SlideShare a Scribd company logo

Understanding the Data Lookup Pattern

Craig Dunn, profile picture
Craig Dunn

This document summarizes a presentation about the data lookup pattern and Jerakia, a tool for hierarchical data lookups. It discusses the problems of embedding data in code and managing data across diverse infrastructure. Jerakia provides a solution with hierarchical lookups of data stored separately from code and queried from various sources. It allows flexible definition of lookup policies and scopes to retrieve the appropriate data value.

Technology
1 of 52
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
UNDERSTANDING THE DATA LOOKUP PATTERN Craig Dunn & Jan Ivar Beddari Config Management Camp, February 2018
CRAIG DUNN ➤ Freelance Consultant & Trainer ➤ Long time Puppet community member ➤ Problem Solver www.craigdunn.org @crayfishx
JAN IVAR BEDDARI ➤ Problem Solver ➤ Long time Jerakia advocate ➤ Works at Safespring ➤ Makes people happy.... @beddari
CONFIGURATION MANAGEMENT ➤ Automation ➤ Repeatability ➤ Many tool options available for configuring components ➤ Reducing the burden of managing infrastructure
➤ Configuration management gives a consistent reliable method to configure a component of infrastructure ➤ Infrastructure configuration involves a lot of custom data... ➤ It's critical to maintaining our systems INFRASTRUCTURE DATA usernamesdomain_name firewall_rules apache_port gateway_ip dns_servers ntp_servers groups packages timezonelimitsversion
THE DATA PROBLEM ➤ Where do we store it? ➤ How do we query it? ➤ How do we avoid duplicating it? ➤ Whats the best way to express the data?
THE DATA PROBLEM ➤ Embedded data in code ➤ Data management as infrastructure gets more diverse
THE DATA PROBLEM ➤ Embedded data in code ➤ Code sharing becomes impossible ➤ Complexity increases ➤ High barrier to a simple task "The timezone should be set to UTC"
THE DATA PROBLEM ➤ Managing data ➤ Infrastructure is spread out across environments, regions and business streams ➤ Data will differ depending on a multitude of factors ➤ The edge cases will get you
THE DATA PROBLEM usernamesdomain_name firewall_rules apache_port gateway_ip dns_servers ntp_servers groups packages timezonelimitsversion
THE DATA PROBLEM DEV QA PROD DC1 DC2 DC3 Special Snowflake
THE DATA PROBLEM
➤ Embedded code unmaintainable ➤ Complexity PUPPET: THE EARLY YEARS if $env == ‘dev’ { $server = ‘dev.ntp.local’ } else { if $hostname == ‘gateway’ { $server = ‘pool.ntp.org’ } else { $server = ‘prod.ntp.local’ } }
➤ Hiera is the data lookup sub system for Puppet ➤ Data can be looked up from multiple sources ➤ Data separation ➤ Hierarchical lookups PUPPET: THE HIERA WAY
➤ Remove complexity from the code ➤ Code becomes re-usable and easily shared ➤ Minimal expertise required to manage data values DATA SEPARATION ntp::server: pool.ntp.org
HIERARCHICAL LOOKUPS
HIERARCHICAL LOOKUPS ➤ Sell globally in USD ➤ Bill in EUR for European countries ➤ GBP for the UK, CHF for Switzerland
HIERARCHICAL LOOKUPS: SCOPE ➤ Scope: Information used to determine what data to lookup ➤ The scope in this example is the country & the continent ➤ We look up the data using the scope data
HIERARCHICAL LOOKUPS "What is the value for currency in the context of this scope..."
HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
➤ Hierarchical lookups express infrastructure data well ➤ There is a lack of generic tooling in this space ➤ The data was getting harder ➤ Then there was Baloise... WHAT I LEARNT
INTRODUCING JERAKIA ➤ Released in 2015 ➤ Hierarchical data lookup tool ➤ http://jerakia.io
INTRODUCING JERAKIA
INTRODUCING JERAKIA: GOALS ➤ De-coupled from any particular tool ➤ Pluggable and extendable ➤ Flexible configuration
