See: Ansible for DevOps: Server and configuration management for humans
Tag: Configuration Management DevOps
Configuration Management DevOps
“Linux containers are implementations of operating system-level virtualization for the Linux operating system. Several implementations exist, all based on the virtualization, isolation, and resource management mechanisms provided by the Linux kernel, notably Linux namespaces and cgroups.[1] These include:” (WP)
- Docker, first released on 13 March 2013; 8 years ago
- Linux-VServer
- lmctfy, initially developed by Google and released on 13 October 2013; 7 years ago and not actively developed since 2015.
- LXC (Linux Containers), first released on August 6, 2008; 12 years ago[2]
- LXD, an alternative wrapper around LXC developed by Canonical[3]
- OpenVZ
- Rkt[4] (archived[5]), originally developed by CoreOS inc. and acquired[6] by Red Hat inc.
- Singularity
- systemd-nspawn[7]
- Podman[8]
- Charliecloud, a set of container tools used on HPC systems[9]
- Kata Containers MicroVM Platform <https://katacontainers.io/>
- Bottlerocket is a Linux-based open-source operating system that is purpose-built by Amazon Web Services for running containers on virtual machines or bare metal hosts[10]
See also
- cgroups
- Linux namespaces
- runC
- Snap package manager
References
- ^ Rami, Rosen. “Namespaces and Cgroups, the basis of Linux Containers” (PDF). Retrieved 18 August 2016.
- ^ “LXC – Linux Containers”. linuxcontainers.org. Retrieved 2014-11-10.
- ^ “LXD”. linuxcontainers.org. Retrieved 2021-02-11.
- ^ “Rkt container engine”.
- ^ “CNCF Archives RKT”. CNCF. Retrieved 19 Aug 2019.
- ^ “Red Hat to Acquire CoreOS”. Red Hat inc. Retrieved 30 Jan 2018.
- ^ Poettering, Lennart. “systemd For Administrators, Part XXI”. Retrieved 2 July 2016.
- ^ Rootless containers with Podman and fuse-overlayfs, CERN Workshop, 2019-06-04
- ^ https://hpc.github.io/charliecloud/. Retrieved 4 October 2020. Missing or empty
|title=
(help) - ^ “Bottlerocket is a Linux-based operating system purpose-built to run containers”.
This Linux-related article is a stub. You can help Wikipedia by expanding it. |
” (WP)
Sources:
“A DevOps toolchain is a set or combination of tools that aid in the delivery, development, and management of software applications throughout the systems development life cycle, as coordinated by an organization that uses DevOps practices.
Generally, DevOps tools fit into one or more activities, which supports specific DevOps initiatives: Plan, Create, Verify, Package, Release, Configure, Monitor, and Version Control.[1][2]” (WP)
Toolchains
“In software, a toolchain is the set of programming tools that is used to perform a complex software development task or to create a software product, which is typically another computer program or a set of related programs. In general, the tools forming a toolchain are executed consecutively so the output or resulting environment state of each tool becomes the input or starting environment for the next one, but the term is also used when referring to a set of related tools that are not necessarily executed consecutively.[3][4][5]
As DevOps is a set of practices that emphasizes the collaboration and communication of both software developers and other information technology (IT) professionals, while automating the process of software delivery and infrastructure changes, its implementation can include the definition of the series of tools used at various stages of the lifecycle; because DevOps is a cultural shift and collaboration between development and operations, there is no one product that can be considered a single DevOps tool. Instead a collection of tools, potentially from a variety of vendors, are used in one or more stages of the lifecycle.[6][7]” (WP)
Stages of DevOps
Further information: DevOps
Plan
Plan is composed of two things: “define” and “plan”.[8] This activity refers to the business value and application requirements. Specifically “Plan” activities include:
- Production metrics, objects and feedback
- Requirements
- Business metrics
- Update release metrics
- Release plan, timing and business case
- Security policy and requirement
A combination of the IT personnel will be involved in these activities: business application owners, software development, software architects, continual release management, security officers and the organization responsible for managing the production of IT infrastructure.
