Chef

1,428 views
1,272 views

Published on

Chef talk for the Architecture Meetup on the 23rd July 2013.

Published in: Technology, Self Improvement
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,428
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
39
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Chef

  1. 1. Chef Introduction and overview to managing your systems Adrian Moisey
  2. 2. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code
  3. 3. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible
  4. 4. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM)
  5. 5. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor
  6. 6. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor - Tests
  7. 7. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way
  8. 8. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them
  9. 9. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them - Allows you to decide what and how components are configured using attributes, environment definitions and node definitions.
  10. 10. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes
  11. 11. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them
  12. 12. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them You can run your own server or use the opscode hosted chef (for a fee)
  13. 13. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server
  14. 14. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem
  15. 15. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem - Unable to perform searches (because nodes are stand-alone with no central directory)
  16. 16. Cookbook From the wiki: A cookbook is the fundamental unit of configuration and policy distribution in Chef. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
  17. 17. Cookbook Can contain: - recipes - attributes - providers - definitions - templates - files - metadata http://docs.opscode. com/essentials_cookbooks.html
  18. 18. Cookbook $ cat cookbooks/ntp/recipe/default.rb ['openntpd','ntpdate'].each do |p| package p do action :install end end template 'ntpd.conf' do path '/etc/openntpd/ntpd.conf' source 'ntpd.conf.erb' owner 'root' group 'root' mode 0600 notifies :restart, 'service[openntpd]' end
  19. 19. Cookbook $ cat cookbooks/ntp/attributes/default.rb default[:ntp][:servers] = [ "0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org", "3.pool.ntp.org" ]
  20. 20. Role $ cat roles/ntp.rb name "ntp" description "Install openntpd" run_list("recipe[ntp]")
  21. 21. Environment $ cat environments/cluster01.rb name "cluster01" description "Cluster 01" default_attributes({ :ntp => { :servers => [ "ntp01.mycorp.com", "ntp02.mycorp.com" ] } }) cookbook_versions({ "ntp" => "0.0.1" })
  22. 22. Nodes $ cat nodes/server01.mycorp.com.json { "chef_type": "node", "name": "server01.mycorp.com", "normal": {}, "default": {}, "chef_environment": "cluster01", "run_list": [ "role[ntp]" ], "override": {}, "json_class": "Chef::Node", "automatic": {} }
  23. 23. Knife Knife is a command-line tool that provides an interface between a local Chef repository and the Chef Server. Examples: knife cookbook upload apache2 knife node edit web1.mycorp.com knife list clients knife search node 'role:web' -a fqdn
  24. 24. Upload all of this to the chef-server $ knife cookbook upload ntp -o cookbooks/ $ knife role from file roles/ntp.rb $ knife environment from file environment/cluster01.rb
  25. 25. Data bags - global variable - stored in JSON - accessible from the chef server - can be searched - can also be encrypted For example: to store all your users
  26. 26. Community cookbooks https://github.com/opscode-cookbooks/ apache, chef-server, chef-client, mysql, build- essential, cron, php, nagios, logrotate, erlang, python, jenkins, squid, iptables, samba, unicorn, munin, jira, screen, tftp
  27. 27. Community cookbooks - tips - Use the community cookbooks unmodified
  28. 28. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind
  29. 29. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind - Send bug fixes upstream
  30. 30. Cookbook versioning - Cookbooks can contain versions
  31. 31. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks
  32. 32. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks - Different environments can depend on different versions of cookbooks (allows you to have 0.0.2 in testing and 0.0.1 in production)
  33. 33. Tests - foodcritic: linting tool which checks against a community list of rules
  34. 34. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional)
  35. 35. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional) - test-kitchen: Framework for running integration tests in an isolated environment (<3 vagrant)
  36. 36. Live demo! - Remove a Yola employee - Create a pull request - Push it to the chef-server - Ensure that it has been done - Take a look at some things that knife can do
  37. 37. Some cool things - chef-solo can run the chef-server cookbook in order to bootstrap your chef-server - knife ec2 allows you to create an EC2 instance and configure it as a chef-client
  38. 38. The End Questions? Thanks to Jonathan for help with the slides

×