chef - [chef] Re: Re: Re: Bring up the discussion for knife-ec2 --node-name-prefix option

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Re: Bring up the discussion for knife-ec2 --node-name-prefix option

From: Lamont Granquist < >
To: < >
Subject: [chef] Re: Re: Re: Bring up the discussion for knife-ec2 --node-name-prefix option
Date: Wed, 24 Oct 2012 12:18:26 -0700

Well, I think we're always going to have humans interacting with individual servers. I think trying to eliminate that entirely is probably reducible to the halting problem, and you'll just keep kicking the can down the road, or up another level. At the same time I think that by pushing the use of serial numbers and removing humans as much as possible that we'll likely make a lot of useful process in the tooling that isn't going to happen if the industry/community/whatever doesn't try. So, its probably better off to ignore me and push for the use of serial numbers in order to make progress, however, I just don't buy that its that clear that its the ideal solution or that anything else doesn't scale.

And you're probably right that we need more than being neutral, but to embrace both ways of doing it. I'll certainly buy that. That has been one of the strengths so far of chef which is that however you fall along religious lines, chef tends to just support it.

On 10/24/12 9:50 AM, Christopher Brown wrote:

" type="cite">
This misses the point in exactly the same way it missed the point when we had this conversation at Amazon 8 years ago.

The point is not to have humans trying to track and use serial numbers directly, as if we were good at that. We are not.

The point is to use an appropriate mapping when and where possible. (As you said "then tooling needs to improve to the point where I don't need to see the serial numbers"). We keep deflecting. Hostname arguments are a symptom and are neither the actual problem nor the cure. It's also not about being "neutral"; it's about being amenable to either concern. If manipulating hostnames, at some scale, is part of a current process, we should not make that difficult. We should also make rich mapping easy and first-class at scale.

-C

From: Lamont Granquist < "> >
Reply-To: " "> " < "> >
Date: Wednesday, October 24, 2012 9:11 AM
To: " "> " < "> >
Subject: [chef] Re: Bring up the discussion for knife-ec2 --node-name-prefix option

I've used fairly lightweight human readable hostnames for a long time now, at very large scales and while there's issues with that approach, i've seen silliness at the level of a hundred or so nodes where people who need to talk about a specific server start abbreviating the random number digits based on fractions of the hostname and i've become tired of using search and copy and pasting random numbers around. If serial numbers is really the wave of the future then tooling needs to improve to the point where I don't need to see the serial numbers, and right now that simply isn't the state that we're in, and I'd vastly prefer to be oncall at 3am in the morning and be able to say "i'm going to reboot foo07" rather than "i'm going to reboot 8df34c1185d". While its nice to think that humans being involved in the whole process is dirty and unclean and a symptom of a problem and we should just automate them all away, I think its drinking the kool aid way too hard. Human names have many benefits, in addition to their downsides, and there is simply no clear winner in this argument.

IMO chef should be perfectly neutral about this issue.

On 10/22/12 7:16 AM, Christopher Brown wrote:

" type="cite">
Tensibai (and others who started the thread),

These are good points. As it is with many things in this industry, one size does not fit all.

I've be responsible for very large infrastructure deployments and have argued for most of my career against spending time and energy on a naming scheme. In a large infrastructure, relying on decipherable hostnames generally means other non-scalable practices follow, exactly because you are thinking at the single host level.

Nonetheless, we (Chef users and web-scale administrators) are quick to jump on the "SCALE IS KING" bandwagon and expect those techniques to be absolute truth. They are not. If your infrastructure is manageable now, is not expected to grow dramatically, and you are working with other tools and existing processes, don't let other people tell you they know your business best. Most of us are on a path of change and, over time, you may find you adopt these techniques when it's necessary or reasonable.

Until then, keep asking how Chef can help with what you do now, and what you want to do later.

