At National Instruments, we have developed an automation and provisioning framework called PIE (Programmable Infrastructure Environment) that we use daily on our devops team. Similar tools are available such as chef or puppet, but what makes PIE unique is its ability to work in multi-cloud deployments (Azure and AWS) along with multiple node OS types (linux and windows). It uses zookeeper to keep state and track dependencies across nodes and services.
When building PIE we actively considered how to implement it in a Rugged way for a DevOps team. As noted in the deck on slide 68, we are Rugged by Design and Devops by Culture. We see these as intersecting domains that have the ability to impact each other. For more info see ruggeddevops.org
2. @wickett
• Operations and Security for software
delivered on the cloud
• National Instruments, R&D
• Certs: CISSP, GSEC, GCFW, CCSK
• Tags: OWASP, Cloud, DevOps, Ruby
• Blogger at theagileadmin.com
• I do stuff for LASCON (http://lascon.org)
• Twitter: @wickett
3. @bproverb
• Peco Karayanev
• OpNet, Senior Applications Engineer
• Tags: APM, Java, DevOps, Big Data
• Blogger at theagileadmin.com
• Twitter: @bproverb
5. National Instruments
• 30 years old; 5000+ employees
around the world, half in Austin,
mostly engineers; $873M in
2010
• Hardware and software for data
acquisition, embedded design,
instrument control, and test
• LabVIEW is our graphical
dataflow programming language
used by scientists and engineers
in many fields
7. Cloud @ NI
We built a DevOps team to rapidly deliver
new SaaS products and product functionality
using cloud hosting and services (IaaS, PaaS,
SaaS) as the platform and operations, using
model driven automation, as a key
differentiating element.
With this approach we have delivered
multiple major products to market quickly
with a very small staffing and financial outlay.
11. FPGA Compile Cloud
• LabVIEW FPGA compiles take hours and
consume extensive system resources;
compilers are getting larger and more
complex
• Implemented on Amazon - EC2,
Java/Linux,C#/.NET/Windows,
and LabVIEW FPGA
• Also an on premise product,
the “Compile Farm”
15. If you want to build a ship, don't
drum up people together to collect
wood and don't assign them tasks
and work, but rather teach them to
long for the endless immensity of
the sea
- Antoine Jean-Baptiste Marie Roger de Saint Exupéry
43. I am rugged because I refuse to be a
source of vulnerability or weakness.
44. I am rugged because I assure my
code will support its mission.
45. I am rugged because my code can
face these challenges and persist in
spite of them.
46. I am rugged, not because it is easy,
but because it is necessary... and I
am up for the challenge.
47. Qualities of Rugged
Software
• Availability - Speed and performance
• Longevity, Long-standing, persistent - Time
• Scalable, Portable
• Maintainable and Defensible - Topology Map
• Resilient in the face of failures
• Reliable - Time, Load
48. Security vs. Rugged
• Absence of • Verification of
Events quality
• Cost • Benefit
• Negative • Positive
• FUD • Known values
• Toxic • Affirming
55. People that built PIE
Peco Karayanev crazy to dream up PIE and foolish to try to build it
Ernest Mueller godfather and proponent of DevOps in PIE
James Wickett chief evangelist of PIE
Michael Truchard ensuring PIE is as much for dev as it is for ops
William Hackett evolving PIE from hackery to legit software.
Karthik Gaekwad reminding PIE to KISS
Kar Meng Chow ensuring PIE is a tool for daily ops
Mohd Hafiz Ramly boldly taking PIE to new heights
John Hill herding the PIE cats
56. What is PIE?
• a a framework to define, provision,
monitor, and control cloud-based systems
• written in Java, uses SSH as transport,
currently supports Amazon AWS (Linux
and Windows) and MS Azure
• takes an XML-based model from source
control and creates a full running system
• to define, provision, monitor, and control
cloud-based systems
57. What do we like about PIE?
• Collaborative system design
and development
• Automation for building,
provisioning and controlling
cloud systems
• From source to running multi-
tier cloud system in minutes
• Infrastructure as code
58. What do we use PIE for
• Provisioning cloud instances
• Creating new environments
• Deploying & configuring software
• Deploying & configuring applications
• Backups
• Log aggregation
• Auto-scaling roles based on demand
• Running tests
• Continuous integration
• Release workflows
• Auditing cloud resource usage
• Integrating with revision control & software build
60. Security features and use cases
• Increase the visibility and auditability of the system
• Track dependencies and what code is deployed where
• Diff versions of the system and see changes
• Role based auth for operators
• No manual steps
• Passwords able to be changed with a few PIE commands
• Keys out of the model
• Ports and user/pass changes
• App Config
• Audit / Running state vs. model diff
61. Architecture
o Document based Architecture Definition Language
o Command orchestration,dispatch and execution engine
o Runtime Registry
o Command Line Interface
62. ADL (Architecture Definition Language)
• Structural model of the system described in XML
documents.
• 4 Level Hierarchy - System,SubSystem,Role,Service
64. Command Execution & Orchestration
• The execution engine can dispatch and execute
commands to remote machines.
• More complex workflows can be created from
simple commands.
• Commands can be overloaded in different model
components.
65. Runtime Registry & Name Service
• The Runtime registry tracks the state and
dependencies
• The Name service keeps a namespace for
instances.
67. Demo
• On Azure
o Provision an environment.
o Deploy an app and test.
o Update the model and turn off port 80.
o Redeploy and test the app.
o De-provision the environment.
68. Rugged DevOps
Results
• repeatable – no manual errors
• reviewable – model in source control
• rapid – bring up, install, configure, and test
dozens of systems in a morning
• resilient – automated reconfiguration to
swap servers (throw away infrastructure)
• rugged by design devops by culture
69. Roadmap
• Open Source
• More security workflows
• Azure data management workflows
• Add support for external keystores
• ADL and model usability features
• Port AWS functionality to 2.0 version
• New shiny distributed orchestration engine
• Add user auth through LDAP or other repos
• IDE to simplify design
• More powerful script engine