Upgrade to Pro — share decks privately, control downloads, hide ads and more …

chef talk at DevOps Singapore

chef talk at DevOps Singapore

Avatar for claudiomettler

claudiomettler

May 15, 2014
Tweet

More Decks by claudiomettler

Other Decks in Programming

Transcript

  1. ME ME ME ME • In Singapore since mid-2013 •

    CtrlM • Focusing on: ruby/rails, objC, JS and PHP • [email protected] 2
  2. use cases • distributed development environments (with vagrant) • large

    server infrastructure, physical or IaaS • Phoenix Servers: http://martinfowler.com/bliki/ PhoenixServer.html and http://martinfowler.com/ bliki/SnowflakeServer.html 3
  3. 4

  4. chef in general • ist mostly ruby • makes use

    of domain specific languages • partly open source (apache license) • in active development 5
  5. chef server • stores cookbooks, roles, node data • can

    be queried • hosted: enterprise chef • self-hosted: enterprise chef, open source chef (64 bit only) • differences: ACL, organizations, LDAP, nicer UI and obviously less hassle 6
  6. chef client • runs on instance to be provisioned (called

    a node) • communicates with server • self-registers node • has a run list • gets cookbooks and other configuration information • idempotently brings node into desired state 8
  7. chef-client: how does it get there? • knife bootstrap •

    knife ec2, knife do etc. • manual installation/deliver with image • new: chef metal 9
  8. ohai • part of chef-client • finds out useful things

    about the node it runs on • information will then be stored in the node object 10
  9. chef workstation • used for: • authoring cookbooks • managing

    cookbooks, roles, databags etc. • bootstrapping nodes (ssh) • uploading cookbooks etc. to server • main tool: knife • state kept in scm (most likely git) 11
  10. cookbooks • collection of recipes, attributes and metadata (and other

    stuff) • can have dependencies • usually has a “default” recipe • community cookbooks and home made cookbooks • examples: apache2, mysql, mywebapp 12
  11. community cookbooks vs. DIY • community cookbooks try to run

    everywhere • try running apache cookbook on ubuntu 14.04 though… • lots of platform specific code • lots of configurability • decide on a case-by-case basis • do NOT automatically update 13
  12. roles • attributes + a run list • expands to

    attributes + a list of recipes 15
  13. chef-solo • server-less chef client mode • does not store

    node data • use case: simple (one-server) projects, development environments, testing, deploying chef-server 16
  14. chef-zero • in-memory chef server • does not do authentication

    • mainly for development and testing 17
  15. one more thing: berkshelf • downloads cookbooks • resolves dependencies

    • uploads to server • manages cookbooks locally • part of chef development kit (chef-dk) 18
  16. cloud services • knife ec2 server create -r "role[webserver]" -I

    ami-2d4aa444 --flavor m1.small -G www,default - x ubuntu -N server01 • knife digital_ocean droplet create --server-name awesome-vm2.chef.io --image 25306 --location 4 --size 66 --ssh-keys 1234,1235 --bootstrap --run- list "role[base],role[webserver]" 20
  17. 21

  18. resources • “A resource defines the desired state for a

    single configuration item present on a node that is under management by Chef.”
 (http://docs.opscode.com/resource.html) • Examples: system user, folders, files, packages, execute, deploy • has: attributes, actions, guards, guard interpreters 23
  19. providers • the code behind a resource • can depend

    on the OS (etc.) on the node • example: “package” resource may use: apt/ dpkg, rpm, gem etc. • sometimes you still need to handle different OS/ distributions (example: apache package) 24
  20. LWRP • lightweight resource/provider • a more declarative/DSL way to

    create resources/ providers • can be supplied by cookbooks 25
  21. attributes • in the end make up the node object

    • sources: ohai, attribute files, recipes, environments, roles • types: default, force_default, normal, override, force_override, automatic • become one big json-style tree 27
  22. attribute precedence • A default attribute located in a cookbook

    attribute file • A default attribute located in a recipe • A default attribute located in an environment • A default attribute located in role • A force_default attribute located in a cookbook attribute file • A force_default attribute located in a recipe • A normal attribute located in a cookbook attribute file • A normal attribute located in a recipe • An override attribute located in a cookbook attribute file • An override attribute located in a recipe • An override attribute located in a role • An override attribute located in an environment • A force_override attribute located in a cookbook attribute file • A force_override attribute located in a recipe • An automatic attribute identified by Ohai at the start of the chef-client run 28
  23. attribute precedence, simplified • default, force_default, normal, override, force_override, automatic

    • cookbook, recipe, role, environment • automatic comes from ohai only 29
  24. my little cookbook • deploy a static website • use

    the webapp definition from the apache cookbook • configurable via attribute 30
  25. let’s iterate • we want 2 different sites. or maybe

    3? • maybe we should have a dev environment? 32
  26. data bags • have a name • contain named items

    • items are JSON style data • globally available • can be encrypted 33
  27. environments • default environment is called _default • _default can’t

    really be modified • other environments can contain attributes and cookbook version constraints 34
  28. chef metal • very new (version 0.10.2) • machine resource

    • abstracts cloud, VMs, Containers etc. • allows you to put a cluster configuration into a file 38
  29. what else? • testing: • test-kitchen for integration testing across

    various platforms (using vagrant, usually) • ChefSpec: RSpec based unit testing • both are part of chef-dk • querying the server 39