Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Rudder - Getting everyone on board the configuration management express!

1,806 views

Published on

As a Configuration Management [CM] "champion", trying to gain traction in your environment can be challenging when the level of expertise necessary is in short supply. We built Rudder so that CM champion would not need to clone themselves. Instead, the CM champion is able to use a tool to manage configuration data, expose key parameters to the rest of their team, reduce complexity of configuration changes, and put in place role-based workflow for change control.

Rudder is an open source configuration management solution, using lightweight agents (based on CFEngine) controlled via a central management point. Using Rudder, I will show how this approach enables the team to fully participate in the practice of Configuration Management, keep track of changes and history, exploit change access / control, and facilitate knowledge sharing (sharing intentions in design via desired configuration state, maintaining a record of preferred configurations) without intervention of CM champion.

Published in: Technology, Business
  • Be the first to comment

Rudder - Getting everyone on board the configuration management express!

  1. 1. Getting everyone on board the configuration management express! Nicolas CHARLES – nch@normation.com Normation – CC-BY-SA normation.com
  2. 2. Who am I ? ● Nicolas CHARLES ● Job: Co-founder and “COO” at Normation ● Free software: – Co-creator of Rudder – Contributor to CFEngine since 2009 – CFEngine Community Champion Contact info Email: nch@normation.com Twitter: @nico_charles Normation – CC-BY-SA normation.com 2
  3. 3. Context Configuration Management Normation – CC-BY-SA normation.com 3
  4. 4. Context Configuration Management way roper he p T tems e sys anag to m Normation – CC-BY-SA normation.com 4
  5. 5. Context How to start? Normation – CC-BY-SA normation.com 5
  6. 6. Context How to start? What are the requirements? Normation – CC-BY-SA normation.com 6
  7. 7. Context How to start? What are the requirements? Which tool(s)? Normation – CC-BY-SA normation.com 7
  8. 8. Context How to start? What are the requirements? Which tool(s)? Which architecture(s)? Normation – CC-BY-SA normation.com 8
  9. 9. Context Getting started Project leader(s) evaluate and choose tool(s), learn its basic, and create PoC(s) Normation – CC-BY-SA normation.com 9
  10. 10. Context Getting started Project leader(s) gets experience and confidence. Becomes the Configuration Management Hero Normation – CC-BY-SA normation.com 10
  11. 11. Context Adoption With enough work and effort, the project is a success! Normation – CC-BY-SA normation.com 11
  12. 12. Context Adoption It does things It is deployed It is useful! Normation – CC-BY-SA normation.com 12
  13. 13. Context The dark side Normation – CC-BY-SA normation.com 13
  14. 14. Context The dark side Change habits Normation – CC-BY-SA normation.com 14
  15. 15. Context The dark side Change habits I was modifying a file, and everything I did was erased! Normation – CC-BY-SA normation.com 15
  16. 16. Context The dark side Change habits Get in the way of people Normation – CC-BY-SA normation.com 16
  17. 17. Context The dark side Change habits Get in the way of people Can be complex to tame Normation – CC-BY-SA normation.com 17
  18. 18. Context The dark side Change habits Get in the way of people Can be complex to tame It's too hard to use, I've always changed things via the terminal Normation – CC-BY-SA normation.com 18
  19. 19. Context The darker side Normation – CC-BY-SA normation.com 19
  20. 20. Context The darker side ● Config Management Hero becomes a bottleneck → He is the only one to really push the use of the CM Normation – CC-BY-SA normation.com 20
  21. 21. Context The darker side ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource: → He is the only one to really know how the CM works Normation – CC-BY-SA normation.com 21
  22. 22. Context The darker side ● ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource Config Management Hero gets to answer to everyone's questions Normation – CC-BY-SA normation.com 22
  23. 23. Context The darker side ● ● ● Config Management Hero becomes a bottleneck Config Management Hero becomes critical ressource Config Management Hero gets to answer to everyone's questions Hi, this is the supervision team. I'm sorry to disturb you at night, but we've got this error in production, and I think it's related to a change in the CM tool, but I don't understand it. Can you help me? Normation – CC-BY-SA normation.com 23
  24. 24. Context The darker side Normation – CC-BY-SA normation.com 24
