Hubbry Logo
CFEngineCFEngineMain
Open search
CFEngine
Community hub
CFEngine
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
CFEngine
CFEngine
CFEngine
View on Wikipedia
from Wikipedia
CFEngine
Initial release1993
Stable release
3.25.0,[1] 3.24.2,[2] 3.21.7[3] / May 13th, 2025
Repository
Written inC
Operating systemCross-platform
PlatformUnix-like, Windows
TypeConfiguration management System administration Network management
LicenseGNU General Public License version 3
Websitecfengine.com

CFEngine is a configuration management system, written by Mark Burgess. Its primary function is to provide automated configuration and maintenance of large-scale computer systems, including the unified management of servers, desktops, consumer and industrial devices, embedded network devices, mobile smartphones, and tablet computers.

Released under the terms of the GNU General Public License, CFEngine is free software.

History

[edit]

The CFEngine project began in 1993 as a way for author Mark Burgess (then a post-doctoral fellow of the Royal Society at Oslo University, Norway) to get his work done by automating the management of a small group of workstations in the Department of Theoretical Physics. Burgess managed Unix workstations, scripting and fixing problems for users manually. Scripting took too much time, the flavours of Unix were significantly different, and scripts had to be maintained for multiple platforms, drowning in exception logic. After discussing the problems with a colleague, Burgess wrote the first version of CFEngine (the configuration engine) which was published as an internal report[4] and presented at the CERN computing conference. It gained significant attention from a wider community because it hid platform differences using a domain-specific language.

A year later, Burgess finished his post-doc but decided to stay in Oslo and took a job lecturing at Oslo University College. Here he realized that there was little or no research being done into configuration management, and he set about applying the principles of scientific modelling to understanding computer systems. He developed the notion of convergent operators, which remains a core of CFEngine.

In 1998 Burgess wrote "Computer Immunology", a paper at the USENIX/LISA98 conference.[5] It laid out a manifesto for creating self-healing systems, reiterated a few years later by IBM in their form of Autonomic Computing. This started a research effort which led to a major re-write, CFEngine 2, which added features for machine learning, anomaly detection and secure communications.

Between 1998 and 2004, CFEngine grew in adoption along with the popularity of Linux as a computing platform. During this time, Mark Burgess developed promise theory, a model of distributed cooperation for self-healing automation.[6][7] In 2008, after more than five years of research, CFEngine 3 was introduced, which incorporated promise theory as "a way to make CFEngine both simpler and more powerful at the same time", according to Burgess. The most significant re-write of the project to date, CFEngine 3 also integrated knowledge management and discovery mechanisms—allowing configuration management to scale to automate enterprise-class infrastructure.

In June 2008 the company CFEngine AS was formed as a collaboration between author Mark Burgess, Oslo University College and the Oslo Innovation Centre in order to support users of CFEngine. In April 2009, the company launched the first commercial version of CFEngine - CFEngine Enterprise. The Enterprise version can be downloaded for free for up to 25 agents (clients). February 2011, the company received its first round of funding, from FERD Capital.[8] The company has offices in Oslo, Norway and Mountain View, California, USA.

In 2017, the company changed its name to Northern.tech, to reflect that it is working on multiple software products, not only CFEngine.[9]

Design

[edit]

One of the main ideas in CFEngine is that changes in computer configuration should be carried out in a convergent manner.[10][11] This means that each change operation made by the agent should have the character of a fixed point. Rather than describing the steps needed to make a change, CFEngine language describes the final state in which one wants to end up. The agent then ensures that the necessary steps are taken to end up in this "policy compliant state". Thus, CFEngine can be run again and again, whatever the initial state of a system, and it will end up with a predictable result. CFEngine supports the item of statistical compliance with policy, meaning that a system can never guarantee to be exactly in an ideal or desired state, rather one approaches (converges) towards the desired state by best-effort, at a rate that is determined by the ratio of the frequency of environmental change to the rate of CFEngine execution.[12]

CFEngine provides an operating system-independent interface to Unix-like host configuration. It requires some expert knowledge to deal with peculiarities of different operating systems, but has the power to perform maintenance actions across multiple hosts. CFEngine can be used on Windows hosts as well, and is widely used for managing large numbers of Unix hosts that run heterogeneous operating systems, e.g. Solaris, Linux, AIX, Tru64 and HP-UX.[citation needed]

Users

[edit]

CFEngine is used in both large and small companies, as well as in many universities and governmental institutions.[citation needed] The largest reported datacenter under management of CFEngine is above a million servers, while sites as large as 40,000 machines are publicly reported (LinkedIn[13]), while sites of several thousand hosts running under CFEngine are common.[citation needed] According to statistics from CFEngine AS, probably several million computers run CFEngine around the world, and users from more than 100 countries have been registered.

