Configuration File Manipulation with Configuration Management Tools
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Confex: a Framework for Automating Text-Based Software Configuration
1 ConfEx: A Framework for Automating Text-based Software Configuration Analysis in the Cloud Ozan Tuncer, Anthony Byrne, Nilton Bila, Sastry Duri, Canturk Isci, and Ayse K. Coskun Abstract—Modern cloud services have complex architectures, often comprising many software components, and depend on hundreds of configurations parameters to function correctly, securely, and with high performance. Due to the prevalence of open-source software, developers can easily deploy services using third-party software without mastering the configurations of that software. As a result, configuration errors (i.e., misconfigurations) are among the leading causes of service disruptions and outages. While existing cloud automation tools ease the process of service deployment and management, support for detecting misconfigurations in the cloud has not been addressed thoroughly, likely due to the lack of frameworks suitable for consistent parsing of unstandardized configuration files. This paper introduces ConfEx, a framework that enables discovery and extraction of text-based software configurations in the cloud. ConfEx uses a novel vocabulary-based technique to identify configuration files in cloud system instances with unlabeled content. To extract the information in these files, ConfEx leverages existing configuration parsers and post-processes the extracted data for analysis. We show that ConfEx achieves over 99% precision and 100% recall in identifying configuration files on 7805 popular Docker Hub images. Using two applied examples, we demonstrate that ConfEx also enables detecting misconfigurations in the cloud via existing tools that are designed for configurations represented as key-value pairs, revealing 184 errors in public Docker Hub images. Index Terms—Software configuration, cloud, misconfiguration diagnosis. F 1 INTRODUCTION LOUD applications are designed in a highly config- Existing failure avoidance and mitigation mechanisms in C urable way to ensure high levels of reusability and the cloud (e.g., redundancy or recovery) are insufficient to portability. -
Guide to Open Source Solutions
White paper ___________________________ Guide to open source solutions “Guide to open source by Smile ” Page 2 PREAMBLE SMILE Smile is a company of engineers specialising in the implementing of open source solutions OM and the integrating of systems relying on open source. Smile is member of APRIL, the C . association for the promotion and defence of free software, Alliance Libre, PLOSS, and PLOSS RA, which are regional cluster associations of free software companies. OSS Smile has 600 throughout the World which makes it the largest company in Europe - specialising in open source. Since approximately 2000, Smile has been actively supervising developments in technology which enables it to discover the most promising open source products, to qualify and assess them so as to offer its clients the most accomplished, robust and sustainable products. SMILE . This approach has led to a range of white papers covering various fields of application: Content management (2004), portals (2005), business intelligence (2006), PHP frameworks (2007), virtualisation (2007), and electronic document management (2008), as well as PGIs/ERPs (2008). Among the works published in 2009, we would also cite “open source VPN’s”, “Firewall open source flow control”, and “Middleware”, within the framework of the WWW “System and Infrastructure” collection. Each of these works presents a selection of best open source solutions for the domain in question, their respective qualities as well as operational feedback. As open source solutions continue to acquire new domains, Smile will be there to help its clients benefit from these in a risk-free way. Smile is present in the European IT landscape as the integration architect of choice to support the largest companies in the adoption of the best open source solutions. -
Bidirectional Programming Languages
University of Pennsylvania ScholarlyCommons Publicly Accessible Penn Dissertations Winter 2009 Bidirectional Programming Languages John Nathan Foster University of Pennsylvania, [email protected] Follow this and additional works at: https://repository.upenn.edu/edissertations Part of the Databases and Information Systems Commons, and the Programming Languages and Compilers Commons Recommended Citation Foster, John Nathan, "Bidirectional Programming Languages" (2009). Publicly Accessible Penn Dissertations. 