This document discusses new capabilities in CFEngine 3, an advanced configuration management system. Key points include:
- CFEngine 3 is declarative, ensures desired state is reached through convergence, is lightweight using 3-6MB of memory, and can run continuously to check configurations every 5 minutes.
- It supports both new platforms like ARM boards and older systems like Solaris.
- Recent additions allow managing resources like SQL databases, XML files, and virtual machines in a code-free manner using the Design Center.
- CFEngine treats all resources like files, processes, and VMs as maintainable and ensures they self-correct through convergence to the desired state.
Hypervisor "versus" Linux Containers!
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere.
Less hardware, less pain and more scalability in production, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. "Do more with less " and this is all that matters!
Automation of server and applications deployments never had been so easy and fast that ever. Also brings produtivity to a new level, in the DataCenters and Cloud Environments.
Francisco Gonçalves (Dec2013
( francis.goncalves@gmail.com )
As Docker containers become the new standard, learn about what's catapulting them to the head of the pack and how to best protect their assets now and later with the help of Unitrends.
The container revolution, and what it means to operators open stack southba...Robert Starmer
Containers, Docker, Kubernetes, LXC, Rkt... So many new technologies, not to mention Rancher, CoreOS, etc. But where does that leave Operators looking to enable infrastructure? How about Containers and OpenStack together. Let's explore the space as we review this technology.
Hypervisor "versus" Linux Containers!
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere.
Less hardware, less pain and more scalability in production, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. "Do more with less " and this is all that matters!
Automation of server and applications deployments never had been so easy and fast that ever. Also brings produtivity to a new level, in the DataCenters and Cloud Environments.
Francisco Gonçalves (Dec2013
( francis.goncalves@gmail.com )
As Docker containers become the new standard, learn about what's catapulting them to the head of the pack and how to best protect their assets now and later with the help of Unitrends.
The container revolution, and what it means to operators open stack southba...Robert Starmer
Containers, Docker, Kubernetes, LXC, Rkt... So many new technologies, not to mention Rancher, CoreOS, etc. But where does that leave Operators looking to enable infrastructure? How about Containers and OpenStack together. Let's explore the space as we review this technology.
Currently, most businesses are already using or plan to use different forms of cloud services. This creates a demand in ability to move complex workloads between the clouds with high uptime and zero data loss. One of the ways to gain this and keep the applications running is to use containers live migration between different physical servers or even data centers. Usually you have to repack and rebuild containers with your workloads every time you are moving an application from one cloud or data center to another. The challenge, that needs overcoming here, is to make this migration maximally smooth and highly automated. Find out how some of the main DevOps issues can be solved leveraging the live migration option and what bottlenecks can be faced.
Presentation about Docker:
2016 Trends:
* Microservices: load balancing and orchestration
* Cloud
* Continuos integration
* Environment-less deployment
What are containers?
Why Docker?
Docker project
Docker. Inc
Docker VS VM
Docker basics
Some statistics about Docker and some Docker use case insights
Docker compose configuration file:
http://www.mediafire.com/download/lfmfzrkgn9wzegm/docker-compose.yml
Présentation link:
https://docs.google.com/presentation/d/1x11EgUqBVLAl70p53rZ-nJoLlL6FoZd2KbvTRxyVp1g/pub?start=false&loop=false&delayms=3000
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
Demystifying Containerization Principles for Data Scientists - An introductory tutorial on how Dockers can be used as a development environment for data science projects
Robert Starmer's talk recording- https://codefresh.io/blog/containers-101-containers-openstack/
His slides from our meetup on August 17th, where he gave an overview of container technology and how it relates to OpenStack.
Containers #101 Meetup: Containers and OpenStackCodefresh
Recording posted here: https://codefresh.io/blog/containers-101-containers-openstack/
Slides from Robert Starmer's talk where he gave an overview of container technology and how it relates to OpenStack.
The Rise of the Container: The Dev/Ops Technology That Accelerates Ops/DevRobert Starmer
Understand the container environment, developer interest, and the basis of the container landscape, and learn how OpenStack can enable this new technology component, or leverage it!
Rackspace::Solve SFO - Solve(Scale) Featuring Docker CEO Ben GolubRackspace
NOTE: Accompanying video is available for viewing at http://bit.ly/1k56U46
What does intermodal shipping have to do with managing your app’s components in different environments? Speed and portability. Docker CEO Ben Golub spoke at Rackspace::Solve in San Francisco to discuss how the right infrastructure can mean success and peace of mind.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2aLgjxD.
