Your SlideShare is downloading. ×
0
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
GeekAustin DevOps
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

GeekAustin DevOps

3,256

Published on

Chef 101 presentation from GeekAustin DevOps Series #1. Only about the first 60 of the slides were covered before we switched to Q&A.

Chef 101 presentation from GeekAustin DevOps Series #1. Only about the first 60 of the slides were covered before we switched to Q&A.

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,256
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
110
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Let’s Get Cooking with ChefSpeaker:Matt Ray Senior Technical Evangelist ‣ matt@opscode.com ‣ @mattray Copyright © 2011 Opscode, Inc - All Rights Reserved 1
  • 2. AgendaChef 101Getting StartedCooking with Chef Copyright © 2011 Opscode, Inc - All Rights Reserved 2
  • 3. Developer, SysAdmin, Hacker,Community ManagerMany biz & dev environmentsOpscode: Training, Services &Evangelism Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/anotherphotograph/2100904507/sizes/o/ 3
  • 4. Developers?Systems Administrators? http://www.flickr.com/photos/timyates/2854357446/sizes/l/ Copyright © 2011 Opscode, Inc - All Rights Reserved 4
  • 5. The Opscode Platform is our Chef Server http://www.opscode.com Copyright © 2011 Opscode, Inc - All Rights Reserved 5
  • 6. Copyright © 2011 Opscode, Inc - All Rights Reserved 6http://www.brooklynstreetart.com/theBlog/wp-content/uploads/2008/12/swedish_chef_bork-sleeper-cell.jpg
  • 7. Copyright © 2011 Opscode, Inc - All Rights Reserved 7
  • 8. Chef enables infrastructure as code Manage configuration as idempotent Resources. Put them together in Recipes. Track it like Source Code. Configure your servers. package "haproxy" do action :install end template "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do action [:enable, :start] end Copyright © 2011 Opscode, Inc - All Rights Reserved 8
  • 9. At a High Level...‣ A library for configuration management‣ A configuration management system‣ A systems integration platform‣ An API for your entire Infrastructure http://www.flickr.com/photos/asten/2159525309/sizes/l/
  • 10. Fully automated Infrastructure Copyright © 2011 Opscode, Inc - All Rights Reserved 10
  • 11. PrinciplesIdempotentData-drivenSane defaultsHackabilityTMTOWTDI Copyright © 2011 Opscode, Inc - All Rights Reserved 11
  • 12. Multiple applications of an operation do not change the result Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/redjar/360111326/ 12
  • 13. We start with APIs, you supply data Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/ninjanoodles/153893226/ 13
  • 14. option :json_attribs, :short => "-j JSON_ATTRIBS", :long => "--json-attributes JSON_ATTRIBS", :description => "Load attributes from aJSON file or URL", :proc => nil option :node_name, :short => "-N NODE_NAME", :long => "--node-name NODE_NAME", :description => "The node name for thisclient", Defaults are sane, but :proc => nil easily changed Copyright © 2011 Opscode, Inc - All Rights Reserved 14
  • 15. Open source and community Copyright © 2011 Opscode, Inc - All Rights Reserved 15
  • 16. Copyright © 2011 Opscode, Inc - All Rights Reserved 16
  • 17. Tim Toady is a Perl motto Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/lidarose/225156612 17
  • 18. The world moves pretty fastPrimitivesEnable YOUKnow your systems http://www.flickr.com/photos/gi/518613153/sizes/o/ Copyright © 2011 Opscode, Inc - All Rights Reserved 18
