SlideShare a Scribd company logo

Presentation Lfoppiano Pycon

Luca Foppiano, profile picture
Luca Foppiano

Func is a Python-based tool that provides a unified way to manage and control large networks of machines through a centralized controller node. It uses a module-based architecture where core functionality is implemented in reusable modules. Some key modules allow restarting services, running commands, updating systems, and more across multiple remote machines defined by glob patterns or groups. The system aims to provide a more secure, automated, and scalable alternative to manual SSH/Telnet access.

Technology
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
FUNC Fedora Unified Network Controller Luca Foppiano <lfoppiano@byte-code.com>
Summary The big picture Solutions Features What about future? Related projects
The big picture “turn off all testing virtual machines” “restart all crashed web services” “update all machines with operation suffix in the name (eg.  web*.example.*, customer*, etc)”
Solutions? Manual solution SSH or Telnet (as your risk) Func (https://fedorahosted.org/func)
Manual  solution Obsolete Expensive Impossible on world  distributed network High risk Need to trust unskilled  people
SSH Secure Bash powered Problems with multi­hop Requires manual “public key” exchange Security issues (one machine has the control of whole  networks without any filter)
Func Provides Python APIs (and/or CLI command) to manage  huge number of machines Fedora Unified Network Controller A Red Hat and Fedora Project Written in Python Secure (https based connection) Module­based architecture Easy to expand by writing new modules Security model guarantee by ACLs Web interface based on TurboGear (FuncWeb)
Func: quick start Two components: certmaster (51235/tcp) and minion  (51234/tcp) Status or the art: 1 Certmaster, N minions (Proxy module  will be available after Google SoC) Certmaster needs to sign minions by certificate  generation (automatically performed using autosign):  certmaster­ca tool. Minion needs only to know who is certmaster [root@a~]# certmaster-ca --list [root@a~]# certmaster-ca --sign hostname.domain.x [root@a~]# certmaster-ca --clear hostname.domain.x
Func: starting Open a shell on certmaster host Python API >>> from func.overlord import client >>> client1 = client.Client(“*.lan”) >>> client1.service.restart(“httpd”) >>> client1.command.run(“df ­h”) CLI [root@a~]# func “*.com” call service restart “httpd” [root@a~]# func “*.lan” call command run “df ­h”
What about modules? Func based on modules architecture A module support new stuff 20 modules (libVirt, jboss, info, process, command,  iptables, nagios, etc) Writing a new module is simple.  When you write a module, it works on both CLI and  PyScripting, no modification on func are needed.
How to write new module func­create­module By hand import func_module class NewModule(func_module.FuncModule): version = “1.0”   api_version = “0.1” description = “new module” def __init__(self): pass def anAction(self, arg1, arg2): pass
Advanced features Async mode Only on python API (implementation is coming ;­) ) Useful on long time required commands (eg. Yum update) Multiplexer: possibility to launch more than one process Globbing Grouping
Globbing Python API >>> from func.overlord import client >>> glob1 = client.Client(“customer*; office.example.lan”) >>> glob1.yumcmd.update(); CLI [root@a~]# func “*.example.org;*.lan” run yumcmd update [root@a~]# func “web*.domain.it;virt*” run 
Grouping [root@a~]# cat /etc/func/groups [webservers] host = office.example.lan, customer01.example.com [jbossas]  host = *.example.lan Python API & CLI Example  >>> from func.overlord import client >>> client.Client(@webservers).service.restart(“httpd”); [root@a~]# func “@webservers” run service restart “httpd”
Future ideas Modules module  Google Summer of Code: Proxy module System­config­* module User/groups manipulation Package on other distributions (Debian, Suse, Ubuntu,  etc.)
Related projects Symbolic (http://www.opensymbolic.org) Puppet (http://reductivelabs.com/trac/puppet) Puppet­team  (http://projects.byte­code.com/trac/puppet­team) Cobbler (http://cobbler.et.redhat.com/)
Thanks ;­) Questions and answers?