56. https://repository.upenn.edu/edissertations/56 This paper is posted at ScholarlyCommons. https://repository.upenn.edu/edissertations/56 For more information, please contact [email protected]. Bidirectional Programming Languages Abstract The need to edit source data through a view arises in a host of applications across many different areas of computing. Unfortunately, few existing systems provide support for updatable views. In practice, when they are needed, updatable views are usually implemented using two separate programs: one that computes the view from the source and another that handles updates. This rudimentary design is tedious for programmers, difficult to reason about, and a nightmare to maintain. This dissertation presents bidirectional programming languages, which provide an elegant and effective mechanism for describing updatable views. Unlike programs written in an ordinary language, which only work in one direction, programs in a bidirectional language can be run both forwards and backwards: from left to right, they describe functions that map sources to views, and from right to left, they describe functions that map updated views back to updated sources. Besides eliminating redundancy, these languages can be designed to ensure correctness, guaranteeing by construction that the two functions work well together. Starting from the foundations, we define a general semantic space of well-behaved bidirectional transformations called lenses. -
A System Engineer's Guide to Host Configuration and Maintenance
0001.cover_er:cee 5/18/07 12:03 PM Pe 1 THE USENIX SIG FOR Short Topics in 1 6 16 System Administration M Jane-Ellen Long, Series Editor a r k B SYSADMINS u r g e s s & A System Engineer’s Guide to Æ l e e n Host Configuration and F r i s c h Maintenance Using Cfengine A Mark Burgess and S y s Æleen Frisch t e m E n g i n e e r ’ s G u i d e t o C f e n g i n e ISBN-13: 978-19319715221492 ISBN-10: 1931971528498 9 0 0 0 0 THE USENIX SIG FOR SYSADMINS 9 781931 97154292 Short Topics in 16 System Administration Jane-Ellen Long, Series Editor A System Engineer’s Guide to Host Configuration and Maintenance Using Cfengine Mark Burgess and Æleen Frisch Published by the USENIX Association 2007 About SAGE SAGE is a Special Interest Group of the USENIX Association. Its goal is to serve the system administration community by: I Offering conferences and training to enhance the technical and managerial capabilities of members of the profession I Promoting activities that advance the state of the art or the community I Providing tools, information, and services to assist system administrators and their organizations I Establishing standards of professional excellence and recognizing those who attain them SAGE offers its members professional and technical information through a variety of programs. Please see http://www.sage.org for more information. © Copyright 2007 by the USENIX Association. All rights reserved. -
Zentrale Verwaltung Mit Facter, Puppet Und Augeas
System-Management-Trio Zentrale Verwaltung mit facter, puppet und augeas Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 1 / 34 GUUG Frühjahrsfachgespräch, 01.03.2012 Über den Vortrag Aufbau / Ziele: ● Einführung / Überblick ● Begriffsklärung ● Aufbau / Arbeitsweise von Manifests ● Templates, Klassen, Typen, Module ● Facter: Umgebungsparameter ermitteln ● Augeas: Konfigurationen bearbeiten ● Client-Server-Betrieb ● Arbeit mit mehreren Umgebungen ● Links / Hilfen Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 2 / 34 GUUG Frühjahrsfachgespräch, 01.03.2012 Über mich ● Stefan Neufeind ● Mit-Geschäftsführer der SpeedPartner GmbH aus Neuss ein Internet-Service-Provider (ISP) ● Individuelle TYPO3-Entwicklungen ● Hosting, Housing, Managed Services ● Domains / Domain-Services ● IPv6, DNSSEC, ... ● Aktive Mitarbeit im Community-Umfeld (PHP/PEAR, TYPO3, Linux) ● Freier Autor für z.B. t3n, iX, Internet World, ... Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 3 / 34 GUUG Frühjahrsfachgespräch, 01.03.2012 Aufgabenstellung Alltägliche Administrationsaufgaben für ein (Server-)System Basisinstallation Fehler bei Ausführung von Zugänge „Standard-Aufgaben“? Backup Monitoring Fehlersuche / Einrichtung / Fehlerkorrektur Konzeptfehler? Konfiguration Netzwerk Fehler durch die Systemstatistiken „Sonderlösungen“? Architektur Virtuell? Individuelle Anpassungen Aufgaben RAID? Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 4 / 34 GUUG Frühjahrsfachgespräch, 01.03.2012 Aufgabenstellung -
Because Sustainability
