Configuration Management
Big subject, is well defined ?
http://en.wikipedia.org/wiki/Configuration_management#Software
The traditional software configuration management (SCM) process is looked upon by practitioners as the best solution to handling changes in software projects. It identifies the functional and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes for the purpose of maintaining software integrity and traceability throughout the software development life cycle.
The SCM process further defines the need to trace changes, and the ability to verify that the final delivered software has all of the planned enhancements that are supposed to be included in the release. It identifies four procedures that must be defined for each software project to ensure that a sound SCM process is implemented. They are:
Configuration identification
Configuration control
Configuration status accounting
Configuration audits
These terms and definitions change from standard to standard, but are essentially the same.
Configuration identification is the process of identifying the attributes that define every aspect of a configuration item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in configuration documentation and baselined. Baselining an attribute forces formal configuration change control processes to be effected in the event that these attributes are changed. Configuration change control is a set of processes and approval stages required to change a configuration item's attributes and to re-baseline them.
Configuration status accounting is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.
Configuration audits are broken into functional and physical configuration audits. They occur either at delivery or at the moment of effecting the change.
A functional configuration audit ensures that functional and performance attributes of a configuration item are achieved, while a physical configuration audit ensures that a configuration item is installed in accordance with the requirements of its detailed design documentation.
Python
http://www.fullstackpython.com/configuration-management.html
http://www.infoq.com/articles/5-config-mgmt-best-practices
Some of the following may or may not have complete Win-Mac-Lin compatibility ...
Ansible
https://github.com/ansible/ansible/
Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems.
http://docs.ansible.com/ansible/index.html
http://docs.ansible.com/ansible/intro_windows.html
Starting in version 1.7, Ansible also contains support for managing Windows machines. This uses native PowerShell remoting, rather than SSH.
Ansible will still be run from a Linux control machine, and uses the “winrm” Python module to talk to remote hosts.
Windows client only.
http://docs.ansible.com/ansible/playbooks.html
Playbooks are Ansible’s configuration, deployment, and orchestration language. They can describe a policy you want your remote systems to enforce, or a set of steps in a general IT process ...
Uses YAML.
New commercial offering is Ansible Tower -> http://docs.ansible.com/ansible-tower/index.html ( Linux Only )
Interesting 'Job Templates' -> http://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html
https://serversforhackers.com/running-ansible-programmatically
Templates
We can add inventory into Ansible by creating a string representing an inventory file. The inventory file is normally where we'd define hosts and possibly some host/group variables.
Setting them in a string template like this lets me add them to the plays dynamically. This is easier than writing data to a file and doing checks to ensure there were no write issues (and thus gives us a bit more insurance against running customer's data on the wrong server).
Here we set a template with variables as expected by the Jinja2 template engine. Then we parse the template and get the final string, with variables replaced by their values.
Finally we add that string to a temporary file. That file will be set as the inventory used when Ansible runs.
Bundle Wrap
What is config management?
When we talk about config management, we're talking about using a piece of software to manage the state of your servers. It will create files, install software and start services.
Using a config management system has many advantages:
Versioning: Use an SCM tool like git to keep track of changes to your configuration.
Uniformity: Now it's easy to keep similar machines in sync and eliminate configuration drift.
Repeatability: Need another five web servers? You just have to configure them once.
Buildout
http://www.buildout.org/en/latest/
Buildout is a Python-based build system for creating, assembling and deploying applications from multiple parts, some of which may be non-Python-based. It lets you create a buildout configuration and reproduce the same software later.
Ju Ju
https://en.wikipedia.org/wiki/Juju_%28software%29
Juju (formerly Ensemble) is an open source service orchestration management tool developed by Canonical Ltd., the company behind Ubuntu. Juju allows software to be quickly deployed, integrated and scaled on a wide choice of cloud services or servers. ...
Has configuration management capabilities ... why 'orchestration' ?
Quattor
https://en.wikipedia.org/wiki/Quattor
Quattor is a generic open-source tool-kit used to install, configure, and manage computers. Quattor was originally developed in the framework of European Data Grid project (2001-2004) ...
... three unique features make it particularly attractive for managing grid resources:
Federated Management: The open, modular nature of the tool-kit permits system administrators at different institutes to share the management of their distributed resources.
Shared Configuration and Management Efficiency: Quattor encourages the re-use of configuration information in such a way that it can be distributed and used with little or no modification at different sites, facilitating the distribution of best practices without the need for each site to implement configuration changes.
Coherent Site Model: Quattor allows an administrator to develop a site model that, once constructed, can be used to manage a range of different resources, such as real machines, virtual machines and cloud resources.
These features are also attractive beyond the grid context.
Salt Stack
https://en.wikipedia.org/wiki/Salt_%28software%29
SaltStack platform or Salt is a Python-based open source configuration management software and remote execution engine. Supporting the "infrastructure-as-code" approach to deployment and cloud management, it competes primarily with Puppet, Chef, and Ansible ...
http://saltstack.com/community/
SaltStack takes a new approach to infrastructure management by developing software that is easy enough to get running in seconds, scalable enough to manage tens of thousands of servers, and fast enough to control and communicate with them in milliseconds. SaltStack delivers a dynamic infrastructure communication bus used for orchestration, remote execution, configuration management and much more.
The Salt project was launched in 2011 and today is the fastest-growing, most-active infrastructure orchestration and configuration management open source project in the world.
Synctool
https://en.wikipedia.org/wiki/Synctool
Synctool is an open source configuration management system, written by Walter de Jong, systems expert at SURFsara. Synctool aims to be easy to understand, learn and use. It is built in Python and makes use of SSH (with host or key based authentication) and rsync. It has the following characteristics:
A host can be part of logical groups.
Groups can be nested.
Files are designated a group by means of filename extension.
The 'overlay' directory tree contains the files and directories that should be copied (or 'synced') to the target host.
No specific language is used; scripts can be added in any scripting language.
Scripts can be linked to files to perform actions after a file update.
The 'tasks' directory contains scripts that are not linked to specific files but to host or host groups; these tasks can be used for instance for software package management. Synctool by itself offers limited package management tools.
Synctool is typically used interactively and has a dry run capability that enables surgical precision.
