How a domain-specific language affects configuration management (original) (raw)
Configuration management tool capabilities and the expected training investment are two major concerns of IT operations teams as they implement this form of automation. Both selection criteria are heavily influenced by the tool's native tongue.
Puppet, Chef, Microsoft PowerShell Desired State Configuration (DSC), Red Hat Ansible and SaltStack are configuration management and orchestration tools that install software, configure storage, add networks to a deployment and perform other setup tasks. Some of these tools use YAML -- which recursively stands for YAML Ain't Markup Language -- templates to provide configuration instructions, while others use a domain-specific language (DSL) to provide more flow control.
YAML is an industry-standard formatting template, much like JavaScript Object Notation. By contrast, a domain-specific language, as the name implies, is a programming language that is proprietary to the tool. Each method has relative merits.
Puppet and Chef configuration instructions are written in different DSLs, although they are both based on Ruby. PowerShell DSC uses a DSL as well. By contrast, Ansible and SaltStack rely on YAML.
DSLs require programming, while YAML templates are configuration files. Programming languages provide more control over the tasks that the tool performs, but you need to be a programmer to understand them and must write good documentation to hand a domain-specific configuration setup off to other programmers. YAML is easier to read than configurations in the domain-specific languages, since YAML is just a template. Specific commands with specific delimiters make the logic clear.
There are management issues built into DSL-based and YAML-based tools. What does this mean for configuration management? Which approach is most suitable to a given situation?
DSL is for programmers
A programmer can code exactly what they want in a domain-specific language. But configuration management tasks do not happen in isolation, and DSLs suffer from the complication inherent in any programming language: the need for others to understand what another programmer wrote. It is not always simple, especially with poor documentation. YAML, by contrast, enforces consistency.
With any configuration management setup, YAML or DSL, users rely on a code version control system, such as GitHub, to share work and feed configurations into the automated tool. When the build executes, the configuration management tool pulls the code from that central repository, and if something breaks, it can roll back the deployment to a previous version.
DSL requires documentation, and documentation does not fit well in GitHub, because that requires markdown syntax. It is time-consuming to add. Organizations typically find that a shared file, such as Google Docs, is better for documentation.
The programmer using DSL can use code from public repositories to expand the configuration procedure's capabilities. They can access shared libraries rather than create something from scratch. Puppet Forge is one such community repository, with nearly 6,000 modules.
DSL enables the admin to write in unit tests as well. For CI/CD teams, the more automation capabilities, the better value they get from the configuration management tool.
YAML syntax and structure
YAML is based on the Python concept of the data structures tuples and dictionaries.
A tuple is simply a collection of something, like host names. The tuple host1, host2 and host3 is written in YAML as :hosts:
- host1
- host2
- host3
A dictionary is a set of Key-value pairs, like those to describe the type of environment or department to which a configuration file refers. For example, host1 is a host name, production is one kind of environment and maintenance is a department in the company. These pairs are represented in a YAML configuration file as:
host1:
environment: production
owner: maintenance
YAML is not without logic. It accepts Boolean values, which are essentially yes or no to a given condition. For example, a configuration file might specify that the instance needs a key created but does not need an agent:
create_key: yes
needs_agent: no
YAML enables the tool to abstract infrastructure as code and install software with a custom configuration (see Figure 1) in a repeatable fashion.
Figure 1. This example of YAML code installs a web server, using the same name as for yum install, and copies a configuration file to the target environment.
YAML is simple compared to the various domain-specific languages, but that does not mean it is limited. YAML includes complex structures, like nested dictionaries, ints, floats, timestamps, booleans, strings and Unicode field types.
Tool-by-tool configuration files
The brief explanation and examples below illustrate how each configuration management tool makes use of YAML or a DSL and shares tips for admins adopting the product. Other configuration management tools are available, as are tools with overlapping capabilities. This specific sampling portrays domain-specific languages and YAML counterparts.
SaltStack's flavor of YAML. SaltStack uses a combination of Jinja (DSL) and YAML for Salt. The SaltStack platform evaluates Jinja first then compiles the YAML configuration information to Python code. Jinja gives the SaltStack user flow control so that they can more easily write logical statements than with YAML, which is a template and not a programming language.
{% if grains['os'] != 'FreeBSD' %}
tcsh:
pkg:
- installed
{% endif %}
Jinja also has looping structures, such as {% for motdfile in motd %}.
Puppet's gem of a DSL. Puppet is based on Ruby, which is a popular language in part because of its ease of use. To use Puppet, an administrator needs to know how to write functions in Ruby. Not all systems administrators are programmers.
Puppet code, as seen in Figure 2, relies on advanced programming concepts, including objects. This code is an object instead of simply a stand-alone function, since it first declares the function up, with its parameters. Then, the code defines it, meaning implements its methods. IT pros familiar with Java and other programming languages should feel comfortable with Puppet's DSL.
Figure 2. This sample Puppet code demonstrates object-based programming.
Chef's homemade DSL. The DSL for Chef has integers and other primitives, plus arrays and dictionaries -- hashes in Chef nomenclature -- regular expressions and all the tools an experienced programmer would recognize.
Define a function in Chef using the traditional approach, no object required.
def do_something_useless( first_argument, second_argument)
puts "You gave me #{first_argument} and #{second_argument}"
end
A user also can add Windows APIs, which PowerShell makes available to the command-line interface. That is a powerful feature that otherwise would require C programming to accomplish.
Windows PowerShell's baked-in DSC. Windows PowerShell has always been a good alternative to the DOS command-line shell. PowerShell supports Linux-like commands, which are useful and less awkward than Windows equivalents, although they tend to have different names. For example, the easy Unix ls function is replaced with the more complicated PowerShell command Get-ChildItem to list files in a directory. PowerShell scripts end with file suffix .ps1 and are called cmdlets.
PowerShell DSC is a management platform from Microsoft that focuses on PowerShell's capabilities to control configuration as code.
As a programming framework, PowerShell requires knowledge of its scripting object model, which resembles a JavaScript document object model. It requires some study for Windows administrators, especially those accustomed to the GUI of other Microsoft tools.
[reflection.assembly]::LoadFile("c:\test\ISESimpleSolution\ISESimpleSolution.dll")
Ansible play by play. Red Hat's Ansible configuration management platform relies on simplicity to appeal to users with little programming experience. It is based on YAML. Follow the video below to see sample Ansible configuration information and glean the basics of the tool.
Stuart Burns breaks down how Ansible works and demonstrates its YAML format in this video.