Chef
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Chef

  • 1,154 views
Uploaded on

Chef talk for the Architecture Meetup on the 23rd July 2013.

Chef talk for the Architecture Meetup on the 23rd July 2013.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,154
On Slideshare
1,154
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
29
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Chef Introduction and overview to managing your systems Adrian Moisey
  • 2. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code
  • 3. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible
  • 4. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM)
  • 5. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor
  • 6. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor - Tests
  • 7. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way
  • 8. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them
  • 9. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them - Allows you to decide what and how components are configured using attributes, environment definitions and node definitions.
  • 10. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes
  • 11. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them
  • 12. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them You can run your own server or use the opscode hosted chef (for a fee)
  • 13. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server
  • 14. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem
  • 15. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem - Unable to perform searches (because nodes are stand-alone with no central directory)
  • 16. Cookbook From the wiki: A cookbook is the fundamental unit of configuration and policy distribution in Chef. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
  • 17. Cookbook Can contain: - recipes - attributes - providers - definitions - templates - files - metadata http://docs.opscode. com/essentials_cookbooks.html
  • 18. Cookbook $ cat cookbooks/ntp/recipe/default.rb ['openntpd','ntpdate'].each do |p| package p do action :install end end template 'ntpd.conf' do path '/etc/openntpd/ntpd.conf' source 'ntpd.conf.erb' owner 'root' group 'root' mode 0600 notifies :restart, 'service[openntpd]' end
  • 19. Cookbook $ cat cookbooks/ntp/attributes/default.rb default[:ntp][:servers] = [ "0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org", "3.pool.ntp.org" ]
  • 20. Role $ cat roles/ntp.rb name "ntp" description "Install openntpd" run_list("recipe[ntp]")
  • 21. Environment $ cat environments/cluster01.rb name "cluster01" description "Cluster 01" default_attributes({ :ntp => { :servers => [ "ntp01.mycorp.com", "ntp02.mycorp.com" ] } }) cookbook_versions({ "ntp" => "0.0.1" })
  • 22. Nodes $ cat nodes/server01.mycorp.com.json { "chef_type": "node", "name": "server01.mycorp.com", "normal": {}, "default": {}, "chef_environment": "cluster01", "run_list": [ "role[ntp]" ], "override": {}, "json_class": "Chef::Node", "automatic": {} }
  • 23. Knife Knife is a command-line tool that provides an interface between a local Chef repository and the Chef Server. Examples: knife cookbook upload apache2 knife node edit web1.mycorp.com knife list clients knife search node 'role:web' -a fqdn
  • 24. Upload all of this to the chef-server $ knife cookbook upload ntp -o cookbooks/ $ knife role from file roles/ntp.rb $ knife environment from file environment/cluster01.rb
  • 25. Data bags - global variable - stored in JSON - accessible from the chef server - can be searched - can also be encrypted For example: to store all your users
  • 26. Community cookbooks https://github.com/opscode-cookbooks/ apache, chef-server, chef-client, mysql, build- essential, cron, php, nagios, logrotate, erlang, python, jenkins, squid, iptables, samba, unicorn, munin, jira, screen, tftp
  • 27. Community cookbooks - tips - Use the community cookbooks unmodified
  • 28. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind
  • 29. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind - Send bug fixes upstream
  • 30. Cookbook versioning - Cookbooks can contain versions
  • 31. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks
  • 32. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks - Different environments can depend on different versions of cookbooks (allows you to have 0.0.2 in testing and 0.0.1 in production)
  • 33. Tests - foodcritic: linting tool which checks against a community list of rules
  • 34. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional)
  • 35. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional) - test-kitchen: Framework for running integration tests in an isolated environment (<3 vagrant)
  • 36. Live demo! - Remove a Yola employee - Create a pull request - Push it to the chef-server - Ensure that it has been done - Take a look at some things that knife can do
  • 37. Some cool things - chef-solo can run the chef-server cookbook in order to bootstrap your chef-server - knife ec2 allows you to create an EC2 instance and configure it as a chef-client
  • 38. The End Questions? Thanks to Jonathan for help with the slides