Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Automate your Infrastructure with Chef

Avatar for Christian Joudrey Christian Joudrey
February 28, 2013
Programming
9
600

Automate your Infrastructure with Chef

Talk given at ConFoo 2013 on February 28th, 2013.
Avatar for Christian Joudrey

Christian Joudrey

February 28, 2013
Tweet

More Decks by Christian Joudrey

See All by Christian Joudrey
Writing NES games! with assembly!!
Avatar for Christian Joudrey cjoudrey
1
720
Developing at Scale
Avatar for Christian Joudrey cjoudrey
3
480
Scaling Rails for Black Friday / Cyber Monday at Shopify
Avatar for Christian Joudrey cjoudrey
6
5.8k
Tips and Tricks from Shopify's codebase
Avatar for Christian Joudrey cjoudrey
2
560
Scaling Shopify
Avatar for Christian Joudrey cjoudrey
3
530
#pairwithme
Avatar for Christian Joudrey cjoudrey
3
250
Two-factor authentication
Avatar for Christian Joudrey cjoudrey
4
380

Other Decks in Programming

See All in Programming
すべてのコンテキストを、 ユーザー価値に変える
Avatar for Michiru Kato applism118
1
290
Perplexity Slack Botを作ってAI活用を進めた話 / AI Engineering Summit プレイベント
Avatar for yukyan n3xem
0
670
事業戦略を理解してソフトウェアを設計する
Avatar for 増田 亨 masuda220
PRO
22
6.2k
Is Xcode slowly dying out in 2025?
Avatar for 上ちょ / uetyo uetyo
1
150
生成AIコーディングとの向き合い方、AIと共創するという考え方 / How to deal with generative AI coding and the concept of co-creating with AI
Avatar for shiro seike seike460
PRO
1
320
Go1.25からのGOMAXPROCS
Avatar for kuro kuro_kurorrr
1
770
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
Avatar for r-kagaya rkaga
41
27k
Development of an App for Intuitive AI Learning - Blockly Summit 2025
Avatar for Teba_eleven teba_eleven
0
120
エンジニア向け採用ピッチ資料
Avatar for 犬飼嵩 inusan
0
140
今ならAmazon ECSのサービス間通信をどう選ぶか / Selection of ECS Interservice Communication 2025
Avatar for Tetsuya Kikuchi tkikuc
11
2.7k
単体テストの始め方/作り方
Avatar for toms toms74209200
0
510
KotlinConf 2025 現地で感じたServer-Side Kotlin
Avatar for Takehata Naoto n_takehata
1
220

Featured

See All Featured
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
126
17k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
130
19k
The Language of Interfaces
Avatar for Des Traynor destraynor
158
25k
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
411
22k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
328
39k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
34
3k
How GitHub (no longer) Works
Avatar for Zach Holman holman
314
140k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
10
650
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
357
30k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
7
490

Transcript

  1. Automate your Infrastructure with Chef

  2. cjoudrey   @

  3. None

  4. c #

  5. c # # # # # # # in minutes

  6. # d # d c # # # # #

    d in minutes

  7. w Manual setup takes time

  8. # ruby 1.9.3 # ruby 1.9.2 != and error-prone

  9. # ruby 1.9.3 # ruby 1.9.2 != Oops! and error-prone

  10. What is ?! Chef

  11. 1 Manage servers with ruby code

  12. instead of $ ssh root@app1 Last login: Thu Feb 28

    ... # apt-get install nginx ... # vim /etc/nginx/nginx.conf ... # apt-get install ruby ...

  13. client server

  14. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  15. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  16. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  17. # node # node # node # chef server chef-client

    (server1 to server3.example.com) knife ! (local machine)

  18. 2terminology Chef

  19. 2recipe Ruby file that contains Chef commands

  20. 2cookbook Collection of Chef recipes

  21. Getting started with Chef 2

  22. git clone opscode/chef-repo https://github.com/opscode/chef-repo !

