The State of Open Source System Automation

The days of DIY system administration are rapidly coming to a close. Why? Because the open source tools available are just too good not to use. Presenting Bcfg2, Cfengine, Chef and Puppet.


Michael de Haan of Puppet Labs, and formerly of Red Hat engineering, presented.

Key Principles of Puppet’s Design:

  • Puppet is centralized.
  • Puppet internal logic is graph based. It uses decision trees and reports on what it was able to do; and what failed (and everything after it). Manual ordering is very important,as decision trees will be based on it. Ordering is very fine-grained.
  • Puppet language is a data center modeling language representing the desired state. The Puppet language is designed to be very simple and human readable. This prevents you from inserting (Ruby) code but it also makes it safer (prevents you from shooting yourself in the foot). However you can still call external (shell) scripts.Also, an upcoming version (2.6) will support programming in a a Ruby DSL.
  • Portability. Works anywhere Ruby works.
  • Pluggability. Puppet does not allow arbitrary language in the code;however there is pluggability:server side functions can interact with an external data source (e.g.query database or read a textfile). There is a feature called “external_nodes” which you can enable on the puppet server (the puppetmaster) which will kick in whenever a puppet client (puppetd)connects. Instead of having the node name and its class membership and attributes stored in your puppet config, you can have it stored in an external database, and “external_nodes” will fetch that info.

How does Puppet Work?

Puppet only performs actions that are necessary. The basic formula for Puppet’s operation is: server-side, poll information from the client then decide what to do and tell the client what to do. In detail:

The server gets the client to tell the server about itself. These are facts in Puppet. The configuration policies are the manifests.

The server compares the facts (what is) to the manifests (what should be), and, if necessary, creates instructions to the clients on the managed nodes for moving from what is to what should be. These instructions are encoded as a JSON catalog.

Manifests + Facts -→ JSON catalog -→ Nodes

The JSON catalog contains a declarative description about desired state, and the client then runs that catalog to achieve the desired state.

Puppet is pre-installed on Ubuntu (cloud and main editions).

If a service subscribes to a file, and the file changes, the service will know it automatically needs to restart. For example:

service { 'sshd':
  ensure => running,
  subscribe => File['/etc/ssh/sshd_config'],

file { '/etc/ssh/sshd_config':
  ensure => present,
  source => puppet:///sshd/sshd_config,
  owner => root,
  group => root,

Puppet Language

Resource Types are the building blocks of Puppet configuration.Here is a simple example:

file { "/etc/passwd":
    owner => root,
    group => root,
    mode => 644

This is the “file” resource type. It controls ownership and access permissions to the named file.

Providers are what make the resource type an actuality; or it’s the part of Puppet that actually executes the configuration, the interface between the resource description and the OS; the “doer”.

There can be multiple providers for a resource, for example you might specify mod-php package be installed, and it could by installed by package providers for dkpg, rpm, yum, openbsd, and so on. The most appropriate provider will be picked automatically; or you can specify certain features in the resource type, and then the providers will be probed for what features they support.

There is an advanced and experimental feature “exported resources”that allows one host to configure another host (in Puppet terms, it allows resources to move between hosts) — this allows inter-node orchestration.

Puppet, of course, can export reports.

What Lies Ahead? What Are the Challenges in Configuration Management?

Narayan: “Configuration meta-programming” or “multi-node orchestration”.For example: “NTP clients should talk to our NTP servers”, or”the ssh_known_hosts file should contain entries for all machines”,or “the load-balancer should direct traffic to all production Web servers”.

Mark Burgess: Including network devices in configuration management;manipulating mechanical devices (such as controlling satellite position in Earth orbit); most importantly, knowledge management (tracking state, understanding intentions, aligning with business goals). Mark is working on tying Cfengine with ISO13250 Topic Maps.

Next: Quick Comparisons

Comments on "The State of Open Source System Automation"

Here is a superb Blog You may Uncover Interesting that we encourage you to visit.

We prefer to honor many other world wide web websites on the internet, even when they aren?t linked to us, by linking to them. Underneath are some webpages worth checking out.

nel club e solo la scrittura di una delle più grandi storie nella storia dello sport. è un onore entrare a far parte di questa storia di successo, e non vedo l’ora alla squadra la prossima stagione ancora più paura. ”maglia calcio outlet,nuove maglia calcio serie a,Maglia Barcelona 2017 vendita

Always a huge fan of linking to bloggers that I love but really don’t get a good deal of link adore from.

An outstanding share! I’ve just forwarded this onto a co-worker who has been doing a little research on this.
And he in fact bought me lunch simply because I discovered it for him…
lol. So let me reword this…. Thanks for the meal!!
But yeah, thanx for spending time to talk about this subject
here on your web page.

Very few websites that come about to become comprehensive beneath, from our point of view are undoubtedly nicely really worth checking out.

I simply want to mention I am very new to blogging and site-building and absolutely savored your blog. Probably I’m planning to bookmark your blog post . You certainly have outstanding stories. Regards for revealing your web-site.

There is an obvious but nonetheless deeply impacting
spiritual forged to the participate in of light in the darkish cave,
the miner’s helmet torches illuminating The 33 2015 full movie online free (Marylyn) skyscraper-measurement
rock that seemingly has sealed their destiny.

Here are some links to sites that we link to due to the fact we believe they’re really worth visiting.

Here are a number of the websites we suggest for our visitors.

I found your blog through google and I must say, this is probably one of the best well prepared articles I have come across in a long time. I have bookmarked your site for more posts.

We like to honor numerous other web web sites on the net, even when they aren?t linked to us, by linking to them. Underneath are some webpages really worth checking out.

Here are some links to web sites that we link to mainly because we consider they are worth visiting.

Here are a few of the web-sites we advocate for our visitors.

Below you will uncover the link to some web sites that we think you should visit.

The information mentioned within the post are several of the very best accessible.

He understands Shepherd’s script and achieves The 33 full movie (mybrewguru.com)
tone essential to make this an enduring movie fairly than a getaway throw-away.

Here are a few of the sites we advocate for our visitors.

Every after inside a though we opt for blogs that we read. Listed beneath would be the most recent internet sites that we decide on.

Leave a Reply