MadridDevops September 2014 Meeting: "From chef09 to chef11, one approach to devops"
Madrid, September 25, 2014
http://madrid.devops.es
Just an excuse to talk about devops, chef (and puppet as comparison), its culture , its community and a migration project I have been involved with.
Do you know how Continuous Delivery of Java Open Source libraries looks? How big is your release overhead? Do you update release notes and include contributors manually? How do you handle versioning? Do you use semantic versioning?
During this workshop, you will learn how to set up Continuous Delivery for your library. You’ll never have to manually release new versions again. We will use the following tools: GitHub, TravisCI, Bintray, Maven Central. We will glue everything using Shipkit.org - a project born from Mockito (and still used there). You’ll additionally learn SerVer.
This workshop is mostly for Java open source and Gradle plugins developers. We will use a library prepared especially for this training, so no worries if you don’t have your own open source project (yet).
Prerequisites: GitHub account, Java & Gradle basics.
Automated Infrastructure and Application ManagementClark Everetts
Managing application infrastructure is an error prone, tedious, and often manual process leading to late hours spent troubleshooting self-inflicted oversights. Clark will introduce an open source Chef cookbook automating many steps, which utilizes a server side SDK to painlessly deploy PHP applications, and also show how the process can be managed leveraging Zend Server. Attendees will walk away with a complete toolset to implement quickly in their own projects.
Do you know how Continuous Delivery of Java Open Source libraries looks? How big is your release overhead? Do you update release notes and include contributors manually? How do you handle versioning? Do you use semantic versioning?
During this workshop, you will learn how to set up Continuous Delivery for your library. You’ll never have to manually release new versions again. We will use the following tools: GitHub, TravisCI, Bintray, Maven Central. We will glue everything using Shipkit.org - a project born from Mockito (and still used there). You’ll additionally learn SerVer.
This workshop is mostly for Java open source and Gradle plugins developers. We will use a library prepared especially for this training, so no worries if you don’t have your own open source project (yet).
Prerequisites: GitHub account, Java & Gradle basics.
Automated Infrastructure and Application ManagementClark Everetts
Managing application infrastructure is an error prone, tedious, and often manual process leading to late hours spent troubleshooting self-inflicted oversights. Clark will introduce an open source Chef cookbook automating many steps, which utilizes a server side SDK to painlessly deploy PHP applications, and also show how the process can be managed leveraging Zend Server. Attendees will walk away with a complete toolset to implement quickly in their own projects.
* What is different GitHub Flow and Git Flow?
* What is GitHub Actions?
* How to write the simple workflow?
* What's problem in GitHub Actions UI?
* What's problem with Secrets in GitHub Actions?
* How to write your first GitHub Actions and upload to the marketplace?
* What's a problem with environment variables in GitHub Actions?
Using Jenkins to create isolated test environments for OSS (or highly collaborative) projects.
Uses all the hotness:
- docker
- docker-machine
- docker-compose
- Deis
- Jenkins
CocoaPods pour la gestion et la maintenance de librairies privées/internes, avec un retour d’expérience et quelques bonnes pratiques par Adrien Humilière de Captain Train.
Lightweight continuous delivery for small schoolsCharles Fulton
In a continuous delivery environment web application updates are pushed out fast and frequently. Implementing that environment requires many different pieces: version control, automated testing, and automated deployment. It’s a lot to wrap your head around, but there are tangible benefits for small schools, including new opportunities to collaborate among institutions or with student developers.
In this presentation we will demonstrate how to build a lightweight continuous integration and delivery stack using free and open source tools: GitLab for version control, GitLab CI and Docker for testing, and Docker and Capistrano for deployment. We will walk through how each piece is separately important and how combining them creates a simple yet powerful deployment strategy. We will also describe concrete examples of how we are using these tools to share application development with students and each other.
Proposed talk for the Helsinki Midwinter Darkness Camp 19th–20th January 2011. Meant to be a reminder about some of the important things to keep in mind when submitting code to the Koha project - and as an example of things to keep in mind when submitting code to any large free software project.
