Chef Fundamentals Training Series Module 4: The Chef Client Run and Expanding Our Cookbook

8,266 views
7,947 views

Published on

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
8,266
On SlideShare
0
From Embeds
0
Number of Embeds
2,053
Actions
Shares
0
Downloads
2,713
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Chef Fundamentals Training Series Module 4: The Chef Client Run and Expanding Our Cookbook

  1. 1. Chef Fundamentals
  2. 2. Chef Client Run and Expanding Our Cookbook Chef Fundamentals Webinar Series - Module 4 training@opscode.com
  3. 3. Nathen Harvey • Technical Community Manager at Opscode • Co-host of the Food Fight Show Podcast • @nathenharvey • nharvey@opscode.com
  4. 4. Quick Recap
  5. 5. Checkpoint • In the last module we • bootstrapped a node using knife bootstrap • wrote a simple cookbook to deploy a simple webpage
  6. 6. Where'd my Node go? • You still need an Ubuntu 10.04+ machine to manage • Launch a new instance in the training lab • Fire up a new Vagrant • Launch an new AMI Instance
  7. 7. But it might not have worked • In some instances, the apt-cache was out of date • You can fix this! • sudo apt-get update
  8. 8. Fix it the Chef way! • Create an apt cookboook • Use an execute resource • Add to the run list
  9. 9. Dissecting your first chef-client run The Anatomy of a Chef run
  10. 10. Objectives • Describe the steps of a chef-client run • Describe the basic security model of Chef
  11. 11. chef-client
  12. 12. chef-client build node
  13. 13. chef-client build node Ohai! node_name platform platform_version
  14. 14. chef-client build node authenticate
  15. 15. chef-client build node expanded run list (recipes) authenticate sync cookbooks
  16. 16. chef-client build node authenticate load cookbooks sync cookbooks
  17. 17. chef-client build node authenticate converge load cookbooks sync cookbooks
  18. 18. chef-client build node authenticate converge load cookbooks sync cookbooks success?
  19. 19. chef-client build node authenticate converge load cookbooks sync cookbooks Yes success? node.save
  20. 20. chef-client build node authenticate converge load cookbooks sync cookbooks Yes node.save No exception success?
  21. 21. chef-client build node authenticate converge load cookbooks sync cookbooks Yes node.save notification handlers success? No exception
  22. 22. Private Keys • Chef Server requires keys to authenticate. • client.pem - private key for API client • validation.pem - private key for ORGNAMEvalidator • Next, let’s see how those are used...
  23. 23. /etc/chef/ client.pem?
  24. 24. /etc/chef/ client.pem? Yes Sign Requests
  25. 25. No /etc/chef/ client.pem? Yes Sign Requests /etc/chef/ validation.pem?
  26. 26. No /etc/chef/ client.pem? Yes Sign Requests No /etc/chef/ validation.pem? 401!
  27. 27. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client 401!
  28. 28. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client client.pem 401!
  29. 29. No /etc/chef/ client.pem? No /etc/chef/ validation.pem? Yes Yes Sign Requests Request API Client client.pem 401!
  30. 30. Compile and Execute • Compile a Resource Collection • Execute the Resources in that Collection
  31. 31. Introducing the Node object Attributes & Search
  32. 32. Lesson Objectives • After completing the lesson, you will be able to • Explain what the Node object represents in Chef • List the Nodes in an organization • Show details about a Node • Describe what Node Attributes are • Retrieve a node attribute directly, and via search
  33. 33. What is the Node object • A node is any physical, virtual, or cloud machines that is configured to be maintained by a Chef • When you are writing Recipes, the Node object is always available to you.
  34. 34. Exercise: List nodes $ knife node list target1
  35. 35. Exercise: List clients $ knife client list ORGNAME-validator target1
  36. 36. Each node must have a unique name • Every node must have a unique name within an organization • Chef defaults to the Fully Qualified Domain Name of the server, i.e. in the format server.domain.com • We overrode it to "target1" to make typing easier
  37. 37. Exercise: Show node details $ knife node show target1 Node Name: Environment: FQDN: IP: Run List: Roles: Recipes: Platform: Tags: target1 _default ip-10-154-155-107.ec2.internal 54.242.35.165 ubuntu 12.04
  38. 38. What is the Node object • Nodes are made up of Attributes • Many are discovered automatically (platform, ip address, number of CPUs) • Many other objects in Chef can also add Node attributes (Cookbooks, Roles and Environments, Recipes, Attribute Files) • Nodes are stored and indexed on the Chef Server
  39. 39. Exercise: Run Ohai on node opscode@target1:~$ sudo ohai | less { "languages": { "ruby": { }, "python": { "version": "2.7.3", "builddate": "Apr 10 2013, 06:20:15" }, "perl": { "version": "5.14.2", "archname": "x86_64-linux-gnu-thread-multi" } }, "kernel": {
  40. 40. Exercise: Show all the node attributes $ knife node show target1 -l Node Name: Environment: FQDN: IP: Run List: Roles: Recipes: Platform: Tags: Attributes: tags: target1 _default ip-10-154-155-107.ec2.internal 54.242.35.165 ubuntu 12.04 Default Attributes: Override Attributes: Automatic Attributes (Ohai Data): block_device: loop0: removable: 0 size: 0
  41. 41. Exercise: Show the raw node object $ knife node show target1 -Fj { "name": "target1", "chef_environment": "_default", "run_list": [], "normal": {"tags":[]} }
  42. 42. Exercise: Show only the fqdn attribute $ knife node show target1 -a fqdn target1: fqdn: ip-10-154-155-107.ec2.internal
  43. 43. Exercise: Use search to find the same data $ knife search node "*:*" -a fqdn 1 items found target1: fqdn: ip-10-154-155-107.ec2.internal
  44. 44. Templates and Cross-platform Revisit the Apache Cookbook

×