Picconf12

983 views

Published on

(A Very Quick) Intro to Chef for PICConf '12. A technical look at the building blocks of Chef.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
983
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • Let's take a moment to discuss resources. This is the structure of a Chef resource.\n\n\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Picconf12

    1. 1. (A Very Quick) Intro To Chef PICConf ’12 Mandi Walls mandi@opscode.com
    2. 2. whoami• Mandi Walls• mandi@opscode.com• @lnxchk
    3. 3. Chef is Configuration ManagementA technical domainrevolving aroundbuilding andmanaginginfrastructureprogrammatically http://www.flickr.com/photos/neilt/530198191/
    4. 4. Enable the reconstruction of the business fromnothing but a source coderepository, an application data backup, and bare metal resources.
    5. 5. Avoiding Snowflakes• “That one host” you know you can’t rebuild if it dies• Untracked changes to systems, new configurations• Collections of bash, perl, python, whatever• Cheatsheets, wiki pages, folklore on how to build systems
    6. 6. Infrastructure as Code• Logically group all the changes needed to get systems into working order• All the bits and pieces that you have to remember to do after the OS is loaded• 1.. N.. infinity• Integrate systems programmatically
    7. 7. Managing the Various Pieces of Your Environment •Provision •Configure •Integrate
    8. 8. Managing the Various Pieces of Your Environment Load Balancer •ProvisionApp Server { { App Server •Configure •Integrate Database Master
    9. 9. What to Configure?
    10. 10. Goals!• Idempotence• Reasonability• Sane Defaults• Coordination• Flexibility
    11. 11. Chef is Ruby• Internal DSL• Chef resources look like Ruby objects• Chef can be extended using Ruby• Chef tools like ohai and knife can also be extended using Ruby
    12. 12. Chef Architecture •Chef Server •Chef Users •Chef Nodes •Knife •chef-client
    13. 13. Chef Nodes• Your hosts are “nodes” in Chef• They are the authority on all info about themselves• This info is stored in a Ruby object called “node” too• Characteristics about the node are called attributes
    14. 14. Node Object{ "name": "www1.example.com", • JSON "json_class": "Chef::Node", • Pushed to "chef_type": "node", Chef Server "chef_environment": "_default", • Indexed for Searching "automatic": { ... }, "default": { ... }, "normal": { ... }, "override": { ... }, "run_list": [ ... ]}
    15. 15. Chef Building Blocks• Resources• Recipes• Cookbooks• Roles• Environments
    16. 16. Chef Resourcespackage "haproxy" do action :installendtemplate "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]"endservice "haproxy" do supports :restart => true action [:enable, :start]end
    17. 17. Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
    18. 18. Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
    19. 19. Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end
    20. 20. Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root"• Take action to put the mode 0644 notifies :restart, "service[haproxy]" resource in the declared end state. service "haproxy" do supports :restart => true action [:enable, :start] end
    21. 21. Chef Resources package "haproxy" do action :install end• Have a type. template "/etc/haproxy/haproxy.cfg" do• Have a name. source "haproxy.cfg.erb"• Have parameters. owner "root" group "root"• Take action to put the mode 0644 notifies :restart, "service[haproxy]" resource in the declared end state. service "haproxy" do• Can send notifications to supports :restart => true action [:enable, :start] other resources. end
    22. 22. Resources and ProvidersResources take action through Providers
    23. 23. Providers are Behind the Scenespackage “haproxy” { yum install haproxy apt-get install haproxy pacman sync haproxy pkg_add -r haproxy
    24. 24. Recipes
    25. 25. Recipes are Collections of Resourcespackage "hadoop-#{hadoop_version}-namenode" do action :installendtemplate "/usr/lib/hadoop/conf/core-site.xml" do source "core-site_xml.erb" owner "hadoop" group "hadoop" mode 0644endservice "hadoop-#{hadoop_version}-namenode" do supports :restart => true, :start => true, :stop => trueend
    26. 26. Cookbooks are Collections of Recipes• Each cookbook can have multiple recipes • namenode, datanode, jobtracker, worker • solr_master, solr_slave• Configuration files, templates, libraries • server.xml • hdfs-site.xml http://www.flickr.com/photos/pinkpollyanna/222517565/sizes/m/in/photostream/
    27. 27. Run Lists• Tell the nodes what recipes to run Node Name: ip-10-93-42-234.ec2.internal Environment: _default FQDN: ip-10-93-42-234.ec2.internal IP: 23.22.80.76 Run List: role[base], role[webserver] Roles: base, webserver Recipes: apt, chef-client, apache2, webserver Platform: ubuntu 10.04
    28. 28. Attributes• Information about the node, the applications, etc• Set by ohai!• Set by cookbooks, roles, environments, or directly in recipes• Applied with specific precedence
    29. 29. Node Attributes$ knife node show ip-10-93-42-234.ec2.internal -a ec2ec2: ... hostname: ip-10-93-42-234.ec2.internal instance_id: i-75b16813 instance_type: m1.small kernel_id: aki-407d9529 local_hostname: ip-10-93-42-234.ec2.internal local_ipv4: 10.93.42.234 placement_availability_zone: us-east-1b profile: default-paravirtual public_hostname: ec2-23-22-80-76.compute-1.amazonaws.com public_ipv4: 23.22.80.76
    30. 30. Non-ohai Attributes• Attributes can also come from roles, cookbooks, and recipes• Used for settings needed by the configurationset[apache][package] = "httpd"set[apache][dir] = "/etc/httpd"set[apache][log_dir] = "/var/log/httpd"set[apache][error_log] = "error.log"set[apache][user] = "apache"set[apache][group] = "apache"set[apache][binary] = "/usr/sbin/httpd"set[apache][icondir] = "/var/www/icons"set[apache][cache_dir] = "/var/cache/httpd"
