Your SlideShare is downloading. ×
0
Chef
Introduction and overview to managing your
systems
Adrian Moisey
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
- Removes the h...
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
- Removes the h...
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is...
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is...
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-clien...
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-clien...
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
- Uses static cookbooks and nodes on the loca...
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
- Uses static cookbooks and nodes on the loca...
Cookbook
From the wiki:
A cookbook is the fundamental unit of
configuration and policy distribution in Chef.
Each cookbook...
Cookbook
Can contain:
- recipes
- attributes
- providers
- definitions
- templates
- files
- metadata
http://docs.opscode....
Cookbook
$ cat cookbooks/ntp/recipe/default.rb
['openntpd','ntpdate'].each do |p|
package p do
action :install
end
end
tem...
Cookbook
$ cat cookbooks/ntp/attributes/default.rb
default[:ntp][:servers] = [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool...
Role
$ cat roles/ntp.rb
name "ntp"
description "Install openntpd"
run_list("recipe[ntp]")
Environment
$ cat environments/cluster01.rb
name "cluster01"
description "Cluster 01"
default_attributes({
:ntp => {
:serv...
Nodes
$ cat nodes/server01.mycorp.com.json
{
"chef_type": "node",
"name": "server01.mycorp.com",
"normal": {},
"default": ...
Knife
Knife is a command-line tool that provides an
interface between a local Chef repository and
the Chef Server.
Example...
Upload all of this to the chef-server
$ knife cookbook upload ntp -o cookbooks/
$ knife role from file roles/ntp.rb
$ knif...
Data bags
- global variable
- stored in JSON
- accessible from the chef server
- can be searched
- can also be encrypted
F...
Community cookbooks
https://github.com/opscode-cookbooks/
apache, chef-server, chef-client, mysql, build-
essential, cron,...
Community cookbooks - tips
- Use the community cookbooks unmodified
Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them w...
Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them w...
Cookbook versioning
- Cookbooks can contain versions
Cookbook versioning
- Cookbooks can contain versions
- Cookbooks can depend on specific versions
of other cookbooks
Cookbook versioning
- Cookbooks can contain versions
- Cookbooks can depend on specific versions
of other cookbooks
- Diff...
Tests
- foodcritic: linting tool which checks against a
community list of rules
Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (n...
Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (n...
Live demo!
- Remove a Yola employee
- Create a pull request
- Push it to the chef-server
- Ensure that it has been done
- ...
Some cool things
- chef-solo can run the chef-server cookbook in
order to bootstrap your chef-server
- knife ec2 allows yo...
The End
Questions?
Thanks to Jonathan for help with the slides
Upcoming SlideShare
Loading in...5
×

Chef

977

Published on

Chef talk for the Architecture Meetup on the 23rd July 2013.

Published in: Technology, Self Improvement
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
977
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Chef"

  1. 1. Chef Introduction and overview to managing your systems Adrian Moisey
  2. 2. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code
  3. 3. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible
  4. 4. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM)
  5. 5. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor
  6. 6. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor - Tests
  7. 7. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way
  8. 8. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them
  9. 9. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them - Allows you to decide what and how components are configured using attributes, environment definitions and node definitions.
  10. 10. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes
  11. 11. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them
  12. 12. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them You can run your own server or use the opscode hosted chef (for a fee)
  13. 13. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server
  14. 14. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem
  15. 15. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem - Unable to perform searches (because nodes are stand-alone with no central directory)
  16. 16. Cookbook From the wiki: A cookbook is the fundamental unit of configuration and policy distribution in Chef. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
  17. 17. Cookbook Can contain: - recipes - attributes - providers - definitions - templates - files - metadata http://docs.opscode. com/essentials_cookbooks.html
  18. 18. Cookbook $ cat cookbooks/ntp/recipe/default.rb ['openntpd','ntpdate'].each do |p| package p do action :install end end template 'ntpd.conf' do path '/etc/openntpd/ntpd.conf' source 'ntpd.conf.erb' owner 'root' group 'root' mode 0600 notifies :restart, 'service[openntpd]' end
  19. 19. Cookbook $ cat cookbooks/ntp/attributes/default.rb default[:ntp][:servers] = [ "0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org", "3.pool.ntp.org" ]
  20. 20. Role $ cat roles/ntp.rb name "ntp" description "Install openntpd" run_list("recipe[ntp]")
  21. 21. Environment $ cat environments/cluster01.rb name "cluster01" description "Cluster 01" default_attributes({ :ntp => { :servers => [ "ntp01.mycorp.com", "ntp02.mycorp.com" ] } }) cookbook_versions({ "ntp" => "0.0.1" })
  22. 22. Nodes $ cat nodes/server01.mycorp.com.json { "chef_type": "node", "name": "server01.mycorp.com", "normal": {}, "default": {}, "chef_environment": "cluster01", "run_list": [ "role[ntp]" ], "override": {}, "json_class": "Chef::Node", "automatic": {} }
  23. 23. Knife Knife is a command-line tool that provides an interface between a local Chef repository and the Chef Server. Examples: knife cookbook upload apache2 knife node edit web1.mycorp.com knife list clients knife search node 'role:web' -a fqdn
  24. 24. Upload all of this to the chef-server $ knife cookbook upload ntp -o cookbooks/ $ knife role from file roles/ntp.rb $ knife environment from file environment/cluster01.rb
  25. 25. Data bags - global variable - stored in JSON - accessible from the chef server - can be searched - can also be encrypted For example: to store all your users
  26. 26. Community cookbooks https://github.com/opscode-cookbooks/ apache, chef-server, chef-client, mysql, build- essential, cron, php, nagios, logrotate, erlang, python, jenkins, squid, iptables, samba, unicorn, munin, jira, screen, tftp
  27. 27. Community cookbooks - tips - Use the community cookbooks unmodified
  28. 28. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind
  29. 29. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind - Send bug fixes upstream
  30. 30. Cookbook versioning - Cookbooks can contain versions
  31. 31. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks
  32. 32. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks - Different environments can depend on different versions of cookbooks (allows you to have 0.0.2 in testing and 0.0.1 in production)
  33. 33. Tests - foodcritic: linting tool which checks against a community list of rules
  34. 34. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional)
  35. 35. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional) - test-kitchen: Framework for running integration tests in an isolated environment (<3 vagrant)
  36. 36. Live demo! - Remove a Yola employee - Create a pull request - Push it to the chef-server - Ensure that it has been done - Take a look at some things that knife can do
  37. 37. Some cool things - chef-solo can run the chef-server cookbook in order to bootstrap your chef-server - knife ec2 allows you to create an EC2 instance and configure it as a chef-client
  38. 38. The End Questions? Thanks to Jonathan for help with the slides
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×