  25. 25. Context The darker side People joining the team/company have a lot to learn: ● How to work with a new set of people ● The processes ● Architecture of IT systems ● Possibly new tools ● The current CM implementation Normation – CC-BY-SA normation.com 25
  26. 26. Context The darker side People joining the team/company have a lot to learn: ● How to work with a new set of people ● The processes ● Architecture of IT systems ● Possibly new tools ● The current CM implementation AND THAT'S A LOT TO LEARN Normation – CC-BY-SA normation.com 26
  27. 27. Context Reporting? Share the knowledge with: ● The team: what happens, on which systems, and why Normation – CC-BY-SA normation.com 27
  28. 28. Context Reporting? Share the knowledge with: ● The team ● The managers: to show that everything is running fine Normation – CC-BY-SA normation.com 28
  29. 29. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? Normation – CC-BY-SA normation.com 29
  30. 30. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? Normation – CC-BY-SA normation.com 30
  31. 31. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? ● To the legal reglementation? Normation – CC-BY-SA normation.com 31
  32. 32. Context Reporting? Share the knowledge with: ● The team ● The managers Are we compliant ? Compliant to what ? ● To the company rules? ● To the legal reglementation? Coding yourself the reporting??? Normation – CC-BY-SA normation.com 32
  33. 33. Context Looks grim :/ Normation – CC-BY-SA normation.com 33
  34. 34. Context How to welcome everyone in configuration management?? Normation – CC-BY-SA normation.com 34
  35. 35. Introducing Rudder Rudder Normation – CC-BY-SA normation.com 35
  36. 36. Introducing Rudder Rudder Cfgt Express ! Normation – CC-BY-SA normation.com 36
  37. 37. Rudder Rudder Directly usable by a larger population Expert Management Sysadmins with no previous CM knowledge Normation – CC-BY-SA normation.com 37
  38. 38. Rudder Built-in reporting Normation – CC-BY-SA normation.com 38
  39. 39. Rudder Built-in reporting Normation – CC-BY-SA normation.com 39
  40. 40. Rudder Simplified configuration Normation – CC-BY-SA normation.com 40
  41. 41. Rudder Peer-review and validation Normation – CC-BY-SA normation.com 41
  42. 42. Rudder Peer-review and validation Normation – CC-BY-SA normation.com 42
  43. 43. Rudder Complete tracability Normation – CC-BY-SA normation.com 43
  44. 44. Rudder Complete tracability Easy to restore previous configuration policy Normation – CC-BY-SA normation.com 44
  45. 45. Rudder Complete tracability ????? Normation – CC-BY-SA normation.com 45
  46. 46. Rudder Complete tracability Every changes made by users are stored. All policies are commited into Git ● To have easy to track changes ● To archive/restore between Rudder servers Normation – CC-BY-SA normation.com 46
  47. 47. Rudder Complete tracability Every checks and changes on nodes are traced and stored ● Predefined reports in the Techniques ● Reports centralized on the server for historization Normation – CC-BY-SA normation.com 47
  48. 48. Architecture TCP - port 5309 File metadata and files Authentication and encryption (SSL) Rudder server Do w Node Node Node nlo TCP ports 80 and 514 HTTP and syslog ad inf o Isolated network Relay server Node Node Normation – CC-BY-SA normation.com 48
  49. 49. Rudder http://www.rudder-project.org/ Continuous checking Simplified user experience via a Web UI Based on CFEngine 3 Graphical reporting Pre-packaged for all supported OSes Open Source Vagrant config to test: https://github.com/normation/rudder-vagrant/ Normation – CC-BY-SA normation.com 49
  50. 50. Rudder - workflow Define security policy REPORTING Management c c Community Expert Changes (fixes, upgrades...) Technical abstraction (method vs parameters) Sysadmins Configuration agent Configure parameters Initial application Continuous verification Normation – CC-BY-SA normation.com 50
  51. 51. Conclusion What happens? With Rudder, the Configuration Management Hero is still an hero. But with much more peace of mind, as the whole team is supporting him Normation – CC-BY-SA normation.com 51
  52. 52. Conclusion What happens? With Rudder, the Configuration Management Hero is still an hero. But with much more peace of mind, as the whole team is supporting him Normation – CC-BY-SA normation.com 52
  53. 53. Rudder stats Key links : ● ● ● ● ● Community website : http://www.rudder-project.org Source code : http://github.com/Normation/ Mailing-list : rudder-users@lists.rudder-project.org IRC : #rudder on Freenode Twitter : @RudderProject Ohloh.net statistics Normation – CC-BY-SA normation.com 53
  54. 54. Questions? Follow us on Twitter: @RudderProject Nicolas CHARLES - nch@normation.com Normation – CC-BY-SA normation.com

×