Create
Create is composed of the building (see also build automation), coding, and configuring of the software development process.[8] The specific activities are:
- Design of the software and configuration
- Coding including code quality (see coding conventions and coding best practices) and performance
- Software build and build performance
- Release candidate
Tools and vendors in this category often overlap with other categories. Because DevOps is about breaking down silos, this is reflective in the activities and product solutions.[clarification needed]
Verify
Verify is directly associated with ensuring the quality of the software release; activities designed to ensure code quality is maintained and the highest quality is deployed to production.[8] The main activities in this are:
- Acceptance testing
- Regression testing
- Security and vulnerability analysis
- Performance testing
- Configuration testing
Solutions for verify related activities generally fall under four main categories: Test automation , Static analysis , Test Lab, and Security.
Packaging
Packaging refers to the activities involved once the release is ready for deployment, often also referred to as staging or Preproduction / “preprod”.[8] This often includes tasks and activities such as:
- Approval/preapprovals
- Package configuration
- Triggered releases
- Release staging and holding
Release
Release related activities include schedule, orchestration, provisioning and deploying software into production and targeted environment.[9] The specific Release activities include:
- Release coordination
- Deploying and promoting applications
- Fallbacks and recovery
- Scheduled/timed releases
Solutions that cover this aspect of the toolchain include application release automation, deployment automation and release management.
Configure
Configure activities fall under the operation side of DevOps. Once software is deployed, there may be additional IT infrastructure provisioning and configuration activities required.[8] Specific activities including:
- Infrastructure storage, database and network provisioning and configuring
- Application provision and configuration.
The main types of solutions that facilitate these activities are continuous configuration automation, configuration management, and infrastructure as code tools.[10]
Monitor
Monitoring is an important link in a DevOps toolchain. It allows IT organization to identify specific issues of specific releases and to understand the impact on end-users.[8] A summary of Monitor related activities are:
- Performance of IT infrastructure
- End-user response and experience
- Production metrics and statistics
Information from monitoring activities often impacts Plan activities required for changes and for new release cycles.
Version Control
Version Control is an important link in a DevOps toolchain and a component of software configuration management. Version Control is the management of changes to documents, computer programs, large web sites, and other collections of information.[8] A summary of Version Control related activities are:
- Non-linear development
- Distributed development
- Compatibility with existent systems and protocols
- Toolkit-based design
Information from Version Control often supports Release activities required for changes and for new release cycles.
See also
References
- ^ Edwards, Damon. “Integrating DevOps tools into a Service Delivery Platform”. dev2ops.org.
- ^ Seroter, Richard. “Exploring the ENTIRE DevOps Toolchain for (Cloud) Teams”. infoq.com.
- ^ “Toolchain Overview”. nongnu.org. 2012-01-03. Retrieved 2013-10-21.
- ^ “Toolchains”. elinux.org. 2013-09-08. Retrieved 2013-10-21.
- ^ Imran, Saed; Buchheit, Martin; Hollunder, Bernhard; Schreier, Ulf (2015-10-29). Tool Chains in Agile ALM Environments: A Short Introduction. Lecture Notes in Computer Science. 9416. pp. 371–380. doi:10.1007/978-3-319-26138-6_40. ISBN 978-3-319-26137-9.
- ^ Loukides, Mike (2012-06-07). “What is DevOps?”.
- ^ Garner Market Trends: DevOps – Not a Market, but Tool-Centric Philosophy That supports a Continuous Delivery Value Chain (Report). Gartner. 18 February 2015.
- ^ a b c d e f g Avoid Failure by Developing a Toolchain that Enables DevOps (Report). Gartner. 16 March 2016.
- ^ Best Practices in Change, Configuration and Release Management (Report). Gartner. 14 July 2010.
- ^ Roger S. Pressman (2009). Software Engineering: A Practitioner’s Approach (7th International ed.). New York: McGraw-Hill.
Sources:

Developer(s) | Apache Software Foundation |
---|---|
Initial release | 13 July 2004; 16 years ago |
Stable release | 3.6.3 / 25 November 2019; 15 months ago[1] |
Repository | Maven Repository |
Written in | Java |
Type | Build tool |
License | Apache License 2.0 |
Website | maven.apache.org |
Maven is a build automation tool used primarily for Java projects. Maven can also be used to build and manage projects written in C#, Ruby, Scala, and other languages. The Maven project is hosted by the Apache Software Foundation, where it was formerly part of the Jakarta Project.