"Puppet at GitHub" by Will Farrington of GitHub at Puppet Camp Raleigh 2013. You can find Will's slides in their native habitat here: https://speakerdeck.com/wfarr/puppet-at-github-puppetcamp-raleigh-2013
Culerity and Headless Full Stack Integration TestingPatrick Huesler
A presentation about Full Stack Integration testing with a focus on headless solutions and a list of promising new solutions using johnson. Presented at RailsWayCon 2010
This is a presentation give to the Vancouver Drupal users group about moving to GIT as a version control system for a small development team. The presentation details the workflow we settled on, and the git flow method for branch management. You can see a video of the presentation here - http://www.ustream.tv/recorded/13544036
* What is different GitHub Flow and Git Flow?
* What is GitHub Actions?
* How to write the simple workflow?
* What's problem in GitHub Actions UI?
* What's problem with Secrets in GitHub Actions?
* How to write your first GitHub Actions and upload to the marketplace?
* What's a problem with environment variables in GitHub Actions?
Using Jenkins to create isolated test environments for OSS (or highly collaborative) projects.
Uses all the hotness:
- docker
- docker-machine
- docker-compose
- Deis
- Jenkins
CocoaPods pour la gestion et la maintenance de librairies privées/internes, avec un retour d’expérience et quelques bonnes pratiques par Adrien Humilière de Captain Train.
Lightweight continuous delivery for small schoolsCharles Fulton
In a continuous delivery environment web application updates are pushed out fast and frequently. Implementing that environment requires many different pieces: version control, automated testing, and automated deployment. It’s a lot to wrap your head around, but there are tangible benefits for small schools, including new opportunities to collaborate among institutions or with student developers.
In this presentation we will demonstrate how to build a lightweight continuous integration and delivery stack using free and open source tools: GitLab for version control, GitLab CI and Docker for testing, and Docker and Capistrano for deployment. We will walk through how each piece is separately important and how combining them creates a simple yet powerful deployment strategy. We will also describe concrete examples of how we are using these tools to share application development with students and each other.
Proposed talk for the Helsinki Midwinter Darkness Camp 19th–20th January 2011. Meant to be a reminder about some of the important things to keep in mind when submitting code to the Koha project - and as an example of things to keep in mind when submitting code to any large free software project.
"Puppet at GitHub" by Will Farrington of GitHub at Puppet Camp Raleigh 2013. You can find Will's slides in their native habitat here: https://speakerdeck.com/wfarr/puppet-at-github-puppetcamp-raleigh-2013
Culerity and Headless Full Stack Integration TestingPatrick Huesler
A presentation about Full Stack Integration testing with a focus on headless solutions and a list of promising new solutions using johnson. Presented at RailsWayCon 2010
This is a presentation give to the Vancouver Drupal users group about moving to GIT as a version control system for a small development team. The presentation details the workflow we settled on, and the git flow method for branch management. You can see a video of the presentation here - http://www.ustream.tv/recorded/13544036
HELIUM V kombiniert die Anforderungen von KMU an ERP, CRM, BI, DMS, MES, PM in einem System. Die 5 Säulen von HELIUM V: Einkauf | Verkauf | Warenwirtschaft | Produktion mit Zeitwirtschaft | Management ergänzen sich und sind für eine optimale Betriebsführung aufeinander abgestimmt. Die Business-Software HELIUM V ist Handwerkszeug für nachhaltigen Unternehmenserfolg, unterstützt Sie im Unternehmensalltag und mit aussagekräftigen Kennzahlen bei den Verhandlungen mit Ihren Partnern.
GFI MailSecurity can be deployed as an SMTP gateway or as a VS API version for Exchange 2000/2003. This technical white paper describes each operating mode and helps you decide which to deploy and whether you should deploy both.
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013ANECPLA
Presentación de nuestra directora general Milagros Fernández, además de entrevistas a profesionales del sector, resúmenes de congresos a los que asiste nuestra asociación, y la oferta formativa que ofrecemos.
