Get Your Cloud, See Your Cloud—A Full View with Fugue

One of the most difficult things to understand about the cloud is the shape and extent of your overall application in it, whether you’re manually building your app’s infrastructure using the AWS Console or CLI, or scripting it using CloudFormation or another provisioning tool. Solutions architects, developers, and systems administrators make countless diagrams for customers and internal teams trying to provide a consumable, accurate view of what’s running or what a team would like to deploy. We’ve all learned the hard way that doing this manually is both error prone and quickly out of date.

Fugue’s Composer, part of the original vision of Fugue, maps your application’s cloud infrastructure with automated, interactive diagrams that show your whole system in real time and the relationships between system components. You can zoom and inspect. You can quickly discover configuration errors and compliance policy violations. You’ll see everything in your system with the Composer.

And, it’s naturally paired with Fugue’s Transcriber—your tool to scan existing AWS cloud services in an account and automate their translation for easy Composer mapping. It doesn’t matter how you stood those services up—you can get the full view with Fugue. These new features are in beta. They’re free. They’re packaged with the Fugue Client Tools and available in our Download Portal now. We’re looking forward to your feedback. Here’s the interface, zoomed in to inspect the DynamoDB service in this example—let’s dig into the problems the Composer and Transcriber solve and how they work:

Composer_zoom.png

Solving Problems of Sprawl and Compliance

Imagining how your infrastructure maps out into a system on the cloud is no small feat. You’ll have networks, security groups, IAM roles, load balancers, compute instances, databases, and many other elements in your system. You may have so much deployed by different teams that it’s hard to wrap your mind around it. You may have lost the full view of what’s happening in your cloud. To get a model of how all your app’s services fit together typically requires you to jump around from tab to tab in your web browser to discover the specific details and configuration of a service. Or, you might carefully parse a provisioning script.

Testing out architectures is a time-consuming and expensive proposition when you’ve got no complete view of what’s working together and what the potential pitfalls are. Figuring out how to avoid mistakes before you ever pay to provision is key. Right now, for most businesses, the bill comes just the same from the Cloud Service Provider whether you’re testing intentions and figuring out details or provisioning for a production use case.

Similar problems exist when you’re tackling policy enforcement and standards compliance. Usually when an audit of your infrastructure is performed to ensure that what’s about to be provisioned (or what’s already provisioned and running) is valid, you’ll get a large report. It’s an exhaustive list of services that you’ve declared and whether they or their configuration is in violation of a particular policy or standard. You must sort through possibly thousands of lines of code or navigate the AWS Console to find and fix any policy violations.

The Composer not only fully automates your entire system view with easy zoom and inspection, but it incorporates policy-as-code up front, along with your infrastructure-as-code, in the same declarative language, in one place. Before anything is provisioned, errors in infrastructure declaration and compliance violations are called out clearly. The Composer suggests fixes based on compiler feedback.

It’s This Easy

Once you log in or create an account on the Download Portal, and install the latest Client Tools package, you’ll have the Composer and the Transcriber on your system. Look for it in your Applications folder on MacOS/OS X or in the Programs folder on the Windows Start menu. When you double click, you’ll see a welcome screen (below) that includes one tap to our docs for a quick startup guide and one tap to grab example compositions. A composition serves as the single source of truth for a given application’s cloud deployment. A composition is your declared infrastructure-as-code in one complete view. It’s from the composition that the Composer visualizes your system.

