Configuration manager presentation

Configuration Manager Puppet, Chef, Cfengine Presented by Jérémy MATHEVET

Topics1. Principle2. Comparison3. Puppet4. Chef5. Cfengine6. Migration advises

Principle

Principle• A client/server architecture.• The server has a reference configuration.• The client queries the server.• The client makes change in order to match the reference configuration.

Principle 1. “Can you give my configuration model ?“ 2. “Ok, for you, thats it.” 3. “I make the necessary in order to fulfil it.” 4. (optional) “Thank you, Im ok, no error” or “I had a problem”.

Principle

Why to do this ?• Centralized management• Automated management• Mass deployment• Configuration customization• Abstraction Layer• Idempotence

What can we do ?• File transfer• Service management• Package management• Command launching

Comparison

Comparison 3 major solution : • Puppet • Chef • Cfengine Pretty similar possibilities. Some specificities.

Comparison Puppet Chef Cfengine Pull Yes Yes Yes Push No No No Idempotence Yes Yes Yes Config language Declarative Ruby Declarative Web UI Yes (limited) Yes No OS Support Linux/Unix – Linux/Unix – Linux Linux/Unix – Windows Windows Windows (experimental) (experimental) (experimental) Licence GPL v2 Apache GPL Company Puppet Labs OpsCode Cfengine Cloud Yes SaaS platform Yes

Puppet

Puppet• Created in 2006 by Puppet Labs• The easiest solution• Proprietary declarative language• Modular configuration• Template• Asymmetric Key Encryption

Puppet• Prerequisite : • Configured DNS • Ruby• Installation Sources : • Debian Repositories • RubyGem • Sources

Puppet• Puppet server : Puppetmaster• Puppet client : Puppet (agent) Main steps once installed : • Key exchange • Puppetmaster configuration • Puppet agent checks every 30 mn by default

Puppet Vocabulary : • Node • Manifest • Module • Class • Template

Puppet

Puppet Here is the read order. • site.pp : global config • nodes.pp : manage hosts • init.pp : module classes • Files : module files directory

Puppet

Puppet• Facter : Give node facts.• Permit to have customized configuration node.• Possibility to create your own facts.

PuppetTemplates• ERB• Customize configuration using Facts Exemple :

PuppetPuppet Dashboard• WebUI• Still in development• Very buggy• Only for monitoring• Useless for the moment

Chef• Created in 2009 by Opscode• Sustained development• Configuration language : Ruby• Modular configuration• Template• Asymmetric Key Encryption

Chef• Prerequisite : • Configured DNS • Ruby• Installation Sources : • Opscode Repositories • RubyGem • Sources

Chef• Chef server : chef-server• Chef client : chef-client Main steps once installed : • Key exchange • Chef-server configuration • Chef client checks every 30 mn by default

Chef Vocabulary : • Recipes • Cookbook • Role • Node • Attributes • Knife • Chef Repository

Chef Chef Server is in fact several processes.•API Service Used to interact with server for node configuration.•Management Console WebUI which permits to do administrative tasks.

Chef• File indexer Apache SOLR, a search engine.• Data store (CouchDB) Used for store roles, nodes and data bag JSON data. Sends it to SOLR, through AQMP queue.•AQMP Server Used by CouchDB as queue.

Chef Cookbook

Chef Recipes

Chef Recipes Like in Cooking, one of the more interesting thing is to share our cookbooks and recipes. http://community.opscode.com/cookbooks

Chef Ohai and templates A tree of node facts, which can be used as attributes. The same kind of customization as Puppet with Facter.

Chef Administration•Knife or Management Console•CLI or Web UI•Two powerful tools

Chef vs Puppet Chef Advantages • Cookbooks sharing • Stricter configuration rules • Ruby • Useful WebUI Disadvantages • A bit more complex • More setup needed • Usable in production, but still young

Cfengine

Cfengine• Created in 1993 by Mark Burgess• The first configuration manager• Major update in 2009, Cfengine 3• Proprietary configuration language• Template• Asymmetric Key Encryption

Cfengine• Prerequisite : • libc• Installation Sources : • Debian Repositories • Sources

Cfengine Cfengine has an atypical mechanism. There is neither cfengine-server nor cfengine-client package.

Cfengine Architecture

Cfengine Vocabulary • Promises • Body & bundle • Class

Cfengine Promises

Cfengine•Bundles and bodies

Cfengine•With Cfengine, you have to do configure everything. From the promises, to the host authorized, or the failsafe procedure.

Cfengine vs Puppet vs Chef Cfengine is powerful. But... • Painful configuration • Have fun with log (excessively verbose... Or not.) • Seems outdated compared to Puppet and Chef Keep in mind that you have as much possibilities as Puppet & Chef. But the time you pass configuring and master it is incomparable.

Migration advices

Migration advices• Migration have to be progressive.• Writing configurations take time.• Be extremely rigorous.• Dont forget the revision control.

Questions?Contact:Email : jeremy.mathevet@supinfo.comStatusNet : jeyg@status.jeyg.infoTwitter : @Jeyg Content under Creative Commons BY license.

Configuration manager presentation

by jeyg

Accessibility

Upload Details

Usage Rights

1 Embed 146

Statistics

Configuration manager presentation Presentation Transcript