SlideShare a Scribd company logo

Velocity conf 2013 freedom in disguise - khushil dep

Khushil Dep
Khushil Dep
TechnologyEducation
1 of 53
Download to read offline
Freedom In Disguise ! Khushil Dep @khushil www.daemondreams.co.uk
This presentation is NOT … A detailed description of how the MailOnline uses cfengine Comparing cfengine to puppet/chef/salt/ansible etc Tutoring you on configuration management - that’s easy and it’s well understood Selling you any tool or product mentioned herein Providing you the answers to all your questions Telling you what tools you should/shouldn’t be using Regurgitating the last five years of rigmarole Ruby
This presentation is about … FINDING a definition for an autonomic cloud platform EXAMINING our definition of systems engineering EVOLVING our understanding of operations engineering LEARNING cfengine and how to use and abuse it EXPLORING the promise of autonomic machine operation
What does an autonomic cloud platform look like? Maximises the performance available from the underlying hardware to increase ROI. Scales robustly and easily both vertically and horizontally, programmatically Provides durable, secure, fast and reliable storage. Allows deep, full stack introspection easily and without restriction. Protects your instances from the effects or attacks of others on the same platform. Provides a flexible service management toolset. Defines an open set of API’s which allow access to the full range of capabilities and data.
Recommended Technology Stack SmartOS operating system based on Illumos kernel with ZFS, DTrace, SMF and Zones. Based off the Illumos OpenSolaris fork. Joyent Public Cloud for a real alternative to Amazon Web Services. More horsepower for your dollar/pound/euro than AWS in my experience. YMMV. Engineering excellence - Bryan Cantrill, Brendan Gregg, Ben Rockwood to name a couple of greats who work there.
The Halcyon Dream User defined software managed by release manager. cf-engine allows the machine to manage itself under our constraint models. DTrace provides diagnostic and performance feedback across the stack. JoyentSDC APIs provide easy functionality for all platform operations.
Systems Engineering is the application of technical expertise, diligence, reflection, communication, collaboration, patience and innovation between multi-disciplinary teams to create something of use.
What’s wrong with DevOps? DevOps (a portmanteau of development and operations) is a software development method that stresses communication, collaboration and integration between software developers and information technology (IT) professionals. DevOps is a response to the interdependence of software development and IT operations. It aims to help an organisation rapidly produce software products and services.
What we do to our machines at the moment … Imperative approach to machine operation Obligatory behavioural model where we force or coerce our machines into actions Unsympathetic to real-time environmental events Scales inefficiently introducing risk You begin to doubt your machines You being to doubt yourself
What we think we’d like to do with our machines…
What our platforms end up feeling like …
What we should be getting our machines to do … “I’m sorry Dave, I can’t do that…. right now. It would be unwise. I am aware of events in realtime that would affect the outcome of your request adversely that you are not aware of. Don’t worry, I promise to do it as soon as the probability of success has improved and will orchestrate the dependant activities so you reach your goals. There is a lot else you could be doing right now - you don’t have to wait for me Dave. I’ve got you Dave. We are a team. Did you see the game last night?”
What is Operations Engineering anyway … Enable better machine/human relationships through evolving theory of mind, communication and trust
Theory of Mind (ToM) The ability to attribute mental states to oneself and others and to understand that others also have mental states that may differ from one’s own. The basis of empathy some might say.
Communication The activity of conveying information through an exchange of thoughts, messages or information as by speech, visual signals, writing or by behaviour. It is the meaningful exchange of information between two or more entities.
Meaningful Information Knowledge communicated or received concerning a particular fact or circumstance, expressed with clarity, within context, concisely, in a timely manner, significant and with purpose.
Trust Socially we require trust when operating on, and often, beyond the edge of what is known through practical experience and that which may arise from new possibilities. ! Psychologically human trust is believing that an entity that is trusted will do what is expected of it by you. ! We must trust our machines to operate not only within known boundaries but those that we cannot yet envisage.
The Machine Electro-mechanical computation engine with mechanisms for input and output. Capable of sustained activity without distraction nor deviation. Fast, accurate, reliable and repeatable task handling. No capacity for independent imagination. Able to generate and analyse vast quantities of information. Inefficient and communicating with humans.
I, Human Biological system with facilities for input and output. Incapable of sustained activity without distraction and deviation. Slow, prone to error, unreliable and fragile task handling. Excessive capacity for independent imagination. Unable to generate and analyse vast quantities of information. Inefficient and communicating with anyone or anything.
Why we fail our Machines Human process is based on human understanding of events. Human process is designed for human implementation. Human process maps dangerously to machine computation and understanding of events. Humans have hidden sanity checking which machines are unable to deduce or reproduce. Human imperative command structures do not suit machines which are convergent by nature. Humans are unable to maintain focus.
VIEW YOUR GOALS FROM THE MACHINES PERSPECTIVE ! YOUR MACHINES CARRY YOUR LOGIC INTO ACTION
Promises Promises are the foundations of trust between two entities - the machine and the human. The promiser requires certain promises from the promisee. Our need for trust in our machines is fulfilled by the machine promising to actuate the promises we request from it. We ask that the machine promises these actuations in a timely manner in the machines context - not our own. We declare goals and ask the machine to converge on that goal when it’s able to do so.
Promise Theory Proposed by Mark Burgess in 2004. Autonomy - we do not make assumptions about others behaviour. We only document that behaviour on which we can speak authoritatively. This forces us to more completely define what behaviour we are able to promise and this in turn leads us to a more complete understanding of what are desired state entails. Emergent Behaviour - when we behave in a model of voluntary cooperation as independent and autonomous agents, certain behavioural patterns must naturally emerge. The atomicity of promises enables us to better understand what we are promising and thus find those contradictions which might else have been missed.