Research

[edit]

Shortly after its inception, CFEngine inspired a field of research into automated configuration management. The CFEngine project claims to attempt to place the problem of configuration management in a scientific framework. Its author Mark Burgess has developed a range of theoretical tools and results to talk about the problem, and has written several text books and monographs explaining them.[citation needed]

See also

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

CFEngine

View on Grokipedia
from Grokipedia
CFEngine is a lightweight, open-source system that automates the enforcement of desired system states across networks of computers, using a declarative policy language to handle configuration, compliance, and tasks. Developed by British computer scientist Mark Burgess in 1993 while working at Oslo University College in , it was initially created to simplify site administration in academic and large-scale environments, drawing on early concepts of autonomous agents and convergence to ensure systems self-repair toward defined policies without central orchestration. At its core, CFEngine operates through distributed agents installed on managed hosts, which periodically evaluate and apply policies defined in a high-level , preventing configuration drift and enabling scalable operations for environments ranging from servers to cloud infrastructures. This , grounded in Promise Theory—a framework Burgess pioneered for modeling intentions and dependencies in distributed systems—emphasizes , lightweight execution (using mere megabytes of resources), and idempotent operations that converge systems to compliance without side effects. Over its evolution, CFEngine has influenced modern infrastructure-as-code practices, with major version 3 released in introducing enhanced , for , and integration with pipelines, while supporting features like patch management, security hardening, and reporting for standards such as and CIS benchmarks. The tool offers both a community edition under the GNU GPL and a commercial enterprise version with advanced dashboards and APIs, now maintained by Northern.tech, and has been adopted by organizations including , , and the U.S. Department of Energy for managing hundreds of thousands of hosts reliably. Its decentralized approach distinguishes it from more centralized tools like or , prioritizing speed, security, and resilience in heterogeneous, high-stakes settings.

Introduction

Overview

CFEngine is a declarative system designed for automating the maintenance of large-scale computer systems, including servers, desktops, embedded devices, and IoT hardware. It functions as a distributed agent-based tool that enables policy-based , ensuring systems idempotently converge to a desired state by continuously verifying and enforcing compliance with predefined policies. The scope of CFEngine encompasses heterogeneous environments, supporting a wide range of platforms such as systems (e.g., , Solaris, AIX), Windows, macOS, BSD variants, embedded devices, IoT hardware, cloud infrastructures, and mainframes. It scales efficiently from individual machines to enterprise deployments managing over 100,000 nodes, providing robust automation without centralized bottlenecks. Written in , CFEngine emphasizes high performance and portability across diverse architectures and operating systems. Its foundational approach draws from Promise Theory, which models voluntary cooperation among autonomous agents in distributed systems.

Licensing and Availability

CFEngine is licensed under the GNU General Public License version 3 (GPL v3), which has governed its community edition since the release of version 3 in 2008. This allows users to freely use, modify, and distribute the software, subject to the terms of the GPL v3, fostering community contributions to its development. The software is available as through official repositories on and direct source code downloads from the CFEngine website. Users can access the edition without cost, enabling deployment on systems with community-driven support. Commercial support and an enterprise edition with additional features, such as enhanced APIs and dashboards, are provided by Northern.tech, the company formerly known as CFEngine AS, which rebranded in to reflect its broader portfolio of software products. The enterprise edition operates under a separate commercial license, offering extended verification and support options. LTS releases are supported for 3 years with commercial options, while non-LTS releases are supported for 6 months in the edition. As of November 2025, the latest stable releases include version 3.26.0 (released May 20, 2025, non-LTS), 3.25.0 (released January 6, 2025), 3.24.2 (LTS, updated May 15, 2025), and 3.21.7 (updated May 15, 2025), with the latter updates addressing bug fixes and dependencies. Downloads, , and further details are hosted on the websites cfengine.com and northern.tech.

