Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Automate your Infrastructure with Chef

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Christian Joudrey Christian Joudrey
February 28, 2013
Programming
9
630

Automate your Infrastructure with Chef

Talk given at ConFoo 2013 on February 28th, 2013.

Avatar for Christian Joudrey

Christian Joudrey

February 28, 2013
Tweet

More Decks by Christian Joudrey

See All by Christian Joudrey
Writing NES games! with assembly!!
Avatar for Christian Joudrey cjoudrey
1
760
Developing at Scale
Avatar for Christian Joudrey cjoudrey
3
500
Scaling Rails for Black Friday / Cyber Monday at Shopify
Avatar for Christian Joudrey cjoudrey
6
6k
Tips and Tricks from Shopify's codebase
Avatar for Christian Joudrey cjoudrey
2
580
Scaling Shopify
Avatar for Christian Joudrey cjoudrey
3
560
#pairwithme
Avatar for Christian Joudrey cjoudrey
3
260
Two-factor authentication
Avatar for Christian Joudrey cjoudrey
4
400

Other Decks in Programming

See All in Programming
オブザーバビリティ駆動開発って実際どうなの?
Avatar for yohfee yohfee
1
110
生成AIを使ったコードレビューで定性的に品質カバー
Avatar for Chiaki Okamoto chiilog
1
300
AI主導でFastAPIのWebサービスを作るときに 人間が構造化すべき境界線
Avatar for Jun okazaki okajun35
0
210
AIエージェントのキホンから学ぶ「エージェンティックコーディング」実践入門
Avatar for Masahiro Nishimi masahiro_nishimi
7
1.1k
Oxlint JS plugins
Avatar for kazupon kazupon
1
1.1k
Claude Code、ちょっとした工夫で開発体験が変わる
Avatar for Toranosuke Minamikawa tigertora7571
0
160
2025年の活動の振り返り
Avatar for Hideyuki Nagata hideg
0
110
Apache Iceberg V3 and migration to V3
Avatar for Tomohiro Tanaka tomtanaka
0
210
Claude Codeと2つの巻き戻し戦略 / Two Rewind Strategies with Claude Code
Avatar for 果物リン fruitriin
0
190
AI時代でも変わらない技術コミュニティの力~10年続く“ゆるい”つながりが生み出す価値
Avatar for Takehata Naoto n_takehata
2
330
要求定義・仕様記述・設計・検証の手引き - 理論から学ぶ明確で統一された成果物定義
Avatar for Kuniwak orgachem
PRO
1
380
CSC307 Lecture 10
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
690

Featured

See All Featured
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
210
24k
Ten Tips & Tricks for a 🌱 transition
Avatar for Manu Carrasco Molina stuffmc
0
79
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
250
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
191
11k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k
Neural Spatial Audio Processing for Sound Field Analysis and Control
Avatar for NII S. Koyama's Lab skoyamalab
0
190
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.2k
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
450
Docker and Python
Avatar for Tania Allard trallard
47
3.7k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
54k

Transcript

  1. Automate your Infrastructure with Chef

  2. cjoudrey   @

  3. None

  4. c #

  5. c # # # # # # # in minutes

  6. # d # d c # # # # #

    d in minutes

  7. w Manual setup takes time

  8. # ruby 1.9.3 # ruby 1.9.2 != and error-prone

  9. # ruby 1.9.3 # ruby 1.9.2 != Oops! and error-prone

  10. What is ?! Chef

  11. 1 Manage servers with ruby code

  12. instead of $ ssh root@app1 Last login: Thu Feb 28

    ... # apt-get install nginx ... # vim /etc/nginx/nginx.conf ... # apt-get install ruby ...

  13. client server

  14. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  15. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  16. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  17. # node # node # node # chef server chef-client

    (server1 to server3.example.com) knife ! (local machine)

  18. 2terminology Chef

  19. 2recipe Ruby file that contains Chef commands

  20. 2cookbook Collection of Chef recipes

  21. Getting started with Chef 2

  22. git clone opscode/chef-repo https://github.com/opscode/chef-repo !

