Javist being Cheftain
@ladislavGazo
gazo@seges.sk
Javist Part
Changelog
# change host records vim /etc/hosts vim /etc/hostname # optionally reboot reboot # to refresh repo list sudo apt-get update # to install updates sudo apt-get upgrade sudo apt-get install tmux mchttp://www.andrewault.net/2010/05/17/securing-an-ubuntu-server/ sudo sysctl -w net.ipv4.conf.all.accept_source_route=0 sudo sysctl -w net.ipv4.conf.default.accept_source_route=0 sudo aptitude -y install denyhosts sudo aptitude -y install tiger sudo aptitude -y install psad sudo chkrootkit
... but what if
- there are more servers
- change log for every one
- I want to setup development environment
- manually go through the changelog
- and probably do mistakes
- the changelog has some blank places
- usually it is not that detailed
Holy crap... now what?
Comparison?
Only subjective:
Chef feels more community friendly
&
I like community projects
Alternatives
Of course there are many:
- Puppet
- CFEngine
- Capistrano
- Fabric
- glu
- ...
There is a difference between infrastructure management and deployment management.
Chef Solo vs. Chef Server
Knife
Chef
Solo
- for local/one node
- no central repository of configuration
Server
- installed internally or bought from Opscode
- central repository of cookbooks
- easy to install on supported OS
- Ubuntu
Components
Components II.
attributes
run-lists
roles
data bags
environmentsThe Essence
Cookbooks:
Attributes
Recipes
Templates
Files
Metadata + Version + Dependencies
CookBooks
- managed by Knife
- source code stored in Git repository
- uploaded to the Chef Server
- downloaded by Chef Client on a particular Node
How to start Cooking?
You do not need to know Ruby up-front
=
wheew for Javist ;)
but
Next
Set up Git repo ( BB | GitHub | ... )
git clone git://github.com/opscode/chef-repo.git
Follow the guide precisely
Note: I keep separate user for development and separate for deployment
Write first CookBook
It is simple
knife cookbook create hypericcd hypericvim recipes/default.rb
you get along with 90% of what is already there for most recipes you are fine with basic programming techniques
kitchen inittesting is important
Testing
gem install test-kitchen --pregem install berkshelfgem install kitchen-vagrant
SSH to running Vagrant machine when test-kitchen is executed
/chef-repo/cookbooks/hyperic/.kitchen/kitchen-vagrant/default-ubuntu-1204$ vagrant sshWhen everything is ready, "fire in the hole"
vim .kitchen.ymlkitchen test
Cache
http://fgrehm.viewdocs.io/vagrant-cachier
It saves time!
vagrant plugin install vagrant-cachierBut does not work with current Kitchen version without hacking configuration file
Notable Resources
directory "/tmp/folder" do
owner "root"
group "root"
mode 0755
action :create
enduser "hyperic" do
supports :manage_home => true
home "/home/#{hyperic_user}"
shell "/bin/bash"
action :create
end
remote_file "hyperic_bundle" do
path hyperic_src
owner hyperic_user
source node['hyperic']['agent']['bundle_url']
mode 00644
endOther
template "/etc/init.d/#{service_name}" do
action :create_if_missing
owner "root"
mode 00700
source "hyperic-agent.erb"
variables(
:service_name => service_name,
:agentdir => hyperic_agentdir,
:user => hyperic_user,
:java_home => java_home
)
end
service service_name do pattern "agent-#{hyperic_version}"
action [ :enable, :start ]
end
bash "extract_tcc" do cwd ::File.dirname(tcc_down_path)
code <<-EOH
chown -R #{node.tcc.user}:#{node.tcc.group} #{node.tcc.location}
EOH
end
Notable Hints
- (re)create, not update
- rather don’t update file, find a way how to create it at once
- more detailed steps then you expected
- if you thought there are 10 steps what to execute in such an automated way in your head, there are 60 at least
- cookbook wrapper pattern
- describe the possibility to override resources in the “cookbook wrapper”
Questions?
@ladislavGazo
gazo@seges.sk