Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Chef

Introduction to Chef

A brief introduction to Chef. Originally presented at the PING-Philly Meetup.

Nathen Harvey

March 12, 2014
Tweet

More Decks by Nathen Harvey

Other Decks in Technology

Transcript

  1. Nathen Harvey • Technical Community Manager at Opscode • Co-host

    of the Food Fight Show Podcast • @nathenharvey • [email protected] Wednesday, March 12, 14
  2. Who are you? • System administrator? • Developer? • Ruby

    Developer? • DevOp? 4 Wednesday, March 12, 14
  3. Who are you? • Which version control system do you

    use? •cp foo foo.bak •cp foo{,.`date +%Y%m%d%H%M`} 7 Wednesday, March 12, 14
  4. Who are you? • Which version control system do you

    use? •cp foo foo.bak •cp foo{,.`date +%Y%m%d%H%M`-`$USER`} 8 Wednesday, March 12, 14
  5. Policies 10 • Declarations about the state of thing in

    a system • applied repeatedly and repair the system when needed • often change Wednesday, March 12, 14
  6. Operations • Idempotent • can be applied an infinite number

    of times and yield the same result every time • Convergent • test state and repair if needed 11 Wednesday, March 12, 14
  7. Following Policy • A control loop keeps the system stable

    and allows for change when policy is updated 14 Wednesday, March 12, 14
  8. Policy Evolves 15 That's great and all, but tell me

    about Chef! Wednesday, March 12, 14
  9. What is Chef? • Open source framework for managing complexity

    • Infrastructure as code • a domain-specific language (DSL) for describing convergent operations • A community of professionals • A company 16 Wednesday, March 12, 14
  10. How does Chef work? • Ensure desired state by continually

    testing and repairing individual resources in the system • Compose policies using a series of abstractions 17 Wednesday, March 12, 14
  11. Desired Configuration Node Chef Server chef-client What policy should I

    follow? "recipe[ntp::client]" "recipe[users]" "role[webserver]" 19 Wednesday, March 12, 14
  12. Desired Configuration Chef Server chef-client What policy should I follow?

    "recipe[ntp::client]" "recipe[users]" "role[webserver]" 20 Wednesday, March 12, 14
  13. Recipes package "apache2" template "/etc/apache2/apache2.conf" do source "apache2.conf.erb" owner "root"

    group "root" mode "0644" variables(:allow_override => "All") notifies :reload, "service[apache2]" end 23 resource one resource two Wednesday, March 12, 14
  14. Recipes package "apache2" template "/etc/apache2/apache2.conf" do source "apache2.conf.erb" owner "root"

    group "root" mode "0644" variables(:allow_override => "All") notifies :reload, "service[apache2]" end service "apache2" do action [:enable,:start] supports :reload => true end 24 resource one resource two resource three Wednesday, March 12, 14
  15. Built-in Resources • package • template • service • cron

    • directory • mount • user • group • registry_key • remote_directory • route • ...and many more! 28 Wednesday, March 12, 14
  16. Managing Complexity • Organizations • Environments • Roles • Nodes

    • Recipes • Cookbooks • Search • Data 30 Wednesday, March 12, 14
  17. Search • Search for nodes with Roles • Find Topology

    Data • IP addresses • Hostnames • FQDNs http://www.flickr.com/photos/kathycsus/2686772625 36 Wednesday, March 12, 14
  18. Search for Nodes pool_members = search("node","role:webserver") template "/etc/haproxy/haproxy.cfg" do source

    "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]" end 37 Wednesday, March 12, 14
  19. Search for Nodes pool_members = search("node","role:webserver") template "/etc/haproxy/haproxy.cfg" do source

    "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]" end 38 Wednesday, March 12, 14
  20. Pass results into Templates # Set up application listeners here.

    listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> 39 Wednesday, March 12, 14
  21. Pass results into Templates # Set up application listeners here.

    listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> 40 Wednesday, March 12, 14
  22. # Set up application listeners here. listen application 0.0.0.0:80 balance

    roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%> <% if node["haproxy"]["enable_admin"] -%> listen admin 0.0.0.0:22002 mode http stats uri / <% end -%> Pass results into Templates 41 Wednesday, March 12, 14
  23. Memcache Postgres Slaves Postgres Master Nagios Graphite Jboss App Memcache

    Postgres Slaves Postgres Master Nagios Graphite ...this can happen automatically 44 Wednesday, March 12, 14
  24. Nagios Graphite Nagios Graphite Memcache Postgres Slaves • Load balancer

    config • Nagios host ping • Nagios host ssh • Nagios host HTTP • Nagios host app health • Graphite CPU • Graphite Memory • Graphite Disk • Graphite SNMP • Memcache firewall • Postgres firewall • Postgres authZ config • 12+ resource changes for 1 node addition Count the Resources Jboss App 45 Wednesday, March 12, 14
  25. Build Anything • Simple internal applications • Complex external applications

    • Workstations • Hadoop clusters • IaaS infrastructure • PaaS infrastructure • SaaS applications • Storage systems • You name it 46 http://www.flickr.com/photos/hyku/245010680/ Wednesday, March 12, 14
  26. And Manage it Simply • Automatically reconfigure everything • Linux,

    Windows, Unixes, BSDs • Load balancers • Metrics collection systems • Monitoring systems • Cloud migrations become trivial • 47 http://www.flickr.com/photos/helico/404640681/ Wednesday, March 12, 14
  27. Design Tenets of Chef • Whipuptitude - aptitude for whipping

    things up • Manipulexity - manipulation of complex things 48 Wednesday, March 12, 14
  28. Community • Apache 2.0 Licensed • 1500+ Individual Contributors •

    200+ Corporate Contributors • 1500+ Cookbooks 50 Wednesday, March 12, 14