Downloaded 18 times
![Automate infrastructure & applications with Chef
• A recipe is a collection of Resources
• Resources are executed in the order they are listed
On Linux based OSes:
package "httpd" do
action :install
end
template ”/var/www/index.html" do
source ”index.html.erb”
mode "0644"
end
service "httpd" do
action [ :enable, :start ]
end
windows_feature "IIS-WebServerRole" do
action :install
end
template 'c:inetpubwwwrootDefault.htm' do
source "Default.htm.erb"
rights :read, "Everyone"
end
service "w3svc" do
action [ :enable, :start ]
end](https://image.slidesharecdn.com/denver-popup-workflow-demo-04262016-160429180024/85/Chef-Workflow-Demo-20-320.jpg)
Uploaded byChef
Chef Workflow Demo
The document describes a conference agenda for ChefConf. It includes workshops, keynotes, technical sessions, and social events. It also discusses challenges faced by organizations around manual processes, legacy systems, silos, and infrequent releases. Finally, it outlines how Chef's tools and practices around automation, dynamic infrastructure, DevOps workflows, and continuous delivery can help address these challenges.
More Related Content
![Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/apachesparkgettingstarted-260203175547-8361bcc3-thumbnail.jpg?width=640&height=640&fit=bounds)
Chef Workflow Demo
- 2. Workshops &Chef Training Community Summit Chef Partner Summit Welcome Reception Keynotes Technical Sessions Happy Hour Keynotes Technical Sessions Awesome Chef Awards Community Celebration ChefConf.com
- 3. Every business isa software business We’re no longer an airline. We’re a software company with wings. – Veresh Sita, CIO, Alaska Airlines
- 4. Challenges Manual processes Weeks tosetup new systems or software Legacy systems and tools Inflexible, hard-to-change hardware and software Organizational silos Unwieldy divisions of responsibility Infrequent, large releases Fear of deployment due to risk to SLAs Regulatory burdens Compliance bottleneck at the end of a project
- 5. Manual processes Weeks tosetup new systems or software Legacy systems and tools Inflexible, hard-to-change hardware and software Organizational silos Unwieldy divisions of responsibility Regulatory burdens Compliance bottleneck at the end of a project Infrequent, large releases Fear of deployment due to risk to SLAs Compliance at velocity Integration of compliance into the workflow using automated tests Increased cooperation and trust Teams are aligned towards common goals Dynamic infrastructure Easy migration to on-demand, cloud-based infrastructure and management of heterogeneous networks Automation New systems and software updates deployed in minutes Continuous delivery of infrastructure and applications Safe, rapid delivery of incremental value Solutions to the challenges
- 6. Automation Chef turns infrastructureinto code—infrastructure as code is versionable, testable and repeatable. Manual processes become a thing of the past. • Automated, full-stack application policies • Package and service installation • Versionable, testable, repeatable workflow • Scalable application policies • Management of interdependencies across nodes
- 7. Dynamic infrastructure Use Chefto migrate applications to the cloud and support hybrid and multi-cloud environments. Automate the management of heterogeneous networks, including legacy systems. • Provisioning and setting up environments • Dynamic scaling of compute resources • Migrating legacy workloads to the cloud • Multi cloud and hybrid cloud deployment • Support for heterogeneous environments
- 8. DevOps workflow &culture Chef helps you eliminate silos and lower the overhead of IT operations and service management by supporting DevOps culture. Chef helps eliminate silos. • Unified workflow for application and infrastructure • Integration with version control for dev and ops • Support for automated testing of infrastructure and applications • Integration of security and compliance into product development • Advanced, high-velocity workflow with Chef Delivery
- 9. Continuous delivery ofinfrastructure & apps Use Chef to implement a high-velocity software delivery pipeline that integrates application and infrastructure. Eliminate the risks incurred with large, infrequent releases. • Rapid provisioning of dev and test environments • Ensure consistency and repeatability of environments • Unified pipeline for infrastructure, runtime environments and applications • Support for large teams with multiple projects • Advanced, high-velocity workflow with Chef Delivery
- 10. Security and complianceat velocity Regulatory compliance and security concerns are facts of life for every enterprise. At the same time, competitive pressures are increasing. Use Chef to embed requirements into the software delivery pipeline. Chef makes compliance at velocity possible. • Embed compliance into the software delivery pipeline • Automated checking of compliance criteria with analytics • Structured review process during development • Discovery and analysis • Patch management and remediation
- 11. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Collaborative Dev Chef Analytics Production Chef Server Chef Server Chef Supermarket Assessment Chef Compliance Search Audit Discover Deploy Chef Delivery Local Dev Model Build Test Chef DK Chef Client & Cookbooks
- 12. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Assessment Chef Compliance Search Audit Discover
- 13.
- 14. Regulatory compliance frameworks OFACUSA PATRIOT Act Gramm-Leach-Bliley Act Red Flags Rule Bank Secrecy Act Sarbanes-Oxley Regulation E Dodd-Frank False Claims Act HIPAA European Central Bank regulations Prudential Regulation Authority Financial Conduct Authority HITECH PCI DSS
- 15. Inspec Testing Framework control'ssh-1.0' do impact 1.0 title 'Use Protocol version 2 for SSH' desc 'SSH should be explicitly configured to use Protocol version 2' describe ssh_config do its('Protocol') { should eq '2' } end end
- 16. control 'cis-3.1' do impact0.7 title 'Set Daemon umask’ desc 'Set the default umask for all processes started at boot time.' describe file('/etc/sysconfig/init') do its('content') {should match 'umask 027'} end end Translating Policy Into Code
- 17. Chef Compliance 1.0– New Features • More CIS content: CentOS 6 and 7, Ubuntu 12.04 and 14.04. Additional profiles will be provided in the next releases. • Latest Inspec provides plugins for Microsoft SCCM and SCAP contentImport Windows policies from the Microsoft Security Compliance Manager • Chef Server authentication integration and ability to view Compliance reports for Chef Server managed nodes that use the audit cookbook or resources. • The licensed node count can be modified. Instructions here. • Improve output for connectivity errors.
