Cfengine reborn

•

2 likes•1,013 views

In a talk at Paris in 2009, Mark Burgess presents Cfengine 3, the new version of the famous configuration management software, and the fundamental theory on which it is based, the promise theory.

Technology Health & Medicine

Cfengine Reborn – Keeping Promises

SELF-HEALING DATACENTER SOLUTION

Some users of Cfengine

SELF-HEALING DATACENTER SOLUTION

The future is not certain

• We encourage it but we
do not decide it
• It is about simple
patterns that are
robust
• There are no
guarantees, but we
can try to keep
promises

SELF-HEALING DATACENTER SOLUTION

Configuration Management

SELF-HEALING DATACENTER SOLUTION

Promise Technology
 Based on Promise Theory research
 Puts goals not recipes in focus
– Goals are invariants, recipes depend on
circumstances
– Simple connection to “Service Level
Agreements”
– Easy to measure compliance
 A promise is a documentation item
– Knowledge integration

SELF-HEALING DATACENTER SOLUTION

Cfengine aspects

SELF-HEALING DATACENTER SOLUTION

Convergence = self-healing
 Promises focus on the end state (desired state)
not on fragile procedures and baselines
 We automate repair using Cfengine's published
convergence principle

SELF-HEALING DATACENTER SOLUTION

Pull not push – scale and security
 Every node is responsible for its own state

– Allows flat scalability (no bottlenecks)
– Allows detailed adaptation to local environment (each host
knows its own environment best)
 Hosts subscribe to external resources they need
– Software Package manager integration
– Policy updates from orchestrator when available
 Push attacks a system, pull grants autonomy to all parts of the
network and it fault tolerant of network outage (for wireless,
pervasive, field operations etc)

SELF-HEALING DATACENTER SOLUTION

Agile, elastic scaling

?

SELF-HEALING DATACENTER SOLUTION

Knowledge Management

SELF-HEALING DATACENTER SOLUTION

Reporting – Knowledge Management

SELF-HEALING DATACENTER SOLUTION

Unique self-building documentation

SELF-HEALING DATACENTER SOLUTION

Cfengine Nova Extras

• Now
– One touch bootstrap
– Self-knowledge / analysis document integration
– Ultra lightweight monitoring integrated
– Native cross-platform support includes Windows
– Enhanced security (FIPS)
– Directory service integration with fault tolerance
– Virtualization and elastic scaling support
• 3-6 months
– Cfengine 2 to Nova conversion
– GUI “helm” single point of contact and change

SELF-HEALING DATACENTER SOLUTION

The Company and Partners

Cfengine AS
Oslo
Norway

Cfengine Inc
Tampa
USA

Tel: +47 22 95 85 00
Fax: +47 22 60 44 27

Mail: Contact@cfengine.com

SELF-HEALING DATACENTER SOLUTION

Best practices to dedupe and prioritize IT alerts using our rich integrations with popular monitoring tools including Datadog, SolarWinds, AWS CloudWatch, and Nagios. Bidirectional connectivity with ticketing systems including Jira and ServiceNow. New ChatOps capabilities, in which you can acknowledge and respond to alerts using collaboration tools such as Slack, HipChat, and Microsoft Teams. New Mass Notifications Functionality and the ability to spawn instant video conferencing and teleconferencing sessions to aid in collaboration.

5 Tips To Getting Your Network Ready For Digital Transformation

Martello Technologies

Resistance change final_11_march.pptxKinetik Solutions Ltd

Resistance change kinetik

Kinetik Solutions Ltd

Business Continuity: How to Eliminate Downtime

Namtek Consulting Services

DevOps drivein - Mind the Gap

Serena Software

Mind the Gap: How to bridge the gap between development and operations with release management The release management process remains challenging for large IT organizations due to the continuing disconnect between development, QA, and operations teams. The challenge faced by these large enterprises is that process maturity, methodology, and platforms vary greatly across teams, organizations and business units. These challenges often produce gaps between development and operations teams. Release management is still being done, but with very inconsistent results and at a high cost, providing minimal insight and a lack of audit compliance. Join us as Julian Fish, Director of Products at Serena Software, demonstrates how the unique integration framework and process capabilities of Serena Release Control can deliver a consistent and repeatable process that provides complete traceability, audit and compliance across Waterfall, Progressive and Agile processes, for both ITIL and DevOps approaches, and supporting Mainframe to mobile platforms.

