Skip to content

james-lawrence/bw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,176 Commits
.bwconfig
.bwconfig
 
 
.dist
.dist
 
 
.documentation
.documentation
 
 
.examples
.examples
 
 
.protocol
.protocol
 
 
.test
.test
 
 
agent
agent
 
 
agenttestutil
agenttestutil
 
 
agentutil
agentutil
 
 
archive
archive
 
 
awsx
awsx
 
 
backoff
backoff
 
 
bootstrap
bootstrap
 
 
certificatecache
certificatecache
 
 
cluster
cluster
 
 
clustering
clustering
 
 
cmd
cmd
 
 
daemons
daemons
 
 
deployment
deployment
 
 
directives
directives
 
 
dns
dns
 
 
inflaters
inflaters
 
 
internal
internal
 
 
muxer
muxer
 
 
notary
notary
 
 
proxy
proxy
 
 
storage
storage
 
 
ux
ux
 
 
uxterm
uxterm
 
 
vcsinfo
vcsinfo
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
TODO.md
TODO.md
 
 
bearded_wookie_suite_test.go
bearded_wookie_suite_test.go
 
 
bw.go
bw.go
 
 
bw_test.go
bw_test.go
 
 
config.go
config.go
 
 
config_test.go
config_test.go
 
 
environment.go
environment.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
makefile
makefile
 
 
partition.go
partition.go
 
 

Repository files navigation

Bearded Wookie configuration management.

secure, fast, reliable, and self contained configuration management.

security

bearded-wookie uses TLS to encrypt all data transferred between agents and clients.

project goals - how features are decided on and accepted. (no particular order)

  • be a secure, resource efficient, and reliable configuration management tool.
  • no centralized server.
  • no required infrastructure. any additional infrastructure should be optional.
  • low operational complexity. a.k.a easy to use and operate.

quick start - debian package installation

see examples for configuration.

sudo add-apt-repository ppa:jljatone/bw
sudo apt-get update
sudo apt-get install bearded-wookie

quick start - local development (assumes linux).

# install bearded wookie
go install github.com/james-lawrence/bw/cmd/...

# initialize user credentials.
bw me init

# use bearded wookie to bootstrap the local development cluster
rm -rf ~/.cache/bearded-wookie/agent* && bw deploy local linux-dev

systemctl --user restart bearded-wookie-deploy-notifications@agent1.service
systemctl --user restart bearded-wookie@agent{1,2,3,4}.service
bw deploy env linux-test --insecure

quick start - gcloud (assumes a gcloud project, and terraform).

IMPORTANT: quickstart examples don't configure a VPN, a VPN is highly recommended for production environments.

# install bearded wookie
go install github.com/james-lawrence/bw/cmd/...

# initialize user credentials.
bw me init

# setup default gcloud project
gcloud auth application-default login

pushd .examples/gcloud && terraform init && popd
pushd .examples/gcloud && terraform destroy && terraform apply && popd
pushd .examples && bw deploy example && popd

example commands:

  • bw workspace bootstrap creates a deployment workspace. this is a directory + skeleton.
  • bw environment create {name} {address} creates a new environment within the workspace.
  • bw deploy {environment} deploy to the specified environment.
  • bw deploy --canary {environment} deploy to a single consistent server.
  • bw deploy --ip='127.0.0.1' {environment} deploy to the servers that match the given filters.
  • bw deploy archive {environment} {deploymentID} redeploy a previously uploaded archive.
  • bw deploy archive --ip='127.0.0.1' {environment} {deploymentID} filter a redeploy to specific servers.
  • bw info check {address}:{port} checks if the cluster is reachable.

architecture overview

bearded-wookie is built off 4 main protocols.

  • SWIM - a gossip protocol for discovering peers and agent health checks.
  • RAFT - consensus algorithm for shared state, e.g.) current deployment.
  • ACME protocol - for bootstrapping TLS.
  • bittorrent - for transferring deployment archives between servers.

by using these 4 protocols bearded-wookie avoids needing a centralized server, while remaining durable and easy to operate.

Benefits of bearded-wookie:

  • can work entirely inside of a VPN; no need to expose anything outside of the network. (requires using ACME DNS challenge, or a custom certificate authority)
  • durable. unless you literally lose all of the nodes and a majority of your entire cluster simultaneously the cluster will continue to operate.
    • bw does have support for remote bootstrapping, its just not required for normal operation.
  • builtin support for custom bootstrapping services. this allows you to lose a majority of your servers and continue to operating.
    • see bootstrap/filesystem.go for an example. the filesystem example allows you to mount NFS to store the last successful deployment.
  • Lower costs by not needing additional infrastructure just to support deployments.
  • when something does go wrong, bw is easy to repair. just destroy its cache (default /var/cache/bearded-wookie) and reboot the agents.
  • simple configuration simplest configuration is ~ 40 lines between the agent/clients, one port (tcp and udp), and DNS record.

About

self contained cluster configuration management

Topics

agent infrastructure cluster configuration-management

Resources

Readme

License

View license
Activity

Stars

3 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

7 tags

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages