ChefInfrastructure as Code Guide
âąAls PPTX, PDF herunterladenâą
9 gefĂ€llt mirâą4,970 views
chef introduction
Empfohlen
Empfohlen
Weitere Àhnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Andere mochten auch
Andere mochten auch (17)
Ăhnlich wie ChefInfrastructure as Code Guide
Ăhnlich wie ChefInfrastructure as Code Guide (20)
KĂŒrzlich hochgeladen
KĂŒrzlich hochgeladen (20)
ChefInfrastructure as Code Guide
- 2. Chef
- 3. Background Opscode (HJK Solutions)
- 4. Chef has Recipes Resources Roles Nodes Cookbooks Knife
- 6. Provisioning Bare-metal: Kickstart/jumpstart VM: libvert Cloud: AWS/vCloud Cloud: fog (http://fog.io/)
- 8. Systems Integration the last mile of fully automated infrastructure Metadata stored & indexed Search API
- 9. Chef principles Idempotent Thick Clients, Thin Server Order Matters
- 10. Why chef? Economics Efficiency Scalability Community
- 11. Flavors of Chef Chef client & Chef server Hosted Chef Chef solo
- 12. Architecture
- 14. A Chef run
- 16. Chef client Client does all the work, and can run recipes for multiple Nodes.
- 17. Chef server API service. Management Console (optional). AMQP Server Search indexer and Search Engine. Data store with CouchDB.
- 18. Chef solo -c, --config CONFIG -j, --json-attributes JSON_ATTRIBS -r, --recipe-url RECIPE_URL
- 19. Cookbook
- 20. Cookbook Cookbooks are the fundamental units of distribution in Chef.
- 21. Cookbook attributes/ definitions/ files/ libraries/ metadata.rb providers/ recipes/ resources/ templates/
- 22. Cookbook Dev in chef-repo Create our own cookbook Or download from community Upload to Chef server
- 23. Cookbook command knife cookbook list knife cookbook create COOKBOOK knife cookbook download COOKBOOK knife cookbook upload [COOKBOOKS...] knife cookbook delete COOKBOOK knife cookbook metadata COOKBOOK
- 24. Chef Community Cookbook Site knife cookbook site list knife cookbook site share COOKBOOK CATEGORY knife cookbook site install COOKBOOK knife cookbook site unshare COOKBOOK knife cookbook site search QUERY knife cookbook site download COOKBOOK
- 25. Cookbook Dependencies In metadata.rb: depends "apache2", ">= 0.99.4" depends "mysql", ">= 1.0.5"
- 26. Attributes node.default[:apache][:dir] = "/etc/apache2" node.default[:apache][:listen_ports] = [ "80", "443" ] if node.apache.attribute?(âdir") # do something end
- 27. Nodes Nodes in Chef are the thing that are configured by Recipes. recipe/role attribute
- 28. Roles name "webserver" description "The base role for systems that serve HTTP traffic" run_list "recipe[apache2]", "recipe[apache2::mod_ssl]", "role[monitor]" env_run_lists "prod" => ["recipe[apache2]"], "staging" => ["recipe[apache2::staging]"] default_attributes "apache2" => { "listen_ports" => [ "80", "443" ] } override_attributes "apache2" => { "max_children" => "50" }
- 29. Search knife search node "id:foo OR id:abcâ search(:node, 'run_list:recipefoobar') do |matching_node| puts matching_node.to_s end
- 30. Libraries your_cookbook/libraries/your_example_library.rb module YourExampleLibrary def your_function() # ... do something useful end End your_cookbook/recipes/default.rb class Chef::Recipe include YourExampleLibrary end your_function()
- 31. Metadata maintainter "bob" maintainer_email "bob@gmail.com" license "Apache v2.0" description "A cookbook" long_description "blablabla" depends "mysql", ">= 1.0.1" version "2.0.1" recipe "A recipe", "blablabla"
- 32. Templates template "/etc/sudoers" do source "sudoers.erb" mode 0440 owner "root" group "root" variables( :sudoers_groups => node[:authorization][:sudo][:groups], :sudoers_users => node[:authorization][:sudo][:users] ) end
- 33. Recipes stored in Cookbooks. executed in the order they appear. evaluated as Ruby code. Recipes from other Cookbooks can be included with include_recipe. All the attributes of the current Node are available via the node object.