Temática:
Control de plagas.
Oferta formativa de ANECPLA.
Congresos y reuniones de ANECPLA.
The emails that you want are only the tip of the iceberg that you get.
Your Challenge
Within the email security gateway (ESG) marketplace, there are numerous vendors with varying options who all claim to be the perfect fit for your organization. It becomes challenging to sift through all the offerings and find the right one.
An ESG must serve a multitude of functions for the organization, as well as meet an array of requirements, all of which can be hard to accurately assess and include confidently.
IT security always struggles with costs. An email gateway can become expensive, but it is vital and thus needs to have a strong case made for implementation, improvement, or replacement scenarios.
Our Advice
Critical Insight
Cloud adoption among business functions is already high. Moving email to the cloud is just another step. Take this into consideration when selecting an ESG.
Advanced Persistent Threats (APTs) and Zero-Day attacks are changing the way organizations deal with threats. Recognize the need for greater visibility and tools that stay current with these developments.
Impact and Result
Understand developments within the ESG market to properly evaluate all capabilities and functions of an ESG.
Evaluate ESG vendors and products based on your enterprise requirements.
Determine which products are most appropriate for particular use cases and scenarios.
El símbolo del Karate Shotokan, el estilo más representativo en el mundo, es un tigre encerrado en un círculo. Fue diseñado por el artista japonés Hoan Kosugi, amigo del maestro Funakoshi, para ilustrar sus libros sobre Karate. En la actualidad es el símbolo más ampliamente usado y el adoptado mundialmente.
Para mas información, visite http://www.deportes.gov.co/karate-kumite-presentacion.html
Localizarea electronică a publicaţiilor Bibliotecii Universităţii "Dunărea de Jos" din Galaţi de Lenuţa Ursachi este licenţiat printr-o Licenţă Creative Commons Atribuire 3.0 Ne-adaptată
LOS 4 PILARES DEL MOVIMIENTO HUMANO. UNA APROXIMACIÓN DE LA MANERA DE ENTENDER EL MOVIMIENTO PARA PODER MEJORAR LOS RESULTADOS DE NUESTRO ENTRENAMIENTO
Cooking Perl with Chef: Real World Tutorial with JitterbugDavid Golden
This tutorial provides a command-by-command walk-through for deploying the Jitterbug continuous integration application using the Chef configuration management tool
At Ninefold we've spent 3+ years with Chef. We've built a PaaS with Chef and we manage our internal systems with it.
In this presentation we explore the design decisions we needed to make in order to build the platform. It highlights the things we've learned along the way that weren't exactly obvious when we started.
In this talk, I will discuss our experiences at Mollie with setting up the Jenkins Continuous Integration server for all our PHP projects. The talk will be aimed at developers with little or no experience with CI.
Efficient development workflows with composernuppla
Composer is a great tool for managing a project's dependencies - however, as with many tools there are various ways to use it. That's why this session will provide you an overview of possible workflows and shows practical solutions for building and deploying composer-managed projects. It covers experiences with handling Drupal projects and focus on approaches that can be shared across projects and team members.
Topics:
- Introduction: What is composer and how to use it with Drupal
- Build & deployment workflows for composer-managed projects
- Composer & Drupal: Challenges & solutions
- Creating re-usable packages
High Productivity Web Development WorkflowVũ Nguyễn
We are all familiar with these web technologies: Angular, NodeJS, Grunt, Karma, ... However, how to put them together to make a seamless, high productivity workflow for building prototypes quickly and delivering products frequently?
The new buzz world in the world of Agile is "DevOps". So what exactly is devOps and Why do we need it? When development got married to deployment (sys-admin/operations) ; what is born is a new advanced species which is known to us today as "DevOps"
>>WATCH THE WEBINAR HERE: https://codefresh.io/docker-based-pipelines-with-codefresh/
Most people think that Docker adoption means deploying Docker images. In this webinar, we will see the alternative way of adopting Docker in a Continuous Integration Pipeline, by packaging all build tools inside Docker containers. This makes it very easy to use different tool versions on the same build and puts an end to version conflicts in build machines. We will use Codefresh as a CI/CD solution as it fully supports pipelines where each build step is running on its own container image.
