Chef Fundamentals Training Series Module 4: The Chef Client Run and Expanding Our Cookbook

  • 6,455 views
Uploaded on

 

More in: Business , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
6,455
On Slideshare
0
From Embeds
0
Number of Embeds
9

Actions

Shares
Downloads
2,536
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Chef Fundamentals
  • 2. Chef Client Run and Expanding Our Cookbook Chef Fundamentals Webinar Series - Module 4 training@opscode.com
  • 3. Nathen Harvey • Technical Community Manager at Opscode • Co-host of the Food Fight Show Podcast • @nathenharvey • nharvey@opscode.com
  • 4. Quick Recap
  • 5. Checkpoint • In the last module we • bootstrapped a node using knife bootstrap • wrote a simple cookbook to deploy a simple webpage
  • 6. Where'd my Node go? • You still need an Ubuntu 10.04+ machine to manage • Launch a new instance in the training lab • Fire up a new Vagrant • Launch an new AMI Instance
  • 7. But it might not have worked • In some instances, the apt-cache was out of date • You can fix this! • sudo apt-get update
  • 8. Fix it the Chef way! • Create an apt cookboook • Use an execute resource • Add to the run list
  • 9. Dissecting your first chef-client run The Anatomy of a Chef run
  • 10. Objectives • Describe the steps of a chef-client run • Describe the basic security model of Chef
  • 11. chef-client
  • 12. chef-client build node
  • 13. chef-client build node Ohai! node_name platform platform_version
  • 14. chef-client build node authenticate
  • 15. chef-client build node expanded run list (recipes) authenticate sync cookbooks
  • 16. chef-client build node authenticate load cookbooks sync cookbooks
  • 17. chef-client build node authenticate converge load cookbooks sync cookbooks
  • 18. chef-client build node authenticate converge load cookbooks sync cookbooks success?
  • 19. chef-client build node authenticate converge load cookbooks sync cookbooks Yes success? node.save
  • 20. chef-client build node authenticate converge load cookbooks sync cookbooks Yes node.save No exception success?
  • 21. chef-client build node authenticate converge load cookbooks sync cookbooks Yes node.save notification handlers success? No exception
  • 22. Private Keys • Chef Server requires keys to authenticate. • client.pem - private key for API client • validation.pem - private key for ORGNAMEvalidator • Next, let’s see how those are used...
  • 23. /etc/chef/ client.pem?
  • 24. /etc/chef/ client.pem? Yes Sign Requests
  • 25. No /etc/chef/ client.pem? Yes Sign Requests /etc/chef/ validation.pem?
  • 26. No /etc/chef/ client.pem? Yes Sign Requests No /etc/chef/ validation.pem? 401!
  • 27. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client 401!
  • 28. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client client.pem 401!
  • 29. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client client.pem 401!
  • 30. Compile and Execute • Compile a Resource Collection • Execute the Resources in that Collection
  • 31. Introducing the Node object Attributes & Search
  • 32. Lesson Objectives • After completing the lesson, you will be able to • Explain what the Node object represents in Chef • List the Nodes in an organization • Show details about a Node • Describe what Node Attributes are • Retrieve a node attribute directly, and via search
  • 33. What is the Node object • A node is any physical, virtual, or cloud machines that is configured to be maintained by a Chef • When you are writing Recipes, the Node object is always available to you.
  • 34. Exercise: List nodes $ knife node list target1
  • 35. Exercise: List clients $ knife client list ORGNAME-validator target1
  • 36. Each node must have a unique name • Every node must have a unique name within an organization • Chef defaults to the Fully Qualified Domain Name of the server, i.e. in the format server.domain.com • We overrode it to "target1" to make typing easier
  • 37. Exercise: Show node details $ knife node show target1 Node Name: Environment: FQDN: IP: Run List: Roles: Recipes: Platform: Tags: target1 _default ip-10-154-155-107.ec2.internal 54.242.35.165 ubuntu 12.04
  • 38. What is the Node object • Nodes are made up of Attributes • Many are discovered automatically (platform, ip address, number of CPUs) • Many other objects in Chef can also add Node attributes (Cookbooks, Roles and Environments, Recipes, Attribute Files) • Nodes are stored and indexed on the Chef Server
  • 39. Exercise: Run Ohai on node opscode@target1:~$ sudo ohai | less { "languages": { "ruby": { }, "python": { "version": "2.7.3", "builddate": "Apr 10 2013, 06:20:15" }, "perl": { "version": "5.14.2", "archname": "x86_64-linux-gnu-thread-multi" } }, "kernel": {
  • 40. Exercise: Show all the node attributes $ knife node show target1 -l Node Name: Environment: FQDN: IP: Run List: Roles: Recipes: Platform: Tags: Attributes: tags: target1 _default ip-10-154-155-107.ec2.internal 54.242.35.165 ubuntu 12.04 Default Attributes: Override Attributes: Automatic Attributes (Ohai Data): block_device: loop0: removable: 0 size: 0
  • 41. Exercise: Show the raw node object $ knife node show target1 -Fj { "name": "target1", "chef_environment": "_default", "run_list": [], "normal": {"tags":[]} }
  • 42. Exercise: Show only the fqdn attribute $ knife node show target1 -a fqdn target1: fqdn: ip-10-154-155-107.ec2.internal
  • 43. Exercise: Use search to find the same data $ knife search node "*:*" -a fqdn 1 items found target1: fqdn: ip-10-154-155-107.ec2.internal
  • 44. Templates and Cross-platform Revisit the Apache Cookbook