Infrastructure as Code with Chef http://www.fotopedia.com/items/flickr-2572841582 

Jesse Dearing @JesseDearing Full Stack Developer 

No content

Front-end (HTML, JavaScript) App (Ruby) Data Models (Ruby) Database (PostgreSQL, MySQL) OS (Linux) I work in all these layers Infrastructure as Code and Chef live here 

I work for 

Dependency Resolution Time To understand Chef you have to understand Infrastructure as Code 

Dependency Resolution Time To understand you have to understand Infrastructure as Code Devops 

Dependency Resolution Time To understand you have to understand Devops writing and running software 

What is DevOps? 

Developers and Operations 

Developers and Operations X vs 

Fight! 

Developers ‣Write buggy code ‣Do not develop on systems that look like production ‣Builds features to throw over the wall ‣Think that understanding infrastructure is not their problem Operations ‣Stands in the way of deployments ‣Mostly reactive to issues as alerts are triggered ‣Rolls back code that works on my box™ ‣Think that understanding architecture is not their problem ‣Think that understanding architecture is not their problem ‣Think that understanding infrastructure is not their problem 

Developers Operations ‣Think that understanding architecture is not their problem ‣Think that understanding infrastructure is not their problem 

No content

DevOps is about breaking down silos Code inventory (software not deployed to production) has no business value Only shipped code has value Devs and Ops are responsible for shipping Give and take: devs take the pager to assist with software issues and ops codifies processes Dev and Ops need to speak a common language 

Infrastructure as Code 

Infrastructure is composed of ๏CPU ๏Memory ๏Network ๏Disks ๏Remote Storage ๏Virtual Machines ๏Policy Configuration ๏Firewalls ๏Services 

Infrastructure is composed of ๏CPU ๏Memory ๏Network ๏Disks ๏Remote Storage ๏Virtual Machines ๏Policy Configuration ๏Firewalls ๏Services CODE Resources 

So I just commit all my shell scripts? ಠ_ಠ 

Shell scripts always need tweaking You can’t run shell scripts against a given criteria of servers Shell scripts take a lot of work to make idempotent There is a better way! 

Introducing Chef 

3 ways of using Chef Chef Solo Chef Server Hosted Chef 

3 ways of using Chef Chef Solo Chef Server Hosted Chef 

Chef Solo Write resources Recipes, Data Bags, Roles 

Chef Solo Write resources Execute them Recipes, Data Bags, Roles Chef-solo 

Chef Solo Write resources Execute them Installs packages, creates files, etc. Recipes, Data Bags, Roles Chef-solo Updates system state 

Chef Solo Write resources Execute them Installs packages, creates files, etc. Recipes, Data Bags, Roles Chef-solo Updates system state Meh. 

Only slight improvement over shell scripts But it’s great for testing your Chef scripts before uploading them to the server 

3 ways of using Chef Chef Solo Chef Server Hosted Chef 

Node that polls with chef-client chef-server Polls server periodically for run list or data changes 

Node that polls with chef-client chef-server Also sends back metadata about the node using Ohai 

Node that polls with chef-client chef-server Also sends back metadata about the node using Ohai My laptop Modify recipes, search nodes, change variables 

Ohai Gathers metadata from the node to send back to Chef server •Installed languages •CPU •Kernel version •Settings •IP Address •Users •Groups (Oh, hi) 

3 ways of using Chef Chef Solo Chef Server Hosted Chef 

OpsCode runs your chef-server 

user "foobar" file "/etc/service.conf" do mode '0640' owner 'foobar' end package "nginx" execute "/usr/bin/somecommand" Recipe Example 

Recipes can be shared and committed to source control 

No content

Configuration is stored on the Chef server API keys, passwords, environment/role/instance specific data 

Let’s see how the MySQL recipe sets the root password 

Chef’s best friend: He’s a Vagrant 

Defines VirtualBox VMs Creates using CLI Forwards ports Tears down VMs 

No content

Questions? 

Thanks!