Change Making Simplified Addressing technology- business transformation in the COVID-era Contents Foreword 03 Thriving on Data 36 Applying TechnoVision 73 Leveraging data and algorithms as an asset to Introduction 04 increase the "Corporate IQ". A Few More Things 84 TechnoVision and COVID-19 06 Process on the Fly 43 TechnoVision 2020 Team 88 Building, managing, and running processes that Simplify 11 match the dynamics of the digital outside world. About Capgemini 90 You Experience 50 Being Architects of Positive Futures 15 Creating seamless user experiences for decisive, Overview of TechnoVision 18 magical moments. We Collaborate 57 Invisible Infostructure 22 Tapping into the power of the connected and Evolving the IT Infrastructure into the simple, collaborative "everything". pluggable utility it was always supposed to be. Design for Digital 64 Applications Unleashed 29 Overarching design principles to be followed and Liberating the legacy application landscape and checked throughout the journey of becoming a unleashing the next generation of powerful, agile, Technology Business. cloud-based apps. Invisible Infostructure Applications Unleashed Thriving on Data Process on the Fly You Experience We Collaborate Design for Digital Applying TechnoVision Special Foreword Patrick Nicolet Group Executive Board Member and Group CTO “Future Thinking, Change Making” businesses to operate, retailers to sell and companies to deliver. While The theme of this edition is ‘Simplify’ because, in a world where data the value of traditional ‘safe’ commodities has dropped exponentially, seems to overwhelm us all, we recognize that technology should It’s a sobering thought that, only a few months ago, when we were the popularity of technology and technological companies has soared aim to make the lives of consumers, colleagues and citizens easier. -
Rehearsal: a Configuration Verification Tool for Puppet
Rehearsal: A Configuration Verification Tool for Puppet t* Rian Shambaugh Aaron Weiss Arjun Guha ac AE f Comp C i * let t nt e e * r t is W s University of Massachusetts Amherst, United States e n A l o l D C * * o * c I u e E s frian,aaronweiss,[email protected] m u D e e v n R L t e o a t d P y * s a E l u * a d t e Abstract 1. Introduction Large-scale data centers and cloud computing have turned Consider the role of a system administrator at any organi- system configuration into a challenging problem. Several zation, from a large company to a small computer science widely-publicized outages have been blamed not on soft- department. Their job is to maintain computing infrastruc- ware bugs, but on configuration bugs. To cope, thousands of ture for everyone else. When a new software system, such as organizations use system configuration languages to manage a Web service, needs to be deployed, it is their job to pro- their computing infrastructure. Of these, Puppet is the most vision new servers, configure the firewall, and ensure that widely used with thousands of paying customers and many data is automatically backed up. If the Web service receives more open-source users. The heart of Puppet is a domain- a sudden spike in traffic, they must quickly deploy additional specific language that describes the state of a system. Pup- machines to handle the load. When a security vulnerability pet already performs some basic static checks, but they only is disclosed, they must patch and restart machines if neces- prevent a narrow range of errors. -
Cfengine V2 Reference Edition 2.2.10 for Version 2.2.10
cfengine v2 reference Edition 2.2.10 for version 2.2.10 Mark Burgess Faculty of Engineering, Oslo University College, Norway Copyright c 2008 Mark Burgess This manual corresponds to CFENGINE Edition 2.2.10 for version 2.2.10 as last updated 21 January 2009. Chapter 1: Introduction to reference manual 1 1 Introduction to reference manual The purpose of the cfengine reference manual is to collect together and document the raw facts about the different components of cfengine. Once you have become proficient in the use of cfengine, you will no longer have need of the tutorial. The reference manual, on the other hand, changes with each version of cfengine. You will be able to use it online, or in printed form to find out the details you require to implement configurations in practice. 1.1 Installation In order to install cfengine, you should first ensure that the following packages are installed. OpenSSL Open source Secure Sockets Layer for encryption. URL: http://www.openssl.org BerkeleyDB (version 3.2 or later) Light-weight flat-file database system. URL: http://www.oracle.com/technology/products/berkeley-db/index.html The preferred method of installation is then tar zxf cfengine-x.x.x.tar.gz cd cfengine-x.x.x ./configure make make install This results in binaries being installed in `/usr/local/sbin'. Since this is not necessarily a local file system on all hosts, users are encouraged to keep local copies of the binaries on each host, inside the cfengine trusted work directory. 1.2 Work directory In order to achieve the desired simplifications, it was decided to reserve a private work area for the cfengine tool-set. -
Infrastructure As Code Handbook
