Rudder 4.0 was released in November 2016 with a complete UI redesign, and a new ""audit"" mode. This mode changes the focus and everday usage of Rudder - from simply testing your policy across all hosts *before* enforcing it, to using Rudder as a fully-blown continuous auditing tool. Recent versions also introduced variable expansion anywhere across policies including some clever default and fallback options.
The development team is now working on Rudder 4.1 that will include:
- an advanced feature to query external APIs and pull in node properties dynamically
- the ability to add "key=value" tags to all Rules and Directives in order to categorize them
- a new API on relay servers to enable node-to-node file sharing and remote run in firewalled environments
This talk will introduce these new features and show how to use them, hopefully getting you as excited as we are! Then, I'll move on to explain about longer-term feature ideas we have for Rudder, and the general vision linked to future developments.
Developer Data Modeling Mistakes: From Postgres to NoSQL
Rudder: what's new and what's next? Roadmap, vision and thoughts
1. Normation – 87 rue de Turbigo, 75003 PARIS, France –Normation – 87 rue de Turbigo, 75003 PARIS, France – contact@normation.comcontact@normation.com – 01.83.62.26.96 –– 01.83.62.26.96 – http://www.normation.com/http://www.normation.com/
Rudder: what's new and what's next?
Roadmap, vision and thoughts
Jonathan CLARKE
jcl@normation.com
@jooooooon42
Co-founder &
Chief Product Officer
Rudder: noun. Piece used for steering a ship.
Used to correct heading when trajectory drifts off course.
8. Normation
CC-BY-SA
normation.com
8
Rudder versions
Currently supported versions
● 3.1.x – current ESR* version
– Will be supported for 6 months after next ESR version is named
(so likely until Autumn 2017)
● 3.2.x – old-latest version
– End-of-Life scheduled for 10 February 2017
● 4.0.x – current latest version
– Will be supported for 3 months after next version is released
(so until May 2017)
● 4.1.x – next version
– Scheduled for release in February 2017
– Candidate for next ESR*
* ESR = Extended Support Release
2014 2015 2016 2017
Mar July Feb Jun Jan Oct Feb
2.10 2.11 3.0 3.1 3.2 4.0 4.1
19. Normation
CC-BY-SA
normation.com
19
A new API on relay servers
Central server
Node Node Node
TCP communication (port 5309)
File metadata
File contents
Authentification + encryption (TLS)
TCP communication
(ports 443 et 514)
Protocols: HTTPS, syslog
Node Node Node
Isolated network zone
Relay server
Aggregated data
Inventory
+ Reports
Configuration
policy
20. Normation
CC-BY-SA
normation.com
20
... RELAY API
A new API on relay servers
Relay server
Node Node
UI REST API
... RELAY API
Central server
RELAY APIRELAY API
Trigger agent run
Scenario 1:
Trigger agent runs
remotely, including via
firewalls.
21. Normation
CC-BY-SA
normation.com
21
... RELAY API
A new API on relay servers
Relay server
Node 1 Node 2
UI REST API
... RELAY API
Central server
RELAY APIRELAY API
File shared
with metadata
Scenario 2:
Share files from one
node to another.
In the same network
or not (via relays).
... RELAY API
Relay server
sharedfile_to_node(‘node 2’, ‘db.sql’,
‘/var/share/db.sql’, ‘3 days’)
sharedfile_from_node(‘node 1’,
‘db.sql’, ‘/var/share/db.sql’)
ncf methods
22. Normation
CC-BY-SA
normation.com
22
New and notable ncf methods
Package management
package_present package_absent
package_state
Package
management
ncf methods Technique
Package
management
for RPM
Package
management
for apt
24. Normation
CC-BY-SA
normation.com
24
Node properties data sources
Import data from third-party
REST APIs
● HTTP calls
● Node by node
● One call for all nodes
● HTTP options:
● GET/POST
● Headers
● Body
● JSON “path” to extract data
● Plain text or JSON result
● Triggered by schedule
or on events
25. Normation
CC-BY-SA
normation.com
25
Recap of new features
● Audit mode – continuous auditing
● Redesigned UI
● Quick search on everything
● Search event logs by date
● Tags on directives and rules
● Node properties: JSON support & variable expansion
● API on relay servers for remote run & file sharing
● New package methods in ncf + Technique
● Jinja2 templating support
● Node properties data sources
● ...
27. Normation
CC-BY-SA
normation.com
27
A word about open source business models
● Open source business models for software
● Sell services only (consulting + training / support)
– Example: PostgreSQL
● Have a “community” version that’s open source and sell a “pro/enterprise”
version that’s closed source
– Example: CFEngine, Puppet, Talend
● Have open source code but sell binaries + support
– Example: Red Hat
● Have open source platform + plugins (open + closed source)
– Example: Wordpress, Chef
28. Normation
CC-BY-SA
normation.com
28
A word about open source business models
● Open source business models for software
● Sell services only (consulting + training / support)
– Example: PostgreSQL
● Have a “community” version that’s open source and sell a “pro/enterprise”
version that’s closed source
– Example: CFEngine, Puppet, Talend
● Have open source code but sell binaries + support
– Example: Red Hat
● Have open source platform + plugins (open + closed source)
– Example: Wordpress, Chef
More
plugins!
30. Normation
CC-BY-SA
normation.com
30
Future plugins (planned + ideas)
Windows
support with
Microsoft DSC
Future ideas as plugins
Advanced access
control
(OrBAC)
High availability
for Rudder server
High availability
for Rudder relays
Customise web
interface
(logo + name)
“Ramp up”
policies for
progressive
rollouts
Sync data
between
Rudder servers
34. 34
Normation – 87 rue de Turbigo, 75003 PARIS, France –Normation – 87 rue de Turbigo, 75003 PARIS, France – contact@normation.comcontact@normation.com – 01.83.62.26.96 –– 01.83.62.26.96 – http://www.normation.com/http://www.normation.com/
Rudder: what's new and what's next?
Roadmap, vision and thoughts
Jonathan CLARKE
jcl@normation.com
@jooooooon42
Co-founder &
Chief Product Officer
Rudder: noun. Piece used for steering a ship.
Used to correct heading when trajectory drifts off course.