DevOps and Chef
-
Upload
jonathan-hitchcock -
Category
Technology
-
view
8.426 -
download
1
description
Transcript of DevOps and Chef
DevOps
Chef&
Friday 16 March 12
DevOps
Friday 16 March 12
Devs Opsvs
Friday 16 March 12
Devs Opsvs
Friday 16 March 12
Devs Opsvs
The Wall Of Confusion
Friday 16 March 12
Change
Stabilityvs
Friday 16 March 12
A Meeting of MindsFollow code into the wild
Accept change:become agile
Friday 16 March 12
Buzzword: DevOps
Friday 16 March 12
Buzzword
Buzzword: DevOpsBuzzword
Buzzword
BuzzwordBuzzword
Buzzword
BuzzwordBuzzword
Friday 16 March 12
Buzzword
Buzzword: DevOpsBuzzword
Buzzword
Buzz Lightyear
Buzzword
BuzzwordBuzzword
Buzzword
BuzzwordBuzzwordBuzzword
Buzzword
BuzzwordBuzzword Buzzword
Friday 16 March 12
Buzzword
Buzzword: DevOpsBuzzword
Buzzword
Buzz Lightyear
BuzzwordBuzzword
BuzzwordBuzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
BuzzwordBuzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword
Buzzword Buzzword
Buzz Aldrin
Friday 16 March 12
What is DevOps?
Friday 16 March 12
What is DevOps?
What is DevOps NOT?
Friday 16 March 12
What is DevOps?
What is DevOps NOT?
They are making a play for our jobs
Friday 16 March 12
What is DevOps?
What is DevOps NOT?
They are making a play for our jobs
Devs want root
Friday 16 March 12
What is DevOps?
What is DevOps NOT?
DevOps is not a job title, it’s a philosophy
They are making a play for our jobs
Devs want root
Friday 16 March 12
What is DevOps?
What is DevOps NOT?
DevOps is not a job title, it’s a philosophy
They are making a play for our jobs
Devs want root
So many words
Friday 16 March 12
DevOps, for me
Friday 16 March 12
DevOps, for me:
Testing
Friday 16 March 12
DevOps, for me:
Testing
Monitoring
Friday 16 March 12
DevOps, for me:
Testing
Automation
Monitoring
Friday 16 March 12
DevOps, for me:Testing
Automation
Monitoring
Friday 16 March 12
DevOps, for me:Testing
Automation
Monitoring
Don’t release broken things
Know when things break
Replace/fix broken things instantly
Friday 16 March 12
✔ ?Friday 16 March 12
SCCS:Source Code Control System
Friday 16 March 12
SCCS:Source Code Control System
1972
40 Years Ago!
Friday 16 March 12
Revision Control
✔Friday 16 March 12
Revision ControlTest Driven Development
✔Friday 16 March 12
Revision ControlTest Driven Development
Feature Branches
✔Friday 16 March 12
Revision ControlTest Driven Development
Continuous IntegrationFeature Branches
✔Friday 16 March 12
Revision ControlTest Driven Development
Continuous IntegrationFeature Branches
Staging Environments
✔Friday 16 March 12
Revision ControlTest Driven Development
Continuous IntegrationFeature Branches
Staging Environments AGILE✔
Friday 16 March 12
AGILE
Friday 16 March 12
AGILE OPS ?
Friday 16 March 12
AGILE OPSContinuous Deployment
Feature Flags Dark Launches
Automated RecoveryIMVU - 50+
Etsy - 25 Flickr - 10+
?
Friday 16 March 12
Instant FeedbackRollbacks
Confidence
No fear of change
Friday 16 March 12
Code Infrastructure
Friday 16 March 12
CodeInfrastructure
Friday 16 March 12
CodeInfrastructure As
Friday 16 March 12
$ ssh root@web1Last login: Tue Mar 13# apt-‐get install apache2...# vim /etc/apache2/sites-‐enabled/default.conf...# /etc/init.d/apache2 restart...# scp web2:/root/.ssh/authorized_keys ~/.ssh
Friday 16 March 12
ChefFriday 16 March 12
chef-client on noderetrieves
configurationfrom server
use knife to pushconfig to server
use knife to query andssh to clients
SERVER
CLIENT(workstation)
CLIENT(server/node)
Friday 16 March 12
Chef/nodes/web1.json
Friday 16 March 12
{ "access" : [ "developers", "designers" ], "name": "web1", "run_list": [ "role[base]", "role[web]", "recipe[splunk]" ]}
Friday 16 March 12
{ "access" : [ "developers", "designers" ], "name": "web1", "run_list": [ "role[base]", "role[web]", "recipe[splunk]" ]}
Friday 16 March 12
run_list("recipe[apache]", "role[monitoring]")
Friday 16 March 12
run_list("recipe[apache]", "role[monitoring]")
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb
Friday 16 March 12
package "apache2" do action :installend
Friday 16 March 12
apache_modules = ['wsgi', 'ssl', 'auth_tkt', 'proxy_http', 'headers', 'rewrite', 'status']
apache_modules.each do |mod| apache_module mod do enable true notifies :restart, "service[apache2]" endend
Friday 16 March 12
apache_modules = ['wsgi', 'ssl', 'auth_tkt', 'proxy_http', 'headers', 'rewrite', 'status']
apache_modules.each do |mod| apache_module mod do enable true notifies :restart, "service[apache2]" endend
Friday 16 March 12
package "apache2" do case node[:platform] when "centos","redhat","fedora","suse" package_name "httpd" when "debian","ubuntu" package_name "apache2-mpm-prefork" end action :installend