THE INFRASTRUCTURE AS CODE HANDBOOK Best practices, tools, and AWS CloudFormation scripts you can use to implement IaC for your organization www.thorntech.com Copyright © 2018 | THORN TECHNOLOGIES All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher. THE INFRASTRUCTURE AS CODE HANDBOOK Contents 1 FIVE REASONS WHY YOU SHOULD IMPLEMENT INFRASTRUCTURE AS CODE NOW 2 SIX BEST PRACTICES TO GET THE MOST OUT OF IAC 3 FIFTEEN IAC TOOLS YOU CAN USE TO AUTOMATE YOUR DEPLOYMENTS 4 WHAT IS AWS CLOUDFORMATION AND HOW CAN IT HELP YOUR IAC EFFORTS? 5 HOW AWS CLOUDFORMATION WORKS AND HOW TO CREATE A VIRTUAL PRIVATE CLOUD WITH IT 6 HOW TO INCORPORATE S3, EC2, AND IAM IN A CLOUDFORMATION TEMPLATE 7 HOW TO CREATE A REDSHIFT STACK WITH AWS CLOUDFORMATION 3 www.thorntech.com [email protected] THE INFRASTRUCTURE AS CODE HANDBOOK 5 reasons why you should implement infrastructure as code now INFRASTRUCTURE AS CODE CAN HELP AVOID CLOUD DEPLOYMENT INCONSISTENCIES, INCREASE DEVELOPER PRODUCTIVITY, AND LOWER COSTS There’s no doubt that cloud computing has had a major impact on how companies build, scale, and maintain technology products. The ability to click a few buttons to provision servers, databases, and other infrastructure has led to an increase in developer productivity we’ve never seen before. While it’s easy to spin up simple cloud architectures, mistakes can easily be made provisioning complex ones. Human error will always be present, especially when you can launch cloud infrastructure by clicking buttons on a web app. -
SM User Guide
Oracle® Communications Tekelec Virtual Operating Environment Licensing Information User Manual Release 3.5 E93070-01 November 2017 Copyright ©2010, 2017 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. -
Linuxtag 2012: System-Management-Trio Facter, Puppet Und Augeas
System-Management-Trio Zentrale Verwaltung mit facter, puppet und augeas Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 1 / 33 LinuxTag, 23.05.2012 Über den Vortrag Aufbau / Ziele: ● Einführung / Überblick ● Begriffsklärung ● Aufbau / Arbeitsweise von Manifests ● Templates, Klassen, Typen, Module ● Facter: Umgebungsparameter ermitteln ● Augeas: Konfigurationen bearbeiten ● Client-Server-Betrieb ● Arbeit mit mehreren Umgebungen ● Links / Hilfen Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 2 / 33 LinuxTag, 23.05.2012 Über mich ● Stefan Neufeind ● Mit-Geschäftsführer der SpeedPartner GmbH aus Neuss ein Internet-Service-Provider (ISP) ● Individuelle TYPO3-Entwicklungen ● Hosting, Housing, Managed Services ● Domains / Domain-Services ● IPv6, DNSSEC, ... ● Aktive Mitarbeit im Community-Umfeld (PHP/PEAR, TYPO3, Linux) ● Freier Autor für z.B. t3n, iX, Internet World, ... Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 3 / 33 LinuxTag, 23.05.2012 Aufgabenstellung Alltägliche Administrationsaufgaben für ein (Server-)System Basisinstallation Fehler bei Ausführung von Zugänge „Standard-Aufgaben“? Backup Monitoring Fehlersuche / Einrichtung / Fehlerkorrektur Konzeptfehler? Konfiguration Netzwerk Fehler durch die Systemstatistiken „Sonderlösungen“? Architektur Virtuell? Individuelle Anpassungen Aufgaben RAID? Verwaltung mit facter, puppet und augeas © SpeedPartner GmbH Seite: 4 / 33 LinuxTag, 23.05.2012 Aufgabenstellung Herausforderungen bei Administration mehrerer Systeme ● Einsparungen -
27Th Large Installation System Administration Conference (LISA '13)
conference proceedings Proceedings of the 27th Large Installation System Administration Conference 27th Large Installation System Administration Conference (LISA ’13) Washington, D.C., USA November 3–8, 2013 Washington, D.C., USA November 3–8, 2013 Sponsored by In cooperation with LOPSA Thanks to Our LISA ’13 Sponsors Thanks to Our USENIX and LISA SIG Supporters Gold Sponsors USENIX Patrons Google InfoSys Microsoft Research NetApp VMware USENIX Benefactors Akamai EMC Hewlett-Packard Linux Journal Linux Pro Magazine Puppet Labs Silver Sponsors USENIX and LISA SIG Partners Cambridge Computer Google USENIX Partners Bronze Sponsors Meraki Nutanix Media Sponsors and Industry Partners ACM Queue IEEE Security & Privacy LXer ADMIN IEEE Software No Starch Press CiSE InfoSec News O’Reilly Media Computer IT/Dev Connections Open Source Data Center Conference Distributed Management Task Force IT Professional (OSDC) (DMTF) Linux Foundation Server Fault Free Software Magazine Linux Journal The Data Center Journal HPCwire Linux Pro Magazine Userfriendly.org IEEE Pervasive © 2013 by The USENIX Association All Rights Reserved This volume is published as a collective work. Rights to individual papers remain with the author or the author’s employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. Permission is granted to print, primarily for one person’s exclusive use, a single copy of these Proceedings. USENIX acknowledges all trademarks herein. ISBN 978-1-931971-05-8 USENIX Association Proceedings of the 27th Large Installation System Administration Conference November 3–8, 2013 Washington, D.C. Conference Organizers Program Co-Chairs David Nalley, Apache Cloudstack Narayan Desai, Argonne National Laboratory Adele Shakal, Metacloud, Inc.