SlideShare a Scribd company logo

Configuration management: automating and rationalizing server setup with CFEngine 3 (Open World Forum 2011)

RUDDER
RUDDER

With the advent of virtualization and cloud computing, modern IT management relies more and more on the concept of "create, set up, use and throw away" servers. In this context, the benefits of automating and rationalizing the "set up phase" are obvious. This is where configuration management tools come in to play. This presentation kicks off with a discussion of some key points of configuration management and their benefits and drawbacks, building on real world examples (well, pseudo examples, mostly too silly to have ever really happened... or maybe not?) The main contender will then be introduced: CFEngine 3. Released in 2009, this is a brand new version of the open source configuration management solution, built on 17+ years of experience from previous versions of the software. We'll introduce the technology's key points, comparing approaches with similar devops-type tools, such as Puppet and Chef (where possible). I then cover the basics of setting up a minimal environment to start automating your configuration with CFEngine 3, and simple but illustrative examples.

Technology
1 of 35
Download to read offline
24/09/2011 Configuration Management Automating and rationalizing server setup with CFEngine 3 Jonathan Clarke <jcl@normation.com>    
About the speaker Jonathan Clarke → CTO → Sysadmin background Startup created in 2010 Infrastructure management Based in Paris FLOSS contributor: Configuration management: CFEngine  CFEngine (partner) Others (OpenLDAP, LSC, FusionInventory...)  Rudder (creator)    
Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing    
Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing → APIs and tools are available    
Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing Three approaches: 1. Manually 2. Imaging 3. Configuration tool    
Agenda 1) Configuration Management principles 2) Configuration Management tools 3) About CFEngine 3 4) Getting started    
Configuration Management Principles through examples...    
A server crashed. Install a new one, people can't work without it! OK, it'll be done in about two days... Why configuration management? There's a new critical security patch we must deploy on all our servers! Get it out quickly! Right, I'll put the whole team on it.    
Reproducibility Industrialization Automation Why configuration management?    
How do we setup service X? Ask Jim, he's the expert on that. But he left the company... Why configuration management? Huh, this server has been logging errors for a few weeks. Oh? I think Michael changed something on it recently... He'll tell you what it was. Damn, he's on vacation!    
Documentation History Building-up knowledge Why configuration management?    
An intruder just stole our data using a vulnerability in a module we don't need... I thought the project specification ensured that we disabled that? Er, it did, but we enabled it to solve a problem and forgot to disable it afterwards... sorry... Why configuration management?    
Why configuration management? Continuous vigilance Automatic repairs Alerts    
I don't understand how this server is setup. It doesn't match our best-practices. Oh, that's a legacy server... Why configuration management? Give me details on our current security policy. Well, it's a collection of little things, here and there... Ah... Well, OK. Tell me: is it fully applied on all our critical servers? Er...    
Why configuration management? Rationalization Normalization Control    
Reproducibility Industrialization Documentation History Automation Building-up knowledge Configuration management benefits Continuous Rationalization vigilance Automatic repairs Alerts Normalization Control    
Configuration Management The tools    
Main tools available CFEngine 3 Puppet Chef    
Main tools available: history Relative origins of CFEngine, Puppet and Chef Source: http://verticalsysadmin.com/blog/uncategorized/relative-origins-o f-cfengine-chef-and-puppet    
The tools: similarities CFEngine 3 Puppet Chef Common origins Designed specifically Text-based / CLI for configuration interface management Client-server model (sometimes optional) Open Source    
The tools: some differences CFEngine 3 Puppet Chef C Ruby Ruby Language GPL Apache Apache (ex-GPL) License Yes Preliminary Partial Windows support    
A bit about CFEngine 3...    
CFEngine 3: Features Multi platform Windows support Two versions: 1. Community (open source) Runs in Cygwin 2. Nova (commercial) ● Native Windows service    
CFEngine 3: Features Multi-OS Multi-distribution Adapted to Make it ”transparent” (forget heterogeneous about the complexity) environments Existing standard library handling the differences between each OS and distribution    
CFEngine 3: Features Lightweight, non-intrusive Non-intrusive Daemon consumption on managed hosts Only two dependencies: - BerkeleyDB - OpenSSL    
CFEngine 3: Features Evolution of CPU utilization for an increasing number of managed hosts Highly scalable From 25 to 400 clients (x16) CPU utilization increases by 1.16% Notes: • Each host runs CFEngine every 5 minutes • Configuration tested sets up Apache web server • Tests and monitoring using AWS    
CFEngine 3: Features Multi platform Adapted to Lightweight, non-intrusive heterogeneous environments Autonomous Fault-tolerant Highly scalable Progressive roll-out    
Getting started with CFEngine 3    
CFEngine 3: Installing  Install from sources:  http://www.cfengine.com/source_code  Prebuilt packages:  Debian / SuSE / Fedora / RHEL / Ubuntu  Requires free signup  https://cfengine.com/inside/myspace    
CFEngine 3: Client-Server  Using a server is optional!  Get started by running standalone  CFEngine's server daemon is cf-serverd  Dedicated protocol: TCP port 5308  Requires SSL key exchange    
CFEngine 3: Configuration  Minimal configuration: body common control { bundlesequence => { "HelloWorld" }; } Syntax notes bundle agent HelloWorld Whitespace doesn't count { Comments follow # # This will output "Hello World!" commands: "/bin/echo Hello World!"; } Structure notes ● Structures are created using { } ● Structures are bundles or bodies    
CFEngine 3: Configuration  Promise types: Promise types Promise types (all versions) (commercial versions) files environments packages services processes databases commands storage interfaces (for future use) Special types Special types (all versions) (commercial versions) vars outputs classes methods reports    
CFEngine 3: Examples  Install and update the LAMP stack bundle agent lamp {   vars: "packages" slist => { "httpd", "php5", "mysql" };   packages:     "${packages}"       package_method => generic,       package_method => "addupdate"; }    
CFEngine 3: Examples  Install Apache with distribution variations packages: debian:: "apache2" package_policy => "add", package_method => apt; centos|redhat:: "httpd" package_policy => "add", package_method => yum;    
24/09/2011 Thanks for participating! Stay in touch... Jonathan Clarke Email: jcl@normation.com Twitter: jooooooon42    