  • 19. You better be ready!Sysadmins are programmersYou need a 3GL http://www.flickr.com/photos/gi/518613153/sizes/o/ Copyright © 2011 Opscode, Inc - All Rights Reserved 19
  • 20. Do I need to know Ruby?A littleSimple syntaxComplex as you scale Copyright © 2011 Opscode, Inc - All Rights Reserved 20
  • 21. A Tour of Chef Copyright © 2011 Opscode, Inc - All Rights Reserved 21
  • 22. Chef Client runs on your systems Copyright © 2011 Opscode, Inc - All Rights Reserved 22
  • 23. Chef Client runs on your systems ohai! Copyright © 2011 Opscode, Inc - All Rights Reserved 23
  • 24. Clients talk to a Chef Server Copyright © 2011 Opscode, Inc - All Rights Reserved 24
  • 25. Opscode Platformthe central, highly scalable, multi-tenant configuration service from Opscode... a hosted Chef Server Copyright © 2011 Opscode, Inc. – Confidential – Do Not Redistribute 25
  • 26. Clients authenticate with RSA keys Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/debbcollins/3401944550/ 26
  • 27. Chef Server Chef Server API Client InteractionSearch Indexer AMQP SOLR CouchDB Data store Copyright © 2011 Opscode, Inc - All Rights Reserved 27
  • 28. RESTful API w/ JSON responses Copyright © 2011 Opscode, Inc - All Rights Reserved 28
  • 29. Chef can also stand alone - Chef Solo Copyright © 2011 Opscode, Inc - All Rights Reserved 29
  • 30. We call each system you configure a Node Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/peterrosbjerg/3913766224/ 30
  • 31. Nodes have Attributes Kernel info!{ "kernel": { "machine": "x86_64", "name": "Darwin", "os": "Darwin", "version": "Darwin Kernel Version 10.4.0: Fri Apr 23 18:28:53 PDT 2010;root:xnu-1504.7.4~1/RELEASE_I386", "release": "10.4.0" }, "platform_version": "10.6.4", "platform": "mac_os_x", "platform_build": "10F569", "domain": "local", Platform info! "os": "darwin", "current_user": "mray", "ohai_time": 1278602661.60043, "os_version": "10.4.0", "uptime": "18 days 17 hours 49 minutes 18 seconds", "ipaddress": "10.13.37.116", "hostname": "morbo", "fqdn": "morbomorbo.local", Hostname and IP! "uptime_seconds": 1619358} Copyright © 2011 Opscode, Inc - All Rights Reserved 31
  • 32. Attributes are Searchable$ knife search node ‘platform:mac_os_x’ search(:node, ‘platform:mac_os_x’) Copyright © 2011 Opscode, Inc - All Rights Reserved 32
  • 33. Nodes have a Run ListWhat Roles or Recipes to apply in Order Copyright © 2011 Opscode, Inc - All Rights Reserved 33
  • 34. Nodes have a Run List% knife node show web01-prod.example.com -r{ "run_list": [ "role[production]", "role[webserver]" ]} Copyright © 2011 Opscode, Inc - All Rights Reserved 34
  • 35. Nodes have Roles Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/laenulfean/374398044/ 35
  • 36. RolesDescribe the node ‣ webserver ‣ dbserver ‣ monitoring ‣ ... etc Copyright © 2011 Opscode, Inc - All Rights Reserved 36
  • 37. Roles have a Run ListWhat Roles or Recipes to apply in Order Copyright © 2011 Opscode, Inc - All Rights Reserved 37
  • 38. name "webserver"description "Systems that serve HTTP traffic"run_list( "role[base]", Can include "recipe[apache2]", other roles! "recipe[apache2::mod_ssl]")default_attributes( "apache" => { "listen_ports" => [ "80", "443" ] })override_attributes( "apache" => { "max_children" => "50" }) Copyright © 2011 Opscode, Inc - All Rights Reserved 38
  • 39. % knife role show webserver{ "name": "webserver", "default_attributes": { "apache": { Uploading roles to "listen_ports": [ the Chef Server "80", "443" converts Ruby DSL ] } to JSON! }, "json_class": "Chef::Role", "run_list": [ "role[base]", "recipe[apache2]", "recipe[apache2::mod_ssl]" ], "description": "Systems that serve HTTP traffic", "chef_type": "role", "override_attributes": { "apache2": { "max_children": "50" } }} Copyright © 2011 Opscode, Inc - All Rights Reserved 39
  • 40. Roles are Searchable$ knife search role ‘max_children:50’ search(:role, ‘max_children:50’) Copyright © 2011 Opscode, Inc - All Rights Reserved 40
  • 41. Chef managesResources on Nodes Copyright © 2011 Opscode, Inc - All Rights Reserved 41
  • 42. Resources... Declare a description of the state a part of the node should be in‣ Have a type package "apache2" do version "2.2.11-2ubuntu2.6" action :install‣ Have a name end template "/etc/apache2/apache2.conf" do‣ Have parameters source "apache2.conf.erb" owner "root"‣ Take action to put the group "root" mode 0644 resource in the action :create declared state end
  • 43. Resources take action through Providers Copyright © 2011 Opscode, Inc - All Rights Reserved 43
  • 44. Providers... Know how to actually perform the actions specified by a resource. Apt, Yum, Rubygems, Multiple providers per resource type. Portage, Macports, FreeBSD Ports, etc. Can beoverridden with package "apache2" do provider "Chef::Provider::Package::Dpkg" the provider action :installparameter on a end resource. http://www.flickr.com/photos/affableslinky/562950216/
  • 45. ResourcesPlatformProvider http://www.flickr.com/photos/acurbelo/2628837104/sizes/o/
  • 46. Chef::Platform:ubuntu => { :default => { :package => Chef::Provider::Package::Apt, :service => Chef::Provider::Service::Debian, :cron => Chef::Provider::Cron, :mdadm => Chef::Provider::Mdadm }}, Copyright © 2011 Opscode, Inc - All Rights Reserved 46
  • 47. Recipes are lists of Resources http://www.flickr.com/photos/roadsidepictures/2478953342/sizes/o/ Copyright © 2011 Opscode, Inc - All Rights Reserved 47
  • 48. Recipes... Apply resources in the order they are specified package "apache2" do version "2.2.11-2ubuntu2.6" action :install 1‣ Evaluates resources in [ end 1 the order they appear "package[apache2]", "template[/etc/apache2/apache2.conf]" template "/etc/apache2/apache2.conf" do 2 ] source "apache2.conf.erb"‣ Adds each resource to owner "root" the Resource Collection group "root" mode 0644 action :create 2 end http://www.flickr.com/photos/roadsidepictures/2478953342/sizes/o/
  • 49. Order Matters Copyright © 2011 Opscode, Inc - All Rights Reserved 49
  • 50. Recipes are just Ruby! extra_packages = case node[:platform] when "ubuntu","debian" %w{ ruby1.8 ruby1.8-dev rdoc1.8 ri1.8 libopenssl-ruby } end extra_packages.each do |pkg| package pkg do action :install end end Copyright © 2011 Opscode, Inc - All Rights Reserved 50
  • 51. Cookbooks arepackages for Recipes Copyright © 2011 Opscode, Inc - All Rights Reserved 51
  • 52. CookbooksDistributableInfrastructure as CodeVersion control repository Copyright © 2011 Opscode, Inc - All Rights Reserved 52
  • 53. Common Cookbook ComponentsRecipesAssets (files/templates)AttributesMetadata Copyright © 2011 Opscode, Inc - All Rights Reserved 53
  • 54. Cookbook assetsFiles ‣ Static assets ‣ Downloaded via cookbook_file ‣ File specificityTemplates ‣ Dynamic assets ‣ ERB (erubis) ‣ File specificity Copyright © 2011 Opscode, Inc - All Rights Reserved 54
