SlideShare ist ein Scribd-Unternehmen logo

Habitat at SRECon

Mandi Walls
Mandi Walls

Slides from my talk Application Automation with Habitat at SRECon EMEA 2017

Software
1 von 28
Downloaden Sie, um offline zu lesen
Mandi Walls Technical Community Manager for EMEA @lnxchk mandi@chef.io #habitatsh http://slack.habitat.sh/ Ian Henry @Eeyun___ Habitat Community lead
How Do We Run Applications? • On a computer • With an OS • And some libraries • And some configuration • And some way to start it and stop it
We’ve been moving complexity around rather than reducing it
case node['platform_family'] when 'freebsd' false when 'arch', 'debian', 'rhel', 'fedora', 'amazon' true when 'suse' node['platform_version'].to_f < 12.0 ? false : true end Ugh.
So. Habitat. • Reduce snowflakeness • Support microservices • Manage container creep https://www.bonanza.com/listings/Premier-Food-Storage-Containers-20-Piece-Set-Grey/443972348
Modern Applications Are Trending Toward • Immutability • Platform agnosticism • Complexity reduction • Scalability https://amazingmusthaves.com/products/steel-insulated-food-containers/
What Habitat GetsYou • Defer some decisions to runtime • Do clean room builds • Repeatable builds • Distro agnostic packaging system • Service runtime and discovery • Configuration exposed via API • Packages are signed by the system
Habitat Studio • Provides a busy box clean room for your app • Plus a set of tools for manipulating and running harts
Why a Studio? • Declare explicit dependencies • Ship exactly what you need • Sign your packages and store artifacts
Habitat Plans • Plan files are where you put together your builds • They are bash • Live with the application
What’s In A Plan? pkg_name=container_sched_backend pkg_origin=lnxchk pkg_version="0.1.0" pkg_build_deps=(core/rust) pkg_deps=(core/glibc core/gcc core/gcc-libs) pkg_bin_dirs=(bin) bin="container_sched_backend" pkg_exports=([out]=cfg.out) do_build() { cargo build } do_install() { install -v -D "$PLAN_CONTEXT/../target/debug/$bin" "$pkg_prefix/bin/$bin" } pkg_svc_run="$bin" Examples at https://github.com/habitat-sh/core-plans/
What Gets Built? • Everything. Sort of. • Build your own apps from source • Decide if you want upstream binaries or source for things like runtime   You don’t have to build Tomcat, but you can • For COTS, use the binaries and skip steps
Configuration • Can be manipulated at runtime • Also travels with the app • Provides variable substitution and templating using handlebars http://handlebarsjs.com/
Application Configuration File:TOML [myconfig] out = "{{cfg.out}}" color = "{{cfg.color}}" {{~# if svc.me.leader ~}} leader = true {{ else }} leader = false {{/if ~}}
Set Defaults in Habitat – default.toml leader = false out = "out" color = "green” [tomltable] var = “val”
The Depot • You can share plans with the Depot, and other hab users share theirs • Has team namespacing • The core plans are those built by the Habitat team • https://app.habitat.sh/ • Private build services – Coming Soon!   https://www.habitat.sh/blog/2017/05/Builder/
Caveat - Internet • You can build your own stuff inside your own network, sort of, when it’s all on one machine • There will eventually be a private depot server • For now, hab and its components need internet access
Build Output • By default, it’s a hart – a compressed tarball with some metadata and a signature • You can export to other formats, like Docker containers • The hart itself it runnable
Runtime • The hab runtime includes management, service discovery, other features • The habs in your application create a mesh so they can talk to each other • You can even update your application via the mesh without restarting every application manually
Running a Hart sudo hab start lnxchk/container_sched_backend --peer 172.31.13.250 --topology leader • The same hart runs on multiple distros – no need for other packages • Once hooked together, the supervisors will have a leader election • If instances move in or out of the mesh, a new election will occur after a timeout • Updates are persistent and stored in metadata on the hosts   /hab/data/services
Updating Configuration at Runtime • Update all or part of the configuration while the apps are running • Send the update to a member of the mesh and they will all update sudo hab config apply container_sched_backend.default 2 newconfig.toml
Supervisor Web Interface • http://ip.add.re.ss:9631/services • http://ip.add.re.ss:9631/census
Additional Features • Healthchecks – can be customized for your app, and travel in the hart   https://www.habitat.sh/tutorials/sample-app/windows/add-health- check-hook/ • Dynamic Updates – when a new version is uploaded to the Depot in the “stable” channel, update running apps   https://www.habitat.sh/tutorials/sample-app/windows/update- app/
Shortcut for common platforms: Scaffolding • Default core-built dependencies for common runtimes • Ruby and Node so far pkg_name=MY_APP pkg_origin=MY_ORIGIN pkg_version=MY_VERSION pkg_scaffolding=core/scaffolding-ruby https://www.habitat.sh/docs/concepts-scaffolding/
Join Us! • On Slack!   http://slack.habitat.sh • Online! With Tutorials!   https://www.habitat.sh/ • On Github!   https://github.com/habitat-sh • The sample app in this talk   https://github.com/lnxchk/container_sched_backend Try it out! Share your story! Get some swag!! goo.gl/WrHQTU
Other References • Summary on The New Stack   https://thenewstack.io/chef-habitat-addresses-issues-moving- containers-production • OurYouTube Channel   https://www.youtube.com/user/getchef
October 10 – 11, 2017 etc.venues Fenchurch St London https://chef.io/summits mandi@chef.io

