Cookin’ up Hybrid Clouds: Chef and the Accenture Cloud Platform


Published on

Accenture is using Private Chef to be the management control point for the Accenture Cloud Platform, a cloud service broker, managing hybrid cloud environments and cloud-based applications for its clients and internal teams. In addition to broker services, the platform features tailored solutions for Infrastructure as a Services, Testing as a Service, Big Data Platforms, and various development offerings. During this presentation, Thomas Myers, the Chef lead on the project, will discuss the challenges and successes of integrating Chef into the Accenture Cloud Platform.

Published in: Technology, Self Improvement
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cookin’ up Hybrid Clouds: Chef and the Accenture Cloud Platform

  1. 1. Special of the DayCookin’ up hybrid clouds with Chefand the Accenture Cloud PlatformTom MyersApril 26, 2013Accenture is using Private Chef as themanagement control point for our newly launchedAccenture Cloud Platform.
  2. 2. Copyright © 2013 Accenture All rights reserved. 2Accenture Cloud PlatformGlobal footprintMultiple service providersMigrating from traditional tools to cloud native
  3. 3. Accenture Cloud Platform EcosystemHybrid Environment•  Accenture’s Common Hosting Platform•  Broad Collection of IaaS Providers- Azure, AWS, OpSource, Terremark…Geographical Requirements•  Operating Environment across five continents•  Soon to be six (how soon will we need Antarctica?)•  LatencyTransition•  From Traditional Tools•  To Cloud-native toolsBalance•  Platform Agility vs Customer Stability
  4. 4. ProvisioningTraditionalHardenedEnvironmentPublic/PrivateIaaS CloudOn-premiseand co-lo“clouds”
  5. 5. Accenture Cloud Platform EcosystemRemote Chef Proxy•  nginx extended to each provider•  Near file storage•  Answers several concerns…Internet Access•  Client requirements my forbid•  VPN requiredReduced Cost•  File transfer•  CacheBalance•  Platform Agility vs Customer Stability
  6. 6. EnvironmentsProductionTestPublic/PrivateIaaS CloudOn-premiseand co-lo“clouds”
  7. 7. Demo• VMs–  Private Chef A (PROD)–  Private Chef B (TEST)–  Node One (VM who has been recently provisioned)• Data Bag Example Usage:•  Add Local IP (role)•  Query status data bag• Environments–  Transfer (role) from PROD to TEST–  Rename (data bag) and Transfer (role) back to PROD
  8. 8. Role[bootstrap]Defaultinclude_recipe "bootstrap::_create_reports_item"include_recipe "hosts"include_recipe "chef-client::config"include_recipe "chef-client::service"if node.run_list.include?(role[migrate-chef-server])include_recipe "bootstrap::migrate_chef_server"elseinclude_recipe "bootstrap::core"endinclude_recipe "clone::cleanup_stash"asgard_report "bootstrap" dorequest_type bootstrapremember trueaction :okEnd
  9. 9. Role[bootstrap]Corecase node[platform_family]when "windows"include_recipe "bootstrap::windows"when "rhel"include_recipe "bootstrap::redhat"endinclude_recipe "bootstrap::options"include_recipe "manage-users"include_recipe "manage-networks"include_recipe "manage-storage"include_recipe "commands"
  10. 10. Role[bootstrap]Optionsnode[bootstrap][options].each do |option|include_recipe "#{option}::install"recipe_name = option_enabled?(option) ? enable : disableinclude_recipe "#{option}::#{recipe_name}"End(Attributes)default[bootstrap][options] = %w(patching zenoss-monitoring)
  11. 11. Data Bags• Provide common interface for back-end systems–  Back-end processing•  Write node-specific data•  Assign role to run list (if needed)•  Poll Reports data bag for results–  Node processing•  Remove node-specific data•  Write result to Reports data bag• Knife plug-in to support operations tasks• Easy clean-up
  12. 12. Change Server CookbookDefaultrequire fileutils# Everything runs in compile time. Will preempt any other recipes.# never run this recipe twicenode.run_list.delete("role[change-server]")node.run_list << role[change-server-done] timestamp for backup/restoretimestamp ="%Y%m%d.%H%M%S")hosts_file_path = node[:hosts][:config]node_name = Chef::Config[:node_name]rename_lists = data_bag(rename_nodes)rename_lists.each do |list_name|rename_list = data_bag_item(rename_nodes, list_name).raw_datanode_name = rename[node_name] || node_nameend
  13. 13. Change Server Cookbook# config parametersconf_dir = node[chef_client][conf_dir]client_rb_path = File.join(conf_dir, client.rb)validation_pem_path = File.join(conf_dir, validation.pem)client_pem_path = File.join(conf_dir, client.pem)attributes_json_path = File.join(conf_dir, change-server-attributes.json)backup(hosts_file_path, timestamp, true)backup(client_rb_path, timestamp)backup(validation_pem_path, timestamp)backup(client_pem_path, timestamp)delete_hostsfile_entries(node)create_child_chef_configuration(node, conf_dir, client_rb_path, validation_pem_path,client_pem_path, attributes_json_path)run_child_chef(node, client_rb_path, attributes_json_path, node_name)
  14. 14. Change Server Cookbookif File.exists?(client_pem_path) delete change-server-done from NEW servernode.run_list.delete(role[change-server-done])node.saveelselog_failure(client_rb_path, validation_pem_path, attributes_json_path)restore(hosts_file_path, timestamp)restore(client_rb_path, timestamp)restore(validation_pem_path, timestamp)restore(client_pem_path, timestamp)# delete change-server-done from OLD servernode.run_list.delete(role[change-server-done])node.saveend
  15. 15. Other Interesting IdeasSide by Side Chef (today)•  Allow existing chef-using clients to continue use of open-source chefwithout interruption until on-boarding process is available.Shared Org Cookbooks (coming soon)•  Allow organizations to share (read-only) cookbooks, enabling theinherent separation between orgs while allowing for a shared baselineof cookbooks.Handlers as Alerts (coming soon)•  Use handlers to alert our back-end systems to provide and alternativeto polling mechanisms.Web Service Knife Wrapper (coming soon)•  Consume the ability for knife to bootstrap a newly provisioned serverwithout requiring any modification to the default provider image via aweb service call from our back-end systems.
  16. 16. 16Copyright © 2013 Accenture All rights reserved.Questions?