Recommended

Configuration management 101 - A tale of disaster recovery using CFEngine 3
Configuration management 101 - A tale of disaster recovery using CFEngine 3Configuration management 101 - A tale of disaster recovery using CFEngine 3
Configuration management 101 - A tale of disaster recovery using CFEngine 3RUDDER
 
Cfengine presentation at the RMLL
Cfengine presentation at the RMLLCfengine presentation at the RMLL
Cfengine presentation at the RMLLRUDDER
 
Configuration management: automating and rationalizing server setup with CFEn...
Configuration management: automating and rationalizing server setup with CFEn...Configuration management: automating and rationalizing server setup with CFEn...
Configuration management: automating and rationalizing server setup with CFEn...Jonathan Clarke
 
TSRT Crashes
TSRT CrashesTSRT Crashes
TSRT Crashesashiesh0007
 
Automatic systems installations and change management wit FAI - Talk for Netw...
Automatic systems installations and change management wit FAI - Talk for Netw...Automatic systems installations and change management wit FAI - Talk for Netw...
Automatic systems installations and change management wit FAI - Talk for Netw...Henning Sprang
 
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle FinalCvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle FinalLiudmila Li
 
Xen RAS Status and Progress
Xen RAS Status and ProgressXen RAS Status and Progress
Xen RAS Status and ProgressThe Linux Foundation
 
XS Japan 2008 Xen Mgmt English
XS Japan 2008 Xen Mgmt EnglishXS Japan 2008 Xen Mgmt English
XS Japan 2008 Xen Mgmt EnglishThe Linux Foundation
 

Recommended

Configuration management 101 - A tale of disaster recovery using CFEngine 3
Configuration management 101 - A tale of disaster recovery using CFEngine 3Configuration management 101 - A tale of disaster recovery using CFEngine 3
Configuration management 101 - A tale of disaster recovery using CFEngine 3RUDDER
 
