SlideShare a Scribd company logo

Automating the manual - feedback on including existing systems in configuration management

RUDDER
RUDDER

When designing a new infrastructure, weaving configuration management within it is a natural solution nowadays. However, there are many systems in the wild that are still manually managed, if managed at all; mission critical servers that can’t be shut down, systems that runs proprietary software which depend on out-of-date databases, … They may even have been configured using forgotten conventions (that can be different on different iteration of systems). Using configuration automation tools on these system can seem like an impossible task, but it is not, and the efforts are really worth the benefits. This talk will present feedback from a couple of projects I’ve worked on, describing how to manage these “existing, manual and critical” systems automatically, most specifically the reverse engineering of existing systems (compiling all documents, inventorying systems, devising the rules, auditing deviations), and the steps to managing them automatically.

Technology
1 of 22
Download to read offline
Normation – CC-BY-SA normation.com Including existing systems in configuration management Nicolas CHARLES nch@normation.com @nico_charles
Normation – CC-BY-SA normation.com Issue Most systems are still not automatically managed ● Configuration Management has recently become mainstream ● It's not yet an habit ● A lot of running systems predate configuration management ● Lack of upgrade paths (dependency to dead applications) ● Systems cannot be modified (lost knowledge) ● Systems with stale errors no-one can fix
Normation – CC-BY-SA normation.com Issue Most systems are still not automatically managed ● Configuration Management has recently become mainstream ● It's not yet an habit ● A lot of running systems predate configuration management ● Lack of upgrade paths (dependency to dead applications) ● Systems cannot be modified (lost knowledge) ● Systems with stale errors no-one can fix Why couldn't we benefit from cfgmgmt on these systems?
Normation – CC-BY-SA normation.com Why Rudder? Rudder is very well suited for this use-case ● Support a lot of different OSes and heterogeneous systems ● Audit mode ● Web Interface ● API to add and extract data
Normation – CC-BY-SA normation.com Identifying systems First, identify the systems and their role(s) ● It can be harder than expected ● Some systems may be known only by sub-parts of the team ● Roles may be unknown from most ● Select those in scope for cfgmgmt ● Having an up-to-date CMDB, Wiki, spreadsheet… helps a lot Make a list of these systems ● In a spreadsheet
Normation – CC-BY-SA normation.com Identifying systems
Normation – CC-BY-SA normation.com Inventory systems Make an inventory of all theses systems ● During maintenance windows, install Rudder agent ● Inventory will be sent to Rudder server ● Extract them with the API into the spreadsheet ● Set these nodes in Audit mode in Rudder ● Validate the roles ● Based on installed software and running processes ● Based on naming convention, networks ● Based on previous knowledge (expectation may not match reality)
Normation – CC-BY-SA normation.com Inventory systems
Normation – CC-BY-SA normation.com Group the systems Multidimensional approach for grouping systems ● Per roles ● Nodes with same role ought to have 'identical' config ● Per security level ● Hardening, access rules, authorizations ● Per generation of system installation ● Installation procedures, best practices and know-how evolved over time ● Per OS ● Per system type (physical server, embedded device, ...)
Normation – CC-BY-SA normation.com Group the systems Extract common rules ● Based on documented procedures, available know-how, expectations ● List them in the spreadsheet, with ● Detailed Description ● Groups they should apply to ● Status in Rudder: implemented and compliant
Normation – CC-BY-SA normation.com Group the systems
Normation – CC-BY-SA normation.com Audit the rules Configure the Rules and Directives in Rudder ● Use same names in Spreadsheet and in Rudder ● Rules and Directives in Audit mode ● Get compliance result ● Extract data using the API
Normation – CC-BY-SA normation.com Audit the rules
Normation – CC-BY-SA normation.com Audit the rules
Normation – CC-BY-SA normation.com Non compliance For every non-compliance listed ● Is it expected? ● Should it be remediated? ● Yes, and it's straightforward – switch from Audit mode to Enforce ● May need to split in two Rules: one in Audit mode, one in Enforce, and switch nodes from one Rule to another during each maintenance windows ● Yes, but need to be done manually – correct manually on the node during maintenance windows ● Yes, but risky: assess the expected risk/benefits ● Maybe some exceptions will be implemented
Normation – CC-BY-SA normation.com Validation Validate your rules ● Spawn new systems (at least one per group) ● Check they become fully functional ● Detect rogue “live” parameters (like sysctl modified by hand) ● Ensure repeatability
Normation – CC-BY-SA normation.com Time estimate Rough time estimates ● Identify systems: several hours per team members ● You may need to interview all teams members. ● Hidden benefit: explain to all of them the goal, and boost acceptation of configuration management ● Agents install: 10 minutes to 1 hour per batch ● Deploy repository for each site, remote install, get inventories ● Role validation: minutes to days per role ● Review procedures, check what is on systems ● Logical system grouping: ● Depends on number of roles, exceptions, generations.
Normation – CC-BY-SA normation.com Time estimate Rough time estimates ● Create spreadsheet: 4h to several days ● Depends on your skill, and amount of data to store there ● Rule creation: ● Couple of minutes to hours depending on complexity ● Measure compliance: 5 minutes – hours per rule ● Check what is not compliant, and document it ● Remediation plan: ● Very fast to “rewrite a procedure from scratch” ● Expect surprise ● Discover forgotten systems ● Discover major compliance issues
Normation – CC-BY-SA normation.com Time estimate There will be delays ● Deal with maintenance windows ● Deal with freeze (August in France, December) ● Decisions on non-compliance remediation are not always easy ● Need to involve stakeholders
Normation – CC-BY-SA normation.com What are the benefits? Standard configuration management benefits ● Awarness on the IT ● Improved reliability ● Improved productivity
Normation – CC-BY-SA normation.com What are the benefits? More specific to this case ● Less outages due to stale errors ● Less outages thanks to uniformity ● Improved RTO ● Reduced surface of vulnerability ● A base to evolve your IT
Normation – CC-BY-SA normation.com Questions ? Nicolas CHARLES nch@normation.com @nico_charles

