0
Normation – CC-BY-SA
normation.com
Rudder
A powerful and structured
CFEngine framework
Jonathan CLARKE – jcl@normation.com...
Normation – CC-BY-SA
normation.com 2
www.rudder.cm
Who am I?
● Jonathan Clarke
● Title: Co-founder & Product lead at Norma...
Normation – CC-BY-SA
normation.com 3
www.rudder.cm
Intro
This presentation
is about Lego
Photo CC BY-NC-SA 2.0 from https:...
Normation – CC-BY-SA
normation.com 4
www.rudder.cm
Intro
Reminder
Photo CC BY-NC-SA 2.0 from https://www.flickr.com/photos...
Normation – CC-BY-SA
normation.com 5
www.rudder.cm
Background
A bunch of ops consultants
● From “plain old” infrastructure...
Normation – CC-BY-SA
normation.com 6
www.rudder.cm
Takeaway #1: Automated configuration rocks!
Automated
configuration roc...
Normation – CC-BY-SA
normation.com 7
www.rudder.cm
Takeaway #2: Getting everyone on board?
Getting everyone
on board for C...
Normation – CC-BY-SA
normation.com 8
www.rudder.cm
Feedback #2: CFEngine is hard!
Getting started from lots of
bricks is d...
Normation – CC-BY-SA
normation.com 9
www.rudder.cm
What can we do?
So how come
so many projects
do work out?
Normation – CC-BY-SA
normation.com 10
www.rudder.cm
What can we do?
Thanks to a hero!
So how come
so many projects
do work...
Normation – CC-BY-SA
normation.com 11
www.rudder.cm
What can we do?
Poor configuration
management hero...
Normation – CC-BY-SA
normation.com 12
www.rudder.cm
What can we do?
Poor configuration
management hero...
Hey, I'm trying ...
Normation – CC-BY-SA
normation.com 13
www.rudder.cm
What can we do?
Poor configuration
management hero...
Hi, this is the ...
Normation – CC-BY-SA
normation.com 14
www.rudder.cm
What can we do?
Normation – CC-BY-SA
normation.com 15
www.rudder.cm
What can we do?
How can we help?
This is clearly a problem.
Normation – CC-BY-SA
normation.com 16
www.rudder.cm
Steep learning curve
New concepts, non obvious
syntaxes, paradigm, ......
Normation – CC-BY-SA
normation.com 17
www.rudder.cm
Lack of motivation
“What do I have to gain
from using this tool?”
Appr...
Normation – CC-BY-SA
normation.com 18
www.rudder.cm
Frustration
“I can do it quicker by
hand or with a shell script”
Appro...
Normation – CC-BY-SA
normation.com 19
www.rudder.cm
Why Rudder?
Make configuration management easy
and increase its adopti...
Normation – CC-BY-SA
normation.com 20
www.rudder.cm
Sane defaults, always configurable
Philosophy
Core principles
Plug and...
Normation – CC-BY-SA
normation.com 21
www.rudder.cm
Key points
Specifically designed for
automation & compliance
Pre-packa...
Normation – CC-BY-SA
normation.com 22
www.rudder.cm
What can we do?
Right! Show me already!
Normation – CC-BY-SA
normation.com 23
www.rudder.cm
Overview
Simplified configuration
Normation – CC-BY-SA
normation.com 24
www.rudder.cm
Overview
Built-in reporting
Normation – CC-BY-SA
normation.com 25
www.rudder.cm
Overview
Built-in reporting
Normation – CC-BY-SA
normation.com 26
www.rudder.cm
Overview
Complete tracability
Normation – CC-BY-SA
normation.com 27
www.rudder.cm
Design choices
Design choices
Normation – CC-BY-SA
normation.com 28
www.rudder.cm
Design choices: CFEngine
#1: Why CFEngine?
Normation – CC-BY-SA
normation.com 29
www.rudder.cm
Design choices: CFEngine
CFEngine rocks
Multi-platform
Linux, Android,...
Normation – CC-BY-SA
normation.com 30
www.rudder.cm
Design choices: CFEngine
Continuous checking
Every 5 minutes
Multi-pla...
Normation – CC-BY-SA
normation.com 31
www.rudder.cm
Design choices: Network architecture
#2: Network architecture?
Normation – CC-BY-SA
normation.com 32
www.rudder.cm
Design choices: Network architecture
Rudder server
Node Node Node
TCP ...
Normation – CC-BY-SA
normation.com 33
www.rudder.cm
Design choices: Workflow
#3: Typical usage
Normation – CC-BY-SA
normation.com 34
www.rudder.cm
Design choices: Workflow
Management
Define
policy
Changes
(fixes, upgr...
Normation – CC-BY-SA
normation.com 35
www.rudder.cm
Design choices: Central validation
#4: Central validation
Normation – CC-BY-SA
normation.com 36
www.rudder.cm
Design choices: Central validation
Validation workflow
Normation – CC-BY-SA
normation.com 37
www.rudder.cm
Design choices: Central validation
Validation workflow
● States:
● Pen...
Normation – CC-BY-SA
normation.com 38
www.rudder.cm
Demonstration
Demo!
Normation – CC-BY-SA
normation.com 39
www.rudder.cm
Extending & Customizing
Extending & Customizing
Normation – CC-BY-SA
normation.com 40
www.rudder.cm
Extension
Techniques
Implemented in
CFEngine syntax
+
metadata for
web...
Normation – CC-BY-SA
normation.com 41
www.rudder.cm
Extension
Techniques
Implemented in
CFEngine syntax
+
metadata for
web...
Normation – CC-BY-SA
normation.com 42
www.rudder.cm
Extension
Techniques
Implemented in
CFEngine syntax
+
metadata for
web...
Normation – CC-BY-SA
normation.com 43
www.rudder.cm
Result
Example === 1000 words
With ncf (see http://www.ncf.io)
Normation – CC-BY-SA
normation.com 44
www.rudder.cm
Result
Example === 1000 words
With ncf + Rudder variables
Normation – CC-BY-SA
normation.com 45
www.rudder.cm
Online documentation
http://www.ncf.io/pages/reference.html
Normation – CC-BY-SA
normation.com 46
www.rudder.cm
Current status
Project is now reliable & scalable
But needs more Techn...
Normation – CC-BY-SA
normation.com
Questions?
Check it out on:
http://www.rudder.cm/
Jonathan CLARKE – jcl@normation.com
@...
Upcoming SlideShare
Loading in...5
×

