SlideShare a Scribd company logo

Introduction to Chef: Automate Your Infrastructure by Modeling It In Code

Josh Padnick
Josh Padnick

Presentation by Josh Padnick given at Desert Code Camp on April 5, 2014. Introduces OpsCode Chef with a special emphasis on learning the key Chef concepts. Also includes tips & tricks and references to best practices.

EngineeringTechnologyBusiness
1 of 99
Download to read offline
Automate Your Server Configuration! by Modeling It In Code Josh Padnick Desert Code Camp April 5, 2014
Today’s 5-Course Meal • What is Chef and what does it solve? • Key Chef concepts • Where/How you use it • Tips & tricks • Learning more
Our Goal Today: You go home tonight and deploy your first Chef cookbook in 1 - 2 hours.
• Founder & CIO of Omedix • Special interest in Healthcare IT • 10+ years doing web app dev • Strong preference for open source & Java ecosystem Josh Padnick These slides are posted on http://joshpadnick.com
Some Problems from the Server Management World
“The Magic Server” The code doesn't work on any server except the magic server. We're afraid to touch it.
“Just Clone Another Instance” You can’t setup a dev machine quickly, but you're virtualizing and at least you can clone it.
“We have AMIs! But we need to change them :(“ You can clone a server, but your snapshot (AMI) needs to be changed...so you have to rebuild the AMI.
“I have a simple script to deploy! to 10 different servers” The script is small and simple, but deploying it to 10 servers is painful, so updates to this script will not be permitted!
Documentation is time-consuming and always out of date. But we still need to ramp up the new guy. “Documentation is critical…but out of date.”
"Deploying a new server takes too long" ! "This server here is broken so let's spend hours restoring it because launching a new server is too hard." ! "Changing the deployment process will take time we don't have" !
Are you actively managing more than a few servers on an ongoing basis? Welcome to! SERVER MANAGEMENT HELL
What is the underlying issue here? The real problem is STATE.
But wait, haven’t we dealt with state before? Only since 1937 when Alan Turing invented the state machine.
What does the Chef solution look like?
The Servers
The Servers Management Server
The Servers Management Server This guy is the authority on what state each server should be in
The Servers Management Server Local Workstation
The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation
The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation This guy is the authority on what state each server should be in
The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation This guy is the authority on what state each server should be in The DevOps engineer pushes all instructions to the Management Server
Now let’s use all the Chef lingo.
Nodes Chef Server Knife
Nodes Chef Server Knife Write code that describes the state of a node and deploy it to Chef Server
Write code that describes the state of a node and deploy it to Chef Server Has the official record of what each server’s state SHOULD be Nodes Chef Server Knife
Each node periodically polls the Chef Server asking for “update state” instructions Has the official record of what each server’s state SHOULD be Nodes Chef Server Knife
Each node updates its state! based on instructions from the management server. Nodes Chef Server Knife
Nodes Chef Server Knife Each Node’s state has been updated!
Did someone say we’re writing code? • Write it in Ruby 2.x • Chef gives us a Ruby DSL specially for declaring server state • Version-control it with anything, but standard is git
We’ll go into more Chef detail later. Let’s pan out to the 50,000 foot view again.
Chef is considered a Configuration Management! Solution
What is Configuration Management? • A tool used to manage server configuration
 with automation. • Born out of the need for major websites (Amazon, Facebook, Yahoo) to manage huge numbers of servers.
Who Created Chef? Jesse Robbins Adam Jacob Managed lots of Amazon.com servers Real-life fire fighter! Built infrastructure for 15 companies Kept seeing the same patterns!
Alternatives to Chef • Ansible • Saltstack • Puppet
DevOps • Chef merges the worlds of Development (Dev) and SysAdmin (Ops). • Dev: build software, version control, automated testing • Ops: provisioning servers, maintaining servers, monitoring
Let’s talk more about key concepts in Chef.
• The primary currency in Chef is the Cookbook. • That’s the set of code and files we use to tell a server what state to update itself to.
• Sample cookbooks • MySQL • Nginx • Install Java • Update crontab • Update timezone • Add SSH certificates to authorized_certificates
• You can roll your own • But for almost every need, just search GitHub • google “github java cookbook” and choose the best one • Opscode has “Community Cookbooks at http:// community.opscode.com/cookbooks but I find it out of date and incomplete.
Sample Cookbook • Recipes are individual sets of instructions to be executed. • Recipes read values from Attributes for things like:! • Passwords • Filepaths • Usernames • Configuration options for applications
Sample Recipe File
Sample Attributes File
Attributes • How attributes get applied to a recipe are behind much of the perceived complexity of Chef. • We’ll cover this in more detail later.
Let’s see how a cookbook ultimately gets executed on a node.
Nodes Chef Server Knife At your workstation, download or write a new cookbook. Let’s call it “Sample”.
Nodes Chef Server Knife Upload your cookbook to the Chef Server using KNIFE.
Nodes Chef Server Knife Now has the latest version of the “Sample” cookbook.
Nodes Chef Server Knife Use KNIFE to tell CHEF SERVER the RUN-LIST for a specific node.
Nodes Chef Server Knife Now knows that Node 32 should run the “Sample” cookbook.
Nodes Chef Server Knife SSH directly into an individual node (“Node 32”) and run “sudo chef- client” to CONVERGE the node.
Nodes Chef Server Knife Node 32 uses chef-client to contact Chef Server. It get its updated run-list, and executes the run list.
Nodes Chef Server Knife Node 32’s run-list says to run the Sample Cookbook. It runs the latest version of Sample.
Nodes Chef Server Knife Node 32 has now executed all the instructions in the latest version of the “Sample” cookbook
Wait, we have to manually log into each node to update it? • No! In production, we use Roles to specify a run-list. • This way, we only update the Chef Server. Individual nodes poll the Chef Server every X minutes to check for updates.
Where Chef is Used
• Traditional Chef Server • AWS OpsWorks • Clould Management (Scalr & RightScale) • Vagrant
Traditional Chef Server Nodes Chef Server Knife
Traditional Chef Server • Chef Server comes in Open Source or Enterprise Edition • Chef Server is “on premise” or hosted by Opsworks
Enterprise Chef Pricing http://www.getchef.com/enterprise-chef/#plans-pricing
AWS OpsWorks Local Workstation
Different Flavors of Chef-Client • Server Mode • Chef Solo Mode • Local Mode
Cloud Management Services (e.g. Scalr & RightScale) Nodes Local Workstation
• It’s a command-line interface to virtual machine software like VirtualBox or VMWAre.
