Lesson 17: Configuration Management

Homepage Content Slides Video

Warning

This lesson is under construction. Learn from it at your own risk. If you have any feedback, please fill out our General Feedback Survey.

Overview

Configuration Management

“Configuration management is the process of standardizing resource configurations and enforcing their state across IT infrastructure in an automated yet agile manner.”

  • Puppet Labs
user { 'audience':
    ensure  => present,
}

Short History of CM

In the beginning there were no computers.

Then many years passed and eventually we built the first computer.

Then a few years after that we had more computers than we really had time to manage. Things got out of hand pretty quick.

Concept: Infrastructure as Code

Pull vs Push Models

Pull Model
Scales well but difficult to manage.
Push Model
Simple to manage and setup but not scalable.

Tools

Puppet

Puppet Logo

Chef

Chef Logo

CFEngine

CFEngine logo

Ansible

Ansible logo

SaltStack

Saltstack logo

Declaration Configuration

packages [nginx, python, vim]
    state installed
    update true

service nginx
    state enabled
    alert service myapp_daemon

Chef Example

package "apache" do
  package_name "httpd"
  action :install
end

service "apache" do
  action [:enable, :start]
end

Note

Since chef uses Ruby you can do loops and other cool Ruby-isms in your configuration management. This can be a gift and a curse.

Puppet Example

package { "apache":
  name    => "httpd",
  ensure  => present,
}

service { "apache":
  name    => "apache",
  ensure  => running,
  enable  => true,
  require => Package["apache"],
}

Note

Since Puppet designed its own language you are more limited in what you can express, but this isn't always a bad thing. It's feature rich and can do pretty much anything that Chef can.

Ansible Example

- hosts: all
  tasks:

    - name: Install Apache
      yum:
        name: httpd
        state: present

    - name: Start Apache Service
      service:
        name: httpd
        state: running
        enabled: yes

Note

Ansible's language is Yaml, which is basically JSON but easier to read and write. This is similar to Puppet in it limits the possible functionality, but again: these tools all achieve the same result, they just get there in different ways.

Further Reading