John Willis takes a brief look at the history of how Devops principles and operating systems have converged. He spends most of the time forward looking at what and how unikernels will converge with Devops tools, processes and culture. He ends with a demo of how containers, unikernels and Devops ideas can work together in the future. Filmed at qconnewyork.com.
John Willis is Director of Ecosystem Development for Docker, which he joined after the company he co-founded, SocketPlane, was acquired by Docker. Previous to founding SocketPlane, he was the Chief DevOps Evangelist at Dell. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. He is the author of 7 IBM Redbooks and is co-author of the “Devops Handbook”.
Discussing the difference between docker dontainers and virtual machinesSteven Grzbielok
This presentation is designed to give an overview about differences of both virtualization methods to provide the reader with the fundamental knowledge to decide in each use case which technology is more suitable.
Currently, most businesses are already using or plan to use different forms of cloud services. This creates a demand in ability to move complex workloads between the clouds with high uptime and zero data loss. One of the ways to gain this and keep the applications running is to use containers live migration between different physical servers or even data centers. Usually you have to repack and rebuild containers with your workloads every time you are moving an application from one cloud or data center to another. The challenge, that needs overcoming here, is to make this migration maximally smooth and highly automated. Find out how some of the main DevOps issues can be solved leveraging the live migration option and what bottlenecks can be faced.
Presentation about Docker:
2016 Trends:
* Microservices: load balancing and orchestration
* Cloud
* Continuos integration
* Environment-less deployment
What are containers?
Why Docker?
Docker project
Docker. Inc
Docker VS VM
Docker basics
Some statistics about Docker and some Docker use case insights
Docker compose configuration file:
http://www.mediafire.com/download/lfmfzrkgn9wzegm/docker-compose.yml
Présentation link:
https://docs.google.com/presentation/d/1x11EgUqBVLAl70p53rZ-nJoLlL6FoZd2KbvTRxyVp1g/pub?start=false&loop=false&delayms=3000
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
Demystifying Containerization Principles for Data Scientists - An introductory tutorial on how Dockers can be used as a development environment for data science projects
Robert Starmer's talk recording- https://codefresh.io/blog/containers-101-containers-openstack/
His slides from our meetup on August 17th, where he gave an overview of container technology and how it relates to OpenStack.
Containers #101 Meetup: Containers and OpenStackCodefresh
Recording posted here: https://codefresh.io/blog/containers-101-containers-openstack/
Slides from Robert Starmer's talk where he gave an overview of container technology and how it relates to OpenStack.
The Rise of the Container: The Dev/Ops Technology That Accelerates Ops/DevRobert Starmer
Understand the container environment, developer interest, and the basis of the container landscape, and learn how OpenStack can enable this new technology component, or leverage it!
Rackspace::Solve SFO - Solve(Scale) Featuring Docker CEO Ben GolubRackspace
NOTE: Accompanying video is available for viewing at http://bit.ly/1k56U46
What does intermodal shipping have to do with managing your app’s components in different environments? Speed and portability. Docker CEO Ben Golub spoke at Rackspace::Solve in San Francisco to discuss how the right infrastructure can mean success and peace of mind.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2aLgjxD.
John Willis takes a brief look at the history of how Devops principles and operating systems have converged. He spends most of the time forward looking at what and how unikernels will converge with Devops tools, processes and culture. He ends with a demo of how containers, unikernels and Devops ideas can work together in the future. Filmed at qconnewyork.com.
John Willis is Director of Ecosystem Development for Docker, which he joined after the company he co-founded, SocketPlane, was acquired by Docker. Previous to founding SocketPlane, he was the Chief DevOps Evangelist at Dell. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. He is the author of 7 IBM Redbooks and is co-author of the “Devops Handbook”.
Discussing the difference between docker dontainers and virtual machinesSteven Grzbielok
This presentation is designed to give an overview about differences of both virtualization methods to provide the reader with the fundamental knowledge to decide in each use case which technology is more suitable.
DNUG46 - Build your own private Cloud environmentpanagenda
Visit Nicos presentation to learn how you can build your own private on-premises cloud. The aim of this session is to give you an overview of how to build a private cloud environment, taking into account necessary requirements based on Kubernetes.
Nico will talk to you about cluster provisioning itself and the Toolchain you need to run your environment successfully. In the foreground are topics like infrastructure as code, CI/CD, storage, monitoring, high availability and security. Gain the knowledge and best practices you need to build your own private cloud environment.