• You can combine Chef’s cookbooks, VirtualBox (a free VM provider), and Vagrant to run chef cookbooks directly on local VM’s! • The same cookbooks that define your infrastructure can now define your local dev environment.
• Get the latest cookbooks on your local machine • Run a bunch of VM’s with VirtualBox and Vagrant • Update the VM’s with Chef cookbooks Local Workstation
Remaining Chef Concepts
http://docs.opscode.com/chef_overview.html
Remaining Concepts We’ll Talk About • Roles • Environments • Data Bags • Ohai • Source Control & Chef
Remaining Concepts We Won’t Cover • Resources • Providers • LWRPs
All those remaining concepts we’ll cover fall into two buckets: 1. Attributes 2. Run-lists
Attributes • Can be set in multiple places
Ohai • It’s a program that runs on each node and supplies attribute info specific to that node. • Examples • What OS the node is running • How much hard drive space • How much memory is available • Linux kernel version
Roles • The Run-List is usually the same for all servers at the same “layer” in the stack and different across layers. Runlist[Apt, Sample, Apache] Runlist[Apt, Java, Tomcat, JBoss] Runlist[Apt, Postgres, Newrelic] “web” Role “app” Role “db” Role
Roles • Roles can also specify attributes that OVERRIDE the “default” attributes set in the Recipe. • When a new node is created (“bootstrapped”) it is best practice to explicitly identify which Role it belongs to. • Roles are declared as a simple JSON file and uploaded to Chef Server using Knife.
Nodes Chef Server Knife
Nodes Chef Server Knife Use KNIFE to bootstrap a new NODE with the “web” ROLE.
Nodes Chef Server Knife A new NODE exists that is assigned to the “web” role
Nodes Chef Server Knife Use KNIFE to update the “web” ROLE to add a new RECIPE to the RUN-LIST.
Nodes Chef Server Knife The “web” role has been updated.
Nodes Chef Server Knife New Node polls the CHEF SERVER every X minutes to look for updates.
Nodes Chef Server Knife The “web” ROLE now includes a new RECIPE so download this COOKBOOK and run the RECIPE
Nodes Chef Server Knife All nodes in the “web” role have “CONVERGED.”
Sample Role
Environments • We typically have a PROD and DEV. Maybe QA and STAGING, or others. • Environments are just another label to assign to a node so that it gets the right attributes. • Just like Roles! But with a different name and intent.
Data Bags • Data Bags are a global source of attributes that any recipe can call upon. • They work great for global attributes • Not so great for secrets like passwords. More on this later.
Source Control & Chef • Your local chef repo should be cloned from https:// github.com/opscode/chef-repo. • Then commit it to your own Git repo so you can version-control changes to Cookbooks, Roles, Environments, Data Bags, etc. • Now you version-control your infrastructure just like your code itself!
Attribute Hierarchy • Hard to learn just by looking. Learn by doing.
Tips & Tricks Also hard to remember. Intended for reference!
Storing Secrets in Your Infrastructure • This is a very hard problem! Let’s look at some options. • Option 1: The official Chef solution is encrypted data bags. But the main problem is all nodes and the Chef server share the same symmetric encryption key :(. So how do we securely transport and protect that key? • Option 2: Nordstrom uses Chef and created something called Chef Vault to replace the symmetric encryption key of encrypted data bags with public key infrastructure. Works well, but creates the “chicken and egg” problem where a server can’t register itself with chef-vault until it’s bootstrapped, but needs secrets from chef-vault to bootstrap itself. • BEST OPTION for AWS! Option 3: Use Citadel. (https://github.com/ balanced-cookbooks/citadel). Store all your secrets in an S3 bucket. Lock down S3 with AWS IAM Users. Assign each EC2 instance (node) to an IAM Role which automatically grants access to that instance to the S3 buckets we specify. No keys to manage b/c Amazon does it for us!
Open Source Chef Server Tips • Follow the instructions at http://docs.opscode.com/install_server.html • Go to http://www.getchef.com/chef/install/ to get the URL for the file download • To setup the Fully Qualified Domain Name (i.e. hostname) for Ubuntu, do this: • Setup a DNS name for the server (chef.mybiz.com) • sudo vim /etc/hostname and enter the hostname to handle server reboots • sudo hostname chef.mybiz.com to change the hostname for the current session 
 • Immediately setup a user/pass for yourself so that admin remains a "root" account. • For AWS, a m1.small instance is sufficient for now. • You will need backup and monitoring for this server. • See http://www.getchef.com/blog/2013/03/11/chef-11-server-up-and-running/ for more info. • You can bootstrap Chef Server with Chef Solo! See https://github.com/opscode-cookbooks/ chef-server
Tips for Setting Up Knife • When you run knife configure --initial use your local paths for the admin.pem and the chef- validator.pem • At some point, you'll need to download files from /etc/chef-server folder on the Chef Server in order to get Knife up and running. • You'll need to modify your knife.rb file (e.g. to point to your cookbooks path) to get things working right. Errors caused by this are not well documented. Here's my knife.rb: Joshs-MacBook-Pro:.chef josh$ vim knife.rb ! ! log_level :info! log_location STDOUT! node_name 'josh'! client_key '/Users/josh/.chef/josh.pem'! validation_client_name 'chef-validator'! validation_key '/repos/chef-repo/.chef/chef-validator.pem'! chef_server_url 'https://chef.projname.mybiz.com'! syntax_check_cache_path '/Users/josh/.chef/syntax_check_cache'! cookbook_path '/repos/chef-repo/cookbooks'! knife[:aws_access_key_id] = "Your AWS Access Key ID"! knife[:aws_secret_access_key] = "Your AWS Secret Access Key"! knife[:region] = "us-west-2"! knife[:vpc_id] = "vpc-XXXXXXX"
Writing Cookbooks • Having a fast feedback loop is key. Also don’t want to rack up AWS costs. • Ideal environment for writing cookbooks is EC2 tiny instances with a Chef Server or use Chef Solo with Vagrant. • Use test-kitchen to help manage your Vagrant environment. • User berkshelf to help manage cookbook dependencies (if it’s getting out of hand)
Helpful Ruby Tips • I knew zero Ruby when I started and got by fine. Here are the only confusing things I encountered: • In Ruby, :stringLiteral is called a “symbol” and is equivalent to “stringLiteral”. See http://www.reactive.io/tips/2009/01/11/the-difference- between-ruby-symbols-and-strings/ • A “heredoc” refers simply to a multiline string and is begun by <<EOH and ended with EOH on a newline. • Everything else is pretty straightforward.
Getting Started & Learning More
Start with These Milestones 1. Setup Chef Server (hosted or on-premise) 2. Setup Knife 3. Setup Vagrant environment 4. Write (or download) Cookbooks!
Where to Learn • Start here: https://learnchef.opscode.com. Screencasts are a perfect place to begin. • Then go to http://docs.opscode.com (walkthrough) for more info. • Check out http://gettingstartedwithchef.com as another reference. • Study other people’s cookbooks to get ideas. The postgresql cookbook is very well done. • #chef on IRC was very helpful for me. • The initial learning curve is somewhat steep, but it quickly becomes fun!
My Favorite Chef Books
El Fin 
 Now go cook something delicious!