INTRODUCING JERAKIA: FEATURES ➤ Standalone with a REST API ➤ Look up data from a variety of data sources ➤ Define your own hierarchical structure ➤ Flexibility around lookup behaviour
JERAKIA LOOKUPS ➤ A lookup request contains ➤ The lookup key ➤ A namespace ➤ The scope of the lookup
JERAKIA LOOKUPS ➤ A lookup is run against a Jerakia policy ➤ Written in Ruby ➤ A policy is a container for one or more lookups ➤ Lookups query a data source ➤ Results are returned to the requestor
JERAKIA DATASOURCES ➤ A pluggable source of data ➤ Each lookup invokes one data source ➤ Jerakia ships with data sources: ➤ File ➤ HTTP ➤ Consul ➤ Custom data sources are easy to write ➤ https://github.com/crayfishx/jerakia-datasource-template
➤ Search through a filesystem hierarchy ➤ Data values are stored in YAML or JSON ➤ Typically maintained in and deployed from a VCS ➤ <dir>/<namespace>.yaml FILE DATASOURCE hostname/foo.enviatics.com/apache.yaml environment/production/apache.yaml location/london/apache.yaml common/apache.yaml
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/host/baz.foo.com/apache.yaml
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/env/dev/apache.yaml
JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/common/apache.yaml
JERAKIA: POLICIES Scope Handler Request Lookup Plugins Data Source Output Filter Response Data Request consists of a lookup key, a namespace and some metadata Information to be used in determining how data is looked up Lookup plugins can read and modify the scope and A pluggable data source is used to lookup data Data returned from the datasource is passed to a pluggable output filter
ADVANCED FEATURES: CONFINE / EXCLUDE / STOP policy :default do lookup :ireland do datasource :file, { :format => :yaml, :docroot => "/var/external/data/ie", :searchpath => [ "project/#{scope[:project]}", "common", ] } confine scope[:location], "ie" confine request.namespace[0], "apache" stop end lookup :main, do datasource :file, { :format => :yaml, :docroot => "/var/lib/jerakia", :searchpath => [ "hostname/#{scope[:fqdn]}", "environment/#{scope[:environment]}", "common" ], } end end ➤ Isolate lookups
ADVANCED FEATURES: HANDLING SECRETS ➤ Jerakia supports decrypting values from any data source ➤ Uses a pluggable encryption provider ➤ Vault provider native ➤ Uses Vaults' transit feature as "cryptography as a service" ➤ Custom encryption providers possible https://www.craigdunn.org/2017/04/managing-puppet-secrets-with-jerakia-and-vault/
➤ By default Jerakia will return the first value found while traversing the hierarchy ➤ We can request for the entire hierarchy be searched and all instances of a value returned in one array or hashmap ADVANCED FEATURES: MERGE BEHAVIOUR users: - lucy - bob - mike users: - root - craig - jan - max - jessica { users: [ "lucy", "bob", "mike", "root", "craig", "max", "jessica" ] } CommonEnv (dev)
ADVANCED FEATURES: READ MORE http://jerakia.io ➤ Plugins ➤ Schemas ➤ Datasources ➤ Output Filters ➤ API documentation
THE THIRD DATA PROBLEM Everyone Else When people starting saying "DevOps"...
THE THIRD DATA PROBLEM Everyone Else ...2018
THE THIRD DATA PROBLEM ➤ We use lots of tools to manage our infrastructure ➤ Provisioning ➤ Orchestration ➤ Configuration Management ➤ Monitoring ➤ Different tools have different data patterns ➤ The actual data is the same
JERAKIA: AIM ➤ A centralized source for all data lookups ➤ Powerful hierarchical lookups ➤ Current front integrations; ➤ Puppet (Hiera 5 backend) ➤ https://forge.puppet.com/crayfishx/jerakia ➤ Ansible (Lookup plugin) ➤ https://github.com/crayfishx/ansible-jerakia ➤ Potential for many more!
Understanding the Data Lookup Pattern
AND FINALLY... ➤ Features ➤ Ideas ➤ Fixes ➤ ... any other feedback https://github.com/crayfishx/jerakia
http://jerakia.io Craig Dunn @crayfishx Jan Ivar Beddari @beddari Thank you!

More Related Content

PPTX
Accessing external hadoop data sources using pivotal e xtension framework (px...
Sameer Tiwari
 
PDF
Use Cases for Elastic Search Percolator
Maxim Shelest
 
PPTX
Building an unstructured data management solution with elastic search and ama...
mobiusservices
 
PDF
What enterprises can learn from Real Time Bidding
Aerospike
 
PDF
Data modeling for Elasticsearch
Florian Hopf
 
PDF
Scaling Recommendations, Semantic Search, & Data Analytics with solr
Trey Grainger
 
PDF
Elasticsearch Introduction to Data model, Search & Aggregations
Alaa Elhadba
 
PDF
Elasticsearch in 15 minutes
David Pilato
 
Accessing external hadoop data sources using pivotal e xtension framework (px...
Sameer Tiwari
 
Use Cases for Elastic Search Percolator
Maxim Shelest
 
Building an unstructured data management solution with elastic search and ama...
mobiusservices
 
What enterprises can learn from Real Time Bidding
Aerospike
 
Data modeling for Elasticsearch
Florian Hopf
 
Scaling Recommendations, Semantic Search, & Data Analytics with solr
Trey Grainger
 
Elasticsearch Introduction to Data model, Search & Aggregations
Alaa Elhadba
 
Elasticsearch in 15 minutes
David Pilato
 

What's hot (20)

PPTX
LDP4j: A framework for the development of interoperable read-write Linked Da...
Nandana Mihindukulasooriya
 
PDF
Distributed percolator in elasticsearch
martijnvg
 
PPT
Catacomb Apachecon Fast Feather 2008
Markus Litz
 
PPTX
Introduction to Lucene & Solr and Usecases
Rahul Jain
 
PPTX
HBaseCon 2015: Analyzing HBase Data with Apache Hive
HBaseCon
 
PPTX
Elastic search Walkthrough
Suhel Meman
 
PDF
Applied Semantic Search with Microsoft SQL Server
Mark Tabladillo
 
PDF
Elasticsearch Introduction at BigData meetup
Eric Rodriguez (Hiring in Lex)
 
PDF
IR with lucene
Stelios Gorilas
 
PDF
Swiss Big Data User Group - Introduction to Apache Drill
MapR Technologies
 
PDF
Thinking restfully
Stelios Gorilas
 
PPTX
HBase: Just the Basics
HBaseCon
 
PPTX
REST meets Semantic Web
Steve Speicher
 
PPTX
MongoDB and Hadoop: Driving Business Insights
MongoDB
 
PDF
elasticsearch
Satish Mohan
 
PDF
Apache HBase - Just the Basics
HBaseCon
 
PPTX
Building a Scalable Web Crawler with Hadoop
Hadoop User Group
 
PDF
Web Services Hadoop Summit 2012
Hortonworks
 
PDF
Intro to Elasticsearch
Clifford James
 
PDF
The Open Source and Cloud Part of Oracle Big Data Cloud Service for Beginners
Edelweiss Kammermann
 
LDP4j: A framework for the development of interoperable read-write Linked Da...
Nandana Mihindukulasooriya
 
Distributed percolator in elasticsearch
martijnvg
 
Catacomb Apachecon Fast Feather 2008
Markus Litz
 
Introduction to Lucene & Solr and Usecases
Rahul Jain
 
HBaseCon 2015: Analyzing HBase Data with Apache Hive
HBaseCon
 
Elastic search Walkthrough
Suhel Meman
 
Applied Semantic Search with Microsoft SQL Server
Mark Tabladillo
 
Elasticsearch Introduction at BigData meetup
Eric Rodriguez (Hiring in Lex)
 
IR with lucene
Stelios Gorilas
 
Swiss Big Data User Group - Introduction to Apache Drill
MapR Technologies
 
Thinking restfully
Stelios Gorilas
 
HBase: Just the Basics
HBaseCon
 
REST meets Semantic Web
Steve Speicher
 
MongoDB and Hadoop: Driving Business Insights
MongoDB
 
elasticsearch
Satish Mohan
 
Apache HBase - Just the Basics
HBaseCon
 
Building a Scalable Web Crawler with Hadoop
Hadoop User Group
 
Web Services Hadoop Summit 2012
Hortonworks
 
Intro to Elasticsearch
Clifford James
 
The Open Source and Cloud Part of Oracle Big Data Cloud Service for Beginners
Edelweiss Kammermann
 
