Intro to Chef

a quick primer

Bobby Ryterski

What is Chef?

a configuration management tool from Opscode

what is configuration management?

Configuration Management

in general, how a "system" should be configured and maintained

for Chef, how servers are configured

can be:

  • network settings
  • services provided
  • software settings
  • etc

so...

What is Chef?

  • set of tools to manage servers
  • provides Ruby framework for describing configuration

Mantra

infrastructure as code

what?

Meaning

manage the infrastructure running your code the same way you manage your code

Basic Concepts

  • nodes
  • resources
  • recipes
  • cookbooks
  • roles

Node

  • an individual computer managed by Chef, the client
  • has derived attributes like OS, RAM, IP address
  • can have user defined attributes
  • has a list of tasks to run
    • derived from assigned recipes, roles

Resource

  • a reusable component for use in recipes
  • provides some function, does some action
  • depends on a provider to adapt the action for the platform
  • may have many providers for many different platforms
  • is a Ruby class that extends base Chef resource and provider

Example Resources

Recipe

  • set of tasks to perform using resources
  • may be included in other recipes
  • may use node attributes
  • must be idempotent
  • is a Ruby script

Example Recipe


# Cookbook name:: your_app
# Recipe:: default

remote_file "/tmp/thing/tarball.tar.gz" do
  action :create
  source "http://example.com/your/tarball.tar.gz"
  backup false
  mode "0755"
end

execute "unarchive tarball for install" do
  cwd '/tmp/thing'
  command "tar zxf tarball.tar.gz -C #{node[:your_app][:dir]} && rm tarball.tar.gz"
  only_if {::File.file?("/tmp/tarball.tar.gz")}
end

template "/etc/init.d/your_app" do
  owner "root"
  group "root"
  source "your_app.erb"
  mode "0755"
end

service "your_app" do
  supports status: true, restart: true
  action :enable
end

service "your_app" do
  action :restart
end

Cookbook

  • a distributable collection of components needed to run one or more recipes
  • may include:
    • resources, providers
    • recipes
    • node attributes
    • files / templates
    • etc
  • are versioned
  • are folders with files in a specific structure

Cookbook Layout


/path/to/your_cookbook
├── README.md
├── attributes
├── definitions
├── files
│   └── default
├── libraries
├── metadata.rb
├── providers
├── recipes
│   └── default.rb
├── resources
└── templates
    └── default

Role

  • describes a service or functionality for the node to have
    • web server (configure Apache)
    • database server (configure PostgreSQL)
    • etc
  • has attributes related to the functionality
  • has a run list with one or more recipes
  • is a Ruby script

Example Role


name "your_app_prod"
description "Deploys your_app in the production environment"

run_list(
  "recipe[your_app_backend]",
  "recipe[your_app_frontend]"
)

override_attributes(
  :your_app_backend => { :port = 4242 },
  :important_dependency => {
    :some_setting => true,
    :other_setting => "/path/to/cool/file"
  }
)

got it?

Using Chef

either client-server or standalone

Chef Server

  • common management endpoint
  • configure through CLI or web UI
  • keeps a database of everything
  • register nodes to the server
  • register users (clients) to manage the server
  • clients upload roles, cookbooks

Chef Client

  • command run on node
  • only available after bootstrapping
  • syncs roles, run list for the current node
  • executes run list

Knife

  • the workstation CLI configuration tool
  • used to manage nodes, cookbooks, roles, etc.
  • used to bootstrap new nodes

Chef Solo

  • one is the loneliest number => no server
  • add roles, cookbooks, etc. right on the node
  • use chef-solo to run the run_list

is that it?

no

there are a few other components

(data bags, environments, ...)

and best practices

but that's for another time

More Resources