cooking infrastructure with chef

Transcript

1. cooking infrastructure
   with chef
   ruby for scotland 2013, mathias meyer, @roidrage
   

   View Slide

2. travis-ci.org
   

   View Slide

3. View Slide

4. in the beginning...
   

   View Slide

5. manual steps
   

   View Slide

6. useradd -h /var/www deploy
   

   View Slide

7. apt-get install nginx
   vi /etc/nginx/nginx.conf
   mkdir /var/www/travis-ci.org
   cp ~/ssl.cert /etc/nginx/
   service nginx reload
   

   View Slide

8. apt-get install mysql-server
   vi /etc/mysql/my.cnf
   service mysql-server restart
   mkdir /var/www/travis-ci.org/shared
   vi /var/www/travis-ci.org/shared/database.yml
   

   View Slide

9. cp /tmp/id_rsa ~/.ssh/id_rsa
   chmod 600 ~/.ssh/id_rsa
   git clone [email protected]:travis-ci/travis-ci.git
   

   View Slide

10. artisanal shell scripts
    

    View Slide

11. every installation
    howto ever
    

    View Slide

12. View Slide

13. infrastructure grows
    

    View Slide

14. infrastructure
    changes
    

    View Slide

15. teams grow and
    change
    

    View Slide

16. automation
    

    View Slide

17. chef
    

    View Slide

18. View Slide

19. chef lingo
    

    View Slide

20. bork
    nodes
    attributes
    resources
    providers
    recipes
    cookbooks
    

    View Slide

21. nodes
    

    View Slide

22. attributes
    

    View Slide

23. default[:nginx][:version] = '1.1.19-1'
    default[:users] = [{
    id: 1001,
    username: 'deploy',
    home: '/var/www',
    shell: '/bin/zsh'
    }]
    

    View Slide

24. resources
    

    View Slide

25. package "nginx" do
    version "1.1.19-1"
    action :install
    end
    

    View Slide

26. package "nginx" do
    version node[:nginx][:version]
    action :install
    end
    

    View Slide

27. user 'deploy' do
    id 1001
    shell '/bin/zsh'
    home '/var/www'
    end
    

    View Slide

28. default[:users] = [{
    id: 1001,
    username: 'deploy',
    home: '/var/www',
    shell: '/bin/zsh'
    }]
    

    View Slide

29. node[:users].each do |user|
    user user[:login] do
    uid user[:id]
    shell user[:shell]
    home user[:home]
    end
    end
    

    View Slide

30. it's all ruby
    

    View Slide

31. providers
    

    View Slide

32. directories
    

    View Slide

33. directory node[:nginx][:www_root] do
    action :create
    recursive true
    end
    

    View Slide

34. configuration files
    

    View Slide

35. template "/etc/nginx/sites-available/travis-ci.org" do
    source "travis-ci.org.erb"
    owner "www-data"
    group "www-data"
    mode "0644"
    end
    

    View Slide

36. template "/etc/nginx/sites-available/travis-ci.org" do
    source "travis-ci.org.erb"
    owner "www-data"
    group "www-data"
    mode "0644"
    end
    

    View Slide

37. default[:nginx][:sites_available] =
    '/etc/nginx/sites-available'
    default[:nginx][:sites_enabled] =
    '/etc/nginx/sites-enabled'
    default[:nginx][:site_config] =
    "#{node[:nginx][:sites_available]}/" +
    "#{node[:nginx][:host_name]}"
    

    View Slide

38. template node[:nginx][:site_config] do
    source "travis-ci.org.erb"
    owner "www-data"
    group "www-data"
    mode "0644"
    end
    

    View Slide

39. services
    

    View Slide

40. service "nginx" do
    supports reload: true, restart: true
    action :start
    end
    

    View Slide

41. template node[:nginx][:site_config] do
    source "travis-ci.org.erb"
    owner "www-data"
    group "www-data"
    mode "0644"
    notifies :reload, 'service[nginx]'
    end
    

    View Slide

42. customizing
    templates
    

    View Slide

43. server {
    listen 80;
    server_name <%= @host_name %>;
    root <%= @www_root %>;
    location / {
    index index.html
    }
    }
    

    View Slide

44. template "/etc/nginx/sites-available/travis-ci.org" do
    source "travis-ci.org.erb"
    notifies :reload, 'service[nginx]'
    variables www_root: node[:nginx][:www_root],
    host_name: node[:nginx][:host_name]
    end
    

    View Slide

45. default[:nginx][:www_root] = '/var/www/travis-ci.org'
    default[:nginx][:host_name] = 'travis-ci.org'
    

    View Slide

46. link "#{node[:nginx][:sites_enabled]}/" +
    node[:nginx][:host_name] do
    to node[:nginx][:sites_config]
    owner "www-data"
    group "www-data"
    end
    

    View Slide

47. recipes
    

    View Slide

48. package "nginx" do
    ...
    end
    template "/etc/nginx/sites-available/travis-ci.org" do
    ...
    end
    service "nginx" do
    ...
    end
    

    View Slide

49. cookbooks
    

    View Slide

50. View Slide

51. simplest chef that could possibly work
    

    View Slide

52. chef mantras
    

    View Slide

53. order of execution
    

    View Slide

54. idempodence
    

    View Slide

55. chef is hard
    

    View Slide

56. infrastructure is hard
    

    View Slide

57. infrastructure
    automation
    

    View Slide

58. big upfront effort
    

    View Slide

59. plan to throw 1000
    servers away
    

    View Slide

60. quantifyable benefits?
    

    View Slide

61. how is this better
    than shell scripts?
    

    View Slide

62. common language
    for infrastructure
    automation
    

    View Slide

63. mttns*
    mean time to new server
    

    View Slide

64. mttr
    

    View Slide

65. orchestration
    

    View Slide

66. chef solo
    

    View Slide

67. opsworks
    

    View Slide

68. chef server
    

    View Slide

69. chef server stores
    cookbooks
    environments
    nodes
    data
    roles
    

    View Slide

70. roles
    www
    rails
    mysql-master
    mysql-slave
    

    View Slide

71. environments
    staging
    production
    testing
    

    View Slide

72. automate your
    servers
    

    View Slide

73. automate your laptop
    

    View Slide

74. learnchef.com
    

    View Slide

75. View Slide

76. github.com/roidrage/scotrubyconf2013
    

    View Slide