©2016 Chef Software Inc. 1-1
Introduction to Application
Automation Workshop
Modern Applications with Habitat

©2016 Chef Software Inc. 1-2
Modern Applications
Source
Code
Repo
Artifact
Bare Metal
Containers
AMI
VM
Artifact
Repo

©2016 Chef Software Inc. 1-3

©2016 Chef Software Inc. 1-4
Habitat
Application automation that enables
modern application teams to build,
deploy, and manage any application in
any environment - from traditional
data-centers to containerized
microservices.

©2016 Chef Software Inc. 1-5
Habitat and Containers
• Build OS-agnostic containers
• Application down, not OS-up
• No Dockerfile
• No ”FROM ubuntu”. Build immutable apps inside scratch containers
• Run containers with necessary runtime features built-in
• Service discovery
• Real-time configuration management across a fleet
• Remote auditing and container internals inspection
• Peer-coordinated continuous delivery (coming soon)

©2016 Chef Software Inc. 1-6
Habitat’s Approach
• Applications run as distributed, fully automated, and capable autonomous actors
• Immutable applications, but flexible and easy to manage because automation
travels with the application
• Bundles what your apps need to run and nothing else
• Embedded automation choreographs application cluster topology/behavior
• A network with no reliance on external services and no single-point-of-failure
• Provides continuous deployment without traditional Application Release
Automation (ARA) tooling

©2016 Chef Software Inc. 2-7
Enough with the talky, talky!
Let’s try out Habitat

©2016 Chef Software Inc. 2-8
Environment Setup

©2016 Chef Software Inc. 2-9
Objectives
• Login to the remote workstation
• Set up Habitat

©2016 Chef Software Inc. 2-10
Objective:
Login to a remote workstation
Lab: Remote Workstation

©2016 Chef Software Inc. 2-11
Find your IP Address
https://goo.gl/EK2c3R

©2016 Chef Software Inc. 2-12
The authenticity of host '52.23.203.107 (52.23.203.107)' can't be established.
ECDSA key fingerprint is SHA256:HoR68T+W6kAwQv0ZC0qAMSiO4lVqpQQRwO6WnvPb2oY.
Are you sure you want to continue connecting (yes/no)?
$ ssh chef@YOUR_IP_ADDRESS
Login to your remote workstation

©2016 Chef Software Inc. 2-13
The authenticity of host '52.23.203.107 (52.23.203.107)' can't be established.
ECDSA key fingerprint is SHA256:HoR68T+W6kAwQv0ZC0qAMSiO4lVqpQQRwO6WnvPb2oY.
Are you sure you want to continue connecting (yes/no)? yes
$ ssh chef@YOUR_IP_ADDRESS
Login to your remote workstation

©2016 Chef Software Inc. 2-14
The authenticity of host '52.23.203.107 (52.23.203.107)' can't be established.
ECDSA key fingerprint is SHA256:HoR68T+W6kAwQv0ZC0qAMSiO4lVqpQQRwO6WnvPb2oY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '52.23.203.107' (ECDSA) to the list of known hosts.
chef@52.23.203.107's password:
$ ssh chef@YOUR_IP_ADDRESS
Login to your remote workstation

©2016 Chef Software Inc. 2-15
The authenticity of host '52.23.203.107 (52.23.203.107)' can't be established.
ECDSA key fingerprint is SHA256:HoR68T+W6kAwQv0ZC0qAMSiO4lVqpQQRwO6WnvPb2oY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '52.23.203.107' (ECDSA) to the list of known hosts.
chef@52.23.203.107's password: chef
$ ssh chef@YOUR_IP_ADDRESS
Login to your remote workstation

©2016 Chef Software Inc. 2-16
/usr/bin/hab
$ which hab
Verify the installation

©2016 Chef Software Inc. 2-17
hab 0.12.1/20161102212401
$ hab --version
Verify the installation

©2016 Chef Software Inc. 2-18
Set up a default origin
Every package in Habitat belongs to an origin, which indicates the
person or organization responsible for maintaining that package. Each
origin also has a key used to cryptographically sign packages in that
origin.
Selecting a default origin tells package building operations such as
'hab pkg build' what key should be used to sign the packages produced.
If you do not set a default origin now, you will have to tell package
building commands each time what origin to use.
For more information on origins and how they are used in building
packages, please consult the docs at
https://www.habitat.sh/docs/create-packages-build/
Set up a default origin? [Yes/no/quit]
$ hab setup
Setup

©2016 Chef Software Inc. 2-19
Enter the name of your origin. If you plan to publish your packages
publicly, we recommend that you select one that is not already in use on
the Habitat build service found at https://app.habitat.sh/.
Default origin name: [default: root]
Setup

©2016 Chef Software Inc. 2-20
Enter the name of your origin. If you plan to publish your packages
publicly, we recommend that you select one that is not already in use on
the Habitat build service found at https://app.habitat.sh/.
Default origin name: [default: chef] firstnamelastname
Setup

©2016 Chef Software Inc. 2-21
Create origin key pair
It doesn't look like you have a signing key for the origin
`firstnamelastname'. Without it, you won't be able to build new packages
successfully.
You can either create a new signing key now, or, if you are building
packages for an origin that already exists, ask the owner to give you
the signing key.
For more information on the use of origin keys, please consult the
documentation at https://www.habitat.sh/docs/concepts-keys/#origin-keys
Create an origin key for `firstnamelastname'? [Yes/no/quit]
Setup

©2016 Chef Software Inc. 2-22
Create an origin key for `firstnamelastname'? [Yes/no/quit] Yes
Setup

©2016 Chef Software Inc. 2-23
GitHub Access Token
While you can build and run Habitat packages without sharing them on the
public depot, doing so allows you to collaborate with the Habitat
community. In addition, it is how you can perform continuous deployment
with Habitat.
The depot uses GitHub authentication with an access token with the
user:email scope
(https://help.github.com/articles/creating-an-access-token-for-command-line-use/).
If you would like to share your packages on the depot, please enter your
GitHub access token. Otherwise, just enter No.
For more information on sharing packages on the depot, please read the
documentation at https://www.habitat.sh/docs/share-packages-overview/
Set up a default GitHub access token? [Yes/no/quit]
Setup

©2016 Chef Software Inc. 2-24
Set up a default GitHub access token? [Yes/no/quit] no
Setup

©2016 Chef Software Inc. 2-25
Analytics
The `hab` command-line tool will optionally send anonymous usage data to
Habitat's Google Analytics account. This is a strictly opt-in activity
and no tracking will occur unless you respond affirmatively to the
question below.
We collect this data to help improve Habitat's user experience. For
example, we would like to know the category of tasks users are
performing, and which ones they are having trouble with (e.g. mistyping
command line arguments).
To see what kinds of data are sent and how they are anonymized, please
read more about our analytics here:
https://www.habitat.sh/docs/about-analytics/
Enable analytics? [Yes/no/quit]
Setup

©2016 Chef Software Inc. 2-26
Enable analytics? [Yes/no/quit]
Setup

©2016 Chef Software Inc. 2-27
» Opting in to analytics
Ω Creating /hab/cache/analytics/OPTED_IN
★ Analytics opted in, thank you!
CLI Setup Complete
That's all for now. Thanks for using Habitat!
Setup

©2016 Chef Software Inc. 2-28
Discussion
What do you know about the remote workstation?
Is a GitHub access token required?
What is required to install Habitat on Mac OS?
What is required to install Habitat on Windows?

