Chef
Introduction and overview to managing your
systems
Adrian Moisey
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
- Removes the h...
Why Chef (or puppet or Bcfg2 or
CFEngine)?
- Infrastructure as code
- Reproducible
- Version control (SCM)
- Removes the h...
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is...
Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is...
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-clien...
Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-clien...
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
- Uses static cookbooks and nodes on the loca...
Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
- Uses static cookbooks and nodes on the loca...
Cookbook
From the wiki:
A cookbook is the fundamental unit of
configuration and policy distribution in Chef.
Each cookbook...
Cookbook
Can contain:
- recipes
- attributes
- providers
- definitions
- templates
- files
- metadata
http://docs.opscode....
Cookbook
$ cat cookbooks/ntp/recipe/default.rb
['openntpd','ntpdate'].each do |p|
package p do
action :install
end
end
tem...
Cookbook
$ cat cookbooks/ntp/attributes/default.rb
default[:ntp][:servers] = [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool...
Role
$ cat roles/ntp.rb
name "ntp"
description "Install openntpd"
run_list("recipe[ntp]")
Environment
$ cat environments/cluster01.rb
name "cluster01"
description "Cluster 01"
default_attributes({
:ntp => {
:serv...
Nodes
$ cat nodes/server01.mycorp.com.json
{
"chef_type": "node",
"name": "server01.mycorp.com",
"normal": {},
"default": ...
Knife
Knife is a command-line tool that provides an
interface between a local Chef repository and
the Chef Server.
Example...
Upload all of this to the chef-server
$ knife cookbook upload ntp -o cookbooks/
$ knife role from file roles/ntp.rb
$ knif...
Data bags
- global variable
- stored in JSON
- accessible from the chef server
- can be searched
- can also be encrypted
F...
Community cookbooks
https://github.com/opscode-cookbooks/
apache, chef-server, chef-client, mysql, build-
essential, cron,...
Community cookbooks - tips
- Use the community cookbooks unmodified
Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them w...
Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them w...
Cookbook versioning
- Cookbooks can contain versions
Cookbook versioning
- Cookbooks can contain versions
- Cookbooks can depend on specific versions
of other cookbooks
Cookbook versioning
- Cookbooks can contain versions
- Cookbooks can depend on specific versions
of other cookbooks
- Diff...
Tests
- foodcritic: linting tool which checks against a
community list of rules
Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (n...
Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (n...
Live demo!
- Remove a Yola employee
- Create a pull request
- Push it to the chef-server
- Ensure that it has been done
- ...
Some cool things
- chef-solo can run the chef-server cookbook in
order to bootstrap your chef-server
- knife ec2 allows yo...
The End
Questions?
Thanks to Jonathan for help with the slides
Upcoming SlideShare
Loading in...5
×

Chef

998

Published on

Chef talk for the Architecture Meetup on the 23rd July 2013.

Published in: Technology, Self Improvement
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
998
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Chef

