Tweet
Tweet

Slide 1

Slide 1 text

Configuration Management 101! Scale 12x

Slide 2

Slide 2 text

AKA

Slide 3

Slide 3 text

Sean Drops the Fucking Science

Slide 4

Slide 4 text

Sean OMeara! [email protected]! @someara

Slide 5

Slide 5 text

Sean OMeara! [email protected]! @someara

Slide 6

Slide 6 text

Sean OMeara! [email protected]! @someara

Slide 7

Slide 7 text

whoami

Slide 8

Slide 8 text

Part 1

Slide 9

Slide 9 text

The Dawn of Configuration Management

Slide 10

Slide 10 text

• What is configuration management?! • Strategies and techniques for managing configuration and its complexity! • The art of change management

Slide 11

Slide 11 text

Manual Configuration

Slide 12

Slide 12 text

• Intuitive! • How we all start out! • Log into machine, manipulate with fingers! • Make with the clicky clicky! • Long tradition

Slide 13

Slide 13 text

• Somehow feels the “safest"! • First instinct in emergencies! • This is an illusion! • Do not do this

Slide 14

Slide 14 text

• Labor intensive! • Error prone! • Difficult to reproduce! • Obviously unsustainable

Slide 15

Slide 15 text

Scripting

Slide 16

Slide 16 text

• setup.sh! • setup.pl! • setup.py! • setup.rb

Slide 17

Slide 17 text

• doit.sh! • doit.pl! • doit.py! • doit.rb

Slide 18

Slide 18 text

• Ad-hoc in nature! • Loss of history! • Lacks testing methodology! • A step in the right direction

Slide 19

Slide 19 text

File Distribution

Slide 20

Slide 20 text

• NFS! • SMB! • AFS! • SSHFS! • GlusterFS

Slide 21

Slide 21 text

• uucp! • rcp! • ftp! • http! • scp

Slide 22

Slide 22 text

•Distributed systems! •Shares often managed manually or with scripts! •Package repositories! •Pull is better than push! •Scp on a cron *

Slide 23

Slide 23 text

Execution Management

Slide 24

Slide 24 text

• Image management! • Snapshots and cloning! • Containers

Slide 25

Slide 25 text

• SSH on a for loop! • Func! • Commands on message queues! • ISConf

Slide 26

Slide 26 text

• Loss of history! • Image sprawl! • Easy to order change across nodes

Slide 27

Slide 27 text

Convergent Operators! (promises)

Slide 28

Slide 28 text

No content

Slide 29

Slide 29 text

Mark Burgess

Slide 30

Slide 30 text

The rest of us

Slide 31

Slide 31 text

Tools

Slide 32

Slide 32 text

• CFEngine! • Bcfg2! • Puppet! • Chef! • Salt! • Ansible

Slide 33

Slide 33 text

No content

Slide 34

Slide 34 text

Part 2

Slide 35

Slide 35 text

Policy http://www.flickr.com/photos/sfllaw/222795669/

Slide 36

Slide 36 text

• /etc/passwd should be mode 0644! • /etc/shadow should be mode 0600

Slide 37

Slide 37 text

• user ‘kermit’ should exist! • user ‘fonzi’ should exist! • group ‘muppets’ should exist! • group ‘muppets’ should contain kermit and fonzi

Slide 38

Slide 38 text

• package ‘ntpd’ should be installed! • ntpd should sync with our AD service! • service ‘ntpd’ should be running

Slide 39

Slide 39 text

• package ‘httpd’ should be installed! • httpd should be expose /mnt/software/java! • service ‘httpd’ should be running

Slide 40

Slide 40 text

• The Java JDK, version 7u45, found on an internally hosted web server, should be installed into /usr/local/jdk-7u45/

Slide 41

Slide 41 text

Polices are declarations about the state of things in a system

Slide 42

Slide 42 text

Polices are applied repeatedly and repair the system when needed

Slide 43

Slide 43 text

Policies often change

Slide 44

Slide 44 text

• package ‘widget-factory’ should be installed at version 1.2.3

Slide 45

Slide 45 text

• package ‘widget-factory’ should be installed at version 1.3.0

Slide 46

Slide 46 text

http://www.flickr.com/photos/jakepjohnson/4937767595 Repeatability

Slide 47

Slide 47 text

Repeatable -> Idempotent -> Convergent

Slide 48

Slide 48 text

• Scripts are not generally repeatable

Slide 49

Slide 49 text

No content

Slide 50

Slide 50 text

No content

Slide 51

Slide 51 text

• But they can be!