Sign up for FREE Codefresh account (120 builds/month) at Codefresh.io/codefresh-signup
DevOps Fest 2019. Олег Белецкий. Using Chef to manage hardware-based infrastr...DevOps_Fest
Доклад посвящен практическому опыту использования Chef для разворачивания, Сonfiguration-management, Release-management of medium-scale infrastructure (1000+ железных серверов). Будут рассмотрены и даны ответы на следующие вопросы:
- Как управлять железом в мире клаудов и k8s?
- Сколько нужно времени и инженеров чтобы релизнуться на 1000 машин?
- Какой инструментарий предоставляет Chef для мониторинга хода релиза в процессе, pre-release, post-release статуса?
- How to keep, manage and rotate secrets secure way?
- Сколько нужно времени чтобы изменить root-password на всей среде?
- Bonus: сколько нужно грузовиков чтобы перевезти датацентр?
In this hands-on lab, you'll learn how to create containerized applications and test them in a Red Hat OpenShift development cluster. You'll quickly develop a basic containerized application, break down an application into multiple containers, and then deploy these images to container host platforms. You’ll get a feel for the different container host platforms and learn how to choose the best one for your container needs. Finally, you’ll understand what to consider and what tools are available when implementing a containerized, microservices architecture.
Kubernetes and CoreOS @ Athens Docker meetupMist.io
Using Kubernetes and CoreOS to increase scalability and availability. Presentation at the Athens Docker meetup http://www.meetup.com/Docker-Athens/events/226277352/
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
16. My approach to a
configuration management project
Antonio Peña @apenav for @MadridDevops
September 2014 http://about.me/apenav
17. Best tool to make config mgmt?
● cfengine
● puppet
● chef
● salt
● ansible
-- Business decision-making. Make your choice
-- Strengths/weakness. Tend to converge.
21. What is Chef?
● a company
○ Opscode Inc.
○ getchef.com
○ @chef
● a product (with paid support)
○ packages, not recommended install from gemfiles
● an open source project
● a community (open source but not only)
29. Working in a company
as a Developer.
Daily tasks
30. Initial problem
Problem to be solved (in aprox. 2 weeks):
1. install chef-server 11 in a centos6 behind a
VPN
2. install 2 web frontends + 2 backends
a. (redis s/m + mysql m/s)
31. Real problem
1. refactor/migrate/write from scratch about 20
old-fashioned (2009) but very reliable (daily
used, very difficult to extend for an outsider)
ubuntu ruby18-webapp-related recipes to
newer ones
2. proof of concept to migrate chef09 company’
s repository to anything better
33. Methodology or the like
“Big bang” approach, but iterative:
● use chef11 community cookbooks
● almost no direct migration from chef09 ones
34. Criteria to use community cookbooks?
https://github.com/opscode-cookbooks/mysql
When in doubt use popular
opscode
community
cookbooks.
So many content to
follow!
39. 1.- Hosting Environment (I)
Open Source chef-server in a centos6.
Modify and test undocumented chef-server
config, with some “little” external problems:
- shared server behind a VPN
- unavailable ports: reassign 80/443 to 81/8443
- 8000 not opened in firewall (so no reports will
be available)
40. Asking for opening ports in firewall
http://devopsreactions.tumblr.com/post/41094252078/asking-the-security-team-for-a-firewall-exception
41. 2.- Cookbook Development (I)
Opscode free(*) hosting
● Great help because Multiproject!
● http://learn.getchef.com
● Berkshelf helped a lot with dependencies (**)
● Good practices freezing versions
(*) not open-source (limited to 10 nodes)
(**) not so easy when not opscode server
42. 2.- Cookbook Development (II)
Chef-DK:
● ruby binaries in specific /opt folders
● not needed rvm/rbenv/ruby source code/...