History

Origins

CFEngine was created in 1993 by Mark Burgess while he was at Oslo University College in , emerging as a response to the growing challenges of managing distributed systems in expanding computer networks. At the time, the proliferation of TCP/IP networks and affordable systems had led to large-scale deployments of machines, overwhelming traditional manual or script-based administration methods that proved inefficient for heterogeneous environments. The primary motivation behind its development was to provide a , high-level for automating configuration and tasks, particularly in resource-constrained academic settings where heavy dependencies or complex tools were impractical. Burgess aimed to enable convergent —ensuring systems self-correct to a desired state—without relying on centralized control or extensive , making it suitable for Unix-based computer labs with diverse hardware and software variations. This approach addressed the need for standardization and automation in site-wide administration, reducing the burden on administrators handling hundreds of machines. The initial release occurred in , focusing on basic for Unix systems through a simple, declarative syntax that emphasized idempotent operations and minimal resource use. Early testing took place at Oslo University, where it was introduced as a cross-platform tool for documenting and enforcing desired system states. Early adoption occurred primarily in research and academic environments, where it was used to manage diverse computer labs by simplifying the configuration of networked Unix machines and ensuring consistency across installations. In , CFEngine was released under project, facilitating broader open-source distribution. By the mid-1990s, it had gained traction at over 20 sites worldwide, including university networks, demonstrating its utility in handling the administrative demands of growing computational resources without introducing additional complexity.

Development Milestones

Following the initial development of CFEngine, was released in March 2002, introducing significant enhancements in security and efficiency, including of all network connections using and a new secure file distribution server (cfservd). This version also rationalized the program's structure, enabling more reliable management of distributed systems without relying on insecure protocols like rsh. In 2008, CFEngine 3 was announced as a major rewrite, emphasizing advanced autonomy through the integration of Promise Theory, a for self-healing and intent-based . The full release followed in April 2009, incorporating simplified policy definitions and improved scalability for large-scale deployments, with techniques for modeling and adapting to system behaviors added in subsequent iterations. To support ongoing development and commercialization, CFEngine AS was founded in June 2008 as a involving creator Mark Burgess and partners in , providing professional backing for the open-source project while expanding enterprise offerings. In 2017, the company rebranded to Northern.tech, broadening its scope beyond core to encompass comprehensive IT and device lifecycle solutions. Recent advancements include the introduction of CFEngine Build in November 2021, a command-line tool (cfbs) that facilitates the creation, sharing, and assembly of reusable policy modules to streamline collaborative policy development. Development has continued with regular updates, including version 3.26.0 in May 2025 adding admin improvements such as default admin elimination, and the LTS version 3.27.0 released in November 2025, introducing audit logging and other enhancements as of November 2025.

Design Principles

Core Concepts

CFEngine operates on a declarative paradigm, where policies articulate the desired end states of systems rather than prescribing sequential, imperative procedures. This approach enables administrators to specify outcomes—such as ensuring specific software versions are installed or files maintain certain permissions—without detailing the exact steps to achieve them. The CFEngine policy language, a (DSL), facilitates this by allowing configurations to be defined in human-readable text files, typically stored on policy hubs and distributed to agents. Central to CFEngine's design is the convergence principle, which ensures that system actions are idempotent, meaning repeated executions yield the same result without unintended over-corrections. Agents evaluate and repair deviations to align the actual state with the promised desired state, categorizing outcomes as "promise kept," "promise repaired," or "promise not kept." This self-healing mechanism promotes stability, as the system continuously verifies compliance and intervenes only when necessary, fostering a persistent convergence toward policy adherence. CFEngine emphasizes and , allowing agents to operate independently without reliance on a central server for ongoing . Each host interprets and enforces policies locally, enabling resilience even if connectivity to policy hubs is intermittent. Complementing this is opportunistic execution, which minimizes resource consumption by scheduling agent runs—defaulting to every five minutes but adjustable with features like execution splaying to avoid simultaneous loads. Promises serve as the fundamental building blocks for these policies, organized into bundles for .