Composer_welcome.png

Compositions are Key

Since a composition is the basis and single source of truth for your cloud, let’s look at a quick example to see both its performance and the Composer’s.

composition

import Fugue.AWS as AWS
import FugueDemoLib as FugueDemoLib

############################################################
# Invocation of 'new' function from imported 'FugueDemoLib'
############################################################

my-demo-app: FugueDemoLib.new {
    region: AWS.Us-west-2,
    asg-min: 2,
    asg-max: 2,
    ddb-read: 5,
    ddb-write: 5
}

One of the best features of Fugue is the ability to define abstractions of your infrastructure as functions in Fugue’s DSL, Ludwig. This allows you to write very clean and simple code that is highly repeatable and easy to use. For example, in the code above, FugueDemoFunction.lw, we’ve abstracted full specs for a variety of cloud services (ASG, EC2, ELB, IAM, VPC, IGW, and DynamoDB) via a library import and a single function, FugueDemoLib. You haven’t lost any of the detail. The Composer will show you the full deployment. You can replicate it across the company and across the world in moments, while still understanding your complete source of truth for all the app’s infrastructure. You can put rules on it that, if violated, prevent teams from provisioning the infrastructure until Composer-suggested fixes are made.

Composerblog_Demo_full.png

Designated personnel can edit the FugueDemo.lw file, which spells out the services in a dozen short code blocks (succinct in its own right), and the library file, FugueDemoLib.lw, which defines the function making our 15 line, easily replicated abstraction possible. Note these files in the Composer’s file browser on the left in the images above and below.

Want to zoom in and inspect the details of the ASG? No problem:

Composerblog_Demo_zoom.png

But, I Don’t Have a Composition for My Running Services

If you have services already spun up in AWS via the AWS Console, CloudFormation, or another provisioning tool, you might be wondering about coding a composition that accurately reflects your infrastructure. That’s what you need to take advantage of the Composer’s visualizations. Ludwig, Fugue’s DSL for compositions shown in the previous section, is easy to learn and write, but automating a composition would be even easier.

Fugue’s Transcriber auto-generates a composition in Ludwig that defines your system and can be immediately visualized with the Composer. After the welcome screen, you’ll see options to open a project directory straightaway in the Composer or to generate a composition with the Transcriber, as shown below:

Composerblog_gcchoice.png

If you choose “Generate Composition,” you'll then enter just a few basic details about your AWS account so that the Transcriber can scan the desired region and services. You have options to include and exclude services and to choose tagged resources. Since the Transcriber is in beta, some services are not yet covered, but they are on the way:

Composerblog_generate.png

Scaling with Interactivity

Back in the Fugue Composer, the layout of the visualizations is intuitive. The Internet is shown as the leftmost part of the full view diagram. As connections are made through services, they fall into tiers to the right. In our example, the flow is:

Internet —> IG/Network —> Load Balancing —> Compute —> Network —> Database

Composerblog_Demo_full.png

Note that you'll see the VPC as a set of brackets around all the infrastructure that is hosted in it. Beneath the brackets are the details for the VPC and its subnets. On the left are the region and CIDR block for the VPC as a whole. On the right, are the subnets along with CIDR blocks and a label that’s used in the rest of the diagram.

Visualizing everything in a composition at the same time would lead to information overload. That’s why the Composer utilizes a zoomable, interactive mapping approach. Interactivity in the visualization helps you navigate the large amount of information a composition can encompass. You see the relationships and connections of different types of services via lines and groupings.

But what about representations of the configuration of an individual service? These configurations are just key-value pairs—the declared properties of a single service. A single service may have many properties, and visualizing all of them for each service within a composition could lead to a messy picture of our infrastructure. In order to prevent this messy-information-overload, the Composer hides low level configuration detail by default. To view that information, you can “inspect” a service by selecting it—one tap. This brings up the Inspector Panel, which allows you to view all of the configuration properties of the selected service and their values with clarity and focus. The inspecting paradigm allows you to control what level of information you want to view.

Whether it's the bird’s eye view of the relationships and connections between services or the configuration of a particular service, the Composer gives you an intuitive way of getting at the information you need.

They're in Beta!

Fugue's Composer and Transcriber are currently in open beta release. We look forward to gathering a great deal of feedback to improve the functionality introduced so far. In addition, a number of improvements and new features will roll out in the coming months. We can’t wait to see your use cases. If you run into an issue or want to submit a feature request, please do here. Keep your eye out for updates! Release notes are always in the Download Portal.

Go Fast. See Everything.
Get Cloud Right.