Decision Lens Overview

DL Buzz

NEMEA Compliance center

NEMEA Security Services

NEMEA Compliance Center - the most powerful survey creation, management, and reporting solution available. It intuitively collects responses, writes, and produces standardized regulatory compliance reports. In fact, it even supports the use of many different standards at once. Our compliance software has a fully featured user-interface that lets you rapidly compare the laws and regulations that govern your industry and business.

Efficient Performance Test Automation - Opitmizing the Jenkins Pipeline

Jules Pierre-Louis

Shift-left testing represents a huge opportunity within the context of DevOps and Continuous Delivery, and integrating performance tests into your Continuous Integration scope greatly reduces performance risks when adding a new feature, or fixing a bug. Even better – adding performance tests into the widely used Jenkins Pipeline is easier than you might think. In this webinar, co-presented by CA BlazeMeter and CloudBees, we’ll offer practical tips and best practices for leveraging performance test automation in a continuous integration environment. In this webinar we’ll cover: - How to easily implement a project’s entire build/test/deploy pipeline in Jenkins and store that alongside existing code - How to configure and execute realistic, large-scale performance-testing scenarios as part of the Continuous Integration process - Enabling easy test configuration maintenance using the open source test automation tool Taurus along with Jenkins Pipeline - Analyzing comprehensive performance test results in real-time, and integrating those results as a part of the build promotion criteria Extend the impact of performance testing across the software delivery pipeline and the popular tools your teams are already using.

Secure Delivery Center, Eclipse Open Source

Genuitec, LLC

Patch and Vulnerability Management

Marcelo Martins

JUC Europe 2015: Making Strides towards Enterprise-Scale DevOps...with Jenkin...

CloudBees

By Ilkka Turunen, Sonatype Moving to DevOps in large complex enterprise-IT environments is an incremental process. One that requires culture, process and technology. Technology like Jenkins, Nexus, Puppet, Docker and more. In this session, you’ll hear about first-hand experiences building successful enterprise-scale DevOps practices and specifically look at the role of Jenkins working with other key technologies in the continuous tool chain. Learn about additional practices to support the goal of driving down cycle times. And no DevOps practice is complete without accounting for compliance and security requirements Jenkins can play a key role there too. Learn more.

DevOps - The Key to Rapid Productization (Introduction to the 5C's of DevOps)

Cygnet Infotech

OCSL - VMware, vSphere Webinar May 2013

OCSL

Webinar - Devops platform for the evolving enterprise

DBmaestro - Database DevOps

Developing and delivering applications in a repeatable way, with the expected quality is a great challenge these days. In order to maximize business value at-the-speed-of-business, initiatives are being driven both by the development or delivery teams and by operations. They each have their own focus and specifics, but in essence they are both centered around: Collaboration and integration, automation, standardization and governance.

(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014

Amazon Web Services

More organizations are embracing DevOps to realize compelling business benefits, such as more frequent feature releases, increased application stability, and more productive resource utilization. However, security and compliance monitoring tools have not kept up. In fact, they often represent the largest single remaining barrier to continuous delivery. Learn how to integrate security controls in your DevOps program from experts at Alert Logic and George Miranda, engineer and evangelist at Chef. Sponsored by Alert Logic.

Radar: Integrate to Innovate: Continuous Delivery

Michael Medin

Challenges and Best Practices of Database Continuous Delivery

DBmaestro - Database DevOps

ארגונים ברחבי העולם מגבירים את השימוש בתהליכי DevOps לטובת שיפור היתרון התחרותי שלהם, הורדת סיכונים והפחתת עלויות פיתוח. כיום ניתן ליישם את ההצלחה של ה-DevOps בעולם מסדי הנתונים, על ידי ביצוע אוטומציה של תהליכי הפיתוח והעברה בין סביבות, אכיפת מנגנוני אבטחה, והפחתת הסיכונים הכרוכים בתהליך.

