Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The future of configuration management (and how...

Gareth Rushgrove
February 03, 2015
Technology
9
3.4k

The future of configuration management (and how to stop it)

A talk about the future (and the past) of configuration management. The only talk ever to mention MIL-HDBK-61B and Kubernetes in one presentation. Presented at #cfgmgtcamp

Gareth Rushgrove

February 03, 2015
Tweet

More Decks by Gareth Rushgrove

See All by Gareth Rushgrove
GTM vs Open Source
garethr
0
750
Software Build of Materials For Cloud Native applications
garethr
1
350
Evolving vulnerabilities in CycloneDX
garethr
0
330
Configuration security is a developer problem
garethr
2
2k
Patterns for secure container base image management
garethr
1
2k
Testing configuration with Open Policy Agent
garethr
0
510
Building a Docker Image Packaging Pipeline Using GitHub Actions
garethr
5
2.4k
The perils of configuration security
garethr
1
190
Shifting Terraform security left
garethr
3
1.7k

Other Decks in Technology

See All in Technology
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160
Taming you application's environments
salaboy
0
180
いざ、BSC討伐の旅
nikinusu
2
780
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
28
12k
Terraform未経験の御様に対してどの ように導⼊を進めていったか
tkikuchi
2
430
第1回 国土交通省 データコンペ参加者向け勉強会③ - Snowflake x estie編 -
estie
0
120
OCI Vault 概要
oracle4engineer
PRO
0
9.7k
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
Application Development WG Intro at AppDeveloperCon
salaboy
0
180
EventHub Startup CTO of the year 2024 ピッチ資料
eventhub
0
110
信頼性に挑む中で拡張できる・得られる1人のスキルセットとは?
ken5scal
2
530
データプロダクトの定義からはじめる、データコントラクト駆動なデータ基盤
chanyou0311
2
280

Featured

See All Featured
Building a Modern Day 
E-commerce SEO Strategy
aleyda
38
6.9k
The Language of Interfaces
destraynor
154
24k
Code Reviewing Like a Champion
maltzj
520
39k
Building Applications with DynamoDB
mza
90
6.1k
Thoughts on Productivity
jonyablonski
67
4.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
YesSQL, Process and Tooling at Scale
rocio
169
14k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k