©2016 Chef Software Inc. 3-29
Create a Plan
My Tutorial Project

©2016 Chef Software Inc. 3-30
Objectives
Describe the parts of a plan
Build a Habitat artifact

©2016 Chef Software Inc. 3-31
My Tutorial Project
A simple Node.js application
Allows for exploration of many Habitat features
Not overly complex

©2016 Chef Software Inc. 3-32
$ cd ~
Clone the project

©2016 Chef Software Inc. 3-33
Cloning into 'habitat-example-plans'...
remote: Counting objects: 104, done.
remote: Total 104 (delta 0), reused 0 (delta 0), pack-reused 104
Receiving objects: 100% (104/104), 16.50 KiB | 0 bytes/s, done.
Resolving deltas: 100% (30/30), done.
$ git clone https://github.com/habitat-sh/habitat-example-plans
Clone the project

©2016 Chef Software Inc. 3-34
$ cd ~/habitat-example-plans/mytutorialapp_finished
Clone the project

©2016 Chef Software Inc. 3-35
├── habitat
│ ├── alt_plan.sh
│ ├── config
│ │ └── config.json
│ ├── default.toml
│ ├── hooks
│ │ ├── init
│ │ └── run
│ └── plan.sh
└── source
├── config
│ └── config.json
├── package.json
└── server.js
5 directories, 9 files
$ tree
Explore the files

©2016 Chef Software Inc. 3-36
Choose an editor
You'll need to choose an editor to edit files:
• emacs
• vim
• nano

©2016 Chef Software Inc. 3-37
Update the plan
pkg_origin=firstnamelastname
pkg_name=mytutorialapp
pkg_version=0.2.0
pkg_maintainer="Your Name <you@example.com>"
pkg_license=()
pkg_upstream_url=https://github.com/habitat-sh/habitat-example-plans
pkg_source=nosuchfile.tar.gz
pkg_deps=(core/node)
pkg_expose=(8080)
~/habitat-example-plans/mytutorialapp/habitat/plan.sh

©2016 Chef Software Inc. 3-38
Installing from source

©2016 Chef Software Inc. 3-39
Callbacks
Shell functions executed when building artifacts:
• do_begin()
• do_download()
• do_verify()
• do_check()
• do_clean()
• do_unpack()
• do_prepare()
• do_build()
• do_install()
• do_strip()
• do_end()

©2016 Chef Software Inc. 3-40
Compare plans
https://goo.gl/rKboZn

©2016 Chef Software Inc. 3-41
$ cd ~/habitat-example-plans/mytutorialapp_finished/
Enter the studio

©2016 Chef Software Inc. 3-42
Habitat Studio
The Habitat Studio is a clean, self-contained, minimal environment in which you
can develop, build, and package software that is free from any upstream operating
system distribution. All tools and dependencies included in the Studio are installed
through Habitat packages, thus preventing any unwanted dependencies from
being used by your package.

©2016 Chef Software Inc. 3-43
∵ Missing package for core/hab-studio
» Installing core/hab-studio
↓ Downloading core/hab-studio/0.12.1/20161102212821
2.82 MB / 2.82 MB / [===================================] 100.00 % 16.77 MB/s
↓ Downloading core-20160810182414 public origin key
75 B / 75 B | [==========================================] 100.00 % 3.88 MB/s
☑ Cached core-20160810182414 public origin key
✓ Installed core/hab-studio/0.12.1/20161102212821
★ Install of core/hab-studio/0.12.1/20161102212821 complete with 1 new packages
installed.
hab-studio: Creating Studio at /hab/studios/home--chef--habitat-example-plans--
mytutorialapp (default)
hab-studio: Importing firstnamelastname secret origin key
$ hab studio enter
Enter the studio

©2016 Chef Software Inc. 3-44
: Loading /src/habitat/plan.sh
mytutorialapp: Plan loaded
…
mytutorialapp: hab-plan-build cleanup
mytutorialapp:
mytutorialapp: Source Cache: /hab/cache/src/mytutorialapp-0.2.0
mytutorialapp: Installed Path: /hab/pkgs/nathenharvey-surge3/mytutorialapp/0.2.0/20160918001011
mytutorialapp: Artifact: /src/results/nathenharvey-surge3-mytutorialapp-0.2.0-20160918001011-x86_64-
linux.hart
mytutorialapp: Build Report: /src/results/last_build.env
mytutorialapp: SHA256 Checksum: 5e9f4e2f2465cd6565ec3ac72e726bd65262f3a8f1d2b38f38637f2bbef19a4e
mytutorialapp: Blake2b Checksum: abc9eca3d0c4743a89351d0b0aa690dedeffd0fa0b6f564816fc5fb719ce88da
mytutorialapp:
mytutorialapp: I love it when a plan.sh comes together.
mytutorialapp:
mytutorialapp: Build time: 0m7s
$ build
Build the artifact