● own path & pre-installed useful gems and
tools
43. 2.- Cookbook Development (III)
● http://jtimberman.housepub.org/blog/2014/04/30/chefdk-and-
ruby/
● Berkshelf 3.0.
● The Test Kitchen integration testing framework.
● ChefSpec, for unit testing cookbooks.
● Foodcritic, static code analysis on cookbooks.
● All of the Chef tools you're already familiar with: Chef
Client, Knife, Ohai and Chef Zero.
44. 2.- Cookbook Development (IV)
Better practices? Any?
● No time for tests nor TDD (to learn about)
● Not enough RAM in laptop nor in AWS micro
instances for making testing/CI with Vagrant
● Foodcritic and more, but later
● I hope to use them ASAP: just because I like
it. The same with Puppet.
45. 2.- Cookbook Development (V)
First stages of development
● make risks, quick tests, quickwin, try and try
● think in advance, virtualhosts library
● ugly code you know it will be easy to change
● the community code is better than yours
● extend, not create from the ground
● parametrize cookbooks: redis
46. 3.- Monolithic cookbook approach
Thanks a lot to Mathias Lafeldt @mlafeldt
“monolithic cookbook” idea, easy to refactor
later (see Puppet Module Structure Redux).
● http://mlafeldt.github.io/practicing-ruby-cookbook
● https://github.com/elm-city-craftworks/
practicing-ruby-cookbook
47. 4.- Everything is a cookbook
● https://tomduffield.com/everything-as-a-cookbook-
chefconf2014/
● https://speakerdeck.com/tduffield/everything-as-
a-cookbook-1
49. 5.-ProductionCookbookDevelopment
● A new beginning. Almost from scratch.
Develop new recipes and cookbooks against a
new chef organization in opscode free hosting.
● install, fix, check-apply and repeat in
frontend staging instances
(Poor’s man plan–do–check–adjust)
https://en.wikipedia.org/wiki/PDCA
50. 6.-ProductionCookbookDeployment
● chef site cookbook install “cookbook” (new
git branch in ~/chef-repo/cookbook/)
● chef site cookbook install chef-client
51. 7.- Opscode packages (I)
● WARNING: chefdk.rpm installs binaries
under /usr/bin and gems in its own gemsdir
● REMOVE any puppet or ruby preexistent
package or binary, no interferences please!
● BEWARE: never use binaries without explicit
PATH e.g. /opt/chef/bin/chef-client
52. 7.- Opscode packages (II)
NO RVM nor system ruby allowed
● chef-server.rpm
● chef.rpm
● chefdk.rpm
every opscode rpm package installs one or
more ruby binaries in its own path
53. 8.- Developers isolated ruby environment (I)
● Developers need multiple rubies installed
(1.9.3 & 2.0.X)
● unprivileged users will install its own gems,
without interfering with chef ruby-binaries
SOLUTION: compile explicit versions from
source code, rewrite PATH in user environment
and install “bundler gem” as root.
54. 8.- Developers isolated ruby environment (II)
Opscode chef.rpm package provides 2.1 ruby
● install passenger-apache library+binary
compiled and installed as a gem under chef.
rpm gemlib path (a community recipe is in
charge of it)
● compatible to both 2.0.x and 1.9.x user
rubies
55. 8.- Developers isolated ruby environment(III)
Explicit ruby version (1.9.3 or 2.0.X) in
appropriate virtualhost apache files (from
templates)
NOTE: Foodcritic tool helped a lot when looking
for errors (e.g. specially with chef templates)
56. 9. Final Steps (I)
After just 2 weeks, it almost worked ok.
Traditional approach to development: logrotate
and monit forked recipes with “999” suffix
added to “semver” in metadata.rb
● not perfect
● Explicit installation of dependencies when in
Opensource Opscode server
57. 9. Final Steps (II)
Pareto principle! 80/20 Rule.
