SlideShare una empresa de Scribd logo

CFEngine, 4 years later

RUDDER
RUDDER

Everything began 4 years ago, CFEngine 3 had just been released, documentation and expertise were in short supply. We had to accept the reality of a steep learning curve. As CFEngine grew so did we. We discovered bugs, submitted pull requests, designed workarounds for various pitfalls, gained advances in productivity (thanks to the knowledge and experience gained working with CFEngine 3) and evaluated design choices available to us. This journey led us to become one of the most advanced CFEngine users in Europe. I'll recount our journey, share insights on solution architecture with CFEngine and show examples of what we had to overcome and how we achieved that using less well-known features of CFEngine. Our examples will cover advanced use of CFEngine 3 code. Finally, I will present our retrospective: what we did right, what we did wrong and share where we have got to thus far in our journey.

TecnologíaDiseño
1 de 26
Descargar para leer sin conexión
CFEngine, 4 years later ___________________________ A song of code and configuration Matthieu CERDA Normation – CC-BY-SA normation.com
Who are you ? Name Matthieu CERDA Email : matthieu.cerda@normation.com Web site : http://www.normation.com Twitter : @Kegeruneku Job System engineer at Normation CFEngine Enthusiast, power user and trainer Rudder Integrator, packager Infrastructure Team member Normation – CC-BY-SA normation.com 2
What are we going to talk about CFEngine 3 ● How we began with it, what we gained from it ● “Funky” use cases ● The future Normation – CC-BY-SA normation.com 3
Why CFEngine ? http://www.cfengine.com | http://www.github.com/cfengine Few dependencies (LMDB, OpenSSL, [PCRE]) ● ● Small memory footprint ● Highly compatible Working “close to the OS” (Can be seen as a flaw for some people) ● Normation – CC-BY-SA normation.com 4
CFEngine 3 : 20 % cooler ! ● Created in 2009 ● Complete rewrite from CF2 ● Promise theory Based on what has been learnt from Puppet and CF2 ● ● Alive and kicking ! Normation – CC-BY-SA normation.com 5
Overview e Puppet Chef CFEngine e Normation – CC-BY-SA normation.com 6
A long path 'till today ! Learnt to use CFEngine properly ● Acquired knowledge about best practices, worked with great people ● Helped to build Rudder from the ground ● Began working on ncf with Normation's team ● ● Became a trainer :) Normation – CC-BY-SA normation.com 7
The beginning ● Back to 2009 !!! ● Sparse documentation ● Inexperience Advice: Start small, to manage few machines ● e Normation – CC-BY-SA normation.com 8
Funky example 1: Rug ● Rug was SLES 10 default package manager (Now, it is Zypper) Problem ? Rug relies on a Mono backend (ZMD) that hangs if you stress it too much or call it repeatedly... ● Needed a way to make an exclusion for this specific kind of machines ! ● Normation – CC-BY-SA normation.com 9
2 – ALWAYS modularize when you can ● Example: Package installation definition Normation – CC-BY-SA normation.com 10
2 – ALWAYS modularize when you can ● Example: … and the “utility” bundle that goes with it ! Normation – CC-BY-SA normation.com 11
A word about promises layout ● Everything begins with a bootstrap cf-agent -B <my ip address> Never do everything in one file, always split your promises using a hierarchical order: ● ● Always separate utilities, zones and services Normation – CC-BY-SA normation.com 12
3 – Reporting is important Example: When something bad happens, you'll be happy to see where the problem is (without having to go for the debug output) ! ● You need a “verbose” mode. => ● As always: modularization is important ! Static and redundant reports are a good way to make your code fat and unreadable in the long term. ● Normation – CC-BY-SA normation.com 13
3 – Reporting is important Normation – CC-BY-SA normation.com 14
3 – Reporting is important Normation – CC-BY-SA normation.com 15
Funky example 2: Internal database bloat CFEngine uses a database to store internal state value (BerkeleyDB for < 3.3, TokyoCabinet for 3.3 to 3.5 and LMDB for 3.6+) => https://cfengine.com/dev/issues/2560 ● BDB / TokyoCabinet do bloat when using reporting with highly volatile values (reporting a date everytime with seconds) ● ● Result: Normation – CC-BY-SA normation.com 16
Funky example 2: Internal database bloat Solutions: ● ● Stop reporting all the time (Only report relevant changes) Mount the “state” directory on a RAMdisk http://blog.normation.com/en/20 13/09/09/speed-up-your-cfengine -by-using-a-ram-disk Bonus effect: Up to 2/3 times faster during I/O on databases ● Destroy the databases regularly (every month or week) Normation – CC-BY-SA normation.com 17
4 – Backup your stuff Example: When CFEngine does something with a file, you would like to keep a backup of this file beforehand ● <= You need a backup repository. https://cfengine.com/docs/3.5/reference-promise-types-files.html# repository ● File name is preserved, along with backup timestamp Normation – CC-BY-SA normation.com 18
4 – Backup your stuff Normation – CC-BY-SA normation.com 19
5 – Tame the agent Example: You want to make sure CFEngine only operates in safe environments ● You need way to make CFEngine only operate in => certain conditions ● CFEngine can be told to abort if certain conditions are not met https://cfengine.com/docs/3.5/reference-components-cfagent.htm l#abortclasses Normation – CC-BY-SA normation.com 20
5 – Tame the agent Normation – CC-BY-SA normation.com 21
6 – Always a damn DNS problem (tm) Example: Your network interfaces resolutions are not always working properly (AWS ?) ● You need to make CFEngine ignore some interfaces CFEngine can be told to ignore some network interfaces if needed ● ● It is a workaround, not a solution ! Normation – CC-BY-SA normation.com 22
6 – Always a damn DNS problem (tm) Normation – CC-BY-SA normation.com 23
BONUS STAGE: Beware of the allmighty Cron ● A word of warning: Cron(d) is not a configuration management engine !!! Easy to “fix” things quickly with a cron job ● KISS: Let every tool do its job, do not fall in the trap ● Normation – CC-BY-SA normation.com 26
Future ● ● Work on the ncf framework (See Jon's presentation !) ● Work with the Debian packaging team ● e Continue to improve Rudder Train more people ! Normation – CC-BY-SA normation.com 27
Questions ? :) Normation – CC-BY-SA normation.com 28