More Related Content

PDF
Fluentd Meetup 2016 - ServerEngine Integration & Windows support
Ritta Narita
 
PDF
Hello watchOS2
Natasha Murashev
 
ODP
Linuxday.at - Lightning Talk
Jan Gehring
 
PDF
OHHttpStubs
CocoaHeads France
 
PPTX
Defcon - Veil-Pillage
VeilFramework
 
PDF
BitTorrent on iOS
CocoaHeads France
 
PDF
OpenNebulaConf2017EU: Torturing OpenNebula for Fun and Profit by Carlo Daffar...
OpenNebula Project
 
PPTX
BH Arsenal '14 TurboTalk: The Veil-framework
VeilFramework
 
Fluentd Meetup 2016 - ServerEngine Integration & Windows support
Ritta Narita
 
Hello watchOS2
Natasha Murashev
 
Linuxday.at - Lightning Talk
Jan Gehring
 
OHHttpStubs
CocoaHeads France
 
Defcon - Veil-Pillage
VeilFramework
 
BitTorrent on iOS
CocoaHeads France
 
OpenNebulaConf2017EU: Torturing OpenNebula for Fun and Profit by Carlo Daffar...
OpenNebula Project
 
BH Arsenal '14 TurboTalk: The Veil-framework
VeilFramework
 

What's hot (20)

PPTX
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Peter Hlavaty
 
PDF
Fluentd v0.14 Overview
N Masahiro
 
PDF
Treasure Data Summer Internship Final Report
Ritta Narita
 
ODP
Linux multiplexing
Mark Veltzer
 
PPTX
G rpc lection1
eleksdev
 
PDF
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
egypt
 
PPTX
Nagios Conference 2011 - Michael Medin - Workshop: Scripting On The Windows Side
Nagios
 
PDF
How to create multiprocess server on windows with ruby - rubykaigi2016 Ritta ...
Ritta Narita
 
PDF
Mr201309 automated on-execute_test_using_virtual_box_eng
FFRI, Inc.
 
PDF
Vagrant are you still develop in a non-virtual environment-
Anatoly Bubenkov
 
PDF
Virtual Machine Introspection with Xen
Tamas K Lengyel
 
PPTX
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Shota Shinogi
 
PDF
Improving monitoring systems Interoperability with OpenMetrics
Chan Shik Lim
 
PDF
Bypassing patchguard on Windows 8.1 and Windows 10
Honorary_BoT
 
ODP
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Tamas K Lengyel
 
PPTX
Controlling multiple VMs with the power of Python
Yurii Vasylenko
 
PDF
What is new in Go 1.8
John Hua
 
PDF
Asynchronous programming intro
cc liu
 
PDF
Keynote - Fluentd meetup v14
Treasure Data, Inc.
 
PDF
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CanSecWest
 
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Peter Hlavaty
 
Fluentd v0.14 Overview
N Masahiro
 
Treasure Data Summer Internship Final Report
Ritta Narita
 
Linux multiplexing
Mark Veltzer
 
G rpc lection1
eleksdev
 
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
egypt
 
Nagios Conference 2011 - Michael Medin - Workshop: Scripting On The Windows Side
Nagios
 
How to create multiprocess server on windows with ruby - rubykaigi2016 Ritta ...
Ritta Narita
 
Mr201309 automated on-execute_test_using_virtual_box_eng
FFRI, Inc.
 
Vagrant are you still develop in a non-virtual environment-
Anatoly Bubenkov
 
Virtual Machine Introspection with Xen
Tamas K Lengyel
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Shota Shinogi
 
Improving monitoring systems Interoperability with OpenMetrics
Chan Shik Lim
 
Bypassing patchguard on Windows 8.1 and Windows 10
Honorary_BoT
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Tamas K Lengyel
 
Controlling multiple VMs with the power of Python
Yurii Vasylenko
 
What is new in Go 1.8
John Hua
 
Asynchronous programming intro
cc liu
 
Keynote - Fluentd meetup v14
Treasure Data, Inc.
 