Cfengine presentation at the RMLL
Cfengine presentation at the RMLLCfengine presentation at the RMLL
Cfengine presentation at the RMLLRUDDER
 
Configuration management: automating and rationalizing server setup with CFEn...
Configuration management: automating and rationalizing server setup with CFEn...Configuration management: automating and rationalizing server setup with CFEn...
Configuration management: automating and rationalizing server setup with CFEn...Jonathan Clarke
 
TSRT Crashes
TSRT CrashesTSRT Crashes
TSRT Crashesashiesh0007
 
Automatic systems installations and change management wit FAI - Talk for Netw...
Automatic systems installations and change management wit FAI - Talk for Netw...Automatic systems installations and change management wit FAI - Talk for Netw...
Automatic systems installations and change management wit FAI - Talk for Netw...Henning Sprang
 
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle FinalCvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle FinalLiudmila Li
 
Xen RAS Status and Progress
Xen RAS Status and ProgressXen RAS Status and Progress
Xen RAS Status and ProgressThe Linux Foundation
 
XS Japan 2008 Xen Mgmt English
XS Japan 2008 Xen Mgmt EnglishXS Japan 2008 Xen Mgmt English
XS Japan 2008 Xen Mgmt EnglishThe Linux Foundation
 
kexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorkexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorThe Linux Foundation
 
Automated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAIAutomated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAIHenning Sprang
 
PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices VMwarePR
 
XS Boston 2008 ARM
XS Boston 2008 ARMXS Boston 2008 ARM
XS Boston 2008 ARMThe Linux Foundation
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008The Linux Foundation
 
Update on Virtualization in Debian
Update on Virtualization in DebianUpdate on Virtualization in Debian
Update on Virtualization in DebianHenning Sprang
 
Big ip-ltm-asm-dg
Big ip-ltm-asm-dgBig ip-ltm-asm-dg
Big ip-ltm-asm-dgwardell henley
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project StatusThe Linux Foundation
 
XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisThe Linux Foundation
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data EnglishThe Linux Foundation
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationThe Linux Foundation
 
XS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionXS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionThe Linux Foundation
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-finalThe Linux Foundation
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov UpdateThe Linux Foundation
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011The Linux Foundation
 
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...The Linux Foundation
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
Securing Your Linux System
Securing Your Linux SystemSecuring Your Linux System
Securing Your Linux SystemNovell
 
XS Japan 2008 Services English
XS Japan 2008 Services EnglishXS Japan 2008 Services English
XS Japan 2008 Services EnglishThe Linux Foundation
 
XS Oracle 2009 Just Run It
XS Oracle 2009 Just Run ItXS Oracle 2009 Just Run It
XS Oracle 2009 Just Run ItThe Linux Foundation
 
Service Configuration Management for Rapid Growth
Service Configuration Management for Rapid GrowthService Configuration Management for Rapid Growth
Service Configuration Management for Rapid GrowthTakashi Someda
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetCFEngine
 

More Related Content

What's hot

kexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorkexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorThe Linux Foundation
 
Automated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAIAutomated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAIHenning Sprang
 
PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices VMwarePR
 
Update on Virtualization in Debian
Update on Virtualization in DebianUpdate on Virtualization in Debian
Update on Virtualization in DebianHenning Sprang
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov UpdateThe Linux Foundation
 
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...The Linux Foundation
 
Securing Your Linux System
Securing Your Linux SystemSecuring Your Linux System
Securing Your Linux SystemNovell
 

What's hot (20)

kexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorkexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisor
 
Automated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAIAutomated installations and infrastructure management with FAI
Automated installations and infrastructure management with FAI
 
PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices PCoIP and More - VMware View - Performance and Best Practices
PCoIP and More - VMware View - Performance and Best Practices
 
XS Boston 2008 ARM
XS Boston 2008 ARMXS Boston 2008 ARM
XS Boston 2008 ARM
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008
 
Update on Virtualization in Debian
Update on Virtualization in DebianUpdate on Virtualization in Debian
Update on Virtualization in Debian
 
Big ip-ltm-asm-dg
Big ip-ltm-asm-dgBig ip-ltm-asm-dg
Big ip-ltm-asm-dg
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project Status
 
XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolaris
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data English
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO Emulation
 
XS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionXS Oracle 2009 Error Detection
XS Oracle 2009 Error Detection
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-final
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVF
 
Securing Your Linux System
Securing Your Linux SystemSecuring Your Linux System
Securing Your Linux System
 
XS Japan 2008 Services English
XS Japan 2008 Services EnglishXS Japan 2008 Services English
XS Japan 2008 Services English
 
XS Oracle 2009 Just Run It
XS Oracle 2009 Just Run ItXS Oracle 2009 Just Run It
XS Oracle 2009 Just Run It
 

Viewers also liked

Service Configuration Management for Rapid Growth
Service Configuration Management for Rapid GrowthService Configuration Management for Rapid Growth
Service Configuration Management for Rapid GrowthTakashi Someda
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetCFEngine
 
CFEngine - company, mission, offering and partners
CFEngine - company, mission, offering and partnersCFEngine - company, mission, offering and partners
CFEngine - company, mission, offering and partnersRUDDER
 
Getting started with CFEngine - Webinar
Getting started with CFEngine - WebinarGetting started with CFEngine - Webinar
Getting started with CFEngine - WebinarCFEngine
 
Using ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesUsing ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesRUDDER
 

Viewers also liked (6)

Service Configuration Management for Rapid Growth
Service Configuration Management for Rapid GrowthService Configuration Management for Rapid Growth
Service Configuration Management for Rapid Growth
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
 
CFEngine - company, mission, offering and partners
CFEngine - company, mission, offering and partnersCFEngine - company, mission, offering and partners
CFEngine - company, mission, offering and partners
 
CFEngine 3
CFEngine 3CFEngine 3
CFEngine 3
 
Getting started with CFEngine - Webinar
Getting started with CFEngine - WebinarGetting started with CFEngine - Webinar
Getting started with CFEngine - Webinar
 
Using ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesUsing ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policies
 

Similar to Configuration management: automating and rationalizing server setup with CFEngine 3 (Open World Forum 2011)

Getting started with Puppet
Getting started with PuppetGetting started with Puppet
Getting started with Puppetjeyg
 
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)RUDDER
 
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)RUDDER
 
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)Jonathan Clarke
 
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...RUDDER
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
Continuous Delivery in the AWS Cloud
Continuous Delivery in the AWS CloudContinuous Delivery in the AWS Cloud
Continuous Delivery in the AWS CloudNigel Fernandes
 
Continuous Delivery in the Cloud
Continuous Delivery in the CloudContinuous Delivery in the Cloud
Continuous Delivery in the CloudFabio Lessa
 
Infrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & AnsibleInfrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & Ansiblewajrcs
 
IBM PureFlex System Live Demo Outline: A scenario
IBM PureFlex System Live Demo Outline: A scenarioIBM PureFlex System Live Demo Outline: A scenario
IBM PureFlex System Live Demo Outline: A scenarioIBM India Smarter Computing
 
Newvem Community - Cloud Management
Newvem Community - Cloud ManagementNewvem Community - Cloud Management
Newvem Community - Cloud ManagementAndreas Chatzakis
 
Single Console for viewing OpManager & DeviceExpert Alarms
Single Console for viewing OpManager & DeviceExpert AlarmsSingle Console for viewing OpManager & DeviceExpert Alarms
Single Console for viewing OpManager & DeviceExpert AlarmsManageEngine, Zoho Corporation
 
Virtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareVirtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareDatapath Consulting
 
Ansible, MongoDB Ops Manager and AWS v1.1
Ansible, MongoDB Ops Manager and AWS v1.1Ansible, MongoDB Ops Manager and AWS v1.1
Ansible, MongoDB Ops Manager and AWS v1.1Michael Lynn
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
LAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryLAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryNigel Fernandes
 
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista KernelJoanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernelguestf1a032
 

Similar to Configuration management: automating and rationalizing server setup with CFEngine 3 (Open World Forum 2011) (20)

Getting started with Puppet
Getting started with PuppetGetting started with Puppet
Getting started with Puppet
 
