A rudder-lang introduction: ins and outs of our new language

Our development team is constantly improving the RUDDER software. They have to be at the cutting edge of technology. So they give you tips and feedbacks on the codes and techniques they use when they discover something interesting.

This article is the first in a series that will cover the following subject: rudder-lang, an Open Source domain-specific language targeted at state definition designed to offer RUDDER more control over its purposes: Audit and Configuration.

While rudder-lang development started about a year ago with the work of Benoît Peccatte, the discussion about whether or not an internal language was required is a long-standing one. Broadly speaking, the key arguments in favor of this project were the following:

  • Make Configuration As Code as easy, fast and clean as possible. Of course, it works the other way around: the Technique Editor (a web configuration editor) will use rudder-lang as the backend generator.
  • Unify Rudder agents: a unique language that can equally generate techniques for numerous Linux flavors or Windows servers in CFEngine, DSC, and JSON formats.
  • Take RUDDER Audit and Reporting capabilities to a different level, to offer more upwind server side validation for example

This article is about how rudder-lang is going to become a linchpin of the main solution. As of now the language is in an alpha state – its code is now part of the latest major release of Rudder (6.1). But how is rudder-lang integrated into the main solution?

Integration into RUDDER

Currently rudder-lang calls only occur for testing purposes whenever a technique is saved or updated from within the Technique Editor. This is risk-free for the end-user since the technique saved on disk is still generated by the historical library.

By testing purpose we mean the technique is generated by both our stable library and the new compiler, outputs are then compared and logged for improvement.


Once rudder-lang becomes mature enough it will replace the current library. Users will be able to write techniques both as code or through the Editor within a language that has been designed for this usage. This is made possible thanks to the rudderc compiler, developed in Rust, which will be covered in another article.


Advantage no.1: unity

Another reason that led us to start working on such a project is that quite a lot of operating systems are commonly used as IT infrastructures which makes configuration prone to headaches and a complicated subject. rudder-lang mitigates it by offering a single language to configure any supported system, from every major Linux distribution (AIX, Debian, BSD, Solaris, etc) to Windows Servers.

Advantage no.2: compliance & reporting

Yet the benefits of rudder-lang are not constrained to easier writing of configuration code, iteration speed, or unity. It will actually free RUDDER from limitations the current library has. As mentioned the language will dramatically improve several of the solution core abilities.

Among these comes reporting: the current library, which is making use of CFEngine, does not come with out-of-the box reporting and requires considerable efforts for a perfectible result. rudder-lang will allow for more advanced (and thus more provable) compliance reports holding exactly which actions had been performe

Advantage no.3: audit, upwind validation

Speaking of making IT more reliable: RUDDER Audit mode allows to simulate changes without actually modifying the configurations, by opposition to the Enforce mode which applies these directly. Those concepts are represented in our new language so validation before appliance becomes as easy as writing a line of code.


Still, rudder-lang will come with more benefits than previously mentioned. It will offer the opportunity for both better and new concepts implementations packaged in a language tailored for continuous configuration.

I hope this was an interesting reading, expect more articles about the language and its compiler in the upcoming months.

This section allow you to modify the background image of the post template’s header.

Partager ce post

Retour en haut
Rudder robot flamme olympique

Préparez vos systèmes IT pour le marathon des cyberattaques ! En 3 jours, nous installons Rudder sur votre infrastructure et nous renforçons durablement sa sécurité à l’aide des configurations de hardening indispensables.

Détails du module Security management

Ce module a pour objectif de garantir une sécurité et une conformité optimales pour la gestion de votre infrastructure, avec des fonctionnalités pour les entreprises telles que :

Pour en savoir plus sur ce module, consultez la page gestion de la sécurité.

Détails du module configuration & patch management

Ce module vise une performance et une fiabilité optimales pour la gestion de votre infrastructure et de vos patchs, avec des fonctionnalités pour les entreprises telles que :

Pour en savoir plus sur ce module, consultez la page gestion des configurations et des patchs.