Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The future of configuration management (and how...

Avatar for Gareth Rushgrove Gareth Rushgrove
February 03, 2015
Technology
9
3.5k

The future of configuration management (and how to stop it)

A talk about the future (and the past) of configuration management. The only talk ever to mention MIL-HDBK-61B and Kubernetes in one presentation. Presented at #cfgmgtcamp
Avatar for Gareth Rushgrove

Gareth Rushgrove

February 03, 2015
Tweet

More Decks by Gareth Rushgrove

See All by Gareth Rushgrove
GTM vs Open Source
Avatar for Gareth Rushgrove garethr
0
790
Software Build of Materials For Cloud Native applications
Avatar for Gareth Rushgrove garethr
1
390
Evolving vulnerabilities in CycloneDX
Avatar for Gareth Rushgrove garethr
0
390
Configuration security is a developer problem
Avatar for Gareth Rushgrove garethr
2
2.1k
Patterns for secure container base image management
Avatar for Gareth Rushgrove garethr
1
2k
Testing configuration with Open Policy Agent
Avatar for Gareth Rushgrove garethr
0
560
Building a Docker Image Packaging Pipeline Using GitHub Actions
Avatar for Gareth Rushgrove garethr
5
2.6k
The perils of configuration security
Avatar for Gareth Rushgrove garethr
1
220
Shifting Terraform security left
Avatar for Gareth Rushgrove garethr
3
1.7k

Other Decks in Technology

See All in Technology
SRE本出版からまもなく10年!〜これまでに何が起こり、これから何が起こるのか〜
Avatar for katsuhisa_ katsuhisa91
PRO
0
350
転職したらMCPサーバーだった件
Avatar for nwiizo nwiizo
12
9.1k
DynamoDB のデータを QuickSight で可視化する際につまづいたこと/stumbling-blocks-when-visualising-dynamodb-with-quicksight
Avatar for emi emiki
0
170
Sleep-time Compute: LLM推論コスト削減のための事前推論
Avatar for sergicalsix sergicalsix
1
150
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2025年版)
Avatar for Infiniteloop infiniteloop_inc
13
44k
AOAI で AI アプリを開発する時にまず考えたいこと
Avatar for Yuji Masaoka | まっぴぃ mappie_kochi
1
760
自動化の第一歩 -インフラ環境構築の自動化について-
Avatar for Makky12 smt7174
1
140
VitePress & MCPでアプリ仕様のオープン化に挑戦する
Avatar for Hal hal_spidernight
0
120
PythonツールであるpygnmiをSONiCのgNMIに対して使ってみた
Avatar for SONiC Users Group Japan sonic
0
140
ソフトウェアテスト 最初の一歩 〜テスト設計技法をワークで体験しながら学ぶ〜 #JaSSTTokyo / SoftwareTestingFirstStep
Avatar for nihonbuson nihonbuson
PRO
2
200
経済メディア編集部の実務に小さく刺さるAI / small-ai-with-editorial
Avatar for Yukiya Nakagawa nkzn
2
450
Google Cloud Next 2025 Recap 生成AIモデルとマーケティングでのコンテンツ生成 / Generative AI models and content creation in marketing
Avatar for Kyohei Saito kyou3
0
310

Featured

See All Featured
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
61k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
10
800
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
159
23k
Music & Morning Musume
Avatar for Bryan Veloso bryan
47
6.5k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
52
7.6k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
34
3k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.3k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
94
13k
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
16k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
105
19k