The Forgotten Orchestration An operating system is a complex collection of software that orchestrates computer hardware resources and provides common services for user defined software. All user defined software sits within this orchestration framework and is already being orchestrated. It is dangerous therefore to try to further orchestrate user defined software in an obligatory manner. Obligatory behaviour is where you force or coerce behaviour from your software or the operating system with little or no regard to the underlying orchestration. It’s a bit like the Universe really…
Universal Orchestration QUARK - packets of energy with mass-like properties which exist in pairs or triplets (we think). PROTON/NEUTRON - three or more quarks interacting and oh you know, orchestrating! ATOM - one or more protons, zero or more neutrons and some electrons whizzing about orchestrating the hell out of a snazzy number! MOLECULE - made of atoms all orchestrating to their own private adagio! ORGANELLE - molecules that orchestrate their way to things like a cell nucleus or ribosomes! CELL - organelles just orchestrating away the Sunday afternoon with things like cytoplasm to make the little things, like the building blocks of life. TISSUE - a set of cells orchestrating their way out of boredom to make things like muscle tissue or heart tissue. ORGAN - a set of at least two types of tissues orchestrating their way through a chorus to something like a heart or a pair of lungs.
Machine Orchestration
Human Orchestration Micro-management incurs great operational cost and entails an increased risk from unknowable events. You neither force nor coerce your engineers into behavioural patterns which are alien to them. You trust your engineers to adapt and use their own preferred behaviour in order to reach set goals. Your goals might be decided for you by other people or organisations. These people and organisations trust you to meet the goals and keep your promises. Why then do you not apply the same trust to your machines?
CFENGINE https://cfengine.com/docs/3.5/manuals.html
What is it? A systems engineering framework that enables autonomous behaviour of agents. Created by Mark Burgess in the early 1990’s - the original DevOps tool. What the hell is DevOps anyway - it’s called Engineering, stop making up words! Written in C and runs on most unices and even Windows. Small footprint, very fast execution. Best of all …
NO RUBY
Autonomic Operation Machines are best placed to make decisions based on environmental conditions. Machines do not require obligatory behaviour imposed upon them by humans. Machines require logic and freedom to enable them to achieve the goals we set them. This area needs more research and experimentation.
Components of CFengine cf-execd - scheduling daemon which runs cf-agent, gathers output and send reports. cf-agent - evaluates policies and actuates changes to the machine. cf-monitord - samples probes defined in policies and attempts to learn normal system state. cf-server - daemon which allows authorised access to policy files and allow authorised access to cf-runagent. cf-runagent - connects to a list of cf-server instances and is able to ask for policy evaluation on these instances foregoing the normal cf-execd scheduling on these instances https://cfengine.com/docs/3.5/manuals-components.html
Components of CFengine cf-hub - collects data about hosts managed by cfengine. cf-promises - policy validation tool to aid development. Parses policies for syntax errors. Validates policies composed on multiple files. Validates semantic correctness of policies. Partially evaluates policies to expose any errors. Makes NO CHANGES to the system. cf-key - generates key pairs for remote authentication.
COMMUNITY TOOLS The following from http://www.cfengineers.net/downloads/cfengine-tools-and-utilities/ § cf-keycrypt - encrypt/decrypt arbitrary files using cfengine crypto keys for extra security. § cf-profile - parses verbose cf-agent execution and records timings and execution trees. § cf-runwrapper - cf-runagent wrapper for extra control over cf-runagent behaviour ! The following from https://github.com/lpefferkorn/cfe-profiler § cfe-profiler - measures policy execution times to find top consumers inline with run. ! The following from https://github.com/cfengine/design-center/tree/master/tools/hcgrep § hcgrep - make Hard Classes easier to view and search for
Promise Recap Make a promise about something and cfengine will attempt to keep it. Each promise is actuated three times to allow convergence to occur. Everything is a promise and some have commitments: § A file exists. § It commits to being owned by root § A user is present on the system. § It commits to having a home directory at /home/khushil § The CPU load is below a certain value. The policies in cfengine are comprised of promises Convergence is about making the promises to get to the state we want to be in. What do you need? What must you avoid? Define these promises. Don’t get distracted by how you get there!
Language concepts https://cfengine.com/docs/3.5/manuals-language-concepts.html One grammatical form for all statements in the cfengine DSL. It is a DOMAIN SPECIFIC LANGUAGE. Everything in cfengine is made thus. Promises Bundles Bodies Classes / Classifiers Variables Datatypes bundle bundle_type name { promise_type: classes:: “promiser" -­‐> { "promisee1", "promisee2", ... } attribute_1 => value_1, attribute_2 => value_2, … attribute_n => value_n; }
How MailOnline thinks about promises Discovery - examine the system and raise policy defined global classes to augment hard classes discovered by cfengine. Contract - select from a set of pre-defined bundles of promises which are relevant to our desired state for the machine within it’s function context. Actuation - selected contracts will ensure that our desired state is converged upon as quickly and safely as possible.
An example desired state to converge upon I want to deploy our snazzy new web application. nginx is required on the machine. An application specific nginx configuration is required for nginx. Our application code must be on the machine It must be accessible my the nginx service It must be secure nginx must be running to serve traffic If any of these promises are not met we will not reach our goal.
Simple language rules https://cfengine.com/docs/3.5/reference-syntax.html Keywords, variable names, bundles, bodies and classes must be composed of (a-zA-Z-9_) Literal data must be quoted Promise bundles are declared thus: bundle agent-type identifier { … } Promise bodies are declared thus: body constraint_type template_identifier { … } Body attributes are declared thus: LHS (cfengine word) => RHS (user defined data)
