fooshards
he came, he saw, he paid, he imaged, he left
Chef Workshop
Dawg Days 2016
Eric Fusciardi
Getting Started
-
Preinstalled the toolchain?
-
Tested you can run VMs?
-
Cheat sheet of commands
What you should be a little familiar with, and if you're not it's not that big of a deal
Bash / SSH / Linux shell
JSON
YAML
Ruby
All the ruby you need to know
- String interpolation
- ' vs " semantics
- Map accessing
- Map creation
- Loops
- "Ruby equivalent of XYZ" > google.com
- But seriously you won't use much ruby if you don't want to.
- Scope of variables / attributes
Exercise 1 goals
- Spin up a VM
- Install apache
- Look at it in your browser
- Observe re-run behavior
This is mostly just getting familiar with the kitchen toolchain and how chef manages state.
If this was a shell script
yum install -y httpd
service httpd start
Basic, amirite?
Oh but that second run sucks quite a lot
yum install -y httpd
> httpd already installed
service httpd start
> starting [httpd] [FAILED]
The overarching theme
You declare Resources.
Thats it.
Resources are the first-class citizen in chef scripts, and represent a piece of desired configuration.
Insert into google > "chef resource <A THING>" and you'll probably get a relavent hit
user, group, file, directory, package, service, link, cron, envvars, git creds, disk mounts, bash script, arbitrary ruby code, whatever.
They're all resources.
Exercise 2 goals
Part 1
- Spin up a VM
- Make a user on it with your pubkey
- Using file templates
- Using cookbook files
- Setup a ssh banner
- SSH to the host without password prompt
Part 2
- Use a different method of setting up the ssh banner
- Guards
Protip: If you're not using pageant or ~/.ssh/id_rsa to handle your own ssh auth, you're missing out.
Every resource.
Every time.
Chef has no concept of "Oh I just updated to this new code, only do this"
It is a state machine, it checks state, and if the state is not as described, it applies it.
Exercise 3 goals
Part 1
- Looping
- Resource attributes
- Ohai
- Vagrant Boxes
- Multiple VMs
- Port forwarding
- Multiple OSes
Part 2
- Test cases
- bats
- server-spec
- 'test' vs 'verify'
node['platform_version']
This wasn't defined.
ohai
- Can run it from command line
- Aggregates and exposes host-specific settings
- IP address
- Hostname / FQDN
- Processors
- Memory
- Disk mounts
- A whole butt-ton more
bats vs server-spec
Baaaats! Bats in my face!
bats
- Mostly bash syntax
- Very new to the scene
- Has way better support for environment vars, userlevel settings, and less boilerplate
server-spec
- Blend of ruby and bash
- Similar to chef overall in that aspect
- Better verbosity in failures
- More boilerplate needed
- Slower to install - server-spec gems take a minute or so to import on every new VM.
Exercise 4 goals
- Knife
- Data bag encryption
D-Bags
You knew this was coming
knife data bag [create|edit|delete] directory_name document_name
set your EDITOR env variable.
Mac users: export EDITOR='vi'
Windows users: set EDITOR='notepad.exe'
(you can use custom editors if you want, test it out.)
Exercise 5 goals
- Using third party cookbooks
- And their sometimes depressing dependency trees
- Berkshelf dependency management
- Composing cookbooks
- Attribute precedence
- Packaging a deployable
How it all works when you have a chef-server
- Config + Auth your local knife tool to the chef-server
- ~/chef/knife.rb
- Upload your code to the chef-server
- berks package / berkflow
- encrypted data bags
How it all works when you have a chef-server
- Make the target VM
- Hook it to the network
- Associate a host to the chef-server
- knife bootstrap
- Assign it a runlist, data bag keys, environment attributes, etc
- ssh to host, run chef-client
What chef doesn't do
- OS installation
- Initial incredibly base networking requirements
- Most notably, it needs to be able to talk to the chef server and resolve it in DNS
- Give a damn about users manually manipulating the files you told chef to control
- Magic
- "Chef-ify-ing" your app
It's really just a super fancy shell script.
DawgDays2016-chef
By fooshards
DawgDays2016-chef
- 333
