How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
3. Configuration management is a systems
engineering process for establishing and
maintaining consistency of a product [...]
throughout its life.
Configuration_management
“
3
4. How devops can help to understand?
4
Culture
AutomationShare
Measurement
5. Why we need Observability in Configuration Management?
5
Causality AgencyPerspective
trust and prove
configuration states
provide insights
relevant to different needs
help teams find
the best levers
for their job
A
B
7. Let's remember: What does configuration management do?
7
configuration
target state
feedbackconfiguration
8. Let's remember: What does configuration management do?
8
configuration
target state
feedbackconfiguration
feedbackconfiguration
feedbackconfiguration
9. Observability is a measure of how well
internal states of a system can be inferred
from knowledge of its external outputs.
Observability
“
9
13. 13
PARAM
RULE
● Id
DIRECTIVE
● Id
● (Components)
GROUP
● Id
RUDDER config
(global)
● Policy Mode
● Schedule
● ...
NODE
● Properties
● Policy Mode
● Schedule
● ...
Environmental context
● Id : . . .
● Generated : . . .
Files
Node configuration
Historisation
Historisation
RUN
● Reports
● Reports
● ...
● ...
METADATA
● node id
● config id
● run timestamp
RUN
● Reports
● Reports
● ...
● ...
METADATA
● node id
● config id
● run timestamp
● Signature
Get config
Send configuration
reports
Expected reports
(node id, config id,
timestamp)
Run reports
Historisation
Compliance
historised
Send expected reportsMetadata
● Integrity
● Signature
Config
● For Rule R,
Directive D1,
Component C
Event logs
Change request
14. Impactful events category
14
Definition ExecutionCreation
of the target state of the configuration of the configuration
rules
node’s groups
configurations
parameters
global
per nodes
environmental context
properties
policy mode...
tracing the configuration
generation process
OS specificity
template
variables...
predict configuration state
anticipation of any change
used to compare with the execution
execution feedback
fine grained comparison with the
expectation
prevent any alteration
15. Are you sure that I didn’t forget something ?
● And on the node itself ?
● Observability should be agnostic
○ Protocol normalization
● Beyond 1st level of external output usage
○ Data mining
○ Process mining and AI
15
Business oriented
Technique
oriented
External events
and targeted configuration state
Expected configuration
Execution
feedbacks
16. Configuration: Do you prove yours?
Infra Management Room
@abrianceau in/abrianceau alexandre@rudder.io