Architecture

CFEngine employs an where the primary component, cf-agent, operates as a , autonomous running locally on each managed host to enforce and maintain policies. This distributed approach ensures that occurs independently on individual nodes without reliance on a centralized controller, allowing for self-healing and across the . The cf-agent, implemented for efficiency, periodically evaluates the system's state against defined promises and makes necessary adjustments to achieve compliance. The operational model of CFEngine is structured around a four-phase execution cycle that supports systematic handling and enforcement. In the Build phase, administrators construct policy templates that define the desired states. The Deploy phase involves distributing these policies from designated policy hubs to the agents on target hosts, typically via secure file transfers. During the Manage phase, cf-agent executes the policies locally, converging the system toward the intended configuration through iterative corrections, a process that emphasizes and minimal disruption. Finally, the phase enables continuous verification, where agents report on compliance and deviations, facilitating ongoing monitoring without interrupting operations. CFEngine's architecture is designed for , operating effectively even in unreliable environments by minimizing dependencies on external services or stable networks. Agents can function offline using cached policies if connectivity to hubs is lost, preventing single points of failure and enabling to over servers in large deployments. This resilience is achieved through opportunistic networking and local , ensuring that the system remains operational under varying conditions. The framework integrates seamlessly with heterogeneous operating systems, including Unix-like systems, Windows, macOS, Linux, and BSD, using TCP/IP protocols for communication while maintaining independence from specific network topologies and process dependencies. This allows cf-agent to isolate its operations on each host, handling diverse hardware and software configurations without custom adaptations for individual setups. Such portability extends to non-traditional platforms, including embedded systems, underscoring the architecture's emphasis on universality and isolation.

Implementation

Policy Language

CFEngine's policy language is a declarative designed for specifying the desired state of systems and infrastructure, enabling automation through high-level promises rather than imperative scripts. Policies are written in files, conventionally using the .cf extension, and are typically stored in directories like /var/cfengine/inputs for execution by the CFEngine agent. These files leverage bundles as the primary organizational unit, grouping related promises—declarations of intent—into modular, reusable blocks that define actions such as file management, package installation, or service configuration. Promises serve as the core primitives of the language, expressing verifiable commitments about states. The basic syntax revolves around bundle definitions, which specify an agent type (e.g., agent for enforcement) and an identifier, enclosing a series of types within curly braces. For instance, file use the files: type to ensure a file's and content, as in the following example:

bundle agent example { files: "/path/to/file" content => "desired content"; }

bundle agent example { files: "/path/to/file" content => "desired content"; }

This structure that the file at /path/to/file contains the specified text, creating or editing it as needed. Attributes within , such as content =>, use the operator (=>) to assign values, which can be literals, lists, or references to other elements. Key elements enhance the language's expressiveness and flexibility. Variables are defined using the vars: promise type and referenced with $(variable_name) for substitution, allowing dynamic adaptation based on context, such as host-specific paths. Functions, like execresult("/bin/command"), execute external commands and return results for use in policies, supporting integration with system tools. Classes provide conditional logic as qualifiers (e.g., linux:: or custom any::), guarding to apply only under specific conditions like operating system or runtime state. Bodies offer reusable customization blocks for promise attributes; for example:

body edit_defaults custom_backup { edit_backup => "timestamp"; }

body edit_defaults custom_backup { edit_backup => "timestamp"; }

This body can then be referenced in a promise like files: "/etc/config" edit_defaults => custom_backup;, tailoring behaviors such as backups during edits. For readability and maintainability, CFEngine policies follow recommended style guidelines. Indentation uses two spaces per nesting level, starting from bundle definitions, promise types, and attributes, while curly braces for top-level blocks (bundles, bodies, s) appear on new lines with content indented inside. Naming conventions favor snake_case for identifiers (e.g., service_name), though alternatives like PascalCase are permissible, and s are ordered either in normal agent evaluation sequence or reader-optimized logical flow, with blank lines separating promise types. These practices ensure policies remain concise and human-readable, facilitating collaborative development.

