diff puppet chef Ruby Tuesday #23 

Speakers Ash Wu Vincent about.me/hSATAC about.me/v1nc3ntlaw 

DevOps ● DevOps => Bridge and oil between developers and operators. ● Developer => Code ● Operator => Infrastructure ● Infrastructure as Code 

Infrastructure as Code ● Automation ● Configuration as document ● Configuration as code ● Better reuse ● Versioning ● Testing ● Continuous Integration 

Puppet ● Open source ● Written in Ruby ● Has its own DSL ● You define the desired states (What does it look like) ● Puppet will do the rest (How should it be done) ● Used by Wikimedia, Rackspace, Zynga, Github, Google, Oracle... 

Masterless Puppet ● Define ● Simulate ● Enforce ● Report 

Master-Agent Puppet ● Send facts ● Compile ● Query ● Enforce ● Report 

Resource ● File ● User ● Group ● Package ● Service ● Mount ● Cron ● ...... http://docs.puppetlabs.com/references/latest/type.html 

Dependencies ● Code order != Execute order ● Before / Require ● Notify / Subscribe ● Chaining Ex: Package -> File ~> Service ● Autorequire ● Puppet is smart enough so solve some dependencies for you. Ex: file and parent folder, user and ssh-key ● Stage 

Puppet DSL ● Variables, Conditions, Facts ● Modules, Classes ● Templates ● Puppet > 2.6.x manifests can be written in Ruby https://puppetlabs.com/blog/ruby-dsl/ 

Puppet Community ● Modules, Classes ● Puppet Forge http://forge.puppetlabs.com/ ● Most of them are for debian/ubuntu/centos ● `puppet module install puppetlabs-apache` install, list, search, uninstall, upgrade ● Contribute please 

Enterprise Puppet ● Not a service ● Charges by node number (Free < 10 nodes) Node number detect from cert sign ● Whole package installer ● Web GUI ● Support ● https://puppetlabs.com/puppet/enterprise-vs-open- source/ ● https://puppetlabs.com/puppet/whats-new/ 

Puppet Testing ● Syntax check - Puppet-lint http://puppet-lint.com/ ● Unit test - rspec-puppet http://rspec-puppet.com/ ● Multiple OS test - Puppet Playground https://github.com/example42/puppet-playground ● Fizzgig - Fast puppet unit tests https://github.com/philandstuff/fizzgig 

Puppet Testing Articles ● https://puppetlabs.com/blog/testing-puppet-code-in-the- puppet-playground/ ● https://puppetlabs.com/blog/test-driven-development- with-puppet/ ● http://puppetlabs.com/blog/verifying-puppet-checking- syntax-and-writing-automated-tests/ 

Puppet File Server ● Puppet masters built-in ● `puppet://{server}/{mount}/{path}` ● `puppet:///modules/test_module/testfile.txt` => /etc/puppet/modules/test_module/files/testfile.txt ● Custom mount point allow /hostname/ allow cidr default deny * http://docs.puppetlabs.com/guides/file_serving.html 

Chef Intro ● Opscode, Inc. ● Just Enough Ruby for Chef ○ http://docs.opscode.com/just_enough_ruby_for_chef.html ● Chef 10 => 11 Server ○ Released at 2013 Feb. Rewrite of the core API server in Erlang, which call Erchef. Migrated the WebUI from merb to Rails 3. 

http://docs.opscode.com/chef_overview.html 

Workstation ● knife ○ Command tool helps user manage Chef. ● knife-ec2 ○ Plugin extend knife subcommand ec2 manage AWS EC2 servers. ● knife-github-cookbooks ○ Plugin extend knife subcommand github download cookbooks from github repository. ○ $ knife cookbook github install USER/REPO http://docs.opscode.com/knife.html 

Resource Resource ● Package ● User ● Cron ● Git ● Script ● Ruby ● more... Provider ● Chef::Provider::Package::Apt ● Chef::Provider::Package::Yum package "tar" do Chef::Provider::Package::Yum action :install end http://docs.opscode.com/resource.html 

Cookbook Logic about install and configure packages. ● Attributes ● Files ● Recipes ● Templates 

Files ● cookbook_file ○ copying files from a cookbook ● remote_file ○ transferring files from remote locations 

Data Bags ● Store data in a JSON file. user02.json ○ { "id": "user02", "uid": "1002", "gid": "1002", "public_key": "ssh-rsa ABCDE..." } ● Encrypt / Decrypt ○ Store sensitive information 

Opscode Community http://community.opscode.com/ ● Opscode maintains cookbooks ● Community authored cookbooks ● $ knife cookbook site install apache2 

Chef Server ● Opscode Hosted Chef Server ○ 5 Nodes Free ● Install Chef Server ○ Ubuntu (deb) ○ Enterprise Linux (rpm) ● AWS OpsWorks Richard Lee - Polydice, Inc. Does OpsWorks Work? ○ https://speakerdeck.com/dlackty/does-opsworks-work 

Chef Solo ● Run provision locally without Chef Server. ● chef-solo is a limited-functionality version ● chef-solo + capistrano ○ https://github.com/doitian/chef-solo-repo http://docs.opscode.com/chef_solo.html 

Chef TEST ● cucumber-chef ● chefspec ○ RSpec for chef cookbooks ● foodcritic ○ Lint tool ● test-kitchen ○ Framework for running integration tests in an isolated environment ● minitest-chef-handler ○ Run minitest after your Chef recipes to check the system status 

diff puppet chef Puppet Chef Coding Style DSL / Ruby DSL Ruby File Server Puppet File Server No Encrypted Data Bag No (*hiera-gpg) Yes Community Puppet Forge Opscode Community Dependencie s Yes No (Code Order) Commercial License / Per Node Hosted Service * http://www.craigdunn.org/2011/10/secret-variables-in-puppet-with-hiera-and-gpg/ 

Vagrant ● VirtualBox, VMware, AWS ● Shell Scripts, Chef, or Puppet ● ihower 2013 OSDC.TW A brief introduction to Vagrant – 原來 VirtualBox 可以這樣玩 ○ http://www.slideshare.net/ihower/vagrant-osdc 

Other Resources ● http://blog.hsatac.net ● http://devops.tw (@devopstw) 

Q & A