©2016 Chef Software Inc. 3-45
Examine the artifact
Source files: /hab/pkgs/YOUR_ORIGIN/mytutorialapp/0.2.0/BUILD
Package: /src/results/YOUR_ORIGIN-mytutorialapp-0.2.0-BUILD-
x86_64-linux.hart

©2016 Chef Software Inc. 3-46
$ exit
Leave the studio

©2016 Chef Software Inc. 3-47
Discussion
What language are used to write plans?
What are the different parts that make up a plan?
What is the Habitat studio?
Why build packages in the studio?
Where can you find the artifacts generated by the build process?

©2016 Chef Software Inc. 6-48
Run the Application
In any operational environment

©2016 Chef Software Inc. 6-49
Run the Application
Source
Code
Repo
Artifact
Bare Metal
Containers
AMI
VM
Artifact
Repo

©2016 Chef Software Inc. 6-50
Application Runtimes
• Natively on hardware
• Inside the habitat studio
• In a VM, cloud instance, etc.
• In a container
• Docker
• Application Container Image
• Mesos
• 64-bit Linux distribution with a kernel version greater than 2.6.32

©2016 Chef Software Inc. 6-51
$ cd ~/habitat-example-plans/mytutorialapp_finished
Enter the Studio

©2016 Chef Software Inc. 6-52
hab-studio: Creating Studio at /hab/studios/home--chef--habitat-
example-plans--mytutorialapp (default)
hab-studio: Importing firstnamelastname secret origin key
» Importing origin key from standard input
★ Imported secret origin key firstnamelastname-20160920041649.
hab-studio: Entering Studio at /hab/studios/home--chef--habitat-
example-plans--mytutorialapp (default)
hab-studio: Exported: HAB_ORIGIN=firstnamelastname
$ hab studio enter
Enter the Studio

©2016 Chef Software Inc. 6-53
mytutorialapp: hab-plan-build cleanup
mytutorialapp:
mytutorialapp: Source Cache: /hab/cache/src/mytutorialapp-0.2.0
mytutorialapp: Installed Path: /hab/pkgs/nathenharvey-
surge3/mytutorialapp/0.2.0/20160918123432
mytutorialapp: Artifact: /src/results/nathenharvey-surge3-mytutorialapp-0.2.0-
20160918123432-x86_64-linux.hart
mytutorialapp: Build Report: /src/results/last_build.env
mytutorialapp: SHA256 Checksum:
1bd6ef8873ee8040aac3838faea6304f2daae287b6c7dfaa394dad9e18a261f9
mytutorialapp: Blake2b Checksum:
b467ee5a291e8c805562ffa44c6c774ab45cc466c76cb1f95b53bab3e271a1b7
mytutorialapp:
mytutorialapp: I love it when a plan.sh comes together.
mytutorialapp:
mytutorialapp: Build time: 0m4s
# build
Build the package

©2016 Chef Software Inc. 6-54
...
mytutorialapp(SV): Starting
mytutorialapp(O):
mytutorialapp(O): > mytutorialapp@0.2.0 start /hab/svc/mytutorialapp/var
mytutorialapp(O): > node server.js
mytutorialapp(O):
mytutorialapp(O): Running on http://0.0.0.0:8080
# hab start /src/results/YOURPACKAGE-x86_64-linux.hart
Run the application

©2016 Chef Software Inc. 6-55
Open in a browser

©2016 Chef Software Inc. 6-56
Discussion
Where are the packages stored?
What format are the packages?
What process runs the packages?

©2016 Chef Software Inc. 8-57
Run the Application in Docker
In any operational environment

©2016 Chef Software Inc. 8-58
Run the Application
Source
Code
Repo
Artifact
Bare Metal
Containers
AMI
VM
Artifact
Repo

©2016 Chef Software Inc. 8-59
Application Run Times
• Natively on hardware
• Inside the habitat studio
• In a VM, cloud instance, etc.
• In a container
• Docker
• Application Container Image
• Mesos
• 64-bit Linux distribution with a kernel version greater than 2.62

©2016 Chef Software Inc. 8-60
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
preset: disabled)
Active: active (running) since Sun 2016-09-18 21:47:23 EDT; 1min 0s ago
Docs: https://docs.docker.com
Main PID: 26409 (dockerd)
Memory: 18.9M
CGroup: /system.slice/docker.service
├─26409 /usr/bin/dockerd
└─26412 docker-containerd -l
unix:///var/run/docker/libcontainerd/docker-c...
$ service docker status
Docker is Running

©2016 Chef Software Inc. 8-61
docker start/running, process 841
$ service docker status
Docker is Running

©2016 Chef Software Inc. 8-62
● docker.service - Docker Application Container Engine
Loaded: loaded (/etc/systemd/system/docker.service; enabled; vendor preset
Active: active (running) since Sat 2016-10-01 03:09:09 UTC; 9min ago
Docs: http://docs.docker.com
Process: 3033 ExecStartPost=/usr/lib/docker/docker-wait-ready (code=exited,
Process: 2649 ExecStartPre=/sbin/sysctl -w net.ipv6.conf.all.forwarding=1 (
Process: 2641 ExecStartPre=/sbin/sysctl -w net.ipv4.ip_forward=1 (code=exit
Main PID: 2652 (dockerd)
Tasks: 16
…
$ service docker status
Docker is Running

©2016 Chef Software Inc. 8-63
$ cd ~/habitat-example-plans/mytutorialapp_finished
Export package as Docker container

©2016 Chef Software Inc. 8-64
$ hab studio enter
Export package as Docker container

©2016 Chef Software Inc. 8-65
hab-studio: Creating Studio at /tmp/hab-pkg-dockerize-xhCz/rootfs (baseimage)
> Using local package for firstnamelastname/mytutorialapp
> Using local package for core/gcc-libs/5.2.0/20160612075020 via
firstnamelastname/mytutorialapp
...
Step 8 : CMD start firstnamelastname/mytutorialapp
---> Running in 77d3b23fe1f1
---> fedf3ae992bb
Removing intermediate container 77d3b23fe1f1
Successfully built fedf3ae992bb
# hab pkg export docker firstnamelastname/mytutorialapp
Export package as Docker container

©2016 Chef Software Inc. 8-66
# exit
Export package as Docker container

©2016 Chef Software Inc. 8-67
→ Using core/gcc-libs/5.2.0/20160612075020
→ Using core/glibc/2.22/20160612063629
→ Using core/linux-headers/4.3/20160612063537
→ Using core/node/4.2.6/20160729200209
✓ Installed firstnamelastname/mytutorialapp/0.2.0/20160920230450
★ Install of firstnamelastname/mytutorialapp/0.2.0/20160920230450
complete with 1 new packages installed.
$ sudo docker run -it -p 8080:8080 -p 9631:9631 firstnamelastname/mytutorialapp
Run the Docker container

©2016 Chef Software Inc. 8-68
Open in a browser

©2016 Chef Software Inc. 8-69
Check the configuration via the API

©2016 Chef Software Inc. 8-70
Discussion
What happened before the package export began?
What other export formats are available?
What other export formats would you like to see?
Where might you run this Docker container?

©2016 Chef Software Inc. 8-71
Inject Configuration
Easily configure immutable artifacts

©2016 Chef Software Inc. 8-72
Immutable Infrastructure

©2016 Chef Software Inc. 8-73
Immutable Infrastructure Applications

©2016 Chef Software Inc. 8-74
Habitat Supervisor
Habitat packages are run under the Habitat supervisor. At runtime, you can
send configuration updates to the application.

