SlideShare une entreprise Scribd logo

Narcissus — mapping configs in Go

Raphaël PINSON
Raphaël PINSON

Go has been increasingly used to write new configuration management tools. Narcissus provides a library to abstract configuration files as Go structures. https://github.com/raphink/narcissus

Technologie
1  sur  18
Télécharger pour lire hors ligne
Narcissus: mapping configs in Go Raphaël Pinson
2/18www.camptocamp.com / Who am I? ■ Raphaël Pinson (@raphink) ○ Infrastructure Developer & Training Leader ○ Augeas & Augeasproviders developer ○ Various contributions to Puppet & Ecosystem
3/18www.camptocamp.com / Camptocamp ■ Switzerland / France / Germany ■ Open-source development/integration expert ■ ~ 90 employees ■ Puppet user and contributor since 2008 ■ Main contributor to the Puppet Forge
4/18www.camptocamp.com / Augeas: generic C library for config edition ■ Config mgmt "scalpel" ■ Bindings for many langages ■ Used in libvirt, nut, etc. ■ Integrated in Puppet, Ansible, Salt, etc. ■ > 300 parsers (lenses) augeas.net
5/18www.camptocamp.com / Augeasproviders: Puppet library for config providers ■ Provides resource abstraction ■ Declarative API to link parameters to tree nodes/labels ■ ~20 existing types/providers augeasproviders.com
6/18www.camptocamp.com / Augeasproviders: Declarative API resource_path do |resource| service = resource[:service] type = resource[:type] mod = resource[:module] control_cond = (resource[:control_is_param] == :true) ? "and control='#{resource[:control]}'" : '' if target == '/etc/pam.conf' "$target/*[service='#{service}' and type='#{type}' and module='#{mod}' #{control_cond}]" else "$target/*[type='#{type}' and module='#{mod}' #{control_cond}]" end end
7/18www.camptocamp.com / What about go? ■ Many new cfgmgmt tools written in go ■ Augeas bindings for go ■ No abstraction for generic config files yet
8/18www.camptocamp.com / Augeas bindings for go ■ github.com/dominikh/go- augeas ■ Simple mapping to Augeas API ■ No config file abstraction package main import ( "honnef.co/go/augeas" "fmt" ) func main() { ag, err := augeas.New("/", "", augeas.None) if err != nil { panic(err) } version, err := ag.Get("/augeas/version") fmt.Println(version, err) }
9/18www.camptocamp.com / Go uses tags on structs ■ YAML/JSON/XML parsing ■ Flags/interfaces (.e.g. go-flags) // OpenstackConfigAuth stores authentication informations type OpenstackConfigAuth struct { AuthURL string `yaml:"auth_url,omitempty"` Password string `yaml:"password,omitempty"` ProjectID string `yaml:"project_id,omitempty"` ProjectName string `yaml:"project_name,omitempty"` Username string `yaml:"username,omitempty"` UserDomainName string `yaml:"user_domain_name,omitempty"` }
10/18www.camptocamp.com / Using tags with Augeas ■ Use a narcissus tag ■ Map tags to Augeas tree ■ Expose configuration files as go structs
11/18www.camptocamp.com / Augeas parsing /etc/group augtool> print /files/etc/group/adm /files/etc/group/adm /files/etc/group/adm/password = "x" /files/etc/group/adm/gid = "4" /files/etc/group/adm/user[1] = "syslog" /files/etc/group/adm/user[2] = "raphink" ■ Group names are node labels ■ Sub-nodes for password and gid ■ Sub-nodes for users
12/18www.camptocamp.com / Narcissus simple struct declaration type group struct { augeasPath string Name string `narcissus:".,value-from-label"` Password string `narcissus:"password"` GID int `narcissus:"gid"` Users []string `narcissus:"user"` }
13/18www.camptocamp.com / Parsing /etc/group with Narcissus aug, err := augeas.New("/", "", augeas.None) if err != nil { log.Fatal("Failed to create Augeas handler") } n := narcissus.New(&aug) group := &group{ augeasPath: "/files/etc/group/docker", } if err = n.Parse(group) ; err != nil { log.Fatalf("Failed to retrieve group: %v", err) }
14/18www.camptocamp.com / Modifying files user := n.NewPasswdUser("raphink") // Modify UID user.UID = 42 err = n.Write(user) if err != nil { log.Fatalf("Failed to save user: %v", err) }
15/18www.camptocamp.com / Mapping /etc/services // Services maps a /etc/services file type Services struct { augeasPath string `default:"/files/etc/services"` Comments []struct { Comment string `narcissus:"."` } `narcissus:"#comment"` Services []Service `narcissus:"service-name"` } // Service maps a Services entry type Service struct { augeasPath string Name string `narcissus:"."` Port int `narcissus:"port"` Protocol string `narcissus:"protocol"` Comment string `narcissus:"#comment"` } augtool> print /files/etc/services/ /files/etc/services /files/etc/services/#comment[1] = "Network services, Internet style" /files/etc/services/service-name[1] = "tcpmux" /files/etc/services/service-name[1]/port = "1" /files/etc/services/service-name[1]/protocol = "tcp" /files/etc/services/service-name[1]/#comment = "TCP port service multiplexer"
16/18www.camptocamp.com / Mapping /etc/hosts (seq) // Hosts maps a /etc/hosts file type Hosts struct { augeasPath string `default:"/files/etc/hosts"` Comments []struct { Comment string `narcissus:"."` } `narcissus:"#comment"` Hosts []Host `narcissus:"seq"` } // Host maps an Hosts entry type Host struct { augeasPath string IPAddress string `narcissus:"ipaddr"` Canonical string `narcissus:"canonical"` Aliases []string `narcissus:"alias"` Comment string `narcissus:"#comment"` } augtool> print /files/etc/hosts /files/etc/hosts /files/etc/hosts/1 /files/etc/hosts/1/ipaddr = "127.0.0.1" /files/etc/hosts/1/canonical = "localhost" /files/etc/hosts/2 /files/etc/hosts/2/ipaddr = "127.0.1.1" /files/etc/hosts/2/canonical = "wrk8.wrk.cby.camptocamp.com" /files/etc/hosts/2/alias = "wrk8"
17/18www.camptocamp.com / Write your own ■ Use existing Augeas lenses (or write your own) ■ Map tree to go struct ■ Profit!
Narcissus — mapping configs in Go

