Rudder - Getting everyone on board the configuration management express!

  • 820 views
Uploaded on

As a Configuration Management [CM] "champion", trying to gain traction in your environment can be challenging when the level of expertise necessary is in short supply. We built Rudder so that CM …

As a Configuration Management [CM] "champion", trying to gain traction in your environment can be challenging when the level of expertise necessary is in short supply. We built Rudder so that CM champion would not need to clone themselves. Instead, the CM champion is able to use a tool to manage configuration data, expose key parameters to the rest of their team, reduce complexity of configuration changes, and put in place role-based workflow for change control.

Rudder is an open source configuration management solution, using lightweight agents (based on CFEngine) controlled via a central management point. Using Rudder, I will show how this approach enables the team to fully participate in the practice of Configuration Management, keep track of changes and history, exploit change access / control, and facilitate knowledge sharing (sharing intentions in design via desired configuration state, maintaining a record of preferred configurations) without intervention of CM champion.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
820
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
10
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Getting everyone on board the configuration management express! Nicolas CHARLES – nch@normation.com Normation – CC-BY-SA normation.com
  • 2. Who am I ? ● Nicolas CHARLES ● Job: Co-founder and “COO” at Normation ● Free software: – Co-creator of Rudder – Contributor to CFEngine since 2009 – CFEngine Community Champion Contact info Email: nch@normation.com Twitter: @nico_charles Normation – CC-BY-SA normation.com 2
  • 3. Context Configuration Management Normation – CC-BY-SA normation.com 3
  • 4. Context Configuration Management way roper he p T tems e sys anag to m Normation – CC-BY-SA normation.com 4
  • 5. Context How to start? Normation – CC-BY-SA normation.com 5
  • 6. Context How to start? What are the requirements? Normation – CC-BY-SA normation.com 6
  • 7. Context How to start? What are the requirements? Which tool(s)? Normation – CC-BY-SA normation.com 7
  • 8. Context How to start? What are the requirements? Which tool(s)? Which architecture(s)? Normation – CC-BY-SA normation.com 8
  • 9. Context Getting started Project leader(s) evaluate and choose tool(s), learn its basic, and create PoC(s) Normation – CC-BY-SA normation.com 9
  • 10. Context Getting started Project leader(s) gets experience and confidence. Becomes the Configuration Management Hero Normation – CC-BY-SA normation.com 10
  • 11. Context Adoption With enough work and effort, the project is a success! Normation – CC-BY-SA normation.com 11
  • 12. Context Adoption It does things It is deployed It is useful! Normation – CC-BY-SA normation.com 12
  • 13. Context The dark side Normation – CC-BY-SA normation.com 13
  • 14. Context The dark side Change habits Normation – CC-BY-SA normation.com 14
  • 15. Context The dark side Change habits I was modifying a file, and everything I did was erased! Normation – CC-BY-SA normation.com 15
  • 16. Context The dark side Change habits Get in the way of people Normation – CC-BY-SA normation.com 16
  • 17. Context The dark side Change habits Get in the way of people Can be complex to tame Normation – CC-BY-SA normation.com 17
  • 18. Context The dark side Change habits Get in the way of people Can be complex to tame It's too hard to use, I've always changed things via the terminal Normation – CC-BY-SA normation.com 18
  • 19. Context The darker side Normation – CC-BY-SA normation.com 19
  • 20. Context The darker side ● Config Management Hero becomes a bottleneck → He is the only one to really push the use of the CM Normation – CC-BY-SA normation.com 20
  • 21. Context The darker side ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource: → He is the only one to really know how the CM works Normation – CC-BY-SA normation.com 21
  • 22. Context The darker side ● ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource Config Management Hero gets to answer to everyone's questions Normation – CC-BY-SA normation.com 22
  • 23. Context The darker side ● ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource Config Management Hero gets to answer to everyone's questions Hi, this is the supervision team. I'm sorry to disturb you at night, but we've got this error in production, and I think it's related to a change in the CM tool, but I don't understand it. Can you help me? Normation – CC-BY-SA normation.com 23
