Drupal CDN integration: easier, more flexible and faster!Wim Leers
90% of the page loading time is spent on retrieving CSS, JavaScript and images. There are lots of techniques to reduce this, but using a CDN is the most effective. Currently it's expensive to integrate with a CDN (especially if you want to avoid vendor lock-in) and it's hard to serve file A from a CDN, file B from a static file server and file C from neither. In this session, you'll learn about the push-to-CDN model, which makes all of this trivial.
Session Overview
This session will explain how a CDN (Content Delivery Network) improves page loading times and how you should analyze the page loading performance while evaluating a CDN. Existing techniques for integrating a CDN with Drupal will be compared and an alternative, comprehensive solution will be presented.
Agenda
- How pages are loaded by the browser
- How a CDN improves page loading times
- Evaluating the results
- Existing Drupal CDN integration techniques
- Push-to-CDN model: pros & cons
- CDN integration module: synchronization via Drupal or highly scalable daemon
- Alternative uses: create your own CDN, massive back-up tool
Goals
- You should have a good overview of the different techniques to integrate Drupal with a CDN.
- You should have learned how you can evaluate page loading performance to know which files should be served from a CDN.
Drupal CDN integration: easier, more flexible and faster!Wim Leers
90% of the page loading time is spent on retrieving CSS, JavaScript and images. There are lots of techniques to reduce this, but using a CDN is the most effective. Currently it's expensive to integrate with a CDN (especially if you want to avoid vendor lock-in) and it's hard to serve file A from a CDN, file B from a static file server and file C from neither. In this session, you'll learn about the push-to-CDN model, which makes all of this trivial.
Session Overview
This session will explain how a CDN (Content Delivery Network) improves page loading times and how you should analyze the page loading performance while evaluating a CDN. Existing techniques for integrating a CDN with Drupal will be compared and an alternative, comprehensive solution will be presented.
Agenda
- How pages are loaded by the browser
- How a CDN improves page loading times
- Evaluating the results
- Existing Drupal CDN integration techniques
- Push-to-CDN model: pros & cons
- CDN integration module: synchronization via Drupal or highly scalable daemon
- Alternative uses: create your own CDN, massive back-up tool
Goals
- You should have a good overview of the different techniques to integrate Drupal with a CDN.
- You should have learned how you can evaluate page loading performance to know which files should be served from a CDN.
This slide deck Introduces Chef and its role in DevOps. The agenda of the deck is as follows:
- A Review of DevOps
- BMs Continuous Delivery solution
- Introduction to Chef
- Chef and Continuous Delivery
Read more on DevOps: http://sdarchitect.wordpress.com/understanding-devops/
This slide deck Introduces Chef and its role in DevOps. The agenda of the deck is as follows:
- A Review of DevOps
- BMs Continuous Delivery solution
- Introduction to Chef
- Chef and Continuous Delivery
Read more on DevOps: http://sdarchitect.wordpress.com/understanding-devops/
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Securing your Kubernetes cluster_ a step-by-step guide to success !
