Chef + Environments = Safer Infrastructure

Transcript

1. chef + environments safer infrastructure

2. t f g sethvargo

3. what’s an environment?

4. None
5. None
6. None
7. None

8. { "name" : "production", "description" : "Production cluster in EC2",

   "override_attributes" : { ... }, "default_attributes" : { ... } }

9. target specific environments

10. $ knife search node "chef_environment:production"

11. $ knife ssh "chef_environment:production" "reboot"

12. default_attributes override_attributes cookbook_versions chef_type name description

13. default_attributes override_attributes cookbook_versions chef_type name description

14. lock cookbooks in production

15. { "name" : "production", "description" : "Production cluster in EC2",

    "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... } }

16. “lock” cookbooks in staging

17. { "name" : "staging", "description" : "Production cluster in EC2",

    "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... } }

18. unlock cookbooks in development

19. { "name" : "development", "description" : "Production cluster in EC2",

    "cookbook_versions" : { ... }, "override_attributes" : { ... }, "default_attributes" : { ... } }

20. updating a cookbook

21. 1. test in development

22. 2. promote in staging

23. { "name" : "staging", "description" : "Production cluster in EC2",

    "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... } }

24. { "name" : "staging", "description" : "Production cluster in EC2",

    "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... } }

25. { "name" : "staging", "description" : "Production cluster in EC2",

    "cookbook_versions" : { "passenger_apache2" : "1.1.0" // major version bump }, "override_attributes" : { ... }, "default_attributes" : { ... } }

26. $ knife dwim environments/staging.json 1 knife-dwim: https://github.com/mpasternacki/knife-dwim

27. 3. verify in staging

28. 4. promote in production

29. None

30. 1. run around screaming

31. 2. demote in production

32. 3. dance (optional)

33. None

34. scenario: updating passenger

35. default_attributes override_attributes cookbook_versions chef_type name description

36. default_attributes override_attributes cookbook_versions chef_type name description

37. { "name" : "production", "description" : "Production cluster in EC2",

    "override_attributes" : { "passenger" : { "version" : "2.1.4" } }, }

38. 1. test in development

39. 2. promote in staging

40. { "name" : "production", "description" : "Production cluster in EC2",

    "override_attributes" : { "passenger" : { "version" : "2.1.4" } }, }

41. { "name" : "production", "description" : "Production cluster in EC2",

    "override_attributes" : { "passenger" : { "version" : "2.1.4" } }, }

42. { "name" : "production", "description" : "Production cluster in EC2",

    "override_attributes" : { "passenger" : { "version" : "3.0.18" // major version bump } }, }

43. $ knife dwim environments/staging.json 1 knife-dwim: https://github.com/mpasternacki/knife-dwim

44. 3. verify in staging

45. 4. promote in production

46. chef + environments safer infrastructure

47. t f g sethvargo