Archive for the ‘Configuration Management’ Category

« Older Entries

Barcamp Rudder 2.4.0 – Portes ouvertes

Monday, February 20th, 2012

Cette semaine, de mercredi à mercredi (du 22 au 29 février donc), Normation va faire son premier Barcamp Rudder !

Mais qu’est-ce qu’un barcamp ? D’après Wikipedia :

Un BarCamp est une rencontre, une non-conférence ouverte qui prend la forme d’ateliers-événements participatifs où le contenu est fourni par les participants qui doivent tous, à un titre ou à un autre, apporter quelque chose au Barcamp. C’est le principe pas de spectateur, tous participants.

(Source et plus d’infos : http://fr.wikipedia.org/wiki/BarCamp)

L’objectif de cette semaine c’est d’améliorer Rudder, de faire qu’il nous plaît à tous, avant la sortie de la version 2.4.0 début mars, et travailler sur les sujets qu’on néglige parfois : communication, communauté, documentation, tests, qualité, ergonomie…

On profite de l’occasion pour faire une opération portes ouvertes : vous êtes les bienvenus chez nous tous les jours de 9h jusqu’à tard… Passez-nous faire un petit coucou, tester la dernière version de Rudder, nous donner votre avis, grignoter un morceau… Promis, on ne vous demandera pas vraiment de travailler :)

L’équipe de Normation au grand complet (9 personnes) vous donne donc rendez-vous tous les jours au 87 rue de Turbigo, 75003 Paris ! C’est au métro Temple sur la ligne 3 ou République sur les lignes 5, 8, 9 ou 11.

En particulier, un évènement communautaire autour de Rudder / CFEngine aura lieu jeudi soir pour se rencontrer et discuter (ou troller) autour d’un verre (ou deux).

Ca nous ferait très plaisir de vous voir ici alors n’hésitez pas à passer ! Si vous ne pouvez pas venir, rejoignez-nous sur IRC (#rudder sur FreeNode) ou suivez-nous sur Twitter (@normation et @RudderProject).

Tags: , , , , , , , , ,
Posted in CFEngine, Configuration Management, Development, Français, Rudder | 1 Comment »

Rudder presentation at FOSDEM

Monday, February 13th, 2012

FOSDEMWe’ve been back from the latest FOSDEM in Brussels for a week now, but are only just recovering from the freezing-cold weather they had there…

As always, FOSDEM was a great event, with thousands of open source users, contributors and developers all mixing together and sharing their findings, software and thoughts. A real spirit of collaboration and possibility always reigns at FOSDEM, and this year was no exception.

For our part, we introduced Rudder, our open source configuration management tool in the Configuration Management devroom on the Sunday (see the official talk page). Our talk was well received, with many interesting questions. Thanks to those who were there, and those who made it possible!

Our slides are available on SlideShare, or you can just view them here:

Rudder – Configuration management benefits for everyone (FOSDEM 2012)

View more presentations from Normation

We also did our share of collaborating, and plan-making. Developers from three of the main components of Rudder, CFEngine, FusionInventory and OpenLDAP, were at FOSDEM, and we got together to discuss each project, their integration into Rudder and ways to improve both our use of them and the community’s experience of them.

Some promising ideas were thrown around, hopefully you’ll hear more about them here soon!

Tags: , , , , ,
Posted in Configuration Management, English, Rudder | No Comments »

Normation and Rudder at FOSDEM

Monday, January 23rd, 2012

FOSDEMJust like every year, once the holiday season is over, we start looking forward to FOSDEM the first weekend in February!

This year, four of us from Normation will be attending, all the way through, from the world-famous, record-breaking beer event to the last talks on the Sunday.

We’ll be introducing Rudder, our open source configuration management tool in the Configuration Management devroom on the Sunday. Our talk will show how Rudder’s approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We’ll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work. Read more on the official talk page.

We’re always interested in meeting new people and discussing configuration management, tools like CFEngine, open source… or even LDAP and Scala, for the more adventurous :)

Come and have a chat, we’ll be easily recognisable in our flashy black t-shirts with the Rudder logo!

Just before FOSDEM, we’re giving a CFEngine 3 training session. Some seats are still available, so why not come and kill two birds with one stone – some professional training at the end of the week, and a good open source event at the weekend!

Looking forward to seeing you in Brussels!

