Introduction to Chef

Transcript

1. v2.0.0 Introduction to Chef 1 Nathen Harvey @nathenharvey [email protected] github.com/nathenharvey

   Wednesday, March 12, 14

2. v2.0.0 Introductions 2 Wednesday, March 12, 14

3. Nathen Harvey • Technical Community Manager at Opscode • Co-host

   of the Food Fight Show Podcast • @nathenharvey • [email protected] Wednesday, March 12, 14

4. Who are you? • System administrator? • Developer? • Ruby

   Developer? • DevOp? 4 Wednesday, March 12, 14

5. Who are you? • Experience with Configuration Management? • Experience

   with Chef? 5 Wednesday, March 12, 14

6. Who are you? • Favorite text editor? 6 Wednesday, March

   12, 14

7. Who are you? • Which version control system do you

   use? •cp foo foo.bak •cp foo{,.`date +%Y%m%d%H%M`} 7 Wednesday, March 12, 14

8. Who are you? • Which version control system do you

   use? •cp foo foo.bak •cp foo{,.`date +%Y%m%d%H%M`-`$USER`} 8 Wednesday, March 12, 14

9. http://www.flickr.com/photos/michaelheiss/3090102907/ Complexity 9 Wednesday, March 12, 14

10. Policies 10 • Declarations about the state of thing in

    a system • applied repeatedly and repair the system when needed • often change Wednesday, March 12, 14

11. Operations • Idempotent • can be applied an infinite number

    of times and yield the same result every time • Convergent • test state and repair if needed 11 Wednesday, March 12, 14

12. Autonomous agent Policy: The box should be closed Wednesday, March

    12, 14

13. Autonomous agent Policy: The box should be closed Wednesday, March

    12, 14

14. Policy Evolves 13 Wednesday, March 12, 14

15. Following Policy • A control loop keeps the system stable

    and allows for change when policy is updated 14 Wednesday, March 12, 14

16. Policy Evolves 15 Wednesday, March 12, 14

17. Policy Evolves 15 That's great and all, but tell me

    about Chef! Wednesday, March 12, 14

18. What is Chef? • Open source framework for managing complexity

    • Infrastructure as code • a domain-specific language (DSL) for describing convergent operations • A community of professionals • A company 16 Wednesday, March 12, 14

19. How does Chef work? • Ensure desired state by continually

    testing and repairing individual resources in the system • Compose policies using a series of abstractions 17 Wednesday, March 12, 14

20. Desired Configuration Node Chef Server chef-client What policy should I

    follow? 18 Wednesday, March 12, 14

21. Desired Configuration Node Chef Server chef-client What policy should I

    follow? "recipe[ntp::client]" "recipe[users]" "role[webserver]" 19 Wednesday, March 12, 14

22. Desired Configuration Chef Server chef-client What policy should I follow?

    "recipe[ntp::client]" "recipe[users]" "role[webserver]" 20 Wednesday, March 12, 14

23. Wednesday, March 12, 14

24. Recipes package "apache2" 22 resource one Wednesday, March 12, 14

25. Recipes package "apache2" template "/etc/apache2/apache2.conf" do source "apache2.conf.erb" owner "root"

    group "root" mode "0644" variables(:allow_override => "All") notifies :reload, "service[apache2]" end 23 resource one resource two Wednesday, March 12, 14

26. Recipes package "apache2" template "/etc/apache2/apache2.conf" do source "apache2.conf.erb" owner "root"

    group "root" mode "0644" variables(:allow_override => "All") notifies :reload, "service[apache2]" end service "apache2" do action [:enable,:start] supports :reload => true end 24 resource one resource two resource three Wednesday, March 12, 14

27. Recipes 25 resource one Wednesday, March 12, 14

28. Recipes 26 resource one resource two Wednesday, March 12, 14

29. Recipes 27 resource one resource two resource three Wednesday, March

    12, 14

30. Built-in Resources • package • template • service • cron

    • directory • mount • user • group • registry_key • remote_directory • route • ...and many more! 28 Wednesday, March 12, 14

31. Wednesday, March 12, 14

32. Wednesday, March 12, 14

33. Managing Complexity • Organizations • Environments • Roles • Nodes

    • Recipes • Cookbooks • Search • Data 30 Wednesday, March 12, 14

34. Their Infrastructure Organizations My Infrastructure Your Infrastructure 31 Wednesday, March

    12, 14

35. Environments Development Staging Production 32 Wednesday, March 12, 14

36. Roles Load Balancers Application Servers DB Cache Database 33 Wednesday,

    March 12, 14

37. Nodes 34 Wednesday, March 12, 14

38. Wednesday, March 12, 14

39. Search • Search for nodes with Roles • Find Topology

    Data • IP addresses • Hostnames • FQDNs http://www.flickr.com/photos/kathycsus/2686772625 36 Wednesday, March 12, 14

40. Search for Nodes pool_members = search("node","role:webserver") template "/etc/haproxy/haproxy.cfg" do source

    "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]" end 37 Wednesday, March 12, 14

41. Search for Nodes pool_members = search("node","role:webserver") template "/etc/haproxy/haproxy.cfg" do source

    "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]" end 38 Wednesday, March 12, 14

42. Pass results into Templates # Set up application listeners here.

    listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> 39 Wednesday, March 12, 14

43. Pass results into Templates # Set up application listeners here.

    listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> 40 Wednesday, March 12, 14

44. # Set up application listeners here. listen application 0.0.0.0:80 balance

    roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> Pass results into Templates 41 Wednesday, March 12, 14

45. Jboss App Memcache Postgres Slaves Postgres Master Nagios Graphite So

    when this... 42 Wednesday, March 12, 14

46. Jboss App Memcache Postgres Slaves Postgres Master Nagios Graphite ...becomes

    this 43 Wednesday, March 12, 14

47. Memcache Postgres Slaves Postgres Master Nagios Graphite Jboss App Memcache

    Postgres Slaves Postgres Master Nagios Graphite ...this can happen automatically 44 Wednesday, March 12, 14

48. Nagios Graphite Nagios Graphite Memcache Postgres Slaves • Load balancer

    config • Nagios host ping • Nagios host ssh • Nagios host HTTP • Nagios host app health • Graphite CPU • Graphite Memory • Graphite Disk • Graphite SNMP • Memcache firewall • Postgres firewall • Postgres authZ config • 12+ resource changes for 1 node addition Count the Resources Jboss App 45 Wednesday, March 12, 14

49. Build Anything • Simple internal applications • Complex external applications

    • Workstations • Hadoop clusters • IaaS infrastructure • PaaS infrastructure • SaaS applications • Storage systems • You name it 46 http://www.flickr.com/photos/hyku/245010680/ Wednesday, March 12, 14

50. And Manage it Simply • Automatically reconfigure everything • Linux,

    Windows, Unixes, BSDs • Load balancers • Metrics collection systems • Monitoring systems • Cloud migrations become trivial • 47 http://www.flickr.com/photos/helico/404640681/ Wednesday, March 12, 14

51. Design Tenets of Chef • Whipuptitude - aptitude for whipping

    things up • Manipulexity - manipulation of complex things 48 Wednesday, March 12, 14

52. 49 Knife Wednesday, March 12, 14

53. Community • Apache 2.0 Licensed • 1500+ Individual Contributors •

    200+ Corporate Contributors • 1500+ Cookbooks 50 Wednesday, March 12, 14

54. More! • Testing • Workflow tools • Ask me anything!

    51 Wednesday, March 12, 14