Eric Sorenson // [email protected] // {github,twitter,soundcloud}.com/ahpook Cloud Native Configuration Management: 2020 and beyond

No content

IFTTT For Devops ...? puppet.com/project-nebula

• Platform-enabled • Resilient • Agile • Operable • Observable CN Characteristics

• Declarative config • Clean OS contract • Built for cloud • Enable CD 12 Facter Apps

• Use declarative formats for setup automation, to minimize time and cost for new developers joining the project; • Have a clean contract with the underlying operating system, offering maximum portability between execution environments; • Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration; • Minimize divergence between development and production, enabling continuous deployment for maximum agility; • And can scale up without significant changes to tooling, architecture, or development practices. — Adam Wiggins, 12factor.net

Ephemerality Immutability Data...bility Cardinality

Infrastructure as code Infrastructure as data Infrastructure as software

TK Visualization of 110 Tools

The Configuration Complexity Clock (Mike Hadlow, via @garethr and Cedric Charly) 12 3 6 9 Hard Coded Config Values Rules Engine DSL Curse

12 3 6 9 Raw Config Generators Frontends DSL Taxonomy of Cloud-Native CM Tools

Generators

Kapitan - kapitan.dev • ‘reclass’ as a source of truth for config data • Jinja2 or jsonnet templates for generation • Compiles output into folders for runtime injection and gitops love

Kr8 – kr8.rocks • “Oh **** we’re going to have to write something” – (blog: leebriggs.co.uk) • Uses Jsonnet for both data storage and templating • Maps ‘components’ (things you run) onto ‘clusters’ (where you run them)

Frontends

Tanka – tanka.dev • Philosophically like ksonnet, but simpler: “environments” only • Relatively thin layer of workflow over jsonnet, featuring deep-merges • Uses k8s 1.13+ server- side diffing

Helm – helm.sh • ”Package management” for Kubernetes • Variable substitution to templating to… Lua? • Value injection still a problem

P U P P E T O V E R V I E W 18 Pulumi – pulumi.io • “Terraform for Programmers” • Multiple language bindings over TF providers – js, python • Cloud-based state by default

Domain Specific Languages

Terraform – https://terraform.io

Gyro – getgyro.io • Ground-up Java IaC tool from PerfectSense • Custom DSL / CLI for cloud provisioning • Y THO?!

Starlark – bazelbuild/starlark • Dialect of Python made for configuration languages • Multiple implementations: java, go, rust • Proposal for Tekton pipelines

Cue – cuelang.org • “Configure, Unify, Execute” • Data constraint language • Builds templating, defaults, spec directly into the config language • DSL over the domain of configuration

Lessons Learned

Complexity will chase you ....but wait until the last minute to start running *HONK*

Constraints and specs > all else or: “Any sufficiently advanced YAML dialect is indistinguishable from a DSL” json-schema.org | @lyraproj/dgo | WTFM

Stop making new DSLs. ... please? cuelang.org | jsonnet.org | @bazelbuild/starlark

Of all the problems we have confronted, the ones over which the most brainpower, ink, and code have been spilled are related to managing configurations—the set of values supplied to applications, rather than hard-coded into them. In truth, we could have devoted this entire article to the subject and still have had more to say. Burns, Grant, Brewer et al - “Borg, Omega and Kubernetes”

Thank you! Eric Sorenson // [email protected] @ahpook

Lessons Learned