OSDC 2014: Jonathan Clarke - Rudder

416

Published on

As a Configuration Management [CM] "champion", trying to gain traction in your environment can be challenging when the level of expertise necessary is in short supply. We built Rudder so that the CM champion would not need to clone themselves. Instead, he or she is able to use a tool to manage configuration data, expose key parameters to the rest of their team, reduce complexity of configuration changes, and put in place role-based workflow for change control.

Rudder is an open source configuration management solution, using lightweight agents (based on CFEngine) controlled via a central management point. Using Rudder, I will show how this approach enables the team to fully participate in the practice of Configuration Management, keep track of changes and history, exploit change access / control, and facilitate knowledge sharing (sharing intentions in design via desired configuration state, maintaining a record of preferred configurations) without intervention of CM champion.

Published in: Software, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
416
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "OSDC 2014: Jonathan Clarke - Rudder"

  1. 1. Normation – CC-BY-SA normation.com Rudder A powerful and structured CFEngine framework Jonathan CLARKE – jcl@normation.com @jooooooon42 (that's 7 'o's)
  2. 2. Normation – CC-BY-SA normation.com 2 www.rudder.cm Who am I? ● Jonathan Clarke ● Title: Co-founder & Product lead at Normation ● Origins: Sysadmin, infrastructure management ● Now: Automation + “running a company”-stuff ● Contributor to free software: – Co-creator of Rudder – Contributor to CFEngine, OpenLDAP ● Co-organizer of events:
  3. 3. Normation – CC-BY-SA normation.com 3 www.rudder.cm Intro This presentation is about Lego Photo CC BY-NC-SA 2.0 from https://www.flickr.com/photos/dillpixel/
  4. 4. Normation – CC-BY-SA normation.com 4 www.rudder.cm Intro Reminder Photo CC BY-NC-SA 2.0 from https://www.flickr.com/photos/evaekeblad/ Photo CC BY-SA 2.0 from https://www.flickr.com/photos/georgivar/
  5. 5. Normation – CC-BY-SA normation.com 5 www.rudder.cm Background A bunch of ops consultants ● From “plain old” infrastructure to configuration management ● Multiple companies: small, large & huge ● 5-10 years of doing this We always got the same takeaways
  6. 6. Normation – CC-BY-SA normation.com 6 www.rudder.cm Takeaway #1: Automated configuration rocks! Automated configuration rocks! Scalable Manage 1 to > 100000 servers the same way Save time Deploy faster & be more responsive to changes Improve reliability Avoid manual errors, harmonize configurations The proper way to manage systems
  7. 7. Normation – CC-BY-SA normation.com 7 www.rudder.cm Takeaway #2: Getting everyone on board? Getting everyone on board for CM is hard Frustration “I can do it quicker by hand or with a shell script” Steep learning curve New concepts, non obvious syntaxes, paradigm, ... Lack of motivation “What do I have to gain from using this tool?”
  8. 8. Normation – CC-BY-SA normation.com 8 www.rudder.cm Feedback #2: CFEngine is hard! Getting started from lots of bricks is daunting. Photo CC BY-NC-SA 2.0 from https://www.flickr.com/photos/strutta/
  9. 9. Normation – CC-BY-SA normation.com 9 www.rudder.cm What can we do? So how come so many projects do work out?
  10. 10. Normation – CC-BY-SA normation.com 10 www.rudder.cm What can we do? Thanks to a hero! So how come so many projects do work out? Photo CC BY-NC-ND 2.0 from https://www.flickr.com/photos/mwboeckmann/
  11. 11. Normation – CC-BY-SA normation.com 11 www.rudder.cm What can we do? Poor configuration management hero...