Empfohlen

Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 
Jelastic Features 2.x
Jelastic Features 2.xJelastic Features 2.x
Jelastic Features 2.xRuslan Synytsky
 
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRY
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRYJELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRY
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRYRuslan Synytsky
 
Performance out
Performance outPerformance out
Performance outAndrea Martinez
 
DevCon13 System Administration Basics
DevCon13 System Administration BasicsDevCon13 System Administration Basics
DevCon13 System Administration Basicssysnickm
 
Jelastic DevOps VPC and Hybrid Cloud
Jelastic DevOps VPC and Hybrid CloudJelastic DevOps VPC and Hybrid Cloud
Jelastic DevOps VPC and Hybrid CloudJelastic Multi-Cloud PaaS
 
2015 deploying flash in the data center
2015 deploying flash in the data center2015 deploying flash in the data center
2015 deploying flash in the data centerHoward Marks
 
Apache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutApache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutSander Temme
 

Empfohlen

Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 
Jelastic Features 2.x
Jelastic Features 2.xJelastic Features 2.x
Jelastic Features 2.xRuslan Synytsky
 
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRY
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRYJELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRY
JELASTIC IS THE PIONEER AND VISIONARY IN THE CLOUD INDUSTRYRuslan Synytsky
 
Performance out
Performance outPerformance out
Performance outAndrea Martinez
 
DevCon13 System Administration Basics
DevCon13 System Administration BasicsDevCon13 System Administration Basics
DevCon13 System Administration Basicssysnickm
 
Jelastic DevOps VPC and Hybrid Cloud
Jelastic DevOps VPC and Hybrid CloudJelastic DevOps VPC and Hybrid Cloud
Jelastic DevOps VPC and Hybrid CloudJelastic Multi-Cloud PaaS
 
2015 deploying flash in the data center
2015 deploying flash in the data center2015 deploying flash in the data center
2015 deploying flash in the data centerHoward Marks
 
Apache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutApache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutSander Temme
 
Maxta VM-centric Storage
Maxta VM-centric StorageMaxta VM-centric Storage
Maxta VM-centric Storageinside-BigData.com
 
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic Multi-Cloud PaaS
 
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDeveloping Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDavid Currie
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vuvncson
 
VMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon ViewVMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon ViewMatt Crape
 
Informix on Docker Hub
Informix on Docker HubInformix on Docker Hub
Informix on Docker HubPradeep Natarajan
 
Java Night 2010 SteamCannon
Java Night 2010 SteamCannonJava Night 2010 SteamCannon
Java Night 2010 SteamCannonmarekgoldmann
 
Jelastic Overview
Jelastic OverviewJelastic Overview
Jelastic OverviewJelastic Multi-Cloud PaaS
 
Modernizing Applications with Microservices
Modernizing Applications with MicroservicesModernizing Applications with Microservices
Modernizing Applications with MicroservicesMarkus Eisele
 
Managing storage on Prem and in Cloud
Managing storage on Prem and in CloudManaging storage on Prem and in Cloud
Managing storage on Prem and in CloudHoward Marks
 
Habitat at LinuxLab IT
Habitat at LinuxLab ITHabitat at LinuxLab IT
Habitat at LinuxLab ITMandi Walls
 
Containerdays Intro to Habitat
Containerdays Intro to HabitatContainerdays Intro to Habitat
Containerdays Intro to HabitatMandi Walls
 
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Mandi Walls
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat OverviewMandi Walls
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture materialAnkit Gupta
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...Sébastien Portebois
 
Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017Mandi Walls
 
Docker for the enterprise
Docker for the enterpriseDocker for the enterprise
Docker for the enterpriseBert Poller
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015WaveMaker, Inc.
 
Hadoop Everywhere & Cloudbreak
Hadoop Everywhere & CloudbreakHadoop Everywhere & Cloudbreak
Hadoop Everywhere & CloudbreakSean Roberts
 
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...Hortonworks
 
The world of Docker and Kubernetes
The world of Docker and Kubernetes The world of Docker and Kubernetes
The world of Docker and Kubernetes vty
 

Weitere ähnliche Inhalte

Was ist angesagt?

Jelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic Multi-Cloud PaaS
 
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDeveloping Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDavid Currie
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vuvncson
 
VMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon ViewVMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon ViewMatt Crape
 
Java Night 2010 SteamCannon
Java Night 2010 SteamCannonJava Night 2010 SteamCannon
Java Night 2010 SteamCannonmarekgoldmann
 
Modernizing Applications with Microservices
Modernizing Applications with MicroservicesModernizing Applications with Microservices
Modernizing Applications with MicroservicesMarkus Eisele
 
Managing storage on Prem and in Cloud
Managing storage on Prem and in CloudManaging storage on Prem and in Cloud
Managing storage on Prem and in CloudHoward Marks
 

Was ist angesagt? (10)

Maxta VM-centric Storage
Maxta VM-centric StorageMaxta VM-centric Storage
Maxta VM-centric Storage
 
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
 
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDeveloping Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vu
 
VMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon ViewVMware VCP7-DTM: More than just Horizon View
VMware VCP7-DTM: More than just Horizon View
 
Informix on Docker Hub
Informix on Docker HubInformix on Docker Hub
Informix on Docker Hub
 
Java Night 2010 SteamCannon
Java Night 2010 SteamCannonJava Night 2010 SteamCannon
Java Night 2010 SteamCannon
 
Jelastic Overview
Jelastic OverviewJelastic Overview
Jelastic Overview
 
Modernizing Applications with Microservices
Modernizing Applications with MicroservicesModernizing Applications with Microservices
Modernizing Applications with Microservices
 
Managing storage on Prem and in Cloud
Managing storage on Prem and in CloudManaging storage on Prem and in Cloud
Managing storage on Prem and in Cloud
 

Ähnlich wie Habitat at SRECon

Habitat at LinuxLab IT
Habitat at LinuxLab ITHabitat at LinuxLab IT
Habitat at LinuxLab ITMandi Walls
 
Containerdays Intro to Habitat
Containerdays Intro to HabitatContainerdays Intro to Habitat
Containerdays Intro to HabitatMandi Walls
 
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Mandi Walls
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat OverviewMandi Walls
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture materialAnkit Gupta
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...Sébastien Portebois
 
Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017Mandi Walls
 
Docker for the enterprise
Docker for the enterpriseDocker for the enterprise
Docker for the enterpriseBert Poller
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015WaveMaker, Inc.
 
