skip to main content
article
Public Access

Rehearsal: a configuration verification tool for puppet

Published:02 June 2016Publication History
Skip Abstract Section

Abstract

Large-scale data centers and cloud computing have turned system configuration into a challenging problem. Several widely-publicized outages have been blamed not on software bugs, but on configuration bugs. To cope, thousands of organizations use system configuration languages to manage their computing infrastructure. Of these, Puppet is the most widely used with thousands of paying customers and many more open-source users. The heart of Puppet is a domain-specific language that describes the state of a system. Puppet already performs some basic static checks, but they only prevent a narrow range of errors. Furthermore, testing is ineffective because many errors are only triggered under specific machine states that are difficult to predict and reproduce. With several examples, we show that a key problem with Puppet is that configurations can be non-deterministic. This paper presents Rehearsal, a verification tool for Puppet configurations. Rehearsal implements a sound, complete, and scalable determinacy analysis for Puppet. To develop it, we (1) present a formal semantics for Puppet, (2) use several analyses to shrink our models to a tractable size, and (3) frame determinism-checking as decidable formulas for an SMT solver. Rehearsal then leverages the determinacy analysis to check other important properties, such as idempotency. Finally, we apply Rehearsal to several real-world Puppet configurations.

References

  1. Paul Anderson. Towards a High-Level Machine Configuration System. USENIX Large Installation System Administration Conference (LISA), 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Paul Anderson and Herry Herry. A Formal Semantics for the SmartFrog Configuration Language. Journal of Network and Systems Management, 24(2):309–345, 2016. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Esben Andreasen and Anders Møller. Determinacy in Static Analysis for jQuery. ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages and Applications (OOPSLA), 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Konstantine Arkoudas, Karen Zee, Viktor Kuncak, and Martin Rinard. Verifying a file system implementation. International Conference on Formal Engineering Methods (ICFEM), 2004.Google ScholarGoogle ScholarCross RefCross Ref
  5. Augeas. Retrieved Apr 15 2016 from http://augeas.net.Google ScholarGoogle Scholar
  6. Robert L. Bocchino, Jr., Vikram S. Adve, Danny Dig, Sarita V. Adve, Stephen Heumann, Rakesh Komuravelli, Jeffrey Overbey, Patrick Simmons, and Hyojin Sung. A Type and Effect System for Deterministic Parallel Java. ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages and Applications (OOPSLA), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Aaron Bohannon, J. Nathan Foster, Benjamin C. Pierce, Alexandre Pilkiewicz, and Alan Schmitt. Boomerang: Resourceful Lenses for String Data. ACM SIGPLANSIGACT Symposium on Principles of Programming Languages (POPL), 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Jacob Burnim and Koushik Sen. Asserting and Checking Determinism for Multithreaded Programs. Joint Meeting of the European Software Engineering Conference (ESEC) and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Maria Christakis, K. Rustan M. Leino, and Wolfram Schulte. Formalizing and Verifying a Modern Build Language. International Symposium on Formal Methods (FM), 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Thomas Delaet, Wouter Joosen, and Bart Vanbrabant. A survey of system configuration tools. USENIX Large Installation System Administration Conference (LISA), 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Leonardo De Moura and Nikolaj Bjørner. Z3: An Efficient SMT Solver. Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Eelco Dolstra, Andreas Löh, and Nicholas Pierron. NixOS: A Purely Functional Linux Distribution. Journal of Functional Programming, 20(5–6):577–615, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Jeffery Fischer, Rupak Majumdar, and Shahram Esmaeilsabzali. Engage: A Deployment Management System. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Philippa Gardner, Gian Ntzik, and Adam Wright. Local Reasoning about POSIX File Systems. European Symposium on Programming (ESOP), 2014.Google ScholarGoogle Scholar
