2. Congratulations!!!
• U has a cloud
• Now what?
http://www.flickr.com/photos/ian_munroe/4758240536/
3.
4. APIs are awesome!
• You can provision
compute resources in
seconds
• You can provision
storage resources in
seconds
• That’s cool.
http://www.flickr.com/photos/jdhancock/3634246981/
5. Chef can help with that
• knife ec2 server • knife cloudstack
create server create
• knife rackspace • knife kvm server
server create create
• knife terremark • knife vsphere
server create server create
• knife voxel • knife eucalyptus
server create server create
• knife gandi • knife openstack
server create server create
http://www.flickr.com/photos/kyz/3122499444/
19. And it Continues to Evolve
http://www.flickr.com/photos/16339684@N00/2681435235/
20. Golden Images are not the answer
• Gold is heavy
• Hard to transport
• Hard to mold
• Easy to lose
configuration detail
http://www.flickr.com/photos/garysoup/2977173063/
31. Acting in Concert
http://www.flickr.com/photos/glowjangles/4081048126/
32. To Provide a Service
http://www.flickr.com/photos/28309157@N08/3743455858/
33. Chef is Infrastructure as Code
• Programmatically
provision and configure
• Treat like any other code
base
• Reconstruct business from
code repository, data
backup, and bare metal
resources.
http://www.flickr.com/photos/louisb/4555295187/
34. Declarative Interface to Resources
• Define policy
• Say what, not how
• Pull not Push
http://www.flickr.com/photos/bixentro/2591838509/
35. That looks like this
extra_packages = case node['platform']
when "ubuntu","debian"
%w{
ruby1.8
ruby1.8-dev
rdoc1.8
ri1.8
libopenssl-ruby
}
end
extra_packages.each do |pkg|
package pkg do
action :install
end
end
36. Or this
search(:users, '*:*') do |u|
user u['id'] do
uid u['uid']
shell u['shell']
home "/home/#{u['id']}"
end
directory "#{home_dir}/.ssh" do
owner u['id']
group u['gid']
mode "0700"
end
template "#{home_dir}/.ssh/authorized_keys" do
source "authorized_keys.erb"
owner u['id']
group u['id']
mode "0600"
variables :ssh_keys => u['ssh_keys']
end
end
37. Recipes and Cookbooks
• Recipes are collections of
Resources
• Cookbooks contain
recipes, templates, files,
custom resources, etc
• Code re-use and
modularity
• Hundreds already on
Community.opscode.com
http://www.flickr.com/photos/shutterhacks/4474421855/
38. Nodes
• Chef-Client generates
configurations directly
on nodes
• Reduce management
complexity through
abstraction
• Store the configuration
of your programs in
version control
http://www.flickr.com/photos/ssoosay/5126146763/
39. Upload your infrastructure
knife cookbook upload apt
knife cookbook upload chef-client
knife cookbook upload java
knife cookbook upload jpackage
knife cookbook upload ntp
knife cookbook upload sudo
knife cookbook upload tomcat
knife cookbook upload users
knife cookbook upload sample
knife role from file base-cloud.rb
knife role from file tc.rb
knife role from file sample.rb
knife data bag create users
knife data bag from file users mray.json
40. Build it somewhere
#EC2
knife ec2 server create -S mray -i ~/.ssh/mray.pem -x ubuntu -G default -I ami-a7a97dce
-f m1.small -d omnibus -r 'role[base-cloud],role[tc],role[sample]'
#Rackspace
knife rackspace server create --image 110 --flavor 2 -i ~/.ssh/mray.pem -d omnibus -r
'role[base-cloud],role[tc],role[sample]'
#CloudStack
knife cs server create -S "small instance" -T "CentOS 5.5(64-bit) no GUI (KVM)" -i
~/.ssh/mray.pem -d omnibus -r 'role[base-cloud],role[tc],role[sample]'
#Ubuntu Linux
knife bootstrap test.lab -r 'role[webserver]' -i ~/.ssh/mray.pem -x ubuntu --sudo -d
omnibus -r 'role[base-cloud],role[tc],role[sample]'
41. Search
• Search for nodes
with Roles
• Find configuration
data
• IP addresses
• Hostnames
• FQDNs
http://www.flickr.com/photos/kathycsus/2686772625
42. Pass results into Templates
pool_members = search("node","role:webserver”)
template "/etc/haproxy/haproxy.cfg" do
source "haproxy-app_lb.cfg.erb"
owner "root"
group "root"
mode 0644
variables :pool_members => pool_members.uniq
notifies :restart, "service[haproxy]"
end
43. Pass results into Templates
# Set up application listeners here.
listen application 0.0.0.0:80
balance roundrobin
<% @pool_members.each do |member| -%>
server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check
<% end -%>
<% if node["haproxy"]["enable_admin"] -%>
listen admin 0.0.0.0:22002
mode http
stats uri /
<% end -%>
48. CLONING CANNOT COPE WITH THIS
• Chef can.
http://www.flickr.com/photos/evelynishere/2798236471/
49. Build anything
• Simple internal applications
• Complex external applications
• Workstations
• Hadoop clusters
• IaaS infrastructure
• PaaS infrastructure
• SaaS applications
• Storage systems
• You name it
http://www.flickr.com/photos/hyku/245010680/
50. And manage it simply
• Automatically
reconfigure
everything
• Linux, Windows,
Unixes, BSDs
• Load balancers
• Metrics collection
systems
• Monitoring systems
• Cloud migrations
become trivial
http://www.flickr.com/photos/helico/404640681/
51. The Chef Community
• Apache License, Version 2.0
• 550+ Individual contributors
• 100+ Corporate contributors
• Dell, Rackspace,VMware, RightScale,
Heroku, and many more
• Nearly 400 cookbooks
• http://community.opscode.com