Recomendados

Using ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesUsing ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesRUDDER
 
Rudder 3.0 - what's new ?
Rudder 3.0 - what's new ?Rudder 3.0 - what's new ?
Rudder 3.0 - what's new ?RUDDER
 
How to install ReactJS software
How to install ReactJS software How to install ReactJS software
How to install ReactJS software VigneshVijay21
 
NPM THE GUIDE
NPM THE GUIDENPM THE GUIDE
NPM THE GUIDEKameron Tanseli
 
Apache Solr for TYPO3 what's new 2018
Apache Solr for TYPO3 what's new 2018Apache Solr for TYPO3 what's new 2018
Apache Solr for TYPO3 what's new 2018timohund
 
Pf sense 2.0
Pf sense 2.0Pf sense 2.0
Pf sense 2.0OpenFest team
 
Open web mail setup
Open web mail setupOpen web mail setup
Open web mail setupChacheng Oo
 
TYPO3 Performance (T3DD18)
TYPO3 Performance (T3DD18)TYPO3 Performance (T3DD18)
TYPO3 Performance (T3DD18)Marcus Schwemer
 

Recomendados

Using ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesUsing ncf building blocks to help writing CFEngine policies
Using ncf building blocks to help writing CFEngine policiesRUDDER
 
Rudder 3.0 - what's new ?
Rudder 3.0 - what's new ?Rudder 3.0 - what's new ?
Rudder 3.0 - what's new ?RUDDER
 
How to install ReactJS software
How to install ReactJS software How to install ReactJS software
How to install ReactJS software VigneshVijay21
 
NPM THE GUIDE
NPM THE GUIDENPM THE GUIDE
NPM THE GUIDEKameron Tanseli
 
Apache Solr for TYPO3 what's new 2018
Apache Solr for TYPO3 what's new 2018Apache Solr for TYPO3 what's new 2018
Apache Solr for TYPO3 what's new 2018timohund
 
Pf sense 2.0
Pf sense 2.0Pf sense 2.0
Pf sense 2.0OpenFest team
 
Open web mail setup
Open web mail setupOpen web mail setup
Open web mail setupChacheng Oo
 
