ChefInfrastructure as code<br />
Chef<br />
Background<br />Opscode (HJK Solutions)<br />
Chef has<br />Recipes<br />Resources<br />Roles<br />Nodes<br />Cookbooks<br />Knife<br />
Fully Automated Infrastructure<br />
Provisioning<br />Bare-metal: Kickstart/jumpstart<br />VM: libvert<br />Cloud: AWS/vCloud<br />Cloud: fog (http://fog.io/)...
Configuration Management<br />
Systems Integration<br />the last mile of fully automated infrastructure<br />Metadata stored & indexed<br />Search API<br />
Chef principles<br />Idempotent<br />Thick Clients, Thin Server<br />Order Matters<br />
Why chef?<br />Economics<br />Efficiency<br />Scalability<br />Community<br />
Flavors of Chef<br />Chef client & Chef server<br />Hosted Chef<br />Chef solo<br />
Architecture<br />
A Chef run<br />
Chef client<br />    Client does all the work, and can run recipes for multiple Nodes.<br />
Chef server<br />API service.<br />Management Console (optional).<br />AMQP Server<br />Search indexer and Search Engine.<...
Chef solo<br />-c, --config CONFIG<br />-j, --json-attributes JSON_ATTRIBS<br />-r, --recipe-url RECIPE_URL<br />
Cookbook<br />
Cookbook<br />    Cookbooks are the fundamental units of distribution in Chef. <br />
Cookbook<br />attributes/<br />definitions/<br />files/<br />libraries/<br />metadata.rb<br />providers/<br />recipes/<br ...
Cookbook<br />Dev in chef-repo<br />Create our own cookbook<br />Or download from community<br />Upload to Chef server<br />
Cookbook command<br />knife cookbook list<br />knife cookbook create COOKBOOK<br />knife cookbook download COOKBOOK<br />k...
 Chef Community Cookbook Site <br />knife cookbook site list<br />knife cookbook site share COOKBOOK CATEGORY<br />knife c...
Cookbook Dependencies <br />In metadata.rb:<br />depends "apache2", ">= 0.99.4"<br />depends "mysql", ">= 1.0.5"<br />
Attributes<br />node.default[:apache][:dir] = "/etc/apache2"<br />node.default[:apache][:listen_ports] = [ "80", "443" ]<b...
Nodes<br />Nodes in Chef are the thing that are configured by Recipes. <br />recipe/role<br />attribute<br />
Roles<br />name "webserver"<br />description "The base role for systems that serve HTTP traffic"<br />run_list "recipe[apa...
Search<br />knife search node "id:foo OR id:abc”<br />search(:node, 'run_list:recipe[foo::bar]') do |matching_node|<br /> ...
Libraries<br />your_cookbook/libraries/your_example_library.rb<br />module YourExampleLibrary<br />  def your_function()<b...
Metadata<br />maintainter "bob"<br />maintainer_email "bob@gmail.com"<br />license "Apache v2.0"<br />description "A cookb...
Templates<br />template "/etc/sudoers" do<br />  source "sudoers.erb"<br />  mode 0440<br />  owner "root"<br />  group "r...
Recipes<br />stored in Cookbooks.<br />executed in the order they appear.<br />evaluated as Ruby code.<br />Recipes from o...
Resources<br />such as:<br />packages<br />services<br />users<br />files<br />directories<br />
Resources: cookbook_file<br />cookbook_file "/tmp/testfile" do<br />  source "testfile" # this is the value that would be ...
Resources: directory<br />%w{dir1 dir2 dir3}.each do |dir|<br />   directory "/tmp/mydirs/#{dir}" do<br />      mode 0775<...
Resources: remote file<br />remote_file "/tmp/testfile" do<br />  source "http://www.example.com/tempfiles/testfile"<br />...
Resources: package<br />package "tar" do<br />  version "1.16.1-1"<br />  action :install<br />end<br />
Resources: script<br />script "install_something" do<br />  interpreter "bash"<br />  user "root"<br />cwd "/tmp"<br />  c...