Recommended

Automating Infrastructure with Chef
Automating Infrastructure with ChefAutomating Infrastructure with Chef
Automating Infrastructure with ChefJennifer Davis
 
Introduction to Chef - April 22 2015
Introduction to Chef - April 22 2015Introduction to Chef - April 22 2015
Introduction to Chef - April 22 2015Jennifer Davis
 
Introduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitIntroduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitJennifer Davis
 
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...Chef Software, Inc.
 
Opscode Webinar: Managing Your VMware Infrastructure with Chef
Opscode Webinar: Managing Your VMware Infrastructure with ChefOpscode Webinar: Managing Your VMware Infrastructure with Chef
Opscode Webinar: Managing Your VMware Infrastructure with ChefChef Software, Inc.
 
Chef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Software, Inc.
 
Azure handsonlab
Azure handsonlabAzure handsonlab
Azure handsonlabChef
 
Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Chef
 

Recommended

Automating Infrastructure with Chef
Automating Infrastructure with ChefAutomating Infrastructure with Chef
Automating Infrastructure with ChefJennifer Davis
 
Introduction to Chef - April 22 2015
Introduction to Chef - April 22 2015Introduction to Chef - April 22 2015
Introduction to Chef - April 22 2015Jennifer Davis
 
Introduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitIntroduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitJennifer Davis
 
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...
Chef Fundamentals Training Series Module 3: Setting up Nodes and Cookbook Aut...Chef Software, Inc.
 