Recommandé

Fosdem i inne konferencje
Fosdem i inne konferencjeFosdem i inne konferencje
Fosdem i inne konferencje
Sebastian Pożoga
 
curl --http3 cheatsheet
curl --http3 cheatsheetcurl --http3 cheatsheet
curl --http3 cheatsheet
Naoto MATSUMOTO
 
Containers from scratch
Containers from scratchContainers from scratch
Containers from scratch
Rakuten Group, Inc.
 
Persistence patterns for containers
Persistence patterns for containersPersistence patterns for containers
Persistence patterns for containers
Stephen Watt
 
Frontline coding-mozfest
Frontline coding-mozfestFrontline coding-mozfest
Frontline coding-mozfest
geocontrol
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with python
roskakori
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
Puppet
 
Augeas @RMLL 2012
Augeas @RMLL 2012Augeas @RMLL 2012
Augeas @RMLL 2012
Raphaël PINSON
 

Recommandé

Fosdem i inne konferencje
Fosdem i inne konferencjeFosdem i inne konferencje
Fosdem i inne konferencje
Sebastian Pożoga
 
curl --http3 cheatsheet
curl --http3 cheatsheetcurl --http3 cheatsheet
curl --http3 cheatsheet
Naoto MATSUMOTO
 
Containers from scratch
Containers from scratchContainers from scratch
Containers from scratch
Rakuten Group, Inc.
 
Persistence patterns for containers
Persistence patterns for containersPersistence patterns for containers
Persistence patterns for containers
Stephen Watt
 
Frontline coding-mozfest
Frontline coding-mozfestFrontline coding-mozfest
Frontline coding-mozfest
geocontrol
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with python
roskakori
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
Puppet
 
Augeas @RMLL 2012
Augeas @RMLL 2012Augeas @RMLL 2012
Augeas @RMLL 2012
Raphaël PINSON
 
Intro to-puppet
Intro to-puppetIntro to-puppet
Intro to-puppet
F.L. Jonathan Araña Cruz
 
BloodHound Unleashed.pdf
BloodHound Unleashed.pdfBloodHound Unleashed.pdf
BloodHound Unleashed.pdf
n00py1
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
OpenShift Origin
 
Bundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMBundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPM
Alexander Shopov
 
Orchestrated Functional Testing with Puppet-spec and Mspectator
Orchestrated Functional Testing with Puppet-spec and MspectatorOrchestrated Functional Testing with Puppet-spec and Mspectator
Orchestrated Functional Testing with Puppet-spec and Mspectator
Raphaël PINSON
 