Deployment and Execution

CFEngine can be installed on supported platforms using pre-compiled packages or by compiling from source code. For Debian-based systems like Ubuntu, the Community Edition is available via the Advanced Package Tool (APT); administrators add the CFEngine repository to sources.list and install the cfengine-community package with commands such as sudo apt update && sudo apt install cfengine-community. This installs the core binaries, including cf-agent, the primary agent for policy evaluation and system changes. For compilation from source, users download tarballs from the official repository and follow the build instructions in the INSTALL file, requiring prerequisites like a C compiler and libraries such as libcurl and libpcre. Enterprise editions use deb or rpm packages like cfengine-nova-hub for policy servers, installed similarly via APT or YUM, followed by bootstrapping the server to itself using cf-agent --bootstrap <IP>. Policy execution begins with cf-agent, which evaluates and enforces promises defined in policy files. In standalone mode, administrators run cf-agent -Kf policy.cf to execute a specific file without locks, where -K prevents time-based locking and -f specifies the input file; verbose output can be enabled with --verbose for debugging. For automated enforcement, cf-execd daemon schedules cf-agent runs every 5 minutes by default, invoking promises.cf from the /var/cfengine/inputs directory unless overridden. Policies are distributed securely across hosts using cf-serverd, a TLS-enabled daemon that serves files from /var/cfengine/masterfiles on the policy server; clients request updates via cf-agent, with access controlled by role-based promises in access control lists. The inputs mechanism, defined in files like inputs.cf or def.json, lists external policy files (e.g., "promises.cf") for inclusion and automatic distribution to clients during updates. Monitoring and auditing integrate with execution to track compliance and system state. The cf-monitord daemon collects metrics through measurements promises, sampling variables like CPU load, disk usage, and network activity to establish baselines and detect anomalies, storing data in /var/cfengine/state for use in policy decisions. For auditing, cf-report processes this stored data to generate human-readable outputs, such as compliance summaries or environmental graphs, merging historical observations from cf-monitord databases to verify promise fulfillment over time. During execution, cf-agent achieves convergence by iteratively applying changes until the system's state matches policy intentions, ensuring idempotent enforcement.

Adoption

Notable Users

, a leading professional networking platform, utilizes CFEngine to manage over 100,000 servers, enabling fully automated provisioning that brings new machines online in or less. This automation supports phased rollouts and monitoring, facilitating 5-10 production changes daily, including up to 15 CFEngine-related updates, while self-healing capabilities minimize configuration drift and risk. By handling bare-metal setup, OS configurations, software updates, and user management across thousands of machines in minutes—compared to weeks manually—CFEngine allows LinkedIn's small of six to scale efficiently amid 5% monthly growth. Locaweb, a major Brazilian web hosting and services provider, employs CFEngine to automate over 30,000 servers, achieving full stack control and rapid deployments. The tool has reduced deployment times by over 95%, while maintaining service quality and enhancing visibility across operations. This scalability supports Locaweb's enterprise data centers, allowing the CTO to highlight CFEngine's role in enabling fast movements without compromising reliability. In the early , CFEngine was used in CERN-affiliated GridPP and EGEE projects for deploying and configuring LCG/gLite across collaborating university sites, automating package installations, file distributions, service monitoring, and upgrades on clusters with hundreds of worker nodes, reducing administrative overhead and enabling node re-installations in 20-40 minutes. These efforts ensured consistent configurations in high-performance data centers handling scientific workloads. Percolate, a platform, adopted CFEngine to scale its amid 50% annual growth without increasing staff, achieving a 10x reduction in IT operations costs through of server provisioning and management. HIPAA Vault has used CFEngine Community Edition since 2013 for compliance and security in healthcare IT, later upgrading to the Enterprise version for enhanced visibility and reporting. The U.S. Department of Energy has adopted CFEngine for managing large-scale computing environments, including national laboratories, as noted in early 2010s implementations. These case studies underscore CFEngine's effectiveness in enterprise web services and data centers, where it drives automation at scale to support dynamic, high-volume environments like those in professional networks, hosting providers, and scientific research facilities.

Community and Ecosystem

CFEngine's open-source contributions are primarily hosted on under the cfengine organization, where the core repository facilitates community involvement in development and maintenance. Community-driven extensions, such as cf-keycrypt—a tool for encrypting files using CFEngine host keys—have been integrated into the project, enhancing security features like secret management in the cf-secret component. In 2021, CFEngine Build was launched as a platform enabling users to discover, share, and manage reusable modules through the cfbs command-line tool, promoting modular development and collaboration. Support resources include comprehensive documentation available at docs.cfengine.com, covering installation, writing, and advanced usage for all CFEngine versions. Community forums, hosted on , provide a space for users to discuss issues and share solutions. The CFEngine Champions program recognizes active contributors, such as Dimitrios Apostolou, who open-sourced cf-monitord to enable custom measurement promises in the Community Edition. The ecosystem includes tools for integrations with monitoring systems, such as for alerting on compliance issues, and built-in capabilities like cf-monitord for system variable sampling. Policy testing frameworks allow non-root validation of promises, supporting dry-run simulations and integration with external scripts for automated checks. Annual retrospectives, such as those for 2023 and , summarize releases, webinars, and incorporate user feedback to guide future enhancements, fostering ongoing . This ecosystem is supported by Northern.tech, the commercial entity backing CFEngine's development.

Research and Influence

Promise Theory

Promise Theory is a conceptual model proposed by Mark Burgess between 2003 and 2007 to describe cooperation among autonomous agents in distributed systems through unilateral promises, where agents voluntarily declare their intentions without requiring enforcement or reciprocal obligations from others. This framework emphasizes the sovereignty of individual agents, treating promises as declarative statements of capability or intent that form the basis for reliable interactions in complex environments. Unlike traditional models relying on commands or centralized , Promise Theory posits that cooperation emerges from aligned intentions, fostering trust through transparency rather than coercion. Central to Promise Theory are the principles of , minimal dependencies, and the absence of central control, which allow agents to operate independently while contributing to overall system coherence. Agents make promises about their own behaviors—such as maintaining a specific state or providing a service—without imposing demands on others, thereby reducing coupling and enhancing by isolating failures to non-dependent components. This approach promotes , as the system can grow without bottlenecks from , and builds trust through verifiable intentions that agents can observe and adapt to dynamically. By focusing on voluntary alignment, the theory minimizes conflicts arising from enforced dependencies, enabling resilient behaviors in unpredictable settings. In the context of CFEngine, Promise Theory was integrated starting with version 3, released in 2008, to model policies as a collection of such promises, eschewing strong in favor of decentralized, self-healing . This integration allows CFEngine to treat configuration as a network of autonomous intentions, improving manageability in large-scale infrastructures. Beyond , Promise Theory has been applied using labeled to model network interactions, where nodes represent agents and edges denote promised relations, facilitating analysis of dependencies and flows. It has also extended to broader distributed systems, including (SDN), where it supports intent-based control by defining network behaviors through agent promises rather than rigid rules. These applications underscore how promises enable scalable, fault-tolerant designs without centralized oversight.

Key Publications

The foundational paper introducing CFEngine, titled "Cfengine: A Site Configuration Engine," was published by Mark Burgess in 1995 in the journal Computing Systems. This work outlined the initial design of CFEngine as a lightweight, agent-based tool for automating site-wide on Unix systems, emphasizing convergence to desired states without central control, and it laid the groundwork for policy-driven administration that influenced subsequent configuration management tools. In 1998, Burgess presented "Computer Immunology" at the 12th Large Installation System Administration (LISA) Conference, introducing concepts of self-healing in distributed systems by drawing analogies to biological immune responses. The paper proposed CFEngine's use of feedback loops and to automatically detect, diagnose, and repair system deviations, marking an early contribution to autonomic computing principles. Promise Theory, which underpins much of CFEngine's later evolution, was formalized starting in through Burgess's paper "A Static Theory of Promises," available on , which defined promises as voluntary, asymmetric commitments between autonomous agents to model reliable interactions in distributed environments. Subsequent works, such as the 2010 presentation "Cfengine" at the LISA Configuration Management Summit, extended this to agent cooperation in compliance and , demonstrating how Promise Theory enables scalable, intent-based system behaviors without rigid hierarchies. Burgess co-authored the book A System Engineer's Guide to Host Configuration and Maintenance Using Cfengine in 2007 as part of the Short Topics in System Administration series, providing practical policy examples and best practices for implementing CFEngine in enterprise settings, including case studies on multi-platform deployment and maintenance . Recent retrospectives on CFEngine include Burgess's 2023 Medium article "CFEngine's and AI Origins," reflecting on the tool's 30-year history and its roots in and physics-inspired modeling, alongside the official CFEngine 2023 retrospective blog post, which highlights ongoing community contributions and adaptations. Additionally, the Promise Theory on markburgess.org, last updated in November 2024, serves as a comprehensive resource clarifying the theory's applications to modern IT and agent-based systems. In August 2025, Burgess published "Promise Theory 20 year anniversary" on Medium, marking two decades since its initial presentation and discussing its enduring relevance in distributed systems and beyond. These publications have notably influenced large-scale users, such as , in managing complex infrastructures through self-regulating policies.