Maven addresses two aspects of building software: how software is built, and its dependencies. Unlike earlier tools like Apache Ant, it uses conventions for the build procedure, and only exceptions need to be written down. An XML file describes the software project being built, its dependencies on other external modules and components, the build order, directories, and required plug-ins. It comes with pre-defined targets for performing certain well-defined tasks such as compilation of code and its packaging. Maven dynamically downloads Java libraries and Maven plug-ins from one or more repositories such as the Maven 2 Central Repository, and stores them in a local cache.[2] This local cache of downloaded artifacts can also be updated with artifacts created by local projects. Public repositories can also be updated.
Maven is built using a plugin-based architecture that allows it to make use of any application controllable through standard input. A C/C++ native plugin is maintained for Maven 2.[3]
Alternative technologies like Gradle and sbt as build tools do not rely on XML, but keep the key concepts Maven introduced. With Apache Ivy, a dedicated dependency manager was developed as well that also supports Maven repositories.[4]
Apache Maven has support for reproducible builds.[5][6]
History
The number of artifacts on Maven’s central repository has grown rapidly
Maven, created by Jason van Zyl, began as a sub-project of Apache Turbine in 2002. In 2003, it was voted on and accepted as a top level Apache Software Foundation project. In July 2004, Maven’s release was the critical first milestone, v1.0. Maven 2 was declared v2.0 in October 2005 after about six months in beta cycles. Maven 3.0 was released in October 2010 being mostly backwards compatible with Maven 2.
Maven 3.0 information began trickling out in 2008. After eight alpha releases, the first beta version of Maven 3.0 was released in April 2010. Maven 3.0 has reworked the core Project Builder infrastructure resulting in the POM’s file-based representation being decoupled from its in-memory object representation. This has expanded the possibility for Maven 3.0 add-ons to leverage non-XML based project definition files. Languages suggested include Ruby (already in private prototype by Jason van Zyl), YAML, and Groovy.
Special attention was given to ensuring backward compatibility of Maven 3 to Maven 2. For most projects, upgrading to Maven 3 will not require any adjustments of their project structure. The first beta of Maven 3 saw the introduction of a parallel build feature which leverages a configurable number of cores on a multi-core machine and is especially suited for large multi-module projects.
Syntax[edit]
A directory structure for a Java project auto-generated by Maven
Maven projects are configured using a Project Object Model, which is stored in a pom.xml
-file. An example file looks like:
<project> <!-- model version is always 4.0.0 for Maven 2.x POMs --> <modelVersion>4.0.0</modelVersion> <!-- project coordinates, i.e. a group of values which uniquely identify this project --> <groupId>com.mycompany.app</groupId> <artifactId>my-app</artifactId> <version>1.0</version> <!-- library dependencies --> <dependencies> <dependency> <!-- coordinates of the required library --> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>3.8.1</version> <!-- this dependency is only used for running and compiling tests --> <scope>test</scope> </dependency> </dependencies> </project>
This POM only defines a unique identifier for the project (coordinates) and its dependency on the JUnit framework. However, that is already enough for building the project and running the unit tests associated with the project. Maven accomplishes this by embracing the idea of Convention over Configuration, that is, Maven provides default values for the project’s configuration.
The directory structure of a normal idiomatic Maven project has the following directory entries:
Directory name | Purpose |
---|---|
project home | Contains the pom.xml and all subdirectories. |
src/main/java | Contains the deliverable Java sourcecode for the project. |
src/main/resources | Contains the deliverable resources for the project, such as property files. |
src/test/java | Contains the testing Java sourcecode (JUnit or TestNG test cases, for example) for the project. |
src/test/resources | Contains resources necessary for testing. |
The command mvn package
will compile all the Java files, run any tests, and package the deliverable code and resources into target/my-app-1.0.jar
(assuming the artifactId is my-app and the version is 1.0.)
Using Maven, the user provides only configuration for the project, while the configurable plug-ins do the actual work of compiling the project, cleaning target directories, running unit tests, generating API documentation and so on. In general, users should not have to write plugins themselves. Contrast this with Ant and make, in which one writes imperative procedures for doing the aforementioned tasks.
Design[edit]
Project Object Model[edit]
A Project Object Model (POM) provides all the configuration for a single project. General configuration covers the project’s name, its owner and its dependencies on other projects. One can also configure individual phases of the build process, which are implemented as plugins. For example, one can configure the compiler-plugin to use Java version 1.5 for compilation, or specify packaging the project even if some unit tests fail.
Larger projects should be divided into several modules, or sub-projects, each with its own POM. One can then write a root POM through which one can compile all the modules with a single command. POMs can also inherit configuration from other POMs. All POMs inherit from the Super POM[7] by default. The Super POM provides default configuration, such as default source directories, default plugins, and so on.