  • 55. CookbooksAttributes ‣ Node attributes ‣ default, normal, override default[:apache][:listen_ports] = [ "80","443" ] default[:apache][:keepalive] = "On" default[:apache][:contact] = "ops@example.com" default[:apache][:timeout] = 300 set[:apache][:log_dir] = "/var/log/apache2" set[:apache][:user] = "www-data" override[:apache][:dir] = "/etc/apache2" Copyright © 2011 Opscode, Inc - All Rights Reserved 55
  • 56. Cookbooks Metadatacookbooks/django/metadata.rbmaintainer "Opscode, Inc."maintainer_email "cookbooks@opscode.com"license "Apache 2.0"description "Installs DJango"long_description IO.read(File.join(File.dirname(__FILE__),README.rdoc))version "0.8.0"recipe "django", "Installs django and apache2 with mod_python"%w{ ubuntu debian }.each do |os| supports osend%w{ apache2 python }.each do |cb| depends cbend Copyright © 2011 Opscode, Inc - All Rights Reserved 56
  • 57. Cookbooks are shareable! cookbooks.opscode.com Copyright © 2011 Opscode, Inc - All Rights Reserved 57
  • 58. Data bags store arbitrary data Copyright © 2011 Opscode, Inc - All Rights Reserved 58
  • 59. A user data bag item...% knife data bag show users mray{ "comment": "Matt Ray", "groups": "sysadmin", "ssh_keys": "ssh-rsa SUPERSEKRATS mray@morbo", "files": { ".bashrc": { "mode": "0644", "source": "dot-bashrc" }, ".emacs": { "mode": "0644", "source": "dot-emacs" } }, "id": "mray", "uid": 7004, "shell": "/usr/bin/bash" } Copyright © 2011 Opscode, Inc - All Rights Reserved
  • 60. Data Bags are Searchable$ knife search users ‘shell:/bin/bash’ search(:users, ‘/bin/bash’) Copyright © 2011 Opscode, Inc - All Rights Reserved 60
  • 61. bash_users = search(:users, shell:/bin/bash) bash_users.each do |u| user u[id] do uid u[id] shell "/usr/bin/zsh" comment u[comment] supports :manage_home => trueData bags make recipes home "/home/#{u[id]}" end awesome-r (that’s directory "/home/#{u[id]}/.ssh" do owner u[id] group u[id] mode 0700 totally a word) end template "/home/#{u[id]}/.ssh/authorized_keys" do source "authorized_keys.erb" owner u[id] group u[id] mode 0600 variables :ssh_keys => u[ssh_keys] end end Copyright © 2011 Opscode, Inc - All Rights Reserved 61
  • 62. Environments manageversioned infrastructure Copyright © 2011 Opscode, Inc - All Rights Reserved 62
  • 63. JSON or Ruby DSL and Versionedname "dev"description "The development environment"cookbook_versions  "couchdb" => "11.0.0"attributes "apache2" => { "listen_ports" => [ "80", "443" ] } Copyright © 2011 Opscode, Inc - All Rights Reserved 63
  • 64. Command-line API utility, Knife http://www.flickr.com/photos/myklroventine/3474391066/ Copyright © 2011 Opscode, Inc - All Rights Reserved 64
  • 65. Nodes, Roles, DataBags are Searchable% knife search node “role:webserver” search(:users, “group:sysadmins”) Copyright © 2011 Opscode, Inc - All Rights Reserved 65
  • 66. http://www.flickr.com/photos/38299630@N05/3635356091/ Copyright © 2011 Opscode, Inc - All Rights Reserved 66
  • 67. Getting Started Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/rowens27/3163470179/ 67
  • 68. Debian Mac OS X SuSE CentOS Gentoo Solaris ArchLinuxOpenBSD Platforms Windows FreeBSD Ubuntu Red Hat Fedora Scientific Copyright © 2011 Opscode, Inc - All Rights Reserved 68
  • 69. RubyCopyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/thisisbossi/3526698689/ 69
  • 70. Today’s ExamplesOpscode PlatformMac OS X 10.6.6Ubuntu 10.04RubyGems Copyright © 2011 Opscode, Inc - All Rights Reserved 70
