The days of DIY system administration are rapidly coming to a close. Why? Because the open source tools available are just too good not to use. Presenting Bcfg2, Cfengine, Chef and Puppet.
This summer the USENIX 2010 conference in Boston hosted the first Configuration Management Summit on automating system administration using open source configuration management tools. The summit brought together developers, power users and new adopters.
Why Configuration Management?
Internet use is growing and new services are appearing hourly.The number of servers (both physical and virtual) is becoming uncountable. Automation of system administration is a must to handle the deluge; else swarms of sysadmins would be needed to handle all these systems.
Drivers for automating system administration:
- In companies with multiple sysadmins working the old way,in interactive root sessions, there is a potential for sysadmins making changes at the same time to step on each other’s toes (and on the config!);
- system administration is a relatively new profession,without a standard curriculum, so practitioners have different philosophies and practices. Going from organization to organization, it is a challenge for a new sysadmin to learn:
- how is the system setup,
- why was it setup that way,
- how it needs to be setup to keep operating,
- how to set it up that way again in case of disaster or normal growth.
Automating system administration addresses all the above and makes new things possible.
For example, a CM tool can respond faster than a human sysadmin to a deviation from configuration policy to remedy it or it may automatically instantiate, configure and bring online a new virtual server instance if an old one dies.
There are over a dozen different CM tools actively used in production.
So many choices can bewilder a sysadmin searching for a CM tool.
The summit included representatives for 4 tools: Bcfg2 (pronounced “bee-config 2″), Cfengine, Chef and Puppet.
The summit had three parts: 4 presentations; a panel session; and a mini BarCamp with 6 presentations. The panel session was quite lively.
I will attempt to compare and contrast the 4 tools; however using any robust configuration management tool, with discipline, is better than administering systems manually.
Four Tools
Bcfg2: Came out of Argonne National Lab. Lightweight on the node. Each server can easily handle 1000 nodes.Relies on centralization. Uses a complete model of each node’s configuration,both desired and current.
Strengths: Reporting system and debugging.
Weaknesses: Documentation. (New set of documentation is coming out now, but still weak in examples.) Sharing policies between sites is not easy; group names need to be standardized first.
Cfengine: Came out of Oslo University. Strong philosophy of allowing decentralization and potential local autonomy. Oriented toward consensus building as opposed to top-down policy dictation. Underlying philosophies are promise theory, convergence and self-healing. Also has a healthy paranoid streak and an impressive security record (only 3 serious vulnerabilities in 17 years).
Strengths: Highly multi-platform (it even runs on underwater unmanned vehicles!).Lightweight. Largest userbase – more companies using it than all the other tools combined! Able to continue operating under degraded condition (network down,for example).
Weaknesses: It’s hard to get started because there is a lot to learn.
Chef: Has its origins in Ruby-on-Rails world in the cloud. Grew out of dissatisfaction with Puppet’s non-deterministic ordering. Resilient (each node can run stand-alone if the server disappears). Sequence of execution is tightly ordered.
Strengths: Cloud integration (automating provisioning and configuration of new instances in one fell swoop). Multi-node orchestration (more below). Reusable policy cookbooks and highest degree of recipe reuse amongst its users amongst the four tools.
Weaknesses: Attributes have 9 different levels of precedences (role, node, etc.) and this can be daunting.
Puppet: Grew out of dissatisfaction with Cfengine 2. Centralized model, however if the server is unreachable, node agents will still run, applying the cached configuration. Simple and human-readable DSL gives safety at cost of flexibility. Determines and runs delta changes only.
Strengths: Large community of users (over 2000 users on the Puppet mailing list).
Weakness: Puppet server right now is a potential bottleneck (which is solved by going to multiple servers.) Execution ordering can be non-deterministic. (But reports will always tell you what succeeded and what failed. And order can be mandated if order is required.)
Next: Bcfg2
Comments on "The State of Open Source System Automation"
Here is a superb Blog You may Uncover Interesting that we encourage you to visit.
We prefer to honor many other world wide web websites on the internet, even when they aren?t linked to us, by linking to them. Underneath are some webpages worth checking out.
nel club e solo la scrittura di una delle più grandi storie nella storia dello sport. è un onore entrare a far parte di questa storia di successo, e non vedo l’ora alla squadra la prossima stagione ancora più paura. ”maglia calcio outlet,nuove maglia calcio serie a,Maglia Barcelona 2017 vendita
Always a huge fan of linking to bloggers that I love but really don’t get a good deal of link adore from.
An outstanding share! I’ve just forwarded this onto a co-worker who has been doing a little research on this.
And he in fact bought me lunch simply because I discovered it for him…
lol. So let me reword this…. Thanks for the meal!!
But yeah, thanx for spending time to talk about this subject
here on your web page.
Very few websites that come about to become comprehensive beneath, from our point of view are undoubtedly nicely really worth checking out.
I simply want to mention I am very new to blogging and site-building and absolutely savored your blog. Probably I’m planning to bookmark your blog post . You certainly have outstanding stories. Regards for revealing your web-site.
There is an obvious but nonetheless deeply impacting
spiritual forged to the participate in of light in the darkish cave,
the miner’s helmet torches illuminating The 33 2015 full movie online free (Marylyn) skyscraper-measurement
rock that seemingly has sealed their destiny.
Here are some links to sites that we link to due to the fact we believe they’re really worth visiting.
Here are a number of the websites we suggest for our visitors.
I found your blog through google and I must say, this is probably one of the best well prepared articles I have come across in a long time. I have bookmarked your site for more posts.
We like to honor numerous other web web sites on the net, even when they aren?t linked to us, by linking to them. Underneath are some webpages really worth checking out.
Here are some links to web sites that we link to mainly because we consider they are worth visiting.
Here are a few of the web-sites we advocate for our visitors.
Below you will uncover the link to some web sites that we think you should visit.
The information mentioned within the post are several of the very best accessible.
He understands Shepherd’s script and achieves The 33 full movie (mybrewguru.com)
tone essential to make this an enduring movie fairly than a getaway throw-away.
Here are a few of the sites we advocate for our visitors.
Every after inside a though we opt for blogs that we read. Listed beneath would be the most recent internet sites that we decide on.