Real world security webinar (v2012-05-30)nCircle - a Tripwire Company

Intro To Continuous Delivery

Bhanu Musunooru

Continuous delivery

Masas Dani

What's hot

mProtect

Marathon Consulting

Modern incident management

OpsGenie

5 Tips To Getting Your Network Ready For Digital Transformation

Martello Technologies

Resistance change final_11_march.pptxKinetik Solutions Ltd

Resistance change kinetik

Kinetik Solutions Ltd

Business Continuity: How to Eliminate Downtime

Namtek Consulting Services

What's hot (6)

mProtect

Modern incident management

5 Tips To Getting Your Network Ready For Digital Transformation

Resistance change final_11_march.pptx

Resistance change kinetik

Business Continuity: How to Eliminate Downtime

Similar to Cfengine reborn

DevOps drivein - Mind the Gap

Serena Software

Decision Lens Overview

DL Buzz

NEMEA Compliance center

NEMEA Security Services

Efficient Performance Test Automation - Opitmizing the Jenkins Pipeline

Jules Pierre-Louis

Secure Delivery Center, Eclipse Open Source

Genuitec, LLC

Patch and Vulnerability Management

Marcelo Martins

JUC Europe 2015: Making Strides towards Enterprise-Scale DevOps...with Jenkin...

CloudBees

DevOps - The Key to Rapid Productization (Introduction to the 5C's of DevOps)

Cygnet Infotech

OCSL - VMware, vSphere Webinar May 2013

OCSL

Webinar - Devops platform for the evolving enterprise

DBmaestro - Database DevOps

(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014

Amazon Web Services

Radar: Integrate to Innovate: Continuous Delivery

Michael Medin

Challenges and Best Practices of Database Continuous Delivery

DBmaestro - Database DevOps

Real world security webinar (v2012-05-30)nCircle - a Tripwire Company

Intro To Continuous Delivery

Bhanu Musunooru

Continuous delivery

Masas Dani

Interactive Intelligence Sales BriefInova Solutions

XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...

XebiaLabs

RAMS 2013 Calculating roi when implementing a dfr program by mike silverman

Accendo Reliability

Presentation given at RAMS 2013 Three-phase inverters are physically large, complex and expensive elements of major solar power generation systems. The inverter converts DC power created by the photovoltaic (PV) panels to AC power suitable for adding to the power grid. The inverters’ reliability testing is a complex task and relies on reliability block diagrams (RBD), vendor and field data, plus selecting accelerated life tests (ALT) based on critical elements of the product. This paper illustrates a case study that developed an RBD, used field and vendor data, and includes the design and use of two ALTs. The result is a working framework or model that provides a reasonable estimate of the expected lifetime performance of the inverter. While any project similar to this, is always a work in progress, the examination of the decisions and inputs for the model proves valuable for the continued improvement of the model and resulting life predictions. This project provides an excellent real life example of reliability estimation having a multitude of constraints including: sample size, test duration, and field data, thus having to rely on all sources of available data starting from field and vendor data to theoretical component reliability calculations, ALT plan execution, failure analysis, and finally summarizing the results using RBD to estimate product expected lifetime. At the time of writing this paper, based on completion of system level ALT, an availability of 99.97% is valid over a 10 year period according to southern Ontario weather as the main installation base. This will be revisited once subsystem ALT is completed.

Devoxx BE 2015 - Swimming upstream in the container revolution

Bert Jan Schrijver

Similar to Cfengine reborn (20)

DevOps drivein - Mind the Gap

Decision Lens Overview

NEMEA Compliance center

Efficient Performance Test Automation - Opitmizing the Jenkins Pipeline

Secure Delivery Center, Eclipse Open Source

Patch and Vulnerability Management

JUC Europe 2015: Making Strides towards Enterprise-Scale DevOps...with Jenkin...

DevOps - The Key to Rapid Productization (Introduction to the 5C's of DevOps)

OCSL - VMware, vSphere Webinar May 2013

Webinar - Devops platform for the evolving enterprise

(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014

Radar: Integrate to Innovate: Continuous Delivery

Challenges and Best Practices of Database Continuous Delivery

Real world security webinar (v2012-05-30)

Intro To Continuous Delivery

Continuous delivery

Interactive Intelligence Sales Brief

XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...

RAMS 2013 Calculating roi when implementing a dfr program by mike silverman

Devoxx BE 2015 - Swimming upstream in the container revolution

More from RUDDER

What if configuration management didn't need to be lvl60 in dev?

