Presentation by Josh Padnick given at Desert Code Camp on April 5, 2014. Introduces OpsCode Chef with a special emphasis on learning the key Chef concepts. Also includes tips & tricks and references to best practices.
Introduction to Chef - Techsuperwomen SummitJennifer Davis
Interested in speeding up time to production when developing an application? Want to understand how to minimize risk associated with changes? Come learn about infrastructure automation with Chef. In this beginner level workshop, I will teach you the core set of skills needed to implement Chef in your environment whether for work or personal projects. I will cover the basic architecture of Chef and the associated tools that will help you improve your application workflow from design to production.
Overview of Chef - Fundamentals Webinar Series Part 1Chef
This is an Overview of Chef. After viewing this webinar you will be able to:
- Describe how Chef thinks about Infrastructure Automation
- Define the following terms:
- Resource
- Recipe
- Node
- Run List
- Search
- Login to Hosted Chef
- Run `knife` commands from your workstation
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=S5lHUpzoCYo&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
Introduction to Chef - Techsuperwomen SummitJennifer Davis
Interested in speeding up time to production when developing an application? Want to understand how to minimize risk associated with changes? Come learn about infrastructure automation with Chef. In this beginner level workshop, I will teach you the core set of skills needed to implement Chef in your environment whether for work or personal projects. I will cover the basic architecture of Chef and the associated tools that will help you improve your application workflow from design to production.
Overview of Chef - Fundamentals Webinar Series Part 1Chef
This is an Overview of Chef. After viewing this webinar you will be able to:
- Describe how Chef thinks about Infrastructure Automation
- Define the following terms:
- Resource
- Recipe
- Node
- Run List
- Search
- Login to Hosted Chef
- Run `knife` commands from your workstation
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=S5lHUpzoCYo&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Chef
Part 6 of a 6 part series introducing you to the fundamentals of Chef.
This session includes an introducing Community Cookbooks and some additional resources.
After viewing this webinar you will be able to:
- Find, preview, and download cookbooks from the Chef Community site
- Use knife to work with the Community Site API
- Download, extract, examine and implement cookbooks from the Community site
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=ovTIeS3kx4g&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
At Rackspace, sysadmins have taken responsiblilty for what was a "developers problem" only a few years ago. What started as a way to solve an image build problem turned into a socially collaborative DevOps community. Come see what Chef started.
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Chef
Part 2 of a 6 part series introducing you to the fundamentals of Chef.
This session includes:
* Node Setup
* Chef Resources and Recipes
After viewing this webinar you will be able to:
- Login to the node in your Chef Training Lab
- Install Chef nodes using "knife bootstrap"
- Explain how knife bootstrap configures a node to use the - Organization created in the previous section
- Explain the basic configuration needed to run chef-client
- Describe in detail what a cookbook is
- Create a new cookbook
- Explain what a recipe is
- Describe how to use the package, service, and template - resources
- Upload a cookbook to the Chef Server
- Explain what a run list is, and how to set it for a node - via knife
- Explain the output of a chef-client run
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=S5lHUpzoCYo&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
Overview of chef ( Infrastructure as a Code )Pravin Mishra
- Chef is a system and cloud infrastructure automation framework.
- It easy to deploy servers and applications to any physical, virtual, or cloud location, no matter the size of the infrastructure.
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Simplilearn
This presentation on Chef will help you understand why Chef is needed, what is Chef, what is configuration management, infrastructure as code, components of Chef, Chef architecture & how it works, and you will also see a demo on Chef. Chef is an open source tool developed by Opscode. It is written in Ruby and Erlang. It automates the configuration and maintenance of multiple servers. Configuration management is a collection of engineering practices that provides a systematic way to manage entities for efficient deployment. These entities include code, infrastructure and people. Now let us get started and understand Chef in detail.
Below topics are explained in this Chef presentation:
1. Why Chef?
2. What is Chef?
3. Configuration management
4. Infrastructure as code
5. Components of Chef
6. Chef architecture
7. Flavors of Chef
8. Chef demo
Simplilearn's DevOps Certification Training Course will prepare you for a career in DevOps, the fast-growing field that bridges the gap between software developers and operations. You’ll become en expert in the principles of continuous development and deployment, automation of configuration management, inter-team collaboration and IT service agility, using modern DevOps tools such as Git, Docker, Jenkins, Puppet and Nagios. DevOps jobs are highly paid and in great demand, so start on your path today.
Why learn DevOps?