    31. 31. Rolesname "base"description "Base role for allservers"run_list(! "recipe[apt]",! "recipe[fail2ban]",! "recipe[chef-client]") http://www.flickr.com/photos/ulteriorepicure/177506395/sizes/m/in/photostream/
    32. 32. Basic Resources
    33. 33. Basic Resources: package package "tar" do   version "1.16.1-1"   action :install end package "portmap" do action :remove end• Providers determine how to manage the packages on every platform
    34. 34. Basic Resources: template• Templates are rendered when the Chef client runs on the node• Interprets the values of variables, search results, etc, to create dynamic configurationstemplate "/tmp/config.conf" do  source "config.conf.erb"  variables(    :config_var => node[:configs][:config_var]  )end
    35. 35. Basic Resources: cookbook_filecookbook_file "/tmp/testfile" do  source "testfile" owner “root” group “root”  mode "0644"end
    36. 36. Basic Resources: directorydirectory "/tmp/something" do  owner "root"  group "root"  mode "0755"  action :createenddirectory "C:tmpsomething.txt" do  rights :full_control, "DOMAINUser"  inherits false  action :createend
    37. 37. Basic Resources: serviceservice "apache2" do supports :restart => true action :enableendtemplate "/etc/apache2/apache2.conf" do # ... other parameters notifies :restart, "service[apache2]"end
    38. 38. Other Common Resources• User, Group• Cron• Execute: run arbitrary commands• File: files already on the node• Env (on Windows)• HTTP Request• Link
    39. 39. Reasoning About Infrastructure
    40. 40. Reflection of Reality
    41. 41. Deciding on Cookbooks and Roles• Each service in your infrastructure usually has its own cookbook, or may have a collection of cookbooks in a role• A set of Tomcat servers may have a cookbook for java, a cookbook for Tomcat, and a cookbook for application code• The java and tomcat cookbooks can be reused in multiple applications• A common practice is to include a base role for universal configurations that should apply to all of your nodes • Security settings, DNS servers, local file repositories• Members of the Chef community share cookbooks at
    42. 42. Environments• Environments allow you to think about not just groups of nodes running applications, but also the larger infrastructure• Every node belongs to only one environment• Environments can be used to specify which version of a cookbook to use on any node assigned to the environment• A common use of environments is assigning nodes to “dev”, “qa”, “staging”, and “production” • Each environment can be configured to use a different version of the available cookbooks• Attributes allow you to change settings based on the environment
    43. 43. ReusabilityDev EnvironmentNode Name: devhost1Environment: devFQDN: devhost1.mydomain.comIP: 192.168.1.100Run List: role[base], role[solr_master]Roles: base, solr_masterRecipes: apt, fail2ban, chef-client, solr, solr::masterPlatform: ubuntu 10.04Prod EnvironmentNode Name: solr1Environment: prodFQDN: solr1.mydomain.comIP: 192.168.10.50Run List: role[base], role[solr_master]Roles: base, solr_masterRecipes: apt, fail2ban, chef-client, solr, solr::masterPlatform: ubuntu 10.04
    44. 44. Search • All node data is indexed on the Chef server • These indexes are available for searching from knife and recipes • Use search results to dynamically configure integrated resourcessearch(:node, "role:webserver") do |match| puts match["ipaddress"]end
    45. 45. ManagingInfrastructure as Code
    46. 46. Chef Code Workflow• You build recipes, cookbooks, roles, environments, etc as files in your local Chef repository• Check your code into source code control• Upload your infrastructure to the Chef server with knife• Nodes get their configuration information when they run chef-client• Nodes can run chef-client as often or as rarely as you need• You can test in a variety of ways that suit your infrastructure best
    47. 47. Incorporating Version Control System• Employ the distributed version control system of your choice• Use what your team already knows! Chef doesn’t require a specific system• Git is popular, but SVN, Perforce, others are used as well• Decide on your testing, versioning, code review practices as suit your team’s needs
    48. 48. Try It Out
    49. 49. How to Get Chef• Hosted Chef is a SaaS product hosted by Opscode• http://manage.opscode.com• You can create an account and add up to five nodes for free to try out chef• Our new installer makes installing Chef on nodes super easy! • http://www.opscode.com/chef/install • Provides a full stack, don’t worry about Ruby version issues
    50. 50. More Info on Getting Started• Our wiki: http://wiki.opscode.com• Fast start guide: • http://wiki.opscode.com/display/chef/Fast+Start +Guide• Our Community site: http://community.opscode.com• Cookbooks in our Github account: http://github.com/ opscode/cookbooks• The materials for our 3-day Chef Fundamentals class are online: • https://github.com/opscode/chef-fundamentals
    51. 51. Supported PlatformsUbuntu (10.04, 10.10, 11.04, 11.10)•Debian (5.0, 6.0)•RHEL & CentOS (5.x, 6.x)•Fedora 10+•Mac OS X (10.4, 10.5, 10.6)•Windows 7•Windows Server 2003 R2, 2008 R2
    52. 52. Thanks, PICConf!!• mandi walls• mandi@opscode.com• @lnxchk
    53. 53. Questions?• On freenode: #chef and #chef-hacking• http://lists.opscode.com• http://tickets.opscode.com• http://help.opscode.com• @opscode and @opscode_status on Twitter

    ×