Plug-ins[edit]
Most of Maven’s functionality is in plug-ins. A plugin provides a set of goals that can be executed using the command mvn [plugin-name]:[goal-name]
. For example, a Java project can be compiled with the compiler-plugin’s compile-goal[8] by running mvn compiler:compile
.
There are Maven plugins for building, testing, source control management, running a web server, generating Eclipse project files, and much more.[9] Plugins are introduced and configured in a <plugins>-section of a pom.xml
file. Some basic plugins are included in every project by default, and they have sensible default settings.
However, it would be cumbersome if the archetypal build sequence of building, testing and packaging a software project required running each respective goal manually:
mvn compiler:compile
mvn surefire:test
mvn jar:jar
Maven’s lifecycle concept handles this issue.
Plugins are the primary way to extend Maven. Developing a Maven plugin can be done by extending the org.apache.maven.plugin.AbstractMojo class. Example code and explanation for a Maven plugin to create a cloud-based virtual machine running an application server is given in the article Automate development and management of cloud virtual machines.[10]
Build lifecycles[edit]
The build lifecycle is a list of named phases that can be used to give order to goal execution. One of Maven’s standard lifecycles is the default lifecycle, which includes the following phases, in this order:[11]
- validate
- generate-sources
- process-sources
- generate-resources
- process-resources
- compile
- process-test-sources
- process-test-resources
- test-compile
- test
- package
- install
- deploy
Goals provided by plugins can be associated with different phases of the lifecycle. For example, by default, the goal “compiler:compile” is associated with the “compile” phase, while the goal “surefire:test” is associated with the “test” phase. When the mvn test
command is executed, Maven runs all goals associated with each of the phases up to and including the “test” phase. In such a case, Maven runs the “resources:resources” goal associated with the “process-resources” phase, then “compiler:compile”, and so on until it finally runs the “surefire:test” goal.
Maven also has standard phases for cleaning the project and for generating a project site. If cleaning were part of the default lifecycle, the project would be cleaned every time it was built. This is clearly undesirable, so cleaning has been given its own lifecycle.
Standard lifecycles enable users new to a project the ability to accurately build, test and install every Maven project by issuing the single command mvn install
. By default, Maven packages the POM file in generated JAR and WAR files. Tools like diet4j[12] can use this information to recursively resolve and run Maven modules at run-time without requiring an “uber”-jar that contains all project code.
Dependencies[edit]
A central feature in Maven is dependency management. Maven’s dependency-handling mechanism is organized around a coordinate system identifying individual artifacts such as software libraries or modules. The POM example above references the JUnit coordinates as a direct dependency of the project. A project that needs, say, the Hibernate library simply has to declare Hibernate’s project coordinates in its POM. Maven will automatically download the dependency and the dependencies that Hibernate itself needs (called transitive dependencies) and store them in the user’s local repository. Maven 2 Central Repository[2] is used by default to search for libraries, but one can configure the repositories to be used (e.g., company-private repositories) within the POM.
The fundamental difference between Maven and Ant is that Maven’s design regards all projects as having a certain structure and a set of supported task work-flows (e.g., getting resources from source control, compiling the project, unit testing, etc.). While most software projects in effect support these operations and actually do have a well-defined structure, Maven requires that this structure and the operation implementation details be defined in the POM file. Thus, Maven relies on a convention on how to define projects and on the list of work-flows that are generally supported in all projects.[13]
There are search engines such as The Central Repository Search Engine[14] which can be used to find out coordinates for different open-source libraries and frameworks.
Projects developed on a single machine can depend on each other through the local repository. The local repository is a simple folder structure that acts both as a cache for downloaded dependencies and as a centralized storage place for locally built artifacts. The Maven command mvn install
builds a project and places its binaries in the local repository. Then other projects can utilize this project by specifying its coordinates in their POMs.
Interoperability[edit]
Add-ons to several popular integrated development environments targeting the Java programming language exist to provide integration of Maven with the IDE’s build mechanism and source editing tools, allowing Maven to compile projects from within the IDE, and also to set the classpath for code completion, highlighting compiler errors, etc. Examples of popular IDEs supporting development with Maven include:
These add-ons also provide the ability to edit the POM or use the POM to determine a project’s complete set of dependencies directly within the IDE.