Classes / Classifiers https://cfengine.com/docs/3.5/manuals-language-concepts-classes.html HARD classes are discovered by cfengine upon cf-agent execution before any other policies are converged. 27_0_0_1 64_bit 8_cpus Afternoon SOFT classes are user defined and used to implement classification and logic. Evaluated when bundles are evaluated. Classes are LOCAL to the bundle they are defined in and are NOT accessible outside the bundle. Classes defined in common bundles ARE accessible as they are GLOBAL classes within the namespace. Classes can be raised by promises upon promise outcomes to further aid classification and logic.
Variables https://cfengine.com/docs/3.5/manuals-language-concepts-variables.html Scalar variables List variables Lists can be slist - strings ilist - integers rlist - reals inf is a special constant representing an unlimited value “CFEngine typing is mostly dynamic, and CFEngine will try to coerce string values into int and real types, and if it cannot it will report an error. However, arguments to built-in functions check the defined argument type for consistency.”
Scalar variables hold single values: List variables hold several values: ! ! vars:   Vars:     “little”   string   =>   “little”;     “strings”  slist   =>   {“this”,”is”,”a”,”list”};     “boy”   int     =>   “4”;     “ints”     ilist     =>   {“1”,”2”,”3”};     “blue”   rela     =>   “3.147”;     “reals”     rlist     =>   {“1.1”,”2.2”,”3.3”};   ! ! $(little) or $(bundle_name.little) ${little} or ${bundle_name.little} @(strings) refers to the whole list $(strings) will loop through each element
Bundles https://cfengine.com/docs/3.5/manuals-language-concepts-bundles.html A collection of promises normally grouped by function or target. Bundle agent types: agent server monitor common Classes and Variables defined in common bundles are GLOBAL in scope
Promises https://cfengine.com/docs/3.5/manuals-language-concepts-promises.html Everything is a promise Promises have types files, commands, methods, reports, packages, processes, storage, services, databases, guest_environments, outputs Promises have bodies Promises are grouped into bundles Bundles have types agent, common, edit_line, server, knowledge, monitor Bundles live in namespaces Namespaces have access to global classes Promises can call modules which are external scripts Modules can be sent classes or variables on calling Modules can send classes or variables on exit
Everything is a promise Promises can be made about different subjects such as command execution, service control, ACL’s. Promises have types depending on the bundle you’re working in. Promisers promise and can be any object such as a file or network or even a port. Promises have attributes which affect the behaviour of the promise. Implicit promises such as reports or commands have implicit behaviour. https://cfengine.com/docs/3.5/reference-promise-types.html
Normal ordering https://cfengine.com/docs/3.5/manuals-language-concepts-normal-ordering.html Normal ordering is the sensible order in which behaviours should actuate. Normal ordering helps maintain equilibrium within a system. Bundles are actuated strictly in the order dictated by bundlesequence. The bundlesequence maybe re-ordered by the use of classes. Agent promises are actuated three times to allow convergence.
Looping in CFengine https://cfengine.com/docs/3.5/manuals-language-concepts-loops.html No explicit loops anywhere to be found! cfengine uses lists Referencing a list as a scalar will cause implicit looping through the list Powerful behaviour Demands a shift in thinking bundle agent implicit_looping { vars: “my_list” slist => {“a”,”b”,”c”,”d”}; ! } reports: “$(my_list)”;
Multiple list looping in CFengine 2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  a   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  b   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  c   bundle  common  control   {     bundlesequence  =>  {"simple_implicit_looping",  "stats_iteration"};   }   ! bundle  agent  simple_implicit_looping   {     vars:       "simple_list"   slist   =>           reports:       "Simple  list  element  is  ";   }   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  d   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_rootprocs  is  230.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_rootprocs  is  209.30   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_rootprocs  is  150.77   {   "a","b","c","d"   };   ! bundle  agent  stats_iteration   {     vars:       "stats"     slist  =>  {  "value",  "av",  "dev"  };       "monvars"     slist  =>  {  "rootprocs",  "otherprocs",  "diskfree",  "loadavg"  };           reports:         "mon.$(stats)_$(monvars)  is  $(mon.$(stats)_$(monvars))";   } 2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_otherprocs  is  17.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_otherprocs  is  15.47   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_otherprocs  is  11.16   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_diskfree  is  93.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_diskfree  is  84.63   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_diskfree  is  61.07   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_loadavg  is  1.36   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_loadavg  is  1.44   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_loadavg  is  3.10
It’s not rocket science bundle  agent  ensure_nginx_configuration_file()   {   ! #  The  files  section  deals  with  promising  things  about,  well,  files!   files:   !   #  We  only  want  to  do  the  following  if  we’re  on  a  Linux  box  indicated  by  the  ‘linux’  hard  class     linux::       #  This  is  the  file  we  want  to  promise  will  be  there       “/opt/local/etc/nginx.conf”   !       #  These  are  the  properties  about  the  promise         create   =>   “true;         source   =>   local_dcp(“/var/cfengine/inputs/templates/linux-­‐nginx.conf”);         perms   =>   mog(“755”,”root”,”root”);         handle   =>   “ensure_linux_nginx_conf_maintained”;         comment   =>   “Maintain  the  nginx.conf  file  for  Linux  machines”;         classes   =>   if_repaired(“nginx_file_changed”);   ! #  The  reports  section  allows  us  to  output  messages  to  the  user   reports:   !   #  We  only  want  to  say  something  if  something  has  changed     nginx_file_changed::       “WARNING:  NGINX  configuration  file  has  been  changed!  Restart  required!”;   ! }
Further Reading & Doing www.cfengine.com - CFengine AS company site. Documentation and a good starting point. www.daemondreams.co.uk - an updated blog site where I keep articles and notes of interest on cfengine. www.cfengineers.net - a community focused site lead by a group of consultants in cfengineering. www.watson-wilson.ca - a highly recommended cfengineering consultant. www.normation.com - a commercial cfengineering company with a project called Rudder which is cool. www.loicp.eu/blog - a cfengine centric blog exploring some newer functions in 3.5. evolvethinking.com/evolve-thinkings-free-cfengine-library/ - good cfengine library to help you get started.
THANK YOU

