cooking infrastructure with chef

Transcript

1. cooking infrastructure with chef ruby for scotland 2013, mathias meyer,

   @roidrage

2. travis-ci.org

3. None

4. in the beginning...

5. manual steps

6. useradd -h /var/www deploy

7. apt-get install nginx vi /etc/nginx/nginx.conf mkdir /var/www/travis-ci.org cp ~/ssl.cert /etc/nginx/

   service nginx reload

8. apt-get install mysql-server vi /etc/mysql/my.cnf service mysql-server restart mkdir /var/www/travis-ci.org/shared

   vi /var/www/travis-ci.org/shared/database.yml

9. cp /tmp/id_rsa ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa git clone [email protected]:travis-ci/travis-ci.git

10. artisanal shell scripts

11. every installation howto ever

12. None

13. infrastructure grows

14. infrastructure changes

15. teams grow and change

16. automation

17. chef

18. None

19. chef lingo

20. bork nodes attributes resources providers recipes cookbooks

21. nodes

22. attributes

23. default[:nginx][:version] = '1.1.19-1' default[:users] = [{ id: 1001, username: 'deploy',

    home: '/var/www', shell: '/bin/zsh' }]

24. resources

25. package "nginx" do version "1.1.19-1" action :install end

26. package "nginx" do version node[:nginx][:version] action :install end

27. user 'deploy' do id 1001 shell '/bin/zsh' home '/var/www' end

28. default[:users] = [{ id: 1001, username: 'deploy', home: '/var/www', shell:

    '/bin/zsh' }]

29. node[:users].each do |user| user user[:login] do uid user[:id] shell user[:shell]

    home user[:home] end end

30. it's all ruby

31. providers

32. directories

33. directory node[:nginx][:www_root] do action :create recursive true end

34. configuration files

35. template "/etc/nginx/sites-available/travis-ci.org" do source "travis-ci.org.erb" owner "www-data" group "www-data" mode

    "0644" end

36. template "/etc/nginx/sites-available/travis-ci.org" do source "travis-ci.org.erb" owner "www-data" group "www-data" mode

    "0644" end

37. default[:nginx][:sites_available] = '/etc/nginx/sites-available' default[:nginx][:sites_enabled] = '/etc/nginx/sites-enabled' default[:nginx][:site_config] = "#{node[:nginx][:sites_available]}/" +

    "#{node[:nginx][:host_name]}"

38. template node[:nginx][:site_config] do source "travis-ci.org.erb" owner "www-data" group "www-data" mode

    "0644" end

39. services

40. service "nginx" do supports reload: true, restart: true action :start

    end

41. template node[:nginx][:site_config] do source "travis-ci.org.erb" owner "www-data" group "www-data" mode

    "0644" notifies :reload, 'service[nginx]' end

42. customizing templates

43. server { listen 80; server_name <%= @host_name %>; root <%=

    @www_root %>; location / { index index.html } }

44. template "/etc/nginx/sites-available/travis-ci.org" do source "travis-ci.org.erb" notifies :reload, 'service[nginx]' variables www_root:

    node[:nginx][:www_root], host_name: node[:nginx][:host_name] end

45. default[:nginx][:www_root] = '/var/www/travis-ci.org' default[:nginx][:host_name] = 'travis-ci.org'

46. link "#{node[:nginx][:sites_enabled]}/" + node[:nginx][:host_name] do to node[:nginx][:sites_config] owner "www-data" group

    "www-data" end

47. recipes

48. package "nginx" do ... end template "/etc/nginx/sites-available/travis-ci.org" do ... end

    service "nginx" do ... end

49. cookbooks

50. None

51. simplest chef that could possibly work

52. chef mantras

53. order of execution

54. idempodence

55. chef is hard

56. infrastructure is hard

57. infrastructure automation

58. big upfront effort

59. plan to throw 1000 servers away

60. quantifyable benefits?

61. how is this better than shell scripts?

62. common language for infrastructure automation

63. mttns* mean time to new server

64. mttr

65. orchestration

66. chef solo

67. opsworks

68. chef server

69. chef server stores cookbooks environments nodes data roles

70. roles www rails mysql-master mysql-slave

71. environments staging production testing

72. automate your servers

73. automate your laptop

74. learnchef.com

75. None

76. github.com/roidrage/scotrubyconf2013