  15. Arjun Guha, Rian Shambaugh, and Aaron Weiss. Rehearsal. Retrieved Apr 15, 2016 from http://plasma.cs.umass. edu/rehearsal.Google ScholarGoogle Scholar
  16. Bent Hagemark and Kenneth Zadeck. Site: A Language and System for Configuring Many Computers as One Computing Site. USENIX Large Installation System Administration Conference (LISA), 1989.Google ScholarGoogle Scholar
  17. Peng Huang, William J. Bolosky, and Abhishek Singh Yuanyuan Zhou. ConfValley: A Systematic Configuation Validation Framework for Cloud Services. European Conference on Computer Systems (EuroSys), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Waldemar Hummer, Florian Rosenberg, Fábio Oliveira, and Tamar Eilam. Testing Idempotence and Convergence for Infrastructure as Code. ACM/IFIP/USENIX International Middleware Conference, 2013.Google ScholarGoogle Scholar
  19. Ming Kawaguchi, Patrick Rondon, Alexander Bakst, and Ranjit Jhala. Deterministic Parallelism via Liquid Effects. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Puppet Labs. Puppet Features: Idempotency. Retrieved Apr 15, 2016 from http://docs.puppetlabs.com/guides/ introduction.html#idempotency.Google ScholarGoogle Scholar
  21. John McCarthy. Towards a Mathematical Science of Computation. IFIP Congress, 1962.Google ScholarGoogle Scholar
  22. Carroll Morgan and Bernard Sufrin. Specification of the UNIX Filing System. IEEE Transactions on Software Engineering (TSE), 10(2):128–142, 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Tom Ridge, David Sheets, Thomas Tuerk, Anil Madhavapeddy, Andrea Giugliano, and Peter Sewell. SibylFS: formal specification and oracle-based testing for POSIX and real-world file systems. ACM Symposium on Operating Systems Principles (SOSP), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Caitlin Sadowski, Stephen N. Freund, and Cormac Flanagan. SingleTrack: A dynamic determinism checker for multithreaded programs. European Symposium on Programming (ESOP), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Eric Shamow. Inside Puppet: About Determinism. Retrieved Apr 15, 2016 from http://puppetlabs.com/blog/ inside-puppet-about-determinism.Google ScholarGoogle Scholar
  26. Alex Sherman, Philip A. Lisiecki, Andy Berkheimer, and Joel Wein. ACMS: The Akamai Configuration Management System. USENIX Symposium on Networked System Design and Implementation (NSDI), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Chunqiang Tang, Thawan Kooburat, Pradeep Venkatachalam, Akshay Chandler, Zhe Wen, Aravind Narayanan, Patrick Dowell, and Robert Karl. Holistic Configuration Management at Facebook. ACM Symposium on Operating Systems Principles (SOSP), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Chris Tucker, David Shuffleton, Ranjit Jhala, and Sorin Lerner. OPIUM: Optimal Package Install/Uninstall Manager. International Conference on Software Engineering (ICSE), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. David B. Tucker and Shriram Krishnamurthi. Programming Languages for Software Configuration. International Workshop on Software Configuration Management (SCM), 2001.Google ScholarGoogle Scholar
  30. Ubuntu. Details of package golang-go in trusty. Retrieved Apr 15, 2016 from http://packages.ubuntu.com/ trusty/devel/golang-go.Google ScholarGoogle Scholar
  31. Martin Vechev, Eran Yahav, Raghavan Raman, and Vivek Sarkar. Automatic Verification of Determinism for Structured Parallel Programs. International Static Analysis Symposium (SAS), 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Rehearsal: a configuration verification tool for puppet

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 51, Issue 6
        PLDI '16
        June 2016
        726 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2980983
        • Editor:
        • Andy Gill
        Issue’s Table of Contents
        • cover image ACM Conferences
          PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
          June 2016
          726 pages
          ISBN:9781450342612
          DOI:10.1145/2908080
          • General Chair:
          • Chandra Krintz,
          • Program Chair:
          • Emery Berger

        Copyright © 2016 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 2 June 2016

        Check for updates

        Qualifiers

        • article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!