● Two more weeks with “fringes”
● create new organization in opscode free
account
● chef-solo-search for “local” databags
● BIG CRISIS: no chef-server available ->
chef-solo deployment
59. 9. Final Steps (III)
Create git repo (first commit in 2 weeks)
● install explicit dependencies
● “chef cookbook site install”
● only needed “ancient” (fork and modify)
approach in two cookbooks: monit and
passenger
60. 9. Final Steps (IV)
“In extremis”: Refactor the “monolithic”
cookbook
Monolithic cookbook refactored as 3 cookbooks
Three layers of attribute+template files:
● general cookbook (i.e. language, servers,...)
○ company cookbook (i.e. final customer specific)
■ project cookbook (i.e. virtualhost config)
61. 9. Final Steps (V)
● only two “old fashioned” forked recipes:
monit and passenger
● new recipes forces a different way to use
databags
62. 10. Conclusions (I)
To FIX:
● move logrotate recipes in railssites2 to
another new bootstrapping-node-sysadmin
cookbook
● not exactly applied but inspired in
"everything is a cookbook"
63. 10. Conclusions (II)
● You need to have “Luck”
○ no way to configure staging chef-server (only
working through 127.0.0.1 and VPN)
○ no way to configure ubuntu from opscode deb
packages
● You need big motivation to success
64. 10. Conclusions (III)
To be improved:
● ubuntu/RHEL cookbooks
● tests
● mysql m/s cookbook
● monit recipe
● opensource chef-server hosting
Sysadmin de Linux
de FI.UPM
últimamente ayudando a una startup a escalar con AWS
hice esto con chef
y ahora mismo con puppet (incluso con windows)
mail
twitter
meetup
Septiembre
Hace mucho que no se habla de devops aquí
Charla de madrid-devops, sin ruby, sin chef.
Experiencia
Tal vez un taller muy enfocado a gente que le interese chef y que lleve a discusión de estas cosas y que den feedback de maneras más correctas de haberlo hecho o cómo seguir aprendiendo (me interesa mucho el feedback).
Ofrecérosla como charla interna del grupo de admins
y me quito "este peso" (transmitir este conocimiento) para liberar un poco la mente y dejar sitio para otras cosas.
Everybody is
“Trolling” inherent to Culture
Open mind
En la buena dirección
Velocity
Manufacturing efficient POV
Business Schools
Toyota way
Puppet conf
Kris Buytaert?
Big Company POV
Karen
Cfgmgmt
Describe estado de infraestructuras
Traditional chef
bunch of gems
American dream
Biz
1) devops en gran empresa (problemas estructurales, para que triunfe debe tener apoyo de la dirección).
Necesita gran conocimiento de la organización y derivaría en proy de consultoría y tal vez integración con ITIL.
Jeff Bezos - like
Devops en pyme/Departamento no crítico.
Centrada en herramientas. La empresa se reinventa cada día. Cambios frenéticos, tal vez no llegue a consolidarse si los socios no "compran" la idea.
Lo importante es salir, no hacerlo bien.
3) "Consultor" en startup exitosa que empieza a tener problemas de integración de sw, mediana empresa, necesidad puntual.
Sería un perfil más senior que, o tiene mucha suerte y capacidad, o ya se ha "equivocado" en otras aventuras y tal vez aplique bien las técnicas....
Vec contcc
Chef Server
Internal Services
Why cool guys don’t look back to explosions
https://www.youtube.com/watch?v=Sqz5dbs5zmo
Where?
https://raw.githubusercontent.com/opscode-cookbooks/chef-client/master/templates/default/redhat/init.d/chef-client.erb
Open Source rules!
- no hables por boca de ganso, si no te has enfrentado a un proyecto devops real, no opines sin saber, que a todo se adapta uno
- sufrir un poco "mola"
- déjate llevar por los gurús, a veces y si tienes suerte, sale bien
- necesitas motivación y dormir poco