TYPO3 Performance (T3DD18)
TYPO3 Performance (T3DD18)TYPO3 Performance (T3DD18)
TYPO3 Performance (T3DD18)Marcus Schwemer
 
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)Simon Boulet
 
Working with npm packages
Working with npm packagesWorking with npm packages
Working with npm packagesTomasz Bak
 
WordPress and the Command Line
WordPress and the Command LineWordPress and the Command Line
WordPress and the Command Linedimmke
 
Website maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safeWebsite maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safeClare Parkinson
 
Building For Mer
Building For MerBuilding For Mer
Building For MerDavid Greaves
 
Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)Justin Foell
 
Last Month in PHP - June 2016
Last Month in PHP - June 2016Last Month in PHP - June 2016
Last Month in PHP - June 2016Eric Poe
 
Introducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPMIntroducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPMYannick Warnier
 
Advanced Web Hosting
Advanced Web HostingAdvanced Web Hosting
Advanced Web HostingOVHcloud
 
open source product management (feat. npm)
open source product management (feat. npm)open source product management (feat. npm)
open source product management (feat. npm)Forrest Norvell
 
WordPress Security - A Top Down Approach
WordPress Security - A Top Down ApproachWordPress Security - A Top Down Approach
WordPress Security - A Top Down ApproachBrecht Ryckaert
 
Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)Anam Ahmed
 
Using the fork_cms deploy gem
Using the fork_cms deploy gemUsing the fork_cms deploy gem
Using the fork_cms deploy gemtijsverkoyen
 
Getting started with CFEngine - Webinar
Getting started with CFEngine - WebinarGetting started with CFEngine - Webinar
Getting started with CFEngine - WebinarCFEngine
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionCFEngine
 
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...nine
 
Zendcon scaling magento
Zendcon scaling magentoZendcon scaling magento
Zendcon scaling magentoMathew Beane
 
It gilde 20150209
It gilde 20150209It gilde 20150209
It gilde 20150209Martin Simons
 
OSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - RudderOSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - RudderNETWAYS
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningRUDDER
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with Blackfire2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with BlackfireMarko Mitranić
 

Más contenido relacionado

La actualidad más candente

Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)Simon Boulet
 
Working with npm packages
Working with npm packagesWorking with npm packages
Working with npm packagesTomasz Bak
 
WordPress and the Command Line
WordPress and the Command LineWordPress and the Command Line
WordPress and the Command Linedimmke
 
Website maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safeWebsite maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safeClare Parkinson
 
Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)Justin Foell
 
Last Month in PHP - June 2016
Last Month in PHP - June 2016Last Month in PHP - June 2016
Last Month in PHP - June 2016Eric Poe
 
Introducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPMIntroducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPMYannick Warnier
 
Advanced Web Hosting
Advanced Web HostingAdvanced Web Hosting
Advanced Web HostingOVHcloud
 
open source product management (feat. npm)
open source product management (feat. npm)open source product management (feat. npm)
open source product management (feat. npm)Forrest Norvell
 
WordPress Security - A Top Down Approach
WordPress Security - A Top Down ApproachWordPress Security - A Top Down Approach
WordPress Security - A Top Down ApproachBrecht Ryckaert
 
Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)Anam Ahmed
 
Using the fork_cms deploy gem
Using the fork_cms deploy gemUsing the fork_cms deploy gem
Using the fork_cms deploy gemtijsverkoyen
 

La actualidad más candente (13)

Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
Deploying with Super Cow Powers (Hosting your own APT repository with reprepro)
 
Working with npm packages
Working with npm packagesWorking with npm packages
Working with npm packages
 
WordPress and the Command Line
WordPress and the Command LineWordPress and the Command Line
WordPress and the Command Line
 
Website maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safeWebsite maintenance: keeping your WordPress site updated and safe
Website maintenance: keeping your WordPress site updated and safe
 
Building For Mer
Building For MerBuilding For Mer
Building For Mer
 
Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)Nginx [engine x] and you (and WordPress)
Nginx [engine x] and you (and WordPress)
 
