Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ChefConf 2012 Spiceweasel


Published on

Published in: Technology
  • Be the first to comment

ChefConf 2012 Spiceweasel

  1. 1. Spiceweasel:Your Infrastructure as CodeTable of Contents Matt Ray Twitter/IRC/GitHub: mattray
  2. 2. Infrastructure as Code
  3. 3. Enable the reconstruction ofthe business from nothing but a source code repository, application data backup and bare metal resources.
  4. 4. Thats great did I get here?
  5. 5. Spiceweasel• Infrastructure deployment manifest• Converts YAML/JSON to knife commands• spiceweasel
  6. 6. YAML• Simple• Easy to read• Easy to reason• spiceweasel infrastructure.yml
  7. 7. JSON• Patches welcomed.• spiceweasel infrastructure.json
  8. 8. Cookbooks knife cookbook upload annoyances knife cookbook site download apache2 --file cookbooks/apache2.tgzcookbooks: tar -C cookbooks/ -xf cookbooks/apache2.tgz- annoyances: rm -f cookbooks/apache2.tgz- apache2: knife cookbook upload apache2 knife cookbook site download chef-client- chef-client: 1.1.5 --file cookbooks/chef-client.tgz - 1.1.5 tar -C cookbooks/ -xf- java: cookbooks/chef-client.tgz- mysql: rm -f cookbooks/chef-client.tgz knife cookbook upload chef-client- tomcat: knife cookbook upload java knife cookbook upload mysql knife cookbook upload tomcat
  9. 9. Environmentsenvironments:- development: knife environment from file development.rb knife environment from file qa.rb- qa: knife environment from file preprod.rb- preprod: knife environment from file production.rb- production:
  10. 10. Rolesroles:- base: knife role from file base.rb- glance-single-machine: knife role from file glance-single-machine.rb knife role from file nova-db.rb- nova-db: knife role from file nova-multi-compute.rb- nova-multi-compute: knife role from file nova-multi-controller.rb- nova-multi-controller: knife role from file nova-rabbitmq-server.rb knife role from file nova-single-machine.rb- nova-rabbitmq-server:- nova-single-machine:
  11. 11. Data Bagsdata bags:- users: knife data bag create users - alice knife data bag from file users alice.json - bob knife data bag from file users bob.json knife data bag from file users chuck.json - chuck knife data bag create data- data: knife data bag from file data dataA.json - * knife data bag from file data dataB.json knife data bag create passwords- passwords: knife data bag from file passwords - secret mysql.json --secret-file secret_keysecret_key knife data bag from file passwords rabbitmq.json --secret-file secret_key - mysql - rabbitmq
  12. 12. Nodesnodes:- ubuntu1-1004.vm ubuntu2-1004.vm ubuntu3-1004.vm: - role[base],role[tc],role[sample] - -i ~/.ssh/mray.pem -x ubuntu --sudoknife bootstrap ubuntu1-1004.vm -i ~/.ssh/mray.pem -x ubuntu --sudo -r role[base],role[tc],role[sample]knife bootstrap ubuntu2-1004.vm -i ~/.ssh/mray.pem -x ubuntu --sudo -r role[base],role[tc],role[sample]knife bootstrap ubuntu3-1004.vm -i ~/.ssh/mray.pem -x ubuntu --sudo -r role[base],role[tc],role[sample]
  13. 13. Nodes: Windowsnodes:- windows_winrm winboxA: - role[base],role[sqlserver] - -x Administrator -P super_secret_password- windows_ssh winboxB winboxC: - role[base],role[iis] - -x Administrator -P super_secret_passwordknife bootstrap windows winrm winboxA -x Administrator -P super_secret_password -r role[base],role[sqlserver]knife bootstrap windows ssh winboxB -x Administrator -P super_secret_password -r role[base],role[iis]knife bootstrap windows ssh winboxC -x Administrator -P super_secret_password -r role[base],role[iis]
  14. 14. Nodes: Cloud Providersnodes:- ec2 5: - role[base],role[tc],role[sample] - -S mray -i ~/.ssh/mray.pem -x ubuntu -I ami-0c6ebd65 -f m1.small- rackspace 5: - role[base],role[tc],role[sample] - --image 114 --flavor 2 -i ~/.ssh/mray.pem- openstack 5: - role[base],role[tc],role[sample] - --image 7 --flavor 2 -x ubuntu -i ~/.ssh/mray.pemseq 5 | parallel -j 0 -v "knife ec2 server create -S mray -i ~/.ssh/mray.pem -x ubuntu -I ami-0c6ebd65 -f m1.small -r role[base],role[tc],role[sample]"seq 5 | parallel -j 0 -v "knife rackspace server create --image 114 --flavor 2 -i ~/.ssh/mray.pem -r role[base],role[tc],role[sample]"seq 5 | parallel -j 0 -v "knife openstack server create --image 7 --flavor 2 -i ~/.ssh/mray.pem -r role[base],role[tc],role[sample]"
  15. 15. Validation• Cookbook versions and their dependencies exist• Environment names and referenced cookbooks are correct• Role names and referenced roles and cookbooks are correct• Data bags parse, secret keys are present• Node run lists items are correct and their Environment exists
  16. 16. Whats the Point?• Nodes are ephemeral• Everything we do is in code.• Everything is checked into version control.• Basic roadmap for deployment.
  17. 17. Break it DownHow do we recreate our infrastructure?
  18. 18. Real World Example• Whiteboard it out• Break it down into components• Comment it all out and start working
  19. 19. Heres the YAMLcookbooks:- annoyances:- chef-client:- java:- jpackage:- ntp:- sudo:- tomcat:- users:- sample:roles:- base:- tc:- sample:data bags: - users: - mraynodes:- ec2 1: - role[base],role[tc],role[sample] - -S mray -i ~/.ssh/mray.pem -x ubuntu -G default -I ami-0c6ebd65 -f m1.small- rackspace 1: - role[base],role[tc],role[sample] - --image 114 --flavor 2 -i ~/.ssh/mray.pem
  20. 20. Here it is on GitHub
  21. 21. Versioned Infrastructure• Documentation for your deployment• Iterate over it• Stored in version control• Share with others
  22. 22. Whats Next?•Extract from chef-repo•Extract from Chef Server•Execute as knife plugin
  23. 23. Thanks!• gem install spiceweasel• spiceweasel• Twitter/IRC/GitHub: mattray•