Transcript

  1. The Future of Configuration Management Puppet Labs Gareth Rushgrove And

    how to stop it

  2. Gareth Rushgrove

  3. @garethr

  4. Gareth Rushgrove

  5. Gareth Rushgrove

  6. More a discussion of problems than solutions Gareth Rushgrove

  7. A disclaimer Gareth Rushgrove

  8. What is configuration management?

  9. A discipline Gareth Rushgrove

  10. Any input to your infrastructure is configuration Gareth Rushgrove

  11. Configuration management is about managing those inputs over time Gareth

    Rushgrove

  12. Configuration management is about managing those inputs over time and

    at scale* Gareth Rushgrove *thanks @lutter

  13. Gareth Rushgrove Configuration management is about managing those inputs over

    time and at scale*

  14. A little history

  15. 1950s research, 1960s 480 series, 1991 MIL- HDBK-61, 1998 ANSI-

    EIA-649 Gareth Rushgrove

  16. Military Handbook Configuration Management Guidance MIL-HDBK-61B Gareth Rushgrove

  17. Identification Control Status accounting Verification and audit Gareth Rushgrove

  18. National Consensus Standard for Configuration Management EIA-649 Gareth Rushgrove

  19. Configuration management verifies that a system is identified and documented

    in sufficient detail Gareth Rushgrove

  20. Configuration management verifies that a system performs as intended Gareth

    Rushgrove

  21. Service management, ITIL, ISO 20000, ISO 9000, ISO 10007 Gareth

    Rushgrove

  22. Infrastructure as code Gareth Rushgrove

  23. Files, services, packages, users, groups Gareth Rushgrove

  24. This talk

  25. Predict the future Gareth Rushgrove

  26. Look at what needs configuring Gareth Rushgrove

  27. Near term

  28. Infrastructure as a service Gareth Rushgrove

  29. Gareth Rushgrove

  30. Gareth Rushgrove

  31. Software defined networks Gareth Rushgrove

  32. Network devices with APIs Gareth Rushgrove

  33. Cloud networks Gareth Rushgrove

  34. Gareth Rushgrove

  35. Overlay networks Gareth Rushgrove

  36. Gareth Rushgrove Weave

  37. Medium term

  38. Distributed configuration Gareth Rushgrove

  39. Etcd, Consul, Zookeeper Gareth Rushgrove

  40. Replacement for configuration files Gareth Rushgrove

  41. Need to manage (some) information going in. Say for change

    control reasons Gareth Rushgrove Identification Control Status accounting Verification and audit

  42. Gareth Rushgrove

  43. Gareth Rushgrove

  44. Service discovery vs modelling — choosing the right abstraction Gareth

    Rushgrove

  45. Containers Gareth Rushgrove

  46. Gareth Rushgrove

  47. Containers as a new package format Gareth Rushgrove

  48. Images AND running containers Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  49. Containers as virtual machines Gareth Rushgrove

  50. Containers as processes Gareth Rushgrove

  51. Gareth Rushgrove

  52. Gareth Rushgrove

  53. App container specification Gareth Rushgrove

  54. New operating systems addressing host level complexity Gareth Rushgrove

  55. Gareth Rushgrove

  56. Gareth Rushgrove

  57. Gareth Rushgrove

  58. Read-only file systems Gareth Rushgrove

  59. Atomic changes Gareth Rushgrove

  60. Collapse all files, packages, users, etc. down to a single

    hash Gareth Rushgrove Identification Control Status accounting Verification and audit

  61. Cloud infrastructure II — A new hope Gareth Rushgrove

  62. Platform as a service Gareth Rushgrove

  63. Gareth Rushgrove

  64. Buildpacks Gareth Rushgrove Identification Control Status accounting Verification and audit

  65. Application composition Gareth Rushgrove Identification Control Status accounting Verification and

    audit

  66. CloudFoundry application security groups Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  67. Gareth Rushgrove

  68. Environment variables Gareth Rushgrove Identification Control Status accounting Verification and

    audit

  69. Longer term

  70. Cloud infrastructure III — The cloud strikes back Gareth Rushgrove

  71. Infrastructure-less execution environments Gareth Rushgrove

  72. Azure WebJobs, AWS Lamda Gareth Rushgrove Identification Control Status accounting

    Verification and audit

  73. Autonomous systems Gareth Rushgrove

  74. Autoscaling Gareth Rushgrove

  75. Group size, scaling policies, instance details Gareth Rushgrove Identification Control

    Status accounting Verification and audit

  76. Gareth Rushgrove

  77. Gareth Rushgrove

  78. Gareth Rushgrove

  79. Pods, Services, ReplicationControllers Gareth Rushgrove Identification Control Status accounting Verification

    and audit

  80. Gareth Rushgrove

  81. Gareth Rushgrove

  82. Unikernels Gareth Rushgrove

  83. Gareth Rushgrove

  84. OSv Gareth Rushgrove

  85. MirageOS Gareth Rushgrove

  86. Gareth Rushgrove

  87. Gareth Rushgrove

  88. Conclusions

  89. The breadth of infrastructure we manage is only increasing Gareth

    Rushgrove

  90. The importance of infrastructure APIs Gareth Rushgrove

  91. Modelling higher level primitives Gareth Rushgrove

  92. Focusing on inputs to dynamic systems Gareth Rushgrove

  93. Multiple speeds of configuration Gareth Rushgrove

  94. One tool or a collection of tools? Gareth Rushgrove

  95. One interface or a collection of interfaces? Gareth Rushgrove

  96. Standards? Gareth Rushgrove

  97. The future is already here — it's just not very

    evenly distributed. Gareth Rushgrove William Gibson

  98. Questions? And thanks for listening