Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Native Configuration Management

Eric Sorenson
February 03, 2020

Cloud Native Configuration Management

A review of tools and technologies currently in use across the cloud native community for managing configurations of their applications and infrastructure.

Keynote at Config Management Camp 2020

Eric Sorenson

February 03, 2020
Tweet

More Decks by Eric Sorenson

Other Decks in Technology

Transcript

  1. Eric Sorenson // [email protected] //
    {github,twitter,soundcloud}.com/ahpook
    Cloud Native
    Configuration Management:
    2020 and beyond

    View full-size slide

  2. IFTTT For
    Devops ...?
    puppet.com/project-nebula

    View full-size slide

  3. • Platform-enabled
    • Resilient
    • Agile
    • Operable
    • Observable
    CN Characteristics

    View full-size slide

  4. • Declarative config
    • Clean OS contract
    • Built for cloud
    • Enable CD
    12 Facter Apps

    View full-size slide

  5. • Use declarative formats for setup automation,
    to minimize time and cost for new developers joining the project;
    • Have a clean contract with the underlying operating system,
    offering maximum portability between execution environments;
    • Are suitable for deployment on modern cloud platforms,
    obviating the need for servers and systems administration;
    • Minimize divergence between development and production,
    enabling continuous deployment for maximum agility;
    • And can scale up without significant changes to tooling,
    architecture, or development practices.
    — Adam Wiggins, 12factor.net

    View full-size slide

  6. Ephemerality
    Immutability
    Data...bility
    Cardinality

    View full-size slide

  7. Infrastructure as code
    Infrastructure as data
    Infrastructure as software

    View full-size slide

  8. TK Visualization of 110 Tools

    View full-size slide

  9. The Configuration Complexity Clock
    (Mike Hadlow, via @garethr and Cedric Charly)
    12
    3
    6
    9
    Hard Coded
    Config Values
    Rules Engine
    DSL
    Curse

    View full-size slide

  10. 12
    3
    6
    9
    Raw Config
    Generators
    Frontends
    DSL
    Taxonomy of Cloud-Native CM Tools

    View full-size slide

  11. Kapitan - kapitan.dev
    • ‘reclass’ as a source of truth
    for config data
    • Jinja2 or jsonnet templates
    for generation
    • Compiles output into folders
    for runtime injection and
    gitops love

    View full-size slide

  12. Kr8 – kr8.rocks
    • “Oh **** we’re going to
    have to write something” –
    (blog: leebriggs.co.uk)
    • Uses Jsonnet for both data
    storage and templating
    • Maps ‘components’ (things
    you run) onto ‘clusters’
    (where you run them)

    View full-size slide

  13. Tanka – tanka.dev
    • Philosophically like
    ksonnet, but simpler:
    “environments” only
    • Relatively thin layer of
    workflow over jsonnet,
    featuring deep-merges
    • Uses k8s 1.13+ server-
    side diffing

    View full-size slide

  14. Helm – helm.sh
    • ”Package
    management” for
    Kubernetes
    • Variable substitution to
    templating to… Lua?
    • Value injection still a
    problem

    View full-size slide

  15. P U P P E T O V E R V I E W
    18
    Pulumi – pulumi.io
    • “Terraform for
    Programmers”
    • Multiple language
    bindings over TF
    providers – js, python
    • Cloud-based state by
    default

    View full-size slide

  16. Domain Specific Languages

    View full-size slide

  17. Terraform – https://terraform.io

    View full-size slide

  18. Gyro – getgyro.io
    • Ground-up Java IaC
    tool from PerfectSense
    • Custom DSL / CLI for
    cloud provisioning
    • Y THO?!

    View full-size slide

  19. Starlark –
    bazelbuild/starlark
    • Dialect of Python made for
    configuration languages
    • Multiple implementations:
    java, go, rust
    • Proposal for Tekton
    pipelines

    View full-size slide

  20. Cue –
    cuelang.org
    • “Configure, Unify, Execute”
    • Data constraint language
    • Builds templating, defaults,
    spec directly into the config
    language
    • DSL over the domain of
    configuration

    View full-size slide

  21. Lessons Learned

    View full-size slide

  22. Complexity will chase you
    ....but wait until the last minute to start running
    *HONK*

    View full-size slide

  23. Constraints and specs > all else
    or: “Any sufficiently advanced YAML dialect
    is indistinguishable from a DSL”
    json-schema.org | @lyraproj/dgo | WTFM

    View full-size slide

  24. Stop making new DSLs.
    ... please?
    cuelang.org | jsonnet.org | @bazelbuild/starlark

    View full-size slide

  25. Of all the problems we have confronted, the ones
    over which the most brainpower, ink, and code have
    been spilled are related to managing
    configurations—the set of values supplied to
    applications, rather than hard-coded into them. In
    truth, we could have devoted this entire article to
    the subject and still have had more to say.
    Burns, Grant, Brewer et al - “Borg, Omega and Kubernetes”

    View full-size slide

  26. Thank you!
    Eric Sorenson // [email protected]
    @ahpook

    View full-size slide

  27. Lessons Learned

    View full-size slide