Recommended

Cloud Computing For Small Businesses
Cloud Computing For Small BusinessesCloud Computing For Small Businesses
Cloud Computing For Small BusinessesAffordable Pc Mechanics
 
be an engineer - ignitebristol #9
be an engineer - ignitebristol #9be an engineer - ignitebristol #9
be an engineer - ignitebristol #9Khushil Dep
 
You Are What You Promise
You Are What You PromiseYou Are What You Promise
You Are What You PromiseKhushil Dep
 
Moving to Microservices with the Help of Distributed Traces
Moving to Microservices with the Help of Distributed TracesMoving to Microservices with the Help of Distributed Traces
Moving to Microservices with the Help of Distributed TracesKP Kaiser
 
Making Observability Actionable At Scale - DBS DevConnect 2019
Making Observability Actionable At Scale - DBS DevConnect 2019Making Observability Actionable At Scale - DBS DevConnect 2019
Making Observability Actionable At Scale - DBS DevConnect 2019Squadcast Inc
 
Putting Devs On-Call: How to Empower Your Team
Putting Devs On-Call: How to Empower Your TeamPutting Devs On-Call: How to Empower Your Team
Putting Devs On-Call: How to Empower Your TeamVictorOps
 
Continuous Delivery
Continuous DeliveryContinuous Delivery
Continuous DeliveryStein Inge Morisbak
 
ROOTS2011 Continuous Delivery
ROOTS2011 Continuous DeliveryROOTS2011 Continuous Delivery
ROOTS2011 Continuous DeliveryOle Christian Rynning
 

Recommended

Cloud Computing For Small Businesses
Cloud Computing For Small BusinessesCloud Computing For Small Businesses
Cloud Computing For Small BusinessesAffordable Pc Mechanics
 
be an engineer - ignitebristol #9
be an engineer - ignitebristol #9be an engineer - ignitebristol #9
be an engineer - ignitebristol #9Khushil Dep
 
You Are What You Promise
You Are What You PromiseYou Are What You Promise
You Are What You PromiseKhushil Dep
 
Moving to Microservices with the Help of Distributed Traces
Moving to Microservices with the Help of Distributed TracesMoving to Microservices with the Help of Distributed Traces
Moving to Microservices with the Help of Distributed TracesKP Kaiser
 
Making Observability Actionable At Scale - DBS DevConnect 2019
Making Observability Actionable At Scale - DBS DevConnect 2019Making Observability Actionable At Scale - DBS DevConnect 2019
Making Observability Actionable At Scale - DBS DevConnect 2019Squadcast Inc
 
Putting Devs On-Call: How to Empower Your Team
Putting Devs On-Call: How to Empower Your TeamPutting Devs On-Call: How to Empower Your Team
Putting Devs On-Call: How to Empower Your TeamVictorOps
 
Continuous Delivery
Continuous DeliveryContinuous Delivery
Continuous DeliveryStein Inge Morisbak
 
ROOTS2011 Continuous Delivery
ROOTS2011 Continuous DeliveryROOTS2011 Continuous Delivery
ROOTS2011 Continuous DeliveryOle Christian Rynning
 
Deden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps EnvironmentDeden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps EnvironmentAgile Impact Conference
 
IBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guideIBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guidejamie rahman
 
Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...Jennifer Lopez
 
Ads7 deflorio
Ads7 deflorioAds7 deflorio
Ads7 deflorioVincenzo De Florio
 
A People's History of Microservices
A People's History of MicroservicesA People's History of Microservices
A People's History of MicroservicesCamille Fournier
 
When Things Go Bump in the Night
When Things Go Bump in the NightWhen Things Go Bump in the Night
When Things Go Bump in the Nightahamilton55
 
software engineering
software engineeringsoftware engineering
software engineeringparamalways
 
SE and AI: a two-way street
SE and AI: a two-way streetSE and AI: a two-way street
SE and AI: a two-way streetCS, NcState
 
Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.Ashley Smith
 
Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...APPANION
 
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docxDiscussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docxcuddietheresa
 
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docxNo Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docxcurwenmichaela
 
Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...Adela VILLANUEVA
 
Testing for the deeplearning folks
Testing for the deeplearning folksTesting for the deeplearning folks
Testing for the deeplearning folksVishwas N
 
Prometheus - Open Source Forum Japan
Prometheus - Open Source Forum JapanPrometheus - Open Source Forum Japan
Prometheus - Open Source Forum JapanBrian Brazil
 
Beekman5 std ppt_14
Beekman5 std ppt_14Beekman5 std ppt_14
Beekman5 std ppt_14Department of Education - Philippines
 
Operator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future RealityOperator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future RealityKishore Arya
 
Operator-less DataCenters -- A Reality
Operator-less DataCenters -- A RealityOperator-less DataCenters -- A Reality
Operator-less DataCenters -- A RealityKishore Arya
 
Ai lecture1 final
Ai lecture1 finalAi lecture1 final
Ai lecture1 finalShivam Agrawal
 