  • 71. The Opscode Platform is our Chef Server http://www.opscode.com Copyright © 2011 Opscode, Inc - All Rights Reserved 71
  • 72. RubyGems Installationcd /tmpwget http://production.cf.rubygems.org/rubygems/rubygems-1.3.7.tgz -O- | tar zxf -cd rubygems-1.3.7 && sudo ruby setup.rbln -svf /usr/bin/gem1.8 /usr/bin/gemsudo gem install chef Copyright © 2011 Opscode, Inc - All Rights Reserved 72
  • 73. apt.opscode.com Copyright © 2011 Opscode, Inc - All Rights Reserved 73
  • 74. ELFF Yum Repo Copyright © 2011 Opscode, Inc - All Rights Reserved 74
  • 75. Create Chef Repository% git clone git://github.com/opscode/chef-repo.git% cd chef-repo% ls -ladrwxr-xr-x 13 mray staff 442 Jul 7 16:48 ./drwxr-xr-x 3 mray staff 102 Jul 7 15:54 ../drwxr-xr-x 5 mray staff 170 Jul 7 17:55 .chef/drwxr-xr-x 12 mray staff 408 Jul 7 16:48 .git/-rw-r--r-- 1 mray staff 23 Jul 7 16:48 .gitignore-rw-r--r-- 1 mray staff 269 Jul 7 15:54 README-rw-r--r-- 1 mray staff 2171 Jul 7 15:54 Rakefiledrwxr-xr-x 3 mray staff 102 Jul 7 15:54 certificates/drwxr-xr-x 7 mray staff 238 Jul 7 17:03 config/drwxr-xr-x 3 mray staff 102 Jul 7 15:54 cookbooks/drwxr-xr-x 3 mray staff 102 Jul 7 15:54 data_bags/drwxr-xr-x 3 mray staff 102 Jul 7 15:54 roles/drwxr-xr-x 3 mray staff 102 Jul 7 15:54 site-cookbooks/ Copyright © 2011 Opscode, Inc - All Rights Reserved 75
  • 76. Copyright © 2011 Opscode, Inc - All Rights Reserved 76
  • 77. Setup User Environment cp USERNAME.pem ~/chef-repo/.chef cp ORG-validator.pem ~/chef-repo/.chef cp knife.rb ~/chef-repo/.chef Copyright © 2011 Opscode, Inc - All Rights Reserved 77
  • 78. Configure Knife% cat .chef/knife.rbcurrent_dir = File.dirname(__FILE__)log_level :infolog_location STDOUTnode_name "oscon"client_key "#{current_dir}/oscon.pem"validation_client_name "oscon-validator"validation_key "#{current_dir}/oscon-validator.pem"chef_server_url "https://api.opscode.com/organizations/oscon"cache_type BasicFilecache_options( :path => "#{ENV[HOME]}/.chef/checksums" )cookbook_path ["#{current_dir}/../cookbooks"] Per-directory configuration! Copyright © 2011 Opscode, Inc - All Rights Reserved 78
  • 79. Explore Knife’s sub- commands Copyright © 2011 Opscode, Inc - All Rights Reserved 79
  • 80. Knife Sub-commandsknife NOUN verb NOUN (options) knife client list knife node show morbo.local knife role show webserver knife search node “*:*” -i knife --help Copyright © 2011 Opscode, Inc - All Rights Reserved 80
  • 81. Configure Chef on workstation% knife configure client /etc/chefINFO: Creating client configurationINFO: Writing client.rbINFO: Writing validation.pem% ls -l /etc/chef/total 24-rw-r--r-- 1 mray staff 151 Jul 8 21:29 client.rb-rw-r--r--@ 1 mray staff 1679 Jul 8 21:29 validation.pem Copyright © 2011 Opscode, Inc - All Rights Reserved 81
  • 82. Chef::Configlog_level :infolog_location STDOUTchef_server_url https://api.opscode.com/organizations/osconvalidation_client_name oscon-validatorhttp://wiki.opscode.com/display/chef/Chef+Configuration+Settings Copyright © 2011 Opscode, Inc - All Rights Reserved 82
  • 83. Download getting- started cookbook% knife cookbook site vendor getting-startedINFO: Downloading getting-started from the cookbooks site at version0.2.0...INFO: Cookbook getting-started version 0.2.0 successfully vendored! Copyright © 2011 Opscode, Inc - All Rights Reserved 83
  • 84. Copyright © 2011 Opscode, Inc - All Rights Reserved 84