Simplilearn’s DevOps training course is designed to help you become a DevOps practitioner and apply the latest in DevOps methodology to automate your software development lifecycle right out of the class. You will master configuration management; continuous integration deployment, delivery and monitoring using DevOps tools such as Git, Docker, Jenkins, Puppet and Nagios in a practical, hands-on and interactive approach. The DevOps training course focuses heavily on the use of Docker containers, a technology that is revolutionizing the way apps are deployed in the cloud today and is a critical skillset to master in the cloud age.
Who should take this course?
DevOps career opportunities are thriving worldwide. DevOps was featured as one of the 11 best jobs in America for 2017, according to CBS News, and data from Payscale.com shows that DevOps Managers earn as much as $122,234 per year, with DevOps engineers making as much as $151,461. DevOps jobs are the third-highest tech role ranked by employer demand on Indeed.com but have the second-highest talent deficit.
1. This DevOps training course will be of benefit the following professional roles:
2. Software Developers
3. Technical Project Managers
4. Architects
5. Operations Support
6. Deployment engineers
7. IT managers
8. Development managers
Learn more at: https://www.simplilearn.com/
Community Cookbooks & further resources - Fundamentals Webinar Series Part 6Chef
Part 6 of a 6 part series introducing you to the fundamentals of Chef.
This session includes an introducing Community Cookbooks and some additional resources.
After viewing this webinar you will be able to:
- Find, preview, and download cookbooks from the Chef Community site
- Use knife to work with the Community Site API
- Download, extract, examine and implement cookbooks from the Community site
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=ovTIeS3kx4g&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
At Rackspace, sysadmins have taken responsiblilty for what was a "developers problem" only a few years ago. What started as a way to solve an image build problem turned into a socially collaborative DevOps community. Come see what Chef started.
Node setup, resource, and recipes - Fundamentals Webinar Series Part 2Chef
Part 2 of a 6 part series introducing you to the fundamentals of Chef.
This session includes:
* Node Setup
* Chef Resources and Recipes
After viewing this webinar you will be able to:
- Login to the node in your Chef Training Lab
- Install Chef nodes using "knife bootstrap"
- Explain how knife bootstrap configures a node to use the - Organization created in the previous section
- Explain the basic configuration needed to run chef-client
- Describe in detail what a cookbook is
- Create a new cookbook
- Explain what a recipe is
- Describe how to use the package, service, and template - resources
- Upload a cookbook to the Chef Server
- Explain what a run list is, and how to set it for a node - via knife
- Explain the output of a chef-client run
Video of this webinar can be found at the following URL
https://www.youtube.com/watch?v=S5lHUpzoCYo&list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ
Overview of chef ( Infrastructure as a Code )Pravin Mishra
- Chef is a system and cloud infrastructure automation framework.
- It easy to deploy servers and applications to any physical, virtual, or cloud location, no matter the size of the infrastructure.
Chef Tutorial | Chef Tutorial For Beginners | DevOps Chef Tutorial | DevOps T...Simplilearn
This presentation on Chef will help you understand why Chef is needed, what is Chef, what is configuration management, infrastructure as code, components of Chef, Chef architecture & how it works, and you will also see a demo on Chef. Chef is an open source tool developed by Opscode. It is written in Ruby and Erlang. It automates the configuration and maintenance of multiple servers. Configuration management is a collection of engineering practices that provides a systematic way to manage entities for efficient deployment. These entities include code, infrastructure and people. Now let us get started and understand Chef in detail.
Below topics are explained in this Chef presentation:
1. Why Chef?
2. What is Chef?
3. Configuration management
4. Infrastructure as code
5. Components of Chef
6. Chef architecture
7. Flavors of Chef
8. Chef demo
Simplilearn's DevOps Certification Training Course will prepare you for a career in DevOps, the fast-growing field that bridges the gap between software developers and operations. You’ll become en expert in the principles of continuous development and deployment, automation of configuration management, inter-team collaboration and IT service agility, using modern DevOps tools such as Git, Docker, Jenkins, Puppet and Nagios. DevOps jobs are highly paid and in great demand, so start on your path today.
Why learn DevOps?
Simplilearn’s DevOps training course is designed to help you become a DevOps practitioner and apply the latest in DevOps methodology to automate your software development lifecycle right out of the class. You will master configuration management; continuous integration deployment, delivery and monitoring using DevOps tools such as Git, Docker, Jenkins, Puppet and Nagios in a practical, hands-on and interactive approach. The DevOps training course focuses heavily on the use of Docker containers, a technology that is revolutionizing the way apps are deployed in the cloud today and is a critical skillset to master in the cloud age.
