Chef Actions: Delightful near real-time activity tracking!
Actions: Delightful near real-time activity tracking!
Allen Goodman (@goodmanio), Software Engineer, Chef
James Casey (@jamesc_000), Engineering Lead, Chef
A first look at Chef Actions
Chef Actions answers questions about what is happening on your Chef Server
• What changed on your Chef Server ?
• Clients, Cookbooks, Data Bags, Environments, Nodes, Roles
• Who changed it ?
• What did they do ?
• Create, Update, Delete
• When did they do it ?
• Provide a read-only view of what happened
• Road to audit
• Allow to react to events as they happen
• Also, enable after the fact investigation
• “What happened just before nodes started failing runs?”
• “When did our systems gets patched for Heartbleed?”
• Static and Dynamic Analysis
• Are conformant cookbooks less susceptible to failure?
• Is coverage correlated with success?
• Does my preferred style require more maintenance?
• Syntactic and Semantic Mistakes
• Is this resource broken?
• Supervised Learning
• Predicting Imminent and Long-term Problems
• Why does my infrastructure break?
• POST a full copy of a message to
an external service
• Optionally contains copy of object
• E.g. full node object or role
• Ships with a stub service for you
• Monitoring – notified on create/delete
• CMDB – monitor software/OS version
changes for compliance
- id: james
- "What’s up with James’ weird hours?”
actions = chef.actions.where(action %in% ["create", "delete", "update"])
.where(actor %in% ["james"])
.where(resource %in% ["cookbook"])
• Consume raw messages in real-time out of Chef Server
• Send formatted messages to external services in real-time
• Send whole message with annotations to your external service in real-time
• REST API
• Query-only view of historical data
• Supports same HA architecture as Enterprise Chef
• Analytics pipeline, Query API, Ingest service
• Recommended to deploy on separate hardware than Enterprise Chef
• New add-on chef-analytics
• Delivered as a single omnibus package
• Hosted on separate domain
• E.g. analytics.getchef.com
• Only interactions with Private Chef
• RabbitMQ configuration details
• Manage root URL for generation of links
• Permissions – ACL changes, group join/leave
• Object Diffs
• Live Feed
• Aggregation (all actions from a chef-client run, berkshelf, knife run)
• Knife instrumentation
• Cloud plugins
Q1 Q2 Q3 Q4
Account Improvements Large Customer Features Service Provider Features HA Restructuring
Chef Actions and Run History Compliance Reporting Compliance Content
Windows Container Improvements Red Hat
The right premium features
• Make existing differentiation more accessible, address concerns of our largest customers
• Extend our analytics capability to provide best of breed compliance reporting
• Ensure we retain a lead on Windows support
• Embrace containers as a first class part of our ecosystem
• We know there is valuable data locked up inside your Chef Server
• Chef Actions exposes that data to you via a variety of APIs
• We have built a flexible architecture that will allow us to expose more and more data
• Available today – Limited availability
• No release schedule – continuous updates
• We’ll rapidly open to more and more customers
• Defined roadmap for 2014 for compliance and audit