• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Picconf12
 

Picconf12

on

  • 987 views

(A Very Quick) Intro to Chef for PICConf '12. A technical look at the building blocks of Chef.

(A Very Quick) Intro to Chef for PICConf '12. A technical look at the building blocks of Chef.

Statistics

Views

Total Views
987
Views on SlideShare
981
Embed Views
6

Actions

Likes
0
Downloads
15
Comments
0

2 Embeds 6

http://www.linkedin.com 4
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Apple Keynote

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n

Picconf12 Picconf12 Presentation Transcript

  • (A Very Quick) Intro To Chef PICConf ’12 Mandi Walls mandi@opscode.com
  • whoami• Mandi Walls• mandi@opscode.com• @lnxchk
  • Chef is Configuration ManagementA technical domainrevolving aroundbuilding andmanaginginfrastructureprogrammatically http://www.flickr.com/photos/neilt/530198191/
  • Enable the reconstruction of the business fromnothing but a source coderepository, an application data backup, and bare metal resources.
  • Avoiding Snowflakes• “That one host” you know you can’t rebuild if it dies• Untracked changes to systems, new configurations• Collections of bash, perl, python, whatever• Cheatsheets, wiki pages, folklore on how to build systems
  • Infrastructure as Code• Logically group all the changes needed to get systems into working order• All the bits and pieces that you have to remember to do after the OS is loaded• 1.. N.. infinity• Integrate systems programmatically
  • Managing the Various Pieces of Your Environment •Provision •Configure •Integrate
  • Managing the Various Pieces of Your Environment Load Balancer •ProvisionApp Server { { App Server •Configure •Integrate Database Master
  • What to Configure?
  • Goals!• Idempotence• Reasonability• Sane Defaults• Coordination• Flexibility
  • Chef is Ruby• Internal DSL• Chef resources look like Ruby objects• Chef can be extended using Ruby• Chef tools like ohai and knife can also be extended using Ruby
  • Chef Architecture •Chef Server •Chef Users •Chef Nodes •Knife •chef-client
  • Chef Nodes• Your hosts are “nodes” in Chef• They are the authority on all info about themselves• This info is stored in a Ruby object called “node” too• Characteristics about the node are called attributes
  • Node Object{ "name": "www1.example.com", • JSON "json_class": "Chef::Node", • Pushed to "chef_type": "node", Chef Server "chef_environment": "_default", • Indexed for Searching "automatic": { ... }, "default": { ... }, "normal": { ... }, "override": { ... }, "run_list": [ ... ]}
  • Chef Building Blocks• Resources• Recipes• Cookbooks• Roles• Environments
  • Chef Resourcespackage "haproxy" do action :installendtemplate "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]"endservice "haproxy" do supports :restart => true action [:enable, :start]end
  • Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
  • Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
  • Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
  • Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root"• Take action to put the mode 0644 notifies :restart, "service[haproxy]" resource in the declared end state. service "haproxy" do supports :restart => true action [:enable, :start] end
  • Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root"• Take action to put the mode 0644 notifies :restart, "service[haproxy]" resource in the declared end state. service "haproxy" do• Can send notifications to supports :restart => true action [:enable, :start] other resources. end
  • Resources and ProvidersResources take action through Providers
  • Providers are Behind the Scenespackage “haproxy” { yum install haproxy apt-get install haproxy pacman sync haproxy pkg_add -r haproxy
  • Recipes
  • Recipes are Collections of Resourcespackage "hadoop-#{hadoop_version}-namenode" do action :installendtemplate "/usr/lib/hadoop/conf/core-site.xml" do source "core-site_xml.erb" owner "hadoop" group "hadoop" mode 0644endservice "hadoop-#{hadoop_version}-namenode" do supports :restart => true, :start => true, :stop => trueend
  • Cookbooks are Collections of Recipes• Each cookbook can have multiple recipes • namenode, datanode, jobtracker, worker • solr_master, solr_slave• Configuration files, templates, libraries • server.xml • hdfs-site.xml http://www.flickr.com/photos/pinkpollyanna/222517565/sizes/m/in/photostream/
  • Run Lists• Tell the nodes what recipes to run Node Name: ip-10-93-42-234.ec2.internal Environment: _default FQDN: ip-10-93-42-234.ec2.internal IP: 23.22.80.76 Run List: role[base], role[webserver] Roles: base, webserver Recipes: apt, chef-client, apache2, webserver Platform: ubuntu 10.04
  • Attributes• Information about the node, the applications, etc• Set by ohai!• Set by cookbooks, roles, environments, or directly in recipes• Applied with specific precedence
  • Node Attributes$ knife node show ip-10-93-42-234.ec2.internal -a ec2ec2: ... hostname: ip-10-93-42-234.ec2.internal instance_id: i-75b16813 instance_type: m1.small kernel_id: aki-407d9529 local_hostname: ip-10-93-42-234.ec2.internal local_ipv4: 10.93.42.234 placement_availability_zone: us-east-1b profile: default-paravirtual public_hostname: ec2-23-22-80-76.compute-1.amazonaws.com public_ipv4: 23.22.80.76
