choreography? you don't need choreography. what you want is orchestration

Who Needs Orchestration?What You Want is Choreography!

Julian Dunn – Product Manager, Chef Software, Inc. – @julian_dunn

What is orchestration?

An ordered set of operationsAcross a set of independent machines

Connected to an orchestrator only via a network.

Humans acting on Visio acting on machinesHumans acting on code acting on machines

An ordered set of operationsDefined in code

Across a set of independent machinesConnected to an orchestrator only via a

network.

tasks: - name: remove host from LB shell: /usr/local/bin/remove_host {{ ansible_hostname }} delegate_to: loadbalancer.example.com

- name: deploy code git: repo=http://github.com/foo/bar.git dest=/var/www/html/ notify: - restart apache

- name: add host to LB shell: /usr/local/bin/add_host {{ ansible_hostname }} delegate_to: loadbalancer.example.com

Failure is hard to recover from

Mark Burgess, the

father of Promise Theory

Promises versus obligations according to P. Elliot Kitten

“You will feed my cat”

“Will you promise to feed my cat?”

“Obligations are far from being a reliable tool for ensuring compliance. If a law-giver wanted to ensure the compliance of an agent, a better strategy would be to obtain a promise from

the agent and to convince it to view the intention as a commitment since the law-giver could never know whether

the agent had indeed committed to the body of the obligation.”

- Bergstra & Burgess, “A Static Theory of Promises”

Individual autonomy beatscommand-and-control

Trying to make promises about the behavior of the other nodes

What is choreography?

Autonomous actors:Make progress towards promised desired stateExpose interfaces to allow others to verify promisesCan promise to take certain behaviors in the face of failure of others

Autonomous actors:Make progress towards promised desired stateExpose interfaces to allow others to verify promisesCan promise to take certain behaviors in the face of failure of others

Chef Search has a foundationbackends = search(:node, ‘role[web]’)# problem: slow update time# problem: depends on single point of synchronization

template ‘/etc/haproxy/haproxy.cfg’ do variables(:backends => backends) … action :reload, ‘service[haproxy]’end

# problem: policy only updated whenever Chef converge happens

What about this?# on the backends themselvesservice ‘httpd’ do action :start notifies :create, ‘template[/etc/haproxy/haproxy.cfg]’, :nodes => ‘loadbalancers’end

Chef, Puppet, Ansible, Salt, etc.

+

• Better coordination across a fleet• Less reliance on external real-time state systems• Useful for workloads of short and long lifespans• Strong security built-in• “mgmt” – https://ttboj.wordpress.com/

What of the future?

Don’t build or choose things requiring orchestrationBuild choreography into configuration management systemsMake configuration management systems fleet-aware, not just node-aware

Conclusions