Quick start<br />
Quick Start<br /><ul><li>Chef server(Host Chef)
Local workstation(MaxOSX)
One node(VM Ubuntu)</li></li></ul><li>Hosted Chef<br /><ul><li>Sign up for Opscode Hosted Chef  </li></ul>https://communit...
Workstation Setup<br /><ul><li>Install pre-requisites</li></ul>         - Ruby 1.8.7+ <br />            - RubyGems1.3.7+<b...
Create Chef repository</li></ul>            - gitclone git://github.com/opscode/chef-repo.git<br /><ul><li>Copy the keys a...
Set up a node as Chef Client<br /><ul><li>Download the chef-client cookbood</li></ul>      knife cookbook site install che...
Verify node data<br />List all the node:<br /> knife node list<br />List the run list for a specific node:<br />knife node...
Working with git<br />
get chef-repo<br />git clone git://github.com/opscode/chef-repo.git<br />
repo tree<br />config/ - Contains the Rake configuration file, rake.rb.<br />cookbooks/ - Cookbooks you download or create...
working with git<br />Building a new cookbook and saving it to the local repository.<br />Downloading an existing cookbook...
Doc & Help<br />
working with git<br />wik: http://wiki.opscode.com/display/chef/Home<br />community:<br />    http://community.opscode.com...
Upcoming SlideShare
Loading in...5
×

Chef introduction

8,488

Published on

chef introduction

Published in: Technology, Self Improvement
0 Comments
8 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,488
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
257
Comments
0
Likes
8
Embeds 0
No embeds

No notes for slide
  • Manage your servers by writing code, not by running commands. With Chef, you write abstract definitions as source code to describe how you want each part of your infrastructure to be built, and then apply those descriptions to individual servers. The result is a fully automated infrastructure: when a new server comes on line, the only thing you have to do is tell Chef what role it should play in your architecture.
  • Recipes: written in ruby using DSL. A Recipe describes a series of resources that should be in a particular state on a particular part of a server (such as Apache, MySQL, or Hadoop).Resource: A resource is usually a cross platform abstraction of the thing you&apos;re configuring on the host.A role sets a list of recipes and attributes to apply to a nodeA cookbook is a collection of recipes.Knife is the command line interface to the Chef server
  • Kickstart: a file for installation questionsLibvert: The virtualization API, XEN, VMWare, Vitural Box, KVM…Amazon Web Services/Elastic Computer CloudFog: Ruby cloud services library
  • Chef recipes can be data driven thereby providing dynamic system integration between servers. For example, when configuring a web server the search API can be called to discover the database and memcache servers and then automatically update the web server’s configuration. Likewise a load balancer recipe can automatically add the web servers into its configuration.
  • Chef ensures that actions are not performed if the resources have not changedThe Chef Server is built to handle the easy distribution of data to the clients - the recipes to build, templates to render, files to transfer - along with storing the state of each Node.given the same set of Cookbooks, Chef will always execute your resources in the same order.
  • Chef Solo: is a client application that works entirely from on-disk data, and is a light-weight alternative to a full client-server configuration.Chef Client: is the client application that works with a Chef Server to persist data and download cookbooks. Chef Clients can also take advantage of Chef Server&apos;s search abilities to dynamically integrate your applications with the rest of your infrastructure.Knife: is the command line interface to Chef. Knife is primarily used to interact with the Chef Server API, and it can be used for local Chef Repository maintenance.Shef: is the interactive Chef shell. Shef allows you to write, run, and debug recipes interactively and also provides a programmatic interface for viewing and editing data on your Chef Server.Chef Server: services HTTP API requests from the Web UI, nodes, and other clients (see above).Chef Server Web UI: the web-based management console for the Chef Server. It manages your infrastructure by making API calls to Chef Server.CouchDB: the primary data store for a Chef server.RabbitMQ: stores and then forwards data from Chef Server to the Chef Solr Indexer. It acts as a buffer for cases when high write loads temporarily exceed the ability of the Chef Solr Indexer to update the search index.Chef Solr Indexer: flattens and expands data to enhance searchability, then writes the data to Chef Solr.Chef Solr: a thin wrapper around the Apache Solr search engine. Chef Solr allows you to find your way around your infrastructure by querying its metadata.
