Your SlideShare is downloading. ×
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply



Published on

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Automate Your Infrastructure With Chef Will Sterling Linux & UNIX Consultant @ PARSEC Group
  • 2. AgendaWhat is Configuration Management?●What is Chef?●Chef architecture●Deploying Chef●Deploy Apache onto server using chef● Automate You Infrastructure With Chef
  • 3. What is Configuration Management?Configuration management is a process forestablishing and maintaining consistency of aproduct’s performance, functional and physicalattributes with its requirements, design andoperational information throughout its life.*"MIL-HDBK-61A, ""Military Handbook: Configuration Management Guidance". Department of Defense. 07- February-2001. Retrieved 2012-03-24. Automate You Infrastructure With Chef
  • 4. CHEFConfiguration Management●Infrastructure Automation●Open Source●Several Deployment Options● ● Chef Solo ● Open Source Chef Server - Client ● Hosted Chef ● Private Chef Automate You Infrastructure With Chef
  • 5. Chef ArchitectureServer – Client Model●Public – Private Key Encryption●Servers store the configuration●Clients do the work●Configuration information shared via Cookbooks● Automate You Infrastructure With Chef
  • 6. Cookbooks●Cookbooks are used to distribute configurations●The Chef community shares cookbooks at●Cookbooks contain: ● Recipes ● Attribute Files ● Configuration Artifacts ● Templates ● Files ● Libraries Automate You Infrastructure With Chef
  • 7. Run Lists YUM Apache Tomcat Node1Server YUM MySQL Node 2 Automate You Infrastructure With Chef
  • 8. Roles YUM Apache Tomcat WWW 1 WWW 2 WWW 3Server YUM MySQL DB 1 1 DB DB 1 Automate You Infrastructure With Chef
  • 9. Sample Recipe## Cookbook Name:: yum# Recipe:: yum## Copyright 2011, Eric G. Wolfe# Copyright 2011, Opscode, Inc.## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.#template "/etc/yum.conf" do source "yum-rhel#{node[:platform_version].to_i}.conf.erb"end Automate You Infrastructure With Chef
  • 10. Sample Template# Generated by Chef for <%= node[:fqdn] %># Local modifications will be overwritten.[main]cachedir=/var/cache/yum/$basearch/$releaseverkeepcache=0debuglevel=2logfile=/var/log/yum.logexactarch=1obsoletes=1gpgcheck=1plugins=1installonly_limit=3<%- if node[:yum][:exclude] %>exclude=<%= node[:yum][:exclude].join(" ") %><%- end %><%- if node[:yum][:installonlypkgs] %>installonlypkgs=<%= node[:yum][:installonlypkgs].join(" ") %><%- end %># This is the default, if you make this bigger yum wont see if the metadata# is newer on the remote and so youll "gain" the bandwidth of not having to# download the new metadata and "pay" for it by yum not having correct# information.# It is esp. important, to have correct metadata, for distributions like# Fedora which dont keep old packages around. If you dont like this checking# interupting your command line usage, its much better to have something# manually check the metadata once an hour (yum-updatesd will do this).# metadata_expire=90m# PUT YOUR REPOS HERE OR IN separate files named file.repo# in /etc/yum.repos.d Automate You Infrastructure With Chef
  • 11. Installing Chef Server on Ubuntu1)Add Opscode APT Repository 1) sudo -s “echo deb lucid-0.10 main > /etc/apt/sources.list.d/opscode.list” 2) sudo mkdir -p /etc/apt/trusted.gpg.d 3) gpg --keyserver --recv-keys 83EF826A 4) sudo -s “gpg --export > /etc/apt/trusted.gpg.d/opscode- keyring.gpg” 5) sudo apt-get update 6) sudo apt-get install opscode-keyring 7) sudo apt-get upgrade2)Install Chef and Chef Server packages 1) sudo apt-get install chef chef-server 1) Follow on screen configuration questions 1) hostname of server 2) RabbitMQ queue password 3) Temporary WebUI admin password3)Configure CLI 1) mkdir .chef 2) sudo cp /etc/chef/validation.pem /etc/chef/webui.pem .chef/ 3) sudo chown -R wills ~/.chef 4) knife configure -i Change path to validation.pem and webui.pem to be /home/user_name/.chef/*.pem. Everything else can remain the default. Automate You Infrastructure With Chef
  • 12. Setup RHEL/Centos Chef Clientchef-client> sudo yum install ruby ruby-devel make gccchef-server> knife bootstrap chef-client -i ssh_keychef-server> knife node list Automate You Infrastructure With Chef
  • 13. Install CookbooksDownload Cookbooks from Chef Community, 1)chef-server> knife cookbook site download chef-client 2)chef-server> tar -xzf chef-client* 3)chef-server> knife cookbook site download apache2 4)chef-server> tar -xzf apache2* 5)chef-server> less apache2/ 6)chef-server> knife cookbook site download yum 7)chef-server> tar -xzf yum* 8)chef-server> less yum/ 9)chef-server> knife cookbook upload -a -o ./ 10)chef-server> knife cookbook list Automate You Infrastructure With Chef
  • 14. Create a Run List1)chef-server> knife node run_list add chef- `chef-client`2)chef-server> knife node run_list add chef- yum3)chef-server> knife node run_list add chef- yum::epel4)chef-client> sudo /usr/bin/chef-client5)chef-client> sudo chkconfig6)chef-client> sudo yum repolist Automate You Infrastructure With Chef
  • 15. Add Apache to Run List1) chef-server> vi apache2/attributes/default.rb134 default[apache][default_modules] = %w{ status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex dir env mime negotiation setenvif logio }2) chef-server> vi apache2/recipes/mod_logio.rb if platform?("redhat", "centos", "scientific", "fedora", "suse", "arch", "freebsd", "amazon") apache_module "logio" else include_recipe "apache2" End3) chef-server> knife node run_list add chef- apache24) chef-server> knife cookbook upload apache2 -o ./5) chef-client> chef-client Automate You Infrastructure With Chef
  • 16. Add Our Own HTML Content 1) chef-server> sudo vi apache2/files/default/index.html <HTML><BODY> Hello World! </BODY></HTML> 2) chef-server> vi apache2/recipes/default.rb66 cookbook_file "/var/www/index.html" do source "index.html" mode 0755 owner "root" group node[:apache][:root_group] end 3) chef-server> knife cookbook upload apache2 -o ./ 4) chef-client> chef-client Automate You Infrastructure With Chef
  • 17.●●●●● Automate You Infrastructure With Chef