- 18.
- 19. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Assessment Chef Compliance Search Audit Discover Local Dev Model Build Test Chef DK Chef Client & Cookbooks
- 20. Automate infrastructure &applications with Chef • A recipe is a collection of Resources • Resources are executed in the order they are listed On Linux based OSes: package "httpd" do action :install end template ”/var/www/index.html" do source ”index.html.erb” mode "0644" end service "httpd" do action [ :enable, :start ] end windows_feature "IIS-WebServerRole" do action :install end template 'c:inetpubwwwrootDefault.htm' do source "Default.htm.erb" rights :read, "Everyone" end service "w3svc" do action [ :enable, :start ] end
- 21. Provision Infrastructure Dynamicallywith Chef
- 22. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Collaborative DevAssessment Chef Compliance Search Audit Discover Deploy Chef Delivery Local Dev Model Build Test Chef DK Chef Client & Cookbooks
- 23. ONE PATH FORCHANGE • The way change moves through your organization is fixed • Designed to re-enforce your principles and aid flow • Flexible at the level of execution
- 24.
- 25. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Submi t Chang e
- 26. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Submi t Chang e
- 27. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Submi t Chang e Does this code change look good?
- 28. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Submi t Chang e Does this code change look good?
- 29. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Provision Deploy Smoke Functional Submi t Chang e Does this code change look good?
- 30. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Provision Deploy Smoke Functional Submi t Chang e Does this code change look good? Do we want to ship this?
- 31. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Provision Deploy Smoke Functional Provision Deploy Smoke Functiona l Submi t Chang e Does this code change look good? Do we want to ship this?
- 32. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Provision Deploy Smoke Functional Provision Deploy Smoke Functiona l Provision Deploy Smoke Functional Submi t Chang e Does this code change look good? Do we want to ship this?
- 33. Unified Pipeline Shape Thestages are fixed, and each stage has a fixed set of phases APPROVE DELIVER Lint Syntax Unit Security Quality Publish Lint Syntax Unit Provision Deploy Smoke Functional Provision Deploy Smoke Functiona l Provision Deploy Smoke Functional Provision Deploy Smoke Functional Submi t Chang e Does this code change look good? Do we want to ship this?
- 34. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Collaborative Dev Production Chef Server Chef Server Chef Supermarket Assessment Chef Compliance Search Audit Discover Deploy Chef Delivery Local Dev Model Build Test Chef DK Chef Client & Cookbooks
- 35. Chef Analytics Chef Insights •Provides visibility into changes happening across your entire infrastructure Chef Analytics for Compliance • Make changes at speed while ensuring infrastructure is compliant with formal or informal policy Integrations and Notifications • Send data to external systems like Splunk • Send arbitrary events to messaging or alerting systems
- 36. Chef Provides aProven Approach to DevOps ... ... ... Targets/Workloads Collaborative Dev Chef Analytics Production Chef Server Chef Server Chef Supermarket Assessment Chef Compliance Search Audit Discover Deploy Chef Delivery Local Dev Model Build Test Chef DK Chef Client & Cookbooks
Editor's Notes
- #4 Every business is a software business now. Your customers want to consume your services/products through software. Some key examples: banking through apps (people now choose their banks based on how good the mobile app is), retail (Amazon, Target), insurance (Liberty Mutual), investments (Fidelity), transportation (Lyft), etc. Pictures represent: Streaming Services, Airlines, and Retail Why? Velocity is the key
- #5 The blockers to be illustrated are— manual processes; regulatory requirements; process silos; legacy systems and tools; large, infrequent releases
- #12 (add flow elements) Stakeholders--dev, ops, and others– need a collaborative workflow Applications, runtimes and infrastructure must be deployed together
- #13 Demo time – Scan the running system(s)
- #14 Compliance as Code - Chef Codifies infrastructure and workflow - Chef Compliance brings that same promise of the codified world to compliance and auditing – Velocity - because you can test all of your infrastructure in a much faster manner Consistency - Test consistently across time. Everyday every hour vs just during the audit. Scale - scalability is hugely important. Cloud, containers. Your complinace neends to scale with your infra Feedback - Get the info and be able to feed it to the proper channels
- #20 Demo Time – local development of the cookbook changes with tests
- #23 Demo Time – Chef Delivery
- #26 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #27 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #28 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #29 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #30 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #31 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #32 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #33 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #34 We’ve taken a different approach compared to other solutions in that in Delivery the pipeline has a fixed shape. Pipelines consist of six fixed stages, each of which is comprised of a fixed set of phases. It's not that we're trying to be inflexible; change the conversation. The common pipeline is prescriptive because it's based on our collective experience. The flexibility resides in the way you define what happens in each phase, described in the next two slides. An example here is you can include compliance in your workflow via the Functional phase to confirm that your organization’s security rules are part of testing a change Part of the reason this is the right approach is that arguing over the pipeline shape can become a huge delay to adopting CD. Custom pipelines are more difficult to maintain and keep stable over time. Delivery includes explicit review and approval gates This allows you to manage change in a way that is compliant with your business or regulatory requirements
- #35 Review what we’ve just demoed Scan running infrastructure to identify compliance violations Model, build, and test the remediation Submit the remediation to the Delivery pipeline Published to the Chef server and remediated on the nodes Repeat
- #37 (add flow elements) Stakeholders--dev, ops, and others– need a collaborative workflow Applications, runtimes and infrastructure must be deployed together