- 34. Resources such as: packages services users files directories
- 35. Resources: cookbook_file cookbook_file "/tmp/testfile" do source "testfile" # this is the value that would be inferred from the path parameter mode "0644" end
- 36. Resources: directory %w{dir1 dir2 dir3}.each do |dir| directory "/tmp/mydirs/#{dir}" do mode 0775 owner "root" group "root" action :create recursive true end end
- 37. Resources: remote file remote_file "/tmp/testfile" do source "http://www.example.com/tempfiles/testfile" mode "0644" checksum "08da002l" # A SHA256 (or portion thereof) of the file. end
- 38. Resources: package package "tar" do version "1.16.1-1" action :install end
- 39. Resources: script script "install_something" do interpreter "bash" user "root" cwd "/tmp" code <<-EOH wget http://www.example.com/tarball.tar.gz tar -zxftarball.tar.gz cdtarball ./configure make make install EOH end
- 40. Quick start
- 47. Verify node data List all the node: knife node list List the run list for a specific node: knife node show nodename âr
- 48. Working with git
- 49. get chef-repo git clone git://github.com/opscode/chef-repo.git
- 50. repo tree config/ - Contains the Rake configuration file, rake.rb. cookbooks/ - Cookbooks you download or create. data_bags/ - Store data bags and items in .json in the repository. roles/ - Store roles in .rb or .json in the repository. certificates/ - SSL certificates generated by rake ssl_cert live here.
- 51. working with git Building a new cookbook and saving it to the local repository. Downloading an existing cookbook from the Chef Community Site. Modifying an existing cookbook in the local repository for new updates.
- 52. Doc & Help
- 53. working with git wik: http://wiki.opscode.com/display/chef/Home community: http://community.opscode.com/cookbooks
- 54. Q&A thanks~
Hinweis der Redaktion
- Manage your servers by writing code, not by running commands. With Chef, you write abstract definitions as source code to describe how you want each part of your infrastructure to be built, and then apply those descriptions to individual servers. The result is a fully automated infrastructure: when a new server comes on line, the only thing you have to do is tell Chef what role it should play in your architecture.
- Recipes: written in ruby using DSL. A Recipe describes a series of resources that should be in a particular state on a particular part of a server (such as Apache, MySQL, or Hadoop).Resource: A resource is usually a cross platform abstraction of the thing you're configuring on the host.A role sets a list of recipes and attributes to apply to a nodeA cookbook is a collection of recipes.Knife is the command line interface to the Chef server
- Kickstart: a file for installation questionsLibvert: The virtualization API, XEN, VMWare, Vitural Box, KVMâŠAmazon Web Services/Elastic Computer CloudFog: Ruby cloud services library
- Chef recipes can be data driven thereby providing dynamic system integration between servers. For example, when configuring a web server the search API can be called to discover the database and memcache servers and then automatically update the web serverâs configuration. Likewise a load balancer recipe can automatically add the web servers into its configuration.
- Chef ensures that actions are not performed if the resources have not changedThe Chef Server is built to handle the easy distribution of data to the clients - the recipes to build, templates to render, files to transfer - along with storing the state of each Node.given the same set of Cookbooks, Chef will always execute your resources in the same order.