Opscode Webinar: Managing Your VMware Infrastructure with Chef
Opscode Webinar: Managing Your VMware Infrastructure with ChefOpscode Webinar: Managing Your VMware Infrastructure with Chef
Opscode Webinar: Managing Your VMware Infrastructure with ChefChef Software, Inc.
 
Chef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Software, Inc.
 
Azure handsonlab
Azure handsonlabAzure handsonlab
Azure handsonlabChef
 
Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Chef
 
Chef-Zero & Local Mode
Chef-Zero & Local ModeChef-Zero & Local Mode
Chef-Zero & Local ModeMichael Goetz
 
Understand Chef
Understand ChefUnderstand Chef
Understand Chefdevopsjourney
 
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Chef
 
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...Chef Software, Inc.
 
Chef Cookbook Workflow
Chef Cookbook WorkflowChef Cookbook Workflow
Chef Cookbook WorkflowAmazon Web Services
 
Server Installation and Configuration with Chef
Server Installation and Configuration with ChefServer Installation and Configuration with Chef
Server Installation and Configuration with ChefRaimonds Simanovskis
 
Infrastructure Automation with Chef
Infrastructure Automation with ChefInfrastructure Automation with Chef
Infrastructure Automation with ChefJonathan Weiss
 
Velocity2011 chef-workshop
Velocity2011 chef-workshopVelocity2011 chef-workshop
Velocity2011 chef-workshopjtimberman
 
Infrastructure as Code with Chef
Infrastructure as Code with ChefInfrastructure as Code with Chef
Infrastructure as Code with ChefSarah Hynes Cheney
 
Chef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation SetupChef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation SetupChef Software, Inc.
 
Chef fundamentals
Chef fundamentalsChef fundamentals
Chef fundamentalsYgor Nascimento
 
AWS Meetup - Sydney - February
AWS Meetup - Sydney - February AWS Meetup - Sydney - February
AWS Meetup - Sydney - February markghiasy
 
Chef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK BoxChef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK BoxChef Software, Inc.
 
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Chef
 
Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )Pravin Mishra
 
Automating your infrastructure with Chef
Automating your infrastructure with ChefAutomating your infrastructure with Chef
Automating your infrastructure with ChefJohn Ewart
 
Chef, Devops, and You
Chef, Devops, and YouChef, Devops, and You
Chef, Devops, and YouBryan Berry
 
Introduction to chef
Introduction to chefIntroduction to chef
Introduction to chefDamith Kothalawala
 
Introduction to Chef
Introduction to ChefIntroduction to Chef
Introduction to ChefKnoldus Inc.
 
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Simplilearn
 
Chef: Smart infrastructure automation
Chef: Smart infrastructure automationChef: Smart infrastructure automation
Chef: Smart infrastructure automationJohannes H. P. Skov Frandsen
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAmazon Web Services
 

More Related Content

What's hot

Chef-Zero & Local Mode
Chef-Zero & Local ModeChef-Zero & Local Mode
Chef-Zero & Local ModeMichael Goetz
 
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Chef
 
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...Chef Software, Inc.
 
Server Installation and Configuration with Chef
Server Installation and Configuration with ChefServer Installation and Configuration with Chef
Server Installation and Configuration with ChefRaimonds Simanovskis
 
Infrastructure Automation with Chef
Infrastructure Automation with ChefInfrastructure Automation with Chef
Infrastructure Automation with ChefJonathan Weiss
 
Velocity2011 chef-workshop
Velocity2011 chef-workshopVelocity2011 chef-workshop
Velocity2011 chef-workshopjtimberman
 
Infrastructure as Code with Chef
Infrastructure as Code with ChefInfrastructure as Code with Chef
Infrastructure as Code with ChefSarah Hynes Cheney
 
Chef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation SetupChef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation SetupChef Software, Inc.
 
AWS Meetup - Sydney - February
AWS Meetup - Sydney - February AWS Meetup - Sydney - February
AWS Meetup - Sydney - February markghiasy
 
Chef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK BoxChef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK BoxChef Software, Inc.
 
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Chef
 
Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )Pravin Mishra
 
Automating your infrastructure with Chef
Automating your infrastructure with ChefAutomating your infrastructure with Chef
Automating your infrastructure with ChefJohn Ewart
 
Chef, Devops, and You
Chef, Devops, and YouChef, Devops, and You
Chef, Devops, and YouBryan Berry
 
Introduction to Chef
Introduction to ChefIntroduction to Chef
Introduction to ChefKnoldus Inc.
 
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Simplilearn
 

What's hot (20)

Chef-Zero & Local Mode
Chef-Zero & Local ModeChef-Zero & Local Mode
Chef-Zero & Local Mode
 
Understand Chef
Understand ChefUnderstand Chef
Understand Chef
 
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6
 
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
Chef Fundamentals Training Series Module 6: Roles, Environments, Community Co...
 