Hadoop Everywhere & Cloudbreak
Hadoop Everywhere & CloudbreakHadoop Everywhere & Cloudbreak
Hadoop Everywhere & CloudbreakSean Roberts
 
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...Hortonworks
 
The world of Docker and Kubernetes
The world of Docker and Kubernetes The world of Docker and Kubernetes
The world of Docker and Kubernetes vty
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesAtlassian
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerWeb à Québec
 
Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeDenis Gundarev
 
Cloud for agile_sw_projects-final
Cloud for agile_sw_projects-finalCloud for agile_sw_projects-final
Cloud for agile_sw_projects-finalAlain Delafosse
 
Docker introduction
Docker introductionDocker introduction
Docker introductiondotCloud
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013Docker, Inc.
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013dotCloud
 

Ähnlich wie Habitat at SRECon (20)

Habitat at LinuxLab IT
Habitat at LinuxLab ITHabitat at LinuxLab IT
Habitat at LinuxLab IT
 
Containerdays Intro to Habitat
Containerdays Intro to HabitatContainerdays Intro to Habitat
Containerdays Intro to Habitat
 
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat Overview
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture material
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
 
Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017Habitat Workshop at Velocity London 2017
Habitat Workshop at Velocity London 2017
 
Docker for the enterprise
Docker for the enterpriseDocker for the enterprise
Docker for the enterprise
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
 
Hadoop Everywhere & Cloudbreak
Hadoop Everywhere & CloudbreakHadoop Everywhere & Cloudbreak
Hadoop Everywhere & Cloudbreak
 
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
Hortonworks Technical Workshop: HDP everywhere - cloud considerations using...
 
The world of Docker and Kubernetes
The world of Docker and Kubernetes The world of Docker and Kubernetes
The world of Docker and Kubernetes
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data Scientists
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 
Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternative
 
Cloud for agile_sw_projects-final
Cloud for agile_sw_projects-finalCloud for agile_sw_projects-final
Cloud for agile_sw_projects-final
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 

Mehr von Mandi Walls

DOD Raleigh Gamedays with Chaos Engineering.pdf
DOD Raleigh Gamedays with Chaos Engineering.pdfDOD Raleigh Gamedays with Chaos Engineering.pdf
DOD Raleigh Gamedays with Chaos Engineering.pdfMandi Walls
 
Addo reducing trauma in organizations with SLOs and chaos engineering
Addo reducing trauma in organizations with SLOs and chaos engineeringAddo reducing trauma in organizations with SLOs and chaos engineering
Addo reducing trauma in organizations with SLOs and chaos engineeringMandi Walls
 
Full Service Ownership
Full Service OwnershipFull Service Ownership
Full Service OwnershipMandi Walls
 
PagerDuty: Best Practices for On Call Teams
PagerDuty: Best Practices for On Call TeamsPagerDuty: Best Practices for On Call Teams
PagerDuty: Best Practices for On Call TeamsMandi Walls
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020Mandi Walls
 
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Mandi Walls
 
Using Chef InSpec for Infrastructure Security
Using Chef InSpec for Infrastructure SecurityUsing Chef InSpec for Infrastructure Security
Using Chef InSpec for Infrastructure SecurityMandi Walls
 
Adding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17xAdding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17xMandi Walls
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopMandi Walls
 
InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018Mandi Walls
 
DevOpsDays InSpec Workshop
DevOpsDays InSpec WorkshopDevOpsDays InSpec Workshop
DevOpsDays InSpec WorkshopMandi Walls
 
