Chef introduction

ChefInfrastructure as code

Background
Opscode (HJK Solutions)

Chef has
Recipes
Resources
Roles
Nodes
Cookbooks
Knife

Fully Automated Infrastructure

Provisioning
Bare-metal: Kickstart/jumpstart
VM: libvert
Cloud: AWS/vCloud
Cloud: fog (http://fog.io/)

Configuration Management

Systems Integration
the last mile of fully automated infrastructure
Metadata stored & indexed
Search API

Chef principles
Idempotent
Thick Clients, Thin Server
Order Matters

Why chef?
Economics
Efficiency
Scalability
Community

Flavors of Chef
Chef client & Chef server
Hosted Chef
Chef solo

Architecture

A Chef run

Chef client
Client does all the work, and can run recipes for multiple Nodes.

Chef server
API service.
Management Console (optional).
AMQP Server
Search indexer and Search Engine.
Data store with CouchDB.

Chef solo
-c, --config CONFIG
-j, --json-attributes JSON_ATTRIBS
-r, --recipe-url RECIPE_URL

Cookbook

Cookbook
Cookbooks are the fundamental units of distribution in Chef.

Cookbook
attributes/
definitions/
files/
libraries/
metadata.rb
providers/
recipes/
resources/
templates/

Cookbook
Dev in chef-repo
Create our own cookbook
Or download from community
Upload to Chef server

Cookbook command
knife cookbook list
knife cookbook create COOKBOOK
knife cookbook download COOKBOOK
knife cookbook upload [COOKBOOKS...]
knife cookbook delete COOKBOOK
knife cookbook metadata COOKBOOK

Chef Community Cookbook Site
knife cookbook site list
knife cookbook site share COOKBOOK CATEGORY
knife cookbook site install COOKBOOK
knife cookbook site unshare COOKBOOK
knife cookbook site search QUERY
knife cookbook site download COOKBOOK

Cookbook Dependencies
In metadata.rb:
depends "apache2", ">= 0.99.4"
depends "mysql", ">= 1.0.5"

Attributes
node.default[:apache][:dir] = "/etc/apache2"
node.default[:apache][:listen_ports] = [ "80", "443" ]
if node.apache.attribute?(”dir")
# do something
end

Nodes
Nodes in Chef are the thing that are configured by Recipes.
recipe/role
attribute

Roles
name "webserver"
description "The base role for systems that serve HTTP traffic"
run_list "recipe[apache2]", "recipe[apache2::mod_ssl]", "role[monitor]"
env_run_lists "prod" => ["recipe[apache2]"], "staging" => ["recipe[apache2::staging]"]
default_attributes "apache2" => { "listen_ports" => [ "80", "443" ] }
override_attributes "apache2" => { "max_children" => "50" }

Search
knife search node "id:foo OR id:abc”
search(:node, 'run_list:recipe[foo::bar]') do |matching_node|
puts matching_node.to_s
end

Libraries
your_cookbook/libraries/your_example_library.rb
module YourExampleLibrary
def your_function()
# ... do something useful
end
End
your_cookbook/recipes/default.rb
class Chef::Recipe
include YourExampleLibrary
end
your_function()

Metadata
maintainter "bob"
maintainer_email "bob@gmail.com"
license "Apache v2.0"
description "A cookbook"
long_description "blablabla"
depends "mysql", ">= 1.0.1"
version "2.0.1"
recipe "A recipe", "blablabla"

Templates
template "/etc/sudoers" do
source "sudoers.erb"
mode 0440
owner "root"
group "root"
variables(
:sudoers_groups => node[:authorization][:sudo][:groups],
:sudoers_users => node[:authorization][:sudo][:users]
)
end

Recipes
stored in Cookbooks.
executed in the order they appear.
evaluated as Ruby code.
Recipes from other Cookbooks can be included with include_recipe.
All the attributes of the current Node are available via the node object.

Resources
such as:
packages
services
users
files
directories

Resources: cookbook_file
cookbook_file "/tmp/testfile" do
source "testfile" # this is the value that would be inferred from the path parameter
mode "0644"
end

Resources: directory
%w{dir1 dir2 dir3}.each do |dir|
directory "/tmp/mydirs/#{dir}" do
mode 0775
owner "root"
group "root"
action :create
recursive true
end
end

Resources: remote file
remote_file "/tmp/testfile" do
source "http://www.example.com/tempfiles/testfile"
mode "0644"
checksum "08da002l" # A SHA256 (or portion thereof) of the file.
end

Resources: package
package "tar" do
version "1.16.1-1"
action :install
end

Resources: script
script "install_something" do
interpreter "bash"
user "root"
cwd "/tmp"
code <<-EOH
wget http://www.example.com/tarball.tar.gz
tar -zxftarball.tar.gz
cdtarball
./configure
make
make install
EOH
end

Quick start

Quick Start
Chef server(Host Chef)
Local workstation(MaxOSX)
One node(VM Ubuntu)

Hosted Chef
Sign up for Opscode Hosted Chef
https://community.opscode.com/
Create an Organization

Authentication Credentials
Download user private key
USERNAME.pem
Download organization validation key
ORGANIZATION-validator.pem
Download your knife configuration file
knife.rb

Workstation Setup
Install pre-requisites
- Ruby 1.8.7+
- RubyGems1.3.7+
Install Chef sudo gem install chef
Create Chef repository
- gitclone git://github.com/opscode/chef-repo.git
Copy the keys and configuration
- Create .chef directory
- Copy the private keys and knife
cpUSERNAME.pem ~/chef-repo/.chef
cpORGANIZATION-validator.pem ~/chef-repo/.chef
cpknife.rb ~/chef-repo/.chef

Set up a node as Chef Client
Download the chef-client cookbood
knife cookbook site install chef-client
Upload the cookbook to the Chef Server
knife cookbook upload
Bootstrap the node
knife bootstrap 10.1.1.110 -r 'recipe[chef-client]' –x
username –P password --sudo

Verify node data
List all the node:
knife node list
List the run list for a specific node:
knife node show nodename –r

Working with git

get chef-repo
git clone git://github.com/opscode/chef-repo.git

repo tree
config/ - Contains the Rake configuration file, rake.rb.
cookbooks/ - Cookbooks you download or create.
data_bags/ - Store data bags and items in .json in the repository.
roles/ - Store roles in .rb or .json in the repository.
certificates/ - SSL certificates generated by rake ssl_cert live here.

working with git
Building a new cookbook and saving it to the local repository.
Downloading an existing cookbook from the Chef Community Site.
Modifying an existing cookbook in the local repository for new updates.

Doc & Help

working with git
wik: http://wiki.opscode.com/display/chef/Home
community:
http://community.opscode.com/cookbooks

Q&A
thanks~

http://blog.chaojiwudi.com	794
http://localhost	459
http://www.chaojiwudi.com	183
http://limengyun.com	43
http://chaojiwudi.com	38
http://sb080x.corp.youdao.com	21
http://webcache.googleusercontent.com	19
http://flanker.github.com	5
http://flanker.herokuapp.com	3
http://cncc.bingj.com	1
http://translate.googleusercontent.com	1
http://flanker.heroku.coom	1

Chef introduction

by FENG Zhichao

Accessibility

Categories

Upload Details

Usage Rights

12 Embeds 1,568

Statistics