Chef is an Automation Platform for developers & systems engineers to build & manage Infrastructure as Code. "743 lines of #opschef to build new product infrastructure from scratch. Thank you, @opscode.” -@bdha, August 18, 2011 What is Chef? Thursday, February 28, 13
package "haproxy" do action :install end template "/etc/haproxy/haproxy.cfg" do source "haproxy.cfg.erb" owner "root" group "root" mode 0644 notifies :restart, "service[haproxy]" end service "haproxy" do supports :restart => true action [:enable, :start] end Chef Enables Infrastructure as Code • Resources • Recipes • Cookbooks and Roles • Source Code Thursday, February 28, 13
Agenda • In-place File Editing for Greater Good • Use Chef's Built-in Version Matching • REPLs are fun, so Chef has one! • Take the Resource Collection for a Stroll • The Anatomy of Loading and Executing a Single Recipe http://www.flickr.com/photos/koalazymonkey/3590953001/ • Bonus, if we have time! Thursday, February 28, 13
Danger: Anti-pattern? • This makes it hard to reason about where changes to files are coming from • Manage whole-file resources (template, cookbook_file, remote_file) • But sometimes you have to edit a line... Thursday, February 28, 13
Chef::Util::FileEdit methods... #if matched, replace the whole line with newline. search_file_replace_line(regex, newline) #if matched, replace the match (all occurances) with the replace parameter search_file_replace(regex, replace) #if matched, delete the line search_file_delete_line(regex) #if matched, delete the match (all occurances) from the line search_file_delete(regex) #if matched, insert newline after each matching line insert_line_after_match(regex, newline) #if not matched, insert newline at the end of the file insert_line_if_no_match(regex, newline) #write the new file content write_file Thursday, February 28, 13
Sean OMeara's line cookbook • Sean OMeara wrote a "line" cookbook. • Resource/Provider for managing single lines. • http://ckbk.it/line http://www.flickr.com/photos/49889874@N05/6743622955/ Thursday, February 28, 13
Chef::VersionConstraint • First class comparison operators • Allows X.Y.Z version strings • Not lossy, unlike (potentially) #to_i or #to_f. http://docs.opscode.com/essentials_cookbook_versions_constraints.html Thursday, February 28, 13
How to use Chef::VersionConstraint • `require` the library • Initialize a Chef::VersionConstraint object w/ the constraint • Send the include? method with the version to match Thursday, February 28, 13
Constraint Operator = Equal > Greater than < Less than >= Greater than / equal <= Less than / equal ~> Approximately greater than (pessimistic) Thursday, February 28, 13
chef-shell, the Chef REPL • Chef 11: chef-shell • Chef 10: shef • Built on IRB • Three modes/contexts: • main, attributes, recipe http://www.flickr.com/photos/51064559@N06/5746903658/ Thursday, February 28, 13
chef-shell main % chef-shell loading configuration: none (standalone session) Session type: standalone Loading...done. This is the chef-shell. Chef Version: 11.2.0 http://www.opscode.com/chef http://wiki.opscode.com/display/chef/Home run `help' for help, `exit' or ^D to quit. Ohai2u jtimberman@champagne chef > Thursday, February 28, 13
chef-shell main chef > help chef-shell Help ================================================== | Command | Description ================================================== | Lots of commands | and their descriptions chef > halp :-) Thursday, February 28, 13
chef-shell main context • Many of the commands available work with a Chef Server's API. • So let's start up chef-shell configured for a Chef Server. Thursday, February 28, 13
Interact with a Chef Server % chef-shell -z loading configuration: /etc/chef/client.rb Session type: client ... chef > Chef::Config[:chef_server_url] => "https://api.opscode.com/organizations/my_org" chef > node.run_list => role[mac_os_x], role[workstation] Thursday, February 28, 13
chef-shell attributes_mode • Context of a cookbook's attributes file. • Useful to paste content from your cookbook. • Follows the same rules as Chef loading attributes files Thursday, February 28, 13
chef-shell attributes_mode chef > attributes_mode chef:attributes > default['shef'] = "Fun" => "Fun" chef:attributes > node['shef'] = "Awesometown" Chef::Exceptions::ImmutableAttributeModification: Node attributes are read-only when you do not specify which precedence level to set. To set an attribute use code like `node.default["key"] = "value"' chef:attributes > node.default['shef'] = "Awesometown" => "Awesometown" Thursday, February 28, 13
chef-shell recipe_mode • Context of a Chef Recipe. • All resources, recipe DSL methods are available. • Highly useful for debugging! • Run in client mode for interacting with a Chef Server. Thursday, February 28, 13
The Resource Collection • Chef loads recipes looking for resources • Each resource is added to the ResourceCollection • Once done, Chef walks the resource collection, taking the appropriate action Thursday, February 28, 13
Consider this recipe: package "apache2" template "/etc/apache2/apache2.conf" do mode 0644 owner "www-data" group "www-data" notifies :restart, "service[apache2]" end service "apache2" do supports :reload => true, :status => true action [:enable, :start] end Thursday, February 28, 13
Paste the recipe in chef-shell then use resources() chef:recipe > resources ["package[apache2]", "template[/etc/apache2/ apache2.conf]", "service[apache2]"] • resources returns an array of all the resources • Each resource has a type and a name. Thursday, February 28, 13
run_context.resource_collection • The run_context loads and tracks the context of the Chef run. • The resource collection is part of the run context. • Access the resource collection directly with run_context.resource_collection Thursday, February 28, 13
Show the resource collection chef:recipe > run_context.resource_collection => #snip ... @resources_by_name={"package[apache2]"=>0, "template[/etc/apache2/apache2.conf]"=>1, "service[apache2]"=>2}, @insert_after_idx=nil> • resource_by_name is a hash of all the resources. • This is what #resources() looks up. • Note the numeric index Thursday, February 28, 13
Walk the resource collection chef:recipe > run_context.resource_collection.each do |r| puts "#{r} is a #{r.resource_name}" end package[apache2] is a package template[/etc/apache2/apache2.conf] is a template service[apache2] is a service Thursday, February 28, 13
chef-apply • Started from a gist • Now included in Chef 11 • /usr/bin/chef-apply • Thanks, Bryan Berry! https://gist.github.com/danielsdeleo/2920702 Thursday, February 28, 13
More about Chef • learnchef.com • www.opscode.com/chef/install • docs.opscode.com • lists.opscode.com • community.opscode.com Thursday, February 28, 13
FAQ: Installation difficulty • Configuration management systems are complex in their own right. • The Chef Server is a publishing system with an API. • Chef is a service-oriented web application. Thursday, February 28, 13
jtimberman
is_ryo
oracle4engineer
ikumatadokoro
yuhattor
shinyaigeek
revcomm_inc
andpad
nwiizo
sugawani
ttccddtoki
fedepaol
kddisnowvillage
keithpitt
addyosmani
dougneiner
philhawksworth
searls
skipperchong
chriscoyier
aleyda
lauravandoore
chrislema
mza
jlugia