Catchy phrase courtesy #meatcloud… But it’s very true. I am continuously surprised by the chasm between the “old generation” of software that jealously demands its priests stay inside the temple, and the “new generation” that lets you do things via API easily. As we’ve been building up a new highly dynamic cloud-based system, we’ve been forced to strongly evaluate our toolset and toss out products with strong “functionality” that can’t be managed well in an automated infrastructure.
Let me say this. If your product requires either a) manual GUI operations or b) a config file alteration and restart, it is not suitable for the new millenium. That’s just a fact.
We needed an LDAP server to hold our auth information. It’s been a while since I’ve done that, so of course OpenLDAP immediately came to mind. So we tried it. But what happens when you want to dynamically add a new replication slave? Oh, you edit a bunch of config files and restart. Well, sure, I’d like my auth system to be offline all the time, but… So we tried OpenDS. The most polished thing in the world? No. Does it have all the huge amount of weird functionality I probably won’t use anyway of OpenLDAP? No. But it does have an administration interface that you can issue directives to and have them take hold in realtime. “Hey dude start replicating with that new box over there OK?” “Sir, yes sir.” “Outstanding.” And since it’s Java, I can deploy it easily to targets in an automated fashion. And even though the docs aren’t all up to date and sometimes you have to go through their interactive command line interface to do something – once you do it, the interface can be told to spit out the command-line version of that so you can automate it. Sold!
The monitoring world is like this too. Oh, we need an open source monitoring system? Like everyone else, Nagios comes first to mind. But then you try to manage a dynamic environment with it. Again, their “solution” is to edit config files and restart parts of the system. I don’t know about you, but my monitoring systems tend to be running a LOT of tests at any given time and hiccups in that make Baby Jesus (and frequently whoever is on call) cry. So we start looking at other options. “Well, you just come here in the UI and click to add!” the sales rep says proudly. “Click,” goes the phone. We end up looking at stuff like Zabbix, Zenoss, etc. In fact, at least for the short term, we are using Cloudkick. In terms of the depth of monitoring, it supports 1/100 of what most monitoring solutions do. System stats mostly; there’s plugins for LDAP and mySQL but that’s about it, the rest is “here’s where you can plug in your own custom agent plugin…” But, as my systems come up they get added to their interface automatically, tagged with my custom namespace. And I’d rather have my systems IN a monitoring system that will give me 10 metrics than OUTSIDE a monitoring system that would give me 1000.
It’s also about agility. We are trying to get these products to market way fast. We don’t have time to become high priests of the “OpenLDAP way of doing things” or the “Nagios way of doing things.” We want something that works upon install, that you can make a call to (ideally REST-based, though command line is acceptable in a pinch, and if there’s an iPhone app for it you get extra credit) in order to tell it what to do. Each of these items is about 1/100 of everything that needs to go into a full working system, and so if I have to spend more than a week to get you working and integrate with you – it’s a dealbreaker. You got away with that back when there weren’t other choices, but now in just about every sector there’s someone who’s figured out that ease of access and REST API for integration plus basic functionality is as valuable as loads of “function points” plus being hellishly crufty.
Heck, we ended up developing our own cloud management stuff because when we looked at the RightScales and whatnot of the world, they did a great job of managing the cloud providers’ direct APIs for you but didn’t then offer an API in return… And that was a dealbreaker. You can’t automate end to end if you come smacking up against a GUI. (Since, RightScale has put out their own API in beta. Good work guys!)
More and more, people are seeing that they need and want the “API way.” If you don’t provide that, then you are effectively obsolete. If I can’t roll up a new system – either with your software or something your software needs to be looking at/managing – and have it join in with the overall system with a couple simple API commands, you’re doing it wrong.
the agile admin 