Last Month in PHP - June 2016
Last Month in PHP - June 2016Last Month in PHP - June 2016
Last Month in PHP - June 2016
 
Introducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPMIntroducción a Nginx y PHP FPM
Introducción a Nginx y PHP FPM
 
Advanced Web Hosting
Advanced Web HostingAdvanced Web Hosting
Advanced Web Hosting
 
open source product management (feat. npm)
open source product management (feat. npm)open source product management (feat. npm)
open source product management (feat. npm)
 
WordPress Security - A Top Down Approach
WordPress Security - A Top Down ApproachWordPress Security - A Top Down Approach
WordPress Security - A Top Down Approach
 
Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)Playing with WP-CLI (WordPress Command Line Interface)
Playing with WP-CLI (WordPress Command Line Interface)
 
Using the fork_cms deploy gem
Using the fork_cms deploy gemUsing the fork_cms deploy gem
Using the fork_cms deploy gem
 

Similar a CFEngine, 4 years later

Getting started with CFEngine - Webinar
Getting started with CFEngine - WebinarGetting started with CFEngine - Webinar
Getting started with CFEngine - WebinarCFEngine
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionCFEngine
 
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...nine
 
Zendcon scaling magento
Zendcon scaling magentoZendcon scaling magento
Zendcon scaling magentoMathew Beane
 
OSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - RudderOSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - RudderNETWAYS
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningRUDDER
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with Blackfire2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with BlackfireMarko Mitranić
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and PerformanceElogic Magento Development
 
Joomla! Performance on Steroids
Joomla! Performance on SteroidsJoomla! Performance on Steroids
Joomla! Performance on SteroidsSiteGround.com
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019ciberkleid
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.Vlad Fedosov
 
Website & Internet + Performance testing
Website & Internet + Performance testingWebsite & Internet + Performance testing
Website & Internet + Performance testingRoman Ananev
 
Reducing boot time in embedded Linux
Reducing boot time in embedded LinuxReducing boot time in embedded Linux
Reducing boot time in embedded LinuxChris Simmonds
 
Systemd evolution revolution_regression
Systemd evolution revolution_regressionSystemd evolution revolution_regression
Systemd evolution revolution_regressionSusant Sahani
 
Intermediate git
Intermediate gitIntermediate git
Intermediate gitDan Shrader
 
Jacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Jacopo Nardiello - From CI to Prod: Running Magento at scale with KubernetesJacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Jacopo Nardiello - From CI to Prod: Running Magento at scale with KubernetesMeet Magento Italy
 
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...Chris Kernaghan
 

Similar a CFEngine, 4 years later (20)

Getting started with CFEngine - Webinar
Getting started with CFEngine - WebinarGetting started with CFEngine - Webinar
Getting started with CFEngine - Webinar
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated Version
 
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
Challenges behind the scenes of the large Swiss e-Commerce shop apfelkiste.ch...
 
Zendcon scaling magento
Zendcon scaling magentoZendcon scaling magento
Zendcon scaling magento
 
It gilde 20150209
It gilde 20150209It gilde 20150209
It gilde 20150209
 
OSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - RudderOSDC 2014: Jonathan Clarke - Rudder
OSDC 2014: Jonathan Clarke - Rudder
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioning
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?
 
2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with Blackfire2019 StartIT - Boosting your performance with Blackfire
2019 StartIT - Boosting your performance with Blackfire
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
 
CFEngine 3
CFEngine 3CFEngine 3
CFEngine 3
 
Joomla! Performance on Steroids
Joomla! Performance on SteroidsJoomla! Performance on Steroids
Joomla! Performance on Steroids
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.
 
Website & Internet + Performance testing
Website & Internet + Performance testingWebsite & Internet + Performance testing
Website & Internet + Performance testing
 
Reducing boot time in embedded Linux
Reducing boot time in embedded LinuxReducing boot time in embedded Linux
Reducing boot time in embedded Linux
 
Systemd evolution revolution_regression
Systemd evolution revolution_regressionSystemd evolution revolution_regression
Systemd evolution revolution_regression
 
Intermediate git
Intermediate gitIntermediate git
Intermediate git
 
Jacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Jacopo Nardiello - From CI to Prod: Running Magento at scale with KubernetesJacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Jacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
 
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...
TEC118 – How Do You Manage the Configuration of Your Environments from Metal ...
 