Follow Nico on: https://pan.news/NicoMeisenzahlSlideShare
Besuchen Sie Nicos Vortrag um zu erfahren wie Sie Ihre eigene Private Cloud on-premises aufbauen können. Ziel dieser Session ist es, dass Sie einen Überblick erhalten, wie man eine Private Cloud Umgebung auf Basis von Kubernetes, unter Berücksichtigung notwendiger Anforderungen, aufbaut.
Nico wird mit Ihnen über das Cluster Provisioning selbst sowie die benötigte Toolchain sprechen, die Sie benötigen um die eigene Umgebung erfolgreich zu betreiben. Im Vordergrund stehen dabei Themen wie Infrastructure as Code, CI/CD, Storage, Monitoring, Hochverfügbarkeit und Sicherheit. Erhalten Sie das notwendige Wissen sowie Best Practices, die Ihnen beim Aufbau Ihrer eigenen Private Cloud-Umgebung helfen.
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...Yandex
Lightweight virtualization", also called "OS-level virtualization", is not new. On Linux it evolved from VServer to OpenVZ, and, more recently, to Linux Containers (LXC). It is not Linux-specific; on FreeBSD it's called "Jails", while on Solaris it’s "Zones". Some of those have been available for a decade and are widely used to provide VPS (Virtual Private Servers), cheaper alternatives to virtual machines or physical servers. But containers have other purposes and are increasingly popular as the core components of public and private Platform-as-a-Service (PAAS), among others.
Just like a virtual machine, a Linux Container can run (almost) anywhere. But containers have many advantages over VMs: they are lightweight and easier to manage. After operating a large-scale PAAS for a few years, dotCloud realized that with those advantages, containers could become the perfect format for software delivery, since that is how dotCloud delivers from their build system to their hosts. To make it happen everywhere, dotCloud open-sourced Docker, the next generation of the containers engine powering its PAAS. Docker has been extremely successful so far, being adopted by many projects in various fields: PAAS, of course, but also continuous integration, testing, and more.
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)Kevin Lynch
In this presentation I talk about our motivation to converting our microservices to run on Kubernetes. I discuss many of the technical challenges we encountered along the way, including networking issues, Java issues, monitoring and alerting, and managing all of our resources!
OSDC 2018 | Three years running containers with Kubernetes in Production by T...NETWAYS
The talk gives a state of the art update of experiences with deploying applications in Kubernetes on scale. If in clouds or on premises, Kubernetes took over the leading role as a container operating system. The central paradigm of stateless containers connected to storage and services is the core of Kubernetes. However, it can be extended to distributed databases, Machine Learning, Windows VMs in Kubernetes. All these applications have been considered as edge cases a few years ago, however, are going more and more mainstream today.
A tale of Disaster Recovery (Cfengine everyday, practices and tools)RUDDER
After a brief presentation of configuration management (CM) basics, we start with an ill-fated tale from the recent past about disaster recovery (also known as a case study, if you must): how our CM saved us, how it didn't, and what could have been done better. This could lead to a discussion about best practices.
We use Cfengine 3, and will introduce the software, overview the main differences with other open source CM tools before explaining why we like this choice. But Cfengine is not all: what enables us to manage our configuration completely are the practices and tools we've built around it.
Historically, sharing a Linux server entailed all kinds of untenable compromises. In addition to the security concerns, there was simply no good way to keep one application from hogging resources and messing with the others. The classic “noisy neighbor” problem made shared systems the bargain-basement slums of the Internet, suitable only for small or throwaway projects.
Serious use-cases traditionally demanded dedicated systems. Over the past decade virtualization (in conjunction with Moore’s law) has democratized the availability of what amount to dedicated systems, and the result is hundreds of thousands of websites and applications deployed into VPS or cloud instances. It’s a step in the right direction, but still has glaring flaws.
Most of these websites are just piles of code sitting on a server somewhere. How did that code got there? How can it can be scaled? Secured? Maintained? It’s anybody’s guess. There simply isn’t enough SysAdmin talent in the world to meet the demands of managing all these apps with anything close to best practices without a better model.
Containers are a whole new ballgame. Unlike VMs, you skip the overhead of running an entire OS for every application environment. There’s also no need to provision a whole new machine to have a place to deploy, meaning you can spin up or scale your application with orders of magnitude more speed and accuracy.
The CFEngine Roadshow @ITGilde.
