Configuration Management – A love Story – Javier Turegano
- June 2008 – Devs want to deploy fast
- June 2009 – git -> jenkins -> Puppet master
- But things got pretty complicated and hard to maintain
- Remove puppet master, puppet noop, but only happens now and then lots of changes but a couple of errors
- Now doing manual changes
- June 2010 – Thngs turned into a mess.
- June 2011 – Devs want prod-like development
- Cloud! Tooling! Chef! – each dev have their own environment
- June 2012 – dev environments for all working in ec2
- dev no longer prod-like. cloud vs datacentre, puppet vs chef , debian vs centos, etc
- June 2013 – More into cloud, teams re-arranged
- Build EC2 images and deploy out of jenkins. Eaither as AMI or as rpm
- Each team fairly separate, doing thing different ways. Had guilds to share skills and procedures and experience
- June 2014 – Cloudformation, Ansible used by some groups, random
Healthy Operations – Phil Ingram
- Acquia – Enterprise Drupal as a service. GovCMS Australian Federal Government. 1/4 are remote
- Went from working in office to working from home
- Every week had phone call with boss
- Talk about thing other than with work, ask home people are going, talk to people.
- Not sleep, waking up at night, not exercising, quick to anger and negative thinking, inability to concentrate
- Hadn’t taken more than 1 week off work, let exercise work, hobbies was computer stuff
- In general being in Ops not as much of an option to take time off. Things stay broke until fix
- Unable to learn via Osmosis, Timing of handing over between shifts
- People do not understand that computers are run by people not robots
- Methods: Turn work off at the end of the day, Rubber Ducking, exercise
Developments in PCP (Performance Co-Pilot) : Nathan Scott
- See my slides from yesterday for intro to PCP
- Stuff in last 12 months
- Included in supported in RHEL 6.6 and RHEL 7
- Regular stable releases
- Better out of the box experience
- Tackling some long-standing problems
- JSON access – pmwebd , interactive web charts ( Graphite, grafana )
- zero-install look-inside containers
- Docker support but written to allow use by others
- Collectors
- Lots of new kernel metrics additions
- New applications from web devs (memcached, DNS, web )
- DB server additions
- Python PMDA interfaces
- Monitor work
- Reporting tools
- Web tools, GUIs
- Also improving ease of setup
- Getting historical data from sar, iostat
- www.pcp.io
Security options for container implementations – Jay Coles
- What doesn’t work: rlimits, quotas, blacklisting via ACLs
- Capabilities: Big list that containers probably shouldn’t have
- Cgroups – Accounting, Limiting resource usage, tracking of processes, preventing/allowing device access
- App Armor vs selinux – Use at least one, selinux a little more featured