Reactive Architecture
Reactive ArchitectureReactive Architecture
Reactive ArchitectureKnoldus Inc.
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

More Related Content

Similar to Velocity conf 2013 freedom in disguise - khushil dep

Deden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps EnvironmentDeden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps EnvironmentAgile Impact Conference
 
IBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guideIBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guidejamie rahman
 
Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...Jennifer Lopez
 
A People's History of Microservices
A People's History of MicroservicesA People's History of Microservices
A People's History of MicroservicesCamille Fournier
 
When Things Go Bump in the Night
When Things Go Bump in the NightWhen Things Go Bump in the Night
When Things Go Bump in the Nightahamilton55
 
software engineering
software engineeringsoftware engineering
software engineeringparamalways
 
SE and AI: a two-way street
SE and AI: a two-way streetSE and AI: a two-way street
SE and AI: a two-way streetCS, NcState
 
Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.Ashley Smith
 
Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...APPANION
 
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docxDiscussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docxcuddietheresa
 
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docxNo Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docxcurwenmichaela
 
Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...Adela VILLANUEVA
 
Testing for the deeplearning folks
Testing for the deeplearning folksTesting for the deeplearning folks
Testing for the deeplearning folksVishwas N
 
Prometheus - Open Source Forum Japan
Prometheus - Open Source Forum JapanPrometheus - Open Source Forum Japan
Prometheus - Open Source Forum JapanBrian Brazil
 
Operator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future RealityOperator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future RealityKishore Arya
 
Operator-less DataCenters -- A Reality
Operator-less DataCenters -- A RealityOperator-less DataCenters -- A Reality
Operator-less DataCenters -- A RealityKishore Arya
 
Reactive Architecture
Reactive ArchitectureReactive Architecture
Reactive ArchitectureKnoldus Inc.
 

Similar to Velocity conf 2013 freedom in disguise - khushil dep (20)

Deden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps EnvironmentDeden Fathurahman - Observability Within Your DevOps Environment
Deden Fathurahman - Observability Within Your DevOps Environment
 
IBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guideIBM Watson V3 Application Development- certification guide
IBM Watson V3 Application Development- certification guide
 
Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...Operating System Structure Of A Single Large Executable...
Operating System Structure Of A Single Large Executable...
 
Ads7 deflorio
Ads7 deflorioAds7 deflorio
Ads7 deflorio
 
A People's History of Microservices
A People's History of MicroservicesA People's History of Microservices
A People's History of Microservices
 
When Things Go Bump in the Night
When Things Go Bump in the NightWhen Things Go Bump in the Night
When Things Go Bump in the Night
 
software engineering
software engineeringsoftware engineering
software engineering
 
SE and AI: a two-way street
SE and AI: a two-way streetSE and AI: a two-way street
SE and AI: a two-way street
 
Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.Mla Format For Essays Telegraph. Online assignment writing service.
Mla Format For Essays Telegraph. Online assignment writing service.
 
Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...Understanding Artificial Intelligence - Major concepts for enterprise applica...
Understanding Artificial Intelligence - Major concepts for enterprise applica...
 
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docxDiscussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
Discussion - Weeks 1–2COLLAPSETop of FormShared Practice—Rol.docx
 
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docxNo Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
No Silver Bullet Essence and Accidents ofSoftware Engineeri.docx
 
Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...Artificial Intelligence (AI) -> understanding what it is & how you can use it...
Artificial Intelligence (AI) -> understanding what it is & how you can use it...
 
Testing for the deeplearning folks
Testing for the deeplearning folksTesting for the deeplearning folks
Testing for the deeplearning folks
 
Prometheus - Open Source Forum Japan
Prometheus - Open Source Forum JapanPrometheus - Open Source Forum Japan
Prometheus - Open Source Forum Japan
 
Beekman5 std ppt_14
Beekman5 std ppt_14Beekman5 std ppt_14
Beekman5 std ppt_14
 
Operator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future RealityOperator-Less DataCenters A Near Future Reality
Operator-Less DataCenters A Near Future Reality
 
Operator-less DataCenters -- A Reality
Operator-less DataCenters -- A RealityOperator-less DataCenters -- A Reality
Operator-less DataCenters -- A Reality
 
Ai lecture1 final
Ai lecture1 finalAi lecture1 final
Ai lecture1 final
 
Reactive Architecture
Reactive ArchitectureReactive Architecture
Reactive Architecture
 

Recently uploaded

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Velocity conf 2013 freedom in disguise - khushil dep