Más de RUDDER

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?RUDDER
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofRUDDER
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?RUDDER
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?RUDDER
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0RUDDER
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?RUDDER
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolRUDDER
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?RUDDER
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?RUDDER
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?RUDDER
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)RUDDER
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)RUDDER
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresRUDDER
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kRUDDER
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in RudderRUDDER
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...RUDDER
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...RUDDER
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...RUDDER
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...RUDDER
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...RUDDER
 

Más de RUDDER (20)

What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?What if configuration management didn't need to be lvl60 in dev?
What if configuration management didn't need to be lvl60 in dev?
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
 
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
 
OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?OW2Con - Configurations, do you prove yours?
OW2Con - Configurations, do you prove yours?
 
The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0The new plugin ecosystem in RUDDER 5.0
The new plugin ecosystem in RUDDER 5.0
 
What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?What uses for observing operations of Configuration Management?
What uses for observing operations of Configuration Management?
 
UX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management toolUX challenges of a UI-centric config management tool
UX challenges of a UI-centric config management tool
 
What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?What happened in RUDDER in 2018 and what’s next?
What happened in RUDDER in 2018 and what’s next?
 
What is RUDDER and when should I use it?
What is RUDDER and when should I use it?What is RUDDER and when should I use it?
What is RUDDER and when should I use it?
 
Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?Fosdem - Configurations do you prove yours?
Fosdem - Configurations do you prove yours?
 
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)L'audit en continu : clé de la conformité démontrable (#POSS 2018)
L'audit en continu : clé de la conformité démontrable (#POSS 2018)
 
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)
 
Stay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libresStay up - voyage d'un éditeur de logiciels libres
Stay up - voyage d'un éditeur de logiciels libres
 
How we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50kHow we scaled Rudder to 10k, and the road to 50k
How we scaled Rudder to 10k, and the road to 50k
 
What's new and what's next in Rudder
What's new and what's next in RudderWhat's new and what's next in Rudder
What's new and what's next in Rudder
 
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...Poss 2017 : gestion des configurations et mise en conformité chez un service ...
Poss 2017 : gestion des configurations et mise en conformité chez un service ...
 
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
Poss 2017 - la continuité, arme secrète de la gestion du si - cas concret de ...
 
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
POSS 2017 : Comment automatiser son infrastructure quand... on a pas le temps...
 
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...
 
RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud... RUDDER - Continuous Configuration (configuration management + continuous aud...
RUDDER - Continuous Configuration (configuration management + continuous aud...
 

Último

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Último (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