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Puppet
 
R programming for data science
R programming for data scienceR programming for data science
R programming for data science
Sovello Hildebrand
 
syslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionsyslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extraction
BalaBit
 
Using Composer with Drupal and Drush
Using Composer with Drupal and DrushUsing Composer with Drupal and Drush
Using Composer with Drupal and Drush
Pantheon
 
OSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
OSDC 2013 | Software Packaging with RPM Demystified by Andrew FordOSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
OSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
NETWAYS
 
C make cache
C make cacheC make cache
C make cache
javad lordoff
 
R sharing 101
R sharing 101R sharing 101
R sharing 101
Omnia Safaan
 
lxc-namespace.pdf
lxc-namespace.pdflxc-namespace.pdf
lxc-namespace.pdf
-
 
Keynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics StudiesKeynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics Studies
ESEM 2014
 
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin
 
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
Diane Mueller
 
Writing your own augeasproviders
Writing your own augeasprovidersWriting your own augeasproviders
Writing your own augeasproviders
Dominic Cleal
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
Anton Babenko
 
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
Wong Hoi Sing Edison
 
configuring a warm standby, the easy way
configuring a warm standby, the easy wayconfiguring a warm standby, the easy way
configuring a warm standby, the easy way
Command Prompt., Inc
 
Explore the World of Cilium, Tetragon & eBPF
Explore the World of Cilium, Tetragon & eBPFExplore the World of Cilium, Tetragon & eBPF
Explore the World of Cilium, Tetragon & eBPF
Raphaël PINSON
 
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Raphaël PINSON
 

Contenu connexe

Similaire à Narcissus — mapping configs in Go

Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
OpenShift Origin
 
syslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionsyslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extraction
BalaBit
 
lxc-namespace.pdf
lxc-namespace.pdflxc-namespace.pdf
lxc-namespace.pdf
-
 
Keynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics StudiesKeynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics Studies
ESEM 2014
 
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin
 
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
Diane Mueller
 

Similaire à Narcissus — mapping configs in Go (20)

Intro to-puppet
Intro to-puppetIntro to-puppet
Intro to-puppet
 
BloodHound Unleashed.pdf
BloodHound Unleashed.pdfBloodHound Unleashed.pdf
BloodHound Unleashed.pdf
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
 
Bundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMBundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPM
 
Orchestrated Functional Testing with Puppet-spec and Mspectator
Orchestrated Functional Testing with Puppet-spec and MspectatorOrchestrated Functional Testing with Puppet-spec and Mspectator
Orchestrated Functional Testing with Puppet-spec and Mspectator
 
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
 
R programming for data science
R programming for data scienceR programming for data science
R programming for data science
 
syslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionsyslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extraction
 
Using Composer with Drupal and Drush
Using Composer with Drupal and DrushUsing Composer with Drupal and Drush
Using Composer with Drupal and Drush
 
OSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
OSDC 2013 | Software Packaging with RPM Demystified by Andrew FordOSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
OSDC 2013 | Software Packaging with RPM Demystified by Andrew Ford
 
C make cache
C make cacheC make cache
C make cache
 
R sharing 101
R sharing 101R sharing 101
R sharing 101
 
lxc-namespace.pdf
lxc-namespace.pdflxc-namespace.pdf
lxc-namespace.pdf
 
Keynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics StudiesKeynote 1 - Engineering Software Analytics Studies
Keynote 1 - Engineering Software Analytics Studies
 
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
 
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce
 
Writing your own augeasproviders
Writing your own augeasprovidersWriting your own augeasproviders
Writing your own augeasproviders
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
 
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?
 
configuring a warm standby, the easy way
configuring a warm standby, the easy wayconfiguring a warm standby, the easy way
configuring a warm standby, the easy way
 

Plus de Raphaël PINSON

Cloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust VisibilityCloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust Visibility
Raphaël PINSON
 
Container Security: a toolchain for automatic image rebuilds
Container Security: a toolchain for automatic image rebuildsContainer Security: a toolchain for automatic image rebuilds
Container Security: a toolchain for automatic image rebuilds
Raphaël PINSON
 

Plus de Raphaël PINSON (20)

Explore the World of Cilium, Tetragon & eBPF
Explore the World of Cilium, Tetragon & eBPFExplore the World of Cilium, Tetragon & eBPF
Explore the World of Cilium, Tetragon & eBPF
 
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
 
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
 
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfKCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
 
Cloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust VisibilityCloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust Visibility
 
DevOpsDays Zurich 2023 — Bridging Dev and Ops with eBPF: Extending Observabil...
DevOpsDays Zurich 2023 — Bridging Dev and Ops with eBPF: Extending Observabil...DevOpsDays Zurich 2023 — Bridging Dev and Ops with eBPF: Extending Observabil...
DevOpsDays Zurich 2023 — Bridging Dev and Ops with eBPF: Extending Observabil...
 
Révolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamiqueRévolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamique
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF Superpowers
 
Cloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPFCloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPF
 
2022 DevOpsDays Geneva — The Hare and the Tortoise.pdf
2022 DevOpsDays Geneva — The Hare and the Tortoise.pdf2022 DevOpsDays Geneva — The Hare and the Tortoise.pdf
2022 DevOpsDays Geneva — The Hare and the Tortoise.pdf
 
SKS in git ops mode
SKS in git ops modeSKS in git ops mode
SKS in git ops mode
 
The Hare and the Tortoise: Open Source, Standards & Technological Debt
The Hare and the Tortoise: Open Source, Standards & Technological DebtThe Hare and the Tortoise: Open Source, Standards & Technological Debt
The Hare and the Tortoise: Open Source, Standards & Technological Debt
 
Devops stack
Devops stackDevops stack
Devops stack
 
YAML Engineering: why we need a new paradigm
YAML Engineering: why we need a new paradigmYAML Engineering: why we need a new paradigm
YAML Engineering: why we need a new paradigm
 
Container Security: a toolchain for automatic image rebuilds
Container Security: a toolchain for automatic image rebuildsContainer Security: a toolchain for automatic image rebuilds
Container Security: a toolchain for automatic image rebuilds
 
K9s - Kubernetes CLI To Manage Your Clusters In Style
K9s - Kubernetes CLI To Manage Your Clusters In StyleK9s - Kubernetes CLI To Manage Your Clusters In Style
K9s - Kubernetes CLI To Manage Your Clusters In Style
 
Argocd up and running
Argocd up and runningArgocd up and running
Argocd up and running
 
Bivac - Container Volumes Backup
Bivac - Container Volumes BackupBivac - Container Volumes Backup
Bivac - Container Volumes Backup
 
Automating Puppet Certificates Renewal
Automating Puppet Certificates RenewalAutomating Puppet Certificates Renewal
Automating Puppet Certificates Renewal
 
Running the Puppet Stack in Containers
Running the Puppet Stack in ContainersRunning the Puppet Stack in Containers
Running the Puppet Stack in Containers
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Narcissus — mapping configs in Go