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
 
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
 
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)A tale of Disaster Recovery (Cfengine everyday, practices and tools)
A tale of Disaster Recovery (Cfengine everyday, practices and tools)
 
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Continuous Delivery in the AWS Cloud
Continuous Delivery in the AWS CloudContinuous Delivery in the AWS Cloud
Continuous Delivery in the AWS Cloud
 
Continuous Delivery in the Cloud
Continuous Delivery in the CloudContinuous Delivery in the Cloud
Continuous Delivery in the Cloud
 
Infrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & AnsibleInfrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & Ansible
 
IBM PureFlex System Live Demo Outline: A scenario
IBM PureFlex System Live Demo Outline: A scenarioIBM PureFlex System Live Demo Outline: A scenario
IBM PureFlex System Live Demo Outline: A scenario
 
Newvem Community - Cloud Management
Newvem Community - Cloud ManagementNewvem Community - Cloud Management
Newvem Community - Cloud Management
 
Single Console for viewing OpManager & DeviceExpert Alarms
Single Console for viewing OpManager & DeviceExpert AlarmsSingle Console for viewing OpManager & DeviceExpert Alarms
Single Console for viewing OpManager & DeviceExpert Alarms
 
Cloud Management
Cloud ManagementCloud Management
Cloud Management
 
Virtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareVirtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMware
 
Ansible, MongoDB Ops Manager and AWS v1.1
Ansible, MongoDB Ops Manager and AWS v1.1Ansible, MongoDB Ops Manager and AWS v1.1
Ansible, MongoDB Ops Manager and AWS v1.1
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Mcollective introduction
Mcollective introductionMcollective introduction
Mcollective introduction
 
LAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryLAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous Delivery
 
Introducing CQ 5.1
Introducing CQ 5.1Introducing CQ 5.1
Introducing CQ 5.1
 
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista KernelJoanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernel
 

More from RUDDER

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?RUDDER
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofRUDDER
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?RUDDER
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?RUDDER
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0RUDDER
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?RUDDER
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolRUDDER
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?RUDDER
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?RUDDER
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?RUDDER
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)RUDDER
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)RUDDER
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresRUDDER
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kRUDDER
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in RudderRUDDER
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...RUDDER
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...RUDDER
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...RUDDER
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...RUDDER
 

More from RUDDER (20)

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management tool
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libres
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50k
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in Rudder
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

Configuration management: automating and rationalizing server setup with CFEngine 3 (Open World Forum 2011)