Recommended

Rudder: what's new and what's next? Roadmap, vision and thoughts
Rudder: what's new and what's next? Roadmap, vision and thoughtsRudder: what's new and what's next? Roadmap, vision and thoughts
Rudder: what's new and what's next? Roadmap, vision and thoughts
RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
Nagios
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set
ModSecurity and NGINX: Tuning the OWASP Core Rule SetModSecurity and NGINX: Tuning the OWASP Core Rule Set
ModSecurity and NGINX: Tuning the OWASP Core Rule Set
NGINX, Inc.
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical Experience
Nagios
 
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with NagiosNagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios
 
Nagios
NagiosNagios
Nagios
guest7e7e305
 
Cloud-based Virtualization for Test Automation
Cloud-based Virtualization for Test AutomationCloud-based Virtualization for Test Automation
Cloud-based Virtualization for Test Automation
Vikram G Hosakote
 

Recommended

Rudder: what's new and what's next? Roadmap, vision and thoughts
Rudder: what's new and what's next? Roadmap, vision and thoughtsRudder: what's new and what's next? Roadmap, vision and thoughts
Rudder: what's new and what's next? Roadmap, vision and thoughts
RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
Nagios
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set
ModSecurity and NGINX: Tuning the OWASP Core Rule SetModSecurity and NGINX: Tuning the OWASP Core Rule Set
ModSecurity and NGINX: Tuning the OWASP Core Rule Set
NGINX, Inc.
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical Experience
Nagios
 
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with NagiosNagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
Nagios
 
Nagios
NagiosNagios
Nagios
guest7e7e305
 
Cloud-based Virtualization for Test Automation
Cloud-based Virtualization for Test AutomationCloud-based Virtualization for Test Automation
Cloud-based Virtualization for Test Automation
Vikram G Hosakote
 
Monitor Your Business
Monitor Your BusinessMonitor Your Business
Monitor Your BusinessLars Jankowfsky
 
ChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About TsharkChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud
 
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment OptionsNagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
NGINX, Inc.
 
