Configuration manager presentation
description
Transcript of Configuration manager presentation
![Page 1: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/1.jpg)
Puppet, Chef, Cfengine
Jérémy MATHEVETPresented by
Configuration Manager
![Page 2: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/2.jpg)
Topics
1. Principle
2. Comparison
3. Puppet
4. Chef
5. Cfengine
6. Migration advises
![Page 3: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/3.jpg)
Principle
![Page 4: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/4.jpg)
Principle• A client/server architecture.
• The server has a reference configuration.
• The client queries the server.
• The client makes change in order to match the reference configuration.
![Page 5: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/5.jpg)
Principle
1. “Can you give my configuration model ?“
2. “Ok, for you, that's it.”
3. “I make the necessary in order to fulfil it.”
4. (optional) “Thank you, I'm ok, no error” or “I had a problem”.
![Page 6: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/6.jpg)
Principle
![Page 7: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/7.jpg)
Why to do this ?• Centralized management
• Automated management
• Mass deployment
• Configuration customization
• Abstraction Layer
• Idempotence
![Page 8: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/8.jpg)
What can we do ?• File transfer
• Service management
• Package management
• Command launching
![Page 9: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/9.jpg)
Comparison
![Page 10: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/10.jpg)
Comparison3 major solution :
• Puppet
• Chef
• Cfengine
Pretty similar possibilities.
Some specificities.
![Page 11: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/11.jpg)
ComparisonPuppet Chef Cfengine
Pull Yes Yes Yes
Push No No No
Idempotence Yes Yes Yes
Config language Declarative Ruby Declarative
Web UI Yes (limited) Yes No
OS Support Linux/Unix – Windows
(experimental)
LinuxLinux/Unix – Windows
(experimental)
Linux/Unix – Windows
(experimental)
Licence GPL v2 Apache GPL
Company Puppet Labs OpsCode Cfengine
Cloud Yes SaaS platform Yes
![Page 12: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/12.jpg)
Puppet
![Page 13: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/13.jpg)
Puppet• Created in 2006 by Puppet Labs
• The easiest solution
• Proprietary declarative language
• Modular configuration
• Template
• Asymmetric Key Encryption
![Page 14: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/14.jpg)
Puppet• Prerequisite :
• Configured DNS
• Ruby
• Installation Sources :
• Debian Repositories
• RubyGem
• Sources
![Page 15: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/15.jpg)
Puppet• Puppet server : Puppetmaster
• Puppet client : Puppet (agent)
Main steps once installed :
• Key exchange
• Puppetmaster configuration
• Puppet agent checks every 30 mn by default
![Page 16: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/16.jpg)
PuppetVocabulary :
• Node
• Manifest
• Module
• Class
• Template
![Page 17: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/17.jpg)
Puppet
![Page 18: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/18.jpg)
PuppetHere is the read order.
•site.pp : global config
•nodes.pp : manage hosts
• init.pp : module classes
•Files : module files directory
![Page 19: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/19.jpg)
Puppet
![Page 20: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/20.jpg)
Puppet• Facter : Give node facts.
• Permit to have customized configuration node.
• Possibility to create your own facts.
![Page 21: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/21.jpg)
PuppetTemplates
• ERB
• Customize configuration using Facts
Exemple :
![Page 22: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/22.jpg)
PuppetPuppet Dashboard
• WebUI
• Still in development
• Very buggy
• Only for monitoring
• Useless for the moment
![Page 23: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/23.jpg)
![Page 24: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/24.jpg)
Chef
![Page 25: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/25.jpg)
Chef• Created in 2009 by Opscode
• Sustained development
• Configuration language : Ruby
• Modular configuration
• Template
• Asymmetric Key Encryption
![Page 26: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/26.jpg)
Chef• Prerequisite :
• Configured DNS
• Ruby
• Installation Sources :
• Opscode Repositories
• RubyGem
• Sources
![Page 27: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/27.jpg)
Chef• Chef server : chef-server
• Chef client : chef-client
Main steps once installed :
• Key exchange
• Chef-server configuration
• Chef client checks every 30 mn by default
![Page 28: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/28.jpg)
ChefVocabulary :
• Recipes
• Cookbook
• Role
• Node
• Attributes
• Knife
• Chef Repository
![Page 29: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/29.jpg)
Chef
![Page 30: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/30.jpg)
ChefChef Server is in fact several processes.
•API ServiceUsed to interact with server for node configuration.
•Management ConsoleWebUI which permits to do administrative tasks.
![Page 31: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/31.jpg)
Chef• File indexer
Apache SOLR, a search engine.
• Data store (CouchDB)Used for store roles, nodes and data bag JSON data. Sends it to SOLR, through AQMP queue.
•AQMP ServerUsed by CouchDB as queue.
![Page 32: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/32.jpg)
Chef
![Page 33: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/33.jpg)
ChefCookbook
![Page 34: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/34.jpg)
ChefRecipes
![Page 35: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/35.jpg)
ChefRecipes
Like in Cooking, one of the more interesting thing is to share our cookbooks and recipes.
http://community.opscode.com/cookbooks
![Page 36: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/36.jpg)
ChefOhai and templates
A tree of node facts, which can be used as attributes.
The same kind of customization as Puppet with Facter.
![Page 37: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/37.jpg)
ChefAdministration
•Knife or Management Console
•CLI or Web UI
•Two powerful tools
![Page 38: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/38.jpg)
![Page 39: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/39.jpg)
Chef vs PuppetChef Advantages
• Cookbooks sharing
• Stricter configuration rules
• Ruby
• Useful WebUI
Disadvantages
• A bit more complex
• More setup needed
• Usable in production, but still young
![Page 40: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/40.jpg)
Cfengine
![Page 41: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/41.jpg)
Cfengine• Created in 1993 by Mark Burgess
• The first configuration manager
• Major update in 2009, Cfengine 3
• Proprietary configuration language
• Template
• Asymmetric Key Encryption
![Page 42: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/42.jpg)
Cfengine• Prerequisite :
• libc
• Installation Sources :
• Debian Repositories
• Sources
![Page 43: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/43.jpg)
CfengineCfengine has an atypical mechanism.
There is neither cfengine-server nor cfengine-client package.
![Page 44: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/44.jpg)
CfengineArchitecture
![Page 45: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/45.jpg)
CfengineVocabulary
• Promises
• Body & bundle
• Class
![Page 46: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/46.jpg)
CfenginePromises
![Page 47: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/47.jpg)
Cfengine•Bundles and bodies
![Page 48: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/48.jpg)
Cfengine•With Cfengine, you have to do configure
everything. From the promises, to the host authorized, or the failsafe procedure.
![Page 49: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/49.jpg)
Cfengine vs Puppet vs ChefCfengine is powerful. But...
• Painful configuration
• Have fun with log (excessively verbose... Or not.)
• Seems outdated compared to Puppet and Chef
Keep in mind that you have as much possibilities as Puppet & Chef. But the time you pass configuring and master it is incomparable.
![Page 50: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/50.jpg)
Migration advices
![Page 51: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/51.jpg)
Migration advices• Migration have to be progressive.
• Writing configurations take time.
• Be extremely rigorous.
• Don't forget the revision control.
![Page 52: Configuration manager presentation](https://reader033.fdocuments.us/reader033/viewer/2022061212/5495c577b479596a4d8b4de7/html5/thumbnails/52.jpg)
Questions?
Content under Creative Commons BY license.
Email : [email protected] : [email protected] : @Jeyg
Contact: