This document discusses emerging patterns and anti-patterns in using Chef for configuration management. It identifies several anti-patterns such as copying community cookbooks into one repository and manually uploading files to the Chef server. It also outlines best practices for using Chef such as developing small, single purpose cookbooks; using roles as cookbooks; continuous integration of cookbooks; and testing cookbooks. The document provides advice on developing reusable cookbooks and using tools like Vagrant, Librarian and Test Kitchen for testing configurations.
2. Owain Perry
• Software architect at the trainline.com
• perry@peek.org.uk
• github: perryofpeek.
• Focus at the moment is on build, deployment and the
software delivery machine.
3. TheTrainline
• £1.2+ Billion turnover.
• 2 transactions a second average
• ~1000 Physical and virtual servers
• Multiple development sites
• 25+ build and test (non production) environments
5. Using chef
• Using chef in various ways for the last 12 months
• Worked with a 3rd Party supplier who implemented some
aspects
• Multiple teams with various knowledge levels.
• These patterns / anti-patterns have emerged over the last
year in our code bases.
6. Anti-pattern
• Download and copy community cookbooks into one git
repository.
• Just change that bit… and diverge from the community…
• How do you update them?
• Promotes unintentional coupling between cookbooks.
• Hard to test
Antidote:
• use lots of small cookbooks.
7. Anti-pattern
• My chef code is the centre of the universe
• I am going to delete all the databags
• I am going to delete all the roles
• I am going to delete all the environments
• I am going to do this just before you showcase a whole
bunch of work to a team of people…
• Antidote:
• Hey you , you are not that important! Let’s live together in peace
and harmony
9. Pattern
• Small cookbooks with one purpose
• Easy to manage
• Easy to test
• Easy to build.
• Easy to document
• Easy to understand
• This fits very well with git as a technology
10. Pattern
• Continuous integration builds of cookbooks
• Build script
• Knife cookbook test
• Food critic
• Chef-spec
• Mini test
• Vagrant test
• (why-run) manual testing.
• Knife cookbook upload
11. Pattern
• Roles in chef are cookbooks
• Supports versioning
• Easy to test
• Use different versions side by side
12. Pattern
• Cascading cookbooks
• Library cookbooks – do stuff with sane defaults
• Generalisation cookbooks
• Specialisation cookbooks.
• Example
go_server [sane defaults 1GB memory]
general_go_server [license key] use this for templates
team_a_go_server [4GB memory, define site url, … ]
13. Pattern
• Try to make library cookbooks open source
• Forces abstraction of business implementation details
• Improves code quality
• Supporting reuse
• Sane defaults
• Might get some free testing and development
14. Pattern
• Continuous integration builds of the chef server changes.
• Avoiding using knife to change server state
• Databag uploads
• Roles uploads
• Nodes uploads
• Download latest versions of community cookbooks using librarian
and upload.
15. Pattern
• Use attributes as much as possible.
• Make cookbooks reusable
• Supports overriding attributes.
16. Pattern
• Make things idempotent, (but also fast!)
• Remote_file is idempotent BUT!
• It downloads the 100MB file and compares every 10 mins.
17. Pattern
• Develop Light Weight Resource Providers
• Code getting to long?
• Code with too much logic?
• Make it simple and develop a LWRP
• Abstract the complexity
• Easier to test the code using standard ruby frameworks
• Simpler to understand the cookbook consumer
18. Pattern
• Use vagrant
• Vagrant is just cool.
• Test on one or more platforms
• Fast feedback cycle while developing
• Repeatable
19. Pattern
• Using chef solo for automated builds of templates
• Pull down cookbooks
• Run chef solo
• Create a virtual machine using CI
• Running the generalised cookbooks
• Test template
• Convert machine to Vmware ESX template
• Upload template
• Provision template
• Run specific cookbook / role to give specific purpose
20. Anti-pattern
• Git submodules for cookbooks
• Some people don’t get git submodules
• Easy to break in CI
• Antidote
• Use librarian or berkshef to resolve dependencies
21. Anti-pattern
• DIY package management on windows implemented in
chef
• It’s not as simple as you think?
• Is chef really the right tool for this?
• How do you do upgrades?
• What versions are installed now?
• Antidote
• Choose an operating system with package management
• Failing that use chocolatey or similar on windows.
22. Anti pattern
• Hack community cookbooks if you don’t intend a pull
request
• How do we mange changes
• How do we merge changes in 6 months , 2 years from now….
• Antidote
• Wrap the cookbook and extend the wrapper.
23. Anti-Patten
• Testing, what testing….
• Antidote
• Write some tests….
• Practice Test Driven Development
• Make the feedback loop as fast as possible.