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with NagiosNagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios
 
Addressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack NeutronAddressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack Neutron
Vikram G Hosakote
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
Jisc
 
Nagios intro
Nagios intro Nagios intro
Nagios intro
Hsi-Kai Wang
 
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios SolutionsNagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios
 
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Zabbix
 
Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2Hell19
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
Swiss IPv6 Council
 
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库maclean liu
 
PostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total SecurityPostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total Security
Robert Bernier
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
Jainul Musani
 
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios CoreNagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios
 
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios
 
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and NagiosNagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
Jainul Musani
 
Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2
ManageEngine, Zoho Corporation
 
Configlets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration ManagerConfiglets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration Manager
ManageEngine, Zoho Corporation
 

More Related Content

What's hot

ChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About TsharkChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud
 
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment OptionsNagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
NGINX, Inc.
 
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with NagiosNagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios
 
Addressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack NeutronAddressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack Neutron
Vikram G Hosakote
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
Jisc
 
Nagios intro
Nagios intro Nagios intro
Nagios intro
Hsi-Kai Wang
 
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios SolutionsNagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios
 
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Zabbix
 
Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2Hell19
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
Swiss IPv6 Council
 
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库maclean liu
 
PostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total SecurityPostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total Security
Robert Bernier
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
Jainul Musani
 
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios CoreNagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios
 
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios
 
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and NagiosNagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
Jainul Musani
 

What's hot (20)

Monitor Your Business
Monitor Your BusinessMonitor Your Business
Monitor Your Business
 
ChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About TsharkChinaNetCloud Online Lecture:Something About Tshark
ChinaNetCloud Online Lecture:Something About Tshark
 
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment OptionsNagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
Nagios Conference 2014 - Mike Weber - Nagios Rapid Deployment Options
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set - EMEA (Updated)
 
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with NagiosNagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
Nagios Conference 2014 - Jim Prins - Passive Monitoring with Nagios
 
Addressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack NeutronAddressing DHCP and DNS scalability issues in OpenStack Neutron
Addressing DHCP and DNS scalability issues in OpenStack Neutron
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
 
Nagios intro
Nagios intro Nagios intro
Nagios intro
 
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios SolutionsNagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
 
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
Nagios Conference 2012 - Scott Wilkerson - Passive Monitoring Solutions For R...
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
 
Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2Presentation iv implementasi 802x eap tls peap mscha pv2
Presentation iv implementasi 802x eap tls peap mscha pv2
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
 
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库
 
PostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total SecurityPostgreSQL: Welcome To Total Security
PostgreSQL: Welcome To Total Security
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
 
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios CoreNagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
Nagios Conference 2014 - Luis Contreras - Monitoring SAP System with Nagios Core
 
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
Nagios Conference 2014 - Tanja Lewit - Nagios and Kentix System Partners - Cr...
 
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and NagiosNagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
Nagios Conference 2013 - Eric Stanley and Andy Brist - API and Nagios
 
Linux16 RPM
Linux16 RPMLinux16 RPM
Linux16 RPM
 

Similar to Automating the manual - feedback on including existing systems in configuration management

Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2
ManageEngine, Zoho Corporation
 
Configlets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration ManagerConfiglets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration Manager
ManageEngine, Zoho Corporation
 
NCM Training - Part 2 - Automation, Notification, Compliance and Reports
NCM Training - Part 2 - Automation, Notification, Compliance and ReportsNCM Training - Part 2 - Automation, Notification, Compliance and Reports
NCM Training - Part 2 - Automation, Notification, Compliance and Reports
ManageEngine, Zoho Corporation
 
Performance tuning Grails applications
Performance tuning Grails applications Performance tuning Grails applications
Performance tuning Grails applications
GR8Conf
 
