[ale] [EXTERNAL] Re: Time for this Grey Beard to stir up some stuff

Jerald Sheets questy at gmail.com
Tue Jun 1 09:22:56 EDT 2021 


> On May 31, 2021, at 1:45 PM, Chris Fowler via Ale <ale at ale.org> wrote:
> 
> 
> 
> It's a balancing act.  Without abstractions you have more work.  On a grand scale, this more work can be too much work.  With an abstraction you have less work, but you are in tyrannical situation where the abstraction enforces your hosts to conform in some way to what it wishes to work with. 
> 
> Automation works best with fewer variables.  An environment with all the same hardware, same OS, same versions, etc would work well with Ansible.  It would work well with the least experienced admin because any weird b behavior is most likely hardware failure.  Abstractions work well in a world of rules.  Honestly, I prefer the world where I write most of the rules.  
> _______________________________________________


At my most gracious during the pre-coffee hours, I have to address this.  The statement is misinformed " in tyrannical situation. where the abstraction enforces your hosts to conform in some way to what it wishes to work with”

Just like any of the automation we’ve all worked with, whether it be Puppet/Chef/Ansible/SALT or whether it be host lists and “for loops”, it is what you make of it, and you need to be expert in both the platform and its design patterns before you start making assumptions.

Take my east coast fleet @ about 300k nodes.  

I have a large majority that are rather identical, not the least of which because they’re all auto scaling group members and all need to look identical.  I have another percentage over that which require some special sauce of some sort that add a layer of abstraction upon the base abstraction.  I have different layers of abstraction across the fleet that are added and layered in ways that provide the maximum of flexibility right down to $special_snowflake machines that have independent one-off configurations, but all applied via abstractions and layering.

All told, I’d say I’ve got nearly a dozen abstractions, but the combinations and potential configurations maginfies to many hundreds of potential configurations.  Then, with parameterization and layering, two machines that are precisely the same can be configured entirely differently based simply on differences because their IPs are different.

You can no longer look at these things as a Sysadmin who automates, but as an infrastructure developer who iterates. Finding new and improved ways to address abstractions, variablizing input, iterating over dynamic groups of hosts, etc. etc.  You only have limitations and some sort of “tyrannical situation” if you allow it to happen.  These are development languages in a development paradigm for a reason.  You systematize and make into code the very essence of your existing infrastructure, and then do your best to make the moving parts lesser and more generic while maintaining flexibility and idempotent power to cease annoying drift.  

It works, and it’s definitely a better way to *DO* System Administration in this day especially when we’re all being asked to do more with less, and to manage more machines with fewer people.



—jms

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20210601/5bbb1f4d/attachment-0003.htm>

More information about the Ale mailing list