-C

--

Christopher Brown

Chief Technology Officer, Opscode

Twitter: @skeptomai

From: Tensibai < "> >
Reply-To: " "> " < "> >
Date: Monday, October 22, 2012 5:38 AM
To: " "> " < "> >
Subject: [chef] Re: *** PROBABLY SPAM *** Re: Re: Re: Bring up the discussion for knife-ec2 --node-name-prefix option

Well, I'm not using ec2 but reading this thread at this point makes 2 or 3 points in my mind:

1) I'm promoting chef, at this stage I really can't tell others to stop using manually defined machine names without shooting a bullet in chef future.

2) We do use others tools (really ? yes) wich are not so easy to connect to chef, basing a decision on system name about OS/type could be easiest.

So well, it could be a "best practice" to have not meaningfull node names, but that could be helpfull too in some cases.

I see not point avoiding this kind of use for mid-way teams. But I acn see the point having this feature to help mid-way teams migrate from one step to the next...

So, sorry but this time some 'great' people from this list sounds elitist on how you may/should use chef ...

Cheers

Le 2012-10-22 08:45, AJ Christensen a écrit :

I'm going to go ahead and say yeah, I am Iron Man, and we are so done in this thread.

Ship the code. Resolve the ticket. Let the community use it if they want. You can give machines friendly human snowflake pet names if you like. We will not.

--AJ

On Oct 22, 2012 3:56 PM, "Sascha Bates" < "> > wrote:

With Jenkins, there are tools to copy workspaces from one job to another, to copy workspace data from one system to another, to archive artifacts, etc.... You should be making use of those kinds of tools so that you never need to go out to a specific slave to find out what went wrong with a given job. And if we lived in a perfect world, I'm sure we'd never need to ssh anywhere and could just sit in the middle of an interactive matrix like Tony Stark. Regardless, this is an active development environment and we are in and out of Jenkins slaves and development team VMs, and just generally being the diagnostic fixit guys. The information doesn't always come to you. Sometimes you have to go to the information. And while I get a lot of information from the Jenkins GUI, sometimes there's no substitute for going out and looking at something. Also, the decision was made (before I came along) to have all the dev teams use their own chef servers, so there is no unified environment in dev. Don't get me started on the discrepancies between this arena and other environments. I'm hoping to move toward homogenization. But we have hundreds of developers, and something like 50 Openstack tenants (all dev teams). The infrastructure started small with a couple of teams and then grew to include a large portion of the enterprise rather quickly. Or possibly I'm the only person who doesn't work in a perfect world. Everyone else, back to your regularly scheduled Ironman Matrix.

Sascha Bates | "> | 612 850 0444 | | |
On 10/21/12 7:57 PM, Brad Knowles wrote:

On Oct 21, 2012, at 5:35 PM, Sascha Bates ">< > wrote:

How are people working with these servers that have no useful labels? I really want to know. We ssh all over the place in our infrastructure and if I had to go out and look up a special snowflake ec2-blah-blah or IP every time I wanted to get to a server, I'd probably take a baseball bat to my infrastructure.

IMO, if you're manually ssh'ing around in a large infrastructure, you're doing it wrong. If you've got a small infrastructure, and you can keep all the hostnames in your head at the same time, and you can manage your IP address space with simple /etc/hosts files, then manually ssh'ing around may be required on occasion and is probably okay. However, if you've got a larger infrastructure, then you should have better tools to get the information you need and put it in a place where you can get to it, without you having to manually ssh around. Those tools might end up having to use ssh to get the information, but that part of the process should be hidden from you.

For example, we run a Jenkins setup with 20 slaves. The slaves are rebuilt often using openstack and chef. I'm currently writing a knife plugin to set up ssh aliases for nodes in a role that make it easy for us to do things like 'ssh slave20' as we are constantly helping people figure out stuff about their jobs on the slaves or diagnosing VM issues (I'd actually really like to take a baseball bat to our Openstack infra).

With Jenkins, there are tools to copy workspaces from one job to another, to copy workspace data from one system to another, to archive artifacts, etc.... You should be making use of those kinds of tools so that you never need to go out to a specific slave to find out what went wrong with a given job. -- Brad Knowles ">< > LinkedIn Profile: <http://tinyurl.com/y8kpxu>

[chef] Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Bring up the discussion for knife-ec2 --node-name-prefix option, (continued)