Running The Show Configuration Management With Chef Presentation
1. Configuration
management with Chef
Edd Dumbill edd@oreilly.com
RailsConf 2009
Monday, 4 May 2009 1
2. About me
• Created Expectnation, event software that
runs O’Reilly Conferences
• Co-author of “Learning Rails”
• Perennial tinkerer and author
Monday, 4 May 2009 2
3. Today’s tutorial
• Overview of Chef
• Learn by example
• Common usage patterns
• Moving on
Monday, 4 May 2009 3
4. Meta
• Please rate this talk and leave
comments
• If you’re twittering
• I’m @edd
• Hashtag is #railsconf
• Asking questions
Monday, 4 May 2009 4
7. Configuration management
• Creating and maintaining consistency
• Installing, updating, reporting
• Rich history in open source tools
• cfengine through to Puppet
Monday, 4 May 2009 7
8. Today’s needs
• Developers are becoming ops people
• Web architectures and cloud computing
• Agile sysadmin should complement agile
development
Monday, 4 May 2009 8
9. Developers want
• Don’t Repeat Yourself
• Revision control
Monday, 4 May 2009 9
10. Chef
• Client-server architecture
• Embraces modern web technologies
• Written in Ruby
Monday, 4 May 2009 10
11. Chef
• Cleeent-serfer
ercheetectoore-a
• Imbreces mudern veb
technulugeees
• Vreettee in Rooby
• Bork bork bork
Monday, 4 May 2009 11
12. Chef
• Has revision control at its core
• Doesn’t make you learn a new language
• Comes from a culture of testability and
predictability
Monday, 4 May 2009 12
14. Chef vs Puppet
• Because we needed another open source
war
• Objective differences
• Subjective differences
• Chef has had chance to learn from several
years of Puppet
Monday, 4 May 2009 14
15. Architecture
Node
Node
Node
Client
Chef-client
Chef-client
Chef-client
Chef-client
Chef Server
Ohai
Ohai
Ohai
Ohai
Chef Indexer
Monday, 4 May 2009 15
17. Assemble your victims
• Use VMs for testing environment
• Ubuntu 8.10 or newer is the sweet spot
• VirtualBox is a free virtualization tool
• Identify a server and one or more clients
Monday, 4 May 2009 17
18. Prerequisites
• Two stage install: basics & bootstrap
• Minimal prerequisites: Ruby & RubyGems
• Install via Gems: ohai and chef
• Bootstrap differs for server and client
Monday, 4 May 2009 18
19. Server
• Apache + Passenger
• Provides administrative Web UI
• Users identified by OpenID
• Recipes defined by your chef repository
Monday, 4 May 2009 19
20. Client
• Invocation of chef-client
• One-time
• As a daemon
chef-client -i 3600 -s 600
Monday, 4 May 2009 20
21. Chef repository
• Contains configuration and cookbooks
• Clone the Opscode template to start
• Copy your configuration
Monday, 4 May 2009 21
24. Node attributes
• Explore with Web UI
• OS attributes provided by ohai
• Other attributes are configured by the
installed cookbooks
• Attributes are mutable
Monday, 4 May 2009 24
25. Making a cookbook
• Cookbook is the unit of reuse in Chef
• Unsurprisingly, it contains recipes
• Generate one with COOKBOOK=hello_world
rake new_cookbook
Monday, 4 May 2009 25
26. Inside the cookbook
• attributes — variables
• recipes — list of instructions (“resources”)
• files — files used by resources
• templates — ERB templates
• definitions — macros of resources
• libraries — Ruby to extend Chef DSL
Monday, 4 May 2009 26
27. Define an attribute
• Simple attribute
attributes/my_name.rb
my_name “John Henry”
Monday, 4 May 2009 27
28. A simple recipe
• recipes/default.rb
template “/tmp/hello_world.txt” do
source “hello_world.txt.erb”
variables :my_name => node[:my_name]
mode 00664
action :create
end
Monday, 4 May 2009 28
29. The template
• templates/default/hello_world.txt.erb
Hello, <%= @my_name %>, how are you
today?
Monday, 4 May 2009 29
30. Running the recipe
• Add the recipe to the node’s recipe list
• Invoke chef-client
• Default chef-client setup has client invoked
periodically
Monday, 4 May 2009 30
31. When chef-client runs
• Node authenticates with server
• Libraries, attributes, definitions & recipes
are synchronized
• Libraries, attributes, definitions & recipes
compiled
• Node state is converged
• Everything happens on the node
Monday, 4 May 2009 31
33. Attributes
• May be simply defined, e.g.
my_name “John Henry”
• Allow overriding, e.g. unless attribute?