Slide 52

Slide 52 text

No content

Slide 53

Slide 53 text

! Idempotent operations can be applied infinite times and will yield the same result every time

Slide 54

Slide 54 text

No content

Slide 55

Slide 55 text

Idempotent http://www.flickr.com/photos/ian_munroe/4758240536/

Slide 56

Slide 56 text

http://www.flickr.com/photos/ian_munroe/4758240536/ Idempotent NOT GOOD ENOUGH

Slide 57

Slide 57 text

! Convergent operations test state and repair if needed

Slide 58

Slide 58 text

No content

Slide 59

Slide 59 text

No content

Slide 60

Slide 60 text

! A control loop keeps the system stable and allows for change when policy is updated

Slide 61

Slide 61 text

Autonomous agent Policy: The box should be closed

Slide 62

Slide 62 text

Convergence

Slide 63

Slide 63 text

No content

Slide 64

Slide 64 text

No content

Slide 65

Slide 65 text

No content

Slide 66

Slide 66 text

Converging with Bash

Slide 67

Slide 67 text

git clone [email protected]:someara/ cbash.git

Slide 68

Slide 68 text

No content

Slide 69

Slide 69 text

No content

Slide 70

Slide 70 text

No content

Slide 71

Slide 71 text

No content

Slide 72

Slide 72 text

No content

Slide 73

Slide 73 text

No content

Slide 74

Slide 74 text

No content

Slide 75

Slide 75 text

No content

Slide 76

Slide 76 text

No content

Slide 77

Slide 77 text

No content

Slide 78

Slide 78 text

No content

Slide 79

Slide 79 text

No content

Slide 80

Slide 80 text

No content

Slide 81

Slide 81 text

Convergence and Iteration

Slide 82

Slide 82 text

No content

Slide 83

Slide 83 text

No content

Slide 84

Slide 84 text

No content

Slide 85

Slide 85 text

No content

Slide 86

Slide 86 text

No content

Slide 87

Slide 87 text

No content

Slide 88

Slide 88 text

Does order matter?

Slide 89

Slide 89 text

YES

Slide 90

Slide 90 text

No content

Slide 91

Slide 91 text

Promises http://www.flickr.com/photos/nazzen9009/6809694353/

Slide 92

Slide 92 text

• Agents are autonomous! • A promise is a signal or message perceived by an observer.! • Promises may or may not be kept.! • Agents can observe other agents! • Agents only have local information *! • Inner workings of agents are assumed to be unknown http://markburgess.org/BookOfPromises.pdf

Slide 93

Slide 93 text

• Agents have intentions (possible behaviors)! • Agents can make assessments about other agents http://markburgess.org/BookOfPromises.pdf

Slide 94

Slide 94 text

• Configuration Management tools embody tenants of Promise Theory intentionally or not

Slide 95

Slide 95 text

Domain Specific Languages

Slide 96

Slide 96 text

! DSLs restrict machine instructions to convergent operations

Slide 97

Slide 97 text

! DSLs manage ordering

Slide 98

Slide 98 text

No content

Slide 99

Slide 99 text

type subject intentions

Slide 100

Slide 100 text

No content

Slide 101

Slide 101 text

type subject intentions

Slide 102

Slide 102 text

signal

Slide 103

Slide 103 text

No content

Slide 104

Slide 104 text

type subject intention

Slide 105

Slide 105 text

observation

Slide 106

Slide 106 text

No content

Slide 107

Slide 107 text

type subject intentions

Slide 108

Slide 108 text

No content

Slide 109

Slide 109 text

type intention subject

Slide 110

Slide 110 text

signal

Slide 111

Slide 111 text

Intermission

Slide 112

Slide 112 text

No content

Slide 113

Slide 113 text

Part 3

Slide 114

Slide 114 text

Composition

Slide 115

Slide 115 text

No content

Slide 116

Slide 116 text

Recipes

Slide 117

Slide 117 text

resource one resource two resource three

Slide 118

Slide 118 text

{ testable intent

Slide 119

Slide 119 text

recipe[http::server]

Slide 120

Slide 120 text

recipe[http::server]

Slide 121

Slide 121 text

recipes supporting files

Slide 122

Slide 122 text

Types

Slide 123

Slide 123 text

No content

Slide 124

Slide 124 text

interface implementation

Slide 125

Slide 125 text

No content

Slide 126

Slide 126 text

intentions parameters

Slide 127

Slide 127 text

No content

Slide 128

Slide 128 text

new scope intention implementation

Slide 129

Slide 129 text

new scope intention implementation

Slide 130

Slide 130 text

Artifacts

Slide 131

Slide 131 text

metadata

Slide 132

Slide 132 text

No content

Slide 133

Slide 133 text

metadata

Slide 134

Slide 134 text

No content

Slide 135

Slide 135 text

http v0.1.0 chef-server api yum v3.0.0

Slide 136

Slide 136 text

Delivery

Slide 137

Slide 137 text

• nodes request their own initial run_list

Slide 138

Slide 138 text

recipe[httpd::server] chef-server api run_list: http v0.1.0

Slide 139

Slide 139 text

recipe[httpd::server] chef-server api run_list: http v0.1.0 recipe[openssh::server] openssh v3.2.1