Adding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecAdding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecMandi Walls
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 
habitat at docker bud
habitat at docker budhabitat at docker bud
habitat at docker budMandi Walls
 
Ingite Slides for InSpec
Ingite Slides for InSpecIngite Slides for InSpec
Ingite Slides for InSpecMandi Walls
 
InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017Mandi Walls
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017Mandi Walls
 
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017Mandi Walls
 
Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)Mandi Walls
 
Configuration Management is Old and Boring
Configuration Management is Old and BoringConfiguration Management is Old and Boring
Configuration Management is Old and BoringMandi Walls
 

Mehr von Mandi Walls (20)

DOD Raleigh Gamedays with Chaos Engineering.pdf
DOD Raleigh Gamedays with Chaos Engineering.pdfDOD Raleigh Gamedays with Chaos Engineering.pdf
DOD Raleigh Gamedays with Chaos Engineering.pdf
 
Addo reducing trauma in organizations with SLOs and chaos engineering
Addo reducing trauma in organizations with SLOs and chaos engineeringAddo reducing trauma in organizations with SLOs and chaos engineering
Addo reducing trauma in organizations with SLOs and chaos engineering
 
Full Service Ownership
Full Service OwnershipFull Service Ownership
Full Service Ownership
 
PagerDuty: Best Practices for On Call Teams
PagerDuty: Best Practices for On Call TeamsPagerDuty: Best Practices for On Call Teams
PagerDuty: Best Practices for On Call Teams
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020
 
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019
 
Using Chef InSpec for Infrastructure Security
Using Chef InSpec for Infrastructure SecurityUsing Chef InSpec for Infrastructure Security
Using Chef InSpec for Infrastructure Security
 
Adding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17xAdding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17x
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec Workshop
 
InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018
 
DevOpsDays InSpec Workshop
DevOpsDays InSpec WorkshopDevOpsDays InSpec Workshop
DevOpsDays InSpec Workshop
 
Adding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecAdding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpec
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
 
habitat at docker bud
habitat at docker budhabitat at docker bud
habitat at docker bud
 
Ingite Slides for InSpec
Ingite Slides for InSpecIngite Slides for InSpec
Ingite Slides for InSpec
 
InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017
 
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017
 
Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)
 
Configuration Management is Old and Boring
Configuration Management is Old and BoringConfiguration Management is Old and Boring
Configuration Management is Old and Boring
 

Kürzlich hochgeladen

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 

Kürzlich hochgeladen (20)