Itsummit2015 blizzard
Itsummit2015 blizzardItsummit2015 blizzard
Itsummit2015 blizzard
kevin_donovan
 
Compliance Automation: The Complete Journey | Symmetry™
Compliance Automation: The Complete Journey | Symmetry™Compliance Automation: The Complete Journey | Symmetry™
Compliance Automation: The Complete Journey | Symmetry™
Symmetry™
 
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDBMongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
MongoDB
 
05. performance-concepts-26-slides
05. performance-concepts-26-slides05. performance-concepts-26-slides
05. performance-concepts-26-slides
Muhammad Ahad
 
Integration strategies best practices- Mulesoft meetup April 2018
Integration strategies best practices- Mulesoft meetup April 2018Integration strategies best practices- Mulesoft meetup April 2018
Integration strategies best practices- Mulesoft meetup April 2018
Rohan Rasane
 
Performance tuning Grails applications
Performance tuning Grails applicationsPerformance tuning Grails applications
Performance tuning Grails applications
Lari Hotari
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
Ieva Navickaite
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspective
Walid Shaari
 
Monitoring Oracle SOA Suite - UKOUG Tech15 2015
Monitoring Oracle SOA Suite - UKOUG Tech15 2015Monitoring Oracle SOA Suite - UKOUG Tech15 2015
Monitoring Oracle SOA Suite - UKOUG Tech15 2015
C2B2 Consulting
 
Managing Updates with System Center Configuration Manager 2012
Managing Updates with System Center Configuration Manager 2012Managing Updates with System Center Configuration Manager 2012
Managing Updates with System Center Configuration Manager 2012
JasonCondo
 
Fdp embedded systems
Fdp embedded systemsFdp embedded systems
Fdp embedded systems
Kavya G
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks
 
Defects mining in exchanges - medvedev, klimakov, yamkovi
Defects mining in exchanges - medvedev, klimakov, yamkoviDefects mining in exchanges - medvedev, klimakov, yamkovi
Defects mining in exchanges - medvedev, klimakov, yamkovi
DataFest Tbilisi
 
Pulse2012 Trm Battelle Final
Pulse2012 Trm Battelle FinalPulse2012 Trm Battelle Final
Pulse2012 Trm Battelle Final
brockj
 
Architecting for the cloud storage build test
Architecting for the cloud storage build testArchitecting for the cloud storage build test
Architecting for the cloud storage build test
Len Bass
 

Similar to Automating the manual - feedback on including existing systems in configuration management (20)

Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2Free training on Network Configuration Manager - Season 2 - Part 2
Free training on Network Configuration Manager - Season 2 - Part 2
 
Configlets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration ManagerConfiglets, compliance, RBAC & reports - Network Configuration Manager
Configlets, compliance, RBAC & reports - Network Configuration Manager
 
NCM Training - Part 2 - Automation, Notification, Compliance and Reports
NCM Training - Part 2 - Automation, Notification, Compliance and ReportsNCM Training - Part 2 - Automation, Notification, Compliance and Reports
NCM Training - Part 2 - Automation, Notification, Compliance and Reports
 
Performance tuning Grails applications
Performance tuning Grails applications Performance tuning Grails applications
Performance tuning Grails applications
 
The information systems life cycle
The information systems life cycleThe information systems life cycle
The information systems life cycle
 
Itsummit2015 blizzard
Itsummit2015 blizzardItsummit2015 blizzard
Itsummit2015 blizzard
 
Compliance Automation: The Complete Journey | Symmetry™
Compliance Automation: The Complete Journey | Symmetry™Compliance Automation: The Complete Journey | Symmetry™
Compliance Automation: The Complete Journey | Symmetry™
 
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDBMongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
MongoDB Days Silicon Valley: Best Practices for Upgrading to MongoDB
 
05. performance-concepts-26-slides
05. performance-concepts-26-slides05. performance-concepts-26-slides
05. performance-concepts-26-slides
 