RUDDER

Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit. Server infrastructure automation is not simple. Several solutions have existed for several years and most of them rely on infra-as-code to achieve their mission. By the way, why infra-as-code? And unfortunately, these solutions require strong development skills. So how can we do this when the infrastructure team does not have sufficient and, above all, homogeneous expertise? Because otherwise, beware of the "Guru Team" effect, or how the infrastructure automation to save time ends up with a huge SPOF because only one person in the team knows how it works.... I would like to discuss this together and introduce you to RUDDER briefly. RUDDER is a configuration management solution, and therefore infra-as-code, that allows you to automate your systems by relying entirely on a graphical interface to manage your configurations. Because the infrastructure is complex enough to add a layer!

Servers compliance: audit, remediation, proof

RUDDER

Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit Paris 2019). Security is everyone's business, an exploited breach is enough. Teams are aware of this and yet it is still as difficult as ever to be able to ensure, be confident, and reassure others (prove) that at least one party is under control. And when it comes to server infrastructure, especially at the OS / middleware level, everything gets complicated. Even with an operational security team, it is difficult to ensure that the Information System Security Policy and security recommendations are properly implemented on all servers. How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they remain perfectly compliant after a few days / weeks / months? Let's discover together RUDDER, an open-source solution for continuous compliance based on configuration management to automatically audit and/or correct our systems.

OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?

RUDDER

On parle d’observabilité des services lorsque ceux-ci exposent des états et métriques internes pour améliorer la disponibilité globale. Qu’en est-il de l’observabilité des infrastructures sur lesquelles ils sont déployés, configurés et maintenus ? Les différents logs (centralisés, agrégés) permettent un bon début d’analyse mais il faut aussi observer les systèmes au fil de l’eau pour tracer chaque changement et les corréler avec le monitoring. Aujourd’hui, ces étapes de configuration IT devraient être prises en charge par les outils de gestion de configuration, qui deviennent la passerelle vers l’observabilité des opérations. Nous montrerons l'intérêt de cette approche pour la gestion IT moderne avec un retour d’expérience sur les challenges de leur mise en place dans Rudder, notre solution libre d’audit et de gestion de configuration en continu.

OW2Con - Configurations, do you prove yours?

RUDDER

How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...? We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context. This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.

The new plugin ecosystem in RUDDER 5.0

RUDDER

The latest major version of the solution has brought a major new feature to the Rudder solution: a plugin ecosystem. The Rudder software architect will present the reasons for this new feature, how it works, and what are the different plugins available. Benoit Peccatte, CfgMgmtCamp 2019. Benoit Peccatte started out as a developer for air traffic control systems but quickly became more interested in writing code generators to automate his job. After meeting some smart sysadmins on the beach, he switched jobs and has been automating servers for the past decade. He stumbled across open source in engineering school, and quickly became convinced that free software is the only way to keep software maintainable whatever happens in the future. Benoit is now trying to automate his job on Rudder, developing features in Rudder to continuously configure and audit more and more servers.

What uses for observing operations of Configuration Management?

RUDDER

Nicolas Charles, CfgMgmtCamp 2019. More and more services expose their state, internal details and metrics to be observable, and improve overall quality of service. But what about observing the infrastructure they are deployed, configured and maintained on? What can we learn from that, and what do we need from configuration management to get these features and metrics? Logs from installation is a good start, but they need centralization, aggregation and especially knowledge derivation from these - but also we need to observe these features over time, to trace changes, and correlate them with monitoring. Rudder was built around the predicate that all actions of the configuration agent need to be traced, centralized and exposed in a meaningful way - with agents ensuring the continuous configuration of systems, and this talk will show the rationale behind this predicate, how we implemented this solution, and the benefits of this approach for the modern IT world.

UX challenges of a UI-centric config management tool

RUDDER

Raphaël Gauthier, CfgMgmtCamp 2019. One of Rudder’s main focuses is its comprehensive graphical user interface, which allows users to view and manage its configurations without writing a line of code. The user experience and interface considerations for a tool as technical and complex, and with such potential to break things as a configuration management tool are certainly a challenge, and in some ways in unchartered territory. Rudder’s frontend developer will present an analysis of the situation, the issues encountered and the approach adopted for the improvement of UX and UI planned for 2019.

What happened in RUDDER in 2018 and what’s next?

