Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Upcoming SlideShare
Loading in...5
×
 

Rudder - Configuration management benefits for everyone (FOSDEM 2012)

on

  • 4,471 views

Rudder is a new open source tool in the configuration management domain. Its aim is not to reinvent the technical wheel, but to provide a new way to drive our infrastructure. ...

Rudder is a new open source tool in the configuration management domain. Its aim is not to reinvent the technical wheel, but to provide a new way to drive our infrastructure.

Specifically aimed at drift assessment, it addresses automation, ongoing verification and repairs, centralizing information and knowledge about your infrastructure, compliance reporting... thus helping to keep drift from nominal behavior low. Built upon a standard CFEngine architecture (and other open source components).

This talk will show how Rudder's approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We'll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work.

In a nutshell, clearly separated tasks permit technical experts to create configuration templates for the tools they know best, thus letting non-experts leverage this power via a modern web interface, such as: architects or security officers who implement policy, junior sysadmins who use and reuse such policies to setup services, and pretty much anyone who digs into real-time compliance reports and error logs.

See http://www.rudder-project.org for more info.

Statistics

Views

Total Views
4,471
Views on SlideShare
3,245
Embed Views
1,226

Actions

Likes
0
Downloads
16
Comments
0

8 Embeds 1,226

http://blog.normation.com 1094
http://lanyrd.com 60
http://blog-poc.labo.normation.com 50
http://www.normation.com 13
http://a0.twimg.com 6
http://us-w1.rockmelt.com 1
http://translate.googleusercontent.com 1
https://twitter.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Rudder - Configuration management benefits for everyone (FOSDEM 2012) Rudder - Configuration management benefits for everyone (FOSDEM 2012) Presentation Transcript

  • FOSDEM 2012 @ Brussels, Belgium 05/02/2012 Configuration management benefits for everyoneNicolas Charles <nch@normation.com>Jonathan Clarke <jcl@normation.com>    
  • SpeakersNicolas Charles Jonathan ClarkeScala developer SysadminWorks at Normation Works at Normation Rudder developer Rudder developerCFEngine expert CFEngine expert CFEngine Community Champion    
  • Make sure the Security service does its job User accountsInstall & Update Password policyConfigure BackupsRun Log everything Security patches Service management Availability KnowledgeLimit the impact of a failure Document configurationScale out Formalize proceduresPlan for disaster recovery Log changes    
  • Collaboration Automate More knowledge:First install + reinstalls Centralize informationUpdate Full change logConfigure Less documentation: Less written procedures More automation Configuration management benefits Regular checks Industrialization Install OK? Re-use (configs, policies...) Configuration OK? Reporting on config status Integrity? Dashboards    
  • In some situations, configuration management may be too much overhead... For the all the rest, advantages are undeniable! But does everyone really benefit? Junior Non Managers? sysadmins? specialists?    
  • Goals Lower the learning Share CM benefits curve to use CM with a wider populationThis may mean losing some Different information and flexibility but mustnt mean capabilities for different people losing efficiency    
  • Fundamentals Build on Share Improve reliable tools Based on CFEngine Web interfaceLightweight and powerful OS-specific packages Reporting graphique Automatic inventory Library of infrastructure configurations included    
  • Hardware and s New nodes PrincipleInventory Web interface on Rudder server Put nodes in View node data groups Configure rules View infrastructure on groups status CFEngine policy Reports Managed nodes    
  • Configuration Rules Parametrization in the Predefined templates to Web Interface manage systems - Forms to change defaults- Install packages, distribute files- Manage users, distribute SSHkeys Conversion into- Configure DNS, NTP, package CFEngine Policiesmanagers- Schedule backups... - Applied by CFEngine agents    
  • Current status Web interface to Version 2.3 Real time reports manage released in on infrastructure nodes and october 2011 status configuration rulesPolicy Templates All changes Packaged for main (currently 33) logged Linux distributions    
  • Demonstration   
  • Install Installing a Rudder server# echo deb http://www.rudder-project.org/apt-2.3/ squeeze main >> /etc/apt/sources.list# aptitude update# aptitude install rudder-server-root# /opt/rudder/bin/rudder-init.sh Installing Rudder on a node to manage# echo deb http://www.rudder-project.org/apt-2.3/ squeeze main >> /etc/apt/sources.list# aptitude update# aptitude install rudder-agent# echo "server address" > /var/rudder/cfengine-community/policy_server.dat    
  • Requirements (node) SomeSmall amount of dependencies free RAM - SSL (10-20 MB) - BerkeleyDB - PCRE - Syslog Memory occupation of CFEngine deamons    
  • Rudder architecture Based on typical CFEngine architecture CFEngine server Communications by TCP (port 5308) - File metadata - File content Node Node Node Node    
  • Rudder architecture Extra components on the server only Generate Rudder server CFEngine policy CFEngine server Communications by TCP (port 5309) - File metadata - File contents - Send inventories (FusionInventory) - Send reports (syslog) Node Node Node Node    
  • Rudder workflow Policy Templates NodesCFEngine syntax Search criteria on inventoryVariables for web configuration information - Hardware / OS / Network - Software Enter variables in - Node name the web interface Create a group Policy Instances Group Configuration Rule Apply Policy Instances to a Group    
  • Extend Write new Policy Templates- Based on CFEngine 3- An XML descriptor to set up the web forms- Configure anything! Write plugins for the webapp- Plugins are automatically discovered at startup- Implementation example:https://github.com/Normation/rudder-plugin-helloworld    
  • Roadmap 2.4: February 2012  Import/Export configurations across Rudder servers  Approval process for changes before deploying them  More and better Policy Templates  Deleting nodes  Simple REST API 2.5: Mid 2012  Better Policy Configuration display  More detailed reporting  Authorizations    
  • Community Source code on GitHub Documentation wiki  http://rudder-project.org Small open source community  Mailing lists  rudder-users@lists.rudder-project.org  rudder-dev@lists.rudder-project.org  IRC : #rudder on FreeNode  Twitter: @RudderProject    
  • FOSDEM 2012 @ Brussels, Belgium 05/02/2012 Questions?Stay in touch...Nicolas Charles Jonathan ClarkeMail: nch@normation.com Mail: jcl@normation.comTwitter: nico_charles Twitter: jooooooon42