IT Automation with CFEngine Business Value and Basic Concepts
Nov 18, 2014
IT Automationwith CFEngine
Business Value and Basic Concepts
The Dematerialization of the datacenter
Connected Devices
Mobile
Cloud
Internet/Intranet
Mainframe
Client Server
Improved Productivity
‘IT’ is About Continuous Delivery of Applications
Develop Test Stage Deploy
Monitoring and Feedback Loop
Error Reduction
Visibility
Continuous Delivery
Application Delivery – Lots of Players and Moving Parts
Source Code
Build Automation
Repository – war, jar, rb, ear, dll, aspx,
CFEngine
Infrastructure AutomationContinuous Delivery & Continuous Operations
Dev Test Stage Prod
Relase Eng
Web/DBA
Admin
App Admin
IT Ops
Release Team
Configuration Parameters
People, Process
web app db
web
web
web
Middleware
app
app
app
db
db
db
Load Balancer
N-Tier Application
Infrastructure Automation
Requirements
Input
Release Automation Flow
A Different Approach to Automation is Called For
requires continuous automation
... not power-assisted intervention
Continuous delivery
Architected for speed, security and Web Scale
1. Define Desired State
2. Ensure Defined State
CFDB
3. Verify Actual State
Policy-ServerDesign Center
Knowledge Center
CFE Agents
History• 1993: Open Source project• 2001: CFEngine version 2• 2004: Promise Theory• 2009: CFEngine version 3• 2014: CFEngine version 3.6
Customer Validation
Technology Validation• Infrastructure Automation, Continuous
Delivery• Distributed, Lean, Secure architecture• IT Automation at Web-Scale (size, agility)• Community (Open source), Enterprise edition
Market Validation• >10 million servers• 10,000 companies• 100 countries• Tens of thousands of servers (individual
customer deployments)
CFEngine – IT Automation at Web-Scale
JPMC Award 1.JPG
JPMorgan Chase 2013 Hall of Innovation Winner
CFEngine’s innovative technology has enabled JPMC to achieve global consistency of their dynamic configuration environment, resulting in cost savings, risk mitigation, efficiency and product differentiation and faster time to market.
As the most strategic and scalable automation platform, CFEngine has made standardization easier to achieve, allowing systems to manage themselves and converge to their desired state
Mike Ashworth,Chief Information Officer for J.P.Morgan Chase
• Tens of thousands of production servers running CFEngine ensuring desired state for heterogeneous environments
• 500:1 server to admin ratio in tier 2, and 10,000:1 in tier 3
Server Automation at Scale
• 400 applications in production, each associated with CFEngine policy• Each application group handles its own application logic and
dependencies (processes, config files, ..)• Integrates with homegrown “click and deploy” solution
Application Release
• Provide completed automation from bare metal to the application layer• Delivering email-as-a-service, backup-as-a-service and managed
services to more than 200k end customers• Expanding to application-release-as-a-service
Delivering a PaaS Solution
• Highly automated with every change in CFEngine and version control• Achieve high SLA by implementing SW load balancing with CFE• > 1,000 servers per admin
Creating an IaaS Platform
Examples of CFEngine implementations
Supported Platforms
Infrastructure Automation at Web-scale
CFEngine offers a programmatic approach to configuring infrastructure, which is different from most commercial configuration products. It offers a highly scalable approach, with a pull-based, distributed architecture.
Laurie F. Wurster, Ronni J. Colville, Gartner Research
Market Trends: ARA, DevOps and Mobile Device Management
Ignite Configuration Management, 11/27/2013
Defining Next Generation Lean IT Operations
“With CFEngine, I can define a new Software Defined Datacenter
and offer IaaS and PaaS to my customers within 10 minutes”
Mike SvobodaLead Automation Engineer, LinkedIn
How LinkedIn Uses CFEngine
Functions we have automated:
• Hardware failure detection• Account administration• Privilege escalation• Software deployment• O/S configuration management • Process / service management• Software deployment• System monitoring
“You never need to log into a machine to manage it”
Summary – CFEngine at LinkedIn
MetricBefore implementation of
CFEngine at LinkedInAfter implementation of CFEngine at LinkedIn
Headcount 6 people supporting a few hundred machines
6 people supporting tens of thousands of machines
Time spent Hours to build a single machine Build complete datacenters in minutes
Productivity Hours spent collecting data before change, change itself causing outages
Can focus on building infrastructure, team became proactive to fix future problems, not reactive / firefighting
Ease of scaling server deployment
Incredibly difficult to respond to change, low visibility into production
Superior administration, rapid response to changing needs, complete system visibility
Creating an IaaS Platform to enable self-service for application development teams
Create multi-tier infrastructure with VMware vCloud
• Load balancer
• Web servers
• Cache servers
• Deploy a multi-tier application to the infrastructure
Demonstration
File Integrity Monitoring and Reporting
File Integrity Monitoring of Unix User Account Files
• Create dynamic groups of servers based on the environment
• Define files to monitor
• Generate compliance reports on changes
• Filter, export and schedule reports
Demonstration
Summary
CFEngine Enterprise delivers
IT Automation at Web-Scale
Infrastructure Automation, Continuous Delivery and Continuous
Operations using a model based approach that is secure,
scalable, and agile and provides enterprise-wide visibility,
while ensuring service levels and compliance.
• Join the conversation on our community help forumhttps://groups.google.com/forum/?fromgroups&hl=en#!forum/help-cfengine
Next Steps
• Download and Try CFEngine Enterprise Todayhttp://cfengine.com/evaluate-enterprise
• Attend the follow-on Webinar – Getting Started with CFEngineTuesday, Feb-18, 10am PST