Chef Cookbook Workflow
Chef Cookbook WorkflowChef Cookbook Workflow
Chef Cookbook Workflow
 
Server Installation and Configuration with Chef
Server Installation and Configuration with ChefServer Installation and Configuration with Chef
Server Installation and Configuration with Chef
 
Infrastructure Automation with Chef
Infrastructure Automation with ChefInfrastructure Automation with Chef
Infrastructure Automation with Chef
 
Velocity2011 chef-workshop
Velocity2011 chef-workshopVelocity2011 chef-workshop
Velocity2011 chef-workshop
 
Infrastructure as Code with Chef
Infrastructure as Code with ChefInfrastructure as Code with Chef
Infrastructure as Code with Chef
 
Chef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation SetupChef Fundamentals Training Series Module 2: Workstation Setup
Chef Fundamentals Training Series Module 2: Workstation Setup
 
Chef fundamentals
Chef fundamentalsChef fundamentals
Chef fundamentals
 
AWS Meetup - Sydney - February
AWS Meetup - Sydney - February AWS Meetup - Sydney - February
AWS Meetup - Sydney - February
 
Chef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK BoxChef ignited a DevOps revolution – BK Box
Chef ignited a DevOps revolution – BK Box
 
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2
 
Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )Overview of chef ( Infrastructure as a Code )
Overview of chef ( Infrastructure as a Code )
 
Automating your infrastructure with Chef
Automating your infrastructure with ChefAutomating your infrastructure with Chef
Automating your infrastructure with Chef
 
Chef, Devops, and You
Chef, Devops, and YouChef, Devops, and You
Chef, Devops, and You
 
Introduction to chef
Introduction to chefIntroduction to chef
Introduction to chef
 
Introduction to Chef
Introduction to ChefIntroduction to Chef
Introduction to Chef
 
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...
 

Similar to Introduction to Chef: Automate Your Infrastructure by Modeling It In Code

Chef for Openstack
Chef for OpenstackChef for Openstack
Chef for OpenstackMohit Sethi
 
Introduction to OpsWorks for Chef Automate
Introduction to OpsWorks for Chef AutomateIntroduction to OpsWorks for Chef Automate
Introduction to OpsWorks for Chef AutomateAmazon Web Services
 
Chef onlinuxonpower
Chef onlinuxonpowerChef onlinuxonpower
Chef onlinuxonpowerMoya Brannan
 
Cook Infrastructure with chef -- Justeat.IN
Cook Infrastructure with chef -- Justeat.INCook Infrastructure with chef -- Justeat.IN
Cook Infrastructure with chef -- Justeat.INRajesh Hegde
 
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)Amazon Web Services
 
Using Nagios with Chef
Using Nagios with ChefUsing Nagios with Chef
Using Nagios with ChefBryan McLellan
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Productiondevopsdaysaustin
 
Laravel Forge: Hello World to Hello Production
Laravel Forge: Hello World to Hello ProductionLaravel Forge: Hello World to Hello Production
Laravel Forge: Hello World to Hello ProductionJoe Ferguson
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lesssarahnovotny
 
Configuration Management in the Cloud - AWS Online Tech Talks
Configuration Management in the Cloud - AWS Online Tech TalksConfiguration Management in the Cloud - AWS Online Tech Talks
Configuration Management in the Cloud - AWS Online Tech TalksAmazon Web Services
 
Mitchell Hashimoto, HashiCorp
Mitchell Hashimoto, HashiCorpMitchell Hashimoto, HashiCorp
Mitchell Hashimoto, HashiCorpOntico
 
Chef at WebMD
Chef at WebMDChef at WebMD
Chef at WebMDadamleff
 
Introduction to Cooking with Chef
Introduction to Cooking with ChefIntroduction to Cooking with Chef
Introduction to Cooking with ChefJohn Osborne
 
Ignite Talk on Chef
Ignite Talk on ChefIgnite Talk on Chef
Ignite Talk on ChefBob Nowadly
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef frameworkmorgoth
 

Similar to Introduction to Chef: Automate Your Infrastructure by Modeling It In Code (20)

Chef: Smart infrastructure automation
Chef: Smart infrastructure automationChef: Smart infrastructure automation
Chef: Smart infrastructure automation
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef Automate
 
Chef for Openstack
Chef for OpenstackChef for Openstack
Chef for Openstack
 
Chef for openstack
Chef for openstackChef for openstack
Chef for openstack
 
Learning chef
Learning chefLearning chef
Learning chef
 
DevOps
DevOpsDevOps
DevOps
 
Introduction to OpsWorks for Chef Automate
Introduction to OpsWorks for Chef AutomateIntroduction to OpsWorks for Chef Automate
Introduction to OpsWorks for Chef Automate
 
Chef onlinuxonpower
Chef onlinuxonpowerChef onlinuxonpower
Chef onlinuxonpower
 
Cook Infrastructure with chef -- Justeat.IN
Cook Infrastructure with chef -- Justeat.INCook Infrastructure with chef -- Justeat.IN
Cook Infrastructure with chef -- Justeat.IN
 
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)
 
Using Nagios with Chef
Using Nagios with ChefUsing Nagios with Chef
Using Nagios with Chef
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
 
