ncf
play

ncf A powerful and structured CFEngine framework Jonathan CLARKE - PowerPoint PPT Presentation

Aug 23, 2022 •372 likes •679 views

ncf A powerful and structured CFEngine framework Jonathan CLARKE jcl@normation.com @jooooooon42 (that's 7 'o's) Normation CC-BY-SA normation.com ncf Who am I? www.ncf.io Jonathan Clarke Title: Co-founder & Product lead at

  1. ncf A powerful and structured CFEngine framework Jonathan CLARKE – jcl@normation.com @jooooooon42 (that's 7 'o's) Normation – CC-BY-SA normation.com

  2. ncf Who am I? www.ncf.io ● Jonathan Clarke Title: Co-founder & Product lead at Normation ● Origins: Sysadmin, infrastructure management ● Now: Automation + “running a company”-stuff ● Contributor to free software: ● Co-creator of Rudder – Contributor to CFEngine, OpenLDAP – Co-organizer of events: ● 2 Normation – CC-BY-SA normation.com

  3. ncf Intro www.ncf.io This presentation is about cakes 3 Normation – CC-BY-SA normation.com Photo CC BY 2.0 from http://www.flickr.com/photos/misscreativecakes/

  4. ncf Intro www.ncf.io Reminder: how are cakes made? 1. Ingredients 2. Recipes + Photo CC BY-NC 2.0 from 4 Normation – CC-BY-SA http://www.flickr.com/photos/tnemily/ normation.com Photo CC BY 2.0 from http://www.flickr.com/photos/misscreativecakes/

  5. ncf Background www.ncf.io A bunch of CFEngine consultants ● > 4 years ● Multiple companies: small, large & huge ● Various uses: security, provisioning, DR... We always got the same feedback 5 Normation – CC-BY-SA normation.com

  6. ncf Feedback #1: CFEngine rocks! www.ncf.io CFEngine rocks Small footprint, scalable Multi-platform A few MB of RAM, Linux, Android, BSD, AIX, just seconds to run... HP-UX, Solaris, Windows... Continuous checking Resilient to errors Agent based approach, Network outages, failures, no push unavailable resources... Open Source GPLv3 6 Normation – CC-BY-SA normation.com

  7. ncf Feedback #2: CFEngine is hard! www.ncf.io CFEngine is hard Steep learning curve Lack of feedback Syntax is unusual, hard Output is hard to read, to learn and understand “what is going on?” Workarounds for bugs Too much “do it yourself” No way of systematically Building your own policy using a workaround structure from blank slate “Flour, eggs, milk and butter” As in: https://digitalelf.net/2013/04/a-case-study-in-cfengine-layout/ 7 Normation – CC-BY-SA normation.com

  8. ncf Feedback #2: CFEngine is hard! www.ncf.io Learning to bake cakes on your own is frustrating. 8 Normation – CC-BY-SA normation.com Photo CC BY-NC-SA 2.0 from http://www.flickr.com/photos/penguincakes/

  9. ncf Brief dilemma... www.ncf.io Can we fix this? CHALLENGE ACCEPTED. We've worked around this for customers, let's make it reusable! 9 Normation – CC-BY-SA normation.com

  10. ncf Approach www.ncf.io Too much do it yourself Building your own policy structure from blank slate 1) Provide a structured layout to start from 2) Provide single-purpose, reusable “ methods ” to get the basics done 10 Normation – CC-BY-SA normation.com

  11. ncf Approach www.ncf.io Steep learning curve Syntax is unusual, hard to learn and understand 1) Hide the weirder syntax inside these reusable “methods” 2) Only require a subset of syntax to write everyday policies (method calls) 11 Normation – CC-BY-SA normation.com

  12. ncf Approach www.ncf.io Workarounds for bugs No way of systematically using a workaround 1) Implement workarounds into those reusable “methods” (and use them) 2) Automated tests to make sure the bugs don't “come back” 12 Normation – CC-BY-SA normation.com

  13. ncf Approach www.ncf.io Lack of feedback Output is hard to read, “what is going on?” 1) Now everything goes through reusable “methods”, build automatic feedback in 2) Make the feedback format customisable and extensible 13 Normation – CC-BY-SA normation.com

  14. ncf Result www.ncf.io “Forget baking, I'm gonna get some cakes from the shop” 14 Normation – CC-BY-SA normation.com Photo CC BY-NC-SA 2.0 from http://www.flickr.com/photos/omarsc/

  15. ncf Result www.ncf.io We created ncf ncf is a framework that runs in pure CFEngine language, to help structure CFEngine policy and provide reusable , single purpose components distributed under the GPLv3 license. 15 Normation – CC-BY-SA normation.com

  16. ncf Result www.ncf.io Example === 1000 words With ncf: 16 Normation – CC-BY-SA normation.com

  17. ncf Result www.ncf.io Example === 1000 words Without ncf: This is actually over-simplified: - No feedback - No exceptions for different OSes - No advanced options 17 Normation – CC-BY-SA normation.com

  18. ncf Result www.ncf.io Example === 1000 words With ncf, automatic feedback: R: [DEBUG] Promise kept, not doing anything: Install package ntp in version latest R: [INFO] Promise repaired, made a change: Build file /etc/ntp.conf from template ntp.conf R: [INFO] Promise repaired, made a change: Restart service ntp R: [DEBUG] Promise kept, not doing anything: Ensure that service ntp is running 18 Normation – CC-BY-SA normation.com

  19. ncf A layered approach www.ncf.io A layered approach IT services: Services “Corporate web site” Components of Techniques services: “Apache” Generic methods IT Ops Knowledge Unit tasks: “Copy file”, Shared information: “Install package”, ... “httpd” package name 19 Normation – CC-BY-SA normation.com

  20. ncf How does it work? www.ncf.io How does it work? CFEngine 3 can have self-contained “bundles” that you can call with parameters. ntp package_install file_from_template service_restart Outputs structured messages logger 20 Normation – CC-BY-SA normation.com

  21. ncf Philosophy www.ncf.io Core principles DRY KISS Objective not subjective Extensible Open source Each generic_method does one thing and one thing only 21 Normation – CC-BY-SA normation.com

  22. ncf Overview of available generic_methods www.ncf.io 22 Normation – CC-BY-SA normation.com

  23. ncf Online documentation www.ncf.io http://www.ncf.io/pages/reference.html 23 Normation – CC-BY-SA normation.com

  24. ncf Current status www.ncf.io Project is young, but robust Need more generic methods Ohloh statistics: Actually CFEngine Source: http://www.ohloh.net/p/ncf-project 24 Normation – CC-BY-SA normation.com

  25. Demo! (aka “show me the code!”) Check it out on: http://www.ncf.io/ Normation – CC-BY-SA normation.com

  26. ncf The cherry on the cake www.ncf.io The cherry on the cake 26 Normation – CC-BY-SA normation.com Photo CC BY-NC-ND 2.0 from https://www.flickr.com/photos/creativeabubot

  27. ncf The cherry on the cake www.ncf.io Web interface “ncf builder” Browse available generic methods Build Techniques Lightweight app (client side HTML+JS) Uses a simple REST API to interact with ncf 27 Normation – CC-BY-SA normation.com

  28. ncf The cherry on the cake www.ncf.io 28 Normation – CC-BY-SA normation.com

  29. Questions? Check it out on: http://www.ncf.io/ Jonathan CLARKE – jcl@normation.com @jooooooon42 (that's 7 'o's) Normation – CC-BY-SA normation.com

Recommend

More recommend