François Dechelle, responsible of R&D projects at Teclib, presents at OW2con'19, June 12-13 2019 in Paris: "Latest trends of the GLPI project: automation, cybersecurity and green IT,".
Designing IA for AI - Information Architecture Conference 2024
Presentation of glpi project, OW2con'19, June 12-13, Paris.
1. LATEST TRENDS OF THE GLPI PROJECT:
AUTOMATION, CYBERSECURITY, GREEN IT
François Déchelle (fdechelle@teclib.com)
2. WHO WE ARE
Teclib’ is a Free & Open source software editor
We make only open source software
Business model based on annual subscription (a la Red Hat)
Community contribution
Distribution via network of integrators & service providers
=> 17 international partners
3. THE GLPI PROJECT
Gestion Libre de Parc Informatique
A community project started in 2003
1 000 000 downloads, 15 000 users, 5 000 corporate users in 20 countries, 47 languages
IT Service Management solution:
• IT assets management
• Help desk
• Inventory with Fusion Inventory, OCS Inventory
• Mobile fleet management with Flyve MDM
• Modular: plugin system
Teclib’ leads the project since 2015
6. AUTOMATION TOOLS
Configuring, deploying, maintaining…
=> repetitive tasks!
Configuration management software: Chef, Puppet, CFEngine…
and Red Hat Ansible, which is:
• Agentless
• Declarative (YAML)
Some Ansible concepts:
• Inventory: a tree of hosts and groups
• Playbook: YAML file containing configuration, deployment, orchestration… tasks
• Modules: building blocks for tasks, written in Python, idempotent
7. GLPI ANSIBLE CONNECTOR
2 goals:
1) Use GLPI as an inventory source for Ansible
=> Ansible inventory plugin (Python)
2) Run Ansible playbooks inside GLPI
=> needs 1)
“Ansible Tower for the poor”
Seamless integration of Ansible in GLPI
• Maintain administrative tasks as Ansible playbooks
• Maintain playbooks inside git
Available Q4 2019
9. CYBERSECURITY: TRACKING VULNERABILITIES FOR YOUR ASSETS
What is vulnerability management?
A process
1) Asset Inventory 2) Manage Information 3) Assess Risk 4) Assess Vulnerabilities
5) Reporting and Remediation 6) Plan your response
https://www.sans.org/reading-room/whitepapers/threats/paper/1267
Quote from Steve Crutchley (4FrontSecurity):
there are “many organizations I have counseled [who] lack an effective asset
inventory. Without an asset inventory, how are the systems and network
engineering groups supposed to sift through security alerts and know which ones
apply to them and which can be discarded?”
10. A GLPI PLUGIN FOR VULNERABILITY MANAGEMENT
Based on GLPI inventory
Automates steps 1 through 5
Uses a configurable set of vulnerability information sources (CERT, NVD, ISC…)
Scans the inventory to find vulnerable assets
• Creates a GLPI registered Search, so that scan can be replayed
• Generates GLPI tickets (urgency, priority, notification…)
Makes GLPI a key component of the SOC
Available Q1 2020
13. IT AND CLIMATE CRISIS
Quotes from The Shift Project, “Lean ICT: Towards digital sobriety” report:
• “the share of digital technologies in global greenhouse gas emissions has
increased by half since 2013, from 2.5% to 3.7% of global emissions”
• “the CO2 emissions of digital technologies increased by about 450 million tons
since 2013 in OECD countries, while globally, overall CO2 emissions decreased by
250 million tons of CO2 over the same period”
• “the direct energy footprint of ICT, that includes the energy for the production
and the use of equipments, increases by 9% per year”
This is not sustainable.
14. MEASURE IT ENERGY FOOTPRINT
Mandatory first step: measure…
Many sources of information:
• desktops
• laptops
• servers
• network equipments, PDU…
SNMP or IPMI for servers, PDU, network equipments; SMART for disks
Standards? Open source tools?
Must be supported either with an agent (FusionInventory) or agentless
15. REDUCE IT ENERGY FOOTPRINT
Steps:
1. Measurements
power consumption, load average, use profile … = f(t)
2. Statistics, diagnostics, taxonomies
Under/over loaded server, idle machines, “single application” machines…
3. Simulations
What is my power consumption if power down “office” machines 7pm to 8am?
What is my CO2 emission given French energy profile?
4. Policies and management
Define the “office” machines policy
Replace my old servers with new and less consuming models (carefull!!!)
Collaboration in progress with PowerFreezzz
16. CLEAR INTERFACE
See everything all on
one page. This lets
you control everything
easily.
THE MORE THE BETTER
The more computers
you have connected
the more money you
save
CLEAR GRAPHS
See the money you
are saving clearly with
up to date static
graphs.
EASY AND CLEAR
INTERFACE