Laravel Forge: Hello World to Hello Production
Laravel Forge: Hello World to Hello ProductionLaravel Forge: Hello World to Hello Production
Laravel Forge: Hello World to Hello Production
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or less
 
Configuration Management in the Cloud - AWS Online Tech Talks
Configuration Management in the Cloud - AWS Online Tech TalksConfiguration Management in the Cloud - AWS Online Tech Talks
Configuration Management in the Cloud - AWS Online Tech Talks
 
Mitchell Hashimoto, HashiCorp
Mitchell Hashimoto, HashiCorpMitchell Hashimoto, HashiCorp
Mitchell Hashimoto, HashiCorp
 
Chef at WebMD
Chef at WebMDChef at WebMD
Chef at WebMD
 
Introduction to Cooking with Chef
Introduction to Cooking with ChefIntroduction to Cooking with Chef
Introduction to Cooking with Chef
 
Ignite Talk on Chef
Ignite Talk on ChefIgnite Talk on Chef
Ignite Talk on Chef
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef framework
 

Recently uploaded

Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGSIVASHANKAR N
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 

Recently uploaded (20)

Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 

Introduction to Chef: Automate Your Infrastructure by Modeling It In Code

  • 1. Automate Your Server Configuration! by Modeling It In Code Josh Padnick Desert Code Camp April 5, 2014
  • 2. Today’s 5-Course Meal • What is Chef and what does it solve? • Key Chef concepts • Where/How you use it • Tips & tricks • Learning more
  • 3. Our Goal Today: You go home tonight and deploy your first Chef cookbook in 1 - 2 hours.
  • 4. • Founder & CIO of Omedix • Special interest in Healthcare IT • 10+ years doing web app dev • Strong preference for open source & Java ecosystem Josh Padnick These slides are posted on http://joshpadnick.com
  • 5. Some Problems from the Server Management World
  • 6. “The Magic Server” The code doesn't work on any server except the magic server. We're afraid to touch it.
  • 7. “Just Clone Another Instance” You can’t setup a dev machine quickly, but you're virtualizing and at least you can clone it.
  • 8. “We have AMIs! But we need to change them :(“ You can clone a server, but your snapshot (AMI) needs to be changed...so you have to rebuild the AMI.
  • 9. “I have a simple script to deploy! to 10 different servers” The script is small and simple, but deploying it to 10 servers is painful, so updates to this script will not be permitted!
  • 10. Documentation is time-consuming and always out of date. But we still need to ramp up the new guy. “Documentation is critical…but out of date.”
  • 11. "Deploying a new server takes too long" ! "This server here is broken so let's spend hours restoring it because launching a new server is too hard." ! "Changing the deployment process will take time we don't have" !
  • 12. Are you actively managing more than a few servers on an ongoing basis? Welcome to! SERVER MANAGEMENT HELL
  • 13. What is the underlying issue here? The real problem is STATE.
  • 14. But wait, haven’t we dealt with state before? Only since 1937 when Alan Turing invented the state machine.
  • 15. What does the Chef solution look like?
  • 18. The Servers Management Server This guy is the authority on what state each server should be in
  • 19. The Servers Management Server Local Workstation
  • 20. The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation
  • 21. The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation This guy is the authority on what state each server should be in
  • 22. The Servers Each of these guys installs an agent called the CHEF CLIENT Management Server Local Workstation This guy is the authority on what state each server should be in The DevOps engineer pushes all instructions to the Management Server
  • 23. Now let’s use all the Chef lingo.
  • 25. Nodes Chef Server Knife Write code that describes the state of a node and deploy it to Chef Server
  • 26. Write code that describes the state of a node and deploy it to Chef Server Has the official record of what each server’s state SHOULD be Nodes Chef Server Knife
  • 27. Each node periodically polls the Chef Server asking for “update state” instructions Has the official record of what each server’s state SHOULD be Nodes Chef Server Knife
  • 28. Each node updates its state! based on instructions from the management server. Nodes Chef Server Knife
  • 29. Nodes Chef Server Knife Each Node’s state has been updated!
  • 30. Did someone say we’re writing code? • Write it in Ruby 2.x • Chef gives us a Ruby DSL specially for declaring server state • Version-control it with anything, but standard is git
  • 31. We’ll go into more Chef detail later. Let’s pan out to the 50,000 foot view again.
  • 32. Chef is considered a Configuration Management! Solution
  • 33. What is Configuration Management? • A tool used to manage server configuration
 with automation. • Born out of the need for major websites (Amazon, Facebook, Yahoo) to manage huge numbers of servers.
  • 34. Who Created Chef? Jesse Robbins Adam Jacob Managed lots of Amazon.com servers Real-life fire fighter! Built infrastructure for 15 companies Kept seeing the same patterns!
