I am familiar with habitat, it’s concepts, I admiring vision you had two years ago. I have few questions in mind thus posting them even bit “raw” just in case someone is interested.
TL;DR
Note this post is not about credentials handling or configuration management tools.
Questioning “remote” hab env. control as well as it’s autonomous/distributed lifetime of the habitat cluster.
Well when app is deployed with habitat, or habitat-operator in k8s, …, then it hold’s it’s life-cycle automation with it. However what happens when you have to run an update? I mean binaries don’t change, just configuration in .toml
- update service configuration on a node (.toml, env variables, etc…)?
- update whole group by an upload of user.toml?
- there is gh: request for “hab edit”
Now,forget:
- ssh to peer node and run “hab” there
- run an configuration management* to deploy habitat infrastructure and control it later
Ssh requires and credentials and “specific” access. Configuration management requires keeping some state information all thetime. In fact, the only thing you need to control it is A) secret to connect to habitat ring, B) remote “hab” to talk to peer.
The use-case I would like to achieve is to
- When habitat “deployment/cluster” is created (it might register itself to an above layer to be later “controlled”)
- vs. the oposite, the habitat cluster is deployed from the above layer (configuration managemet)
- when it self-register to above layer, then “service discovery” in it may happen as well
- Or having an ability to remotely control deployed supervisor and it’s content
- using the “above” layer to connect the hab cluster, or simply reaching “hab sup” remotely (over ssh)
- while keeping configuration in running cluster
- having the ability to remotely edit the configuration
- having the ability to update configuration from the “operator” location (ie upload some local files, read k/v from
local k/v store when it’s being send to hab supervisor)
- (you may even imagine, in habitat-operator and k8s case, the “above layer” is the kubernetes itself and the API)
- using the “above” layer to connect the hab cluster, or simply reaching “hab sup” remotely (over ssh)
- Not to depend on centralized “configuration management” (chef, salt, …), shooter as (terraform, ansible) or even “bootstrap scripts” after cloud-init for 2nd day of the app lifetime
- When I say NO configuration managment, I don’t say NO to a tool for “continuous deploy”
- My infrastructure nodes, git repos to hold any “core” secrets, or at least not encrypted
To be more specific:
- I considering kubernetes cluster deployment (with habitat packages) on top of bare-metal. Possibly only as starting the same images “with the pre-installed setup with habitat”
- Or I may use terraform to start nodes, install “default setup” of some application but then I want to control it only
with, an “.key” to connect a ring, “.toml” files with updates and external k/v as Vault with core Secrets (as certs).
Now some reasonings?
- I want to avoid centralized configuration management for application, as for example reasoned by the “mgmtconfig”.
- Avoid “state” full configuration setup in favor of “event” based configuration changes
- on state, “configuration management” enforces some state all the time
- on event based behavior there is no central point to “enforce state” but the “cluster itself” keeps the state, while on
external event perform an reconfiguration -> update.
- Tooling is not good enough
- Terraform keepes it’s states with all values in clear text (I know, they may be encrypted). Obviously this creates an dependency a “foundation” node that run the teraform config and hold the state.
- Anyway, If I would use terraform then for infrastructure, not for app configuration and lifecycle
- For core secrets I will use ENV variables populated from k/v (like Vault) in my plan/hooks scripts rather then storing
them in .toml or in configuration management or having configuration management only to read them from k/v, etc…
- there is request to auto-discover peers (not by IP). Well event I don’t want to know who/what is peer. I want to “speak” to hub supervisor instance and don’t are what is behind or what is the current state.
Well how this fit the concept of Habitat?
- Is Habitat mostly considered an “application layer” only while still requiring an management to drive bootstrap, configuration and CD?
- Is the feature request to control “hab” remotely feasible or in a roadmap?
- How important is the habitat services auto-discovery/registration for your today customers?
- Do you find my requirement for autonomous management of habitat supervisor deployment (similarly as described by https://purpleidea.com/tags/mgmtconfig/) out of scope?