Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ChefConf 2017 - Habitat In Production

Fletcher Nichol
June 13, 2017
Technology
0
110

ChefConf 2017 - Habitat In Production

The Habitat Supervisor is responsible for deploying, managing, and choreographing running Habitat services. This session will explore a number of the operational concerns that the supervisor enables. See how to manage secrets, store configuration changes in version control systems, update running applications, and choreograph application upgrades. This is the talk for anyone who is ready to run Habitat services in a production environment.

https://github.com/fnichol/talk-chefconf2017-habitat-in-production

Fletcher Nichol

June 13, 2017
Tweet

More Decks by Fletcher Nichol

See All by Fletcher Nichol
RustFest 2017 - Taking Rust To Production: Lessons Learned From The Habitat Project
fnichol
1
94
AutomaCon 2015 - But Does It Actually Work? Running Your Infrastructure Code For Real
fnichol
2
130
Cyber Summit 2014 - Test Kitchen and Infrastructure as Code
fnichol
0
45
Edmonton Go September 2014 - Docker
fnichol
2
630
Agile 2014 - Agile Infrastructure Development with Test Kitchen
fnichol
0
170
ChefConf 2014 - Test Kitchen: One Year Later and the Future
fnichol
7
2.1k
Devopsdays Vancouver 2013 - Test Kitchen
fnichol
2
150
ChefConf 2013 - Test Kitchen: Multi-Platform Integration Testing for the Masses
fnichol
4
2.1k
ChefConf 2013 - Harnessing the Power of Bare Metal with Razor and Chef Server
fnichol
2
3.4k

Other Decks in Technology

See All in Technology
0→1開発における技術選定において一番大切なこと
bicstone
1
320
Databricks におけるデータエンジニアリング
databricksjapan
0
370
OpenTelemetry を使ったトレースエグザンプラーの活用 / otel-trace-exemplar
k6s4i53rx
2
630
元インフラエンジニアに成る / Human Resources to Human Relations
bobtani
3
770
少数チームで挑む: SwiftUI, TCA, KMPを用いた 新規動画配信アプリ 「ABEMA Live」の開発について
tomu28
0
530
Google Cloud の AI を支える裏側のインフラを垣間見る!
maroon1st
0
170
株式会社EventHub・エンジニア採用資料
eventhub
0
1.9k
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
690
Next'24 事例セッションの紹介とクラウド資格を活用したキャリア形成について語りMuscle
yasumuusan
1
320
オーナーシップを持つ領域を明確にする
konifar
11
2.3k
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
320
普段有償でサポート業務をしているCSAが技術知見を無料で公開する理由
07jp27
1
630

Featured

See All Featured
The Brand Is Dead. Long Live the Brand.
mthomps
48
28k
Building Your Own Lightsaber
phodgson
98
5.7k
Side Projects
sachag
451
41k
Embracing the Ebb and Flow
colly
79
4.1k
Music & Morning Musume
bryan
41
5.6k
The Pragmatic Product Professional
lauravandoore
24
5.8k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
A Philosophy of Restraint
colly
196
16k
Become a Pro
speakerdeck
PRO
10
4.5k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
243
20k
Code Review Best Practice
trishagee
54
15k
Code Reviewing Like a Champion
maltzj
513
39k

Transcript

  1. Habitat in Production Fletcher Nichol ChefConf 2017 May 23, 2017

    Austin, USA

  2. Habitat? is a runtime system for your apps or other

    services provides realtime service configuration is a reactive system packages software with a deterministic build system distributed build service loves your apps

