Lesson 17: Configuration Management

Homepage

Content

Slides

Video

Warning

This lesson is under construction. Learn from it at your own risk. If you have any feedback, please fill out our General Feedback Survey.

Configuration Management

“Configuration management is the process of standardizing resource configurations and enforcing their state across IT infrastructure in an automated yet agile manner.”

• Puppet Labs

user { 'audience':
    ensure  => present,
}

Short History of CM

In the beginning there were no computers.

Then many years passed and eventually we built the first computer.

Then a few years after that we had more computers than we really had time to manage. Things got out of hand pretty quick.

Concept: Infrastructure as Code

• Install packages, configure software, start/stop services.
• Ensure/guarantee a specific state of a machine.
• Provide history of changes for a system.
• Repeatable way of rebuilding a system.
• Orchestrate a cluster of services together.

Pull vs Push Models

Pull Model

Scales well but difficult to manage.

Push Model

Simple to manage and setup but not scalable.

Tools

• Puppet
• Chef
• CFEngine
• Ansible
• Saltstack

Puppet

• Uses custom CM Language.
• Primary Push Model.
• Widely Adopted.
• Very stable.
• Difficult to get setup.

Chef

• Primarily Push Model.
• Code files are Ruby.
• Widely Adopted.
• Difficult to setup.

CFEngine

• Fast at execution, slow at adaptation.
• Very old.
• Stable.

Ansible

• Easy to use.
• Easy to setup.
• Does not scale well.

SaltStack

• Easy to use.
• Hard to get started.

Declaration Configuration

packages [nginx, python, vim]
    state installed
    update true

service nginx
    state enabled
    alert service myapp_daemon

Chef Example

• Install apache and start the service
• Configuration is called a ‘recipe’
• Written as pure Ruby code

package "apache" do
  package_name "httpd"
  action :install
end

service "apache" do
  action [:enable, :start]
end

Note

Since chef uses Ruby you can do loops and other cool Ruby-isms in your configuration management. This can be a gift and a curse.

Puppet Example

• Install apache and start the service
• Configuration is called a ‘manifest’
• Puppet DSL based on Ruby

package { "apache":
  name    => "httpd",
  ensure  => present,
}

service { "apache":
  name    => "apache",
  ensure  => running,
  enable  => true,
  require => Package["apache"],
}

Note

Since Puppet designed its own language you are more limited in what you can express, but this isn’t always a bad thing. It’s feature rich and can do pretty much anything that Chef can.

Ansible Example

• Install apache and start the service
• Configuration is called a ‘playbook’
• Uses YAML file format for configuration

- hosts: all
  tasks:

    - name: Install Apache
      yum:
        name: httpd
        state: present

    - name: Start Apache Service
      service:
        name: httpd
        state: running
        enabled: yes

Note

Ansible’s language is Yaml, which is basically JSON but easier to read and write. This is similar to Puppet in it limits the possible functionality, but again: these tools all achieve the same result, they just get there in different ways.

Further Reading

• Ansible’s Documentation is comprehensive and contains an easy-to-follow “Getting Started” guide.

• Kitchen-CI is a Chef oriented testing system

• Puppet Learning VM is a prebuilt VM for learning Puppet’s fundamental

  concepts