DevOps LA Meetup Intro to Habitat

Habitat by ChefJessica DeVita, Evangelist @ubergeekgirlTrevor Hess, Customer Architect @trevorghess

Agenda

State of the WorldAn Overview of HabitatHow Habitat Makes Containers BetterDemoQuestions & Answers

>1k

>25k

Company Background

▪ At the forefront of agile, lean, and DevOps movements

▪ Open Source foundation

▪ Tens of millions of machines under management by Chef

▪ 265 employees. Offices in Seattle, San Francisco, London, Berlin

OUR VISION

The most enduring and transformative companies use Chef to become fast, efficient, and innovative software driven organizations

70% of the Fortune 500 tech sector uses Chef

Customers use Chef, including Alaska Airlines, Disney, Facebook, Intuit & Target

Organizations using Chef to improve their speed, efficiency & risk management

Quick Stats

Chef Customers

1. BMC 2. Splunk 3. IBM 4. HP 5. New Relic 6. AWS 7. Servicenow 8. CA 9. Microsoft

10.Chef 11. Solarwinds 12. Atlassian

Chef has driven the automation revolutionOur platform is a leader in Continuous Automation

Infrastructure Automation

Compliance Automation

Application Automation

Strategic Vendor of F500OSS LeadershipWith which vendor do you think you will be spending the most on IT tools in three years?

Goldman Sachs Spending Survey, 2016

Key Partners

The Chef Automate PlatformContinuous Automation for High Velocity IT

Workflow • Local development • Integration • Tooling (APIs & SDKs)

COLLABORATE

▪ Package▪ Test▪ Approve

BUILD▪ Provision▪ Configure▪ Execute▪ Update

DEPLOY▪ Secure▪ Comply▪ Audit▪ Measure▪ Log

MANAGE

Infrastructure Automation Compliance AutomationApplication Automation

OSS AUTOMATION ENGINES

Increase Speed▪ Package infrastructure and app

configuration as code

▪ Continuously automate infrastructure and app updates

Improve Efficiency

▪ Define and execute standard workflows and automation

▪ Audit and measure effectiveness of automation

Decrease Risk

▪ Define compliance rules as code

▪ Deliver continuous compliance as part of standard workflow

Product SoftwareDevelopment

QualityAssurance

Operations Security

Enterprise Application LifecycleR

UN

TIM

E

Grid PaaS Containers & Discovery Traditional Applications

INFR

AST

RU

CT

UR

E

Bare Metal Virtualization Cloud & IaaS OS

Application Delivery

Containers

Cloud & IaaS

PaaS

New World Infrastructure/Architecture

Data Services

VMs

Applications

VMs

Data Services

Container Schedulers

The reality of modern architectures

AWS ECS

Google Container EngineFor

ContainersFor Traditional Applications

BuildDeployManage

Brent’s Desk

database cluster

Configuration Management

13

The Reality

Application Concerns

OS Concerns

How do you...

Build immutable infrastructure but allow last mile Application config changes?

How do you...

Decouple the application build from the final production ready container?

How do you...

Orchestrate the application launch order & topology required?

19

20

What if you could defer infrastructure

decisions until runtime?

Automation travels with the application

Existing & Cloud Native Software

Application Automation

For new and legacy applications.

For stateless and stateful applications

No matter the runtime environment

Habitat’s Approach

Confidential & subject to NDA. Patents Pending.

The solution should be the same:

● Applications: portable & responsible for their own automation

● Small OS serves the application

● Make application components aware of each other over a network

● Continuous deployment without traditional “ARA”

Habitat Components

• Habitat Studio - an application packager

Habitat Components

• Habitat Studio - an application packager

• Habitat Plans - instructions to download, compile, and install

Habitat Components

• Habitat Studio - an application packager

• Habitat Plans - instructions to download, compile, and install

• Habitat Depot - a place to upload and download your app packages

Habitat Components

• Habitat Studio - an application packager

• Habitat Plans - instructions to download, compile, and install

• Habitat Depot - a place to upload and download your app packages

• Habitat Supervisor - an intelligent runtime with deployment coordination and service discovery built in

How do you...

Decouple the application build from the final production ready artifact?

Provide a “DSL” to describe the application build(plan.sh), and provide an isolated environment (studio)

to build the application artifact (Habitat Package).

Starts with a plan

Simple, Native, and Declarative

pkg_origin=corepkg_name=redispkg_version=3.2.1pkg_license=('BSD')pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"pkg_source=http://download.redis.io/releases/${pkg_name}-${pkg_version}.tar.gzpkg_shasum=b2a791c4ea3bb7268795c45c6321ea5abcc24457178373e6a6e3be6372737f23pkg_bin_dirs=(bin)pkg_build_deps=(core/make core/gcc)pkg_deps=(core/glibc)pkg_svc_run="redis-server $pkg_svc_config_path/redis.config"pkg_expose=(6379)do_build() {

make}

plan.sh

Low abstraction

Complete dependencies

Declare services

Simple functions

https://github.com/docker-library/redis/blob/master/3.2/Dockerfile

https://github.com/docker-library/redis/blob/master/3.2/Dockerfile

Clean room environmentSafe by default

Installs dependences

Built in a studio

Central locationPublicly hosted

Lightweight channels

Stored in a depot

Easy patternShortcuts

Increasing specificity

Installed by hab

Binaries and ConfigMetadata

Side-by-side

Packages Contain

Install automaticallyKeep things running

Manage configuration

Supervisors run services

Print config options12-Factor style

Externally enforced

Environment configuration

More flexible than environmentUniversal location

Externally enforced

File configuration

How do you...