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 

Habitat at SRECon

  • 1.
  • 2. Mandi Walls Technical Community Manager for EMEA @lnxchk mandi@chef.io #habitatsh http://slack.habitat.sh/ Ian Henry @Eeyun___ Habitat Community lead
  • 3. How Do We Run Applications? • On a computer • With an OS • And some libraries • And some configuration • And some way to start it and stop it
  • 4. We’ve been moving complexity around rather than reducing it
  • 6. So. Habitat. • Reduce snowflakeness • Support microservices • Manage container creep https://www.bonanza.com/listings/Premier-Food-Storage-Containers-20-Piece-Set-Grey/443972348
  • 7. Modern Applications Are Trending Toward • Immutability • Platform agnosticism • Complexity reduction • Scalability https://amazingmusthaves.com/products/steel-insulated-food-containers/
  • 8. What Habitat GetsYou • Defer some decisions to runtime • Do clean room builds • Repeatable builds • Distro agnostic packaging system • Service runtime and discovery • Configuration exposed via API • Packages are signed by the system
  • 9. Habitat Studio • Provides a busy box clean room for your app • Plus a set of tools for manipulating and running harts
  • 10. Why a Studio? • Declare explicit dependencies • Ship exactly what you need • Sign your packages and store artifacts
  • 11. Habitat Plans • Plan files are where you put together your builds • They are bash • Live with the application
  • 12. What’s In A Plan? pkg_name=container_sched_backend pkg_origin=lnxchk pkg_version="0.1.0" pkg_build_deps=(core/rust) pkg_deps=(core/glibc core/gcc core/gcc-libs) pkg_bin_dirs=(bin) bin="container_sched_backend" pkg_exports=([out]=cfg.out) do_build() { cargo build } do_install() { install -v -D "$PLAN_CONTEXT/../target/debug/$bin" "$pkg_prefix/bin/$bin" } pkg_svc_run="$bin" Examples at https://github.com/habitat-sh/core-plans/
  • 13. What Gets Built? • Everything. Sort of. • Build your own apps from source • Decide if you want upstream binaries or source for things like runtime   You don’t have to build Tomcat, but you can • For COTS, use the binaries and skip steps
  • 14. Configuration • Can be manipulated at runtime • Also travels with the app • Provides variable substitution and templating using handlebars http://handlebarsjs.com/
  • 15. Application Configuration File:TOML [myconfig] out = "{{cfg.out}}" color = "{{cfg.color}}" {{~# if svc.me.leader ~}} leader = true {{ else }} leader = false {{/if ~}}
  • 16. Set Defaults in Habitat – default.toml leader = false out = "out" color = "green” [tomltable] var = “val”
  • 17. The Depot • You can share plans with the Depot, and other hab users share theirs • Has team namespacing • The core plans are those built by the Habitat team • https://app.habitat.sh/ • Private build services – Coming Soon!   https://www.habitat.sh/blog/2017/05/Builder/
  • 18. Caveat - Internet • You can build your own stuff inside your own network, sort of, when it’s all on one machine • There will eventually be a private depot server • For now, hab and its components need internet access
  • 19. Build Output • By default, it’s a hart – a compressed tarball with some metadata and a signature • You can export to other formats, like Docker containers • The hart itself it runnable
  • 20. Runtime • The hab runtime includes management, service discovery, other features • The habs in your application create a mesh so they can talk to each other • You can even update your application via the mesh without restarting every application manually
  • 21. Running a Hart sudo hab start lnxchk/container_sched_backend --peer 172.31.13.250 --topology leader • The same hart runs on multiple distros – no need for other packages • Once hooked together, the supervisors will have a leader election • If instances move in or out of the mesh, a new election will occur after a timeout • Updates are persistent and stored in metadata on the hosts   /hab/data/services
  • 22. Updating Configuration at Runtime • Update all or part of the configuration while the apps are running • Send the update to a member of the mesh and they will all update sudo hab config apply container_sched_backend.default 2 newconfig.toml
  • 24. Additional Features • Healthchecks – can be customized for your app, and travel in the hart   https://www.habitat.sh/tutorials/sample-app/windows/add-health- check-hook/ • Dynamic Updates – when a new version is uploaded to the Depot in the “stable” channel, update running apps   https://www.habitat.sh/tutorials/sample-app/windows/update- app/
  • 25. Shortcut for common platforms: Scaffolding • Default core-built dependencies for common runtimes • Ruby and Node so far pkg_name=MY_APP pkg_origin=MY_ORIGIN pkg_version=MY_VERSION pkg_scaffolding=core/scaffolding-ruby https://www.habitat.sh/docs/concepts-scaffolding/
  • 26. Join Us! • On Slack!   http://slack.habitat.sh • Online! With Tutorials!   https://www.habitat.sh/ • On Github!   https://github.com/habitat-sh • The sample app in this talk   https://github.com/lnxchk/container_sched_backend Try it out! Share your story! Get some swag!! goo.gl/WrHQTU
  • 27. Other References • Summary on The New Stack   https://thenewstack.io/chef-habitat-addresses-issues-moving- containers-production • OurYouTube Channel   https://www.youtube.com/user/getchef
  • 28. October 10 – 11, 2017 etc.venues Fenchurch St London https://chef.io/summits mandi@chef.io