Rudder - Configuration management benefits for everyone

4,885 views

Published on

Rudder is a new open source tool in the configuration management domain. Specifically aimed at drift assessment, it addresses automation, ongoing verification and repairs, centralizing information and knowledge about your infrastructure, compliance reporting... thus helping to keep drift from nominal behavior low. It's aim is to enable non-experts to benefit from the advantages of configuration management, not reinventing the technical wheel, but providing a new way to drive our infrastructure.

This talk will show how Rudder's approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We'll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work.

In a nutshell, clearly separated tasks permit technical experts to create configuration templates for the tools they know best, thus letting non-experts leverage this power via a modern web interface, such as: architects or security officers who implement policy, junior sysadmins who use and reuse such policies to setup services, and pretty much anyone who digs into real-time compliance reports and error logs.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,885
On SlideShare
0
From Embeds
0
Number of Embeds
2,210
Actions
Shares
0
Downloads
40
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Rudder - Configuration management benefits for everyone

  1. 1. Rudder Configuration Management benefits for everyoneNicolas CHARLES – nch@normation.com Normation – CC-BY-SA normation.com
  2. 2. Who am I ?● Nicolas CHARLES ● Job : Co-founder and CEO of Normation ● Trade : – Have a developer background (Scala) – Came to system administration in 2009 with CFEngine 3 – One of the developers of Rudder – Love to code (still more a Dev than an Ops) ● Open Source : CFEngine Community Champion Contacts Mail : nch@normation.com Twitter : @nico_charles Normation – CC-BY-SA normation.com 2
  3. 3. TopicLifecycle of an IT system Best SecuritySpecifications practices rules Dev QA/Test/Int Production environment environment environment Changes Changes ChangesIssues Disaster Prove From 1 service to... compliance 10, 100, 1000 ! recovery Normation – CC-BY-SA normation.com 3
  4. 4. The three waves of IT configuration 1. Craft 2. Duplication 3. Central managementHand made configuration, A “perfect” installation, Automated configuration, tailored to fit reproduced identically managed from a central point ● Adaptative to all needs ● Save time, from the second ● Centralized control ● Customized solution deployment onwards ● Change management ● Detail oriented ● Identical environments ● Validation and reporting ● Knowledge sharing ● Scalability issue ● Adapting parameters ● Agent on each server ● Repetition is not ● Change management ● Learning curve a human quality ● Image format compatibility ● Increased complexity of ops ● Knowledge sharing EVOLUTION Normation – CC-BY-SA normation.com 4
  5. 5. Configuration managementReproducibility Industrialization Documentation History Building-up Automation knowledge Configuration management Vigilance Control Automatic Alerts Formalization Reporting repairs Normation – CC-BY-SA normation.com 5
  6. 6. A recognized best practice● Several recognized standards and recommendations emphasize configuration management 9000● Recommendations since 2007 : ● « Operational error causes about 40% of all outages » ● « Implementation of a configuration management strategy will reduce downtime by as much as 35% » Normation – CC-BY-SA normation.com 6
  7. 7. Goals Make configuration management easy and increase its adoption Lower entry cost Extend benefits to of learn and use configuration management toconfiguration management a wider population Junior Non Easy to use Highly powerful Managers sysadmins experts Normation – CC-BY-SA normation.com 7
  8. 8. Key pointsSpecifically designed for Simplified user experienceconfiguration management (web interface)Based on CFEngine, Graphical reportingstandard since 1993Automatic inventory Best practices library(hardware and software) includedMulti-platform Open Source(packaged for each OS) Normation – CC-BY-SA normation.com 8
  9. 9. Workflow c c Techniques NodesCommunity Implemented in Search critieria on CFEngine syntax inventory data + Hardware/OS/Network/ metadata for Software/Node name/ Expert web configuration ... Directives Groups Decider Rules Apply Directives Sysadmins to a Group Normation – CC-BY-SA normation.com 9
  10. 10. BehaviourNew nodes Inventory Web interface on Rudder server Browse and search Create node groups node data (static, dynamic) Configure View infrastructure rules on groups status CFEngine Reports (specific format policy via syslog) Managed nodes Normation – CC-BY-SA normation.com 10
  11. 11. Web Interface overview Normation – CC-BY-SA normation.com 11
  12. 12. Web Interface overview Normation – CC-BY-SA normation.com 12
  13. 13. Web Interface overview Normation – CC-BY-SA normation.com 13
  14. 14. Web Interface overview Normation – CC-BY-SA normation.com 14
  15. 15. Web Interface overview Normation – CC-BY-SA normation.com 15
  16. 16. The Open Source project● Created in 2009 ● October 2011 : First public release ● August 2012 : Second major release (2.4)● Main technologies : CFEngine, Scala● Community ● Full time developers: 8 (at Normation) ● Official contributors : 6 ● Other members : ~20● Key links : ● Community website : http://www.rudder-project.org ● Source code : http://github.com/Normation/ ● IRC : #rudder on Freenode ● Twitter : @RudderProject Normation – CC-BY-SA normation.com 16
  17. 17. Questions ? Normation – CC-BY-SA normation.com
  18. 18. CFEngine : architectureTypical CFEngine architecture CFEngine server Communication TCP (port 5308) Metadata Files Node Node Node Node Normation – Tous droits réservés Normation – CC-BY-SA normation.com normation.com 10
  19. 19. Rudder : architectureRudder architecture, on top of CFEngine Rudder server Generation Compliance of CFEngine computation promises CFEngine server Communication TCP (port 5309) Reports Metadata (syslog) Files Inventories (Port 80) Node Node Node Node Normation – Tous droits réservés Normation – CC-BY-SA normation.com normation.com 11

×