  1. 1. Chef Introduction and overview to managing your systems Adrian Moisey
  2. 2. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code
  3. 3. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible
  4. 4. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM)
  5. 5. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor
  6. 6. Why Chef (or puppet or Bcfg2 or CFEngine)? - Infrastructure as code - Reproducible - Version control (SCM) - Removes the human factor - Tests
  7. 7. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way
  8. 8. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them
  9. 9. Basic Chef Architecture - Executes various "recipes" which configure your system in the desired way - A node definition is required in order for chef to know which recipes to run and with which attributes to run them - Allows you to decide what and how components are configured using attributes, environment definitions and node definitions.
  10. 10. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes
  11. 11. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them
  12. 12. Basic Chef Architecture Server/client: - chef-server stores all your cookbooks, environments, roles and nodes - chef-client connects and gets given the relevant cookbooks and attributes from chef- server and executes them You can run your own server or use the opscode hosted chef (for a fee)
  13. 13. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server
  14. 14. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem
  15. 15. Basic Chef Architecture Chef-solo: - Standalone, doesn't connect to a server - Uses static cookbooks and nodes on the local filesystem - Unable to perform searches (because nodes are stand-alone with no central directory)
  16. 16. Cookbook From the wiki: A cookbook is the fundamental unit of configuration and policy distribution in Chef. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
  17. 17. Cookbook Can contain: - recipes - attributes - providers - definitions - templates - files - metadata http://docs.opscode. com/essentials_cookbooks.html
  18. 18. Cookbook $ cat cookbooks/ntp/recipe/default.rb ['openntpd','ntpdate'].each do |p| package p do action :install end end template 'ntpd.conf' do path '/etc/openntpd/ntpd.conf' source 'ntpd.conf.erb' owner 'root' group 'root' mode 0600 notifies :restart, 'service[openntpd]' end
  19. 19. Cookbook $ cat cookbooks/ntp/attributes/default.rb default[:ntp][:servers] = [ "0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org", "3.pool.ntp.org" ]
  20. 20. Role $ cat roles/ntp.rb name "ntp" description "Install openntpd" run_list("recipe[ntp]")
  21. 21. Environment $ cat environments/cluster01.rb name "cluster01" description "Cluster 01" default_attributes({ :ntp => { :servers => [ "ntp01.mycorp.com", "ntp02.mycorp.com" ] } }) cookbook_versions({ "ntp" => "0.0.1" })
  22. 22. Nodes $ cat nodes/server01.mycorp.com.json { "chef_type": "node", "name": "server01.mycorp.com", "normal": {}, "default": {}, "chef_environment": "cluster01", "run_list": [ "role[ntp]" ], "override": {}, "json_class": "Chef::Node", "automatic": {} }
  23. 23. Knife Knife is a command-line tool that provides an interface between a local Chef repository and the Chef Server. Examples: knife cookbook upload apache2 knife node edit web1.mycorp.com knife list clients knife search node 'role:web' -a fqdn
  24. 24. Upload all of this to the chef-server $ knife cookbook upload ntp -o cookbooks/ $ knife role from file roles/ntp.rb $ knife environment from file environment/cluster01.rb
  25. 25. Data bags - global variable - stored in JSON - accessible from the chef server - can be searched - can also be encrypted For example: to store all your users
  26. 26. Community cookbooks https://github.com/opscode-cookbooks/ apache, chef-server, chef-client, mysql, build- essential, cron, php, nagios, logrotate, erlang, python, jenkins, squid, iptables, samba, unicorn, munin, jira, screen, tftp
  27. 27. Community cookbooks - tips - Use the community cookbooks unmodified
  28. 28. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind
  29. 29. Community cookbooks - tips - Use the community cookbooks unmodified - Write wrapper cookbooks around them - most of them were designed with this in mind - Send bug fixes upstream
  30. 30. Cookbook versioning - Cookbooks can contain versions
  31. 31. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks
  32. 32. Cookbook versioning - Cookbooks can contain versions - Cookbooks can depend on specific versions of other cookbooks - Different environments can depend on different versions of cookbooks (allows you to have 0.0.2 in testing and 0.0.1 in production)
  33. 33. Tests - foodcritic: linting tool which checks against a community list of rules
  34. 34. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional)
  35. 35. Tests - foodcritic: linting tool which checks against a community list of rules - chef-spec: unit tests for recipe code (not functional) - test-kitchen: Framework for running integration tests in an isolated environment (<3 vagrant)
  36. 36. Live demo! - Remove a Yola employee - Create a pull request - Push it to the chef-server - Ensure that it has been done - Take a look at some things that knife can do
  37. 37. Some cool things - chef-solo can run the chef-server cookbook in order to bootstrap your chef-server - knife ec2 allows you to create an EC2 instance and configure it as a chef-client
  38. 38. The End Questions? Thanks to Jonathan for help with the slides
  1. ¿Le ha llamado la atención una diapositiva en particular?

    Recortar diapositivas es una manera útil de recopilar información importante para consultarla más tarde.

×