TEC118 –How Do You Manage the Configuration of Your Environments from Metal to Application

transcript

TEC118 –How Do You Manage the Configuration of Your Environments from Metal to ApplicationSAP TechEd 2013 Las VegasChris Kernaghan

Presentation Title | Date

Who am I

Consultant Systems Admin

Facilitator

• Help IT administrate

Infrastructure and applications

• Design processes which meet

business compliance standards

• Build/Design flexible

infrastructures which are adaptable

but controlled

• Migrate customers from outdated

platforms to next generation

platforms

• Help business develop and

deploy leading edge applications

• Curate and administrate flexible

landscape

• Additional to project/chargable

work, so primarily done outside

• Team members need to be highly

adaptable, flexible, autonomous,

bought into the SoPs

What is configuration management?

What does it meanConfiguration of a stack•Hardware•Virtualisation hypervisor•Operating system•Database•Application

In the beginning

Configuring your applications was easy

SCP/XCOPY – Application deployment

SSH/RDP – Configuration management

Then things got a little more complex

Excel managed configurations

Word based Architecture documents

Configuration Management is not easy

How do you achieve configuration management

Infrastructure as code

Box huggers versus DevOps

Box Hugger (SAP Technical)

• Infrastructure is permanent

• Manual processes

• Steps are documented longhand

• SPOF are common

• Concerned with MTBF

DevOps (Web Operations)

• Infrastructure is ephemeral

• Automation is used heavily

• Operations are treated in the same way as code

• Operations are scalable

• Concerned with MTTR

Why use Configuration Management

S – ScheduledC – ConsistentA – AuditableR – RepeatableS – Sharable

• Systems administration is full of boring, repetitive tasks• Evolve from thick manual run guides to smaller guides on automated processes

•Create better results driven compliance processes and records• Quicker serial/parallel executions• The execution of the tasks is more controlled

• There are lots of methods of automation, depending on the layer you are working within

• OS – System schedulers• Database – triggers or stored procedures• Application level – scheduled batch or background jobs • Captured input session tools

Ability to execute consistent process to serve multiple compliance frameworks with different documentation requirements – eg, ITIL, SOX, FDA, etc..

Why we do not automate Configuration Management

What can be managed through code

•Virtualisation hypervisor– Parameters– Creation of new hosts

•Operating system– Parameters– Users– File system permissions– Software Installs

•Database– Patches–Parameters

Why use Configuration Management

Scheduled Every 30 mins

Consistent Cookbook/Manifest driven

Auditable Results recorded

Repeatable Scheduled every 30 mins

Sharable Scripts exportable

Agent retrieves catalog

Agent inspects resources from catalogue and submits report

Console/Agent compares node inspections to baselines and

reports differences

Approve or reject every difference,

revert unapproved changes

Roll approves changes into node

baselines

Write code (cookbook/manifest) which defines resources to audit on which nodes

Configuration Management Systems

Comparison of Configuration Management

Puppet Chef CFEngine

Puppetlabs.com Opscode.com CFEngine.com

Pull Yes Yes Yes

Push No No No

Idempotence Yes Yes Yes

Config Language Declarative/Ruby Ruby Declarative

WebUI Yes Yes No

O/S Support Linux/Unix/Windows Linux/Unix/Windows Linux/Unix/Windows

License GPL v2 Apache GPL

Company Puppet Labs OpsCode CFEngine

Cloud Yes SaaS Yes

Puppet and Chef Flavours

Serverless Puppet

Master/Agent Puppet

Puppet Enterprise

Chef Solo

Chef Client & Server

Private ChefHosted Chef

Flavours

Puppet Architecture

Example Puppet script

Set up parameter file

Set the file permissions

Confirm the file source

Execute the command

Copy the install media

Puppet Console

Chef Architecture

Example Chef Script

What packages are required

Mount a filesystem

Set the hostname

Restart service to activate

Write entry into hosts file

Puppet Demo

Chef Demo

www.capgemini.com

About Capgemini

With more than 120,000 people in 40 countries, Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. The Group reported 2011 global revenues of EUR 9.7 billion.Together with its clients, Capgemini creates and delivers business and technology solutions that fit their needs and drive the results they want. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore ®, its worldwide delivery model.

Rightshore® is a trademark belonging to Capgemini

TEC118 –How Do You Manage the Configuration of Your Environments from Metal to Application

Technology