Settj ttjng ng the the s stage Bruce Becker: Coordinator, - - PowerPoint PPT Presentation

settj ttjng ng the the s stage
SMART_READER_LITE
LIVE PREVIEW

Settj ttjng ng the the s stage Bruce Becker: Coordinator, - - PowerPoint PPT Presentation

Jun 15, 2023 366 likes •760 views

Settj ttjng ng the the s stage Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 1 Why are we here ? Plus ca change, plus c'est la meme chose There is nothing new under the sun Our goals: Take a

slide-1
SLIDE 1

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 1

Settj ttjng ng the the s stage

slide-2
SLIDE 2

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 2

Why are we here ?

  • ”Plus ca change, plus c'est la meme chose”

”There is nothing new under the sun”

  • Our goals:
  • Take a critjcal look at our methods
  • Understand that we are not alone
  • Identjfy and disrupt bad habits
  • Do the same things betuer
slide-3
SLIDE 3

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 3

Old issues in maintaining computjng infrastructures

  • Service Confjguratjon
  • Drifu

– it was working yesterday !

  • Reproducibility

– Something happened...

  • Semantjcs

– I did the thing, and then the thing happened

  • Maintenance

– Not my problem

  • Portability

– Now make it work over there

slide-4
SLIDE 4

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 4

Old issues in maintaining computjng infrastructures

  • Monitoring
  • Service X went down - get it back to it's previous state

asap

– Ok, what was that previous state ?! (See: Drifu) – What tasks need to be executed ?

  • Disaster Recovery
  • Everything broke, fjx it.

– What's everything ? – How do we move from broken hardware to fjxed hardware ?

slide-5
SLIDE 5

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 5

”Newer” issues in computjng infrastructures

  • Complexity
  • Services depend on each other (recursively)
  • Scale
  • Scale in services
  • Scale in teams
  • Security
  • How can we test service hardening without breaking the

services ?

  • … every tjme a service confjguratjon is changed … ?
slide-6
SLIDE 6

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 6

An example – the science gateway

Federated User

Riccardo Rotondo October 4th, 2013

Science Gateway Science Gateway

Pretoria 2013

slide-7
SLIDE 7

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 7

The issue in newer computjng infrastructure

  • Abstractjon
  • What are we even running on ?
  • Does it even matuer ?
  • What is an ”applicatjon” ?
  • The Science Gateway is an ”applicatjon” of the cloud
  • r grid infrastructure.
slide-8
SLIDE 8

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 8

Here's the thing :

  • Everything is code - Treat it like code !
  • Change control
  • Unit tests
  • Contjnuous Integratjon
  • Code is developed and tested
  • Services and confjguratjons are put into Operatjon
  • Enter DevOps
slide-9
SLIDE 9

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 9

What is DevOps ?

https://www.thoughtworks.com/radar/techniques/devops

slide-10
SLIDE 10

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 10

What is DevOps

https://en.wikipedia.org/wiki/DevOps

slide-11
SLIDE 11

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 12

What is DevOps ?

https://www.thoughtworks.com/radar/techniques/devops

slide-12
SLIDE 12

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 13

How is this difgerent to what I'm already doing ?

  • Culture
  • Automatjon
  • Lean
  • Measurement
  • Sharing

http://newrelic.com/devops/lifecycle http://newrelic.com/devops/what-is-devops

slide-13
SLIDE 13

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 14

This is Not DevOps

  • A partjcular tool
  • There are lots : htup:/

/newrelic.com/devops/toolset

  • A specifjc team or person
  • It's a culture of collaboratjon and transparency
slide-14
SLIDE 14

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 15

Culture is learned – but can't be taught

  • We'll be focussing on Ansible – one of the new

tools in your toolbox

  • Remember Maslow's Law !
  • htups:/

/en.wikipedia.org/wiki/Law_of_the_instrument

  • It's only going to be useful if used appropriately
  • It's just one tool
slide-15
SLIDE 15

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 16

Things you'll need

  • Languages : Markdown, Yaml, Jinja, JSON

(Python)

  • Change control : Git
  • Containerisatjon tools (Docker)
  • Test and Build services (Jenkins, Travis)
  • Situatjonal Awareness
slide-16
SLIDE 16

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 17

”Kung fu has many schools, so does DevOps.”

https://www.chef.io/solutions/devops/

slide-17
SLIDE 17

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 18

slide-18
SLIDE 18

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 19

That is silly, and the problem becomes that the fjghtjng style then becomes set in stone with no growth, and no adaptatjon, because what works well with me might not work for you.”

  • Bruce Lee

”When people talk about fjghtjng schools they say that Kung Fu, or Karate, or this other style is the best.

slide-19
SLIDE 19

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 20

Why Ansible ?