Who should take this course?
DevOps career opportunities are thriving worldwide. DevOps was featured as one of the 11 best jobs in America for 2017, according to CBS News, and data from Payscale.com shows that DevOps Managers earn as much as $122,234 per year, with DevOps engineers making as much as $151,461. DevOps jobs are the third-highest tech role ranked by employer demand on Indeed.com but have the second-highest talent deficit.
1. This DevOps training course will be of benefit the following professional roles:
2. Software Developers
3. Technical Project Managers
4. Architects
5. Operations Support
6. Deployment engineers
7. IT managers
8. Development managers
Learn more at: https://www.simplilearn.com/
AWS re:Invent 2016: Configuration Management in the Cloud (DEV305)Amazon Web Services
To ensure that your application operates in a predictable manner in both your test and production environments, you must vigilantly maintain the configuration of your resources. By leveraging configuration management solutions, Dev and Ops engineers can define the state of their resources across their entire lifecycle. In this session, we will show you how to use AWS OpsWorks, AWS CodeDeploy, and AWS CodePipeline to build a reliable and consistent development pipeline that assures your production workloads behave in a predictable manner.
2016 - Easing Your Way Into Docker: Lessons From a Journey to Productiondevopsdaysaustin
Presentation by Steve Woodruff
The story of how SpareFoot broke up its monolithic application into micro services, deployed Docker into production, and established a "contract" between Dev and Ops.
Laravel Forge: Hello World to Hello ProductionJoe Ferguson
With the recent release of Laravel Forge, Envoyer and Homestead, it has never been easier to go from nothing to something with an easy to use PHP Framework. This talk will cover creating a basic Laravel application using the Laravel specific Vagrant box "Homestead", connecting to a server (Linode, Rackspace, Digital Ocean), and deploying the application via Forge. The talk will also cover tips and tricks on customizing Homestead to fit custom needs as well as how to use Forge & Envoyer to deploy new versions of our application.
under the covers -- chef in 20 minutes or lesssarahnovotny
Learn how to automate your infrastructure to make more time for fun things. In this rapid fire intro to Chef, an open source provisioning and automation platform, we'll touch on the strengths of it's flexible architecture as well as showing some concrete and simple starting points on your path to become an executive chef.
Configuration Management in the Cloud - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn how to use AWS OpsWorks, AWS CodeDeploy, and AWS CodePipeline to build a reliable and consistent development pipeline
- Understand about continous integration and delivery for Infrastructure as Code
- Learn how to get started with these services.
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Introduction to Chef: Automate Your Infrastructure by Modeling It In Code
1. Automate Your Server Configuration!
by Modeling It In Code
Josh Padnick
Desert Code Camp
April 5, 2014
2. Today’s 5-Course Meal
• What is Chef and what does it solve?
• Key Chef concepts
• Where/How you use it
• Tips & tricks
• Learning more
3. Our Goal Today:
You go home tonight and deploy your
first Chef cookbook in 1 - 2 hours.
4. • Founder & CIO of Omedix
• Special interest in Healthcare IT
• 10+ years doing web app dev
• Strong preference for open source & Java ecosystem
Josh Padnick
These slides are posted on http://joshpadnick.com
6. “The Magic Server”
The code doesn't work on any server
except the magic server. We're afraid to touch it.
7. “Just Clone Another Instance”
You can’t setup a dev machine quickly, but you're
virtualizing and at least you can clone it.
8. “We have AMIs! But we need to change them :(“
You can clone a server, but your snapshot (AMI) needs
to be changed...so you have to rebuild the AMI.
9. “I have a simple script to deploy!
to 10 different servers”
The script is small and simple, but deploying it to 10 servers
is painful, so updates to this script will not be permitted!
10. Documentation is time-consuming and always out of date.
But we still need to ramp up the new guy.
“Documentation is critical…but out of date.”
11. "Deploying a new server takes too long"
!
"This server here is broken so let's spend hours
restoring it because launching a new server is too hard."
!
"Changing the deployment process will take time we
don't have"
!
12. Are you actively managing more than
a few servers on an ongoing basis?
Welcome to!
SERVER MANAGEMENT HELL
13. What is the underlying issue here?
The real problem is STATE.
14. But wait, haven’t we dealt
with state before?
Only since 1937 when Alan Turing invented the state machine.
