Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Automate your Infrastructure with Chef
Search
Christian Joudrey
February 28, 2013
Programming
9
610
Automate your Infrastructure with Chef
Talk given at ConFoo 2013 on February 28th, 2013.
Christian Joudrey
February 28, 2013
Tweet
Share
More Decks by Christian Joudrey
See All by Christian Joudrey
Writing NES games! with assembly!!
cjoudrey
1
740
Developing at Scale
cjoudrey
3
480
Scaling Rails for Black Friday / Cyber Monday at Shopify
cjoudrey
6
5.8k
Tips and Tricks from Shopify's codebase
cjoudrey
2
560
Scaling Shopify
cjoudrey
3
530
#pairwithme
cjoudrey
3
250
Two-factor authentication
cjoudrey
4
390
Other Decks in Programming
See All in Programming
QA x AIエコシステム段階構築作戦
osu
0
260
令和最新版手のひらコンピュータ
koba789
13
7.3k
構文解析器入門
ydah
7
2.1k
DataformでPythonする / dataform-de-python
snhryt
0
160
新世界の理解
koriym
0
130
プロダクトという一杯を作る - プロダクトチームが味の責任を持つまでの煮込み奮闘記
hiliteeternal
0
440
대규모 트래픽을 처리하는 프론트 개발자의 전략
maryang
0
120
kiroでゲームを作ってみた
iriikeita
0
150
React は次の10年を生き残れるか:3つのトレンドから考える
oukayuka
41
16k
AIのメモリー
watany
13
1.4k
それ CLI フレームワークがなくてもできるよ / Building CLI Tools Without Frameworks
orgachem
PRO
17
3.8k
Dart 参戦!!静的型付き言語界の隠れた実力者
kno3a87
0
180
Featured
See All Featured
Writing Fast Ruby
sferik
628
62k
Mobile First: as difficult as doing things right
swwweet
223
9.9k
Designing for humans not robots
tammielis
253
25k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
YesSQL, Process and Tooling at Scale
rocio
173
14k
The Straight Up "How To Draw Better" Workshop
denniskardys
235
140k
How GitHub (no longer) Works
holman
314
140k
Speed Design
sergeychernyshev
32
1.1k
Facilitating Awesome Meetings
lara
54
6.5k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
332
22k
Become a Pro
speakerdeck
PRO
29
5.5k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Transcript
Automate your Infrastructure with Chef
cjoudrey @
None
c #
c # # # # # # # in minutes
# d # d c # # # # #
d in minutes
w Manual setup takes time
# ruby 1.9.3 # ruby 1.9.2 != and error-prone
# ruby 1.9.3 # ruby 1.9.2 != Oops! and error-prone
What is ?! Chef
1 Manage servers with ruby code
instead of $ ssh root@app1 Last login: Thu Feb 28
... # apt-get install nginx ... # vim /etc/nginx/nginx.conf ... # apt-get install ruby ...
client server
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server chef-client
(server1 to server3.example.com) knife ! (local machine)
2terminology Chef
2recipe Ruby file that contains Chef commands
2cookbook Collection of Chef recipes
Getting started with Chef 2
git clone opscode/chef-repo https://github.com/opscode/chef-repo !
! $ ls confoo ... cookbooks/ data_bags/ environments/ roles/
Install Chef on local machine !
! gem install chef
# Hosted* Chef server from Opscode * free up to
5 nodes
#
#
Setup Knife on local machine !
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
! $ ls confoo/.chef confoo-demo-validator.pem confoo-demo.pem knife.rb Copy files to
REPO/.chef
! $ cd confoo $ knife user list confoo-demo Test
Knife
8 Create your first cookbook $ cd confoo $ knife
cookbook create nginx
8 $ ls cookbooks/nginx ... attributes/ providers/ recipes/ resources/ templates/
package "nginx" cookbooks/nginx/recipes/default.rb
package installs using system’s package mgr
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx"
service defines an available service
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end
:enable start on server boot
:start start when Chef runs
8 Upload cookbook $ knife cookbook upload nginx Uploading nginx
[0.1.0]
Let’s test it on a node #
! $ knife bootstrap \ server1.example.com Bootstrap a node
!
2run list Ordered list of recipes and roles that get
run on the node
! $ knife node edit \ server1.example.com Edit a node
{ "name": "server1.example.com", "run_list": [ ] }
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
recipe[nginx::default] means default recipe of nginx cookbook
$ ssh server1.example.com server1:~# chef-client Run Chef on the node
#
#
#
# Let’s configure nginx
copy from server to nginx cookbook templates/default/nginx.conf.erb /etc/nginx/nginx.conf !
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
! Upload the cookbook and run chef-client on node
#
2 Chef is idempotent
! What if we edit templates/default/nginx.conf.erb and run Chef
#
#
#
Let’s run Chef one more time #
#
2Attributes
nginx/templates/default/nginx.conf.erb user www-data; worker_processes 2; pid /var/run/nginx.pid; ...
nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2
nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;
...
# Override for a specific node
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
{ "name": "server1.example.com", "normal": { "nginx": { "worker_processes": 4 },
}, "run_list": [ "recipe[nginx::default]" ] }
2Roles
roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(
'nginx' => { 'worker_processes' => 2 } )
! $ knife role from file \ app-server.rb Upload a
role
Apply the role on a node #
{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }
#
{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }
2 Environments
environments/production.rb name 'production' cookbook_versions 'nginx' => '= 0.1.0'
{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }
! Searching for nodes $ knife search node \ role:app-server
2
8 Searching can be done in recipes too!
8 Searching can be done in recipes too! OMFG!
backend app balance roundrobin server app1 10.10.0.1 check port 80
server app2 10.10.0.2 check port 80 server app3 10.10.0.3 check port 80
nodes = search( :node, 'role:app-server' ) template "/etc/haproxy.conf" do source
"haproxy.conf.erb" variables :nodes => nodes end
backend www balance roundrobin <% @nodes.each do |n| %> server
<%= n[:hostname] %> <%= n[:ipaddress] %> check port <% end %>
2Goodies
None
None
None
None
None
Automation is important
# staging/CI # production ! development = =
Thanks!
cjoudrey @
cjoudrey
osu
koba789
ydah
snhryt
koriym
hiliteeternal
maryang
iriikeita
oukayuka
watany
orgachem
kno3a87
sferik
swwweet
tammielis
pedronauck
rocio
denniskardys
holman
sergeychernyshev
lara
caitiem20
speakerdeck
cassininazir
![{ "name": "server1.example.com", "run_list": [ ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_48.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_49.jpg){kind=link}
![recipe[nginx::default] means default recipe of nginx cookbook](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_50.jpg){kind=link}
![nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_71.jpg){kind=link}
![nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_72.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_74.jpg){kind=link}
![roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_77.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_80.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_82.jpg){kind=link}
![{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_85.jpg){kind=link}
