 day (or equivalent experience) Take one day to update your CFEngine knowledge and learn the latest and greatest features, complete with real-life examples. This short course will show you how to use Goals: and benefit from latest changes and clarify upgrade paths. Designed for anyone with previous CFEngine experience or training. Our trainer will be happy to help you brush up on the basics if necessary too! • Course materials and samples provided electronically • A free printed copy of the O'Reilly "Learning CFEngine 3" book by Diego Takeaways: Zamboni for each attendee • Certificate of participation

Topics covered: • Overview of CFEngine releases ◦ Release history and key versions ◦ Current release lifecycle (LTS versions, maintenance periods) ◦ Overview of changes in 3.6, 3.7 and 3.8 ◦ Upgrade paths

• New and improved promise types ◦ Users promises to manage local users (new in 3.6) ◦ Second generation packages promises (new in 3.7) ◦ Services promises and their defaults, including systemd support (new in 3.5 and significantly improved in 3.6 and 3.7)

• Mustache templating ◦ The Mustache template language (new in 3.6) ◦ Template examples including variable expansion, iteration and class-based decisions ◦ string_mustache() function to template in-line strings (new in 3.7)

• Masterfiles policy framework (MPF) ◦ Overview of MPF and changes across recent versions ◦ Configuration by def.cf ◦ Autorun directory for bundle inclusion

• Data manipulation (CSV, YAML, JSON) ◦ 'data' variable type and associated functions (new in 3.6) ◦ Generic data support for CSV, YAML and JSON (new in 3.7) ◦ Example policies using data manipulation

Page 10/11 CFEngine Training Course program

• Server and networking management ◦ TLS authentication (new in 3.6) and configuring allowed versions and ciphers (new in 3.7) ◦ Access control using hostnames, IP addresses and keys (new in 3.6) ◦ Configuring a network bandwidth limit (new in 3.7)

• New and improved functions ◦ Overview of new functions in 3.6, 3.7 and 3.8 ◦ http support with the url_get() function (new in 3.8)

• Policy structuration and management ◦ Adapting policies to multiple versions with @if minimum version(x,x) and @if feature() (new in 3.7) ◦ Defining policy bodies with inheritance (new in 3.8) ◦ Maintenance tips and tricks ◦ Using an acceptance test framework for “unit” testing

Page 11/11