Configurations: Do you prove yours ? Continuous configuration, - - PowerPoint PPT Presentation

▶

Jul 23, 2023 113 likes •295 views

Pass The SALT 2019 Configurations: Do you prove yours ? Continuous configuration, observability, compliance Pass the SALT 2019 Alexandre BRIANCEAU alexandre@rudder.io @abrianceau How are the servers doing? Pass The SALT 2019 No error nor

SLIDE 1 Pass The SALT 2019

Pass the SALT 2019

Configurations: Do you prove yours ?

Continuous configuration, observability, compliance

Alexandre BRIANCEAU alexandre@rudder.io @abrianceau

SLIDE 2 Pass The SALT 2019

How are the servers doing?

No error nor change in logs means success?

Aren’t we missing something?

SLIDE 3 Pass The SALT 2019

Main challenges faced nowadays

DEV QA PRODUCTION RECOVERY DEV SEC OPS MGMT EXTERN

Multiple teams, diluted expertise, harder reporting Heterogeneous systems, reduced visibility, ease of use and understanding

SLIDE 4 Pass The SALT 2019

Getting and understanding the info is complex Operators, Managers, Experts, APIs have differents needs Frustration if we need a third party to get data We mistrust what we don’t understand

SLIDE 5 Pass The SALT 2019

Definition

Configuration management is a systems engineering process for establishing and maintaining consistency of a product [...] throughout its life.

Configuration_management

“

SLIDE 6 Pass The SALT 2019

How DevSecOps can help to understand?

Culture Automation Share Measure

SLIDE 7 Pass The SALT 2019

Let's remember: What does configuration management do?

configuration target state feedback configuration

SLIDE 8 Pass The SALT 2019

Let's remember: What does configuration management do?

configuration target state feedback configuration feedback configuration feedback configuration

SLIDE 9 Pass The SALT 2019

Definition (again)

Observability is a measure of how well internal states of a system can be inferred from knowledge of its external outputs.

Observability

“

SLIDE 10 Pass The SALT 2019

Monitoring VS Observability: having a factual & deep insight monitoring

bservability

SLIDE 11 Pass The SALT 2019

Why we need Observability in Configuration Management?

Causality Agency Perspective

trust and prove configuration states provide insights relevant to different needs help teams find the best levers for their job

A B

SLIDE 12 Pass The SALT 2019

Let’s take an implementation example...

SLIDE 13 Pass The SALT 2019

These concepts are core to Rudder

Everyone/thing can be an actor of configuration management

SLIDE 14 Pass The SALT 2019

Observability and how Rudder can prove the compliance?

PARAM RULE

DIRECTIVE

Id
(Components)

GROUP

RUDDER config (global)

Policy Mode
Schedule...

NODE

Properties
Policy Mode
Schedule...

Environmental context

Id : . . .
Generated : . . .

Files

Node configuration

Historisation Historisation

RUN

Reports
Reports
...
...

METADATA

node id
config id
run timestamp

RUN

Reports
Reports
...
...

METADATA

node id
config id
run timestamp
Signature

Get config Send configuration reports Expected reports (node id, config id, timestamp) Run reports Historisation

Compliance

historised Send expected reports Metadata

Integrity
Signature

Config

For Rule R,

Directive D1, Component C Event logs Change request

SLIDE 15 Pass The SALT 2019

French, mature and open-source of continuous configuration compliance

Manage OS, middleware and software level Team oriented (WebUI, CLI, API) Audit only or automatic drift remediation Continuous reporting and dashboarding

SLIDE 16 Pass The SALT 2019

Pass the SALT 2019

Thank you !

Any questions ?

Alexandre BRIANCEAU alexandre@rudder.io @abrianceau

5mn Survey on SecOps:

bit.ly/pts19-secops