Ad

Similar to Understanding the Data Lookup Pattern (20)

PDF
Solving real world data problems with Jerakia
Craig Dunn
 
PDF
Delegated Configuration with Multiple Hiera Databases - PuppetConf 2014
Puppet
 
PDF
Merging and Migrating: Data Portability from the Trenches
Atlassian
 
PPTX
SplunkLive! Beginner Session
Splunk
 
PDF
WarsawITDays_ ApacheNiFi202
Timothy Spann
 
PDF
Open Data Inside - Why Internal Data Portals are Key to Successful Data Gover...
Joel Natividad
 
PPTX
Data Architectures for Robust Decision Making
Gwen (Chen) Shapira
 
PPTX
Splunk live beginner training nyc
Dimitri McKay - CISSP
 
PPTX
SplunkLive! Getting Started with Splunk Enterprise
Splunk
 
PDF
Not Your Father’s Data Warehouse: Breaking Tradition with Innovation
Inside Analysis
 
PDF
Meta scale kognitio hadoop webinar
Kognitio
 
PDF
Terraform in action
Damien Pacaud
 
PDF
Learning the basics of Apache NiFi for iot OSS Europe 2020
Timothy Spann
 
PDF
Pros_and_Cons_of_DW_Apps pdf.pdf
HernanKlint
 
PDF
Gates Toorcon X New School Information Gathering
Chris Gates
 
PPT
Predictable Big Data Performance in Real-time
Aerospike, Inc.
 
PPTX
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
MapR Technologies
 
PPTX
SplunkLive! - Getting started with Splunk
Splunk
 
PDF
Postgres.foreign.data.wrappers.2015
EDB
 
PDF
Apache Drill: An Active, Ad-hoc Query System for large-scale Data Sets
MapR Technologies
 
Solving real world data problems with Jerakia
Craig Dunn
 
Delegated Configuration with Multiple Hiera Databases - PuppetConf 2014
Puppet
 
Merging and Migrating: Data Portability from the Trenches
Atlassian
 
SplunkLive! Beginner Session
Splunk
 
WarsawITDays_ ApacheNiFi202
Timothy Spann
 
Open Data Inside - Why Internal Data Portals are Key to Successful Data Gover...
Joel Natividad
 
Data Architectures for Robust Decision Making
Gwen (Chen) Shapira
 
Splunk live beginner training nyc
Dimitri McKay - CISSP
 
SplunkLive! Getting Started with Splunk Enterprise
Splunk
 
Not Your Father’s Data Warehouse: Breaking Tradition with Innovation
Inside Analysis
 
Meta scale kognitio hadoop webinar
Kognitio
 
Terraform in action
Damien Pacaud
 
Learning the basics of Apache NiFi for iot OSS Europe 2020
Timothy Spann
 
Pros_and_Cons_of_DW_Apps pdf.pdf
HernanKlint
 
Gates Toorcon X New School Information Gathering
Chris Gates
 
Predictable Big Data Performance in Real-time
Aerospike, Inc.
 
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
MapR Technologies
 
SplunkLive! - Getting started with Splunk
Splunk
 
Postgres.foreign.data.wrappers.2015
EDB
 
Apache Drill: An Active, Ad-hoc Query System for large-scale Data Sets
MapR Technologies
 
Ad

Recently uploaded (20)

PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Cloud computing and distributed systems.
kkkkkhan
 
Encapsulation theory and applications.pdf
gurumoop
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 