Some built-in features of IDEs are forfeited when the IDE no longer performs compilation. For example, Eclipse’s JDT has the ability to recompile a single Java source file after it has been edited. Many IDEs work with a flat set of projects instead of the hierarchy of folders preferred by Maven. This complicates the use of SCM systems in IDEs when using Maven.[15][16][17]
See also[edit]
References[edit]
- ^ “Apache Projects Releases”. projects.apache.org.
- ^ a b “Index of /maven2/”. Archived from the original on 2018-09-17. Retrieved 2009-04-15.
- ^ Laugstol, Trygve. “MojoHaus Native Maven Plugin”.
- ^ “IBiblio Resolver | Apache Ivy™”.
- ^ “Reproducible/Verifiable Builds – Apache Maven – Apache Software Foundation”. cwiki.apache.org.
- ^ “Reproducible Builds in Java – DZone Java”. dzone.com.
- ^ Super POM
- ^ Punzalan, Edwin. “Apache Maven Compiler Plugin – Introduction”.
- ^ Marbaise, Brett Porter Jason van Zyl Dennis Lundberg Olivier Lamy Benson Margulies Karl-Heinz. “Maven – Available Plugins”.
- ^ Amies, Alex; Zou P X; Wang Yi S (29 Oct 2011). “Automate development and management of cloud virtual machines”. IBM developerWorks. IBM.
- ^ Porter, Brett. “Maven – Introduction to the Build Lifecycle”.
- ^ “diet4j – put Java JARs on a diet, and load maven modules as needed”.
- ^ “Maven: The Complete Reference”. Sonatype. Archived from the original on 21 April 2013. Retrieved 11 April 2013.
- ^ The Central Repository Search Engine,
- ^ “maven.apache.org/eclipse-plugin.html”. Archived from the original on May 7, 2015.
- ^ “IntelliJ IDEA :: Features”.
- ^ “MavenBestPractices – NetBeans Wiki”.
Further reading[edit]
- O’Brien, Tim; et al. “Maven: The Complete Reference”. Sonatype.com. Sonatype. Retrieved 15 March 2013.
- Maven: The Definitive Guide. Sonatype Company. O’Reilly Media, Inc. 2009. p. 470. ISBN 9780596551780. Retrieved 2013-04-17.
- Van Zyl, Jason (2008-10-01), Maven: Definitive Guide (first ed.), O’Reilly Media, pp. 468, ISBN 0-596-51733-5
- “Running JUnit tests from Maven2”. JUnit in Action (2nd ed.). Manning Publications. 2011. pp. 152–168. ISBN 978-1-935182-02-3.
- Maven Build Customization. Packt. 2013. pp. 1–250. ISBN 9781783987221.
- Mastering Apache Maven 3. Packt. 2014. p. 298. ISBN 9781783983865.
External links[edit]
- Compiling tools
- Java development tools
- Apache Software Foundation projects
- Build automation
- Software using the Apache license
” (WP)
Sources:
“An integrated development environment (IDE) is a software application that provides comprehensive facilities to computer programmers for software development. An IDE normally consists of at least a source code editor, build automation tools and a debugger. Some IDEs, such as Visual Studio, NetBeans and Eclipse, contain the necessary compiler, interpreter, or both; others, such as SharpDevelop and Lazarus, do not.” (WP)
“The boundary between an IDE and other parts of the broader software development environment is not well-defined; sometimes a version control system or various tools to simplify the construction of a graphical user interface (GUI) are integrated. Many modern IDEs also have a class browser, an object browser, and a class hierarchy diagram for use in object-oriented software development.” (WP)
Fair Use Source: 978-1617296987 (OADS)
Operations Anti-patterns, DevOps Solutions, by Jeffery D. Smith
Book Details
- Publisher: Manning Publications (November 24, 2020)
- Paperback: 320 pages
- ISBN-10: 1617296988
- ISBN-13: 978-1617296987
Return to Timeline of the History of Computers, Networking
Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.[1] The IT infrastructure managed by this process comprises both physical equipment, such as bare-metal servers, as well as virtual machines, and associated configuration resources. The definitions may be in a version control system. It can use either scripts or declarative definitions, rather than manual processes, but the term is more often used to promote declarative approaches.
