8. Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is required in order for chef
to know which recipes to run and with which
attributes to run them
9. Basic Chef Architecture
- Executes various "recipes" which configure
your system in the desired way
- A node definition is required in order for chef
to know which recipes to run and with which
attributes to run them
- Allows you to decide what and how
components are configured using attributes,
environment definitions and node definitions.
11. Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-client connects and gets given the
relevant cookbooks and attributes from chef-
server and executes them
12. Basic Chef Architecture
Server/client:
- chef-server stores all your cookbooks,
environments, roles and nodes
- chef-client connects and gets given the
relevant cookbooks and attributes from chef-
server and executes them
You can run your own server or use the
opscode hosted chef (for a fee)
15. Basic Chef Architecture
Chef-solo:
- Standalone, doesn't connect to a server
- Uses static cookbooks and nodes on the local
filesystem
- Unable to perform searches (because nodes
are stand-alone with no central directory)
16. Cookbook
From the wiki:
A cookbook is the fundamental unit of
configuration and policy distribution in Chef.
Each cookbook defines a scenario, such as
everything needed to install and configure
MySQL, and then it contains all of the
components that are required to support that
scenario.
23. Knife
Knife is a command-line tool that provides an
interface between a local Chef repository and
the Chef Server.
Examples:
knife cookbook upload apache2
knife node edit web1.mycorp.com
knife list clients
knife search node 'role:web' -a fqdn
24. Upload all of this to the chef-server
$ knife cookbook upload ntp -o cookbooks/
$ knife role from file roles/ntp.rb
$ knife environment from file environment/cluster01.rb
25. Data bags
- global variable
- stored in JSON
- accessible from the chef server
- can be searched
- can also be encrypted
For example: to store all your users
28. Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them were designed with this in mind
29. Community cookbooks - tips
- Use the community cookbooks unmodified
- Write wrapper cookbooks around them - most
of them were designed with this in mind
- Send bug fixes upstream
32. Cookbook versioning
- Cookbooks can contain versions
- Cookbooks can depend on specific versions
of other cookbooks
- Different environments can depend on
different versions of cookbooks (allows you to
have 0.0.2 in testing and 0.0.1 in production)
34. Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (not
functional)
35. Tests
- foodcritic: linting tool which checks against a
community list of rules
- chef-spec: unit tests for recipe code (not
functional)
- test-kitchen: Framework for running
integration tests in an isolated environment (<3
vagrant)
36. Live demo!
- Remove a Yola employee
- Create a pull request
- Push it to the chef-server
- Ensure that it has been done
- Take a look at some things that knife can do
37. Some cool things
- chef-solo can run the chef-server cookbook in
order to bootstrap your chef-server
- knife ec2 allows you to create an EC2
instance and configure it as a chef-client