Integration strategies best practices- Mulesoft meetup April 2018
Integration strategies best practices- Mulesoft meetup April 2018Integration strategies best practices- Mulesoft meetup April 2018
Integration strategies best practices- Mulesoft meetup April 2018
 
Performance tuning Grails applications
Performance tuning Grails applicationsPerformance tuning Grails applications
Performance tuning Grails applications
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspective
 
Monitoring Oracle SOA Suite - UKOUG Tech15 2015
Monitoring Oracle SOA Suite - UKOUG Tech15 2015Monitoring Oracle SOA Suite - UKOUG Tech15 2015
Monitoring Oracle SOA Suite - UKOUG Tech15 2015
 
Managing Updates with System Center Configuration Manager 2012
Managing Updates with System Center Configuration Manager 2012Managing Updates with System Center Configuration Manager 2012
Managing Updates with System Center Configuration Manager 2012
 
Fdp embedded systems
Fdp embedded systemsFdp embedded systems
Fdp embedded systems
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
 
Defects mining in exchanges - medvedev, klimakov, yamkovi
Defects mining in exchanges - medvedev, klimakov, yamkoviDefects mining in exchanges - medvedev, klimakov, yamkovi
Defects mining in exchanges - medvedev, klimakov, yamkovi
 
Pulse2012 Trm Battelle Final
Pulse2012 Trm Battelle FinalPulse2012 Trm Battelle Final
Pulse2012 Trm Battelle Final
 
Architecting for the cloud storage build test
Architecting for the cloud storage build testArchitecting for the cloud storage build test
Architecting for the cloud storage build test
 

More from RUDDER

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?
RUDDER
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
RUDDER
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
RUDDER
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?
RUDDER
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0
RUDDER
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?
RUDDER
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management tool
RUDDER
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?
RUDDER
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?
RUDDER
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?
RUDDER
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
RUDDER
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
RUDDER
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libres
RUDDER
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50k
RUDDER
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in Rudder
RUDDER
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
RUDDER
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
RUDDER
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
RUDDER
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous audi...
RUDDER - Continuous Configuration (configuration management + continuous audi...RUDDER - Continuous Configuration (configuration management + continuous audi...
RUDDER - Continuous Configuration (configuration management + continuous audi...
RUDDER
 

More from RUDDER (20)

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management tool
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libres
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50k
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in Rudder
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
 
RUDDER - Continuous Configuration (configuration management + continuous audi...
RUDDER - Continuous Configuration (configuration management + continuous audi...RUDDER - Continuous Configuration (configuration management + continuous audi...
RUDDER - Continuous Configuration (configuration management + continuous audi...
 

Recently uploaded

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

Automating the manual - feedback on including existing systems in configuration management

