Infrastructure as Code and Chef

Nathen Harvey | VP, Community Development | [email protected]

View Slide

EVERY business is a software business
We’re going to be a software
company with airplanes.
– CIO, Alaska Airlines

View Slide

Quality and innovation, historically a tradeoff
QUALITY/COMPLIANCE
RATE OF INNOVATION

View Slide

Challenges
Manual processes
Weeks to setup new systems or software
Legacy systems and tools
Inﬂexible, hard-to-change hardware and software
Organizational silos
Unwieldy divisions of responsibility
Infrequent, large releases
Fear of deployment due to risk to SLAs
Regulatory burdens
Compliance bottleneck at the end of a project

View Slide

Idea Value
æ
S
ƴ
Ä
ǋ
Manual processes
Regulatory burdens
Automation
New systems and software updates deployed in minutes
Solutions to the challenges

View Slide

Idea Value
æ
S
ƴ
Ä
ǋ
Manual processes
Regulatory burdens
Dynamic infrastructure
Easy migration to on-demand, cloud-based infrastructure and
management of heterogeneous networks
Automation

View Slide

Idea Value
æ
S
ƴ
Ä
ǋ
Manual processes
Regulatory burdens
Increased cooperation and trust
Teams are aligned towards common goals
Automation

View Slide

Idea Value
æ
S
ƴ
Ä
ǋ
Manual processes
Regulatory burdens
Automation
Continuous delivery of infrastructure and
applications
Safe, rapid delivery of incremental value

View Slide

Idea Value
æ
S
ƴ
Ä
ǋ
Manual processes
Regulatory burdens
Compliance at velocity
Integration of compliance into the workﬂow using automated
tests
Automation
Continuous delivery of infrastructure and
applications
Safe, rapid delivery of incremental value

View Slide

The game changer: rapid time to value
Innovation
Quality/
Compliance
Dynamic
Infrastructure

View Slide

Migrate applications to the cloud and support hybrid and multi-cloud
environments. Automate the management of heterogeneous
networks, including legacy systems.
•  Provisioning and setting up environments
•  Dynamic scaling of compute resources
•  Migrating legacy workloads to the cloud
•  Multi cloud and hybrid cloud deployment
•  Support for heterogeneous environments

View Slide

Innovation
Quality/
Compliance
Dynamic
Infrastructure
Infrastructure as Code
Automate the Stack
+

View Slide

•  Programmatically provision and conﬁgure
components

View Slide

components
•  Treat like any other code base

View Slide

components
•  Treat like any other code base
•  Reconstruct business from code repository, data
backup, and compute resources

View Slide

Automation
Turn infrastructure into code—infrastructure as code is versionable,
testable and repeatable. Manual processes become a thing of the
past.
•  Automated, full-stack application policies
•  Package and service installation
•  Versionable, testable, repeatable workﬂow
•  Scalable application policies
•  Management of interdependencies across nodes

View Slide

Chef Server
Policy
State
State queries
Servers, VMs, cloud instances,
etc.
running the Chef client
•  The Chef server stores policy and conﬁguration data
•  The Chef client periodically runs on each node in the network
•  Chef clients poll the server for the latest policies
•  Chef clients notify the server of their states and can query for the states of other nodes

View Slide

Describe Infrastructure as Code
httpd_service 'customers' do
mpm 'prefork'
action [:create, :start]
end
httpd_config 'customers' do
instance 'customers'
source 'customers.conf.erb'
notifies :restart, 'httpd_service[customers]'
end
directory '/var/www/customers/public_html' do
recursive true
end

View Slide

Test the Code
describe 'apache::default' do
context 'When all attributes are default, on an unspecified platform' do
let(:chef_run) do
runner = ChefSpec::ServerRunner.new
runner.converge(described_recipe)
end
it 'converges successfully' do
expect { chef_run }.to_not raise_error
end
it 'installs apache' do
expect(chef_run).to install_package 'apache2'
end
end
end

View Slide

Version the Code & the Artifact
name 'cmgw'
maintainer 'Chef Software, Inc.'
maintainer_email '[email protected]'
license 'apache2'
description 'Installs/Configures cmgw'
long_description 'Installs/Configures cmgw'
version '0.1.0'

View Slide

Innovation
Quality/
Compliance
Dynamic
Infrastructure
Automate the Stack
DevOps
+ +

View Slide

DEVOPS
A cultural and professional movement,
focused on how we build and operate
high velocity organizations, born from
the experiences of its practitioners.

View Slide

PEOPLE
PRODUCTS
COMPANIES

View Slide

WE ARE LEAN
•  Eliminate non-value-added action (Waste/Muda)
•  Pull over Push
•  Kaizen (Continuous Improvement)
•  Kaikaku (Disruptive Change)
•  Small Batch + Experimentation

View Slide

View Slide

UBIQUITOUS
WORKFLOW
AUTOMATION

View Slide

DIVERSITY

View Slide

DevOps workflow & culture
Eliminate silos and lower the overhead of IT operations and service
management by supporting DevOps culture. Build communities.
•  Unified workflow for application and infrastructure
•  Integration with version control for dev and ops
•  Support for automated testing of infrastructure and
applications
•  Integration of security and compliance into product
development
•  Advanced, high-velocity workflow

View Slide

Continuous delivery of infrastructure & apps
Implement a high-velocity software delivery pipeline that integrates
application and infrastructure. Eliminate the risks incurred with large,
infrequent releases.
•  Rapid provisioning of dev and test environments
•  Ensure consistency and repeatability of environments
•  Uniﬁed pipeline for infrastructure, runtime
environments and applications
•  Support for large teams with multiple projects
•  Advanced, high-velocity workﬂow

View Slide

Security and compliance at velocity
Regulatory compliance and security concerns are facts of life for
every enterprise. At the same time, competitive pressures are
increasing. Embed requirements into the software delivery pipeline.
Code makes compliance at velocity possible.
•  Embed compliance into the software delivery pipeline
•  Automated checking of compliance criteria with
analytics
•  Structured review process during development
•  Discovery and analysis
•  Patch management and remediation

View Slide

View Slide

MANAGE RISK
•  Small batches, near term hypothesis
•  Validation comes from customers
•  Introduce near-term volatility to gain decreased
long-term risk

View Slide

View Slide

CONTINUOUS INTEGRATION
•  Always integrate branches to master
•  They should be short lived, iterative branches
•  Fix the build when it goes red

View Slide

THE FOUR-EYE RULE

View Slide

WRITE TESTS
•  Unit test (a single function)
•  Integration tests (multiple classes/units)
•  Functional tests (user-oriented, high-level, full
stack)
•  Smoke tests (quickly determine if the system is
“working”)

View Slide

ONE PATH FOR CHANGE
•  The way change moves through your
organization is fixed
•  Designed to re-enforce your principles and aid
flow
•  Flexible at the level of execution

View Slide

CODE GOES THROUGH THE
SAME WORKFLOW
Applications are code
Infrastructure is code

View Slide

The rewards?*
*source: Dr. Nicole Forsgren research on DevOps
More deployments
Ship faster
Faster MTTR after issues
More proﬁts, market share, and productivity
Market cap goes up

View Slide

Chef Provides a Proven Approach to DevOps
...
...
...
Targets/Workloads
Collaborative Dev Production
Chef Server
Chef Server
Chef Supermarket
Assessment
Chef Compliance
Search
^ Audit
Ǘ Discover
Deploy
Test
Chef Delivery!
Local Dev
ê Model
ƨ Build
¿ Test
Chef DK
Chef Client & Cookbooks

View Slide

Demo Time

View Slide

...
...
...
Targets/Workloads
Assessment
Chef Compliance
Search
^ Audit
Ǘ Discover

View Slide

...
...
...
Targets/Workloads
Assessment
Chef Compliance
Search
^ Audit
Ǘ Discover
Local Dev
ê Model
ƨ Build
¿ Test
Chef DK

View Slide

...
...
...
Targets/Workloads
Collaborative Dev
Assessment
Chef Compliance
Search
^ Audit
Ǘ Discover
Deploy
Test
Chef Delivery!
Local Dev
ê Model
ƨ Build
¿ Test
Chef DK

View Slide

Unified Pipeline Shape
The stages are fixed, and each stage has a fixed set of phases!
APPROVE DELIVER
Submit
Change

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Submit
Change

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Submit
Change
Does this
code change
look good?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Submit
Change
Does this
code change
look good?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Provision
Deploy
Smoke
Functional
Submit
Change
Does this
code change
look good?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Provision
Deploy
Smoke
Functional
Submit
Change
Does this
code change
look good?
Do we want
to ship this?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Submit
Change
Does this
code change
look good?
Do we want
to ship this?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Submit
Change
Does this
code change
look good?
Do we want
to ship this?

View Slide

APPROVE DELIVER
Lint
Syntax
Unit
Security
Quality
Publish
Lint
Syntax
Unit
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Provision
Deploy
Smoke
Functional
Submit
Change
Does this
code change
look good?
Do we want
to ship this?

View Slide

Shared Workﬂow
Delivery’s pipeline is shared across projects and teams

View Slide

...
...
...
Targets/Workloads
Collaborative Dev Production
Chef Server
Chef Server
Chef Supermarket
Assessment
Chef Compliance
Search
^ Audit
Ǘ Discover
Deploy
Test
Chef Delivery!
Local Dev
ê Model
ƨ Build
¿ Test
Chef DK

View Slide

What questions can I answer for you?

View Slide

Nathen Harvey
• VP, Community Development at Chef
• Co-host of the Food Fight Show Podcast
• Co-organizer of DevOpsDC meetup
• Occasional farmer – http://ei.chef.io
• Love eggs – http://eggs.chef.io
• @nathenharvey
• [email protected]

View Slide

Infrastructure as Code and Chef

Infrastructure as Code and Chef

Nathen Harvey

More Decks by Nathen Harvey

Other Decks in Technology

Featured

Transcript