As a Configuration Management [CM] "champion", trying to gain traction in your environment can be challenging when the level of expertise necessary is in short supply. We built Rudder so that CM champion would not need to clone themselves. Instead, the CM champion is able to use a tool to manage configuration data, expose key parameters to the rest of their team, reduce complexity of configuration changes, and put in place role-based workflow for change control.
Rudder is an open source configuration management solution, using lightweight agents (based on CFEngine) controlled via a central management point. Using Rudder, I will show how this approach enables the team to fully participate in the practice of Configuration Management, keep track of changes and history, exploit change access / control, and facilitate knowledge sharing (sharing intentions in design via desired configuration state, maintaining a record of preferred configurations) without intervention of CM champion.
Strategies for Landing an Oracle DBA Job as a Fresher
Rudder - Getting everyone on board the configuration management express!
1. Getting everyone on
board the configuration
management express!
Nicolas CHARLES – nch@normation.com
Normation – CC-BY-SA
normation.com
2. Who am I ?
●
Nicolas CHARLES
●
Job: Co-founder and “COO” at Normation
●
Free software:
–
Co-creator of Rudder
–
Contributor to CFEngine since 2009
–
CFEngine Community Champion
Contact info
Email: nch@normation.com
Twitter: @nico_charles
Normation – CC-BY-SA
normation.com
2
17. Context
The dark side
Change habits
Get in the way of people
Can be complex to tame
Normation – CC-BY-SA
normation.com
17
18. Context
The dark side
Change habits
Get in the way of people
Can be complex to tame
It's too hard to use,
I've always changed things via the terminal
Normation – CC-BY-SA
normation.com
18
20. Context
The darker side
●
Config Management Hero becomes a bottleneck
→ He is the only one to really push the use of the CM
Normation – CC-BY-SA
normation.com
20
21. Context
The darker side
●
●
Config Management Hero becomes a bottleneck
Config Management Hero becomes critical ressource:
→ He is the only one to really know how the CM works
Normation – CC-BY-SA
normation.com
21
22. Context
The darker side
●
●
●
Config Management Hero becomes a bottleneck
Config Management Hero becomes critical ressource
Config Management Hero gets to answer to everyone's
questions
Normation – CC-BY-SA
normation.com
22
23. Context
The darker side
●
●
●
Config Management Hero becomes a bottleneck
Config Management Hero becomes critical ressource
Config Management Hero gets to answer to everyone's
questions
Hi, this is the supervision team.
I'm sorry to disturb you at night, but we've got this error
in production, and I think it's related to a change in the CM tool,
but I don't understand it. Can you help me?
Normation – CC-BY-SA
normation.com
23
25. Context
The darker side
People joining the team/company have a lot to learn:
● How to work with a new set of people
● The processes
● Architecture of IT systems
● Possibly new tools
● The current CM implementation
Normation – CC-BY-SA
normation.com
25
26. Context
The darker side
People joining the team/company have a lot to learn:
● How to work with a new set of people
● The processes
● Architecture of IT systems
● Possibly new tools
● The current CM implementation
AND THAT'S A LOT TO LEARN
Normation – CC-BY-SA
normation.com
26
30. Context
Reporting?
Share the knowledge with:
● The team
● The managers
Are we compliant ? Compliant to what ?
● To the company rules?
Normation – CC-BY-SA
normation.com
30
31. Context
Reporting?
Share the knowledge with:
● The team
● The managers
Are we compliant ? Compliant to what ?
● To the company rules?
● To the legal reglementation?
Normation – CC-BY-SA
normation.com
31
32. Context
Reporting?
Share the knowledge with:
● The team
● The managers
Are we compliant ? Compliant to what ?
● To the company rules?
● To the legal reglementation?
Coding yourself the reporting???
Normation – CC-BY-SA
normation.com
32
37. Rudder
Rudder
Directly usable by a larger population
Expert
Management
Sysadmins with
no previous CM
knowledge
Normation – CC-BY-SA
normation.com
37
46. Rudder
Complete tracability
Every changes made by users are stored.
All policies are commited into Git
●
To have easy to track changes
●
To archive/restore between Rudder servers
Normation – CC-BY-SA
normation.com
46
47. Rudder
Complete tracability
Every checks and changes on nodes are traced and stored
●
Predefined reports in the Techniques
●
Reports centralized on the server for historization
Normation – CC-BY-SA
normation.com
47
48. Architecture
TCP - port 5309
File metadata and files
Authentication and encryption (SSL)
Rudder server
Do
w
Node
Node
Node
nlo
TCP ports 80 and 514
HTTP and syslog
ad
inf
o
Isolated
network
Relay server
Node
Node
Normation – CC-BY-SA
normation.com
48
49. Rudder
http://www.rudder-project.org/
Continuous checking
Simplified user experience
via a Web UI
Based on CFEngine 3
Graphical reporting
Pre-packaged for all
supported OSes
Open Source
Vagrant config to test:
https://github.com/normation/rudder-vagrant/
Normation – CC-BY-SA
normation.com
49
50. Rudder - workflow
Define
security policy
REPORTING
Management
c c
Community
Expert
Changes
(fixes, upgrades...)
Technical abstraction
(method vs parameters)
Sysadmins
Configuration agent
Configure
parameters
Initial application
Continuous verification
Normation – CC-BY-SA
normation.com
50
51. Conclusion
What happens?
With Rudder, the Configuration Management Hero is still an hero.
But with much more peace of mind, as the whole team is
supporting him
Normation – CC-BY-SA
normation.com
51
52. Conclusion
What happens?
With Rudder, the Configuration Management Hero is still an hero.
But with much more peace of mind, as the whole team is
supporting him
Normation – CC-BY-SA
normation.com
52