• Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
830
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
30
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Chef Introduction and overview to managing your systems Adrian Moisey
  • 2. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code
  • 3. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible
  • 4. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM)
  • 5. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor
  • 6. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor - Tests
  • 7. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way
  • 8. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them
  • 9. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them - Allows you to decide what and how components are configured using attributes, environment definitions and node definitions.
  • 10. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes
  • 11. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them
  • 12. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them You can run your own server or use the opscode hosted chef (for a fee)
  • 13. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server
  • 14. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem
  • 15. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem - Unable to perform searches (because nodes are stand-alone with no central directory)
  • 16. Cookbook From the wiki: A cookbook is the fundamental unit of configuration and policy distribution in Chef. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
  • 17. Cookbook Can contain: - recipes - attributes - providers - definitions - templates - files - metadata http://docs.opscode. com/essentials_cookbooks.html
  • 18. Cookbook $ cat cookbooks/ntp/recipe/default.rb ['openntpd','ntpdate'].each do |p| package p do action :install end end template 'ntpd.conf' do path '/etc/openntpd/ntpd.conf' source 'ntpd.conf.erb' owner 'root' group 'root' mode 0600 notifies :restart, 'service[openntpd]' end
  • 19. Cookbook $ cat cookbooks/ntp/attributes/default.rb default[:ntp][:servers] = [ "0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org", "3.pool.ntp.org" ]
  • 20. Role $ cat roles/ntp.rb name "ntp" description "Install openntpd" run_list("recipe[ntp]")
  • 21. Environment $ cat environments/cluster01.rb name "cluster01" description "Cluster 01" default_attributes({ :ntp => { :servers => [ "ntp01.mycorp.com", "ntp02.mycorp.com" ] } }) cookbook_versions({ "ntp" => "0.0.1" })
  • 22. Nodes $ cat nodes/server01.mycorp.com.json { "chef_type": "node", "name": "server01.mycorp.com", "normal": {}, "default": {}, "chef_environment": "cluster01", "run_list": [ "role[ntp]" ], "override": {}, "json_class": "Chef::Node", "automatic": {} }
  • 23. Knife Knife is a command-line tool that provides an interface between a local Chef repository and the Chef Server. Examples: knife cookbook upload apache2 knife node edit web1.mycorp.com knife list clients knife search node 'role:web' -a fqdn
  • 24. Upload all of this to the chef-server $ knife cookbook upload ntp -o cookbooks/ $ knife role from file roles/ntp.rb $ knife environment from file environment/cluster01.rb
  • 25. Data bags - global variable - stored in JSON - accessible from the chef server - can be searched - can also be encrypted For example: to store all your users
  • 26. Community cookbooks https://github.com/opscode-cookbooks/ apache, chef-server, chef-client, mysql, build- essential, cron, php, nagios, logrotate, erlang, python, jenkins, squid, iptables, samba, unicorn, munin, jira, screen, tftp
  • 27. Community cookbooks - tips - Use the community cookbooks unmodified
  • 28. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind
  • 29. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind - Send bug fixes upstream
  • 30. Cookbook versioning - Cookbooks can contain versions
  • 31. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks
  • 32. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks - Different environments can depend on different versions of cookbooks (allows you to have 0.0.2 in testing and 0.0.1 in production)
  • 33. Tests - foodcritic: linting tool which checks against a community list of rules
  • 34. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional)
  • 35. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional) - test-kitchen: Framework for running integration tests in an isolated environment (<3 vagrant)
  • 36. Live demo! - Remove a Yola employee - Create a pull request - Push it to the chef-server - Ensure that it has been done - Take a look at some things that knife can do
  • 37. Some cool things - chef-solo can run the chef-server cookbook in order to bootstrap your chef-server - knife ec2 allows you to create an EC2 instance and configure it as a chef-client
  • 38. The End Questions? Thanks to Jonathan for help with the slides