my_name “John Henry”
(“my_name”)
• List values are regular arrays
[“foo”, “bar”, “whizz”]
Monday, 4 May 2009 33
34. Attribute hashes
• Logical groupings of configuration
information, e.g. Apache settings, network
interface properties
• Class used is Mash (from extlib)
• so you can use :foo or ‘foo’ as a key
Monday, 4 May 2009 34
36. Resources
• The steps that make up a recipe
package “git-core” do
action :install
end
• Resources are implemented via Providers
Monday, 4 May 2009 36
37. Package
package quot;tarquot; do
version quot;1.16.1-1quot;
action :install
end
• Action can be install, upgrade, remove,
purge
• Version is optional
Monday, 4 May 2009 37
38. Ruby gems
• Install gems with package too
package “capistrano” do
provider
Chef::Provider::Package::Rubygems
end
• Easier:
gem_package “capistrano”
• Can use source attribute for gem source
Monday, 4 May 2009 38
39. Remote files
• Copying remote files is easy
remote_file “/tmp/foo.png” do
source “foo.png”
owner “root”
group “root”
mode 0444
action :create
end
• Where does the file live?
Monday, 4 May 2009 39
40. Search path
• Files and templates are searched for in the
following order: FQDN, platform-version,
platform, default
• For Ubuntu 9.04:
myhost.example.com
ubuntu-9.04
ubuntu
default
Monday, 4 May 2009 40
41. More remote file fun
• File source can be a URL
source “http://warez.com/thing.tgz”
• Provide SHA256 hash to prevent needless
downloading from chef-server each time
checksum “08da0021”
Monday, 4 May 2009 41
42. Links
• Symbolic or hard links
link “/usr/bin/randomthing1.8” do
to “/usr/bin/randomthing”
end
• Use link_type :hard or :symbolic
(default)
Monday, 4 May 2009 42
43. File
• Control existence and attributes of a file,
not its contents
file “/tmp/whatever” do
owner “root”
group “root”
mode “0644”
action :create
end
• Other actions are touch, delete
Monday, 4 May 2009 43
44. Other FS resources
• — analog of the File resource
directory
• — recursive remote
remote_directory
copy
Monday, 4 May 2009 44
45. Service
• Control system services from /etc/init.d and
friends
• We can en/disable, start, stop & restart
service “my_daemon” do
supports :restart => true
action [ :enable, :start ]
end
Monday, 4 May 2009 45
46. Other resources
• User
• Group
• Cron
• Route
• Mount
Monday, 4 May 2009 46
47. Execute
• Execute arbitrary command
command “mysql-stuff” do
execute “/usr/bin/mysql </tmp/
foo.sql”
creates “/tmp/outfile.sql”
environment {‘FOO’ => “bar”}
action :run
end
Monday, 4 May 2009 47
48. Script
• bash, perl, python, ruby, csh
bash “install_foo” do
user “root”
cwd “/tmp”
code <<-EOC
wget http://example.org/foo.tgz
tar xvf foo.tgz && cd foo
./configure && make install
EOC
end
Monday, 4 May 2009 48
49. HTTP Request
• Useful for connecting to existing services
http_request “say_hello” do
url “http://myserv.local/check_in”
message :node => node[:fqdn]
action :post
end
• Posts a JSON payload
• GET by default
Monday, 4 May 2009 49
51. Notifies
• Chain actions
template “/etc/my_daemon/my.cnf” do
source “my.cnf.erb”
notifies :restart,
resources(:service => “my_daemon”)
end
• By default, notification postponed until end
of run, add :immediately as final argument
to override
Monday, 4 May 2009 51
52. Action :nothing
• If you want a resource to run only on a
notify, specify action :nothing
execute quot;index-gem-repositoryquot; do
command quot;gem generate_index -d /srv/
gemsquot;
action :nothing
end
Monday, 4 May 2009 52
53. Conditional resources
• Use only_if and not_if to control resource
execution
• Takes either shell commands or Ruby
blocks, e.g.
only_if do
IO.read(“/tmp/foo”).chomp == ‘bar’
end
Monday, 4 May 2009 53
54. Platform specifics
• Selective do platform?(“ubuntu”) end
resource execution
only_if
• Alter package name do
package quot;libwww-perlquot;
case node[:platform]
when quot;centosquot;
name quot;perl-libwww-perlquot;
end
action :upgrade
end
Monday, 4 May 2009 54
56. Opscode cookbooks
• http://github.com/opscode/cookbooks
• Integral part of the Chef project
• If you want it, it’s probably already there
• common configurations
• smoothing over platform specifics
Monday, 4 May 2009 56
57. Using the cookbooks
• Keep your own stuff in site-cookbooks
• Use git to add cookbooks as a submodule
git submodule add
git://github.com/opscode/cookbooks.git
cookbooks
git submodule init
git submodule update
Monday, 4 May 2009 57
58. 3rd party cookbooks
• The cookbook_path from the server config
specifies precedence
• By default site-cookbooks overrides
cookbooks
• You can adapt recipes simply by replacing
the parts you wish
Monday, 4 May 2009 58
59. apache2 cookbook
• Attributes configure basic preferences
(ports, timeout, keepalive)
• Default recipe sets up sane configuration
• apache2:: namespace includes recipes for
common modules
Monday, 4 May 2009 59
60. Overriding attributes
• If you control cookbook, easy enough to
set a default
• Per-node customizations can be made in
the UI
• To set new defaults, override selectively in
site-cookbooks
Monday, 4 May 2009 60
61. apache2 definitions
• Macro for a2ensite & friends
apache_site “my_app”
:enable => true
end
• web_app — wraps most of the common
configuration for a web app (e.g. Rails)
Monday, 4 May 2009 61
62. mysql cookbook
• mysql::client, mysql::server
• EC2-aware
Monday, 4 May 2009 62
63. Rails cookbook
• Provides installation recipe and attributes
for tuning
• rails[:version]
• rails[:environment]
• rails[:max_pool_size]
• Provides web_app template you can copy
Monday, 4 May 2009 63
65. How Chef can help
• Configuration
• Deployment
• Configuration is the better trodden path
Monday, 4 May 2009 65
66. Example configuration
• Naive Chef recipe to get all the prequisites
in place for an instance of Expectnation
Monday, 4 May 2009 66
67. Worked example
• Create and deploy a basic Rails app
Monday, 4 May 2009 67
68. chef-deploy
• A resource that implements Rails
application deployment
• Models Capistrano’s cached_deploy
• In rapid development, used at EngineYard
• http://github.com/ezmobius/chef-deploy
Monday, 4 May 2009 68
69. deploy quot;/data/#{app}quot; do
repo quot;git://server/path/app.gitquot;
branch quot;HEADquot;
user quot;myuserquot;
enable_submodules true
migrate true
migration_command quot;rake db:migratequot;
environment quot;productionquot;
shallow_clone true
revision '5DE77F8ADC'
restart_command “...”
role “myrole”
action :deploy
end
Monday, 4 May 2009 69
70. Callbacks
• Ruby scripts in your app’s deploy/
• before_migrate, before_symlink,
before_restart, after_restart
• Rails environment and ‘role’ passed as
arguments to callback
• Couldnode[:myapp][:role]
control this via
role
Monday, 4 May 2009 70
71. Single source for gem
dependencies
• Specify gems in gems.yml in your app’s root
- :name: foo
:version: quot;1.3quot;
- :name: bar
:version: quot;2.0.1quot;
Monday, 4 May 2009 71
72. Deployment strategy
• Unlikely you want deploy to be attemped
with the default chef-client behavior
• chef-deploy developed against a Chef Solo
world view: explicit execution
• Use attribute to control deployment
• Work in progress
Monday, 4 May 2009 72
75. Server-less operation
• Bundle up the cookbooks in a tarball
• Set attributes in a JSON file
• Good to go!
