Configuration management for multi-node SOA applications

StackOverflow https://stackoverflow.com/questions/20484171

Question

So this seems like a common problem in software today. Many companies seem to solve it with cloud platforms such as AWS, Azure, or Heroku. However, for data security that demands private clouds, the options seem less developed.

To elaborate, my specific need is managing an application independent of node (physical/virtual server). Currently we use Chef, which seems less than ideal for this task. In Chef I'm required to have a run list on each individual node in an environment. When I have an SOA application that's dependent on many different services which I don't want installed on the same node for obvious reasons, Chef can't give that to me. I have to do it manually. I have to internally document all the dependencies, and someone has to make a decision when creating the run lists for each node what goes where. There's no multi-node type configuration options (outside of environment variables) or automated way to install my services across many nodes.

This seems like such a common problem, that I have to believe I'm just missing something. There must be a tool out there that let's me manage an SOA application on a private cloud more easily than Chef does.

Does anyone know of such a tool? It seems crazy to me that Chef is so popular and it doesn't have this feature. I'd like to assume Puppet or some other tool out there does, but unlike Chef, I'd like to know before hand before I deep dive into trying to use it.

To condense what I want in Chef terms:

I'd like roles that map to environments that encapsulate an application. I'd like to run an install on THE ENVIRONMENT, instead of individual nodes. Internally the configuration management software would make some kind of informed decision as to which node to actually install a service, and update that services dependencies accordingly (e.g. via an environment variable).

In other words, I'd like CD to be CD for a SOA application hosted on a private cloud; not the semi-manual, mostly-not-continuous-delivery hack I have with Chef.

And if there's anyone from opscode out there (or otherwise chef fan), I readily admit I may not be using all Chef has to offer, in which case I'd like to know how people currently using it are dealing with my specific problem.

Also, all my servers are Windows 2008 R2 or Windows 2012, if that matters.

Was it helpful?

Solution

This is indeed a common problem, and hints on the grapevine seem to suggest that Opscode (now known as Chef, I guess) are aware of this and are working on a solution. Hopefully this is something we'll see in Chef 12.

The problem is that Chef is a Configuration Management system. It is not strictly a provisioning or orchestration product. Knife attempts to solve this problem, but on an extremely rudimentary scale. Other products, like Ansible and Puppet, are more equipped to tackle this issue. But again, even they aren't strict orchestration products either and still fall short.

I haven't had a chance to use it myself, but you should check out http://deis.io/ . It is an open source, lightweight platform-as-a-service that seems to address the orchestration problem. It might be what you are looking for.

Another option is to use something like https://github.com/coreos/etcd for inventory management. It allows you to have a centralized system inventory api that is very flexible, and offers more than Chef's own search data. With that you could write cookbooks to look up other systems and services and take steps to connect to them. It begins to get hokey, but you can always have Chef execute an ssh command that executes a command on a remote instance.

Anyway, just a couple of suggestions. Hope that helps.

OTHER TIPS

I'd like to run an install on THE ENVIRONMENT, instead of individual nodes. Internally the configuration management software would make some kind of informed decision as to which node to actually install a service, and update that services dependencies accordingly

You're looking for a PAAS solution (Platform as a service). Neither chef nor puppet will give you this. They are tools primarily designed for automating infrastructure deployment. They can be used to install applications, however, as you've noticed they take a very "node" based approach.

I don't know of any open source PAAS solution for windows, so I'd advise investigating commercial alternatives to hosted solutions like Microsoft Azure.

I have not used Puppet with Windows, but Puppet comes bundled with Facter, which provides support for custom facts - http://puppetlabs.com/blog/facter-part-1-facter-101

All of facter's variables are available to puppet manifests, so you can create run lists that do different things in different environments.

Additionally, you mention configuration for an application rather than a node - that is what Puppet modules are for, and you can create your own easily. This will allow different nodes to apply some modules, ignore others, or even make sure the module is absent.

I am surprised that RightScale, Scalr, or enStratus have not been mentioned. Most of these solutions fill in the gaps of SOA delivery with the added benefit of flexing parts of the SOA as needed.

I know it's not a 100% victory, but if I understand your problem correctly, it'll help. We use custom made cookbooks (obviously), but with role awareness. By that I mean if we spin up a new application server, our load balancer is automatically updated with the new server info. You can implement this by using 

appservers = search(:node, "role:applicationServer")

and customize it for the right fit.

As far as auto-scaling we have our own python scripts to handle that.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top