  • Clients are where all the action happens - the Chef Server and Chef Indexer are largely services that exist only to provide the Client with information.
  • MerbAPI service for knife &amp; Management consoleRabbitMQSolrChef Server utilizes CouchDB for storing JSON data about Nodes, Roles, and Data Bags.
  • Config:file_cache_path &quot;/var/chef-solo&quot;cookbook_path &quot;/var/chef-solo/cookbooks”cookbook_path [&quot;/var/chef-solo/cookbooks&quot;, &quot;/var/chef-solo/site-cookbooks&quot;]role_path &quot;/var/chef-solo/roles”chef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
  • Config:file_cache_path &quot;/var/chef-solo&quot;cookbook_path &quot;/var/chef-solo/cookbooks”cookbook_path [&quot;/var/chef-solo/cookbooks&quot;, &quot;/var/chef-solo/site-cookbooks&quot;]role_path &quot;/var/chef-solo/roles”chef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
  • Config:file_cache_path &quot;/var/chef-solo&quot;cookbook_path &quot;/var/chef-solo/cookbooks”cookbook_path [&quot;/var/chef-solo/cookbooks&quot;, &quot;/var/chef-solo/site-cookbooks&quot;]role_path &quot;/var/chef-solo/roles”chef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
  • Hash key value (Mash)Default/override/setAttributes are Node data such as the IP address, hostname, loaded kernel modules, version of programming languages available on the system and more. New attributes can be dynamically added to the node in a variety of ways.During the Chef run, the Chef Client saves these node attributes on the Chef Server where they are indexed for Search. When the Chef Client runs again, it will retrieve the attributes that were saved previously and merge in attributes based on the priority rules described below.
  • Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
  • Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
  • Search is a feature of the Chef Server that allows you to use a full-text search engine (based on Apache Solr) to query information about your infrastructure and applications. Searches are built by the Chef Server, and allow you to query arbitrary data about your infrastructure. You can utilize this service via search calls in a recipe or the knife search command.Most data that Chef stores in CouchDB is automatically indexed in Solr: Data Bags, API Clients, Nodes, and Roles are all indexed.
  • Libraries allow you to include arbitrary Ruby code, either to extend Chef&apos;s language or to implement your own classes directly. They are the secret sauce that will allow you to plug in to your existing infrastructure and utilize it to inform how your systems are configured.
  • Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
  • Template Location Specificity
  • Recipes are the fundamental configuration in Chef. Recipes encapsulate collections of resources which are executed in the order defined to configure the systemRecipes are an internal Ruby domain-specific language (DSL), but you do not need to have experience with Ruby to write recipes.knife node run list add NODENAME &quot;recipe[apache2]&quot;
  • Recipes are the fundamental configuration in Chef. Recipes encapsulate collections of resources which are executed in the order defined to configure the systemRecipes are an internal Ruby domain-specific language (DSL), but you do not need to have experience with Ruby to write recipes.knife node run list add NODENAME &quot;recipe[apache2]&quot;
  • Transcript of "Chef introduction"

    1. 1. ChefInfrastructure as code<br />
    2. 2. Chef<br />
    3. 3. Background<br />Opscode (HJK Solutions)<br />
    4. 4. Chef has<br />Recipes<br />Resources<br />Roles<br />Nodes<br />Cookbooks<br />Knife<br />
    5. 5. Fully Automated Infrastructure<br />
    6. 6. Provisioning<br />Bare-metal: Kickstart/jumpstart<br />VM: libvert<br />Cloud: AWS/vCloud<br />Cloud: fog (http://fog.io/)<br />
    7. 7. Configuration Management<br />
    8. 8. Systems Integration<br />the last mile of fully automated infrastructure<br />Metadata stored & indexed<br />Search API<br />
    9. 9. Chef principles<br />Idempotent<br />Thick Clients, Thin Server<br />Order Matters<br />
    10. 10. Why chef?<br />Economics<br />Efficiency<br />Scalability<br />Community<br />
    11. 11. Flavors of Chef<br />Chef client & Chef server<br />Hosted Chef<br />Chef solo<br />
    12. 12. Architecture<br />
    13. 13.