Understanding the Data Lookup Pattern

  • 1. UNDERSTANDING THE DATA LOOKUP PATTERN Craig Dunn & Jan Ivar Beddari Config Management Camp, February 2018
  • 2. CRAIG DUNN ➤ Freelance Consultant & Trainer ➤ Long time Puppet community member ➤ Problem Solver www.craigdunn.org @crayfishx
  • 3. JAN IVAR BEDDARI ➤ Problem Solver ➤ Long time Jerakia advocate ➤ Works at Safespring ➤ Makes people happy.... @beddari
  • 4. CONFIGURATION MANAGEMENT ➤ Automation ➤ Repeatability ➤ Many tool options available for configuring components ➤ Reducing the burden of managing infrastructure
  • 5. ➤ Configuration management gives a consistent reliable method to configure a component of infrastructure ➤ Infrastructure configuration involves a lot of custom data... ➤ It's critical to maintaining our systems INFRASTRUCTURE DATA usernamesdomain_name firewall_rules apache_port gateway_ip dns_servers ntp_servers groups packages timezonelimitsversion
  • 6. THE DATA PROBLEM ➤ Where do we store it? ➤ How do we query it? ➤ How do we avoid duplicating it? ➤ Whats the best way to express the data?
  • 7. THE DATA PROBLEM ➤ Embedded data in code ➤ Data management as infrastructure gets more diverse
  • 8. THE DATA PROBLEM ➤ Embedded data in code ➤ Code sharing becomes impossible ➤ Complexity increases ➤ High barrier to a simple task "The timezone should be set to UTC"
  • 9. THE DATA PROBLEM ➤ Managing data ➤ Infrastructure is spread out across environments, regions and business streams ➤ Data will differ depending on a multitude of factors ➤ The edge cases will get you
  • 10. THE DATA PROBLEM usernamesdomain_name firewall_rules apache_port gateway_ip dns_servers ntp_servers groups packages timezonelimitsversion
  • 11. THE DATA PROBLEM DEV QA PROD DC1 DC2 DC3 Special Snowflake
  • 13. ➤ Embedded code unmaintainable ➤ Complexity PUPPET: THE EARLY YEARS if $env == ‘dev’ { $server = ‘dev.ntp.local’ } else { if $hostname == ‘gateway’ { $server = ‘pool.ntp.org’ } else { $server = ‘prod.ntp.local’ } }
  • 14. ➤ Hiera is the data lookup sub system for Puppet ➤ Data can be looked up from multiple sources ➤ Data separation ➤ Hierarchical lookups PUPPET: THE HIERA WAY
  • 15. ➤ Remove complexity from the code ➤ Code becomes re-usable and easily shared ➤ Minimal expertise required to manage data values DATA SEPARATION ntp::server: pool.ntp.org
  • 17. HIERARCHICAL LOOKUPS ➤ Sell globally in USD ➤ Bill in EUR for European countries ➤ GBP for the UK, CHF for Switzerland
  • 18. HIERARCHICAL LOOKUPS: SCOPE ➤ Scope: Information used to determine what data to lookup ➤ The scope in this example is the country & the continent ➤ We look up the data using the scope data
  • 19. HIERARCHICAL LOOKUPS "What is the value for currency in the context of this scope..."
  • 20. HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
  • 21. HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
  • 22. HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
  • 23. HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
  • 24. HIERARCHICAL LOOKUPS ➤ Hierarchical lookups are suited to infrastructure ➤ We often express infrastructure from most granular to most encompassing factors
  • 25. ➤ Hierarchical lookups express infrastructure data well ➤ There is a lack of generic tooling in this space ➤ The data was getting harder ➤ Then there was Baloise... WHAT I LEARNT
  • 26. INTRODUCING JERAKIA ➤ Released in 2015 ➤ Hierarchical data lookup tool ➤ http://jerakia.io
  • 28. INTRODUCING JERAKIA: GOALS ➤ De-coupled from any particular tool ➤ Pluggable and extendable ➤ Flexible configuration
  • 29. INTRODUCING JERAKIA: FEATURES ➤ Standalone with a REST API ➤ Look up data from a variety of data sources ➤ Define your own hierarchical structure ➤ Flexibility around lookup behaviour
  • 30. JERAKIA LOOKUPS ➤ A lookup request contains ➤ The lookup key ➤ A namespace ➤ The scope of the lookup
  • 31. JERAKIA LOOKUPS ➤ A lookup is run against a Jerakia policy ➤ Written in Ruby ➤ A policy is a container for one or more lookups ➤ Lookups query a data source ➤ Results are returned to the requestor