  • 1. Normation – CC-BY-SA normation.com Including existing systems in configuration management Nicolas CHARLES nch@normation.com @nico_charles
  • 2. Normation – CC-BY-SA normation.com Issue Most systems are still not automatically managed ● Configuration Management has recently become mainstream ● It's not yet an habit ● A lot of running systems predate configuration management ● Lack of upgrade paths (dependency to dead applications) ● Systems cannot be modified (lost knowledge) ● Systems with stale errors no-one can fix
  • 3. Normation – CC-BY-SA normation.com Issue Most systems are still not automatically managed ● Configuration Management has recently become mainstream ● It's not yet an habit ● A lot of running systems predate configuration management ● Lack of upgrade paths (dependency to dead applications) ● Systems cannot be modified (lost knowledge) ● Systems with stale errors no-one can fix Why couldn't we benefit from cfgmgmt on these systems?
  • 4. Normation – CC-BY-SA normation.com Why Rudder? Rudder is very well suited for this use-case ● Support a lot of different OSes and heterogeneous systems ● Audit mode ● Web Interface ● API to add and extract data
  • 5. Normation – CC-BY-SA normation.com Identifying systems First, identify the systems and their role(s) ● It can be harder than expected ● Some systems may be known only by sub-parts of the team ● Roles may be unknown from most ● Select those in scope for cfgmgmt ● Having an up-to-date CMDB, Wiki, spreadsheet… helps a lot Make a list of these systems ● In a spreadsheet
  • 7. Normation – CC-BY-SA normation.com Inventory systems Make an inventory of all theses systems ● During maintenance windows, install Rudder agent ● Inventory will be sent to Rudder server ● Extract them with the API into the spreadsheet ● Set these nodes in Audit mode in Rudder ● Validate the roles ● Based on installed software and running processes ● Based on naming convention, networks ● Based on previous knowledge (expectation may not match reality)
  • 9. Normation – CC-BY-SA normation.com Group the systems Multidimensional approach for grouping systems ● Per roles ● Nodes with same role ought to have 'identical' config ● Per security level ● Hardening, access rules, authorizations ● Per generation of system installation ● Installation procedures, best practices and know-how evolved over time ● Per OS ● Per system type (physical server, embedded device, ...)
  • 10. Normation – CC-BY-SA normation.com Group the systems Extract common rules ● Based on documented procedures, available know-how, expectations ● List them in the spreadsheet, with ● Detailed Description ● Groups they should apply to ● Status in Rudder: implemented and compliant
  • 12. Normation – CC-BY-SA normation.com Audit the rules Configure the Rules and Directives in Rudder ● Use same names in Spreadsheet and in Rudder ● Rules and Directives in Audit mode ● Get compliance result ● Extract data using the API
  • 15. Normation – CC-BY-SA normation.com Non compliance For every non-compliance listed ● Is it expected? ● Should it be remediated? ● Yes, and it's straightforward – switch from Audit mode to Enforce ● May need to split in two Rules: one in Audit mode, one in Enforce, and switch nodes from one Rule to another during each maintenance windows ● Yes, but need to be done manually – correct manually on the node during maintenance windows ● Yes, but risky: assess the expected risk/benefits ● Maybe some exceptions will be implemented
  • 16. Normation – CC-BY-SA normation.com Validation Validate your rules ● Spawn new systems (at least one per group) ● Check they become fully functional ● Detect rogue “live” parameters (like sysctl modified by hand) ● Ensure repeatability
  • 17. Normation – CC-BY-SA normation.com Time estimate Rough time estimates ● Identify systems: several hours per team members ● You may need to interview all teams members. ● Hidden benefit: explain to all of them the goal, and boost acceptation of configuration management ● Agents install: 10 minutes to 1 hour per batch ● Deploy repository for each site, remote install, get inventories ● Role validation: minutes to days per role ● Review procedures, check what is on systems ● Logical system grouping: ● Depends on number of roles, exceptions, generations.
  • 18. Normation – CC-BY-SA normation.com Time estimate Rough time estimates ● Create spreadsheet: 4h to several days ● Depends on your skill, and amount of data to store there ● Rule creation: ● Couple of minutes to hours depending on complexity ● Measure compliance: 5 minutes – hours per rule ● Check what is not compliant, and document it ● Remediation plan: ● Very fast to “rewrite a procedure from scratch” ● Expect surprise ● Discover forgotten systems ● Discover major compliance issues
  • 19. Normation – CC-BY-SA normation.com Time estimate There will be delays ● Deal with maintenance windows ● Deal with freeze (August in France, December) ● Decisions on non-compliance remediation are not always easy ● Need to involve stakeholders
  • 20. Normation – CC-BY-SA normation.com What are the benefits? Standard configuration management benefits ● Awarness on the IT ● Improved reliability ● Improved productivity
  • 21. Normation – CC-BY-SA normation.com What are the benefits? More specific to this case ● Less outages due to stale errors ● Less outages thanks to uniformity ● Improved RTO ● Reduced surface of vulnerability ● A base to evolve your IT
  • 22. Normation – CC-BY-SA normation.com Questions ? Nicolas CHARLES nch@normation.com @nico_charles