Live and interactive demonstration of the configuration and deployment of Webservices like Jenkins and Hudson on real VM's.
The attendees will deploy their own Webservices on their prepared VM's.
Kuyper Hoffmann's presentation from the #lspe "Private Clouds" event: http://www.meetup.com/SF-Bay-Area-Large-Scale-Production-Engineering/events/48901162/
Vladimir Vuksan's presentation on Ganglia at the "Not Nagios" episode of The Bay Area Large-Scale Production Engineering meetup: http://www.meetup.com/SF-Bay-Area-Large-Scale-Production-Engineering/events/15481164/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
cfengine3 at #lspe
1. 1
Cutting Edge Configuration Management
What's new in the world of CFEngine 3?
Mark Burgess
13th September 2012
2. An advanced configuration system
2 ● Declarative language
– Desired state
● Advanced convergence
– Keep trying until succeed
● Resource light
– 3-6 MB, negligeable memory/CPU
● Run often and continuously
– 5 minute default
● Pull based, 5000 clients per server
4. New and old platforms ...
4 ● New platforms (embedded)
– ARM boards
– Raspberry Pi (3MB)
– Android (Samsung Nexus) 4MB
● Old platforms
– Zlinux
– HPUX
– AIX
– Solaris 11
5. The primary challenges
● Scale
– Obsession with building new things ...
● Complexity
– Oversimplifying to cope ...
● Uncertainty
– Not really measuring actual state
6. Three personal challenges
6 ● Challenge the state of the art in IT infrastructure
management.
● Engineer for an era of ubiquitous, self-healing,
knowledge-based environments with agile and
continuous productivity.
● Re-humanize IT infrastructure, through the
design autonomous technology so organizations
can cope with growing scale and complexity, find
the right roles for humans and machines, and
engage engineers in the big picture, to enjoy
certainty and predictability in their operations,
while saving time and cost.
7. CFEngine components
● Cf-agent
– Change engine
● Cf-serverd
– Serve files and remote execution, peering
● Cf-monitord
– Collect and monitor local resource data
● Cf-report
– Command line tool for reports
● Cf-execd
– Self organizing scheduler, beats cron
● Cf-runagent
– Can be used for safe remote execution
8. Recent convergent capabilities
● Older stuff ● Newer stuff
– Exploit patterns – SQL db management
– File management – XML text editing
– Process management – Manage Vms
– Service management – Private namespaces
– Tripwire security – Code-free configuration
with Design Center
– Model based monitoring
– Self-analysing knowledge
– Dry-run modes
9. Treat everything as a maintainable
resource
● Everything self-corrects, for mission critical
● Virtual machines
● Processes
● Files, etc
● Hands-free automation
http://cfengine.com/demos/cfengine-vmware
10. Examples 101
● Template expansion (unit_edit_template.cf)
● Set a variable (unit_setvar.cf)
● Manage a process
● etc
11. What does service mgt look like?
body common control
{
bundlesequence => { "test" };
Inputs => { “cfengine_stdlib.cf” };
}
#
bundle agent test
{
vars:
"mail" slist => { "spamassassin", "postfix" };
services:
"www";
"$(mail)";
}
15. Output
host$ ~/LapTop/cfengine/core/src/cf-agent -f ./unit_orchestrate_dominoes2.cf
-K
R: Singing the overture...
R: Singing the first adagio...
R: Singing second allegro...
R: Trumpets for the finale
R: The visitors book of the Dominoes method
R: Knocked over host1 and did: overture
R: Knocked over host2 and did: first_movement
R: Knocked over host3 and did: second_movement
R: Knocked over host4 and did: final_movement
16. APIs to CFEngine
● The promise language
– For making self-healing changes
● The command line
– Cf-report for accessing information
– Cf-agent- for making stuff happen
– Cf-runagent for safe remote control
● REST API for data
● Web portal
20. Massive scale
● Largest CFEngine site we know: 200,000 hosts
● Scaling depends on frequency
– Simple star network
– 5 minute checks on policy / data aggregation
– 5000 host per hub
● Multiple hubs
– Constellation network
21. Infrastructure as a service
● Build your own cloud
– guest_environments
● Kvm
● Xen
● Vmware ESX
● Borrow someone else's
– EC2
– VMWare
– Openstack
● It must self-heal
22. Design Center
● Like Chef's cookbooks for CFEngine
● Repository on GitHub
– Examples
– Data driven methods
● Tools for composing policy from building blocks,
without need to code