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CanSecWest
 
Ad

Viewers also liked (8)

PDF
Is not about it, is all about sailing
Luca Foppiano
 
PDF
Agile Day 2013 - Agile experience, between successes and failures [EN[
Luca Foppiano
 
PDF
Meetup Lfoppiano
Luca Foppiano
 
PDF
Design "user experience" centric applications
Luca Foppiano
 
PDF
Ltsp Slide
Luca Foppiano
 
PDF
The Near Future of CSS
Rachel Andrew
 
PDF
The Presentation Come-Back Kid
Ethos3
 
PDF
The Buyer's Journey - by Chris Lema
Chris Lema
 
Is not about it, is all about sailing
Luca Foppiano
 
Agile Day 2013 - Agile experience, between successes and failures [EN[
Luca Foppiano
 
Meetup Lfoppiano
Luca Foppiano
 
Design "user experience" centric applications
Luca Foppiano
 
Ltsp Slide
Luca Foppiano
 
The Near Future of CSS
Rachel Andrew
 
The Presentation Come-Back Kid
Ethos3
 
The Buyer's Journey - by Chris Lema
Chris Lema
 
Ad

Similar to Presentation Lfoppiano Pycon (20)

PDF
Managing your Minions with Func
danhanks
 
PDF
Cobbler, Func and Puppet: Tools for Large Scale Environments
Michael Zhang
 
PDF
Cobbler, Func and Puppet: Tools for Large Scale Environments
ViSenze - Artificial Intelligence for the Visual Web
 
PPTX
One click deployment
Alex Su
 
PPT
Fabric
Calvin Cheng
 
PDF
The Fn Project: A Quick Introduction (December 2017)
Oracle Developers
 
PDF
Zero to scaleable in ten minutes
Matt Walters
 
PDF
PyParis2017 / Function-as-a-service - a pythonic perspective on severless com...
Pôle Systematic Paris-Region
 
PDF
Open Source Serverless: a practical view. - Gabriele Provinciali Luca Postacc...
Codemotion
 
KEY
20100425 Configuration Management With Puppet Lfnw
garrett honeycutt
 
PPTX
A Fabric/Puppet Build/Deploy System
adrian_nye
 
PPTX
Automation in Cloud
Abhishek Amralkar
 
PDF
Creating a mature puppet system
rkhatibi
 
PDF
Creating a Mature Puppet System
Puppet
 
PPTX
Sonian, Open Source and Sensu
Pete Cheslock
 
PDF
Symbolic: powerful web interface for Func
Marco Mornati
 
PDF
PyParis2017 / Tutorial transcript - Function-as-a-service : a pythonic perspe...
Pôle Systematic Paris-Region
 
PDF
Automation - fabric, django and more
Ilian Iliev
 
ODP
cfengine3 at #lspe
Chris Westin
 
PPTX
python_development.pptx
LemonReddy1
 
Managing your Minions with Func
danhanks
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Michael Zhang
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
ViSenze - Artificial Intelligence for the Visual Web
 
One click deployment
Alex Su
 
Fabric
Calvin Cheng
 
The Fn Project: A Quick Introduction (December 2017)
Oracle Developers
 
Zero to scaleable in ten minutes
Matt Walters
 
PyParis2017 / Function-as-a-service - a pythonic perspective on severless com...
Pôle Systematic Paris-Region
 
Open Source Serverless: a practical view. - Gabriele Provinciali Luca Postacc...
Codemotion
 
20100425 Configuration Management With Puppet Lfnw
garrett honeycutt
 
A Fabric/Puppet Build/Deploy System
adrian_nye
 
Automation in Cloud
Abhishek Amralkar
 
Creating a mature puppet system
rkhatibi
 
Creating a Mature Puppet System
Puppet
 
Sonian, Open Source and Sensu
Pete Cheslock
 
Symbolic: powerful web interface for Func
Marco Mornati
 
PyParis2017 / Tutorial transcript - Function-as-a-service : a pythonic perspe...
Pôle Systematic Paris-Region
 