- Chef Solo: is a client application that works entirely from on-disk data, and is a light-weight alternative to a full client-server configuration.Chef Client: is the client application that works with a Chef Server to persist data and download cookbooks. Chef Clients can also take advantage of Chef Server's search abilities to dynamically integrate your applications with the rest of your infrastructure.Knife: is the command line interface to Chef. Knife is primarily used to interact with the Chef Server API, and it can be used for local Chef Repository maintenance.Shef: is the interactive Chef shell. Shef allows you to write, run, and debug recipes interactively and also provides a programmatic interface for viewing and editing data on your Chef Server.Chef Server: services HTTP API requests from the Web UI, nodes, and other clients (see above).Chef Server Web UI: the web-based management console for the Chef Server. It manages your infrastructure by making API calls to Chef Server.CouchDB: the primary data store for a Chef server.RabbitMQ: stores and then forwards data from Chef Server to the Chef Solr Indexer. It acts as a buffer for cases when high write loads temporarily exceed the ability of the Chef Solr Indexer to update the search index.Chef Solr Indexer: flattens and expands data to enhance searchability, then writes the data to Chef Solr.Chef Solr: a thin wrapper around the Apache Solr search engine. Chef Solr allows you to find your way around your infrastructure by querying its metadata.
- Clients are where all the action happens - the Chef Server and Chef Indexer are largely services that exist only to provide the Client with information.
- MerbAPI service for knife & Management consoleRabbitMQSolrChef Server utilizes CouchDB for storing JSON data about Nodes, Roles, and Data Bags.
- Config:file_cache_path "/var/chef-solo"cookbook_path "/var/chef-solo/cookbooksâcookbook_path ["/var/chef-solo/cookbooks", "/var/chef-solo/site-cookbooks"]role_path "/var/chef-solo/rolesâchef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
- Config:file_cache_path "/var/chef-solo"cookbook_path "/var/chef-solo/cookbooksâcookbook_path ["/var/chef-solo/cookbooks", "/var/chef-solo/site-cookbooks"]role_path "/var/chef-solo/rolesâchef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
- Config:file_cache_path "/var/chef-solo"cookbook_path "/var/chef-solo/cookbooksâcookbook_path ["/var/chef-solo/cookbooks", "/var/chef-solo/site-cookbooks"]role_path "/var/chef-solo/rolesâchef-solo -c ~/solo.rb -j http://www.example.com/node.json -rhttp://www.example.com/chef-solo.tar.gz
- Hash key value (Mash)Default/override/setAttributes are Node data such as the IP address, hostname, loaded kernel modules, version of programming languages available on the system and more. New attributes can be dynamically added to the node in a variety of ways.During the Chef run, the Chef Client saves these node attributes on the Chef Server where they are indexed for Search. When the Chef Client runs again, it will retrieve the attributes that were saved previously and merge in attributes based on the priority rules described below.
- Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
- Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
- Search is a feature of the Chef Server that allows you to use a full-text search engine (based on Apache Solr) to query information about your infrastructure and applications. Searches are built by the Chef Server, and allow you to query arbitrary data about your infrastructure. You can utilize this service via search calls in a recipe or the knife search command.Most data that Chef stores in CouchDB is automatically indexed in Solr: Data Bags, API Clients, Nodes, and Roles are all indexed.
- Libraries allow you to include arbitrary Ruby code, either to extend Chef's language or to implement your own classes directly. They are the secret sauce that will allow you to plug in to your existing infrastructure and utilize it to inform how your systems are configured.
- Chef Cookbooks require you to specify a small amount of meta-data. This information is used to provide hints to the Chef Server as to what cookbooks should be deployed to a given node, and in the future it will be integral to an automated system for discovering and installing cookbooks.
- Template Location Specificity
- Recipes are the fundamental configuration in Chef. Recipes encapsulate collections of resources which are executed in the order defined to configure the systemRecipes are an internal Ruby domain-specific language (DSL), but you do not need to have experience with Ruby to write recipes.knife node run list add NODENAME "recipe[apache2]"
- Recipes are the fundamental configuration in Chef. Recipes encapsulate collections of resources which are executed in the order defined to configure the systemRecipes are an internal Ruby domain-specific language (DSL), but you do not need to have experience with Ruby to write recipes.knife node run list add NODENAME "recipe[apache2]"