Overview
IaC grew as a response to the difficulty posed by utility computing and second-generation web frameworks. In 2006, the launch of Amazon Web Services’ Elastic Compute Cloud and the 1.0 version of Ruby on Rails just months before[2] created widespread scaling problems in the enterprise that were previously experienced only at large, multi-national companies.[3] With new tools emerging to handle this ever growing field, the idea of IaC was born. The thought of modelling infrastructure with code, and then having the ability to design, implement, and deploy applications infrastructure with known software best practices appealed to both software developers and IT infrastructure administrators. The ability to treat infrastructure like code and use the same tools as any other software project would allow developers to rapidly deploy applications.[4]
Added value and advantages
The value of IaC can be broken down into three measurable categories: cost, speed, and risk.[citation needed] Cost reduction aims at helping not only the enterprise financially, but also in terms of people and effort, meaning that by removing the manual component, people are able to refocus their efforts towards other enterprise tasks.[citation needed] Infrastructure automation enables speed through faster execution when configuring your infrastructure and aims at providing visibility to help other teams across the enterprise work quickly and more efficiently. Automation removes the risk associated with human error, like manual misconfiguration; removing this can decrease downtime and increase reliability. These outcomes and attributes help the enterprise move towards implementing a culture of DevOps, the combined working of development and operations.[5]
Types of approaches
There are generally two approaches to IaC: declarative (functional) vs. imperative (procedural). The difference between the declarative and the imperative approach is essentially ‘what’ versus ‘how’ . The declarative approach focuses on what the eventual target configuration should be; the imperative focuses on how the infrastructure is to be changed to meet this.[6] The declarative approach defines the desired state and the system executes what needs to happen to achieve that desired state. Imperative defines specific commands that need to be executed in the appropriate order to end with the desired conclusion. [7]
Methods
There are two methods of IaC: ‘push‘ and ‘pull‘ . The main difference is the manner in which the servers are told how to be configured. In the pull method the server to be configured will pull its configuration from the controlling server. In the push method the controlling server pushes the configuration to the destination system.[8]
Tools
There are many tools that fulfill infrastructure automation capabilities and use IaC. Broadly speaking, any framework or tool that performs changes or configures infrastructure declaratively or imperatively based on a programmatic approach can be considered IaC.[9] Traditionally, server (lifecycle) automation and configuration management tools were used to accomplish IaC. Now enterprises are also using continuous configuration automation tools or stand-alone IaC frameworks, such as Microsoft’s PowerShell DSC[10] or AWS CloudFormation.[11]
Continuous configuration automation
All continuous configuration automation (CCA) tools can be thought of as an extension of traditional IaC frameworks. They leverage IaC to change, configure, and automate infrastructure, and they also provide visibility, efficiency and flexibility in how infrastructure is managed.[3] These additional attributes provide enterprise-level security and compliance.
Community content
See also: List of systems management systems and Comparison of open-source configuration management software
An important aspect when considering CCA tools, if they are open source, is the community content. As Gartner states, the value of CCA tools is “as dependent on user-community-contributed content and support as it is on the commercial maturity and performance of the automation tooling.”[3] Vendors like Puppet and Chef, those that have been around a significant amount of time, have created their own communities. Chef has Chef Community Repository and Puppet has PuppetForge.[12] Other vendors rely on adjacent communities and leverage other IaC frameworks such as PowerShell DSC.[10] New vendors are emerging that are not content driven, but model driven with the intelligence in the product to deliver content. These visual, object-oriented systems work well for developers, but they are especially useful to production oriented DevOps and operations constituents that value models versus scripting for content. As the field continues to develop and change, the community based content will become ever important to how IaC tools are used, unless they are model driven and object oriented.
Notable CCA tools include:
Tool | Released by | Method | Approach | Written in | Comments |
---|---|---|---|---|---|
Chef | Chef (2009) | Pull | Declarative and imperative | Ruby | – |
Otter | Inedo | Push | Declarative and imperative | – | Windows oriented |
Puppet | Puppet (2005) | Pull | Declarative and imperative | C++ & Clojure since 4.0, Ruby | – |
SaltStack | SaltStack | Push and Pull | Declarative and imperative | Python | – |
CFEngine | Northern.tech | Pull | Declarative | C | – |
Terraform | HashiCorp (2014) | Push | Declarative | Go | – |
Ansible / Ansible Tower | Red Hat (2012) | Push | Declarative and imperative | Python | – |
Other tools include AWS CloudFormation, cdist, StackStorm, Juju, and Pulumi.
