Upgrade to Pro — share decks privately, control downloads, hide ads and more …

What if configuration management didn't need to be lvl60 in dev?

Rudder
December 11, 2019
Technology
0
11

What if configuration management didn't need to be lvl60 in dev?

Server infrastructure automation is not simple. Several solutions have existed for several years and most of them rely on infra-as-code to achieve their mission. By the way, why infra-as-code?

And unfortunately, these solutions require strong development skills. So how can we do this when the infrastructure team does not have sufficient and, above all, homogeneous expertise? Because otherwise, beware of the "Guru Team" effect, or how the infrastructure automation to save time ends up with a huge SPOF because only one person in the team knows how it works....

I would like to discuss this together and introduce you to RUDDER briefly. RUDDER is a configuration management solution, and therefore infra-as-code, that allows you to automate your systems by relying entirely on a graphical interface to manage your configurations. Because the infrastructure is complex enough to add a layer!

Alexandre Brianceau
Paris Open Source Summit 2019

Rudder

December 11, 2019
Tweet

More Decks by Rudder

See All by Rudder
Securing the software supply chain for infra management software
rudder
0
48
A journey from Configuration Management to Security of IT systems
rudder
0
12
Rudder: what is it and what makes it different?
rudder
0
41
How do we make Rudder secure?
rudder
0
18
Rudder users and uses: Tales from a survey
rudder
0
2
Configuration compliance in 2022
rudder
0
62
DevSecOps: Sécurisez en continu vos infrastructures hybrides
rudder
0
44
Zabbix Meetup - Rudder integration for devops teams
rudder
0
30
CVE : accélérez la remédiation des vulnérabilités pour sécuriser vos systèmes
rudder
0
57

Other Decks in Technology

See All in Technology
[CI/CD2023]OSSで構築するOpenAPI開発のCI/CD
xibuka
2
220
Jotaiで作ったフォームをApollo_Clientで投げたらいい感じだった件.pdf
asazutaiga
1
170
Showcase2023_進化し続けるサイバーセキュリティ脅威を防ぐSaaSソリューション.pdf
sakaitakeshi
0
440
CloudFront + S3環境から Cloudflare R2 + Workers環境に移行した話
teckl
3
1.3k
技育祭2023春 ちゅらデータ講演資料
foursue
1
560
Privacy Techによる新しいデータ活用の形
line_developers
PRO
1
200
エンジニアのためのマネジメント入門/Introduction to Management for Software Engineers
dskst
1
240
Cloudflare_MeetUp_Sapporo_KickOff.pdf
taketakekaho
1
110
チームで導入する Jetpack Compose あの素晴らしいLTをもう一度.ver
kako351
1
130
[Keynote] Production is like ultra running: brutal, ungrateful, but worth every step
colinfay
0
120
GitHub Actionsと"仲良くなる"ための練習方法
tsubakimoto_s
10
2.4k
ノーコードAI開発プラットフォーム「AIMINA」のシステム設計コンセプトと技術的チャレンジ
sbtechnight
PRO
0
350

Featured

See All Featured
Adopting Sorbet at Scale
ufuk
65
7.9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
Building an army of robots
kneath
300
41k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
224
50k
The Power of CSS Pseudo Elements
geoffreycrofte
53
4.4k
Principles of Awesome APIs and How to Build Them.
keavy
117
16k
Intergalactic Javascript Robots from Outer Space
tanoku
261
26k
Thoughts on Productivity
jonyablonski
50
2.8k
For a Future-Friendly Web
brad_frost
166
7.9k
No one is an island. Learnings from fostering a developers community.
thoeni
12
1.6k
The World Runs on Bad Software
bkeepers
PRO
59
5.8k

Transcript

  1. 10 & 11
    DÉCEMBRE
    2019
    #OSSPARIS19
    What if configuration management
    didn't need to be lvl60 in dev?
    Alexandre BRIANCEAU
    [email protected]

    View Slide

  2. ● Everyone has authority over their activities and carries
    responsibilities: infrastructure is a cross-cutting concern
    ○ IT Ops are directly concerned
    ○ But so do the security teams
    ○ Not to mention the application / dev teams
    ○ Last but not least the management of course
    IT infrastructure and business