RUDDER

What is RUDDER and when should I use it?

RUDDER

Alexandre Brianceau, CfgMgmtCamp 2019. Rudder is an open source configuration management tool that includes continuous auditing (with or without remediation), compliance info and graphs and the possibility to configure everything in the UI and/or APIs. It has been around for more than six years and has users large (think 10 000 nodes) and small around the world. Let’s take a moment to look at the vision that lead us here, how Rudder is different from similar tools, and what users find invaluable, nice (or annoying - I’ll be honest!). If you’re not familiar with Rudder this is a great talk to attend to get the basics covered.

Fosdem - Configurations do you prove yours?

RUDDER

L'audit en continu : clé de la conformité démontrable (#POSS 2018)

RUDDER

Présentation issue du talk pour le Paris Open Source Summit 2018 par Alexandre Brianceau dans le track Cybersécurité. Les politiques de sécurité sont de plus en plus complexes et exigeantes à mettre en oeuvre pour les équipes opérationnelles. Comment pouvons-nous être certains que nos politiques de sécurité soient bien appliquées sur tous sos serveurs autrement qu’à travers un audit massif et coûteux ? Quand bien même le seraient-elles lors de leur création, comment savoir si elles restent parfaitement conformes après quelques jours / semaines / mois ? Nous montrerons comment définir des règles techniques d'une politique de sécurité dans RUDDER, une solution d'automatisation de conformité informatique open source issue du monde devops où la gestion automatique de la configuration est déjà la norme. ensuite toutes les 5 minutes sur chacun des serveurs afin de remonter un résumé global permettant alors d’inspecter les problèmes qui doivent être corrigés. Nous expliquerons également comment une politique d’audit déployée avec succès peut être imposée sur tous les systèmes avec le même outil, en passant de l’audit automatique à la remédiation automatique.

Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)

RUDDER

Présentation issue du talk pour le BBOOST 2018 par Alexandre Brianceau. Une infrastructure dont les configurations ne sont pas homogènes, surveillées et maintenues en conformité en continu finit inévitablement par dériver, entraînant failles de sécurité et incidents de production. Alors que la fiabilité de l’IT est devenue critique, la méthode traditionnelle consistant à mener des audits tous les X mois montre ses limites : une dérive entre deux audits peut passer inaperçue et causer un incident. RUDDER est une solution qui garantit la conformité des configurations en permanence.

Stay up - voyage d'un éditeur de logiciels libres

RUDDER

How we scaled Rudder to 10k, and the road to 50k

RUDDER

Management graphical interface, real-time compliance and ease of use are some of Rudder core principles. When Rudder was created in 2010, hundreds of servers were considered a large installation, and the constraints and limits to manage systems were totally different than nowadays, as IT speaks in terms of thousands of nodes. I’ll present how we scaled Rudder from hundreds to 10k nodes, on each different aspect of the product: changing the way nodes talk with the Rudder server, rewriting the data model, evolving the UI, how we detected new limits - further away - and how we removed them; and made sure these limits don’t come back through tooling and testing. Finally, I’ll present the planned evolutions in upcoming releases to reach 50k managed nodes.

What's new and what's next in Rudder

RUDDER

Rudder 4.1 was released in March 2017 with: - an advanced feature to query external APIs and pull in node properties dynamically the ability to add "key=value" tags to all Rules and Directives in order to categorize them - a new API on relay servers to enable node-to-node file sharing and remote run in firewalled environments performance improvements - a new plugin package format Rudder 4.2 was released in September 2017 and includes the support for a new plugin that adds support for a new Windows DSC-based agent. Rudder 4.3 will include: - Parameters for Technique Editor techniques - ACLs on the API accounts - Many architecture improvements In parallel, new plugins are being developed: - A plugin to integrate data from external APIs - Monitoring integration with Centreon - CMDB integration with iTop - A reporting plugin for historized compliance This talk will introduce these new features and show how to use them, hopefully getting you as excited as we are! Then, we will move on to explain about longer-term feature ideas we have for Rudder, and the general vision linked to future developments. About Nicolas Charles Nicolas is a tinkerer who likes when things just work, and tries his best to reach this goal. He started as a developer 15 years ago, and often had to reach out of this role to solve issues. In 2010, he co-founded Normation, and he still enjoys fixing things in Rudder and at its users.