  • 85. git checkout -b chef-vendor-#{name_args[0]} Copyright © 2011 Opscode, Inc - All Rights Reserved 85
  • 86. Upload getting-started to Chef Server% knife cookbook upload getting-startedINFO: Saving getting-startedINFO: Validating ruby filesINFO: Validating templatesINFO: Syntax OKINFO: Generating MetadataINFO: Uploading files...INFO: Upload complete! Copyright © 2011 Opscode, Inc - All Rights Reserved 86
  • 87. Apply getting-started Recipe to workstation% knife node run list add morbo.local "recipe[getting-started]"{ "run_list": [ "recipe[getting-started]" ]} Copyright © 2011 Opscode, Inc - All Rights Reserved 87
  • 88. Run chef-client!% sudo chef-client[Thu, 08 Jul 2010 21:35:49 -0600] INFO: Starting Chef Run[Thu, 08 Jul 2010 21:35:55 -0600] INFO: Writing updated content fortemplate[/tmp/chef-getting-started.txt] to /tmp/chef-getting-started.txt[Thu, 08 Jul 2010 21:35:56 -0600] INFO: Chef Run complete in 6.650602seconds% cat /tmp/chef-getting-started.txtWelcome to Chef!This is Chef version 0.9.14.beta.1Running on mac_os_x.Version 10.6.6. Copyright © 2011 Opscode, Inc - All Rights Reserved 88
  • 89. Inside the getting-started cookbook Copyright © 2011 Opscode, Inc - All Rights Reserved 89
  • 90. http://www.flickr.com/photos/38299630@N05/3635356091/ Copyright © 2011 Opscode, Inc - All Rights Reserved 90
  • 91. Cooking with Chef Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/mr_t_in_dc/3305638738/ 91
  • 92. remote_file linkcookbook_file service ruby_blocktemplate Chef Resources inexecute Depth user bash git package log deploy http_request Copyright © 2011 Opscode, Inc - All Rights Reserved 92
  • 93. Resources haveparameters and actions Copyright © 2011 Opscode, Inc - All Rights Reserved 93
  • 94. Resource Parameters and ActionsMost resources have defaultsDefaults are sane ‣ http://wiki.opscode.com/display/chef/Resources Copyright © 2011 Opscode, Inc - All Rights Reserved 94
  • 95. packages package "apache2" do action :install endActions: install, upgrade, remove, purge Copyright © 2011 Opscode, Inc - All Rights Reserved 95
  • 96. Package shortcutsMap to providersgem_packagedpkg_packagerpm_packageAnd more! Copyright © 2011 Opscode, Inc - All Rights Reserved 96
  • 97. services service "apache2" do action [ :enable, :start ] endActions: enable, disable, start, stop, restart, reload Copyright © 2011 Opscode, Inc - All Rights Reserved 97
  • 98. init script capabilities service "apache2" do supports( :status => true, :restart => true, :reload => true ) action [ :enable, :start ] end Copyright © 2011 Opscode, Inc - All Rights Reserved 98
  • 99. filesfile "/etc/chef/client.rb" do owner "root" group "root" mode 0644 action :createend Actions: create, delete, touch Copyright © 2011 Opscode, Inc - All Rights Reserved 99
  • 100. file content!file "/tmp/example" do content "This is a file!"endfile "/tmp/example2" do content IO.read("/etc/hosts")end Content is a string Copyright © 2011 Opscode, Inc - All Rights Reserved 100
  • 101. remote_fileremote_file "/tmp/nginx-0.7.67.tar.gz" do source "http://sysoev.ru/nginx/nginx-0.7.67.tar.gz" action :create_if_missingend Actions: create, create_if_missing Copyright © 2011 Opscode, Inc - All Rights Reserved 101
  • 102. cookbook_filecookbook_file "/etc/perl/CPAN/Config.pm" do source "Config-5.10.1.pm" owner "root" group "root" mode 0644end Actions: create, create_if_missing, delete Copyright © 2011 Opscode, Inc - All Rights Reserved 102