    View Slide

  3. IT infrastructure is enough complex...
    DEV QA PRODUCTION RECOVERY
    DEV SEC OPS
    MGMT EXTERN
    Multiple teams, differents values, diluted expertise, harder reporting
    Heterogeneous systems, reduced visibility, ease of use and understanding

    View Slide

  4. Full infrastructure-as-code is complex:
    ● Learning is long, code maintenance is difficult
    ● Not everyone involved in the infrastructure has the
    knowledge
    ● Business still need relevant insights (reports,
    dashboards, context…)
    ...to avoid adding more complexity!
    Configuration management managed via code can split your teams
    and create knowledge silos (and therefore potential SPOFs)

    View Slide

  5. ● Main issues:
    ○ Systems complexity and heterogeneous infrastructures
    ○ Lack visibility and have blind spots
    ○ Difficulties in having enough qualified people
    ○ Collaboration between security and IT operational teams is difficult:
    ■ non-aligned objectives
    ■ different processes and technologies
    ■ significant delays increasing reaction time
    IT Ops is a collaborative effort to align needs, objectives, values and
    technologies to effectively run & support IT production.
    IT infra management: team collaboration

    View Slide

  6. Automation makes it possible to make business goals real by allowing:
    ○ To act quickly across all infrastructures by speeding up workflows
    ○ To be 100% predictable and therefore reliable
    ○ To centralize information, allow effective communication and
    ensure knowledge transfer
    ○ To trace and log all events, report meaningful data and context to
    the teams with holistic and detailed informations
    ○ To free up teams so that human intervention is valuable: analysis,
    decision-making, design, sharing
    Automation & DevSecOps

    View Slide

  7. 52% of organizations admit to cutting back on security measures to
    meet a business deadline or objective (source: ThreatStack survey)
    Some data applied to SecOps domain
    Half companies find that coordination between security and IT
    operations teams is challenging. (source: Forrester survey for BMC)
    Half of organizations cited that the absence of effective
    orchestration and automation is barrier (source: SANS SOC Survey for DFLabs)

    View Slide

  8. Open-source and French continuous configuration
    management solution for IT automation
    ➔ Do my servers have homogeneous
    configurations?
    ➔ How do I ensure that the application
    team does not break production at the
    next deployment?
    ➔ How to prove to CISO that the systems
    are secure?

    View Slide

  9. RUDDER & IT Ops landscape
    Business needs
    Operating System
    Versioned source code
    Applicative binaries
    Middleware
    App App App
    Server
    Agile methodology
    Continuous integration
    Continuous deployment
    Provisioning
    RUN DEV
    Installation & Configuration
    Updating & Patch Management
    Security & Risk Management
    Running & Incident resolution
    SUSE Manager
    SECURITY

    View Slide

  10. Ensure that the rules are applied

    View Slide

  11. Ensure that the risks are managed

    View Slide

  12. Give context to your teams

    View Slide

  13. Rudder: running principle
    2. Configuration
    download
    1. Target state definition
    3. Continuous local verification
    (+ Automatic fixing)
    4. Continuous reporting Server
    App version XX.XX
    Port, services, general
    configurations...
    OS Configuration
    Users
    OpenSSH configuration...

    View Slide

  14. Collaboration to define compliance state

    View Slide

  15. Ensure that all your IT is compliant

    View Slide

  16. Fit to your workflows
    Sec
    Production
    Interns
    Ops
    Dev
    Externals
    audit - sudoers / logs
    validation workflow
    DMZ
    Compliance
    reporting

    View Slide

  17. IT automation & compliance for SecOps
    RUDDER in a nutshell
    ● Automate and ensure that your IT systems are under control
    ● Beyond auditing: act and remediate!
    ● Give your teams quick feedbacks and contexts
    ● Allow Sec & Ops team to collaborate in autonomy
    ● Integrate with your workflows and your ecosystem:

    View Slide

  18. IT automation & compliance for SecOps
    Open-Source French
    Available on:
    More details: www.rudder.io
    & at the Stand C06
    RUDDER in a nutshell

    View Slide

  19. 10 & 11
    DÉCEMBRE
    2019
    #OSSPARIS19
    What if configuration management
    didn't need to be lvl60 in dev?
    Alexandre BRIANCEAU
    [email protected]

    View Slide