  • 35. Alternatives to Chef • Ansible • Saltstack • Puppet
  • 36. DevOps • Chef merges the worlds of Development (Dev) and SysAdmin (Ops). • Dev: build software, version control, automated testing • Ops: provisioning servers, maintaining servers, monitoring
  • 37. Let’s talk more about key concepts in Chef.
  • 38. • The primary currency in Chef is the Cookbook. • That’s the set of code and files we use to tell a server what state to update itself to.
  • 39. • Sample cookbooks • MySQL • Nginx • Install Java • Update crontab • Update timezone • Add SSH certificates to authorized_certificates
  • 40. • You can roll your own • But for almost every need, just search GitHub • google “github java cookbook” and choose the best one • Opscode has “Community Cookbooks at http:// community.opscode.com/cookbooks but I find it out of date and incomplete.
  • 41. Sample Cookbook • Recipes are individual sets of instructions to be executed. • Recipes read values from Attributes for things like:! • Passwords • Filepaths • Usernames • Configuration options for applications
  • 44. Attributes • How attributes get applied to a recipe are behind much of the perceived complexity of Chef. • We’ll cover this in more detail later.
  • 45. Let’s see how a cookbook ultimately gets executed on a node.
  • 46. Nodes Chef Server Knife At your workstation, download or write a new cookbook. Let’s call it “Sample”.
  • 47. Nodes Chef Server Knife Upload your cookbook to the Chef Server using KNIFE.
  • 48. Nodes Chef Server Knife Now has the latest version of the “Sample” cookbook.
  • 49. Nodes Chef Server Knife Use KNIFE to tell CHEF SERVER the RUN-LIST for a specific node.
  • 50. Nodes Chef Server Knife Now knows that Node 32 should run the “Sample” cookbook.
  • 51. Nodes Chef Server Knife SSH directly into an individual node (“Node 32”) and run “sudo chef- client” to CONVERGE the node.
  • 52. Nodes Chef Server Knife Node 32 uses chef-client to contact Chef Server. It get its updated run-list, and executes the run list.
  • 53. Nodes Chef Server Knife Node 32’s run-list says to run the Sample Cookbook. It runs the latest version of Sample.
  • 54. Nodes Chef Server Knife Node 32 has now executed all the instructions in the latest version of the “Sample” cookbook
  • 55. Wait, we have to manually log into each node to update it? • No! In production, we use Roles to specify a run-list. • This way, we only update the Chef Server. Individual nodes poll the Chef Server every X minutes to check for updates.
  • 57. • Traditional Chef Server • AWS OpsWorks • Clould Management (Scalr & RightScale) • Vagrant
  • 59. Traditional Chef Server • Chef Server comes in Open Source or Enterprise Edition • Chef Server is “on premise” or hosted by Opsworks
  • 62. Different Flavors of Chef-Client • Server Mode • Chef Solo Mode • Local Mode
  • 63. Cloud Management Services (e.g. Scalr & RightScale) Nodes Local Workstation
  • 64. • It’s a command-line interface to virtual machine software like VirtualBox or VMWAre.
  • 65. • You can combine Chef’s cookbooks, VirtualBox (a free VM provider), and Vagrant to run chef cookbooks directly on local VM’s! • The same cookbooks that define your infrastructure can now define your local dev environment.
  • 66. • Get the latest cookbooks on your local machine • Run a bunch of VM’s with VirtualBox and Vagrant • Update the VM’s with Chef cookbooks Local Workstation
  • 69. Remaining Concepts We’ll Talk About • Roles • Environments • Data Bags • Ohai • Source Control & Chef
  • 70. Remaining Concepts We Won’t Cover • Resources • Providers • LWRPs
  • 71. All those remaining concepts we’ll cover fall into two buckets: 1. Attributes 2. Run-lists
  • 72. Attributes • Can be set in multiple places
  • 73. Ohai • It’s a program that runs on each node and supplies attribute info specific to that node. • Examples • What OS the node is running • How much hard drive space • How much memory is available • Linux kernel version
  • 74. Roles • The Run-List is usually the same for all servers at the same “layer” in the stack and different across layers. Runlist[Apt, Sample, Apache] Runlist[Apt, Java, Tomcat, JBoss] Runlist[Apt, Postgres, Newrelic] “web” Role “app” Role “db” Role
  • 75. Roles • Roles can also specify attributes that OVERRIDE the “default” attributes set in the Recipe. • When a new node is created (“bootstrapped”) it is best practice to explicitly identify which Role it belongs to. • Roles are declared as a simple JSON file and uploaded to Chef Server using Knife.
  • 77. Nodes Chef Server Knife Use KNIFE to bootstrap a new NODE with the “web” ROLE.
  • 78. Nodes Chef Server Knife A new NODE exists that is assigned to the “web” role
  • 79. Nodes Chef Server Knife Use KNIFE to update the “web” ROLE to add a new RECIPE to the RUN-LIST.
  • 80. Nodes Chef Server Knife The “web” role has been updated.
  • 81. Nodes Chef Server Knife New Node polls the CHEF SERVER every X minutes to look for updates.
  • 82. Nodes Chef Server Knife The “web” ROLE now includes a new RECIPE so download this COOKBOOK and run the RECIPE
  • 83. Nodes Chef Server Knife All nodes in the “web” role have “CONVERGED.”