  • 1. 24/09/2011 Configuration Management Automating and rationalizing server setup with CFEngine 3 Jonathan Clarke <jcl@normation.com>    
  • 2. About the speaker Jonathan Clarke → CTO → Sysadmin background Startup created in 2010 Infrastructure management Based in Paris FLOSS contributor: Configuration management: CFEngine  CFEngine (partner) Others (OpenLDAP, LSC, FusionInventory...)  Rudder (creator)    
  • 3. Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing    
  • 4. Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing → APIs and tools are available    
  • 5. Introduction 1. CREATE 2. SETUP 3. USE 4. THROW AWAY Cloud Computing Three approaches: 1. Manually 2. Imaging 3. Configuration tool    
  • 6. Agenda 1) Configuration Management principles 2) Configuration Management tools 3) About CFEngine 3 4) Getting started    
  • 7. Configuration Management Principles through examples...    
  • 8. A server crashed. Install a new one, people can't work without it! OK, it'll be done in about two days... Why configuration management? There's a new critical security patch we must deploy on all our servers! Get it out quickly! Right, I'll put the whole team on it.    
  • 9. Reproducibility Industrialization Automation Why configuration management?    
  • 10. How do we setup service X? Ask Jim, he's the expert on that. But he left the company... Why configuration management? Huh, this server has been logging errors for a few weeks. Oh? I think Michael changed something on it recently... He'll tell you what it was. Damn, he's on vacation!    
  • 11. Documentation History Building-up knowledge Why configuration management?    
  • 12. An intruder just stole our data using a vulnerability in a module we don't need... I thought the project specification ensured that we disabled that? Er, it did, but we enabled it to solve a problem and forgot to disable it afterwards... sorry... Why configuration management?    
  • 13. Why configuration management? Continuous vigilance Automatic repairs Alerts    
  • 14. I don't understand how this server is setup. It doesn't match our best-practices. Oh, that's a legacy server... Why configuration management? Give me details on our current security policy. Well, it's a collection of little things, here and there... Ah... Well, OK. Tell me: is it fully applied on all our critical servers? Er...    
  • 15. Why configuration management? Rationalization Normalization Control    
  • 16. Reproducibility Industrialization Documentation History Automation Building-up knowledge Configuration management benefits Continuous Rationalization vigilance Automatic repairs Alerts Normalization Control    
  • 17. Configuration Management The tools    
  • 18. Main tools available CFEngine 3 Puppet Chef    
  • 19. Main tools available: history Relative origins of CFEngine, Puppet and Chef Source: http://verticalsysadmin.com/blog/uncategorized/relative-origins-o f-cfengine-chef-and-puppet    
  • 20. The tools: similarities CFEngine 3 Puppet Chef Common origins Designed specifically Text-based / CLI for configuration interface management Client-server model (sometimes optional) Open Source    
  • 21. The tools: some differences CFEngine 3 Puppet Chef C Ruby Ruby Language GPL Apache Apache (ex-GPL) License Yes Preliminary Partial Windows support    
  • 22. A bit about CFEngine 3...    
  • 23. CFEngine 3: Features Multi platform Windows support Two versions: 1. Community (open source) Runs in Cygwin 2. Nova (commercial) ● Native Windows service    
  • 24. CFEngine 3: Features Multi-OS Multi-distribution Adapted to Make it ”transparent” (forget heterogeneous about the complexity) environments Existing standard library handling the differences between each OS and distribution    
  • 25. CFEngine 3: Features Lightweight, non-intrusive Non-intrusive Daemon consumption on managed hosts Only two dependencies: - BerkeleyDB - OpenSSL    
  • 26. CFEngine 3: Features Evolution of CPU utilization for an increasing number of managed hosts Highly scalable From 25 to 400 clients (x16) CPU utilization increases by 1.16% Notes: • Each host runs CFEngine every 5 minutes • Configuration tested sets up Apache web server • Tests and monitoring using AWS    
  • 27. CFEngine 3: Features Multi platform Adapted to Lightweight, non-intrusive heterogeneous environments Autonomous Fault-tolerant Highly scalable Progressive roll-out    
  • 28. Getting started with CFEngine 3    
  • 29. CFEngine 3: Installing  Install from sources:  http://www.cfengine.com/source_code  Prebuilt packages:  Debian / SuSE / Fedora / RHEL / Ubuntu  Requires free signup  https://cfengine.com/inside/myspace    
  • 30. CFEngine 3: Client-Server  Using a server is optional!  Get started by running standalone  CFEngine's server daemon is cf-serverd  Dedicated protocol: TCP port 5308  Requires SSL key exchange    
  • 31. CFEngine 3: Configuration  Minimal configuration: body common control { bundlesequence => { "HelloWorld" }; } Syntax notes bundle agent HelloWorld Whitespace doesn't count { Comments follow # # This will output "Hello World!" commands: "/bin/echo Hello World!"; } Structure notes ● Structures are created using { } ● Structures are bundles or bodies    
  • 32. CFEngine 3: Configuration  Promise types: Promise types Promise types (all versions) (commercial versions) files environments packages services processes databases commands storage interfaces (for future use) Special types Special types (all versions) (commercial versions) vars outputs classes methods reports    
  • 33. CFEngine 3: Examples  Install and update the LAMP stack bundle agent lamp {   vars: "packages" slist => { "httpd", "php5", "mysql" };   packages:     "${packages}"       package_method => generic,       package_method => "addupdate"; }    
  • 34. CFEngine 3: Examples  Install Apache with distribution variations packages: debian:: "apache2" package_policy => "add", package_method => apt; centos|redhat:: "httpd" package_policy => "add", package_method => yum;    
  • 35. 24/09/2011 Thanks for participating! Stay in touch... Jonathan Clarke Email: jcl@normation.com Twitter: jooooooon42