Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Configurations do you prove yours?

Rudder
February 03, 2019

Configurations do you prove yours?

How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?

We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.

This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.

Alexandre Brianceau
FOSDEM 2019 - Infra Management Room

Rudder

February 03, 2019
Tweet

More Decks by Rudder

Other Decks in Technology

Transcript

  1. 2

  2. Configuration management is a systems engineering process for establishing and

    maintaining consistency of a product [...] throughout its life. Configuration_management “ 3
  3. Why we need Observability in Configuration Management? 5 Causality Agency

    Perspective trust and prove configuration states provide insights relevant to different needs help teams find the best levers for their job A B
  4. 6

  5. Let's remember: What does configuration management do? 8 configuration target

    state feedback configuration feedback configuration feedback configuration
  6. Observability is a measure of how well internal states of

    a system can be inferred from knowledge of its external outputs. Observability “ 9
  7. 11 PARAM RULE • Id DIRECTIVE • Id • (Components)

    GROUP • Id RUDDER config (global) • Policy Mode • Schedule • ... NODE • Properties • Policy Mode • Schedule • ... Environmental context Historisation Historisation Compliance historised Event logs Change request
  8. 12 PARAM RULE • Id DIRECTIVE • Id • (Components)

    GROUP • Id RUDDER config (global) • Policy Mode • Schedule • ... NODE • Properties • Policy Mode • Schedule • ... Environmental context • Id : . . . • Generated : . . . Files Node configuration Historisation Historisation Expected reports (node id, config id, timestamp) Run reports Historisation Compliance historised Send expected reports Metadata • Integrity • Signature Config • For Rule R, Directive D1, Component C Event logs Change request
  9. 13 PARAM RULE • Id DIRECTIVE • Id • (Components)

    GROUP • Id RUDDER config (global) • Policy Mode • Schedule • ... NODE • Properties • Policy Mode • Schedule • ... Environmental context • Id : . . . • Generated : . . . Files Node configuration Historisation Historisation RUN • Reports • Reports • ... • ... METADATA • node id • config id • run timestamp RUN • Reports • Reports • ... • ... METADATA • node id • config id • run timestamp • Signature Get config Send configuration reports Expected reports (node id, config id, timestamp) Run reports Historisation Compliance historised Send expected reports Metadata • Integrity • Signature Config • For Rule R, Directive D1, Component C Event logs Change request
  10. Impactful events category 14 Definition Execution Creation of the target

    state of the configuration of the configuration rules node’s groups configurations parameters global per nodes environmental context properties policy mode... tracing the configuration generation process OS specificity template variables... predict configuration state anticipation of any change used to compare with the execution execution feedback fine grained comparison with the expectation prevent any alteration
  11. Are you sure that I didn’t forget something ? •

    And on the node itself ? • Observability should be agnostic ◦ Protocol normalization • Beyond 1st level of external output usage ◦ Data mining ◦ Process mining and AI 15 Business oriented Technique oriented External events and targeted configuration state Expected configuration Execution feedbacks