Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Mind the Gap

Avatar for Robb Kidd Robb Kidd
April 17, 2014
0
160

Mind the Gap

Deploying an on-premises, multi-node product with chef on networks you don't control.
Avatar for Robb Kidd

Robb Kidd

April 17, 2014
Tweet

Featured

See All Featured
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
133
9.3k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
667
120k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
227
22k
Distributed Sagas: A Protocol for Coordinating Microservices
Avatar for Caitie McCaffrey caitiem20
331
21k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
14
1.5k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
41
2.3k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
54
5.5k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
172
14k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
68
11k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
69
4.6k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.3k

Transcript

  1. None

  2. Deploying in Unforgiving Environments (Control Your Dependencies) (the network is

    a dependency)

  3. /(robbkidd)/ twitter.com/$1 github.com/$1

  4. None

  5. History

  6. Configker

  7. Chef-Server

  8. Chef-Solo

  9. Patterns for Getting Stuff on Your Servers

  10. remote_file

  11. The Essential remote_file remote_file "/opt/sauce/sauce_#{node[:sauce][:version]}.tgz" do source "#{node[:sauce][:url]}/awesome_sauce_#{node[:sauce][:version]}.tgz" end

  12. Better: Give It a Checksum remote_file "/opt/sauce/sauce_#{node[:sauce][:version]}.tgz" do source "#{node[:sauce][:url]}/awesome_sauce_#{node[:sauce][:version]}.tgz"

    * checksum node[:sauce][:checksum] end

  13. Ever Better: Put It in the Chef Cache # v-------------------------------v

    * remote_file "#{Chef::Config[:file_cache_path]}/sauce_#{node[:sauce][:version]}.tgz" do source "#{node[:sauce][:url]}/awesome_sauce_#{node[:sauce][:version]}.tgz" checksum node[:sauce][:checksum] end

  14. packaging

  15. fpm

  16. Example Packaging Step fpm -s dir \ -t deb \

    --name awesome_sauce \ --version "$(shell git describe --always --tag)" \ --before-install ./etc/preinst.sh \ --deb-upstart ./etc/saucy \ --config-files /etc/saucy.yml \ ./bin/saucy=/usr/bin/ \ saucy.yml.sample=/etc/saucy/

  17. shelling out

  18. None

  19. RVM 4 custom RVM install ahead of chef-rvm 4 install

    RVM via tarball according to the offline steps 4 rvm mount ruby-version.tgz 4 carry on with our uses of chev-rvm 4 rvm-shell mostly
  20. None
  21. None

  22. python's default.rb include_recipe "python::#{node['python']['install_method']}" include_recipe "python::pip" include_recipe "python::virtualenv"

  23. python_shim.rb %w(python-pip python-virtualenv).each do |pkg| package pkg do action :install

    end end link "/usr/local/bin/pip" do to "/usr/bin/pip" end directory "/root/.pip/" file "/root/.pip/pip.conf" do content "[global]\ntimeout = 1\n" end

  24. Getting Stuff on Your Servers (Review) 4 remote_file 4 packages

    4 shelling out :(

  25. A Tale of Three Caches

  26. Library Cache

  27. bundle package (for ruby peeps)

  28. Package Cache

  29. None

  30. apt-cacher-ng

  31. Chef Cache

  32. vagrant-cachier

  33. monkeypatch

  34. class ::Chef class Provider class RemoteFile class Content < Chef::FileContentManagement::ContentBase

    private def current_resource_matches_target_checksum? ::Chef::Log.info("Airgapped - skipping content checksum for #{@new_resource}") true end end end end end

  35. Mo' Better? (things I haven't got working yet)

  36. chef-client --local-mode

  37. Shim Cookbook AntiPattern?

  38. no 3rd party cookbooks?

  39. omnibus packages?

  40. containers?

  41. Shoulders of Giants Mark Olson - Lookingglass Eric Sproul -

    Circonus

  42. Review 4 history 4 recipe patterns 4 caching tricks 4

    future possibilities

  43. Payoff 4 works without access to network resources 4 chef

    convergence is faster! 4 chef convergence is predictable!

  44. 4 Mind the Gap photo by Clicsouris 4 Vagrant -

    Mitchell Hashimoto/Hashicorp 4 vagrant-cachier - Fabio Rehm 4 fpm - Jordan Sissell 4 knife-solo - Mat Schaffer