Monday, 4 May 2009 75
76. Deploying with solo
• Tar up your cookbooks
• Create a solo.rb “/tmp/chef-solo”
file_cache_path
cookbook_path “/tmp/chef-solo/
cookbooks”
• Currently, must have unified cookbook tree
Monday, 4 May 2009 76
77. Deploying with solo (2)
• Create your JSON, e.g.
{ “recipes”: “chef-server”,
“myvar”: “foo” }
• Execute -c solo.rb -j chef.json
chef-solo
-r http://path/to/tarball.tgz
• JSON path can be URL too
Monday, 4 May 2009 77
78. Why Chef Solo?
• When you don’t or can’t control access to
the server
• When clients aren’t in the same security
zone
• When you care about installation rather
than long-term maintenance
Monday, 4 May 2009 78
80. Git strategy
• Use submodules to bring in 3rd party
cookbooks
• Develop against testbed, push to shared
repository
• Server install rule does a git pull
Monday, 4 May 2009 80
81. VM testbed
• Use a VM tool that supports snapshotting
• VirtualBox is free
• VMware good, supported by Poolparty
• Use Avahi/Bonjour for convenience
Monday, 4 May 2009 81
82. Attribute control
• Particularly useful with chef-solo, transfer
the onus of control over to the attributes
• Control recipe execution via, eg. a ‘role’
attribute
• Help DRY by listing packages, etc, in
attributes
Monday, 4 May 2009 82
83. Refactor into
definitions & attributes
• For maintainability, consider refactoring
obvious components into definitions
• e.g. the directory creation stage of a Rails
app (what cap deploy:setup does)
Monday, 4 May 2009 83
85. Chef’s REST API
• Chef’s REST API is pretty mature
• Reused a lot internally
• Best way to programmatically integrate
• Documentation scarce for now
Monday, 4 May 2009 85
86. What can you do with
the API?
• Programmatic access to the server
• Add remove/recipes from nodes
• Interrogate and set attributes
• Perform searches
Monday, 4 May 2009 86
87. API authentication
• Register in the same way a node does
Chef::Config.from_file(
“/etc/chef/server.rb”)
@rest = Chef::REST.new(
Chef::Config[:registration_url])
@rest.register(user, password)
• Thereafter, authenticate password)
@rest.authenticate(user,
Monday, 4 May 2009 87
91. Searching the server
• Powerful feature
• Not that mature yet
• Ferret indexes the Chef Server database
• Queries expressed in FQL
Monday, 4 May 2009 91
92. Access from recipes
• search(INDEX, QUERY)
• reports every node in
search(:node, “*”)
the DB
• Find the IP of every node running Apache
search(:node,
“recipe:apache2”).collect {|n|
n[‘ipaddress’]}
Monday, 4 May 2009 92
93. Access from REST API
• As implemented in the Web UI
@rest.get_rest(
quot;search/node?q=recipe:apache2quot;)
Monday, 4 May 2009 93
95. In OpsCode
cookbooks
• ec2 cookbook
• EC2 awareness in, e.g. mysql recipes
• Bunch of handy EC2 attributes exposed
Monday, 4 May 2009 95
96. Poolparty
• Configure and deploy to the cloud
• Uses Chef
• http://poolpartyrb.com/
Monday, 4 May 2009 96
97. What Poolparty does
• Launches VM (EC2 or VMware), waits for IP
and ssh
• Bootstrap: rsyncs dependencies and installs
• Configure: compile cookbooks, rsyncs,
executes Chef Solo
• Verifies installation
Monday, 4 May 2009 97
98. Community resources
• Wiki is a great and ever-improving
reference
http://wiki.opscode.com/display/chef/Home
• IRC
irc://irc.freenode.net/chef
• Mailing list
Monday, 4 May 2009 98
99. The future
• Chef is evolving rapidly
• Platform support improving through
contributions
• Opscode-agent
• nanite
• selective resource execution
Monday, 4 May 2009 99
100. In conclusion
• Please rate this tutorial and leave
comments http://bit.ly/chef-rails
• Q&A
• Thank you!
Monday, 4 May 2009 100