20. The Servers
Each of these guys installs an
agent called the CHEF CLIENT
Management Server Local Workstation
21. The Servers
Each of these guys installs an
agent called the CHEF CLIENT
Management Server Local Workstation
This guy is the authority on what
state each server should be in
22. The Servers
Each of these guys installs an
agent called the CHEF CLIENT
Management Server Local Workstation
This guy is the authority on what
state each server should be in
The DevOps engineer pushes all
instructions to the Management Server
26. Write code that describes the
state of a node and deploy it
to Chef Server
Has the official record of what
each server’s state SHOULD be
Nodes
Chef Server Knife
27. Each node periodically polls the
Chef Server asking for “update
state” instructions
Has the official record of what
each server’s state SHOULD be
Nodes
Chef Server Knife
28. Each node updates its state!
based on instructions from the
management server.
Nodes
Chef Server Knife
30. Did someone say we’re
writing code?
• Write it in Ruby 2.x
• Chef gives us a Ruby DSL specially for declaring server state
• Version-control it with anything, but standard is git
31. We’ll go into more Chef detail later.
Let’s pan out to the 50,000 foot view again.
33. What is Configuration Management?
• A tool used to manage server configuration
with automation.
• Born out of the need for major websites
(Amazon, Facebook, Yahoo) to manage huge
numbers of servers.
34. Who Created Chef?
Jesse Robbins Adam Jacob
Managed lots of Amazon.com servers
Real-life fire fighter!
Built infrastructure for 15 companies
Kept seeing the same patterns!
36. DevOps
• Chef merges the worlds of Development (Dev)
and SysAdmin (Ops).
• Dev: build software, version control, automated testing
• Ops: provisioning servers, maintaining servers, monitoring
40. • You can roll your own
• But for almost every need, just search GitHub
• google “github java cookbook” and choose the best one
• Opscode has “Community Cookbooks at http://
community.opscode.com/cookbooks but I find it
out of date and incomplete.
41. Sample Cookbook
• Recipes are individual sets of
instructions to be executed.
• Recipes read values from
Attributes for things like:!
• Passwords
• Filepaths
• Usernames
• Configuration options for applications
51. Nodes
Chef Server Knife
SSH directly into an individual node
(“Node 32”) and run “sudo chef-
client” to CONVERGE the node.
52. Nodes
Chef Server Knife
Node 32 uses chef-client to
contact Chef Server. It get its
updated run-list, and executes
the run list.
53. Nodes
Chef Server Knife
Node 32’s run-list says to run the
Sample Cookbook. It runs the
latest version of Sample.
54. Nodes
Chef Server Knife
Node 32 has now executed all the
instructions in the latest version of
the “Sample” cookbook
55. Wait, we have to manually log into
each node to update it?
• No! In production, we use Roles to specify a run-list.
• This way, we only update the Chef Server. Individual
nodes poll the Chef Server every X minutes to check
for updates.
64. • It’s a command-line interface to virtual machine
software like VirtualBox or VMWAre.
65. • You can combine Chef’s cookbooks, VirtualBox (a
free VM provider), and Vagrant to run chef
cookbooks directly on local VM’s!
• The same cookbooks that define your infrastructure
can now define your local dev environment.
66. • Get the latest cookbooks on
your local machine
• Run a bunch of VM’s with
VirtualBox and Vagrant
• Update the VM’s with Chef
cookbooks
Local Workstation
73. Ohai
• It’s a program that runs on each node and supplies
attribute info specific to that node.
• Examples
• What OS the node is running
• How much hard drive space
• How much memory is available
• Linux kernel version
74. Roles
• The Run-List is usually the same for all servers at the
same “layer” in the stack and different across layers.
Runlist[Apt, Sample, Apache]
Runlist[Apt, Java, Tomcat, JBoss]
Runlist[Apt, Postgres, Newrelic]
“web” Role
“app” Role
“db” Role
75. Roles
• Roles can also specify attributes that OVERRIDE the
“default” attributes set in the Recipe.
• When a new node is created (“bootstrapped”) it is
best practice to explicitly identify which Role it
belongs to.
• Roles are declared as a simple JSON file and
uploaded to Chef Server using Knife.
85. Environments
• We typically have a PROD and DEV. Maybe QA and
STAGING, or others.
• Environments are just another label to assign to a
node so that it gets the right attributes.
• Just like Roles! But with a different name and intent.
86. Data Bags
• Data Bags are a global source of attributes that any
recipe can call upon.
• They work great for global attributes
• Not so great for secrets like passwords. More on this
later.
87. Source Control & Chef
• Your local chef repo should be cloned from https://
github.com/opscode/chef-repo.
• Then commit it to your own Git repo so you can
version-control changes to Cookbooks, Roles,
Environments, Data Bags, etc.