Automation - fabric, django and more
Ilian Iliev
 
cfengine3 at #lspe
Chris Westin
 
python_development.pptx
LemonReddy1
 

Recently uploaded (20)

PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Teaching material agriculture food technology
LiaRayya
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Approach and Philosophy of On baking technology
30anthuong17
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Cloud computing and distributed systems.
kkkkkhan
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 

Presentation Lfoppiano Pycon

  • 1. FUNC Fedora Unified Network Controller Luca Foppiano <lfoppiano@byte-code.com>
  • 2. Summary The big picture Solutions Features What about future? Related projects
  • 3. The big picture “turn off all testing virtual machines” “restart all crashed web services” “update all machines with operation suffix in the name (eg.  web*.example.*, customer*, etc)”
  • 4. Solutions? Manual solution SSH or Telnet (as your risk) Func (https://fedorahosted.org/func)
  • 5. Manual  solution Obsolete Expensive Impossible on world  distributed network High risk Need to trust unskilled  people
  • 6. SSH Secure Bash powered Problems with multi­hop Requires manual “public key” exchange Security issues (one machine has the control of whole  networks without any filter)
  • 7. Func Provides Python APIs (and/or CLI command) to manage  huge number of machines Fedora Unified Network Controller A Red Hat and Fedora Project Written in Python Secure (https based connection) Module­based architecture Easy to expand by writing new modules Security model guarantee by ACLs Web interface based on TurboGear (FuncWeb)
  • 8. Func: quick start Two components: certmaster (51235/tcp) and minion  (51234/tcp) Status or the art: 1 Certmaster, N minions (Proxy module  will be available after Google SoC) Certmaster needs to sign minions by certificate  generation (automatically performed using autosign):  certmaster­ca tool. Minion needs only to know who is certmaster [root@a~]# certmaster-ca --list [root@a~]# certmaster-ca --sign hostname.domain.x [root@a~]# certmaster-ca --clear hostname.domain.x
  • 9. Func: starting Open a shell on certmaster host Python API >>> from func.overlord import client >>> client1 = client.Client(“*.lan”) >>> client1.service.restart(“httpd”) >>> client1.command.run(“df ­h”) CLI [root@a~]# func “*.com” call service restart “httpd” [root@a~]# func “*.lan” call command run “df ­h”
  • 10. What about modules? Func based on modules architecture A module support new stuff 20 modules (libVirt, jboss, info, process, command,  iptables, nagios, etc) Writing a new module is simple.  When you write a module, it works on both CLI and  PyScripting, no modification on func are needed.
  • 11. How to write new module func­create­module By hand import func_module class NewModule(func_module.FuncModule): version = “1.0”   api_version = “0.1” description = “new module” def __init__(self): pass def anAction(self, arg1, arg2): pass
  • 12. Advanced features Async mode Only on python API (implementation is coming ;­) ) Useful on long time required commands (eg. Yum update) Multiplexer: possibility to launch more than one process Globbing Grouping
  • 13. Globbing Python API >>> from func.overlord import client >>> glob1 = client.Client(“customer*; office.example.lan”) >>> glob1.yumcmd.update(); CLI [root@a~]# func “*.example.org;*.lan” run yumcmd update [root@a~]# func “web*.domain.it;virt*” run 
  • 14. Grouping [root@a~]# cat /etc/func/groups [webservers] host = office.example.lan, customer01.example.com [jbossas]  host = *.example.lan Python API & CLI Example  >>> from func.overlord import client >>> client.Client(@webservers).service.restart(“httpd”); [root@a~]# func “@webservers” run service restart “httpd”
  • 15. Future ideas Modules module  Google Summer of Code: Proxy module System­config­* module User/groups manipulation Package on other distributions (Debian, Suse, Ubuntu,  etc.)
  • 16. Related projects Symbolic (http://www.opensymbolic.org) Puppet (http://reductivelabs.com/trac/puppet) Puppet­team  (http://projects.byte­code.com/trac/puppet­team) Cobbler (http://cobbler.et.redhat.com/)