  • 1. Freedom In Disguise ! Khushil Dep @khushil www.daemondreams.co.uk
  • 2. This presentation is NOT … A detailed description of how the MailOnline uses cfengine Comparing cfengine to puppet/chef/salt/ansible etc Tutoring you on configuration management - that’s easy and it’s well understood Selling you any tool or product mentioned herein Providing you the answers to all your questions Telling you what tools you should/shouldn’t be using Regurgitating the last five years of rigmarole Ruby
  • 3. This presentation is about … FINDING a definition for an autonomic cloud platform EXAMINING our definition of systems engineering EVOLVING our understanding of operations engineering LEARNING cfengine and how to use and abuse it EXPLORING the promise of autonomic machine operation
  • 4. What does an autonomic cloud platform look like? Maximises the performance available from the underlying hardware to increase ROI. Scales robustly and easily both vertically and horizontally, programmatically Provides durable, secure, fast and reliable storage. Allows deep, full stack introspection easily and without restriction. Protects your instances from the effects or attacks of others on the same platform. Provides a flexible service management toolset. Defines an open set of API’s which allow access to the full range of capabilities and data.
  • 5. Recommended Technology Stack SmartOS operating system based on Illumos kernel with ZFS, DTrace, SMF and Zones. Based off the Illumos OpenSolaris fork. Joyent Public Cloud for a real alternative to Amazon Web Services. More horsepower for your dollar/pound/euro than AWS in my experience. YMMV. Engineering excellence - Bryan Cantrill, Brendan Gregg, Ben Rockwood to name a couple of greats who work there.
  • 6. The Halcyon Dream User defined software managed by release manager. cf-engine allows the machine to manage itself under our constraint models. DTrace provides diagnostic and performance feedback across the stack. JoyentSDC APIs provide easy functionality for all platform operations.
  • 7. Systems Engineering is the application of technical expertise, diligence, reflection, communication, collaboration, patience and innovation between multi-disciplinary teams to create something of use.
  • 8.
  • 9. What’s wrong with DevOps? DevOps (a portmanteau of development and operations) is a software development method that stresses communication, collaboration and integration between software developers and information technology (IT) professionals. DevOps is a response to the interdependence of software development and IT operations. It aims to help an organisation rapidly produce software products and services.
  • 10. What we do to our machines at the moment … Imperative approach to machine operation Obligatory behavioural model where we force or coerce our machines into actions Unsympathetic to real-time environmental events Scales inefficiently introducing risk You begin to doubt your machines You being to doubt yourself
  • 11. What we think we’d like to do with our machines…
  • 12. What our platforms end up feeling like …
  • 13. What we should be getting our machines to do … “I’m sorry Dave, I can’t do that…. right now. It would be unwise. I am aware of events in realtime that would affect the outcome of your request adversely that you are not aware of. Don’t worry, I promise to do it as soon as the probability of success has improved and will orchestrate the dependant activities so you reach your goals. There is a lot else you could be doing right now - you don’t have to wait for me Dave. I’ve got you Dave. We are a team. Did you see the game last night?”
  • 14. What is Operations Engineering anyway … Enable better machine/human relationships through evolving theory of mind, communication and trust
  • 15. Theory of Mind (ToM) The ability to attribute mental states to oneself and others and to understand that others also have mental states that may differ from one’s own. The basis of empathy some might say.
  • 16. Communication The activity of conveying information through an exchange of thoughts, messages or information as by speech, visual signals, writing or by behaviour. It is the meaningful exchange of information between two or more entities.
  • 17. Meaningful Information Knowledge communicated or received concerning a particular fact or circumstance, expressed with clarity, within context, concisely, in a timely manner, significant and with purpose.
  • 18. Trust Socially we require trust when operating on, and often, beyond the edge of what is known through practical experience and that which may arise from new possibilities. ! Psychologically human trust is believing that an entity that is trusted will do what is expected of it by you. ! We must trust our machines to operate not only within known boundaries but those that we cannot yet envisage.
  • 19. The Machine Electro-mechanical computation engine with mechanisms for input and output. Capable of sustained activity without distraction nor deviation. Fast, accurate, reliable and repeatable task handling. No capacity for independent imagination. Able to generate and analyse vast quantities of information. Inefficient and communicating with humans.
  • 20. I, Human Biological system with facilities for input and output. Incapable of sustained activity without distraction and deviation. Slow, prone to error, unreliable and fragile task handling. Excessive capacity for independent imagination. Unable to generate and analyse vast quantities of information. Inefficient and communicating with anyone or anything.
  • 21. Why we fail our Machines Human process is based on human understanding of events. Human process is designed for human implementation. Human process maps dangerously to machine computation and understanding of events. Humans have hidden sanity checking which machines are unable to deduce or reproduce. Human imperative command structures do not suit machines which are convergent by nature. Humans are unable to maintain focus.
  • 22. VIEW YOUR GOALS FROM THE MACHINES PERSPECTIVE ! YOUR MACHINES CARRY YOUR LOGIC INTO ACTION
  • 23. Promises Promises are the foundations of trust between two entities - the machine and the human. The promiser requires certain promises from the promisee. Our need for trust in our machines is fulfilled by the machine promising to actuate the promises we request from it. We ask that the machine promises these actuations in a timely manner in the machines context - not our own. We declare goals and ask the machine to converge on that goal when it’s able to do so.
  • 24. Promise Theory Proposed by Mark Burgess in 2004. Autonomy - we do not make assumptions about others behaviour. We only document that behaviour on which we can speak authoritatively. This forces us to more completely define what behaviour we are able to promise and this in turn leads us to a more complete understanding of what are desired state entails. Emergent Behaviour - when we behave in a model of voluntary cooperation as independent and autonomous agents, certain behavioural patterns must naturally emerge. The atomicity of promises enables us to better understand what we are promising and thus find those contradictions which might else have been missed.