  • 103. templatetemplate "/etc/apache2/ports.conf" do source "ports.conf.erb" owner "root" group "root" mode 0644end Actions: create Copyright © 2011 Opscode, Inc - All Rights Reserved 103
  • 104. local templatestemplate "/tmp/config.conf" do local true source "/tmp/config.conf.erb"end Copyright © 2011 Opscode, Inc - All Rights Reserved 104
  • 105. templates are ERB<% node[:apache][:listen_ports].each do |port| -%>Listen <%= port %>NameVirtualHost *:<%= port %><% end -%> Copyright © 2011 Opscode, Inc - All Rights Reserved 105
  • 106. Cookbook and Template File Specificity Copyright © 2011 Opscode, Inc - All Rights Reserved 106
  • 107. preferences = [ File.join("host-#{fqdn}", "#{file_name}"), File.join("#{platform}-#{version}", "#{file_name}"), File.join("#{platform}", "#{file_name}"), File.join("default", "#{file_name}")] host-node[:fqdn] node[:platform]-node[:version] node[:platform] default files/web1prod.example.com files/ubuntu-9.10 files/ubuntu files/default Copyright © 2011 Opscode, Inc - All Rights Reserved 107
  • 108. executeexecute "apt-get update" do action :runend Actions: run Copyright © 2011 Opscode, Inc - All Rights Reserved 108
  • 109. scriptbash "compile_nginx_source" do cwd "/tmp" code <<-EOH tar zxf nginx-0.7.67.tar.gz cd nginx-0.7.67 && ./configure make && make install EOHendInterpreters: bash, ruby, python, perl, csh Copyright © 2011 Opscode, Inc - All Rights Reserved 109
  • 110. ruby_blockruby_block "save the node" do block do node.save endend Action: create Copyright © 2011 Opscode, Inc - All Rights Reserved 110
  • 111. scm: git...git "/srv/apps/chef" do repository "git://github.com/opscode/chef.git" reference "0.9.6" action :checkoutend Actions: sync, checkout, export Copyright © 2011 Opscode, Inc - All Rights Reserved 111
  • 112. ...and subversionsubversion "/srv/couchdb" do repository "http://svn.apache.org/repos/asf/couchdb/trunk" revision "HEAD" action :syncend Actions: sync, checkout, export Copyright © 2011 Opscode, Inc - All Rights Reserved 112
  • 113. deployhttp://wiki.opscode.com/display/chef/Deploy+Resource Actions: deploy, force_deploy, rollback Copyright © 2011 Opscode, Inc - All Rights Reserved 113
  • 114. deploy "/srv/radiant" do repo "git://github.com/radiant/radiant.git" revision "HEAD" user "railsdev" migrate true migration_command "rake db:migrate" environment "production" restart_command "touch tmp/restart.txt" action :deployend Copyright © 2011 Opscode, Inc - All Rights Reserved 114
  • 115. Meta-parameter madness! Copyright © 2011 Opscode, Inc - All Rights Reserved 115
  • 116. action :nothing Copyright © 2011 Opscode, Inc - All Rights Reserved 116
  • 117. not_if & only_if Copyright © 2011 Opscode, Inc - All Rights Reserved 117
  • 118. execute "runit-hup-init" do command "telinit q" only_if "grep ^SV /etc/inittab" action :nothingendexecute "rabbitmqctl add_vhost /chef" do not_if "rabbitmqctl list_vhosts| grep /chef"end Enclose in quotes for shell commands or use a do..end or { } style ruby block Copyright © 2011 Opscode, Inc - All Rights Reserved 118
  • 119. Resource notificationtemplate "nginx.conf" do path "/etc/nginx/nginx.conf" source "nginx.conf.erb" owner "root" group "root" mode "0644" notifies :restart, resources(:service =>"nginx")end Copyright © 2011 Opscode, Inc - All Rights Reserved 119
  • 120. supports Copyright © 2011 Opscode, Inc - All Rights Reserved 120
  • 121. Anatomy of a Chef Run Copyright © 2011 Opscode, Inc - All Rights Reserved 121
