Automate your server configuration with Chef Jeremy Olliver @static_storm 

Why? ● Sooner or later, you will need to repeat or change the setup ● If you have to document it, make it an executable one ● Faster to setup additional servers ● Share knowledge (or at least make it portable) 

What is chef? ● chef is a configuration management system ● define snippets of configuration as cookbooks ● chef-client pulls down what changes to make and runs them ● chef-server is a merb rest web app backed by solr, couchdb 

Chef Concepts ● Cookbook - the actual ruby code that determines how to install/configure something ● Node - each server you are configuring is a node ● Role - A collection of cookbooks to run, may override attributes ● environment - Similar to Role, though every node belongs to one environment. 

Cookbooks ● community hosted cookbooks are online at: http://community.opscode.com/cookbooks/ rubygems.org of cookbooks ● mostly good, but always read before using them. ● install off github easily ● create your own 

knife ● knife is the command line tool for interacting via the api ● Each component is uploaded through knife ● knife cookbook upload [--freeze] ● knife environment|role from file ● create cookbooks, integrate with cloud services ● some rake tasks to simplify uploading everything 

Bootstrapping & Auth ● Uses a master ssh key validation.pem to authenticate clients ● knife has a bootstrap script which over ssh does: ● install chef client, copies the validation.pem across ● validates a new client key with validation.pem ● triggers the first chef-client run ● bootstrap -x user -E ‘staging’ -r ‘role [ruby_app]’ --sudo 

Anatomy of a chef run ● client connects to server, authenticating with pub key ● checks run_list, downloads required cookbooks ● compliation phase, defines resources, sets attributes ● execution phase, resources are executed 

Attributes precedence order ● automatic (what chef detects), override, normal, default ● set via: cookbooks, environments, roles, nodes default attributes applied in an attributes file default attributes applied in an environment default attributes applied in a role default attributes applied on a node directly in a recipe normal or set attributes applied in an attributes file normal or set attributes applied on a node directly in a recipe override attributes applied in an attributes file override attributes applied in a role override attributes applied in an environment override attributes applied on a node directly in a recipe automatic attributes generated by Ohai 

Resource Types ● File: copies a file ● Template: Creates a file from an ERB template ● directory, user, service ● can notify other resources (restart when config file changed) ● create custom ones via resources/providers 

Creating cookbooks ● Creating things specific to your application will require a cookbook (cookbooks are the only dynamic code) ● knife cookbook create ● Specify dependencies and version number in metadata.rb ● recipes/default.rb is the bare minimum you need ● most simple cookbooks will just need recipes, attributes, and maybe files/templates 

Knife plugins ● knife-spork (version management through environments) ● knife-essentials ● librarian (bundler for cookbooks) ● foodcritic (best practice guides for writing cookbooks) 

Chef good practice ● Version your cookbooks, specify versions in environments ● Specify cookbook sources (librarian or Berkfile) ● keep chef-client running periodically (chef-client cookbook) ● avoid automatic (set/stored) attributes unless necessary ● keep a balance between composability and unversioned roles ● Freeze cookbook versions, and use VM’s to test (vagrant) 

Resources ● http://community.opscode.com/cookbooks/ ● http://wiki.opscode.com/display/chef ● irc.freenode.net #chef 

Automate your server configuration with Chef Jeremy Olliver @static_storm