  23. ! $ ls confoo ... cookbooks/ data_bags/ environments/ roles/

  24. Install Chef on local machine !

  25. ! gem install chef

  26. # Hosted* Chef server from Opscode * free up to

    5 nodes

  27. #

  28. #

  29. Setup Knife on local machine !

  30. # node # node # node # chef server (server1

    to server3.example.com) (chef.example.com) knife ! (local machine)

  31. ! $ ls confoo/.chef confoo-demo-validator.pem confoo-demo.pem knife.rb Copy files to

    REPO/.chef

  32. ! $ cd confoo $ knife user list confoo-demo Test

    Knife

  33. 8 Create your first cookbook $ cd confoo $ knife

    cookbook create nginx

  34. 8 $ ls cookbooks/nginx ... attributes/ providers/ recipes/ resources/ templates/

  35. package "nginx" cookbooks/nginx/recipes/default.rb

  36. package installs using system’s package mgr

  37. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx"

  38. service defines an available service

  39. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true end

  40. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end

  41. :enable start on server boot

  42. :start start when Chef runs

  43. 8 Upload cookbook $ knife cookbook upload nginx Uploading nginx

    [0.1.0]

  44. Let’s test it on a node #

  45. ! $ knife bootstrap \ server1.example.com Bootstrap a node

  46. !

  47. 2run list Ordered list of recipes and roles that get

    run on the node

  48. ! $ knife node edit \ server1.example.com Edit a node

  49. { "name": "server1.example.com", "run_list": [ ] }

  50. { "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }

  51. recipe[nginx::default] means default recipe of nginx cookbook

  52. $ ssh server1.example.com server1:~# chef-client Run Chef on the node

    #

  53. #

  54. #

  55. # Let’s configure nginx

  56. copy from server to nginx cookbook templates/default/nginx.conf.erb /etc/nginx/nginx.conf !

  57. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  58. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  59. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  60. cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,

    :restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end

  61. ! Upload the cookbook and run chef-client on node

  62. #

  63. 2 Chef is idempotent

  64. ! What if we edit templates/default/nginx.conf.erb and run Chef

  65. #

  66. #

  67. #

  68. Let’s run Chef one more time #

  69. #

  70. 2Attributes

  71. nginx/templates/default/nginx.conf.erb user www-data; worker_processes 2; pid /var/run/nginx.pid; ...

  72. nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2

  73. nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;

    ...

  74. # Override for a specific node

  75. { "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }

  76. { "name": "server1.example.com", "normal": { "nginx": { "worker_processes": 4 },

    }, "run_list": [ "recipe[nginx::default]" ] }

  77. 2Roles

  78. roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(

    'nginx' => { 'worker_processes' => 2 } )

  79. ! $ knife role from file \ app-server.rb Upload a

    role

  80. Apply the role on a node #

  81. { "name": "server1.example.com", "run_list": [ "role[app-server]" ] }

  82. #

  83. { "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }

  84. 2 Environments

  85. environments/production.rb name 'production' cookbook_versions 'nginx' => '= 0.1.0'

  86. { "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }

  87. ! Searching for nodes $ knife search node \ role:app-server

  88. 2

  89. 8 Searching can be done in recipes too!

  90. 8 Searching can be done in recipes too! OMFG!

  91. backend app balance roundrobin server app1 10.10.0.1 check port 80

    server app2 10.10.0.2 check port 80 server app3 10.10.0.3 check port 80

  92. nodes = search( :node, 'role:app-server' ) template "/etc/haproxy.conf" do source

    "haproxy.conf.erb" variables :nodes => nodes end

  93. backend www balance roundrobin <% @nodes.each do |n| %> server

    <%= n[:hostname] %> <%= n[:ipaddress] %> check port <% end %>

  94. 2Goodies

  95. None
  96. None
  97. None
  98. None
  99. None

  100. Automation is important

  101. # staging/CI # production ! development = =

  102. Thanks!

  103. cjoudrey   @