by Thierry de Pauw on
#cfgmgmtcamp
@botchagalupe
https://twitter.com/botchagalupe/status/1143489712176422912?s=20
In Defense of YAML, Rod Johnson, Creator of Spring
I feel like there is a large gap between shell scripts and Ansible.
Make -> CFEngine -> Chef/Rubby -> Ansible
Scripts -> Config Values (first generation) -> Rules Engine (second generation) -> DSL (third generation) -> Scripts
a bunch of wires in a datacenter
The Three Virtues of a Great Programmer according to Larry Wall, creator of Perl
- laziness
- impatient
- hubris
The four:
- Tivoli
- IBM
- ...
to apply a configuration change, you basically exported something from the tool that you thought worked and modified that code
@fengor: "you didn't far out spaces or tabs in this stuff. The compiler would go where no human would dare to go..." @botchagalupe on the history of what came before #cfgmgmtcamp
@boffbowsh: This history of Devops from @botchagalupe just makes me frustrated at how easily newer infrastructure engineers dismiss these literal decades of infra experience. So many of these problems have been solved before #cfgmgmtcamp
The new four:
- CFEngine, 1993 - Mark Burgess
- Puppet, 2005 - Luke Kanies
- Chef, 2009 - Adam Jacob
- Ansible, 2010 - Michael DeHaan
Is anybody else confused about Chef?, Kris Buytaert
Why Chef Exists:
- Adam Jacob, look I'm going to rewrite the product (Puppet)
- @felis_rex: “If Luke had accepted that Pull Request, Chef would not exist today.” - @botchagalupe with an angle on history #cfgmgmtcamp
Trinity of Configuration Management
- service
- template
- events - notify
CM Tools are only as good as their authors, Jerome Peazzoni
- @felis_rex: RT @WouterSchoot: Haha this is so true #cfgmgmtcamp https://t.co/tMBC4hu6op
Infrastructure as Code pro's:
- abstraction DLS's are very powerful
- self-documenting
- high reusability
- easier to provide data-driven models
- generally more consistent than scripted patterns
- most major IaC products have good testing abstractions
Infrastructure as Code con's:
- abstraction DSL's have higher learning curve
- complex edge case scenarios/failures
- script/shell primitives are used often
- integration interfaces are more complex
- infrastructure is built Just in Time (JIT)
- knowns are not always known
- builds are convergent, not congruent
Summary:
- mostly declarative
- fully automated
- desired state
- cattle not pets
- consistent environments (convergent)
- repeatable and disposable
- not immutable
Please, do not rewrite another configuration manager! @botchagalupe
looks like a 12 year old kid and looks like a person that has been in the enterprise for 25 years
- Vagrant
- Packer
- Terraform
- Vault
In all fairness, Solomon made a serious change. It was big.
- pull/push, modelling git into it
- the hub
- commoditised shared images
Dockerfile, how could we go back in time? @botchagalupe
Creating consistency in the Pipeline
- immutable infrastructure,Netflix - immutable servers, Kief Morris
Paper: Why Order Matters: Turing Equivalence in Automated Systems Administration,
The least-cost way to ensure that the behaviour of any two hosts will remain completely identical ...
=> argument for immutability
see following picture:
- @f3ew: Configuration management history. #cfgmgmtcamp https://t.co/g1JQHMSEmK
Why order really matters (SPC 68-95-99.7 Rule) => Variation:
- converged infra
- immutable infra
- immutable delivery
Immutable pros:
- least variation pattern
- faster provision model
- fits well with Microservices architectures
- less reliance on IaC
- binary consistency from dev to prod
cons:
- DSL abstraction not as mature as IaC
- small changes are harder to manage
- debugging is harder
- ...
Summary:
- partially declarative and partially descriptive
- fully automated
- disposable target state
- cattle not pet
- congruent vs convergent env
- repeatable and disposable
- immutable
Scripts -> Config Values -> Rules Engine -> DSL -> Scripts
Puppet was a game-changer to me.
Pulumi looks fantastic. Haven't tried it yet.
Everything is old is new again, @botchagalupe