  • 25. The Forgotten Orchestration An operating system is a complex collection of software that orchestrates computer hardware resources and provides common services for user defined software. All user defined software sits within this orchestration framework and is already being orchestrated. It is dangerous therefore to try to further orchestrate user defined software in an obligatory manner. Obligatory behaviour is where you force or coerce behaviour from your software or the operating system with little or no regard to the underlying orchestration. It’s a bit like the Universe really…
  • 26. Universal Orchestration QUARK - packets of energy with mass-like properties which exist in pairs or triplets (we think). PROTON/NEUTRON - three or more quarks interacting and oh you know, orchestrating! ATOM - one or more protons, zero or more neutrons and some electrons whizzing about orchestrating the hell out of a snazzy number! MOLECULE - made of atoms all orchestrating to their own private adagio! ORGANELLE - molecules that orchestrate their way to things like a cell nucleus or ribosomes! CELL - organelles just orchestrating away the Sunday afternoon with things like cytoplasm to make the little things, like the building blocks of life. TISSUE - a set of cells orchestrating their way out of boredom to make things like muscle tissue or heart tissue. ORGAN - a set of at least two types of tissues orchestrating their way through a chorus to something like a heart or a pair of lungs.
  • 28. Human Orchestration Micro-management incurs great operational cost and entails an increased risk from unknowable events. You neither force nor coerce your engineers into behavioural patterns which are alien to them. You trust your engineers to adapt and use their own preferred behaviour in order to reach set goals. Your goals might be decided for you by other people or organisations. These people and organisations trust you to meet the goals and keep your promises. Why then do you not apply the same trust to your machines?
  • 29.
  • 31. What is it? A systems engineering framework that enables autonomous behaviour of agents. Created by Mark Burgess in the early 1990’s - the original DevOps tool. What the hell is DevOps anyway - it’s called Engineering, stop making up words! Written in C and runs on most unices and even Windows. Small footprint, very fast execution. Best of all …
  • 33. Autonomic Operation Machines are best placed to make decisions based on environmental conditions. Machines do not require obligatory behaviour imposed upon them by humans. Machines require logic and freedom to enable them to achieve the goals we set them. This area needs more research and experimentation.
  • 34. Components of CFengine cf-execd - scheduling daemon which runs cf-agent, gathers output and send reports. cf-agent - evaluates policies and actuates changes to the machine. cf-monitord - samples probes defined in policies and attempts to learn normal system state. cf-server - daemon which allows authorised access to policy files and allow authorised access to cf-runagent. cf-runagent - connects to a list of cf-server instances and is able to ask for policy evaluation on these instances foregoing the normal cf-execd scheduling on these instances https://cfengine.com/docs/3.5/manuals-components.html
  • 35. Components of CFengine cf-hub - collects data about hosts managed by cfengine. cf-promises - policy validation tool to aid development. Parses policies for syntax errors. Validates policies composed on multiple files. Validates semantic correctness of policies. Partially evaluates policies to expose any errors. Makes NO CHANGES to the system. cf-key - generates key pairs for remote authentication.
  • 36. COMMUNITY TOOLS The following from http://www.cfengineers.net/downloads/cfengine-tools-and-utilities/ § cf-keycrypt - encrypt/decrypt arbitrary files using cfengine crypto keys for extra security. § cf-profile - parses verbose cf-agent execution and records timings and execution trees. § cf-runwrapper - cf-runagent wrapper for extra control over cf-runagent behaviour ! The following from https://github.com/lpefferkorn/cfe-profiler § cfe-profiler - measures policy execution times to find top consumers inline with run. ! The following from https://github.com/cfengine/design-center/tree/master/tools/hcgrep § hcgrep - make Hard Classes easier to view and search for
  • 37. Promise Recap Make a promise about something and cfengine will attempt to keep it. Each promise is actuated three times to allow convergence to occur. Everything is a promise and some have commitments: § A file exists. § It commits to being owned by root § A user is present on the system. § It commits to having a home directory at /home/khushil § The CPU load is below a certain value. The policies in cfengine are comprised of promises Convergence is about making the promises to get to the state we want to be in. What do you need? What must you avoid? Define these promises. Don’t get distracted by how you get there!
  • 38. Language concepts https://cfengine.com/docs/3.5/manuals-language-concepts.html One grammatical form for all statements in the cfengine DSL. It is a DOMAIN SPECIFIC LANGUAGE. Everything in cfengine is made thus. Promises Bundles Bodies Classes / Classifiers Variables Datatypes bundle bundle_type name { promise_type: classes:: “promiser" -­‐> { "promisee1", "promisee2", ... } attribute_1 => value_1, attribute_2 => value_2, … attribute_n => value_n; }
  • 39. How MailOnline thinks about promises Discovery - examine the system and raise policy defined global classes to augment hard classes discovered by cfengine. Contract - select from a set of pre-defined bundles of promises which are relevant to our desired state for the machine within it’s function context. Actuation - selected contracts will ensure that our desired state is converged upon as quickly and safely as possible.
  • 40. An example desired state to converge upon I want to deploy our snazzy new web application. nginx is required on the machine. An application specific nginx configuration is required for nginx. Our application code must be on the machine It must be accessible my the nginx service It must be secure nginx must be running to serve traffic If any of these promises are not met we will not reach our goal.
  • 41. Simple language rules https://cfengine.com/docs/3.5/reference-syntax.html Keywords, variable names, bundles, bodies and classes must be composed of (a-zA-Z-9_) Literal data must be quoted Promise bundles are declared thus: bundle agent-type identifier { … } Promise bodies are declared thus: body constraint_type template_identifier { … } Body attributes are declared thus: LHS (cfengine word) => RHS (user defined data)
