Paperless Ops Chef Workflow

Bootstrap the world, homey At ﬁrst it was beautiful

Then the ﬁrst development change “leaked” to production

The setup

The setup • 5 Staging environments (1 per team, 1
pre-prod)

pre-prod) • 4 Full time Ops team members

pre-prod) • 4 Full time Ops team members • > 10 Developers who should be able to make changes

pre-prod) • 4 Full time Ops team members • > 10 Developers who should be able to make changes • Many diﬀerent applications and technologies being managed by chef

pre-prod) • 4 Full time Ops team members • > 10 Developers who should be able to make changes • Many diﬀerent applications and technologies being managed by chef • Private VMWare/VSphere backed “cloud”

pre-prod) • 4 Full time Ops team members • > 10 Developers who should be able to make changes • Many diﬀerent applications and technologies being managed by chef • Private VMWare/VSphere backed “cloud” • Hosted chef

$ /bin/knife kill me --now

The AGONY • Managing multiple versions of a cookbook for
diﬀerent developers each environment • Wanting to make and test small changes on diﬀerent environments • Lack of visibility when deploying changes • Impossible to correlate CHANGES (git) with STATE (chef-server)

We want to work like everyone else works

$ git checkout -b new_feature # do some work $
git commit -am “Did dat” $ git push -u # pushed to quirkey/new_feature # Pull request/code review $ pp rails deploy earth quirkey/new_feature # Deploys to staging # Sends alert via email + campfire # runs deploy in viewable Jenkins environment

But it’s how we work Not just cause it’s pretty

Make it work. Start with the API

$ pp chef deploy earth johnnydtan/graphite_cluster # git merging #
cookbook testing # cookbook uploading # environment munging

checkout the staging branch (earth)

checkout the staging branch (earth) git merge the deploying branch(es)

check for cookbooks changed from the last deploy to staging

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server bump version in metadata and environment.json

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server bump version in metadata and environment.json commit and git push to env

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server bump version in metadata and environment.json commit and git push to env send deploy to jenkins

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server bump version in metadata and environment.json commit and git push to env send deploy to jenkins jenkins uploads cookbooks and environment ﬁle

check for cookbooks changed from the last deploy to staging check latest versions of cookbooks in chef server bump version in metadata and environment.json commit and git push to env send deploy to jenkins jenkins uploads cookbooks and environment file sends notifications to campfire/email

The Minor Discomforts

The Minor Discomforts • Dealing with conﬂicts is hard (especially
in metadata)

in metadata) • MANY MANY VERSIONS (0.3.192) aka version numbers are meaningless

in metadata) • MANY MANY VERSIONS (0.3.192) aka version numbers are meaningless • Doesn’t handle changes to roles (you cant scope a role to an environment) or new cookbooks very well

in metadata) • MANY MANY VERSIONS (0.3.192) aka version numbers are meaningless • Doesn’t handle changes to roles (you cant scope a role to an environment) or new cookbooks very well • Chef server consistency is problematic

To improve • More code review as part of the
process • Simple roles that map to recipes so that roles can be managed/tested at the env level • Using secondary store to keep track of versions (Zookeeper) • Chef versions could be tied to SHA instead of SemVer # (??)

github.com/quirkey twitter.com/aq quirkey.com paperlesspost.com THANKS!

Paperless Ops Chef Workflow

Paperless Ops Chef Workflow

Aaron Quint

More Decks by Aaron Quint

Featured

Transcript

Bootstrap the world, homey At ﬁrst it was beautiful

Then the ﬁrst development change “leaked” to production

The setup

The setup • 5 Staging environments (1 per team, 1

The setup • 5 Staging environments (1 per team, 1

The setup • 5 Staging environments (1 per team, 1

The setup • 5 Staging environments (1 per team, 1

The setup • 5 Staging environments (1 per team, 1

The setup • 5 Staging environments (1 per team, 1

$ /bin/knife kill me --now

The AGONY • Managing multiple versions of a cookbook for

We want to work like everyone else works

$ git checkout -b new_feature # do some work $

But it’s how we work Not just cause it’s pretty

Make it work. Start with the API

$ pp chef deploy earth johnnydtan/graphite_cluster # git merging #

checkout the staging branch (earth)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

checkout the staging branch (earth) git merge the deploying branch(es)

The Minor Discomforts

The Minor Discomforts • Dealing with conﬂicts is hard (especially

The Minor Discomforts • Dealing with conﬂicts is hard (especially

The Minor Discomforts • Dealing with conﬂicts is hard (especially

The Minor Discomforts • Dealing with conﬂicts is hard (especially

To improve • More code review as part of the

github.com/quirkey twitter.com/aq quirkey.com paperlesspost.com THANKS!