Relationship to DevOps
IaC can be a key attribute of enabling best practices in DevOps – Developers become more involved in defining configuration and Ops teams get involved earlier in the development process.[13] Tools that utilize IaC bring visibility to the state and configuration of servers and ultimately provide the visibility to users within the enterprise, aiming to bring teams together to maximize their efforts.[14] Automation in general aims to take the confusion and error-prone aspect of manual processes and make it more efficient, and productive. Allowing for better software and applications to be created with flexibility, less downtime, and an overall cost effective way for the company. IaC is intended to reduce the complexity that kills efficiency out of manual configuration. Automation and collaboration are considered central points in DevOps; Infrastructure automation tools are often included as components of a DevOps toolchain.[15]
Relationship to security
The 2020 Cloud Threat Report released by Unit 42 (the threat intelligence unit of cybersecurity provider Palo Alto Networks) identified around 200,000 potential vulnerabilities in infrastructure as code templates.[16]
See also
References
- ^ Wittig, Andreas; Wittig, Michael (2016). Amazon Web Services in Action. Manning Press. p. 93. ISBN 978-1-61729-288-0.
- ^ Bower, Joseph L.; Christensen, Clayton M. “Disruptive Technologies: Catching the Wave”. Harvard Business Review.
- ^ a b c Fletcher, Colin; Cosgrove, Terrence (26 August 2015). Innovation Insight for Continuous Configuration Automation Tools. Gartner (Report).
- ^ Riley, Chris (12 November 2015). “Version Your Infrastructure”. DevOps.com.
- ^ Phillips, Andrew (14 May 2015). “Moving from Infrastructure Automation to True DevOps”. DevOps.com.
- ^ “Declarative v. Imperative Models for Configuration Management: Which Is Really Better?”. Scriptrock.com. Retrieved 14 December 2015.
- ^ Loschwitz, Martin (14 November 2014). “Choosing between the leading open source configuration managers”. Admin Network & Security. Lawrence, KS USA: Linux New Media USA LLC.
- ^ Venezia, Paul (21 November 2013). “Puppet vs. Chef vs. Ansible vs. Salt”. networkworld.com. Network World. Retrieved 14 December 2015.
- ^ Garner Market Trends: DevOps – Not a Market, but Tool-Centric Philosophy That supports a Continuous Delivery Value Chain (Report). Gartner. 18 February 2015.
- ^ a b Chaganti, Ravikanth (5 January 2016). “DevOps, Infrastructure as Code, and PowerShell DSC: The Introduction”. PowerShell Magazine. PowerShell Magazine. Retrieved 11 January 2016.
- ^ https://aws.amazon.com/about-aws/whats-new/2011/02/25/introducing-aws-cloudformation/
- ^ Sturgeon, Phil (28 October 2012). “Puppet or Chef?”.
- ^ Ramos, Martin (4 November 2015). “Continuous Integration: Infrastructure as Code in DevOps”. easydynamics.com. Archived from the original on 6 February 2016. Retrieved 29 January 2016.
- ^ Infrastructure As Code: Fueling the Fire for Faster Application Delivery (Report). Forrester. March 2015.
- ^ Wurster, Laurie F.; Colville, Ronni J.; Height, Cameron; Tripathi, Somendra; Rastogi, Aditi. Emerging Technology Analysis: DevOps a Culture Shift, Not a Technology (Report). Gartner.
- ^ “Cloud Threat Report Shows Need for Consistent DevSecOps”. InformationWeek. Retrieved 24 February 2020.
See also: Configuration management (CM)
Not to be confused with Version Control System.
In software engineering, software configuration management (SCM or S/W CM) is the task of tracking and controlling changes in the software, part of the larger cross-disciplinary field of configuration management.[1] SCM practices include revision control and the establishment of baselines. If something goes wrong, SCM can determine what was changed and who changed it. If a configuration is working well, SCM can determine how to replicate it across many hosts.
The acronym “SCM” is also expanded as source configuration management process and software change and configuration management.[2] However, “configuration” is generally understood to cover changes typically made by a system administrator.
Purposes
The goals of SCM are generally:[citation needed]
- Configuration identification – Identifying configurations, configuration items and baselines.
- Configuration control – Implementing a controlled change process. This is usually achieved by setting up a change control board whose primary function is to approve or reject all change requests that are sent against any baseline.
- Configuration status accounting – Recording and reporting all the necessary information on the status of the development process.
