FOSDEM 2012 @ Brussels, Belgium               05/02/2012          Configuration management benefits                     fo...
SpeakersNicolas Charles            Jonathan ClarkeScala developer            SysadminWorks at Normation         Works at N...
Make sure the                             Security  service does its job                                          User acc...
Collaboration      Automate                                  More knowledge:First install + reinstalls          Centralize...
In some situations, configuration management        may be too much overhead...         For the all the rest,     advantag...
Goals  Lower the learning                                     Share CM benefits   curve to use CM                         ...
Fundamentals    Build on                        Share                  Improve reliable tools   Based on CFEngine         ...
Hardware and s  New nodes             PrincipleInventory         Web interface on Rudder server                           ...
Configuration Rules                                         Parametrization in the Predefined templates to                ...
Current status                      Web interface to  Version 2.3                              Real time reports          ...
Demonstration        
Install                        Installing a Rudder server# echo deb http://www.rudder-project.org/apt-2.3/ squeeze main >>...
Requirements (node)                                    SomeSmall amount of                 dependencies   free RAM        ...
Rudder architecture   Based on typical CFEngine architecture                    CFEngine server                          ...
Rudder architecture   Extra components on the server only       Generate          Rudder server       CFEngine       poli...
Rudder workflow      Policy Templates                                               NodesCFEngine syntax                  ...
Extend               Write new Policy Templates- Based on CFEngine 3- An XML descriptor to set up the web forms- Configure...
Roadmap   2.4: February 2012          Import/Export configurations across Rudder servers          Approval process for ...
Community   Source code on GitHub   Documentation wiki              http://rudder-project.org   Small open source comm...
FOSDEM 2012 @ Brussels, Belgium                                05/02/2012                         Questions?Stay in touch....
Upcoming SlideShare
Loading in...5
×

Rudder - Configuration management benefits for everyone (FOSDEM 2012)

4,240

Published on

Rudder is a new open source tool in the configuration management domain. Its aim is not to reinvent the technical wheel, but to provide a new way to drive our infrastructure.

Specifically aimed at drift assessment, it addresses automation, ongoing verification and repairs, centralizing information and knowledge about your infrastructure, compliance reporting... thus helping to keep drift from nominal behavior low. Built upon a standard CFEngine architecture (and other open source components).

This talk will show how Rudder's approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We'll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work.

In a nutshell, clearly separated tasks permit technical experts to create configuration templates for the tools they know best, thus letting non-experts leverage this power via a modern web interface, such as: architects or security officers who implement policy, junior sysadmins who use and reuse such policies to setup services, and pretty much anyone who digs into real-time compliance reports and error logs.

See http://www.rudder-project.org for more info.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,240
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Rudder - Configuration management benefits for everyone (FOSDEM 2012)

  1. 1. FOSDEM 2012 @ Brussels, Belgium 05/02/2012 Configuration management benefits for everyoneNicolas Charles <nch@normation.com>Jonathan Clarke <jcl@normation.com>    
  2. 2. SpeakersNicolas Charles Jonathan ClarkeScala developer SysadminWorks at Normation Works at Normation Rudder developer Rudder developerCFEngine expert CFEngine expert CFEngine Community Champion    
  3. 3. Make sure the Security service does its job User accountsInstall & Update Password policyConfigure BackupsRun Log everything Security patches Service management Availability KnowledgeLimit the impact of a failure Document configurationScale out Formalize proceduresPlan for disaster recovery Log changes    
  4. 4. Collaboration Automate More knowledge:First install + reinstalls Centralize informationUpdate Full change logConfigure Less documentation: Less written procedures More automation Configuration management benefits Regular checks Industrialization Install OK? Re-use (configs, policies...) Configuration OK? Reporting on config status Integrity? Dashboards    
  5. 5. In some situations, configuration management may be too much overhead... For the all the rest, advantages are undeniable! But does everyone really benefit? Junior Non Managers? sysadmins? specialists?    
  6. 6. Goals Lower the learning Share CM benefits curve to use CM with a wider populationThis may mean losing some Different information and flexibility but mustnt mean capabilities for different people losing efficiency    
  7. 7. Fundamentals Build on Share Improve reliable tools Based on CFEngine Web interfaceLightweight and powerful OS-specific packages Reporting graphique Automatic inventory Library of infrastructure configurations included    
  8. 8. Hardware and s New nodes PrincipleInventory Web interface on Rudder server Put nodes in View node data groups Configure rules View infrastructure on groups status CFEngine policy Reports Managed nodes    
  9. 9. Configuration Rules Parametrization in the Predefined templates to Web Interface manage systems - Forms to change defaults- Install packages, distribute files- Manage users, distribute SSHkeys Conversion into- Configure DNS, NTP, package CFEngine Policiesmanagers- Schedule backups... - Applied by CFEngine agents    
  10. 10. Current status Web interface to Version 2.3 Real time reports manage released in on infrastructure nodes and october 2011 status configuration rulesPolicy Templates All changes Packaged for main (currently 33) logged Linux distributions    
  11. 11. Demonstration   
  12. 12. Install Installing a Rudder server# echo deb http://www.rudder-project.org/apt-2.3/ squeeze main >> /etc/apt/sources.list# aptitude update# aptitude install rudder-server-root# /opt/rudder/bin/rudder-init.sh Installing Rudder on a node to manage# echo deb http://www.rudder-project.org/apt-2.3/ squeeze main >> /etc/apt/sources.list# aptitude update# aptitude install rudder-agent# echo "server address" > /var/rudder/cfengine-community/policy_server.dat    
  13. 13. Requirements (node) SomeSmall amount of dependencies free RAM - SSL (10-20 MB) - BerkeleyDB - PCRE - Syslog Memory occupation of CFEngine deamons    
  14. 14. Rudder architecture Based on typical CFEngine architecture CFEngine server Communications by TCP (port 5308) - File metadata - File content Node Node Node Node    
  15. 15. Rudder architecture Extra components on the server only Generate Rudder server CFEngine policy CFEngine server Communications by TCP (port 5309) - File metadata - File contents - Send inventories (FusionInventory) - Send reports (syslog) Node Node Node Node    
  16. 16. Rudder workflow Policy Templates NodesCFEngine syntax Search criteria on inventoryVariables for web configuration information - Hardware / OS / Network - Software Enter variables in - Node name the web interface Create a group Policy Instances Group Configuration Rule Apply Policy Instances to a Group    
  17. 17. Extend Write new Policy Templates- Based on CFEngine 3- An XML descriptor to set up the web forms- Configure anything! Write plugins for the webapp- Plugins are automatically discovered at startup- Implementation example:https://github.com/Normation/rudder-plugin-helloworld    
  18. 18. Roadmap 2.4: February 2012  Import/Export configurations across Rudder servers  Approval process for changes before deploying them  More and better Policy Templates  Deleting nodes  Simple REST API 2.5: Mid 2012  Better Policy Configuration display  More detailed reporting  Authorizations    
  19. 19. Community Source code on GitHub Documentation wiki  http://rudder-project.org Small open source community  Mailing lists  rudder-users@lists.rudder-project.org  rudder-dev@lists.rudder-project.org  IRC : #rudder on FreeNode  Twitter: @RudderProject    
  20. 20. FOSDEM 2012 @ Brussels, Belgium 05/02/2012 Questions?Stay in touch...Nicolas Charles Jonathan ClarkeMail: nch@normation.com Mail: jcl@normation.comTwitter: nico_charles Twitter: jooooooon42    
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×