Friday 16 March 12
package "apache2" do case node[:platform] when "centos","redhat","fedora","suse" package_name "httpd" when "debian","ubuntu" package_name "apache2-mpm-prefork" end action :installend
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb
Friday 16 March 12
default[:apache][:version] = "2.2"
Friday 16 March 12
package "apache2" do action :install version "#{node[:apache][:version]}"end
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb templates/default/apache2.conf.erb
Friday 16 March 12
template "#{node[:apache][:dir]}/apache2.conf" do source "apache2.conf.erb" owner "root" mode 0644 notifies :restart, resources(:service => "apache2")end
Friday 16 March 12
It’s all Ruby
Friday 16 March 12
It’s all Rubyhttp://wiki.opscode.com/display/chef/Just+Enough+Ruby+for+Chef
“Just Enough Ruby for Chef”
Friday 16 March 12
It’s all RubyLet’s hack
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb templates/default/apache2.conf.erb libraries/default.rb
Friday 16 March 12
class Chef class Recipe def apache_ports(&block) @node[:apache][:vhosts].each do |vh| vh[:ports].each do |p| block.call(p) end end end endend
Friday 16 March 12
apache_ports do |p| firewall_port p do action :open endend
Friday 16 March 12
apache_ports do |p| firewall_port p do action :open endend
Friday 16 March 12
define :firewall_port, :action => :open do if not params.has_key?(:port) params[:port] = params[:name] end
if params[:action] == :open execute "open #{params[:port]}" do command "iptables -A INPUT --destination-port #{params[:port]} -j ACCEPT" end else execute "close #{params[:port]}" do command "iptables -A INPUT --destination-port #{params[:port]} -j DROP" end endend
Friday 16 March 12
Providerspackage "apache2" do action :installend
node[:platform]
apt-get install
brew install
yum install
Friday 16 March 12
"#{File.expand_path( Chef::Config[:file_cache_path] )}/handlers/yola.rb"
Friday 16 March 12
"#{File.expand_path( Chef::Config[:file_cache_path] )}/handlers/yola.rb"
class YolaHandler < Chef::Handler def report() run_status.updated_resources.each do |r| campfire_speak(r.to_s) end endend
Friday 16 March 12
"#{File.expand_path( Chef::Config[:file_cache_path] )}/handlers/yola.rb"
class YolaHandler < Chef::Handler def report() run_status.updated_resources.each do |r| campfire_speak(r.to_s) end endend
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb templates/default/apache2.conf.erb libraries/default.rbChef/environments/production.rb
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb templates/default/apache2.conf.erb libraries/default.rbChef/environments/production.rbChef/environments/testing.rb
Friday 16 March 12
default_attributes({ "aws_region" => "usa-east"})
default_attributes({ "aws_region" => "usa-east", "logging" => { "debug" => true }})
Friday 16 March 12
Chef/nodes/web1.jsonChef/roles/web.rbChef/cookbooks/apache/ recipes/default.rb attributes/default.rb templates/default/apache2.conf.erb libraries/default.rbChef/environments/production.rbChef/environments/testing.rbChef/data_bags/employees/jonathan.json
Friday 16 March 12
{ "name": "Jonathan Hitchcock", "id": "jonathan", "groups": ["developers", "operations"], "ssh_keys": [ { "key": "AAAB3NzC1yc2EAAAABIwAAAQEA3advEyDE0aEo==" } ]}
Friday 16 March 12
Provisioning
Friday 16 March 12
Provisioning
$ knife ec2 server create -r 'role[webserver]' -I ami-7000f019 -f m1.small
Friday 16 March 12
Provisioning
$ knife ec2 server create -r 'role[webserver]' -I ami-7000f019 -f m1.small
Amazon EC2Rackspace Cloud
Openstack
EucalyptusKickstart
libvirt
XENKVM
Vagrant
Friday 16 March 12
Integration
configuration data vs configuration logic
Friday 16 March 12
Integrationconfiguration
datavs configuration logic
Friday 16 March 12
Integration
vs configuration logic
Ohai Collects infrastructure data
Stored and indexed in NoSQL
Search and use
configuration data
Friday 16 March 12
Attributes
default
normal
override
automatic
(A side note on)
Friday 16 March 12
Attributes
default
normal
override
automatic
cookbooks, data bags
node definitions
for special cases
ohai
(A side note on)
Friday 16 March 12
Integration
search(:node, 'role:webbackend') do |wb| haproxy_backend "#{wb[:apache][:port]}" do action :create endend
Systems auto-discover each other
Configuration is responsive to changes
(Back to)
Friday 16 March 12
Integration
search(:node, 'role:webbackend') do |wb| haproxy_backend "#{wb[:apache][:port]}" do action :create endend
Systems auto-discover each other
Configuration is responsive to changes
So you don’t have to be!
Friday 16 March 12
Jonathan Hitchcock
@vhata
github.com/vhata
Friday 16 March 12