Poss 2017 : gestion des configurations et mise en conformité chez un service ...

RUDDER

Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...

RUDDER

POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...

RUDDER

DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...

RUDDER

En tant qu’hébergeur et infogérant, Jaguar Network est confronté à une double évolution : Le marché attend de la part d’un Service Provider de prendre en charge une part toujours plus importante de la gestion du système d’information. La croissance de l’entreprise entraîne une pression plus importante quantitativement (scalabilité) et qualitativement (garantir la fiabilité et la sécurité sur l’ensemble du parc géré). Ainsi, Jaguar Network a dû trouver une solution capable de résoudre cette double problématique à laquelle de plus en plus de sociétés sont confrontées : assurer la croissance rapide du parc tout en améliorant et en garantissant la fiabilité. Grâce à RUDDER, solution open-source française de Continuous Configuration dédiée aux contraintes de la production, l’atteinte de cet objectif a été grandement facilité. En duo avec l’éditeur de RUDDER, Jaguar Network racontera le déroulement de ce projet, de la mise en place de l’outil aux résultats constatés, en passant par l’intégration avec les autres technologies du SI. Un retour d’expérience concret et complet sur le concept de Continuous Configuration et son implémentation avec RUDDER.

RUDDER - Continuous Configuration (configuration management + continuous aud...

RUDDER

RUDDER is an easy to use, web-driven, role-based solution for IT Infrastructure Automation and Compliance. With a focus on continuously checking configurations and centralising real-time status data, RUDDER can show a high-level summary (“ISO 27001 rules are at 100%!”) and break down noncompliance issues to a deep technical level (“Host prod-web-03: SSH server configuration allows root logins”). A few things that make RUDDER stand out: - A simple framework allows you to extend the built-in rules to implement specific low-level configuration patterns, however complex they may be, using simple building blocks (“ensure package installed in version X,” “ensure file content,” “ensure line in file,” etc.). A graphical builder lowers the technical level required to use this. - Each policy can be independently set to be automatically checked or enforced on a policy or host level. In Enforce mode, each remediation action is recorded, showing the value of these invisible fixes. - RUDDER works on almost every kind of device, so you’ll be managing physical and virtual servers in the data center, cloud instances, and embedded IoT devices in the same way. - RUDDER is designed for critical environments where a security breach can mean more than a blip in the sales stats. Built-in features include change requests, audit logs, and strong authentication. - RUDDER relies on an agent that needs to be installed on all hosts to audit. The agent is very lightweight (10 to 20 MB of RAM at peak) and blazingly fast (it’s written in C and takes less than 10 seconds to verify 100 rules). Installation is self-contained, via a single package, and can auto-update to limit agent management burden. - RUDDER is a true and professional open source solution—the team behind RUDDER doesn’t believe in the dual-speed licensing approach that makes you reinstall everything and promotes open source as little more than a “demo version.” RUDDER is an established project with several 10000s of node managed, in companies from small to biggest-in-their-field. Typical deployments manage 100s to 1000s of nodes. The biggest known deployment in 2016 is about 7000 nodes.

More from RUDDER (20)

What if configuration management didn't need to be lvl60 in dev?

Servers compliance: audit, remediation, proof

OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?

OW2Con - Configurations, do you prove yours?

The new plugin ecosystem in RUDDER 5.0

What uses for observing operations of Configuration Management?

UX challenges of a UI-centric config management tool

What happened in RUDDER in 2018 and what’s next?

What is RUDDER and when should I use it?

Fosdem - Configurations do you prove yours?

L'audit en continu : clé de la conformité démontrable (#POSS 2018)

Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)

Stay up - voyage d'un éditeur de logiciels libres

How we scaled Rudder to 10k, and the road to 50k

What's new and what's next in Rudder

Poss 2017 : gestion des configurations et mise en conformité chez un service ...

Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...

POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...

DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...

RUDDER - Continuous Configuration (configuration management + continuous aud...

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

Quantum Computing: Current Landscape and the Future Role of APIs

Vlad Stirbu

UiPath Community Day Dubai: AI at Work..

UiPathCommunity

Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking. 📕 Curious on our agenda? Wait no more! 10:00 Welcome note - UiPath Community in Dubai Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank 10:20 A UiPath cross-region MEA overview Ashraf El Zarka, VP and Managing Director MEA, UiPath 10:35: Customer Success Journey Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank 11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more Boris Krumrey, Global VP, Automation Innovation, UiPath 12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services. Brendan Lingam, Director of Sales and Business Development, Marc Ellis

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

The Future of Platform Engineering

Jemma Hussein Allen

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

Jen Stirrup

The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives? How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Alex Pruden

This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second). Paper: https://eprint.iacr.org/2023/1886

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

Peter Spielvogel

Building better applications for business users with SAP Fiori. • What is SAP Fiori and why it matters to you • How a better user experience drives measurable business benefits • How to get started with SAP Fiori today • How SAP Fiori elements accelerates application development • How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities • How SAP Fiori paves the way for using AI in SAP apps

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf

Elevating Tactical DDD Patterns Through Object Calisthenics

Quantum Computing: Current Landscape and the Future Role of APIs

UiPath Community Day Dubai: AI at Work..

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

The Future of Platform Engineering

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Leading Change strategies and insights for effective change management pdf 1.pdf

Climate Impact of Software Testing at Nordic Testing Days

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Accelerate your Kubernetes clusters with Varnish Caching

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Securing your Kubernetes cluster_ a step-by-step guide to success !

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

DevOps and Testing slides at DASA Connect

PCI PIN Basics Webinar from the Controlcase Team

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

Removing Uninteresting Bytes in Software Fuzzing

Cfengine reborn

1. Cfengine Reborn – Keeping Promises SELF-HEALING DATACENTER SOLUTION

2. Some users of Cfengine SELF-HEALING DATACENTER SOLUTION

3. The future is not certain • We encourage it but we do not decide it • It is about simple patterns that are robust • There are no guarantees, but we can try to keep promises SELF-HEALING DATACENTER SOLUTION

4. Configuration Management SELF-HEALING DATACENTER SOLUTION

5. Promise Technology  Based on Promise Theory research  Puts goals not recipes in focus – Goals are invariants, recipes depend on circumstances – Simple connection to “Service Level Agreements” – Easy to measure compliance  A promise is a documentation item – Knowledge integration SELF-HEALING DATACENTER SOLUTION

6. Cfengine aspects SELF-HEALING DATACENTER SOLUTION

7. Convergence = self-healing  Promises focus on the end state (desired state) not on fragile procedures and baselines  We automate repair using Cfengine's published convergence principle SELF-HEALING DATACENTER SOLUTION

8. Pull not push – scale and security  Every node is responsible for its own state – Allows flat scalability (no bottlenecks) – Allows detailed adaptation to local environment (each host knows its own environment best)  Hosts subscribe to external resources they need – Software Package manager integration – Policy updates from orchestrator when available  Push attacks a system, pull grants autonomy to all parts of the network and it fault tolerant of network outage (for wireless, pervasive, field operations etc) SELF-HEALING DATACENTER SOLUTION

9. Agile, elastic scaling ? SELF-HEALING DATACENTER SOLUTION

10. Knowledge Management SELF-HEALING DATACENTER SOLUTION

11. Reporting – Knowledge Management SELF-HEALING DATACENTER SOLUTION

12. Unique self-building documentation SELF-HEALING DATACENTER SOLUTION

13. Cfengine Nova Extras • Now – One touch bootstrap – Self-knowledge / analysis document integration – Ultra lightweight monitoring integrated – Native cross-platform support includes Windows – Enhanced security (FIPS) – Directory service integration with fault tolerance – Virtualization and elastic scaling support • 3-6 months – Cfengine 2 to Nova conversion – GUI “helm” single point of contact and change SELF-HEALING DATACENTER SOLUTION

14. The Company and Partners Cfengine AS Oslo Norway Cfengine Inc Tampa USA Tel: +47 22 95 85 00 Fax: +47 22 60 44 27 Mail: Contact@cfengine.com SELF-HEALING DATACENTER SOLUTION

Cfengine reborn

Recommended

Recommended

More Related Content

What's hot

What's hot (6)

Similar to Cfengine reborn

Similar to Cfengine reborn (20)

More from RUDDER

More from RUDDER (20)

Recently uploaded

Recently uploaded (20)

Cfengine reborn