Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The future of configuration management (and how to stop it)

The future of configuration management (and how to stop it)

A talk about the future (and the past) of configuration management. The only talk ever to mention MIL-HDBK-61B and Kubernetes in one presentation. Presented at #cfgmgtcamp

98234c645fe8c935edc0fec0186d28b8?s=128

Gareth Rushgrove

February 03, 2015
Tweet

Transcript

  1. The Future of Configuration Management Puppet Labs Gareth Rushgrove And

    how to stop it
  2. Gareth Rushgrove

  3. @garethr

  4. Gareth Rushgrove

  5. Gareth Rushgrove

  6. More a discussion of problems than solutions Gareth Rushgrove

  7. A disclaimer Gareth Rushgrove

  8. What is configuration management?

  9. A discipline Gareth Rushgrove

  10. Any input to your infrastructure is configuration Gareth Rushgrove

  11. Configuration management is about managing those inputs over time Gareth

    Rushgrove
  12. Configuration management is about managing those inputs over time and

    at scale* Gareth Rushgrove *thanks @lutter
  13. Gareth Rushgrove Configuration management is about managing those inputs over

    time and at scale*
  14. A little history

  15. 1950s research, 1960s 480 series, 1991 MIL- HDBK-61, 1998 ANSI-

    EIA-649 Gareth Rushgrove
  16. Military Handbook Configuration Management Guidance MIL-HDBK-61B Gareth Rushgrove

  17. Identification Control Status accounting Verification and audit Gareth Rushgrove

  18. National Consensus Standard for Configuration Management EIA-649 Gareth Rushgrove

  19. Configuration management verifies that a system is identified and documented

    in sufficient detail Gareth Rushgrove
  20. Configuration management verifies that a system performs as intended Gareth

    Rushgrove
  21. Service management, ITIL, ISO 20000, ISO 9000, ISO 10007 Gareth

    Rushgrove
  22. Infrastructure as code Gareth Rushgrove

  23. Files, services, packages, users, groups Gareth Rushgrove

  24. This talk

  25. Predict the future Gareth Rushgrove

  26. Look at what needs configuring Gareth Rushgrove

  27. Near term

  28. Infrastructure as a service Gareth Rushgrove

  29. Gareth Rushgrove

  30. Gareth Rushgrove

  31. Software defined networks Gareth Rushgrove

  32. Network devices with APIs Gareth Rushgrove

  33. Cloud networks Gareth Rushgrove

  34. Gareth Rushgrove

  35. Overlay networks Gareth Rushgrove

  36. Gareth Rushgrove Weave

  37. Medium term

  38. Distributed configuration Gareth Rushgrove

  39. Etcd, Consul, Zookeeper Gareth Rushgrove

  40. Replacement for configuration files Gareth Rushgrove

  41. Need to manage (some) information going in. Say for change

    control reasons Gareth Rushgrove Identification Control Status accounting Verification and audit
  42. Gareth Rushgrove

  43. Gareth Rushgrove

  44. Service discovery vs modelling — choosing the right abstraction Gareth

    Rushgrove
  45. Containers Gareth Rushgrove

  46. Gareth Rushgrove

  47. Containers as a new package format Gareth Rushgrove

  48. Images AND running containers Gareth Rushgrove Identification Control Status accounting

    Verification and audit
  49. Containers as virtual machines Gareth Rushgrove

  50. Containers as processes Gareth Rushgrove

  51. Gareth Rushgrove

  52. Gareth Rushgrove

  53. App container specification Gareth Rushgrove

  54. New operating systems addressing host level complexity Gareth Rushgrove

  55. Gareth Rushgrove

  56. Gareth Rushgrove

  57. Gareth Rushgrove

  58. Read-only file systems Gareth Rushgrove

  59. Atomic changes Gareth Rushgrove

  60. Collapse all files, packages, users, etc. down to a single

    hash Gareth Rushgrove Identification Control Status accounting Verification and audit
  61. Cloud infrastructure II — A new hope Gareth Rushgrove

  62. Platform as a service Gareth Rushgrove

  63. Gareth Rushgrove

  64. Buildpacks Gareth Rushgrove Identification Control Status accounting Verification and audit

  65. Application composition Gareth Rushgrove Identification Control Status accounting Verification and

    audit
  66. CloudFoundry application security groups Gareth Rushgrove Identification Control Status accounting

    Verification and audit
  67. Gareth Rushgrove

  68. Environment variables Gareth Rushgrove Identification Control Status accounting Verification and

    audit
  69. Longer term

  70. Cloud infrastructure III — The cloud strikes back Gareth Rushgrove

  71. Infrastructure-less execution environments Gareth Rushgrove

  72. Azure WebJobs, AWS Lamda Gareth Rushgrove Identification Control Status accounting

    Verification and audit
  73. Autonomous systems Gareth Rushgrove

  74. Autoscaling Gareth Rushgrove

  75. Group size, scaling policies, instance details Gareth Rushgrove Identification Control

    Status accounting Verification and audit
  76. Gareth Rushgrove

  77. Gareth Rushgrove

  78. Gareth Rushgrove

  79. Pods, Services, ReplicationControllers Gareth Rushgrove Identification Control Status accounting Verification

    and audit
  80. Gareth Rushgrove

  81. Gareth Rushgrove

  82. Unikernels Gareth Rushgrove

  83. Gareth Rushgrove

  84. OSv Gareth Rushgrove

  85. MirageOS Gareth Rushgrove

  86. Gareth Rushgrove

  87. Gareth Rushgrove

  88. Conclusions

  89. The breadth of infrastructure we manage is only increasing Gareth

    Rushgrove
  90. The importance of infrastructure APIs Gareth Rushgrove

  91. Modelling higher level primitives Gareth Rushgrove

  92. Focusing on inputs to dynamic systems Gareth Rushgrove

  93. Multiple speeds of configuration Gareth Rushgrove

  94. One tool or a collection of tools? Gareth Rushgrove

  95. One interface or a collection of interfaces? Gareth Rushgrove

  96. Standards? Gareth Rushgrove

  97. The future is already here — it's just not very

    evenly distributed. Gareth Rushgrove William Gibson
  98. Questions? And thanks for listening