CFEngine, 4 years later

  • 1. CFEngine, 4 years later ___________________________ A song of code and configuration Matthieu CERDA Normation – CC-BY-SA normation.com
  • 2. Who are you ? Name Matthieu CERDA Email : matthieu.cerda@normation.com Web site : http://www.normation.com Twitter : @Kegeruneku Job System engineer at Normation CFEngine Enthusiast, power user and trainer Rudder Integrator, packager Infrastructure Team member Normation – CC-BY-SA normation.com 2
  • 3. What are we going to talk about CFEngine 3 ● How we began with it, what we gained from it ● “Funky” use cases ● The future Normation – CC-BY-SA normation.com 3
  • 4. Why CFEngine ? http://www.cfengine.com | http://www.github.com/cfengine Few dependencies (LMDB, OpenSSL, [PCRE]) ● ● Small memory footprint ● Highly compatible Working “close to the OS” (Can be seen as a flaw for some people) ● Normation – CC-BY-SA normation.com 4
  • 5. CFEngine 3 : 20 % cooler ! ● Created in 2009 ● Complete rewrite from CF2 ● Promise theory Based on what has been learnt from Puppet and CF2 ● ● Alive and kicking ! Normation – CC-BY-SA normation.com 5
  • 7. A long path 'till today ! Learnt to use CFEngine properly ● Acquired knowledge about best practices, worked with great people ● Helped to build Rudder from the ground ● Began working on ncf with Normation's team ● ● Became a trainer :) Normation – CC-BY-SA normation.com 7
  • 8. The beginning ● Back to 2009 !!! ● Sparse documentation ● Inexperience Advice: Start small, to manage few machines ● e Normation – CC-BY-SA normation.com 8
  • 9. Funky example 1: Rug ● Rug was SLES 10 default package manager (Now, it is Zypper) Problem ? Rug relies on a Mono backend (ZMD) that hangs if you stress it too much or call it repeatedly... ● Needed a way to make an exclusion for this specific kind of machines ! ● Normation – CC-BY-SA normation.com 9
  • 10. 2 – ALWAYS modularize when you can ● Example: Package installation definition Normation – CC-BY-SA normation.com 10
  • 11. 2 – ALWAYS modularize when you can ● Example: … and the “utility” bundle that goes with it ! Normation – CC-BY-SA normation.com 11
  • 12. A word about promises layout ● Everything begins with a bootstrap cf-agent -B <my ip address> Never do everything in one file, always split your promises using a hierarchical order: ● ● Always separate utilities, zones and services Normation – CC-BY-SA normation.com 12
  • 13. 3 – Reporting is important Example: When something bad happens, you'll be happy to see where the problem is (without having to go for the debug output) ! ● You need a “verbose” mode. => ● As always: modularization is important ! Static and redundant reports are a good way to make your code fat and unreadable in the long term. ● Normation – CC-BY-SA normation.com 13
  • 14. 3 – Reporting is important Normation – CC-BY-SA normation.com 14
  • 15. 3 – Reporting is important Normation – CC-BY-SA normation.com 15
  • 16. Funky example 2: Internal database bloat CFEngine uses a database to store internal state value (BerkeleyDB for < 3.3, TokyoCabinet for 3.3 to 3.5 and LMDB for 3.6+) => https://cfengine.com/dev/issues/2560 ● BDB / TokyoCabinet do bloat when using reporting with highly volatile values (reporting a date everytime with seconds) ● ● Result: Normation – CC-BY-SA normation.com 16
  • 17. Funky example 2: Internal database bloat Solutions: ● ● Stop reporting all the time (Only report relevant changes) Mount the “state” directory on a RAMdisk http://blog.normation.com/en/20 13/09/09/speed-up-your-cfengine -by-using-a-ram-disk Bonus effect: Up to 2/3 times faster during I/O on databases ● Destroy the databases regularly (every month or week) Normation – CC-BY-SA normation.com 17
  • 18. 4 – Backup your stuff Example: When CFEngine does something with a file, you would like to keep a backup of this file beforehand ● <= You need a backup repository. https://cfengine.com/docs/3.5/reference-promise-types-files.html# repository ● File name is preserved, along with backup timestamp Normation – CC-BY-SA normation.com 18
  • 19. 4 – Backup your stuff Normation – CC-BY-SA normation.com 19
  • 20. 5 – Tame the agent Example: You want to make sure CFEngine only operates in safe environments ● You need way to make CFEngine only operate in => certain conditions ● CFEngine can be told to abort if certain conditions are not met https://cfengine.com/docs/3.5/reference-components-cfagent.htm l#abortclasses Normation – CC-BY-SA normation.com 20
  • 21. 5 – Tame the agent Normation – CC-BY-SA normation.com 21
  • 22. 6 – Always a damn DNS problem (tm) Example: Your network interfaces resolutions are not always working properly (AWS ?) ● You need to make CFEngine ignore some interfaces CFEngine can be told to ignore some network interfaces if needed ● ● It is a workaround, not a solution ! Normation – CC-BY-SA normation.com 22
  • 23. 6 – Always a damn DNS problem (tm) Normation – CC-BY-SA normation.com 23
  • 24. BONUS STAGE: Beware of the allmighty Cron ● A word of warning: Cron(d) is not a configuration management engine !!! Easy to “fix” things quickly with a cron job ● KISS: Let every tool do its job, do not fall in the trap ● Normation – CC-BY-SA normation.com 26
  • 25. Future ● ● Work on the ncf framework (See Jon's presentation !) ● Work with the Debian packaging team ● e Continue to improve Rudder Train more people ! Normation – CC-BY-SA normation.com 27
  • 26. Questions ? :) Normation – CC-BY-SA normation.com 28