    14. 14. A Chef run<br />
    15. 15.
    16. 16. Chef client<br /> Client does all the work, and can run recipes for multiple Nodes.<br />
    17. 17. Chef server<br />API service.<br />Management Console (optional).<br />AMQP Server<br />Search indexer and Search Engine.<br />Data store with CouchDB.<br />
    18. 18. Chef solo<br />-c, --config CONFIG<br />-j, --json-attributes JSON_ATTRIBS<br />-r, --recipe-url RECIPE_URL<br />
    19. 19. Cookbook<br />
    20. 20. Cookbook<br /> Cookbooks are the fundamental units of distribution in Chef. <br />
    21. 21. Cookbook<br />attributes/<br />definitions/<br />files/<br />libraries/<br />metadata.rb<br />providers/<br />recipes/<br />resources/<br />templates/<br />
    22. 22. Cookbook<br />Dev in chef-repo<br />Create our own cookbook<br />Or download from community<br />Upload to Chef server<br />
    23. 23. Cookbook command<br />knife cookbook list<br />knife cookbook create COOKBOOK<br />knife cookbook download COOKBOOK<br />knife cookbook upload [COOKBOOKS...]<br />knife cookbook delete COOKBOOK<br />knife cookbook metadata COOKBOOK<br />
    24. 24. Chef Community Cookbook Site <br />knife cookbook site list<br />knife cookbook site share COOKBOOK CATEGORY<br />knife cookbook site install COOKBOOK<br />knife cookbook site unshare COOKBOOK<br />knife cookbook site search QUERY<br />knife cookbook site download COOKBOOK<br />
    25. 25. Cookbook Dependencies <br />In metadata.rb:<br />depends "apache2", ">= 0.99.4"<br />depends "mysql", ">= 1.0.5"<br />
    26. 26. Attributes<br />node.default[:apache][:dir] = "/etc/apache2"<br />node.default[:apache][:listen_ports] = [ "80", "443" ]<br />if node.apache.attribute?(”dir")<br /> # do something<br />end<br />
    27. 27. Nodes<br />Nodes in Chef are the thing that are configured by Recipes. <br />recipe/role<br />attribute<br />
    28. 28. Roles<br />name "webserver"<br />description "The base role for systems that serve HTTP traffic"<br />run_list "recipe[apache2]", "recipe[apache2::mod_ssl]", "role[monitor]"<br />env_run_lists "prod" => ["recipe[apache2]"], "staging" => ["recipe[apache2::staging]"]<br />default_attributes "apache2" => { "listen_ports" => [ "80", "443" ] }<br />override_attributes "apache2" => { "max_children" => "50" }<br />
    29. 29. Search<br />knife search node "id:foo OR id:abc”<br />search(:node, 'run_list:recipe[foo::bar]') do |matching_node|<br /> puts matching_node.to_s<br />end<br />
    30. 30. Libraries<br />your_cookbook/libraries/your_example_library.rb<br />module YourExampleLibrary<br /> def your_function()<br /> # ... do something useful <br /> end<br />End<br />your_cookbook/recipes/default.rb<br />class Chef::Recipe<br /> include YourExampleLibrary<br />end<br />your_function()<br />
    31. 31. Metadata<br />maintainter "bob"<br />maintainer_email "bob@gmail.com"<br />license "Apache v2.0"<br />description "A cookbook"<br />long_description "blablabla"<br />depends "mysql", ">= 1.0.1"<br />version "2.0.1"<br />recipe "A recipe", "blablabla"<br />
    32. 32. Templates<br />template "/etc/sudoers" do<br /> source "sudoers.erb"<br /> mode 0440<br /> owner "root"<br /> group "root"<br /> variables(<br /> :sudoers_groups => node[:authorization][:sudo][:groups],<br /> :sudoers_users => node[:authorization][:sudo][:users]<br /> )<br />end<br />
    33. 33. Recipes<br />stored in Cookbooks.<br />executed in the order they appear.<br />evaluated as Ruby code.<br />Recipes from other Cookbooks can be included with include_recipe.<br />All the attributes of the current Node are available via the node object.<br />
    34. 34. Resources<br />such as:<br />packages<br />services<br />users<br />files<br />directories<br />
