Chef and the Microsoft Ecosystem, Engineering Update 2019

Transcript

1. #cfgmgmtcamp @stuartpreston Chef and the Microsoft Ecosystem Engineering Update Stuart

   Preston Principal Engineer at Chef Software Microsoft Azure MVP [email protected]

2. #cfgmgmtcamp @stuartpreston Agenda • What is the Microsoft Ecosystem at

   Chef? • Look back at 2018 • Predictions for 2019 • Ask me anything!

3. #cfgmgmtcamp @stuartpreston 2019 Community Update by the numbers 2019 #azure

   154 members #windows 511 members #general 6094 members Thank you to all our awesome contributors!

4. #cfgmgmtcamp @stuartpreston Chef Portfolio PARTNER ECOSYSTEM Open Source (please contribute!)

   Commercial (please pay us!) Infrastructure Automation Compliance Automation Application Automation

5. #cfgmgmtcamp @stuartpreston WINDOWS AZURE AZURE DEVOPS (formerly Visual Studio Team

   Services - VSTS) Microsoft Ecosystem

6. #cfgmgmtcamp @stuartpreston Chef Cookbooks for Windows CHOCOLATEY POWERSHELL WINDOWS IIS/ASP.NET

   Traditional Configuration Management Application Automation

7. #cfgmgmtcamp @stuartpreston Chef Cookbooks for Windows CHOCOLATEY POWERSHELL WINDOWS Traditional

   Configuration Management Application Automation

8. #cfgmgmtcamp @stuartpreston 0 (zero)

9. #cfgmgmtcamp @stuartpreston Chef on Windows - "batteries included" CHOCOLATEY POWERSHELL

   WINDOWS powershell_script dsc_script/dsc_resource windows_* resources

10. #cfgmgmtcamp @stuartpreston Chef 14 - Windows resources added 14.3 chocolatey_config

    chocolatey_source powershell_package_source 14.5 windows_workgroup 14.7 windows_firewall_rule windows_share windows_certificate 14.0 windows_ad_join windows_auto_run windows_feature windows_feature_dism windows_feature_powershell windows_font windows_printer windows_printer_port windows_shortcut

11. #cfgmgmtcamp @stuartpreston Chef 15 - additional Windows resources - UAC

    https://supermarket.chef.io/cookbooks/windows_uac windows_uac 'Disable UAC prompts for the admin' do enable_uac true prompt_on_secure_desktop false consent_behavior_admins :no_prompt end

12. #cfgmgmtcamp @stuartpreston Chef 15 - additional Windows resources - DNS

    https://supermarket.chef.io/cookbooks/windows_dns windows_dns_zone 'chef.local' do server_type 'standalone' end windows_dns_record 'chef-server' do record_type 'cname' zone 'chef.local' target 'web01.chef.local' end

13. #cfgmgmtcamp @stuartpreston Chef 15 - additional Windows resources - DFS

    https://supermarket.chef.io/cookbooks/windows_dfs windows_dfs_namespace 'prodshare' do description 'Used to easily access shares on other servers' action :install full_users 'localhost\\users' end windows_dfs_folder "Some\\Nested\\Path" do description "Link to MyServer share MyShare" namespace_name 'prodshare' target_path "\\\\server\\target_share\\Some\\Nested\\Path" action :install end

14. #cfgmgmtcamp @stuartpreston powershell_out vs powershell_exec mixin powershell_out("Get-Service -Name wuauserv").stdout

15. #cfgmgmtcamp @stuartpreston powershell_out vs powershell_exec mixin powershell_out("Get-Service -Name wuauserv").stdout =>

    "\r\nStatus Name DisplayName \r\n------ ---- ----------- \r\nRunning wuauserv Windows Update \r\n\r\n\r\n"

16. #cfgmgmtcamp @stuartpreston powershell_out vs powershell_exec mixin powershell_exec \ ("Get-Service -Name

    wuauserv").result["DisplayName"]

17. #cfgmgmtcamp @stuartpreston powershell_out vs powershell_exec mixin powershell_exec \ ("Get-Service -Name

    wuauserv").result["DisplayName"] => "Windows Update"

18. #cfgmgmtcamp @stuartpreston Other notable Chef additions you may have missed

    • Resources can have descriptions and additional metadata (e.g. mark as deprecated) • chef-resource-inspector helps show actions and properties without leaving the CLI

19. #cfgmgmtcamp @stuartpreston Chef Workstation Business Value Revenue Growth Velocity Agility,

    Speed, Efficiency, Safety Infrastructure Automation Compliance Automation Application Automation FOUNDATIONAL CAPABILITIES AD-HOC Standardization leads to initial cost reductions and delivery success REPEATABLE Service delivery team productivity increases MANAGED Customer-focused innovation delivered continuously OPTIMIZED Delivering sustainable competitive advantage Achieving Continuous Automation Idea Ship CHEF WORKSTATION

20. #cfgmgmtcamp @stuartpreston Converting Chef resources to chef-run parameters chocolatey_package 'notepad2'

    do action :install end becomes chef-run winrm://[email protected] --password password \ chocolatey_package notepad2

21. #cfgmgmtcamp @stuartpreston Azure Cloud Shell • Container running inside Azure

    Container Instances • Access via Azure Portal or via dedicated site https://shell.azure.com • Pre-loaded with tools required to administer and deploy within the Azure environment

22. #cfgmgmtcamp @stuartpreston Chef run triggers a remote Chef Client $

    chef-run ssh://[email protected] user workshop action=create -i ~/.ssh/id_rsa

23. #cfgmgmtcamp @stuartpreston Chef commands available on Azure Cloud Shell

24. #cfgmgmtcamp @stuartpreston Visual Studio Code on Azure

25. #cfgmgmtcamp @stuartpreston InSpec on Azure - github.com/inspec/inspec-azure "This InSpec resource

    pack uses the Azure REST API and provides the required resources to write tests for resources in Azure."

26. #cfgmgmtcamp @stuartpreston InSpec on Azure - github.com/inspec/inspec-azure control 'azurerm_virtual_machine' do

    describe azurerm_virtual_machine(resource_group: 'MyResourceGroup', name: 'prod-web-01') do it { should exist } it { should have_monitoring_agent_installed } it { should_not have_endpoint_protection_installed([]) } it { should have_only_approved_extensions(['MicrosoftMonitoringAgent']) } its('installed_extensions_types') { should include('MicrosoftMonitoringAgent') } end end

27. #cfgmgmtcamp @stuartpreston Other predictions for 2019 • No more Windows

    7/2008 (yay!) • No more 32 bit installations (please!) • Policyfile workflow gaining on Chef Server workflow and move into Habitat • PowerShell Core 6 support (think: powershell_script on Linux) • The end of the Windows cookbook? Expect more announcements between now and ChefConf (May 20-23, Seattle)

28. #cfgmgmtcamp @stuartpreston Thanks! Ask me anything! Chef and the Microsoft

    Ecosystem, Engineering Update

29. https://chefconf.chef.io $695 Early Bird pricing ($300 discount) ends 28 February,

    2019!