  12. 12. Normation – CC-BY-SA normation.com 12 www.rudder.cm What can we do? Poor configuration management hero... Hey, I'm trying to do this thing in config management, but I can't it to work, can you help me?
  13. 13. Normation – CC-BY-SA normation.com 13 www.rudder.cm What can we do? Poor configuration management hero... Hi, this is the supervision team. I'm sorry to disturb you at night, but we've got this error in production, and I think it's related to a change in the CM tool, but I don't understand it. Can you help me?
  14. 14. Normation – CC-BY-SA normation.com 14 www.rudder.cm What can we do?
  15. 15. Normation – CC-BY-SA normation.com 15 www.rudder.cm What can we do? How can we help? This is clearly a problem.
  16. 16. Normation – CC-BY-SA normation.com 16 www.rudder.cm Steep learning curve New concepts, non obvious syntaxes, paradigm, ... Approach 1) Separate content and controls 2) Provide access to key parameters without having to edit {CFEngine,Puppet,Chef} code
  17. 17. Normation – CC-BY-SA normation.com 17 www.rudder.cm Lack of motivation “What do I have to gain from using this tool?” Approach 1) Show the benefits to all users 2) Provide nice reports showing what works, how many machines are impacted
  18. 18. Normation – CC-BY-SA normation.com 18 www.rudder.cm Frustration “I can do it quicker by hand or with a shell script” Approach 1) Make it easy and quick to achieve success 2) Provide ready-to-use configuration techniques and share in-house ones simply
  19. 19. Normation – CC-BY-SA normation.com 19 www.rudder.cm Why Rudder? Make configuration management easy and increase its adoption Extend benefits of configuration management to a wider population Managers Junior sysadmins Non experts Lower entry barrier to learn and use configuration management Easy to use Highly powerful
  20. 20. Normation – CC-BY-SA normation.com 20 www.rudder.cm Sane defaults, always configurable Philosophy Core principles Plug and play SmartEasy Extensible & Customizable Open source
  21. 21. Normation – CC-BY-SA normation.com 21 www.rudder.cm Key points Specifically designed for automation & compliance Pre-packaged for: Linux, UNIX, Windows, Android Open Source Simplified user experience via a Web UI Graphical reportingBased on CFEngine 3 (don't reinvent the wheel!) Vagrant config to test: https://github.com/normation/rudder-vagrant/
  22. 22. Normation – CC-BY-SA normation.com 22 www.rudder.cm What can we do? Right! Show me already!
  23. 23. Normation – CC-BY-SA normation.com 23 www.rudder.cm Overview Simplified configuration
  24. 24. Normation – CC-BY-SA normation.com 24 www.rudder.cm Overview Built-in reporting
  25. 25. Normation – CC-BY-SA normation.com 25 www.rudder.cm Overview Built-in reporting
  26. 26. Normation – CC-BY-SA normation.com 26 www.rudder.cm Overview Complete tracability
  27. 27. Normation – CC-BY-SA normation.com 27 www.rudder.cm Design choices Design choices
  28. 28. Normation – CC-BY-SA normation.com 28 www.rudder.cm Design choices: CFEngine #1: Why CFEngine?
  29. 29. Normation – CC-BY-SA normation.com 29 www.rudder.cm Design choices: CFEngine CFEngine rocks Multi-platform Linux, Android, BSD, AIX, HP-UX, Solaris, Windows... Open Source GPLv3 Small footprint, scalable A few MB of RAM, just seconds to run... Continuous checking Agent based approach, no push Resilient to errors Network outages, failures, unavailable resources...
  30. 30. Normation – CC-BY-SA normation.com 30 www.rudder.cm Design choices: CFEngine Continuous checking Every 5 minutes Multi-platform Linux, Unix, Windows, Android... Separate configuration from implementation Reporting Done after the checks, separate process High freqency, trust in compliance reporting Reuse implementations, less bugs, shared code... Clear separation of roles Cover as many systems as possible Avoid bottleneck Different report types