  23. ! $ ls confoo ... cookbooks/ data_bags/ environments/ roles/

  24. Install Chef on local machine !

  25. ! gem install chef

  26. # Hosted* Chef server from Opscode * free up to

    5 nodes

  27. #

  28. #

  29. Setup Knife on local machine !

  30. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  31. ! $ ls confoo/.chef confoo-demo-validator.pem confoo-demo.pem knife.rb Copy files to

    REPO/.chef

  32. ! $ cd confoo $ knife user list confoo-demo Test

    Knife

  33. 8 Create your first cookbook $ cd confoo $ knife

    cookbook create nginx

  34. 8 $ ls cookbooks/nginx ... attributes/ providers/ recipes/ resources/ templates/

  35. package "nginx" cookbooks/nginx/recipes/default.rb

  36. package installs using system’s package mgr

  37. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx"

  38. service defines an available service

  39. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true end

  40. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end

  41. :enable start on server boot

  42. :start start when Chef runs

  43. 8 Upload cookbook $ knife cookbook upload nginx Uploading nginx

    [0.1.0]

  44. Let’s test it on a node #

  45. ! $ knife bootstrap \ server1.example.com Bootstrap a node

  46. !

  47. 2run list Ordered list of recipes and roles that get

    run on the node

  48. ! $ knife node edit \ server1.example.com Edit a node

  49. { "name": "server1.example.com", "run_list": [ ] }

  50. { "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }

  51. recipe[nginx::default] means default recipe of nginx cookbook

  52. $ ssh server1.example.com server1:~# chef-client Run Chef on the node

    #

  53. #

  54. #

  55. # Let’s configure nginx

  56. copy from server to nginx cookbook templates/default/nginx.conf.erb /etc/nginx/nginx.conf !

  57. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  58. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  59. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  60. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  61. ! Upload the cookbook and run chef-client on node

  62. #

  63. 2 Chef is idempotent

  64. ! What if we edit templates/default/nginx.conf.erb and run Chef

  65. #

  66. #

  67. #

  68. Let’s run Chef one more time #

  69. #

  70. 2Attributes

  71. nginx/templates/default/nginx.conf.erb user www-data; worker_processes 2; pid /var/run/nginx.pid; ...

  72. nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2

  73. nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;

    ...

  74. # Override for a specific node

  75. { "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }

  76. { "name": "server1.example.com", "normal": { "nginx": { "worker_processes": 4 },

    }, "run_list": [ "recipe[nginx::default]" ] }

  77. 2Roles

  78. roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(

    'nginx' => { 'worker_processes' => 2 } )

  79. ! $ knife role from file \ app-server.rb Upload a

    role

  80. Apply the role on a node #

  81. { "name": "server1.example.com", "run_list": [ "role[app-server]" ] }

  82. #

  83. { "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }

  84. 2 Environments

  85. environments/production.rb name 'production' cookbook_versions 'nginx' => '= 0.1.0'

  86. { "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }

  87. ! Searching for nodes $ knife search node \ role:app-server

  88. 2

  89. 8 Searching can be done in recipes too!

  90. 8 Searching can be done in recipes too! OMFG!

  91. backend app balance roundrobin server app1 10.10.0.1 check port 80

    server app2 10.10.0.2 check port 80 server app3 10.10.0.3 check port 80

  92. nodes = search( :node, 'role:app-server' ) template "/etc/haproxy.conf" do source

    "haproxy.conf.erb" variables :nodes => nodes end

  93. backend www balance roundrobin <% @nodes.each do |n| %> server

    <%= n[:hostname] %> <%= n[:ipaddress] %> check port <% end %>

  94. 2Goodies

  95. None
  96. None
  97. None
  98. None
  99. None

  100. Automation is important

  101. # staging/CI # production ! development = =

  102. Thanks!

  103. cjoudrey   @