  • 32. JERAKIA DATASOURCES ➤ A pluggable source of data ➤ Each lookup invokes one data source ➤ Jerakia ships with data sources: ➤ File ➤ HTTP ➤ Consul ➤ Custom data sources are easy to write ➤ https://github.com/crayfishx/jerakia-datasource-template
  • 33. ➤ Search through a filesystem hierarchy ➤ Data values are stored in YAML or JSON ➤ Typically maintained in and deployed from a VCS ➤ <dir>/<namespace>.yaml FILE DATASOURCE hostname/foo.enviatics.com/apache.yaml environment/production/apache.yaml location/london/apache.yaml common/apache.yaml
  • 34. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
  • 35. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
  • 36. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
  • 37. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end
  • 38. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/host/baz.foo.com/apache.yaml
  • 39. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/env/dev/apache.yaml
  • 40. JERAKIA: POLICIES policy :main do lookup :default do datasource :file, { :docroot => "/var/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end policy :main do lookup :default do datasource :file, { :docroot => "/var/lib/jerakia/data", :format => :yaml, :searchpath => [ "host/#{scope[:hostname]}", "env/#{scope[:env]}", "common", ] } end end /var/lib/jerakia/data/common/apache.yaml
  • 41. JERAKIA: POLICIES Scope Handler Request Lookup Plugins Data Source Output Filter Response Data Request consists of a lookup key, a namespace and some metadata Information to be used in determining how data is looked up Lookup plugins can read and modify the scope and A pluggable data source is used to lookup data Data returned from the datasource is passed to a pluggable output filter
  • 42. ADVANCED FEATURES: CONFINE / EXCLUDE / STOP policy :default do lookup :ireland do datasource :file, { :format => :yaml, :docroot => "/var/external/data/ie", :searchpath => [ "project/#{scope[:project]}", "common", ] } confine scope[:location], "ie" confine request.namespace[0], "apache" stop end lookup :main, do datasource :file, { :format => :yaml, :docroot => "/var/lib/jerakia", :searchpath => [ "hostname/#{scope[:fqdn]}", "environment/#{scope[:environment]}", "common" ], } end end ➤ Isolate lookups
  • 43. ADVANCED FEATURES: HANDLING SECRETS ➤ Jerakia supports decrypting values from any data source ➤ Uses a pluggable encryption provider ➤ Vault provider native ➤ Uses Vaults' transit feature as "cryptography as a service" ➤ Custom encryption providers possible https://www.craigdunn.org/2017/04/managing-puppet-secrets-with-jerakia-and-vault/
  • 44. ➤ By default Jerakia will return the first value found while traversing the hierarchy ➤ We can request for the entire hierarchy be searched and all instances of a value returned in one array or hashmap ADVANCED FEATURES: MERGE BEHAVIOUR users: - lucy - bob - mike users: - root - craig - jan - max - jessica { users: [ "lucy", "bob", "mike", "root", "craig", "max", "jessica" ] } CommonEnv (dev)
  • 45. ADVANCED FEATURES: READ MORE http://jerakia.io ➤ Plugins ➤ Schemas ➤ Datasources ➤ Output Filters ➤ API documentation
  • 46. THE THIRD DATA PROBLEM Everyone Else When people starting saying "DevOps"...
  • 47. THE THIRD DATA PROBLEM Everyone Else ...2018
  • 48. THE THIRD DATA PROBLEM ➤ We use lots of tools to manage our infrastructure ➤ Provisioning ➤ Orchestration ➤ Configuration Management ➤ Monitoring ➤ Different tools have different data patterns ➤ The actual data is the same
  • 49. JERAKIA: AIM ➤ A centralized source for all data lookups ➤ Powerful hierarchical lookups ➤ Current front integrations; ➤ Puppet (Hiera 5 backend) ➤ https://forge.puppet.com/crayfishx/jerakia ➤ Ansible (Lookup plugin) ➤ https://github.com/crayfishx/ansible-jerakia ➤ Potential for many more!
  • 51. AND FINALLY... ➤ Features ➤ Ideas ➤ Fixes ➤ ... any other feedback https://github.com/crayfishx/jerakia