  • Non-ohai Attributes• Attributes can also come from roles, cookbooks, and recipes• Used for settings needed by the configurationset[apache][package] = "httpd"set[apache][dir] = "/etc/httpd"set[apache][log_dir] = "/var/log/httpd"set[apache][error_log] = "error.log"set[apache][user] = "apache"set[apache][group] = "apache"set[apache][binary] = "/usr/sbin/httpd"set[apache][icondir] = "/var/www/icons"set[apache][cache_dir] = "/var/cache/httpd"
  • Rolesname "base"description "Base role for allservers"run_list(! "recipe[apt]",! "recipe[fail2ban]",! "recipe[chef-client]") http://www.flickr.com/photos/ulteriorepicure/177506395/sizes/m/in/photostream/
  • Basic Resources
  • Basic Resources: package package "tar" do   version "1.16.1-1"   action :install end package "portmap" do action :remove end• Providers determine how to manage the packages on every platform
  • Basic Resources: template• Templates are rendered when the Chef client runs on the node• Interprets the values of variables, search results, etc, to create dynamic configurationstemplate "/tmp/config.conf" do  source "config.conf.erb"  variables(    :config_var => node[:configs][:config_var]  )end
  • Basic Resources: cookbook_filecookbook_file "/tmp/testfile" do  source "testfile" owner “root” group “root”  mode "0644"end
  • Basic Resources: directorydirectory "/tmp/something" do  owner "root"  group "root"  mode "0755"  action :createenddirectory "C:tmpsomething.txt" do  rights :full_control, "DOMAINUser"  inherits false  action :createend
  • Basic Resources: serviceservice "apache2" do supports :restart => true action :enableendtemplate "/etc/apache2/apache2.conf" do # ... other parameters notifies :restart, "service[apache2]"end
  • Other Common Resources• User, Group• Cron• Execute: run arbitrary commands• File: files already on the node• Env (on Windows)• HTTP Request• Link
  • Reasoning About Infrastructure
  • Reflection of Reality
  • Deciding on Cookbooks and Roles• Each service in your infrastructure usually has its own cookbook, or may have a collection of cookbooks in a role• A set of Tomcat servers may have a cookbook for java, a cookbook for Tomcat, and a cookbook for application code• The java and tomcat cookbooks can be reused in multiple applications• A common practice is to include a base role for universal configurations that should apply to all of your nodes • Security settings, DNS servers, local file repositories• Members of the Chef community share cookbooks at
  • Environments• Environments allow you to think about not just groups of nodes running applications, but also the larger infrastructure• Every node belongs to only one environment• Environments can be used to specify which version of a cookbook to use on any node assigned to the environment• A common use of environments is assigning nodes to “dev”, “qa”, “staging”, and “production” • Each environment can be configured to use a different version of the available cookbooks• Attributes allow you to change settings based on the environment
  • ReusabilityDev EnvironmentNode Name: devhost1Environment: devFQDN: devhost1.mydomain.comIP: 192.168.1.100Run List: role[base], role[solr_master]Roles: base, solr_masterRecipes: apt, fail2ban, chef-client, solr, solr::masterPlatform: ubuntu 10.04Prod EnvironmentNode Name: solr1Environment: prodFQDN: solr1.mydomain.comIP: 192.168.10.50Run List: role[base], role[solr_master]Roles: base, solr_masterRecipes: apt, fail2ban, chef-client, solr, solr::masterPlatform: ubuntu 10.04
  • Search • All node data is indexed on the Chef server • These indexes are available for searching from knife and recipes • Use search results to dynamically configure integrated resourcessearch(:node, "role:webserver") do |match| puts match["ipaddress"]end
  • ManagingInfrastructure as Code
  • Chef Code Workflow• You build recipes, cookbooks, roles, environments, etc as files in your local Chef repository• Check your code into source code control• Upload your infrastructure to the Chef server with knife• Nodes get their configuration information when they run chef-client• Nodes can run chef-client as often or as rarely as you need• You can test in a variety of ways that suit your infrastructure best
  • Incorporating Version Control System• Employ the distributed version control system of your choice• Use what your team already knows! Chef doesn’t require a specific system• Git is popular, but SVN, Perforce, others are used as well• Decide on your testing, versioning, code review practices as suit your team’s needs
  • Try It Out
  • How to Get Chef• Hosted Chef is a SaaS product hosted by Opscode• http://manage.opscode.com• You can create an account and add up to five nodes for free to try out chef• Our new installer makes installing Chef on nodes super easy! • http://www.opscode.com/chef/install • Provides a full stack, don’t worry about Ruby version issues
  • More Info on Getting Started• Our wiki: http://wiki.opscode.com• Fast start guide: • http://wiki.opscode.com/display/chef/Fast+Start +Guide• Our Community site: http://community.opscode.com• Cookbooks in our Github account: http://github.com/ opscode/cookbooks• The materials for our 3-day Chef Fundamentals class are online: • https://github.com/opscode/chef-fundamentals
  • Supported PlatformsUbuntu (10.04, 10.10, 11.04, 11.10)•Debian (5.0, 6.0)•RHEL & CentOS (5.x, 6.x)•Fedora 10+•Mac OS X (10.4, 10.5, 10.6)•Windows 7•Windows Server 2003 R2, 2008 R2
  • Thanks, PICConf!!• mandi walls• mandi@opscode.com• @lnxchk
  • Questions?• On freenode: #chef and #chef-hacking• http://lists.opscode.com• http://tickets.opscode.com• http://help.opscode.com• @opscode and @opscode_status on Twitter