Transcript

  1. The Future of Configuration Management Puppet Labs Gareth Rushgrove And

    how to stop it

  2. Gareth Rushgrove

  3. @garethr

  4. Gareth Rushgrove

  5. Gareth Rushgrove

  6. More a discussion of problems than solutions Gareth Rushgrove

  7. A disclaimer Gareth Rushgrove

  8. What is configuration management?

  9. A discipline Gareth Rushgrove

  10. Any input to your infrastructure is configuration Gareth Rushgrove

  11. Configuration management is about managing those inputs over time Gareth

    Rushgrove

  12. Configuration management is about managing those inputs over time and

    at scale* Gareth Rushgrove *thanks @lutter

  13. Gareth Rushgrove Configuration management is about managing those inputs over

    time and at scale*

  14. A little history

  15. 1950s research, 1960s 480 series, 1991 MIL- HDBK-61, 1998 ANSI-

    EIA-649 Gareth Rushgrove

  16. Military Handbook Configuration Management Guidance MIL-HDBK-61B Gareth Rushgrove

  17. Identification Control Status accounting Verification and audit Gareth Rushgrove

  18. National Consensus Standard for Configuration Management EIA-649 Gareth Rushgrove

  19. Configuration management verifies that a system is identified and documented

    in sufficient detail Gareth Rushgrove

  20. Configuration management verifies that a system performs as intended Gareth

    Rushgrove

  21. Service management, ITIL, ISO 20000, ISO 9000, ISO 10007 Gareth

    Rushgrove

  22. Infrastructure as code Gareth Rushgrove

  23. Files, services, packages, users, groups Gareth Rushgrove

  24. This talk

  25. Predict the future Gareth Rushgrove

  26. Look at what needs configuring Gareth Rushgrove

  27. Near term

  28. Infrastructure as a service Gareth Rushgrove

  29. Gareth Rushgrove

  30. Gareth Rushgrove

  31. Software defined networks Gareth Rushgrove

  32. Network devices with APIs Gareth Rushgrove

  33. Cloud networks Gareth Rushgrove

  34. Gareth Rushgrove

  35. Overlay networks Gareth Rushgrove

  36. Gareth Rushgrove Weave

  37. Medium term

  38. Distributed configuration Gareth Rushgrove

  39. Etcd, Consul, Zookeeper Gareth Rushgrove

  40. Replacement for configuration files Gareth Rushgrove

  41. Need to manage (some) information going in. Say for change

    control reasons Gareth Rushgrove Identification Control Status accounting Verification and audit

  42. Gareth Rushgrove

  43. Gareth Rushgrove

  44. Service discovery vs modelling — choosing the right abstraction Gareth

    Rushgrove

  45. Containers Gareth Rushgrove

  46. Gareth Rushgrove

  47. Containers as a new package format Gareth Rushgrove

  48. Images AND running containers Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  49. Containers as virtual machines Gareth Rushgrove

  50. Containers as processes Gareth Rushgrove

  51. Gareth Rushgrove

  52. Gareth Rushgrove

  53. App container specification Gareth Rushgrove

  54. New operating systems addressing host level complexity Gareth Rushgrove

  55. Gareth Rushgrove

  56. Gareth Rushgrove

  57. Gareth Rushgrove

  58. Read-only file systems Gareth Rushgrove

  59. Atomic changes Gareth Rushgrove

  60. Collapse all files, packages, users, etc. down to a single

    hash Gareth Rushgrove Identification Control Status accounting Verification and audit

  61. Cloud infrastructure II — A new hope Gareth Rushgrove

  62. Platform as a service Gareth Rushgrove

  63. Gareth Rushgrove

  64. Buildpacks Gareth Rushgrove Identification Control Status accounting Verification and audit

  65. Application composition Gareth Rushgrove Identification Control Status accounting Verification and

    audit

  66. CloudFoundry application security groups Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  67. Gareth Rushgrove

  68. Environment variables Gareth Rushgrove Identification Control Status accounting Verification and

    audit

  69. Longer term

  70. Cloud infrastructure III — The cloud strikes back Gareth Rushgrove

  71. Infrastructure-less execution environments Gareth Rushgrove

  72. Azure WebJobs, AWS Lamda Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  73. Autonomous systems Gareth Rushgrove

  74. Autoscaling Gareth Rushgrove

  75. Group size, scaling policies, instance details Gareth Rushgrove Identification Control

    Status accounting Verification and audit

  76. Gareth Rushgrove

  77. Gareth Rushgrove

  78. Gareth Rushgrove

  79. Pods, Services, ReplicationControllers Gareth Rushgrove Identification Control Status accounting Verification

    and audit

  80. Gareth Rushgrove

  81. Gareth Rushgrove

  82. Unikernels Gareth Rushgrove

  83. Gareth Rushgrove

  84. OSv Gareth Rushgrove

  85. MirageOS Gareth Rushgrove

  86. Gareth Rushgrove

  87. Gareth Rushgrove

  88. Conclusions

  89. The breadth of infrastructure we manage is only increasing Gareth

    Rushgrove

  90. The importance of infrastructure APIs Gareth Rushgrove

  91. Modelling higher level primitives Gareth Rushgrove

  92. Focusing on inputs to dynamic systems Gareth Rushgrove

  93. Multiple speeds of configuration Gareth Rushgrove

  94. One tool or a collection of tools? Gareth Rushgrove

  95. One interface or a collection of interfaces? Gareth Rushgrove

  96. Standards? Gareth Rushgrove

  97. The future is already here — it's just not very

    evenly distributed. Gareth Rushgrove William Gibson

  98. Questions? And thanks for listening