Slide 140

Slide 140 text

recipe[ntp::client] chef-server api run_list: http v0.1.0 recipe[openssh::server] openssh v3.2.1 recipe[httpd::server] ntp v1.0.0

Slide 141

Slide 141 text

• Push vs Pull! • Networking considerations! • Machines down for maintenance! • Machines that don’t exist yet

Slide 142

Slide 142 text

Dependencies

Slide 143

Slide 143 text

No content

Slide 144

Slide 144 text

No content

Slide 145

Slide 145 text

No content

Slide 146

Slide 146 text

No content

Slide 147

Slide 147 text

No content

Slide 148

Slide 148 text

No content

Slide 149

Slide 149 text

recipe[widgetfactory] chef-server api run_list: http v0.1.0 yum v3.0.0 widgetfactory v1.0.0

Slide 150

Slide 150 text

Integration testing

Slide 151

Slide 151 text

• Test that a set of agents has achieved their combined goal

Slide 152

Slide 152 text

• lsof -i :80! • ps -ef | grep httpd! • curl localhost 2>&1 > /dev/null

Slide 153

Slide 153 text

• Berkshelf! • Vagrant! • Kitchen.ci! • Bats! • Serverspec

Slide 154

Slide 154 text

Environments

Slide 155

Slide 155 text

• Environments constrain cookbook versions! • Environments can set data

Slide 156

Slide 156 text

No content

Slide 157

Slide 157 text

No content

Slide 158

Slide 158 text

• Environments can be used to test branches! • Environments can be used to segregate machines! • Environments can be manipulated programatically

Slide 159

Slide 159 text

No content

Slide 160

Slide 160 text

No content

Slide 161

Slide 161 text

http v0.1.0 chef-server api http v0.2.0 openssh v1.2.3 postgresql v3.2.1

Slide 162

Slide 162 text

recipe[widgetfactory] run_list: http v0.1.0 yum v3.0.0 widgetfactory v1.0.0 chef_environment: production

Slide 163

Slide 163 text

recipe[widgetfactory] run_list: http v0.2.0 yum v3.0.0 widgetfactory v1.0.0 chef_environment: staging

Slide 164

Slide 164 text

Part 4

Slide 165

Slide 165 text

Clusters http://www.flickr.com/photos/youraccount/5938852370/

Slide 166

Slide 166 text

Typical Cluster

Slide 167

Slide 167 text

loadbalancer application db-slave db-master

Slide 168

Slide 168 text

Production httpd 0.1.0

Slide 169

Slide 169 text

Production Staging httpd 0.1.0 httpd 0.1.0

Slide 170

Slide 170 text

Production Staging UUID httpd 0.1.0 httpd 0.1.0 httpd 0.2.0

Slide 171

Slide 171 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 172

Slide 172 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 173

Slide 173 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 174

Slide 174 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 175

Slide 175 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 176

Slide 176 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 177

Slide 177 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 178

Slide 178 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 179

Slide 179 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 180

Slide 180 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 181

Slide 181 text

Production Staging UUID httpd 0.1.0 httpd 0.2.0 httpd 0.2.0

Slide 182

Slide 182 text

Production Staging httpd 0.2.0 httpd 0.2.0

Slide 183

Slide 183 text

Production httpd 0.2.0

Slide 184

Slide 184 text

An Ordering Problem

Slide 185

Slide 185 text

loadbalancer application

Slide 186

Slide 186 text

• Take a machine out of the pool! • Drain the connections! • Modify configuration! • Insert it back into the pool

Slide 187

Slide 187 text

loadbalancer application

Slide 188

Slide 188 text

loadbalancer application

Slide 189

Slide 189 text

loadbalancer application

Slide 190

Slide 190 text

loadbalancer application

Slide 191

Slide 191 text

loadbalancer application

Slide 192

Slide 192 text

loadbalancer application

Slide 193

Slide 193 text

loadbalancer application

Slide 194

Slide 194 text

loadbalancer application

Slide 195

Slide 195 text

loadbalancer application

Slide 196

Slide 196 text

loadbalancer application

Slide 197

Slide 197 text

Orchestration

Slide 198

Slide 198 text

• Conductor showing signals to autonomous agents (creative policy manipulation)! • External actor controlling sequencing (execution management)! • Application level sequencing (vector clocks, etc)

Slide 199

Slide 199 text

• Infrastructures are snowflakes! • Solutions are unique to applications by nature! • Configuration Management 201

Slide 200

Slide 200 text

• There is no separation between ‘infrastructure’ and ‘application’! • Distributed systems are hard! • Specialists need to work together

Slide 201

Slide 201 text

Devops

Slide 202

Slide 202 text

• Study Promise Theory! • Study distributed systems! • Develop high quality primitives! • Be excellent to each other

Slide 203

Slide 203 text

Fin