  • 1. Narcissus: mapping configs in Go Raphaël Pinson
  • 2. 2/18www.camptocamp.com / Who am I? ■ Raphaël Pinson (@raphink) ○ Infrastructure Developer & Training Leader ○ Augeas & Augeasproviders developer ○ Various contributions to Puppet & Ecosystem
  • 3. 3/18www.camptocamp.com / Camptocamp ■ Switzerland / France / Germany ■ Open-source development/integration expert ■ ~ 90 employees ■ Puppet user and contributor since 2008 ■ Main contributor to the Puppet Forge
  • 4. 4/18www.camptocamp.com / Augeas: generic C library for config edition ■ Config mgmt "scalpel" ■ Bindings for many langages ■ Used in libvirt, nut, etc. ■ Integrated in Puppet, Ansible, Salt, etc. ■ > 300 parsers (lenses) augeas.net
  • 5. 5/18www.camptocamp.com / Augeasproviders: Puppet library for config providers ■ Provides resource abstraction ■ Declarative API to link parameters to tree nodes/labels ■ ~20 existing types/providers augeasproviders.com
  • 6. 6/18www.camptocamp.com / Augeasproviders: Declarative API resource_path do |resource| service = resource[:service] type = resource[:type] mod = resource[:module] control_cond = (resource[:control_is_param] == :true) ? "and control='#{resource[:control]}'" : '' if target == '/etc/pam.conf' "$target/*[service='#{service}' and type='#{type}' and module='#{mod}' #{control_cond}]" else "$target/*[type='#{type}' and module='#{mod}' #{control_cond}]" end end
  • 7. 7/18www.camptocamp.com / What about go? ■ Many new cfgmgmt tools written in go ■ Augeas bindings for go ■ No abstraction for generic config files yet
  • 8. 8/18www.camptocamp.com / Augeas bindings for go ■ github.com/dominikh/go- augeas ■ Simple mapping to Augeas API ■ No config file abstraction package main import ( "honnef.co/go/augeas" "fmt" ) func main() { ag, err := augeas.New("/", "", augeas.None) if err != nil { panic(err) } version, err := ag.Get("/augeas/version") fmt.Println(version, err) }
  • 9. 9/18www.camptocamp.com / Go uses tags on structs ■ YAML/JSON/XML parsing ■ Flags/interfaces (.e.g. go-flags) // OpenstackConfigAuth stores authentication informations type OpenstackConfigAuth struct { AuthURL string `yaml:"auth_url,omitempty"` Password string `yaml:"password,omitempty"` ProjectID string `yaml:"project_id,omitempty"` ProjectName string `yaml:"project_name,omitempty"` Username string `yaml:"username,omitempty"` UserDomainName string `yaml:"user_domain_name,omitempty"` }
  • 10. 10/18www.camptocamp.com / Using tags with Augeas ■ Use a narcissus tag ■ Map tags to Augeas tree ■ Expose configuration files as go structs
  • 11. 11/18www.camptocamp.com / Augeas parsing /etc/group augtool> print /files/etc/group/adm /files/etc/group/adm /files/etc/group/adm/password = "x" /files/etc/group/adm/gid = "4" /files/etc/group/adm/user[1] = "syslog" /files/etc/group/adm/user[2] = "raphink" ■ Group names are node labels ■ Sub-nodes for password and gid ■ Sub-nodes for users
  • 12. 12/18www.camptocamp.com / Narcissus simple struct declaration type group struct { augeasPath string Name string `narcissus:".,value-from-label"` Password string `narcissus:"password"` GID int `narcissus:"gid"` Users []string `narcissus:"user"` }
  • 13. 13/18www.camptocamp.com / Parsing /etc/group with Narcissus aug, err := augeas.New("/", "", augeas.None) if err != nil { log.Fatal("Failed to create Augeas handler") } n := narcissus.New(&aug) group := &group{ augeasPath: "/files/etc/group/docker", } if err = n.Parse(group) ; err != nil { log.Fatalf("Failed to retrieve group: %v", err) }
  • 14. 14/18www.camptocamp.com / Modifying files user := n.NewPasswdUser("raphink") // Modify UID user.UID = 42 err = n.Write(user) if err != nil { log.Fatalf("Failed to save user: %v", err) }
  • 15. 15/18www.camptocamp.com / Mapping /etc/services // Services maps a /etc/services file type Services struct { augeasPath string `default:"/files/etc/services"` Comments []struct { Comment string `narcissus:"."` } `narcissus:"#comment"` Services []Service `narcissus:"service-name"` } // Service maps a Services entry type Service struct { augeasPath string Name string `narcissus:"."` Port int `narcissus:"port"` Protocol string `narcissus:"protocol"` Comment string `narcissus:"#comment"` } augtool> print /files/etc/services/ /files/etc/services /files/etc/services/#comment[1] = "Network services, Internet style" /files/etc/services/service-name[1] = "tcpmux" /files/etc/services/service-name[1]/port = "1" /files/etc/services/service-name[1]/protocol = "tcp" /files/etc/services/service-name[1]/#comment = "TCP port service multiplexer"
  • 16. 16/18www.camptocamp.com / Mapping /etc/hosts (seq) // Hosts maps a /etc/hosts file type Hosts struct { augeasPath string `default:"/files/etc/hosts"` Comments []struct { Comment string `narcissus:"."` } `narcissus:"#comment"` Hosts []Host `narcissus:"seq"` } // Host maps an Hosts entry type Host struct { augeasPath string IPAddress string `narcissus:"ipaddr"` Canonical string `narcissus:"canonical"` Aliases []string `narcissus:"alias"` Comment string `narcissus:"#comment"` } augtool> print /files/etc/hosts /files/etc/hosts /files/etc/hosts/1 /files/etc/hosts/1/ipaddr = "127.0.0.1" /files/etc/hosts/1/canonical = "localhost" /files/etc/hosts/2 /files/etc/hosts/2/ipaddr = "127.0.1.1" /files/etc/hosts/2/canonical = "wrk8.wrk.cby.camptocamp.com" /files/etc/hosts/2/alias = "wrk8"
  • 17. 17/18www.camptocamp.com / Write your own ■ Use existing Augeas lenses (or write your own) ■ Map tree to go struct ■ Profit!