Tags: , , , ,
Posted in Configuration Management, English, Rudder | No Comments »

Interactive key exchange with CFEngine

Tuesday, January 3rd, 2012

Here at Normation, we use CFEngine 3 extensively for configuration management across Linux and Windows servers.

CFEngine 3 is a very secure tool, that relies on keys to identify hosts and authorize connections. To set up a secure CFEngine infrastructure, you ought to exchange keys between hosts (note that if you don’t have confidential data on your promises, you can skip the security offered by the public key system).

(more…)

Tags: , , ,
Posted in CFEngine, Configuration Management | No Comments »

Configuration management tools for cloud computing (Open World Forum 2011)

Wednesday, September 28th, 2011

The Open World Forum 2011 edition took place last week in Paris. I was invited to present a workshop in the Cloud Computing track.

This gave me the opportunity to outline the importance of optimizing the “setup” phase of machines when using cloud computing.

Today’s tools and APIs make it very easy to create and destroy instances, but every time you do start a new instance, you’ve got to actually set it up to the state where it’s ready to do what you need (ie, be a web server, load balancer, database, whatever…).

This is an important phase to optimize: it’s the one where you’re paying for, but not yet able to use, the service :-)

Three approaches seem to co-exist here:

  1. Doing it manually: Obviously, this is one to avoid. Not only is it excessively time-consuming, but it’s also error-prone. (Ever tried doing the exact same complicated thing a dozen times over without making the odd mistake or going crazy?)
  2. Pre-configuring in static images: This is a very common approach. You know how you want things, so you set them up once, and make an image of that state (ISO, AMI, whatever…). You can then use your image to create your new machine just the way you want it, no time wasted! That’s great, but wears out over time -it’s a very brittle approach. If you ever need to change that configuration, not only will it take a while (get the image, change it, upload it again, etc…), but you also have no way of propagating the change to existing instances based on the old image.
  3. Using a configuration tool: That’s a deliberately vague title – I’m referring to any software approach to configuring your machine, be it a bunch of home grown scripts or a fully blown configuration management tool, such as CFEngine, Puppet or Chef.

If you’ve read any of the previous posts on this blog, you’ll know that we strongly favor the last approach :-)

Configuration management tools have many benefits over the previous approaches: using a dedicated, purpose-built tool to set up your servers means that you can reach new levels of control and flexibility, that you cannot achieve with static, brittle pre-built images. Need to make a change? Just update your reference configuration rules, and the change will be applied to all your instances, old and new, over the next few minutes.

Enough teasing, the slides below tell the rest of the story. I introduced the main tools I mentioned before, and provided a quick overview of how CFEngine works. Those at the session also got a sneak preview of our own open source project, Rudder, to be publicly announced very soon…

Configuration management: automating and rationalizing server setup with CFEngine 3 (Open World Forum 2011)
View more presentations from Normation

I’d welcome any comments on how you setup your cloud instances… and be happy to discuss all these topics at another open source conference in the future!

Tags: , , , , ,
Posted in CFEngine, Configuration Management, English, System administration, Uncategorized | No Comments »

“Gestion de configuration et disaster recovery avec CFEngine 3″ aux RMLL 2011

Friday, July 8th, 2011

Comme chaque début de juillet, nous [1] nous rendons aux RMLL (Rencontres Mondiales du Logiciel Libre). Ce millésime se tient à Strasbourg, du lundi 11 au mercredi 13 juillet pour les conférences techniques (un weekend grand public se tient avant).

Nous y présenterons une session mercredi à 14:40 (au Patio, Amphi 3), en français, pour raconter notre vécu de la gestion de désastre et comment la gestion de configuration nous a aidé à nous en remettre. On détaillera également les raisons de notre choix d’outil, qui a porté sur CFEngine 3.

En espérant vous y voir nombreux ! N’hésitez pas à venir discuter avec nous, avant ou après la session, et nous nous ferons un plaisir de partager avec vous les dernières avancées que Normation a créé autour de la gestion de configuration…

[1] Toute l’équipe de Normation sera aux RMLL !

Posted in CFEngine, Configuration Management, Disaster Recovery | No Comments »

Formations Cfengine 3 à Paris et Bruxelles

Tuesday, May 10th, 2011

Cfengine 3 est un logiciel de gestion de configuration open source très puissant, permettant de gérer efficacement des parcs informatiques de toutes tailles. Comme la plupart des outils complexe, un temps d’apprentissage est nécessaire pour l’utiliser au mieux.

