Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Automate your Infrastructure with Chef
Search
Christian Joudrey
February 28, 2013
Programming
9
630
Automate your Infrastructure with Chef
Talk given at ConFoo 2013 on February 28th, 2013.
Christian Joudrey
February 28, 2013
Tweet
Share
More Decks by Christian Joudrey
See All by Christian Joudrey
Writing NES games! with assembly!!
cjoudrey
1
750
Developing at Scale
cjoudrey
3
490
Scaling Rails for Black Friday / Cyber Monday at Shopify
cjoudrey
6
6k
Tips and Tricks from Shopify's codebase
cjoudrey
2
570
Scaling Shopify
cjoudrey
3
540
#pairwithme
cjoudrey
3
260
Two-factor authentication
cjoudrey
4
390
Other Decks in Programming
See All in Programming
ThorVG Viewer In VS Code
nors
0
500
令和最新版Android Studioで化石デバイス向けアプリを作る
arkw
0
470
「コードは上から下へ読むのが一番」と思った時に、思い出してほしい話
panda728
PRO
39
26k
20251212 AI 時代的 Legacy Code 營救術 2025 WebConf
mouson
0
240
tsgolintはいかにしてtypescript-goの非公開APIを呼び出しているのか
syumai
7
2.4k
Graviton と Nitro と私
maroon1st
0
160
perlをWebAssembly上で動かすと何が嬉しいの??? / Where does Perl-on-Wasm actually make sense?
mackee
0
260
CSC307 Lecture 02
javiergs
PRO
1
740
The Art of Re-Architecture - Droidcon India 2025
siddroid
0
150
re:Invent 2025 トレンドからみる製品開発への AI Agent 活用
yoskoh
0
570
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
560
CSC307 Lecture 01
javiergs
PRO
0
650
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.7k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.1k
How to Think Like a Performance Engineer
csswizardry
28
2.4k
Docker and Python
trallard
47
3.7k
4 Signs Your Business is Dying
shpigford
187
22k
A better future with KSS
kneath
240
18k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.2k
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
0
370
Optimizing for Happiness
mojombo
379
70k
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
0
400
Un-Boring Meetings
codingconduct
0
170
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
1
210
Transcript
Automate your Infrastructure with Chef
cjoudrey @
None
c #
c # # # # # # # in minutes
# d # d c # # # # #
d in minutes
w Manual setup takes time
# ruby 1.9.3 # ruby 1.9.2 != and error-prone
# ruby 1.9.3 # ruby 1.9.2 != Oops! and error-prone
What is ?! Chef
1 Manage servers with ruby code
instead of $ ssh root@app1 Last login: Thu Feb 28
... # apt-get install nginx ... # vim /etc/nginx/nginx.conf ... # apt-get install ruby ...
client server
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
# node # node # node # chef server chef-client
(server1 to server3.example.com) knife ! (local machine)
2terminology Chef
2recipe Ruby file that contains Chef commands
2cookbook Collection of Chef recipes
Getting started with Chef 2
git clone opscode/chef-repo https://github.com/opscode/chef-repo !
! $ ls confoo ... cookbooks/ data_bags/ environments/ roles/
Install Chef on local machine !
! gem install chef
# Hosted* Chef server from Opscode * free up to
5 nodes
#
#
Setup Knife on local machine !
# node # node # node # chef server (server1
to server3.example.com) (chef.example.com) knife ! (local machine)
! $ ls confoo/.chef confoo-demo-validator.pem confoo-demo.pem knife.rb Copy files to
REPO/.chef
! $ cd confoo $ knife user list confoo-demo Test
Knife
8 Create your first cookbook $ cd confoo $ knife
cookbook create nginx
8 $ ls cookbooks/nginx ... attributes/ providers/ recipes/ resources/ templates/
package "nginx" cookbooks/nginx/recipes/default.rb
package installs using system’s package mgr
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx"
service defines an available service
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end
:enable start on server boot
:start start when Chef runs
8 Upload cookbook $ knife cookbook upload nginx Uploading nginx
[0.1.0]
Let’s test it on a node #
! $ knife bootstrap \ server1.example.com Bootstrap a node
!