Build immutable infrastructure but allow last mile Application config changes?

Ship the config along side an immutable application artifact. Provide a supervisor to dynamically update the config based on

environment or service discovery.

Supervisors provide a REST API

External Actors

Health and Status

Supervisor Debugging

How do you...

Orchestrate the application launch order & topology required?

Provide config aware, autonomous, self-organizing peers (supervisors) with built in topologies for

clustering strategies.

Supervisors form a ring

Peers

Service Groups

Gossip

Availability increases with scale

Supervisors support topologies

Dynamic configuration

Service group level

Uses the ring

Supervisors provide update strategies

Topology aware

Tracks views in the depot

Ideal for Continuous Delivery

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

USER ARTIFACT

How we do itPackaging Applications

Running Applications

Confidential & subject to NDA. Patents Pending.

PLAN DEPOT

DEPOT ARTIFACT

BARE METAL

CONTAINERS

AMI

VM

How we do it

LEADER

INITIALIZER

STAND ALONE

Topologies Update StrategyRunning Applications

Confidential & subject to NDA. Patents Pending.

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

SERVICE

SUPERVISOR

“ALL AT ONCE”

ARTIFACT DEPOT

SERVICE

SUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

How we do itSecurity

PUB KEY

SYMMETRIC ENCRYPTION

LOAD BALANCER

Build Service

BUILD SERVICE

USER SECRET PAYLOADS

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

SERVICESUPERVISOR

ARTIFACTPLAN DEPOT

Confidential & subject to NDA. Patents Pending.

How do you...

Build containers with the Minimum Viable OS?

Allow applications to declare their runtime dependencies, and resolve those dependencies from

the application to the infrastructure.

DockerACI

Mesosphere

Post-process packages

Habitat + Containers

● Container formats recreate the traditional model of infrastructure and applications.

● Poor at abstracting the Build + Run aspects of Applications

Libraries

Operating System

Application

Application &Libraries

● Habitat builds containers from the application down

● Small lightweight OS included

● Embedded Supervisor for Application Management

Application Libraries

Operable Application Containers

•Isolated•Immutable•Configurable•Common interface for monitoring health•Rebuild from source•Common packaging•Runtime Independence

Habitat’s technology

Confidential & subject to NDA. Patents Pending.

● Describes how to build the software

● Explicit about dependencies

● Includes what is configurable about the application

● Built in service discovery● Self-organizes into

topologies● Handles inter-service

discovery through binding● Has no single point of

failure

BUILD DEPLOY MANAGE

● Encrypted, authenticated run-time configuration

● Automatic, safe, atomic software updates

● Dynamic topology updates

What the modern application team getsDevelopers, System Administrators, CIOs; Enterprise and Tech Innovators

▪ Runs the same way in any environment

▪ Management travels with the application; no drift

▪ Autonomous and self-organizing

▪ Legacy and Greenfield

▪ Lets the enterprise modernize without re-writing the world

▪ Faster to build, easier to deploy, safer to manage

▪ Easiest way to deploy containers and microservices in production

▪ Developers can focus on building great applications

▪ Systems Administrators can focus on how those applications should behave

▪ Gives both a language they can share, with clear boundaries

Simplification Acceleration Empowerment

Confidential & subject to NDA. Patents Pending.

It’s all open source

Apache License

”Support, services, and trainingChef as your partner for success with continuous automation

▪ On Demand. Chef can provide dedicated support for your installation with experts from our customer success team.

▪ Vibrant Community.In addition to direct support, Chef has a huge and active community ready and willing to provide guidance and best practice.

▪ Custom development.Chef can design and build configuration cookbooks, compliance profiles and application packages using our in-house experts.

▪ Accelerators.Our architects and DevOps practitioners can provide the experience needed to get to success quickly

▪ Public and Private Training.We can deliver in-person and on-demand training to suit your needs.

▪ Certification. Chef can help ensure your team has the right knowledge for continued success.

Support from the source Services for outcomes Training for capability

By bringing in Chef, we were able to automate very heterogeneousinfrastructures that included both legacy and new applications

Habitat Community

• Join the Habitat Slack Team - http://slack.habitat.sh/• Work through the tutorial at https://www.habitat.sh/tutorials/• Explore Habitat packages on the depot - https://app.habitat.sh/• Explore the Habitat projects - https://github.com/habitat-sh• Read Habitat Blog posts - https://blog.chef.io/?s=habitat• Join the Habitat Forums - https://forums.habitat.sh/

Thank you!