References

  1. https://cfengine.com/
  2. https://www.usenix.org/blog/interview-cfengine-founder-and-cto-mark-burgess
  3. https://www.gnu.org/software/cfengine/
  4. https://www.infoq.com/articles/cfengine-view-on-it-automation/
  5. https://cfengine.com/blog/2020/how-cfengine-stays-ahead-of-the-pack/
  6. https://docs.cfengine.com/latest/overview.html
  7. https://docs.cfengine.com/latest/overview-how-cfengine-works.html
  8. https://cfengine.com/supported-versions/
  9. https://docs.cfengine.com/latest/overview-what-is-cfengine-and-why.html
  10. https://docs.cfengine.com/docs/archive/manuals/cf3-Reference
  11. https://www.usenix.org/system/files/lisa/books/usenix_26_cfengine3_ch1.pdf
  12. https://cfengine.com/downloads/cfengine-community/
  13. https://cfengine.com/downloads/cfengine-community-source/
  14. https://github.com/cfengine/core
  15. https://cfengine.com/blog/2025/cfengine-3-25-released-auditability/
  16. https://cfengine.com/blog/2025/cfengine-3-21-7-and-3-24-2-released/
  17. https://cfengine.com/blog/2025/cfengine-3-26-released-admin/
  18. https://northern.tech/
  19. https://www.usenix.org/legacy/event/config10/burgess.pdf
  20. https://www.usenix.org/legacy/publications/compsystems/1995/sum_burgess.pdf
  21. http://markburgess.org/papers/paper2.pdf
  22. https://lists.gnu.org/archive/html/info-gnu/2002-03/msg00010.html
  23. https://2459d6dc103cb5933875-c0245c5c937c5dedcca3f1764ecc9b2f.ssl.cf2.rackcdn.com/books/26_cfengine3_full_1.pdf
  24. https://cfengine.com/author/mark-burgess/
  25. https://northern.tech/careers/blog/welcome-to-northern-tech
  26. https://cfengine.com/blog/2021/cfengine-build-launched/
  27. https://docs.cfengine.com/latest/versions.html
  28. https://cfengine.com/blog/2024/2024-retrospective/
  29. https://docs.cfengine.com/latest/reference-components-cf-agent.html
  30. https://docs.cfengine.com/docs/3.20/guide-introduction-architecture-design.html
  31. https://docs.cfengine.com/latest/getting-started-installation.html
  32. https://docs.cfengine.com/latest/examples-tutorials-write-cfengine-policy.html
  33. https://docs.cfengine.com/latest/reference-language-concepts.html
  34. https://docs.cfengine.com/latest/getting-started-writing-policy.html
  35. https://docs.cfengine.com/latest/examples-tutorials-writing-and-serving-policy-policy-style.html
  36. https://docs.cfengine.com/latest/getting-started-installation-general-installation-installation-community.html
  37. https://docs.cfengine.com/latest/getting-started-installation-general-installation.html
  38. https://docs.cfengine.com/latest/reference-components-cf-serverd.html
  39. https://docs.cfengine.com/latest/reference-components-cf-monitord.html
  40. https://linux.die.net/man/8/cf-report
  41. https://cfengine.com/case-studies/linkedin/
  42. https://cfengine.com/case-studies/locaweb/
  43. https://cfengine.com/case-studies/percolate/
  44. https://cfengine.com/case-studies/hipaa-vault/
  45. https://finance.yahoo.com/news/cfengine-partners-relic-extend-devops-120000520.html
  46. https://cfengine.com/blog/2020/cf-secret/
  47. https://build.cfengine.com/
  48. https://docs.cfengine.com/
  49. https://groups.google.com/g/help-cfengine
  50. https://cfengine.com/company/blog-detail/welcoming-dimitrios-apostolou-as-a-cfengine-champion/
  51. https://www.pagerduty.com/docs/guides/cfengine-integration-guide/
  52. https://docs.cfengine.com/latest/examples-tutorials-reporting.html
  53. https://docs.cfengine.com/latest/examples-tutorials-writing-and-serving-policy-testing-policies.html
  54. https://cfengine.com/blog/2023/2023-retrospective/
  55. https://link.springer.com/chapter/10.1007/11568285_9
  56. http://markburgess.org/BookOfPromises.pdf
  57. https://arxiv.org/pdf/1405.2627
  58. https://www.researchgate.net/publication/243774232_Cfengine_A_site_configuration_engine
  59. https://arxiv.org/abs/0810.3294
  60. https://www.usenix.org/system/files/lisa/books/cover_13.pdf
  61. https://mark-burgess-oslo-mb.medium.com/cfengines-star-trek-and-ai-origins-e99096fe845b
  62. http://markburgess.org/promiseFAQ.html
  63. https://mark-burgess-oslo-mb.medium.com/promise-theory-20-year-anniversary-958380a4f16c
Add your contribution
Related Hubs
User Avatar
No comments yet.