Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Automate your Infrastructure with Chef
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Christian Joudrey
February 28, 2013
Programming
9
630
Automate your Infrastructure with Chef
Talk given at ConFoo 2013 on February 28th, 2013.
Christian Joudrey
February 28, 2013
Tweet
Share
More Decks by Christian Joudrey
See All by Christian Joudrey
Writing NES games! with assembly!!
cjoudrey
1
750
Developing at Scale
cjoudrey
3
500
Scaling Rails for Black Friday / Cyber Monday at Shopify
cjoudrey
6
6k
Tips and Tricks from Shopify's codebase
cjoudrey
2
580
Scaling Shopify
cjoudrey
3
550
#pairwithme
cjoudrey
3
260
Two-factor authentication
cjoudrey
4
400
Other Decks in Programming
See All in Programming
AIエージェントの設計で注意するべきポイント6選
har1101
7
3.4k
KIKI_MBSD Cybersecurity Challenges 2025
ikema
0
1.3k
Unicodeどうしてる? PHPから見たUnicode対応と他言語での対応についてのお伺い
youkidearitai
PRO
1
1k
CSC307 Lecture 07
javiergs
PRO
0
540
カスタマーサクセス業務を変革したヘルススコアの実現と学び
_hummer0724
0
500
dchart: charts from deck markup
ajstarks
3
990
開発者から情シスまで - 多様なユーザー層に届けるAPI提供戦略 / Postman API Night Okinawa 2026 Winter
tasshi
0
180
20260127_試行錯誤の結晶を1冊に。著者が解説 先輩データサイエンティストからの指南書 / author's_commentary_ds_instructions_guide
nash_efp
0
830
Grafana:建立系統全知視角的捷徑
blueswen
0
320
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
momok47
0
190
OSSとなったswift-buildで Xcodeのビルドを差し替えられるため 自分でXcodeを直せる時代になっている ダイアモンド問題編
yimajo
3
600
16年目のピクシブ百科事典を支える最新の技術基盤 / The Modern Tech Stack Powering Pixiv Encyclopedia in its 16th Year
ahuglajbclajep
5
970
Featured
See All Featured
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
300
Git: the NoSQL Database
bkeepers
PRO
432
66k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
230
It's Worth the Effort
3n
188
29k
Heart Work Chapter 1 - Part 1
lfama
PRO
5
35k
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
920
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
160
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
0
260
The Spectacular Lies of Maps
axbom
PRO
1
510
Impact Scores and Hybrid Strategies: The future of link building
tamaranovitovic
0
200
Marketing to machines
jonoalderson
1
4.6k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
750
Transcript
Automate your Infrastructure with Chef
cjoudrey @
None
c #
c # # # # # # # in minutes
# d # d c # # # # #
d in minutes
w Manual setup takes time
# ruby 1.9.3 # ruby 1.9.2 != and error-prone
# ruby 1.9.3 # ruby 1.9.2 != Oops! and error-prone
What is ?! Chef
1 Manage servers with ruby code
instead of $ ssh root@app1 Last login: Thu Feb 28
... # apt-get install nginx ... # vim /etc/nginx/nginx.conf ... # apt-get install ruby ...
client server
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server chef-client
(server1 to server3.example.com) knife ! (local machine)
2terminology Chef
2recipe Ruby file that contains Chef commands
2cookbook Collection of Chef recipes
Getting started with Chef 2
git clone opscode/chef-repo https://github.com/opscode/chef-repo !
! $ ls confoo ... cookbooks/ data_bags/ environments/ roles/
Install Chef on local machine !
! gem install chef
# Hosted* Chef server from Opscode * free up to
5 nodes
#
#
Setup Knife on local machine !
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
! $ ls confoo/.chef confoo-demo-validator.pem confoo-demo.pem knife.rb Copy files to
REPO/.chef
! $ cd confoo $ knife user list confoo-demo Test
Knife
8 Create your first cookbook $ cd confoo $ knife
cookbook create nginx
8 $ ls cookbooks/nginx ... attributes/ providers/ recipes/ resources/ templates/
package "nginx" cookbooks/nginx/recipes/default.rb
package installs using system’s package mgr
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx"
service defines an available service
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end
:enable start on server boot
:start start when Chef runs
8 Upload cookbook $ knife cookbook upload nginx Uploading nginx
[0.1.0]
Let’s test it on a node #
! $ knife bootstrap \ server1.example.com Bootstrap a node
!
2run list Ordered list of recipes and roles that get
run on the node
! $ knife node edit \ server1.example.com Edit a node
{ "name": "server1.example.com", "run_list": [ ] }
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
recipe[nginx::default] means default recipe of nginx cookbook
$ ssh server1.example.com server1:~# chef-client Run Chef on the node
#
#
#
# Let’s configure nginx
copy from server to nginx cookbook templates/default/nginx.conf.erb /etc/nginx/nginx.conf !
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
! Upload the cookbook and run chef-client on node
#
2 Chef is idempotent
! What if we edit templates/default/nginx.conf.erb and run Chef
#
#
#
Let’s run Chef one more time #
#
2Attributes
nginx/templates/default/nginx.conf.erb user www-data; worker_processes 2; pid /var/run/nginx.pid; ...
nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2
nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;
...
# Override for a specific node
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
{ "name": "server1.example.com", "normal": { "nginx": { "worker_processes": 4 },
}, "run_list": [ "recipe[nginx::default]" ] }
2Roles
roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(
'nginx' => { 'worker_processes' => 2 } )
! $ knife role from file \ app-server.rb Upload a
role
Apply the role on a node #
{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }
#
{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }
2 Environments
environments/production.rb name 'production' cookbook_versions 'nginx' => '= 0.1.0'
{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }
! Searching for nodes $ knife search node \ role:app-server
2
8 Searching can be done in recipes too!
8 Searching can be done in recipes too! OMFG!
backend app balance roundrobin server app1 10.10.0.1 check port 80
server app2 10.10.0.2 check port 80 server app3 10.10.0.3 check port 80
nodes = search( :node, 'role:app-server' ) template "/etc/haproxy.conf" do source
"haproxy.conf.erb" variables :nodes => nodes end
backend www balance roundrobin <% @nodes.each do |n| %> server
<%= n[:hostname] %> <%= n[:ipaddress] %> check port <% end %>
2Goodies
None
None
None
None
None
Automation is important
# staging/CI # production ! development = =
Thanks!
cjoudrey @
cjoudrey
har1101
ikema
youkidearitai
javiergs
_hummer0724
ajstarks
tasshi
nash_efp
blueswen
momok47
yimajo
ahuglajbclajep
reverentgeek
bkeepers
greggifford
3n
lfama
tamaranovitovic
skoyamalab
uxyall
axbom
jonoalderson
bluesmoon
![{ "name": "server1.example.com", "run_list": [ ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_48.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_49.jpg){kind=link}
![recipe[nginx::default] means default recipe of nginx cookbook](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_50.jpg){kind=link}
![nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_71.jpg){kind=link}
![nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_72.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_74.jpg){kind=link}
![roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_77.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_80.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_82.jpg){kind=link}
![{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_85.jpg){kind=link}
