Common Challenges in DevOps Change Management

Common Challenges inDevOps Change Management Matt Ray matt@opscode.com

A word about Best PracticesBest practices themselves aresubjective.Chef is flexible and you can make itdo what you want.

Infrastructure as CodeEnable reconstruction of the businessfrom nothing but a source coderepository, application data backupand bare metal resources.

Infrastructure as CodeCode is tracked with version control.Everything we do is in code.Everything is checked into versioncontrol.

Chef RepositoryVery simply, the Chef Repository is aversion controlled directory thatcontains cookbooks and othercomponents relevant to Chef.It contains Infrastructure as Code.

Documenting Your InfrastructureSpiceweasel is a tool for generatingknife commands to buildinfrastructure from a simple YAML orJSON file. • Documents all dependencies • Preserves ordering of deploys • Not an official Chef tool • http://bit.ly/spcwsl

Spiceweaselcookbooks:- apache2: - 0.99.4- apt: - 1.1.2- mysql: - 1.0.5- glance:- nova:- openssl: - 1.0.0- rabbitmq: - 1.2.1data bags:- openstack: - glance - novaroles:- glance-single-machine:- nova-multi-compute:- nova-multi-controller:nodes:- controller: - role[nova-multi-controller] - -i ~/.ssh/mray.pem -x user --sudo -d ubuntu10.04-gems- compute: - role[nova-multi-compute] - -i ~/.ssh/mray.pem -x user --sudo -d ubuntu10.04-gems

Git vs. Traditional VCSDecentralized DevelopmentVendor BranchingParallel DeploymentsStable Releases with Hotfixes

GitflowCode sample

GitLearn by doing.Its hard to fake.Lean into it.

Touchless InfrastructureModifying configuration machines byhand is "doing it wrong".• Not tracked in version control.• If its a Chef-managed Resource, it will get undone.

Nodes are EphemeralDo not configure individual nodes,use Roles.• Nodes are ephemeral, they may not always exist.• Nodes arent stored in version control, Roles are.

Start from ScratchDo not delete or remove Resources,start from scratch.• Reusing nodes is asking for trouble, since you dont know previous state.• Reprovisioning servers is cheap.

Hard CodingDo not use hard-coded IPs orhostnames, use search.• Nodes are ephemeral, they may not always exist.• Leverage the search capabilities of Chef.

Golden ImagesGolden images are an anti-pattern.• Tracking contents of images before they are managed is unnecessary effort.• Start every node from a known minimal state.• Caching is your friend.

EnvironmentsEnvironments are how we manageversioned infrastructures with Chef.Different infrastructures such asproduction, staging, development,and testing managed from one Chefrepository.

EnvironmentsControl the flow of Cookbooks• Development->QA->Production• Freeze from change• RBAC restrict who can deploy whereRole runlists tied to EnvironmentsEnvironment attributes to overridesettings

Lean on the CommunityThe Chef Community is veryfriendly, dont be afraid to ask forhelp!• IRC (200+ people)• Mailing lists are active.• Lots of GitHub activities.

QuestionsMatt Raymatt@opscode.comTwitter/IRC/GitHub: mattray

Common Challenges in DevOps Change Management

by Matt Ray on Sep 28, 2011

Accessibility

Categories

Tags

Upload Details

Usage Rights

2 Embeds 5

Statistics

Common Challenges in DevOps Change Management — Presentation Transcript

http://paper.li	4
http://twitter.com	1