• Now you version-control your infrastructure just like
your code itself!
90. Storing Secrets in Your Infrastructure
• This is a very hard problem! Let’s look at some options.
• Option 1: The official Chef solution is encrypted data bags. But the main
problem is all nodes and the Chef server share the same symmetric
encryption key :(. So how do we securely transport and protect that key?
• Option 2: Nordstrom uses Chef and created something called Chef Vault
to replace the symmetric encryption key of encrypted data bags with
public key infrastructure. Works well, but creates the “chicken and egg”
problem where a server can’t register itself with chef-vault until it’s
bootstrapped, but needs secrets from chef-vault to bootstrap itself.
• BEST OPTION for AWS! Option 3: Use Citadel. (https://github.com/
balanced-cookbooks/citadel). Store all your secrets in an S3 bucket.
Lock down S3 with AWS IAM Users. Assign each EC2 instance (node) to
an IAM Role which automatically grants access to that instance to the S3
buckets we specify. No keys to manage b/c Amazon does it for us!
91. Open Source Chef Server Tips
• Follow the instructions at http://docs.opscode.com/install_server.html
• Go to http://www.getchef.com/chef/install/ to get the URL for the file download
• To setup the Fully Qualified Domain Name (i.e. hostname) for Ubuntu, do this:
• Setup a DNS name for the server (chef.mybiz.com)
• sudo vim /etc/hostname and enter the hostname to handle server reboots
• sudo hostname chef.mybiz.com to change the hostname for the current session
• Immediately setup a user/pass for yourself so that admin remains a "root" account.
• For AWS, a m1.small instance is sufficient for now.
• You will need backup and monitoring for this server.
• See http://www.getchef.com/blog/2013/03/11/chef-11-server-up-and-running/ for more info.
• You can bootstrap Chef Server with Chef Solo! See https://github.com/opscode-cookbooks/
chef-server
92. Tips for Setting Up Knife
• When you run knife configure --initial use your local paths for the admin.pem and the chef-
validator.pem
• At some point, you'll need to download files from /etc/chef-server folder on the Chef Server in order to
get Knife up and running.
• You'll need to modify your knife.rb file (e.g. to point to your cookbooks path) to get things working
right. Errors caused by this are not well documented. Here's my knife.rb:
Joshs-MacBook-Pro:.chef josh$ vim knife.rb !
!
log_level :info!
log_location STDOUT!
node_name 'josh'!
client_key '/Users/josh/.chef/josh.pem'!
validation_client_name 'chef-validator'!
validation_key '/repos/chef-repo/.chef/chef-validator.pem'!
chef_server_url 'https://chef.projname.mybiz.com'!
syntax_check_cache_path '/Users/josh/.chef/syntax_check_cache'!
cookbook_path '/repos/chef-repo/cookbooks'!
knife[:aws_access_key_id] = "Your AWS Access Key ID"!
knife[:aws_secret_access_key] = "Your AWS Secret Access Key"!
knife[:region] = "us-west-2"!
knife[:vpc_id] = "vpc-XXXXXXX"
93. Writing Cookbooks
• Having a fast feedback loop is key. Also don’t want
to rack up AWS costs.
• Ideal environment for writing cookbooks is EC2 tiny
instances with a Chef Server or use Chef Solo with
Vagrant.
• Use test-kitchen to help manage your Vagrant
environment.
• User berkshelf to help manage cookbook
dependencies (if it’s getting out of hand)
94. Helpful Ruby Tips
• I knew zero Ruby when I started and got by fine.
Here are the only confusing things I encountered:
• In Ruby, :stringLiteral is called a “symbol” and is equivalent to
“stringLiteral”. See http://www.reactive.io/tips/2009/01/11/the-difference-
between-ruby-symbols-and-strings/
• A “heredoc” refers simply to a multiline string and is begun by <<EOH
and ended with EOH on a newline.
• Everything else is pretty straightforward.
96. Start with These Milestones
1. Setup Chef Server (hosted or on-premise)
2. Setup Knife
3. Setup Vagrant environment
4. Write (or download) Cookbooks!
97. Where to Learn
• Start here: https://learnchef.opscode.com. Screencasts are a
perfect place to begin.
• Then go to http://docs.opscode.com (walkthrough) for more info.
• Check out http://gettingstartedwithchef.com as another
reference.
• Study other people’s cookbooks to get ideas. The postgresql
cookbook is very well done.
• #chef on IRC was very helpful for me.
• The initial learning curve is somewhat steep, but it quickly
becomes fun!