System Administrator Peace of Mind The weird sense of duty really good sysadmins have can border on the sociopathic, but it's nice to know that it stands between the forces of darkness and your cat blog's servers. https://xkcd.com/705/ 1
Advanced Systems Management with Machinery Andreas Jaeger Thomas Göttlicher Senior Product Manager aj@suse.com Software Engineer tgoettlicher@suse.com
Who Are We? Andreas Jaeger Product Manager Thomas Göttlicher Software Engineer 3
Master Builder's Challenges 4 Understand grown infrastructure Check for security updates Analyze software installations Fix configuration drift Migrate to new OS version Ensure compliance Validate application requirements SUSE Master Builder
Introducing Machinery
Machinery 6 Command line application for creating descriptions of Linux systems Get insight into existing systems, store and track their state, create new systems Powerful views of individual and comparisons between systems Export to other tools for installation, migration, image building, containerization, or cloud deployment Interfaces to work with system descriptions from your custom tools
Use Case Areas Configuration Discovery System Validation Service Migration 7
Configuration Discovery 8
System Validation 9
Service Migration 10
Use Case Elements 11
System Description Tool centers around system description Saved on central admin server Complete system information contains: 12 Installed software Configuration files Services Changes Can be transferred to other systems
Design Concepts 13 Self-contained system description Command-line tool No client software installation necessary Access client machines via ssh from central admin server
Offline Systems Management 14
What Machinery is Not 15 Machinery is not a configuration management system a monitoring tool a replacement for YaST a replacement for SUSE Manager
Other tools Cooperation different tools fulfill different needs Ansible, CFengine, Chef, Puppet, SaltStack, other CMS Automatic configuration of many machines But how to install the system initially? How to validate that your scripts (playbooks, recipes, manifests, etc) do the right thing? SUSE Manager WebUI Cooperation planned AIDE 16 Sophisticated security tool
Machinery's Philosophy 17 Made for the system administrator of the data center Universal system description Integrate, not duplicate Open toolbox Agile development Technical excellence Open Source SUSE Master Builder
Project
Machinery as Open Source Project 19
20
Since SUSECon 14: 21 Inspection: Inspection of unmanaged-files is now also using the faster machinery-helper when the files are extracted The x86_64 machinery-helper is now shipped with machinery. It speeds up inspection of unmanaged-files when the files are not extracted Support links in changed managed files scope Support links in config files scope Implement inspection of remote systems without root login using sudo
Since SUSECon 14: 22 Inspection Targets: Support inspection of Red Hat Enterprise Linux 6 systems Support inspection of Red Hat Enterprise Linux 5 systems Added support for inspecting System z systems Added support for inspecting POWER LE systems Add inspection of RPM based Docker containers Enable inspection of opensuse Tumbleweed systems
Since SUSECon 14: 23 Visualization and Usability: Added work flow hints to make machinery easier approachable Show details of elements with changed attributes for all scopes in comparison view Show progress indicator while loading file content in HTML view Show progress during inspection of scopes Differences between unmanaged files can be viewed in the HTML comparison Content of extracted files can be displayed in HTML view Add experimental option to show comparison of two system descriptions as HTML view Added HTML view of system descriptions
Since SUSECon 14: 24 Interoperability: Added AutoYaST export for system descriptions Add `containerize` command to the experimental features Supported Platforms: Added support to run Machinery on System z Added support to run Machinery on POWER LE Do not abort when Machinery is run on unsupported platforms, but just show a warning
Plan 25 Frequent releases driven by user needs Improve Inspection and comparison Faster Inspection Remove noise Inspect Deb systems (Debian, Ubuntu) HTML comparison
Machinery in SUSE Linux Enterprise 12
Machinery in SLES 27 Part of SLES 12 mission: Best managed Linux Advanced Systems Management Module More rapidly developed life cycle Frequent releases driven by customer needs
Advanced Systems Management Module 28
SUSE Linux Enterprise 12 Modules 29 Components of SUSE Linux Enterprise Flexible lifecycle (different from the base product) Delivered on-line Fully supported Included in the SUSE Linux Enterprise Server subscription No extra cost Introduced with SUSE Linux Enterprise 12
Modules - Overview 30 Module ModuleName Name Advanced AdvancedSystems Systems Management ManagementModule Module Content Lifecycle Content(examples) (examples) Lifecycle The Theconfiguration configurationmanagement managementtools tools Continuous Continuous cfengine, puppet, and the new Integration cfengine, puppet, and the new Integration "machinery" tool "machinery" tool Container ContainerModule Module Docker Dockerand andcontainer containerrelated relatedfunctionality functionalitycontinuous Continuous such as ECS integration Integration such as ECS integration Integration Legacy LegacyModule Module Sendmail, Sendmail,old oldimap IMAPstack, stack,old oldjava Javaetc. etc. Public PublicCloud CloudModule Module Instance Instanceinitialization initializationcode, code,command commandline linecontinuous Continuous tools for management Integration tools for management Integration Toolchain ToolchainModule Module Web Weband andscripting Scripting Module Module GCC GCC PHP, PHP, Python Python 33years years Yearly Yearlydelivery delivery 33years, years,18 18months months overlap overlap
Demo
Demo 1 Development 3 2 Production 32
Happy Master Builder! 33
Machinery Take Away 34 Machinery is a systems management toolkit for Linux. It supports configuration discovery, system validation, and service migration. Machinery is based on the idea of an universal system description. Machinery is made for the system administrator of the data center. Machinery is an Open Source project Machinery is a supported part of SLES 12
Contact Homepage: http://machinery-project.org Source Code: http://github.com/suse/machinery Mailing List: mailto:machinery@lists.suse.com 35
How will You use Machinery? Visit us in the showcase room Effectenbeurszaalb at Kiosk E8! Thank you. 36
37 Corporate Headquarters +49 911 740 53 0 (Worldwide) Join us on: Maxfeldstrasse 5 90409 Nuremberg Germany www.suse.com www.opensuse.org
Unpublished Work of SUSE LLC. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners. 257-000014-002
Containerization
Application Containers 40
Docker 41
Containerize a Rails App 42
Demo Backup Slides
44
45
46
47
48
49
50
51
52
53
54
55
56
57