  • There are many optjons available for developing

betuer infrastructure

  • All of them are much betuer than none at all
  • There is no right tool – sometjmes not even the right

tool for the job

  • Sometjmes you need to use the right tool for you
slide-20
SLIDE 20

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 21

Ansible vs …

  • The contenders
  • Ansible vs shell scripts
  • Ansible vs Puppet
  • Ansible vs Chef
  • Ansible vs SaltStack ← I don't know enough
slide-21
SLIDE 21

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 22

Ansible vs Shell scripts

https://valdhaus.co/writings/ansible-vs-shell-scripts/

slide-22
SLIDE 22

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 23

Ansible vs Shell scripts

  • Which method is most likely to end up in source control?
  • Which method can be run multjple tjmes safely with confjdence?
  • Which method can easily be run against multjple servers?
  • Which method actually verifjes (tests) your server for correctness?
  • Which method can target certain servers easily (web, db, etc)?
  • Which method supports easily templatjng your confjguratjon fjles?
  • Which method will grow to easily support your whole stack?
slide-23
SLIDE 23

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 24

Remember the science gateway ?

You can do all of this with a shell script – but should you ?

Federated User

Science Gateway Science Gateway

slide-24
SLIDE 24

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 25

Ansible : 1 Shell Scripts : 0

Shell script is stjll betuer than nothing though

slide-25
SLIDE 25

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 26

The last easy decision you'll make

slide-26
SLIDE 26

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 27

Remember

From here on, everything is opinion and context matuers. There is no canonical comparison between the tools No use arguing : YOU STILL HAVE EITHER BRUCE LEE OR CHUCK NORRIS ON YOUR SIDE !!!

slide-27
SLIDE 27

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 28

Puppet

  • Puppet :
  • Old kid on the block
  • Ruby-based
  • Domain-Specifjc Language for internals
  • Master-client model
  • Model-Driven

– Task and state dependencies computed by server

  • Agent-based

https://puppetlabs.com/ https://github.com/puppetlabs

slide-28
SLIDE 28

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 29

Pros Cons

  • Well-established support

community through Puppet Labs.

  • Most mature interface and

runs on nearly every OS.

  • Simple installatjon and initjal

setup.

  • Most complete Web UI in this

space.

  • Strong reportjng capabilitjes.
  • For more advanced tasks, you will need

to use the Ruby-based CLI, (you’ll have to understand Ruby).

  • Support for pure-Ruby versions (rather

than those using Puppet’s customized DSL) is being scaled back.

  • Because of the DSL and a design that

does not focus on simplicity, the Puppet code base can grow large, unwieldy, and hard to pick up for new people in your

  • rganizatjon at higher scale.
  • Model-driven approach means less

control compared to code-driven approaches.

slide-29
SLIDE 29

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 30

Chef

  • Chef :
  • Also old kid on the block (2009)
  • Heavily dependent on Git (confjguratjon)
  • Internals in Ruby
  • Master-client model
  • Procedural

– Task and state dependencies computed by server

  • More ”Development” focussed than Puppet (?)

http://chef.io https://github.com/chef

slide-30
SLIDE 30

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 31

Pros Cons

  • Rich collectjon of modules and

confjguratjon recipes.

  • Code-driven approach gives you

more control and fmexibility over your confjguratjons.

  • Strong version control

capabilitjes.

  • 'Knife’ tool (uses SSH for

deploying agents from workstatjon) eases installatjon burdens.

  • Steep learning curve if

you’re not already familiar with Ruby and procedural coding.

  • Complex tool - can lead to

large code bases and complicated environments.

  • Doesn’t support push

functjonality.

slide-31
SLIDE 31

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 32

Take another look around

A short diversion

slide-32
SLIDE 32

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 33

http://insights.sei.cmu.edu/sei_blog/2014/06/a-generalized-model-for-automated-devops.html

slide-33
SLIDE 33

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 34

Development, Collaboratjon and Testjng

  • Any tool will build garbage if you tell it to !
  • Benefjts of DevOps tools : treat everything as

code – you can apply sofuware engineering principles to it:

  • Change control, versioning
  • Automated unit tests
  • Automated Integratjon
  • Paradigm so widely adopted that everything is

already available

slide-34
SLIDE 34

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 35

Containers changed everything

  • We don't have tjme to go into it now, but most
  • f the testjng and training will be done in Docker

containers.

  • Containers make it much easier to test and

develop infrastructure code

  • Very good for training
  • Probably not great for productjon infrastructure

(security)

slide-35
SLIDE 35

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 36

Hands-on session Install Docker

slide-36
SLIDE 36

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 37

Docker

  • Installatjon
  • See htups:/

/docs.docker.com/installatjon/

  • Containers at htups:/

/hub.docker.com/u/aaroc

slide-37
SLIDE 37

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 38

What have we learned

  • The same old issues and problems are now being

addressed by frameworks instead of genius

  • A shifu in culture from top-down to fmat can improve life

for systems administrators, developers and users

  • Sound sofuware engineering principles can be applied to

entjre infrastructures

  • A good knowledge of all the tools and a good situatjonal

awareness allows one to choose the right tools for the job

slide-38
SLIDE 38

Bruce Becker: Coordinator, Africa-Arabia ROC | bbecker@csir.co.za 39

End