Cft Configuration File Tracking


Cft (pronounced sift) watches a system administrator as she makes changes to a system. Its basic principle is heavily influenced by Gnome's Sabayon. Instead of the desktop though, cft is focused on traditional system administrators and how they maintain machines, mostly with command line tools.

Cft uses puppet as its backbone for expressing the configuration of a system, and for understanding in greater detail what changes the admin has made to the system. Sites that already use puppet to manage their configuration can easily integrate cft's output into the overall site configuration; for sites that use some other means of configuration management, cft's output provides a complete record of changes made and serves as a good starting point of integrating the changes back into the site's configuration.


In lieu of colorful screenshots, a simple example will explain in more detail how cft works: cft organizes changes in sessions to let the user better indicate what aspect of the system they are fixing (the webserver, the mailserver etc.) A simple session to fix the configuration of postfix and to start and enable the service might entail root running the following commands:

  tux:1# cft begin postfix
  tux:2# yum -y install postfix
  tux:3# vi /etc/postfix/
  tux:4# chkconfig postfix on
  tux:5# service postfix start
  tux:6# cft finish postfix

Note that the user only had to issue two additonal commands to begin and finish the session, everything else in the session is exactly the same as if the changes had been made without cft. The command cft begin postfix tells cft to start a session called postfix, and the last command cft finish postfix tells it to do the final bookkeeping necessary for analysing the results

Once the commands above have been issued, running cft manifest postfix will print the changes in the form of a puppet manifest:

  tux:6# cft manifest postfix
    class postfix {
        package { 'postfix.i386':
          ensure => '2:2.3.3-2'

        service { 'postfix':
            enable => 'true',
            pattern => 'postfix',
            ensure => 'running'

        file { '/etc/aliases.db':
            group => 'smmsp',
            owner => 'root',
            mode => '0640',
            source => '/tmp/cft/postfix/after/etc/aliases.db'

        file { '/etc/postfix/':
            group => 'root',
            owner => 'root',
            mode => '0644',
            source => '/tmp/cft/postfix/after/etc/postfix/'

This manifest tells puppet that puppet should enable and start the postfix service, and that the two files should be copied from the location mentioned as the source and receive the given owner, group, and mode. cft takes care of copying all modified files into a safe location so that they can be copied off the machine into a central location. The mention of the file aliases.db is somewhat spurious: it gets automatically recreated by the init script for postfix, and cft treats it exactly as if the user had created the file.

To facilitate moving the changes onto a central serevr, cft can also convert a session into a tarball that contains both the puppet manifest and all the files that are mentioned in it, in this case aliases.db and Fancier, more convenient methods of integrating changes back into a central puppet server are planned for the future.


Cft 0.2.1
Previously finished sessions can now be resumed (with `cft begin -r SESSION')
Remove lots of unneeded attributes from generated manifest
Prune RPM package set to only leaf packages; packages that were updated/installed and depend on other packages that were updated/installed during the session are not included in the manifest

Cft 0.2.0
This release understands package operations, so that running yum -y install httpd (or rpm -Uvh foo.i386.rpm) will produce appropriate package statements in the resulting manifest.
You will need the ruby-rpm bindings.

Cft 0.1.0
The very first release of Cft. Understands most of puppet's builtin types — only cron, sshkey, and package are missing.
If you use the RPM, you might also need ruby-fam (the ruby gamin bindings) from Fedora, or build it yourself from upstream.


Cft is licensed under the GPL. Sources in a git repository on gitorious

(all released files) (latest tarball) (latest zip) (latest gem) (latest srpm) (latest rpm)


What can Cft do for me?
Cft watches you as you make configuration changes to your system and remembers those changes. When you are done with making the changes, Cft digests and summarizes them in a format suitable for feeding them to Puppet

Who is the intended audience?
Anyone who makes changes to a system as root, especially system administrators at small and large sites. Cft will be particularly useful to you if you use Puppet to manage the configuration of your machines.

How is Cft used?
Cft is used from the command line, just before you begin making configuration changes, and right after you finished making them. It only requires you to issue two additonal commands, there's no need to learn any other special tools or avoid using your favorite tool. (Well, if that's vi there's a special restriction in the license to keep you from using it) (I KEED, I KEED, you can use vi though it's bad for the character)

Does Cft only work for Red Hat based Linux distributions?
Honestly, I don't know; I would be very interested in making sure that Cft works on all the Linux distributions and OS's that Puppet works on, though I will have to rely on help from others for most of the work there. If you are using (or trying to use) Cft on one of those OS's, drop me a line.

How can I contribute?
Send in bug reports, patches, ideas, or comments to the et-mgmt-tools list.


Cft is written and maintained by David Lutterkort.

Send comments, questions, patches, and suggestions to the et-mgmt-tools list. You can send mail even if you aren't a list member.


Cft saves you from having to remember what exactly you changed on a system — it watches you and remembers for you, leaving you free to focus on the result you need to achieve.


All released files
Latest tarball | zip | gem | srpm | rpm