©2016 Chef Software Inc. 8-75
Configuration Parameters
The mytutorialapp was configured with two tunable parameters
• message
• port

©2016 Chef Software Inc. 8-76
API for Configuration Parameters
• The Habitat Supervisor provides a REST API
• This API will tell us what configuration parameters can be changed
• Open http://YOUR_IP_ADDRESS:9631/config

©2016 Chef Software Inc. 8-77
Default values
The default values for these were set in the `default.toml`
# Message of the Day
message = "Hello, World!"
# The port number that is listening for requests.
port = 8080

©2016 Chef Software Inc. 8-78
Configuration Parameters
These values are loaded in config/config.json by the application
{
"message": "{{cfg.message}}",
"port": "{{cfg.port}}"
}

©2016 Chef Software Inc. 8-79
hab-sup(MN): Starting firstnamelastname/mytutorialapp
hab-sup(TP): Child process will run as user=hab, group=hab
hab-sup(GS): Supervisor 172.17.0.2: 117c3b88-1dcb-469c-8792-04a7b14804f4
hab-sup(GS): Census mytutorialapp.default: 77facd9c-ca73-4ed1-a9e8-d4fd5b47c883
hab-sup(GS): Starting inbound gossip listener
hab-sup(GS): Starting outbound gossip distributor
hab-sup(GS): Starting gossip failure detector
hab-sup(CN): Starting census health adjuster
hab-sup(SC): Updated config.json
hab-sup(TP): Restarting because the service config was updated via the census
mytutorialapp(SV): Starting
mytutorialapp(O):
mytutorialapp(O): > mytutorialapp@0.2.0 start /hab/svc/mytutorialapp/var
mytutorialapp(O): > node server.js
mytutorialapp(O):
mytutorialapp(O): Running on http://0.0.0.0:8080
$ sudo docker run -e HAB_MYTUTORIALAPP='message = "Hello, Habitat!"' -it -p 8080:8080 -p 9631:9631
firstnamelastname/mytutorialapp
Override Configuration Parameters at Launch

©2016 Chef Software Inc. 8-80
Hello, Habitat!

©2016 Chef Software Inc. 8-81
Check the configuration via the API

©2016 Chef Software Inc. 8-82
Questions
You can pass configuration via environment variables to the Habitat
Supervisor.
What are the naming conventions for those environment variables?
What values do you specify and in which format?

Our Vision
the most enduring and transformative companies use
Chef to become fast, efficient, and innovative software
driven organizations

People
Products
Companies

Build
Deploy
Manage

Deploying and maintaining apps is hard.
My developer sent me this application to
run in production, but nothing seems to be
working correctly and I can’t figure out
why!
Deploying and maintaining production apps
shouldn’t be so stressful.

Write a plan to simplify the process.
With Habitat, the developer describes
everything the app needs to run.

Package up everything your app needs.
Next, she packages up the app along with
all the necessary management tools.

Distribute it in a variety of formats.
Then she ships the package to a central
location where it is stored alongside all of
its dependencies.

Assemble and run your app anywhere.
The ops team retrieves the package, quickly
assembles the entire app, and deploys it to
any environment.

Habitat packages are portable and aware.
The application is portable and able to
establish relationships with its peers.

Built-in features make management easy.
Once running, ops can easily monitor,
configure and care for the app throughout
its lifecycle.

Stop worrying about deploying your app.
With Habitat, deploying and maintaining
apps is safer and more complete, which
makes everybody happy!

Habitat: Automation that travels with the app
• Ease the burden of managing microservice apps and
bring benefits of apps architected for microservices to
legacy applications
–Gain consistent management of new and legacy
applications across lifecycle
–Provides application portability for new and
legacy apps
–Autonomous nodes self-manage runtime state
of application based upon policy you define
–APIs expose application behaviors as data for
better management
• Works in tandem with infrastructure automation
• Makes applications running on containers, PaaS, virtual
machines, bare metal, … better

It’s all open source
Apache License

Much more to do
• Automated, public build service
• More topologies
• More update strategies
• More plans
• More package export formats

https://www.habitat.sh/community/