Nous organisons des sessions de formation à Paris, les 15, 16 et 17 juin, et à Bruxelles les 4, 5 et 6 juillet.

Trois formules sont disponibles :

  • Matinée d’introduction à la gestion de configuration (demie-journée non-technique)
  • Fondamentaux Cfengine (2 jours)
  • Industrialisation Cfengine (Fondamentaux + 1 jour)

Le détail du programme et les tarifs sont disponibles sur notre site web.

L’inscription est ouverte, contactez-nous pour vous inscrire. Plus que quelques jours pour profiter du tarif early bird !

Normation est partenaire officiel de Cfengine AS, et réalise des formations Cfengine certifiées à travers le monde.

Tags: , , , , , , , ,
Posted in CFEngine, Configuration Management, System administration | No Comments »

Cfengine 3.1.5 is nearly out, what can we expect from it?

Thursday, April 28th, 2011

Here at Normation, we use Cfengine 3 extensively for configuration management across Linux and Windows servers. Cfengine 3 is an open source project, and as every good open source project, the trunk version is always available (but not always very reliable) and stable versions are released regularly. Prior to the release of a new version, a beta version is available, for the community to test and rule out any bugs in the stable version.

We’ve been testing this beta version, and we are quite thrilled about it. This post won’t go through every detail of the changelog (Eystein is much better at it that I would be) but will run over the changes that improve our ways of using Cfengine.

(more…)

Tags: , , , ,
Posted in CFEngine, Configuration Management, System administration | 4 Comments »

Why we use Cfengine: file editing

Monday, March 21st, 2011

Here at Normation, we use Cfengine 3 extensively for configuration management across Linux and Windows servers. A question we get often is why Cfengine?

I’d like to focus this post on file editing. Since Configuration Management has a lot to do with configuration files, file editing (either from a template, or just setting parameters) is one of the most common tasks.

(more…)

Tags: , , ,
Posted in CFEngine, Configuration Management | 1 Comment »

Cfengine tip: Keeping cf-execd alive (whatever happens)

Thursday, March 3rd, 2011

As good as your configuration management tool may be, it can only do it’s job if it’s running. Some tips on making sure this is the case, whatever happens.

Why just cf-execd?

With Cfengine, the “heavy lifting” is done by cf-agent, which is normally run on a regular interval by cf-execd (a daemon that runs all the time).

Frequently, servers will also run two other daemons: cf-monitord (keeps statistics on a system) and cf-serverd (allows local file sharing, and remote on-demand execution of cf-agent). Common practice is to include in cf-agent‘s configuration a promise that ensures that the desired daemons are running, and start them if not.

This makes sense, but what happens if cf-execd gets stopped, and then cf-agent is never run again? Well, this should never happen of course. But, out there in the real world, stuff happens:

  • maybe you ran out of RAM, and OOM-killer picked cf-execd for some weird reason
  • an administrator unwisely killed cf-execd without really knowing what it does
  • possibly you messed up your configuration and had it automatically killed (after all, errors are human …)

OK, so how do you avoid that?

Enough rambling, here is what we do:

  1. Use a promise in the configuration that ensures the daemons we want running are indeed running, or start them if not
  2. Configure cron to check on cf-execd, and start it if it’s not running

The promise we use is derived from one provided with the Cfengine sources, as follows:

The above Cfengine example uses some interesting concepts:

  • A list of the daemon names to check, which is iterated over by each of the three following promises, and reused in their attributes.
  • Ordering: the first promise, a processes promise, checks if a daemon is running and defines a class if not; then, the second promise restarts the daemon if that class was set, and finally, a report is printed if the restart went OK.
  • Generic class names: whatever the daemons you want to check, these class names will automatically be set and read.

Last, but not least, here is the line we add to /etc/crontab:

Of course, we wouldn’t add that line manually, but instead, use a Cfengine promise to add it if, and only if it’s not already in /etc/crontab… This is a subject for another post, but here’s a sneak preview:

Using the above promises, you will ensure that the Cfengine components you want will always be running (or at least restarted if they stop). Of course, it’s probably a good idea to monitor these promises, so that you don’t end up with a start/stop fight…

Tags: , , ,
Posted in CFEngine, Configuration Management | 1 Comment »

« Older Entries