  3. Alert!

  4. None
  5. None

  6. Habitat Zone! Level 4, behind registration

  7. Concepts 1. Topologies 2. Service Bindings 3. Update Strategies 4.

    Release Channels 5. Keys 6. Service Configuration

  8. Topologies

  9. Topology 1. Standalone hab svc load abahab/webacus --topology standalone hab

    svc load abahab/webacus

  10. Topology 2. Leader hab svc load abahab/webacus --topology leader

  11. None
  12. None
  13. None
  14. None
  15. None

  16. Service Binding

  17. Bindings 1. Required hab svc load abahab/webacus --bind database:postgresql.default

  18. Bindings 2. Optional hab svc load abahab/webacus --bind database:postgresql.default hab

    svc load abahab/webacus
  19. None

  20. Update Strategies

  21. Strategy 1. None hab svc load abahab/webacus --strategy none hab

    svc load abahab/webacus

  22. Strategy 2. AtOnce hab svc load abahab/webacus --strategy at-once

  23. Strategy 3. Rolling hab svc load abahab/webacus --strategy rolling

  24. None
  25. None
  26. None
  27. None
  28. None

  29. Release Channels

  30. None

  31. Keys

  32. None
  33. None

  34. Key 1. Origin hab origin key generate abahab hab pkg

    build -k abahab .
  35. None

  36. Key 2. Ring hab ring key generate beyonce hab svc

    load abahab/webacus hab sup run --ring beyonce hab config apply --ring beyonce webacus.default $ver $config.toml
  37. None

  38. Key 3. Service hab svc key generate webacus.default prod hab

    svc load abahab/webacus hab sup run --org prod hab config apply \ webacus.default@prod \ $ver \ $config.toml

  39. Key 3. Service (With Ring) hab ring key generate beyonce

    hab svc key generate webacus.default prod hab svc load abahab/webacus hab sup run --org prod --ring beyonce hab config apply \ --ring beyonce \ webacus.default@prod \ $ver \ $config.toml
  40. None

  41. Key 4. User (Future) hab user key generate fnichol hab

    svc key generate webacus.default prod hab svc load abahab/webacus hab sup run --org prod # encrypt config with fnichol key for webacus.default@prod hab config apply \ webacus.default@prod \ $ver \ $encrypted_config.toml

  42. Service Configuration

  43. Configuration 1. Environment HAB_WEBACUS='maths_api = "http://maths.api" [app] port = 8080

    ' export HAB_WEBACUS hab svc load abahab/webacus hab sup run

  44. Configuration 2. File mkdir -p /hab/svc/webacus cat <<__EOF__ > /hab/svc/webacus/user.toml

    maths_api = "http://maths.api" [app] port = 8080 __EOF__ hab svc load abahab/webacus hab sup run

  45. Configuration 3. Config Apply (1) cat <<__EOF__ > /tmp/webacus.toml maths_api

    = "http://maths.api" [app] port = 8080 __EOF__ hab svc load abahab/webacus hab sup run hab config apply webacus.default $ver /tmp/webacus.toml

  46. Configuration 3. Config Apply (2) hab svc load abahab/webacus hab

    sup run cat <<__EOF__ | hab config apply webacus.default $ver maths_api = "http://maths.api" [app] port = 8080 __EOF__

  47. Configuration 3. Config Apply (Aside) ver=$(date +'%s') hab config apply

    webacus.default $ver /tmp/webacus.toml

  48. Versioned Configuration Changes

  49. Setup git init habitat-config-ring-beyonce cd habitat-config-ring-beyonce

  50. Service Group Config cat <<__EOF__ > webacus.default.toml maths_api = "http://maths.api"

    [app] port = 8080 __EOF__ git add webacus.default.toml git commit -m "Add webacus.default.toml"

  51. Seed Ring (Pseudo Code) find . -name '*.toml' | while

    read -r config_toml; do service_group="${config_toml%.toml}" hab apply \ --ring beyonce \ "$service_group" \ $(date +'%s') \ "$config_toml" done

  52. VCS Post-Merge Hook (Pseudo Code) git diff --name-only "$GIT_SHAS" |

    while read -r config_toml; do service_group="${config_toml%.toml}" hab apply \ --ring beyonce \ "$service_group" \ $(date +'%s') \ "$config_toml" done

  53. We Did It!

  54. Habitat Zone: Level 4

  55. None

  56. http://slack.habitat.sh

  57. Thank you!