  • 85. Environments • We typically have a PROD and DEV. Maybe QA and STAGING, or others. • Environments are just another label to assign to a node so that it gets the right attributes. • Just like Roles! But with a different name and intent.
  • 86. Data Bags • Data Bags are a global source of attributes that any recipe can call upon. • They work great for global attributes • Not so great for secrets like passwords. More on this later.
  • 87. Source Control & Chef • Your local chef repo should be cloned from https:// github.com/opscode/chef-repo. • Then commit it to your own Git repo so you can version-control changes to Cookbooks, Roles, Environments, Data Bags, etc. • Now you version-control your infrastructure just like your code itself!
  • 88. Attribute Hierarchy • Hard to learn just by looking. Learn by doing.
  • 89. Tips & Tricks Also hard to remember. Intended for reference!
  • 90. Storing Secrets in Your Infrastructure • This is a very hard problem! Let’s look at some options. • Option 1: The official Chef solution is encrypted data bags. But the main problem is all nodes and the Chef server share the same symmetric encryption key :(. So how do we securely transport and protect that key? • Option 2: Nordstrom uses Chef and created something called Chef Vault to replace the symmetric encryption key of encrypted data bags with public key infrastructure. Works well, but creates the “chicken and egg” problem where a server can’t register itself with chef-vault until it’s bootstrapped, but needs secrets from chef-vault to bootstrap itself. • BEST OPTION for AWS! Option 3: Use Citadel. (https://github.com/ balanced-cookbooks/citadel). Store all your secrets in an S3 bucket. Lock down S3 with AWS IAM Users. Assign each EC2 instance (node) to an IAM Role which automatically grants access to that instance to the S3 buckets we specify. No keys to manage b/c Amazon does it for us!
  • 91. Open Source Chef Server Tips • Follow the instructions at http://docs.opscode.com/install_server.html • Go to http://www.getchef.com/chef/install/ to get the URL for the file download • To setup the Fully Qualified Domain Name (i.e. hostname) for Ubuntu, do this: • Setup a DNS name for the server (chef.mybiz.com) • sudo vim /etc/hostname and enter the hostname to handle server reboots • sudo hostname chef.mybiz.com to change the hostname for the current session 
 • Immediately setup a user/pass for yourself so that admin remains a "root" account. • For AWS, a m1.small instance is sufficient for now. • You will need backup and monitoring for this server. • See http://www.getchef.com/blog/2013/03/11/chef-11-server-up-and-running/ for more info. • You can bootstrap Chef Server with Chef Solo! See https://github.com/opscode-cookbooks/ chef-server
  • 92. Tips for Setting Up Knife • When you run knife configure --initial use your local paths for the admin.pem and the chef- validator.pem • At some point, you'll need to download files from /etc/chef-server folder on the Chef Server in order to get Knife up and running. • You'll need to modify your knife.rb file (e.g. to point to your cookbooks path) to get things working right. Errors caused by this are not well documented. Here's my knife.rb: Joshs-MacBook-Pro:.chef josh$ vim knife.rb ! ! log_level :info! log_location STDOUT! node_name 'josh'! client_key '/Users/josh/.chef/josh.pem'! validation_client_name 'chef-validator'! validation_key '/repos/chef-repo/.chef/chef-validator.pem'! chef_server_url 'https://chef.projname.mybiz.com'! syntax_check_cache_path '/Users/josh/.chef/syntax_check_cache'! cookbook_path '/repos/chef-repo/cookbooks'! knife[:aws_access_key_id] = "Your AWS Access Key ID"! knife[:aws_secret_access_key] = "Your AWS Secret Access Key"! knife[:region] = "us-west-2"! knife[:vpc_id] = "vpc-XXXXXXX"
  • 93. Writing Cookbooks • Having a fast feedback loop is key. Also don’t want to rack up AWS costs. • Ideal environment for writing cookbooks is EC2 tiny instances with a Chef Server or use Chef Solo with Vagrant. • Use test-kitchen to help manage your Vagrant environment. • User berkshelf to help manage cookbook dependencies (if it’s getting out of hand)
  • 94. Helpful Ruby Tips • I knew zero Ruby when I started and got by fine. Here are the only confusing things I encountered: • In Ruby, :stringLiteral is called a “symbol” and is equivalent to “stringLiteral”. See http://www.reactive.io/tips/2009/01/11/the-difference- between-ruby-symbols-and-strings/ • A “heredoc” refers simply to a multiline string and is begun by <<EOH and ended with EOH on a newline. • Everything else is pretty straightforward.
  • 96. Start with These Milestones 1. Setup Chef Server (hosted or on-premise) 2. Setup Knife 3. Setup Vagrant environment 4. Write (or download) Cookbooks!
  • 97. Where to Learn • Start here: https://learnchef.opscode.com. Screencasts are a perfect place to begin. • Then go to http://docs.opscode.com (walkthrough) for more info. • Check out http://gettingstartedwithchef.com as another reference. • Study other people’s cookbooks to get ideas. The postgresql cookbook is very well done. • #chef on IRC was very helpful for me. • The initial learning curve is somewhat steep, but it quickly becomes fun!
  • 99. El Fin 
 Now go cook something delicious!