2run list Ordered list of recipes and roles that get
run on the node
! $ knife node edit \ server1.example.com Edit a node
{ "name": "server1.example.com", "run_list": [ ] }
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
recipe[nginx::default] means default recipe of nginx cookbook
$ ssh server1.example.com server1:~# chef-client Run Chef on the node
#
#
#
# Let’s configure nginx
copy from server to nginx cookbook templates/default/nginx.conf.erb /etc/nginx/nginx.conf !
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
cookbooks/nginx/recipes/default.rb package "nginx" service "nginx" do supports :status => true,
:restart => true, :reload => true action [:enable, :start] end template "/etc/nginx/nginx.conf" do source "nginx.conf.erb" notifies :reload, "service[nginx]" end
! Upload the cookbook and run chef-client on node
#
2 Chef is idempotent
! What if we edit templates/default/nginx.conf.erb and run Chef
#
#
#
Let’s run Chef one more time #
#
2Attributes
nginx/templates/default/nginx.conf.erb user www-data; worker_processes 2; pid /var/run/nginx.pid; ...
nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2
nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;
...
# Override for a specific node
{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }
{ "name": "server1.example.com", "normal": { "nginx": { "worker_processes": 4 },
}, "run_list": [ "recipe[nginx::default]" ] }
2Roles
roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(
'nginx' => { 'worker_processes' => 2 } )
! $ knife role from file \ app-server.rb Upload a
role
Apply the role on a node #
{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }
#
{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }
2 Environments
environments/production.rb name 'production' cookbook_versions 'nginx' => '= 0.1.0'
{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }
! Searching for nodes $ knife search node \ role:app-server
2
8 Searching can be done in recipes too!
8 Searching can be done in recipes too! OMFG!
backend app balance roundrobin server app1 10.10.0.1 check port 80
server app2 10.10.0.2 check port 80 server app3 10.10.0.3 check port 80
nodes = search( :node, 'role:app-server' ) template "/etc/haproxy.conf" do source
"haproxy.conf.erb" variables :nodes => nodes end
backend www balance roundrobin <% @nodes.each do |n| %> server
<%= n[:hostname] %> <%= n[:ipaddress] %> check port <% end %>
2Goodies
None
None
None
None
None
Automation is important
# staging/CI # production ! development = =
Thanks!
cjoudrey @
cjoudrey
nors
arkw
panda728
mouson
syumai
maroon1st
mackee
javiergs
siddroid
yoskoh
ivargrimstad
jnunemaker
mraible
csswizardry
trallard
shpigford
kneath
tammyeverts
joshbly
mojombo
honzajavorek
codingconduct
skipperchong
![{ "name": "server1.example.com", "run_list": [ ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_48.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_49.jpg){kind=link}
![recipe[nginx::default] means default recipe of nginx cookbook](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_50.jpg){kind=link}
![nginx/attributes/nginx.rb default['nginx']['worker_processes'] = 2](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_71.jpg){kind=link}
![nginx/templates/default/nginx.conf.erb user www-data; worker_processes <%= node['nginx'] ['worker_processes'] %>; pid /var/run/nginx.pid;](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_72.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_74.jpg){kind=link}
![roles/app-server.rb name 'app-server' description 'app-server stuff' run_list( 'recipe[nginx::default]' ) override_attributes(](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_77.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_80.jpg){kind=link}
![{ "name": "server1.example.com", "run_list": [ "role[base]", "role[app-server]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_82.jpg){kind=link}
![{ "name": "server1.example.com", "chef_environment": "production", "run_list": [ "recipe[nginx::default]" ] }](https://files.speakerdeck.com/presentations/b566ebe063840130298b22000a1e877c/slide_85.jpg){kind=link}
