Git Product home page Git Product logo

bw's Introduction

Bearded Wookie configuration management.

secure, fast, reliable, and self contained configuration management.

security

bearded-wookie uses TLS to encrypt all data transferred between agents and clients.

project goals - how features are decided on and accepted. (no particular order)

  • be a secure, resource efficient, and reliable configuration management tool.
  • no centralized server.
  • no required infrastructure. any additional infrastructure should be optional.
  • low operational complexity. a.k.a easy to use and operate.

quick start - debian package installation

see examples for configuration.

sudo add-apt-repository ppa:jljatone/bw
sudo apt-get update
sudo apt-get install bearded-wookie

quick start - local development (assumes linux).

# install bearded wookie
go install github.com/james-lawrence/bw/cmd/...

# initialize user credentials.
bw me init

# use bearded wookie to bootstrap the local development cluster
bw deploy local linux-dev

systemctl --user restart bearded-wookie-pebble.service
rm -rf ~/.cache/bearded-wookie/agent*/tls
systemctl --user restart bearded-wookie@agent{1,2,3,4,5,6,7,8,9,10}.service

pushd .test && bw deploy && popd

# reset local environment
systemctl --user daemon-reload; rm -rf ~/.cache/bearded-wookie/agent*/tls && systemctl --user restart bearded-wookie@agent{1,2,3,4,5,6,7,8,9,10}.service && systemctl --user restart [email protected] && journalctl -f --user-unit [email protected]

go install ./cmd/... && systemctl --user restart bearded-wookie@agent{1,2,3,4}.service && journalctl -f --since -1h --user-unit bearded-wookie@agent1 --user-unit [email protected] --user-unit [email protected] --user-unit [email protected]

quick start - gcloud (assumes a gcloud project, and terraform).

IMPORTANT: quickstart examples don't configure a VPN, a VPN is highly recommended for production environments.

# install bearded wookie
go install github.com/james-lawrence/bw/cmd/...

# initialize user credentials.
bw me init

# setup default gcloud project
gcloud auth application-default login

pushd .examples/gcloud && terraform init && popd
pushd .examples/gcloud && terraform destroy && terraform apply && popd
pushd .examples && bw deploy example && popd

example commands:

  • bw workspace bootstrap creates a deployment workspace. this is a directory + skeleton.
  • bw environment create {name} {address} creates a new environment within the workspace.
  • bw deploy {environment} deploy to the specified environment.
  • bw deploy --canary {environment} deploy to a single consistent server.
  • bw deploy --ip='127.0.0.1' {environment} deploy to the servers that match the given filters.
  • bw deploy archive {environment} {deploymentID} redeploy a previously uploaded archive.
  • bw deploy archive --ip='127.0.0.1' {environment} {deploymentID} filter a redeploy to specific servers.
  • bw info check {address}:{port} checks if the cluster is reachable.

architecture overview

bearded-wookie is built off 4 main protocols.

  • SWIM - a gossip protocol for discovering peers and agent health checks.
  • RAFT - consensus algorithm for shared state, e.g.) current deployment.
  • ACME protocol - for bootstrapping TLS.
  • bittorrent - for transferring deployment archives between servers.

by using these 4 protocols bearded-wookie avoids needing a centralized server, while remaining durable and easy to operate.

Benefits of bearded-wookie:

  • can work entirely inside of a VPN; no need to expose anything outside of the network. (requires using ACME DNS challenge, or a custom certificate authority)
  • durable. unless you literally lose all of the nodes and a majority of your entire cluster simultaneously the cluster will continue to operate.
    • bw does have support for remote bootstrapping, its just not required for normal operation.
  • builtin support for custom bootstrapping services. this allows you to lose a majority of your servers and continue to operating.
    • see bootstrap/filesystem.go for an example. the filesystem example allows you to mount NFS to store the last successful deployment.
  • Lower costs by not needing additional infrastructure just to support deployments.
  • when something does go wrong, bw is easy to repair. just destroy its cache (default /var/cache/bearded-wookie) and reboot the agents.
  • simple configuration simplest configuration is ~ 40 lines between the agent/clients, one port (tcp and udp), and DNS record.

bw's People

Contributors

james-lawrence avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.