Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Configurations, do you prove yours?

Rudder
June 12, 2019
Technology
0
33

Configurations, do you prove yours?

How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?

We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.

This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.

Alexandre Brianceau
OW2con'2019

Rudder

June 12, 2019
Tweet

More Decks by Rudder

See All by Rudder
Adoptez une stratégie de patch management efficace adaptée à votre système d’information
rudder
0
17
Comment sécuriser son SI pour ne plus subir les attaques ?
rudder
0
16
Hardening systems: from a benchmark guide to meaningful compliance
rudder
0
12
Implementing configuration management primitives in 2024
rudder
0
10
Supply Chain Security in the Rust Ecosystem
rudder
0
6
Securing the software supply chain for infra management software
rudder
0
140
A journey from Configuration Management to Security of IT systems
rudder
0
49
Rudder: what is it and what makes it different?
rudder
0
110
How do we make Rudder secure?
rudder
0
77

Other Decks in Technology

See All in Technology
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
630
ここが嬉しいABAC ここが辛いよABAC #再解説+補足編
masahirokawahara
1
270
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
290
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
450
VS CodeでAWSを操作しよう
smt7174
7
1.6k
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
240
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
160
テストプロセスで大事にしていること #jasstnano
makky_tyuyan
0
160
マルチアカウント環境への発見的統制の導入
ch1aki
1
1.3k
データベース02: データベースの概念
trycycle
0
150
Next'24 事例セッションの紹介とクラウド資格を活用したキャリア形成について語りMuscle
yasumuusan
1
430
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
2
10k

Featured

See All Featured
Thoughts on Productivity
jonyablonski
58
3.8k
Making the Leap to Tech Lead
cromwellryan
124
8.5k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
The Invisible Side of Design
smashingmag
294
49k
Large-scale JavaScript Application Architecture
addyosmani
504
110k
A designer walks into a library…
pauljervisheath
200
23k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
60
14k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
17
1.4k
Stop Working from a Prison Cell
hatefulcrawdad
266
19k
Bash Introduction
62gerente
604
210k
The Cult of Friendly URLs
andyhume
74
5.7k
The Language of Interfaces
destraynor
151
23k

Transcript

  1. Configurations: Do you prove yours ? Main theme: Infrastructure automation

    Alexandre BRIANCEAU [email protected] @abrianceau

  2. How are the servers doing? No error nor change in

    logs means success? Aren’t we missing something?

  3. Main challenges faced nowadays 3 DEV QA PRODUCTION RECOVERY DEV

    SEC OPS MGMT EXTERN Multiple teams, diluted expertise, harder reporting Heterogeneous systems, reduced visibility, ease of use and understanding

  4. Getting and understanding the info is complex Operators, Managers, Experts,

    APIs have differents needs Frustration if we need a third party to get data We mistrust what we don’t understand

  5. Definition Configuration management is a systems engineering process for establishing

    and maintaining consistency of a product [...] throughout its life. Configuration_management “

  6. How DevSecOps can help to understand? Culture Automation Share Measure

  7. Let's remember: What does configuration management do? configuration target state

    feedback configuration

  8. Let's remember: What does configuration management do? configuration target state

    feedback configuration feedback configuration feedback configuration

  9. Definition (again) Observability is a measure of how well internal

    states of a system can be inferred from knowledge of its external outputs. Observability “

  10. Monitoring VS Observability: having a factual & deep insight monitoring

    observability VS

  11. Why we need Observability in Configuration Management? Causality Agency Perspective

    trust and prove configuration states provide insights relevant to different needs help teams find the best levers for their job A B

  12. Let’s take an implementation example...

  13. These concepts are core to Rudder Everyone/thing can be an

    actor of configuration management

  14. Observability and how Rudder can prove the compliance? PARAM RULE

    • Id DIRECTIVE • Id • (Components) GROUP • Id RUDDER config (global) • Policy Mode • Schedule... NODE • Properties • Policy Mode • Schedule... Environmental context • Id : . . . • Generated : . . . Files Node configuration Historisation Historisation RUN • Reports • Reports • ... • ... METADATA • node id • config id • run timestamp RUN • Reports • Reports • ... • ... METADATA • node id • config id • run timestamp • Signature Get config Send configuration reports Expected reports (node id, config id, timestamp) Run reports Historisation Compliance historised Send expected reports Metadata • Integrity • Signature Config • For Rule R, Directive D1, Component C Event logs Change request

  15. What can we do with observability in configuration mgmt? 15

  16. Thank you ! Any questions ?