ArticlePDF Available

A Site Configuration Engine.

Authors:
  • Researcher and Advisor at ChiTek-i

Abstract

Cfengine is a language-based system administration tool in which system maintenance tasks are automated and the configuration of all networked hosts are defined in a central file. Host configuration may be tested and repaired any number of times without the need for human intervention. Cfengine uses a decision-making process based on class membership and is therefore optimized for dealing with large numbers of related hosts as well as individually pin-pointed systems.
... A fixed-point model of change was introduced in [8,9], based on the notion of repairability or 'maintenance' of an intended state. This model is realized in the software Cfengine [10], and was further elaborated upon using an alternative formulation in [11]. The crux of this approach is to bring about a certainty of outcome, even in an incompletely specified (or 'open') system, and has proved to have several advantages over traditional delta approaches, including that it allows autonomic repair of developing problems. ...
... The function C, in any representation, gives us a way of representing absolute, not relative, changes of state. This is an important ability in maintaining order in a system, and it is the basis on which Cfengine [10] operates on millions of computers around the world today. Each operation is a function of a field, in which the zero element is mapped to a desired state. ...
... We say that the repeated operation of an operator C(q 0 ) 'converges', as it always returns the system state to its fixed point |q 0 . This algebra describes the behaviour of a single 'convergent operator' or 'promise' in Cfengine [9,10]. We cannot define C −1 because the symbol 0 −1 is not defined in the underlying field F , but we may totalize the field [13] with corresponding merits and conditions to assign a meaning to a reversal or 'roll-back'. ...
Preprint
Full-text available
In system operations it is commonly assumed that arbitrary changes to a system can be reversed or `rolled back', when errors of judgement and procedure occur. We point out that this view is flawed and provide an alternative approach to determining the outcome of changes. Convergent operators are fixed-point generators that stem from the basic properties of multiplication by zero. They are capable of yielding a repeated and predictable outcome even in an incompletely specified or `open' system. We formulate such `convergent operators' for configuration change in the language of groups and rings and show that, in this form, the problem of convergent reversibility becomes equivalent to the `division by zero' problem. Hence, we discuss how recent work by Bergstra and Tucker on zero-totalised fields helps to clear up long-standing confusion about the options for `rollback' in change management.
... Promise Theory, first outlined in 2005 [1], is a compositional approach to describing systems of interacting agents. It has had some practical successes thanks to a straightforward applicability to technology [2]- [19]. Like many approaches to modelling, for machines, processes, functions, and operations, it describes systems in terms of agents whose autonomous behaviours are composed from the bottom up. ...
... It may be used to express more complicated 1 The result is not a conventional logic-indeed, it defies the traditional modal-logic formulations of force and necessity-rather, it works more in the manner local action and parallelism, and has some natural similarities with Quantum Mechanics as a theory of incomplete information. 2 The Actor Model fits into the set of models that are trivially represented by Promise Theory, but is too close to programming to be a general modelling framework. We don't want to limit the form of message interaction to state-machine transition-inducing events, nor say anything too specific about the nature of agents, as this might be quite different on different scales and in different circumstances. ...
... Only then can we form channels for information to pass along reliably and maintain an illusion of homogeneous 'order'. Fig. 7: Promise trajectories take two main forms i) conditional 'path integrals', and ii) convergent fixed points (stable subgraphs), well known from configuration management technology [2], [40]. ...
Preprint
Full-text available
Promise Theory concerns the alignment and scaling of process outcomes in agent models. It serves as an umbrella for other theories of interaction from physics to socio-economics. We review some structural details of Promise Theory, applied to Promises of the First Kind, to assist in the comparison of Promise Theory with other forms of physical and mathematical modelling, including Category Theory and Dynamical Systems. We explain how Promise Theory is distinct from other kinds of model, but has a natural structural similarity to statistical mechanics and quantum theory, albeit with different goals; it respects and clarifies the bounds of locality, while incorporating non-local communication. We derive the relationship between promises and morphisms to the extent that this would be a useful comparison.
... II. POLICY AND PROMISES An important paradigm for controlled environmental adaptation is the policy based management scenario [9], [10], [11], [12], [13]. In this scenario, systems are configured by specifying constraints on their allowable states and behaviour, and these are propagated to them in the form of rule-sets [14], [15]. ...
... There is a close similarity between the promise approach and the operator approach used by the autonomous agent cfengine, in configuration management. Although cfengine is not explicitly concerned with network management, its modus operandi is to build a policy from atomic promises about certain resources available on computers that are optionally linked by a network [11]. ...
Preprint
Full-text available
We present a model for policy based management , stressing the role of decisive autonomy in generalized networks. The organization and consistency of agent cooperation is discussed within a cooperative network. We show that some simple rules can eliminate formal inconsistencies, allowing robust approximations to management. Using graph theoretical ranking methods, we evaluate also the probable consistency and robustness of cooperation in a network region. Our theory makes natural contact with social network models in building a theory of pervasive computing. We illustrate our model with a number of examples. Index Terms-Configuration management, ad hoc networks, peer to peer, pervasive computing, end-to-end service provision.
... Extend(context,"state_of_contention") Extend(context,"explicit_undo") This is exactly the method used in CFEngine to gauge context from different system probes [4]. It's highly efficient to compute, but we still need to know whether the symbols are useful characterizations. ...
Method
Full-text available
This work is part of the study of trust sponsored by NL net. In the penultimate contribution, we look for ways to use machine learning to assemble data into a form suitable for actionable algorithms. At the end of this work, we are left with a number of techniques that can be applied to different circumstances. There is no one-size-fits-all approach to trust, because there is no single way in which human-computer systems interact with human-computer systems. Data intensive approaches seem to be the wrong approach--costing needlessly for little gain.