  • 24. Context The darker side Normation – CC-BY-SA normation.com 24
  • 25. Context The darker side People joining the team/company have a lot to learn: ● How to work with a new set of people ● The processes ● Architecture of IT systems ● Possibly new tools ● The current CM implementation Normation – CC-BY-SA normation.com 25
  • 26. Context The darker side People joining the team/company have a lot to learn: ● How to work with a new set of people ● The processes ● Architecture of IT systems ● Possibly new tools ● The current CM implementation AND THAT'S A LOT TO LEARN Normation – CC-BY-SA normation.com 26
  • 27. Context Reporting? Share the knowledge with: ● The team: what happens, on which systems, and why Normation – CC-BY-SA normation.com 27
  • 28. Context Reporting? Share the knowledge with: ● The team ● The managers: to show that everything is running fine Normation – CC-BY-SA normation.com 28
  • 29. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? Normation – CC-BY-SA normation.com 29
  • 30. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? Normation – CC-BY-SA normation.com 30
  • 31. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? ● To the legal reglementation? Normation – CC-BY-SA normation.com 31
  • 32. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? ● To the legal reglementation? Coding yourself the reporting??? Normation – CC-BY-SA normation.com 32
  • 33. Context Looks grim :/ Normation – CC-BY-SA normation.com 33
  • 34. Context How to welcome everyone in configuration management?? Normation – CC-BY-SA normation.com 34
  • 35. Introducing Rudder Rudder Normation – CC-BY-SA normation.com 35
  • 36. Introducing Rudder Rudder Cfgt Express ! Normation – CC-BY-SA normation.com 36
  • 37. Rudder Rudder Directly usable by a larger population Expert Management Sysadmins with no previous CM knowledge Normation – CC-BY-SA normation.com 37
  • 38. Rudder Built-in reporting Normation – CC-BY-SA normation.com 38
  • 39. Rudder Built-in reporting Normation – CC-BY-SA normation.com 39
  • 40. Rudder Simplified configuration Normation – CC-BY-SA normation.com 40
  • 41. Rudder Peer-review and validation Normation – CC-BY-SA normation.com 41
  • 42. Rudder Peer-review and validation Normation – CC-BY-SA normation.com 42
  • 43. Rudder Complete tracability Normation – CC-BY-SA normation.com 43
  • 44. Rudder Complete tracability Easy to restore previous configuration policy Normation – CC-BY-SA normation.com 44
  • 45. Rudder Complete tracability ????? Normation – CC-BY-SA normation.com 45
  • 46. Rudder Complete tracability Every changes made by users are stored. All policies are commited into Git ● To have easy to track changes ● To archive/restore between Rudder servers Normation – CC-BY-SA normation.com 46
  • 47. Rudder Complete tracability Every checks and changes on nodes are traced and stored ● Predefined reports in the Techniques ● Reports centralized on the server for historization Normation – CC-BY-SA normation.com 47
  • 48. Architecture TCP - port 5309 File metadata and files Authentication and encryption (SSL) Rudder server Do w Node Node Node nlo TCP ports 80 and 514 HTTP and syslog ad inf o Isolated network Relay server Node Node Normation – CC-BY-SA normation.com 48
  • 49. Rudder http://www.rudder-project.org/ Continuous checking Simplified user experience via a Web UI Based on CFEngine 3 Graphical reporting Pre-packaged for all supported OSes Open Source Vagrant config to test: https://github.com/normation/rudder-vagrant/ Normation – CC-BY-SA normation.com 49
  • 50. Rudder - workflow Define security policy REPORTING Management c c Community Expert Changes (fixes, upgrades...) Technical abstraction (method vs parameters) Sysadmins Configuration agent Configure parameters Initial application Continuous verification Normation – CC-BY-SA normation.com 50
  • 51. Conclusion What happens? With Rudder, the Configuration Management Hero is still an hero. But with much more peace of mind, as the whole team is supporting him Normation – CC-BY-SA normation.com 51
  • 52. Conclusion What happens? With Rudder, the Configuration Management Hero is still an hero. But with much more peace of mind, as the whole team is supporting him Normation – CC-BY-SA normation.com 52
  • 53. Rudder stats Key links : ● ● ● ● ● Community website : http://www.rudder-project.org Source code : http://github.com/Normation/ Mailing-list : rudder-users@lists.rudder-project.org IRC : #rudder on Freenode Twitter : @RudderProject Ohloh.net statistics Normation – CC-BY-SA normation.com 53
  • 54. Questions? Follow us on Twitter: @RudderProject Nicolas CHARLES - nch@normation.com Normation – CC-BY-SA normation.com