  31. 31. Normation – CC-BY-SA normation.com 31 www.rudder.cm Design choices: Network architecture #2: Network architecture?
  32. 32. Normation – CC-BY-SA normation.com 32 www.rudder.cm Design choices: Network architecture Rudder server Node Node Node TCP - port 5309 File metadata and files Authentication and encryption (SSL) TCP ports 80 and 514 HTTP and syslog Node Node Isolated networkRelay server Download info → Built upon CFEngine network architecture All connections go→ from nodes to server Pull-based approach→
  33. 33. Normation – CC-BY-SA normation.com 33 www.rudder.cm Design choices: Workflow #3: Typical usage
  34. 34. Normation – CC-BY-SA normation.com 34 www.rudder.cm Design choices: Workflow Management Define policy Changes (fixes, upgrades...) c c Community Expert Sysadmins Configure parameters Configuration agent Initial application Continuous verification REPORTING Technical abstraction (method vs parameters)
  35. 35. Normation – CC-BY-SA normation.com 35 www.rudder.cm Design choices: Central validation #4: Central validation
  36. 36. Normation – CC-BY-SA normation.com 36 www.rudder.cm Design choices: Central validation Validation workflow
  37. 37. Normation – CC-BY-SA normation.com 37 www.rudder.cm Design choices: Central validation Validation workflow ● States: ● Pending validation – Can be sent to: Pending deployment, Deployed, Cancelled. ● Pending deployment – The change was validated, but now require to be deployed. Can be sent to: Deployed, Cancelled. ● Deployed – The change is deployed. This is a final state, it can’t be moved anymore. ● Cancelled – The change was not approved. This is a final state, it can’t be moved anymore.
  38. 38. Normation – CC-BY-SA normation.com 38 www.rudder.cm Demonstration Demo!
  39. 39. Normation – CC-BY-SA normation.com 39 www.rudder.cm Extending & Customizing Extending & Customizing
  40. 40. Normation – CC-BY-SA normation.com 40 www.rudder.cm Extension Techniques Implemented in CFEngine syntax + metadata for web configuration Nodes Search criteria on inventory data Hardware/OS/Network/ Software/Node name/ ... Directives Rules Apply Directives to a Group Groups Sysadmins c c Manager or sysadmins Expert Community
  41. 41. Normation – CC-BY-SA normation.com 41 www.rudder.cm Extension Techniques Implemented in CFEngine syntax + metadata for web configuration Nodes Search criteria on inventory data Hardware/OS/Network/ Software/Node name/ ... Directives Rules Apply Directives to a Group Groups Sysadmins c c Manager or sysadmins Expert Community
  42. 42. Normation – CC-BY-SA normation.com 42 www.rudder.cm Extension Techniques Implemented in CFEngine syntax + metadata for web configuration Nodes Search criteria on inventory data Hardware/OS/Network/ Software/Node name/ ... Directives Rules Apply Directives to a Group Groups Sysadmins c c Manager or sysadmins Expert Community Write any configuration you like in a Technique and share them with co-workers by exposing a selection of parameters
  43. 43. Normation – CC-BY-SA normation.com 43 www.rudder.cm Result Example === 1000 words With ncf (see http://www.ncf.io)
  44. 44. Normation – CC-BY-SA normation.com 44 www.rudder.cm Result Example === 1000 words With ncf + Rudder variables
  45. 45. Normation – CC-BY-SA normation.com 45 www.rudder.cm Online documentation http://www.ncf.io/pages/reference.html
  46. 46. Normation – CC-BY-SA normation.com 46 www.rudder.cm Current status Project is now reliable & scalable But needs more Techniques Ohloh statistics: Source: http://www.ohloh.net/p/rudder-project h
  47. 47. Normation – CC-BY-SA normation.com Questions? Check it out on: http://www.rudder.cm/ Jonathan CLARKE – jcl@normation.com @jooooooon42 (that's 7 'o's)
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×