... The scope of data management is usually much greater than one would normally expect for 'configuration' changes (a term usually associated with more slowly varying permanent infrastructure). By now, the accepted approach for configuration is to ensure an invariant state through monotonic and idempotent state convergence, as proven by Burgess in [24], [28], building on Shannon's error correction theorem [29]. Convergent correctness in a data store may be viewed as a version of error correction over a single policy domain. ...
Preprint
Full-text available
We describe a policy-based approach to the scaling of shared data services, using a hierarchy of calibrated data pipelines to automate the continuous integration of data flows. While there is no unique solution to the problem of time order, we show how to use a fair interleaving to reproduce reliable 'latest version' semantics in a controlled way, by trading locality for temporal resolution. We thus establish an invariant global ordering from a spanning tree over all shards, with controlled scalability. This forms a versioned coordinate system (or versioned namespace) with consistent semantics and self-protecting rate-limited versioning, analogous to publish-subscribe addressing schemes for Content Delivery Network (CDN) or Name Data Networking (NDN) schemes.
... Promise trajectories take two main forms i) conditional 'path integrals', and ii) convergent fixed points (stable subgraphs), well known from configuration management technology[2,41]. ...
Article
Full-text available
Promise Theory concerns the 'alignment', i.e. the degree of functional compatibility and the 'scaling' properties of process outcomes in agent-based models, with causality and intentional semantics. It serves as an umbrella for other theories of interaction, from physics to socio-economics, integrating dynamical and semantic concerns into a single framework. It derives its measures from sets, and can therefore incorporate a wide range of descriptive techniques, giving additional structure with predictive constraints. We review some structural details of Promise Theory, applied to Promises of the First Kind, to assist in the comparison of Promise Theory with other forms of physical and mathematical modelling, including Category Theory and Dynamical Systems. We explain how Promise Theory is distinct from other kinds of model, but has a natural structural similarity to statistical mechanics and quantum theory, albeit with different goals; it respects and clarifies the bounds of locality, while incorporating non-local communication. We derive the relationship between promises and morphisms to the extent that this would be a useful comparison.
... The understanding of high level cognition (e.g. in humans), including all its symbology, is hypothesized to be a natural extension of those agent-centric models accumulated over multiple scales. The underpinnings for Semantic Spacetime began a decade ago with work on knowledge representations, using Promise Theory in collaboration with Alva Couch, University of Tufts [5]- [7], and work related to the autonomous software agent system CFEngine [8]. The scope of issues covered is large and draws on ideas from physics, information theory, and computer science. ...
Preprint
Full-text available
This note is a guide to ongoing work and literature about the Semantic Spacetime Hypothesis: a model of cognition rooted in Promise Theory and the physics of scale. This article may be updated with new developments. Semantic Spacetime is a model of space and time in terms of agents and their interactions. It places dynamics and semantics on an equal footing. The Spacetime Hypothesis proposes that cognitive processes can be viewed as the natural scaling (semantic and dynamic) of memory processes, from an agent-centric local observer view of interactions. Observers record 'events' and distinguish basic spacetime changes and spacetime serves as the causal origin of all cognitive representation. If the Spacetime Hypothesis prevails, it implies that relative spacetime scales are crucial to bootstrapping cognition and that the mechanics of cognition are directly analogous to sequencing representations in bioinformatic process, under the phenomenon of an interferometric process of selection. The hypothesis remains plausible (has not been ruled out). Experiments with text mining, i.e. natural language processing, illustrate how the method shares much in common with bioinformatic analysis. The implications of this are broad.
... No agent takes orders from any other. Examples of such autonomy can be found in software like cfengine [5], [6] and the Border Gateway Protocol [7]. ...
Preprint
Full-text available
Systems with decentralized authority are sometimes considered to be 'unmanaged' or even unmanageable, but we propose that they can be guided by economic incentives. Promise theory is an approach to policy that assumes complete decentralization of authority: cooperation between agents or systems is entirely voluntary. By exhibiting the relationship between promise theory and game theory, we propose that there is a natural economic incentive for cooperation without authority, in distributed systems with autonomous control. The possibility of trading between agents motivates the definition of a common currency. Our results are especially applicable to the analysis of policy in a Service Oriented Architecture. We derive minimal requirements for the existence of stable agreements between agents, with or without monetary payment.
... The new paradigm for management is the policy based management scenario [3,4,5,1]. In this scenario, systems are configured by specifiying contraints on their state and on their behaviour, which are propagated to them in the form of rulesets. ...
Preprint
Full-text available
We consider a model for the spread of unwanted E-mail or other identifiable traffic (worms etc) under various network policies, as a simple model of adaptive access policy. We consider phase transitions of the network from percolation to non-percolation as the changes in policy spread throughout various types of network.
Article
Many modern applications are built by combining independently developed packages and services that are distributed over many machines with complex inter-dependencies. The assembly, installation, and management of such applications is hard, and usually performed either manually or by writing customized scripts. We present Engage, a system for configuring, installing, and managing complex application stacks. Engage consists of three components: a domain-specific model to describe component metadata and inter-component dependencies; a constraint-based algorithm that takes a partial installation specification and computes a full installation plan; and a runtime system that co-ordinates the deployment of the application across multiple machines and manages the deployed system. By explicitly modeling configuration metadata and inter-component dependencies, Engage enables static checking of application configurations and automated, constraint-driven, generation of installation plans across multiple machines. This reduces the tedious manual process of application configuration, installation, and management. We have implemented Engage and we have used it to successfully host a number of applications. We describe our experiences in using Engage to manage a generic platform that hosts Django applications in the cloud or on premises.
ResearchGate has not been able to resolve any references for this publication.