- Configuration auditing – Ensuring that configurations contain all their intended parts and are sound with respect to their specifying documents, including requirements, architectural specifications and user manuals.
- Build management – Managing the process and tools used for builds.
- Process management – Ensuring adherence to the organization’s development process.
- Environment management – Managing the software and hardware that host the system.
- Teamwork – Facilitate team interactions related to the process.
- Defect tracking – Making sure every defect has traceability back to the source.
With the introduction of cloud computing the purposes of SCM tools have become merged in some cases. The SCM tools themselves have become virtual appliances that can be instantiated as virtual machines and saved with state and version. The tools can model and manage cloud-based virtual resources, including virtual appliances, storage units, and software bundles. The roles and responsibilities of the actors have become merged as well with developers now being able to dynamically instantiate virtual servers and related resources.[3]
History
The history of software configuration management (SCM) in computing can be traced back as early as the 1950s, when CM (for Configuration Management), originally for hardware development and production control, was being applied to software development. Early software had a physical footprint, such as cards, tapes, and other media. The first software configuration management was a manual operation. With the advances in language and complexity, software engineering, involving configuration management and other methods, became a major concern due to issues like schedule, budget, and quality. Practical lessons, over the years, had led to the definition, and establishment, of procedures and tools. Eventually, the tools became systems to manage software changes.[4] Industry-wide practices were offered as solutions, either in an open or proprietary manner (such as Revision Control System). With the growing use of computers, systems emerged that handled a broader scope, including requirements management, design alternatives, quality control, and more; later tools followed the guidelines of organizations, such as the Capability Maturity Model of the Software Engineering Institute.
See also
- Application lifecycle management
- Comparison of open source configuration management software
- Comparison of version control software
- Continuous configuration automation
- List of revision control software
- Infrastructure as Code
References
- ^ Roger S. Pressman (2009). Software Engineering: A Practitioner’s Approach (7th International ed.). New York: McGraw-Hill.
- ^ Gartner and Forrester Research
- ^ Amies, A; Peddle S; Pan T M; Zou P X (June 5, 2012). “Develop cloud applications with Rational tools”. IBM DeveloperWorks. IBM.
- ^ “1988 “A Guide to Understanding Configuration Management in Trusted Systems” National Computer Security System (via Google)
Further reading
- 828-2012 IEEE Standard for Configuration Management in Systems and Software Engineering. 2012. doi:10.1109/IEEESTD.2012.6170935. ISBN 978-0-7381-7232-3.
- Aiello, R. (2010). Configuration Management Best Practices: Practical Methods that Work in the Real World (1st ed.). Addison-Wesley. ISBN 0-321-68586-5.
- Babich, W.A. (1986). Software Configuration Management, Coordination for Team Productivity. 1st edition. Boston: Addison-Wesley
- Berczuk, Appleton; (2003). Software Configuration Management Patterns: Effective TeamWork, Practical Integration (1st ed.). Addison-Wesley. ISBN 0-201-74117-2.
- Bersoff, E.H. (1997). Elements of Software Configuration Management. IEEE Computer Society Press, Los Alamitos, CA, 1-32
- Dennis, A., Wixom, B.H. & Tegarden, D. (2002). System Analysis & Design: An Object-Oriented Approach with UML. Hoboken, New York: John Wiley & Sons, Inc.
- Department of Defense, USA (2001). Military Handbook: Configuration management guidance (rev. A) (MIL-HDBK-61A). Retrieved January 5, 2010, from http://www.everyspec.com/MIL-HDBK/MIL-HDBK-0001-0099/MIL-HDBK-61_11531/
- Futrell, R.T. et al. (2002). Quality Software Project Management. 1st edition. Prentice-Hall.
- International Organization for Standardization (2003). ISO 10007: Quality management systems – Guidelines for configuration management.
- Saeki M. (2003). Embedding Metrics into Information Systems Development Methods: An Application of Method Engineering Technique. CAiSE 2003, 374–389.
- Scott, J.A. & Nisse, D. (2001). Software configuration management. In: Guide to Software Engineering Body of Knowledge. Retrieved January 5, 2010, from http://www.computer.org/portal/web/swebok/htmlformat
- Paul M. Duvall, Steve Matyas, and Andrew Glover (2007). Continuous Integration: Improving Software Quality and Reducing Risk. (1st ed.). Addison-Wesley Professional. ISBN 0-321-33638-0.