hypershell - sameen jalal, facebook - devopsdays tel aviv 2016
TRANSCRIPT
Hypershell
Sameen JalalProduction Engineer, Cache -> Security
Hypershell is a push-based massively parallel command execution tool
What is Hypershell?
Hypershell is a push-based massively parallel command execution tool
$ hsh exec <targets> <command>
What is Hypershell?
Hypershell is a push-based massively parallel command execution tool
$ hsh exec <targets> <command> $ hsh deploy <targets> <file> [location]
What is Hypershell?
• Ad hoc queries• Service deployment• System and service configuration• Monitoring and Reporting• Emergency situations• … many other things
What could it be used for?
• Emergency situations• Nothing else!
What SHOULD it be used for?
• Massively scalable• Flexible• Easy to specify targets• Persistent results• Easy to use• Command execution tool works• There is a maintainer
Why was it built?
agent target
ssh
agent vs target
agent target
ssh
agent vs target vs database
database
clusters, racks and arbitrary groups of entities vs database
agents targets
database
server vs agents vs database
agents
tar-gets
cluster / rack /host group
server
database
thrift
server vs clusters of agents vs database = job
server
databases
c1c2
c3
serverCLI / script / origin
job invocationthrift
jobs c1c2
c3c4
c5
c6c7
c8
c9
job 1
job 2
server
origin
• Staged jobs with confirmation between each step• Explicit read-only vs write invocations• Make usage more visible with invocation monitoring• Security logging• Job invocation approval from service owners• Tiered authentication
Features?
“hypershell...”
— Uncle Ben“With great power comes great responsibility.”
— Engineers
Thrift: http://thrift.apache.org/static/files/thrift-20070401.pdf
Services using thrift:https://code.facebook.com/posts/1468950976659943/
Resources