    35. 35. Resources: cookbook_file<br />cookbook_file "/tmp/testfile" do<br /> source "testfile" # this is the value that would be inferred from the path parameter<br /> mode "0644"<br />end<br />
    36. 36. Resources: directory<br />%w{dir1 dir2 dir3}.each do |dir|<br /> directory "/tmp/mydirs/#{dir}" do<br /> mode 0775<br /> owner "root"<br /> group "root"<br /> action :create<br /> recursive true<br /> end<br />end<br />
    37. 37. Resources: remote file<br />remote_file "/tmp/testfile" do<br /> source "http://www.example.com/tempfiles/testfile"<br /> mode "0644"<br /> checksum "08da002l" # A SHA256 (or portion thereof) of the file.<br />end<br />
    38. 38. Resources: package<br />package "tar" do<br /> version "1.16.1-1"<br /> action :install<br />end<br />
    39. 39. Resources: script<br />script "install_something" do<br /> interpreter "bash"<br /> user "root"<br />cwd "/tmp"<br /> code <<-EOH<br />wget http://www.example.com/tarball.tar.gz<br /> tar -zxftarball.tar.gz<br />cdtarball<br /> ./configure<br /> make<br /> make install<br /> EOH<br />end<br />
    40. 40. Quick start<br />
    41. 41. Quick Start<br /><ul><li>Chef server(Host Chef)
    42. 42. Local workstation(MaxOSX)
    43. 43. One node(VM Ubuntu)</li></li></ul><li>Hosted Chef<br /><ul><li>Sign up for Opscode Hosted Chef  </li></ul>https://community.opscode.com/<br /><ul><li>Create an Organization</li></li></ul><li>Authentication Credentials<br /><ul><li>Download user private key </li></ul>USERNAME.pem<br /><ul><li>Download organization validation key</li></ul>ORGANIZATION-validator.pem<br /><ul><li>Download your knife configuration file</li></ul>knife.rb<br />
    44. 44. Workstation Setup<br /><ul><li>Install pre-requisites</li></ul> - Ruby 1.8.7+ <br /> - RubyGems1.3.7+<br /><ul><li>Install Chef sudo gem install chef
    45. 45. Create Chef repository</li></ul> - gitclone git://github.com/opscode/chef-repo.git<br /><ul><li>Copy the keys and configuration</li></ul> - Create .chef directory<br /> - Copy the private keys and knife<br />cpUSERNAME.pem ~/chef-repo/.chef<br />cpORGANIZATION-validator.pem ~/chef-repo/.chef<br />cpknife.rb ~/chef-repo/.chef<br />
    46. 46. Set up a node as Chef Client<br /><ul><li>Download the chef-client cookbood</li></ul> knife cookbook site install chef-client<br /><ul><li>Upload the cookbook to the Chef Server</li></ul>knife cookbook upload<br /><ul><li>Bootstrap the node</li></ul>knife bootstrap 10.1.1.110 -r 'recipe[chef-client]' –x <br /> username –P password --sudo<br />
    47. 47. Verify node data<br />List all the node:<br /> knife node list<br />List the run list for a specific node:<br />knife node show nodename –r <br />
    48. 48. Working with git<br />
    49. 49. get chef-repo<br />git clone git://github.com/opscode/chef-repo.git<br />
    50. 50. repo tree<br />config/ - Contains the Rake configuration file, rake.rb.<br />cookbooks/ - Cookbooks you download or create.<br />data_bags/ - Store data bags and items in .json in the repository.<br />roles/ - Store roles in .rb or .json in the repository.<br />certificates/ - SSL certificates generated by rake ssl_cert live here.<br />
    51. 51. working with git<br />Building a new cookbook and saving it to the local repository.<br />Downloading an existing cookbook from the Chef Community Site.<br />Modifying an existing cookbook in the local repository for new updates.<br />
    52. 52. Doc & Help<br />
    53. 53. working with git<br />wik: http://wiki.opscode.com/display/chef/Home<br />community:<br /> http://community.opscode.com/cookbooks<br />
    54. 54. Q&A<br />thanks~<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×