  • 122. Anatomy of a Chef RunNode discoverySet the node nameRegister with server Copyright © 2011 Opscode, Inc - All Rights Reserved 122
  • 123. Anatomy of a Chef RunBuild node object ‣ node.saveSynchronize cookbooks ‣ node.saveConverge ‣ node.save Copyright © 2011 Opscode, Inc - All Rights Reserved 123
  • 124. Chef Run ConvergenceCompileExecute Copyright © 2011 Opscode, Inc - All Rights Reserved 124
  • 125. Development workflow with Chef Copyright © 2011 Opscode, Inc - All Rights Reserved http://www.flickr.com/photos/kylemay/1393258810/ 125
  • 126. Development workflowGather requirementsWrite recipesCommit to repositoryRun Chef in testingRun Chef in production Copyright © 2011 Opscode, Inc - All Rights Reserved 126
  • 127. http://www.flickr.com/photos/38299630@N05/3635356091/ Copyright © 2011 Opscode, Inc - All Rights Reserved 127
  • 128. Automating the Cloud with Chef http://www.flickr.com/photos/46183897@N00/3442880227/sizes/l/ Copyright © 2011 Opscode, Inc - All Rights Reserved 128
  • 129. Add your Cloud credentials to knife.rb vi ~/chef-repo/.chef/knife.rb# Cloud credentialsknife[:aws_access_key_id] = ENV[AWS_ACCESS_KEY_ID]knife[:aws_secret_access_key] = ENV[AWS_SECRET_ACCESS_KEY] Copyright © 2011 Opscode, Inc - All Rights Reserved 129
  • 130. Download some cookbooks% knife cookbook site vendor nagios -dINFO: Downloading nagios from the cookbooks site at version 0.3.3...INFO: Cookbook nagios version 0.3.3 successfully vendored!INFO: Downloading apache2 from the cookbooks site at version 0.12.0INFO: Cookbook apache2 version 0.12.0 successfully vendored! Uses the “vendor branch” pattern, so you can make changes and track the upstream Copyright © 2011 Opscode, Inc - All Rights Reserved 130
  • 131. Upload Cookbooks! knife cookbook upload -a These run as root, kids.Let’s not blindly trust the upstream too much! Copyright © 2011 Opscode, Inc - All Rights Reserved 131
  • 132. Build some roles% vi roles/monitoring.rbname "monitoring"description "Nagios monitoring server"run_list( "role[base]”, “recipe[nagios::server]")override_attributes( "apache" => { "allowed_openids" => "http://mray.myopenid.com/" }) Copyright © 2011 Opscode, Inc - All Rights Reserved 132
  • 133. Upload Roles% knife role from file roles/monitoring.rbWARN: HTTP Request Returned 404 Not Found: Cannot load role monitoringWARN: Updated Role monitoring!% ls rolesREADME base.rb monitoring.rb production.rb webserver.rb% rake roles(in /Users/mray/Development/oscon/chef-repo)WARN: HTTP Request Returned 404 Not Found: Cannot load role baseWARN: Updated Role base!WARN: Updated Role monitoring!WARN: HTTP Request Returned 404 Not Found: Cannot load role productionWARN: Updated Role production!WARN: HTTP Request Returned 404 Not Found: Cannot load role webserverWARN: Updated Role webserver! Copyright © 2011 Opscode, Inc - All Rights Reserved 133
  • 134. Launch a new Monitoring Serverknife ec2 server create ‘role[monitoring]’ Copyright © 2011 Opscode, Inc - All Rights Reserved 134
  • 135. Chef runs on your new server sudo chef-clientINFO: Starting Chef Run...INFO: Chef Run complete in 211.852033 seconds Automatically. Copyright © 2011 Opscode, Inc - All Rights Reserved 135
  • 136. Shef is Chef in IRB Copyright © 2011 Opscode, Inc - All Rights Reserved 136
  • 137. Resources/Questionswww.opscode.comIRC and Mailing lists ‣ irc.freenode.net #chef ‣ lists.opscode.comTwitter: ‣ @opscode, #opschef ‣ @mattrayQuestions? Copyright © 2011 Opscode, Inc - All Rights Reserved 137

×