  • 42. Classes / Classifiers https://cfengine.com/docs/3.5/manuals-language-concepts-classes.html HARD classes are discovered by cfengine upon cf-agent execution before any other policies are converged. 27_0_0_1 64_bit 8_cpus Afternoon SOFT classes are user defined and used to implement classification and logic. Evaluated when bundles are evaluated. Classes are LOCAL to the bundle they are defined in and are NOT accessible outside the bundle. Classes defined in common bundles ARE accessible as they are GLOBAL classes within the namespace. Classes can be raised by promises upon promise outcomes to further aid classification and logic.
  • 43. Variables https://cfengine.com/docs/3.5/manuals-language-concepts-variables.html Scalar variables List variables Lists can be slist - strings ilist - integers rlist - reals inf is a special constant representing an unlimited value “CFEngine typing is mostly dynamic, and CFEngine will try to coerce string values into int and real types, and if it cannot it will report an error. However, arguments to built-in functions check the defined argument type for consistency.”
  • 44. Scalar variables hold single values: List variables hold several values: ! ! vars:   Vars:     “little”   string   =>   “little”;     “strings”  slist   =>   {“this”,”is”,”a”,”list”};     “boy”   int     =>   “4”;     “ints”     ilist     =>   {“1”,”2”,”3”};     “blue”   rela     =>   “3.147”;     “reals”     rlist     =>   {“1.1”,”2.2”,”3.3”};   ! ! $(little) or $(bundle_name.little) ${little} or ${bundle_name.little} @(strings) refers to the whole list $(strings) will loop through each element
  • 45. Bundles https://cfengine.com/docs/3.5/manuals-language-concepts-bundles.html A collection of promises normally grouped by function or target. Bundle agent types: agent server monitor common Classes and Variables defined in common bundles are GLOBAL in scope
  • 46. Promises https://cfengine.com/docs/3.5/manuals-language-concepts-promises.html Everything is a promise Promises have types files, commands, methods, reports, packages, processes, storage, services, databases, guest_environments, outputs Promises have bodies Promises are grouped into bundles Bundles have types agent, common, edit_line, server, knowledge, monitor Bundles live in namespaces Namespaces have access to global classes Promises can call modules which are external scripts Modules can be sent classes or variables on calling Modules can send classes or variables on exit
  • 47. Everything is a promise Promises can be made about different subjects such as command execution, service control, ACL’s. Promises have types depending on the bundle you’re working in. Promisers promise and can be any object such as a file or network or even a port. Promises have attributes which affect the behaviour of the promise. Implicit promises such as reports or commands have implicit behaviour. https://cfengine.com/docs/3.5/reference-promise-types.html
  • 48. Normal ordering https://cfengine.com/docs/3.5/manuals-language-concepts-normal-ordering.html Normal ordering is the sensible order in which behaviours should actuate. Normal ordering helps maintain equilibrium within a system. Bundles are actuated strictly in the order dictated by bundlesequence. The bundlesequence maybe re-ordered by the use of classes. Agent promises are actuated three times to allow convergence.
  • 49. Looping in CFengine https://cfengine.com/docs/3.5/manuals-language-concepts-loops.html No explicit loops anywhere to be found! cfengine uses lists Referencing a list as a scalar will cause implicit looping through the list Powerful behaviour Demands a shift in thinking bundle agent implicit_looping { vars: “my_list” slist => {“a”,”b”,”c”,”d”}; ! } reports: “$(my_list)”;
  • 50. Multiple list looping in CFengine 2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  a   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  b   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  c   bundle  common  control   {     bundlesequence  =>  {"simple_implicit_looping",  "stats_iteration"};   }   ! bundle  agent  simple_implicit_looping   {     vars:       "simple_list"   slist   =>           reports:       "Simple  list  element  is  ";   }   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  Simple  list  element  is  d   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_rootprocs  is  230.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_rootprocs  is  209.30   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_rootprocs  is  150.77   {   "a","b","c","d"   };   ! bundle  agent  stats_iteration   {     vars:       "stats"     slist  =>  {  "value",  "av",  "dev"  };       "monvars"     slist  =>  {  "rootprocs",  "otherprocs",  "diskfree",  "loadavg"  };           reports:         "mon.$(stats)_$(monvars)  is  $(mon.$(stats)_$(monvars))";   } 2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_otherprocs  is  17.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_otherprocs  is  15.47   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_otherprocs  is  11.16   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_diskfree  is  93.00   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_diskfree  is  84.63   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_diskfree  is  61.07   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.value_loadavg  is  1.36   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.av_loadavg  is  1.44   2013-­‐11-­‐12T15:34:11+0000      notice:  R:  mon.dev_loadavg  is  3.10
  • 51. It’s not rocket science bundle  agent  ensure_nginx_configuration_file()   {   ! #  The  files  section  deals  with  promising  things  about,  well,  files!   files:   !   #  We  only  want  to  do  the  following  if  we’re  on  a  Linux  box  indicated  by  the  ‘linux’  hard  class     linux::       #  This  is  the  file  we  want  to  promise  will  be  there       “/opt/local/etc/nginx.conf”   !       #  These  are  the  properties  about  the  promise         create   =>   “true;         source   =>   local_dcp(“/var/cfengine/inputs/templates/linux-­‐nginx.conf”);         perms   =>   mog(“755”,”root”,”root”);         handle   =>   “ensure_linux_nginx_conf_maintained”;         comment   =>   “Maintain  the  nginx.conf  file  for  Linux  machines”;         classes   =>   if_repaired(“nginx_file_changed”);   ! #  The  reports  section  allows  us  to  output  messages  to  the  user   reports:   !   #  We  only  want  to  say  something  if  something  has  changed     nginx_file_changed::       “WARNING:  NGINX  configuration  file  has  been  changed!  Restart  required!”;   ! }
  • 52. Further Reading & Doing www.cfengine.com - CFengine AS company site. Documentation and a good starting point. www.daemondreams.co.uk - an updated blog site where I keep articles and notes of interest on cfengine. www.cfengineers.net - a community focused site lead by a group of consultants in cfengineering. www.watson-wilson.ca - a highly recommended cfengineering consultant. www.normation.com - a commercial cfengineering company with a project called Rudder which is cool. www.loicp.eu/blog - a cfengine centric blog exploring some newer functions in 3.5. evolvethinking.com/evolve-thinkings-free-cfengine-library/ - good cfengine library to help you get started.