Chef Introduction

Bala
Session Perquisites

Some scripting skills

*nix / shell experience

2013 SAP AG or an SAP affiliate company. All rights reserved. 2

Session Goal(s)

Why & what is Chef ?

What do we manage ?

Being / Becoming D.R.Y [ dont repeat yourself ]

Creating reusable patterns

2013 SAP AG or an SAP affiliate company. All rights reserved. 3

What is chef

Chef is an open-source configuration

management framework built specifically
for automating the cloud.

Built by Opscode an Ops / DevOps

consultancy company.

2013 SAP AG or an SAP affiliate company. All rights reserved. 4

Why chef ?

Why you should use Chef?

Idempotence
Idempotence is the property of certain
operations in mathematics and computer
Efficiency science, that can be applied multiple
times without changing the result
Scalability beyond the initial application. The
concept of idempotence arises in a number
of places in abstract algebra (in particular, in
DRY / reuse the theory of projectors and closure
operators) and functional programming (in
which it is connected to the property of
live documentation referential transparency).

Transform infrastructure to code

2013 SAP AG or an SAP affiliate company. All rights reserved. 5

Infrastructure components

Machines / Instances

Networking

Load balancers

DNS records

SSH keys / Credentials

Users & credentials

Firewalls

Database servers, web servers

2013 SAP AG or an SAP affiliate company. All rights reserved. 6

Chef Components

Chef Client
Chef Server
Chef solo
Recipes
Cookbook
Resources ( file, template, ruby, bash)
Providers
Attributes
Run-list
Node

2013 SAP AG or an SAP affiliate company. All rights reserved. 7

Chef client

A command line tool that configures servers.

Chef client is the one doing all the heavy

lifting.

The Chef Client will pull down [with helpers] all

the necessary things it needs in order to
provision your server.

2013 SAP AG or an SAP affiliate company. All rights reserved. 8

Chef server

A centralized location to store:

Cookbooks, recipes, templates, files etc

Node Metadata

A searchable index

One disadvantage was that if some one

published a certain cookbook, all systems
might break not good !

Workaround chef server per project so

why not chef-solo

2013 SAP AG or an SAP affiliate company. All rights reserved. 9

Chef solo

Very similar functionality like a server

Stores all Cookbooks, recipes,

templates, files etc in one location

It runs on your node in solo mode

In most cases its all you infrastructure in

a git repository ( infrastructure history )

And recently also provides some level of

search [ which was the #1 server
strength ]

2013 SAP AG or an SAP affiliate company. All rights reserved. 10

recipe

A set of instruction to prepare a certain dish

[ in food terms ]

A set of instructions, a procedure to run on

a computer resource.

Apache, mysql, pas, ascs, hana server

2013 SAP AG or an SAP affiliate company. All rights reserved. 11

cookbook

A logical binding of recipes.

For example a saperp needs:
Users [ sapinst & others ], AAS, ASCS, DB Schema load, PAS & more

Cookbooks have the minimum of:

Attributes, recipes [ 1 or more ] & metadata.rb file
metadata.rb file specifies
Cookbook => 1.0.0
Description => my cookbook
Dependencies => other cookbook
Supported os => suse, rhel
Default attributes foo, bar
Recipes => foo, bar

2013 SAP AG or an SAP affiliate company. All rights reserved. 12

Resources

Resources are key parts in recipes.

They could define files, packages, services

& more, for example:

http://docs.opscode.com/chef/resources.html

2013 SAP AG or an SAP affiliate company. All rights reserved. 13

Resources

Resources have characteristics such as:

type: directory / service / file etc

name: /tmp/folder / apache

action: create / enable

parameters: group, mode etc.

http://docs.opscode.com/chef/resources.html

2013 SAP AG or an SAP affiliate company. All rights reserved. 14

Providers & LWRP

Behind resources concept chef invents a

provider:

Directory

File

Template

Bash / Csh / Ruby

You can also add your own LWRP light

weight resource providers

http://docs.opscode.com/chef/resources.html
http://docs.opscode.com/lwrp.html#opscode-maintained

2013 SAP AG or an SAP affiliate company. All rights reserved. 15

Attributes

An attribute can be defined in a cookbook

(or a recipe) and then used to override the
default settings on a node.

During a chef-run cookbooks are loaded

and attributes are compared to the
attributes that are already present on the
node.

The cookbook attributes take precedence

over the default attributes, the chef-client
will apply those new settings and values
during the chef-client run on the node.

http://docs.opscode.com/essentials_cookbook_attribute_files.html
http://docs.opscode.com/chef_overview_attributes.html

2013 SAP AG or an SAP affiliate company. All rights reserved. 16

Role(s)

A role is an object which combines

Attributes and Runlists.

Think of a roles like:

Base => sets users, groups

Web Server => apache2 / naginx,

iptables port 80,443

2013 SAP AG or an SAP affiliate company. All rights reserved. 17

Role(s)

Roles can be nested in other roles +

override attributes for example:

Role webserver_81 includes role

webserver in addition to overriding the
default listen port set in the apache2
cookbook which is part of the webserver
role.

2013 SAP AG or an SAP affiliate company. All rights reserved. 18

Run-list

A run-list is an ordered list of roles and/or

recipes that are run in an exact order.

A run-list is always specific to the node on

which it runs, though it is possible for many
nodes to have run-lists that are similar or
even identical.

A run list leads to a stage defined as

converging the node you might come
across the word converge this is the stage
that chef reads the run=list pulls down all its
dependencies and starts converging /
applying configuration on the node

2013 SAP AG or an SAP affiliate company. All rights reserved. 19

Data Bags

What is it ?

A data bag is a global variable that is stored

as JSON data

What is so special about it ?

Attributes you say ?

In the past was used by the server only and

was searchable & encrypt-able which
means data is secure.

It is now available in chef solo as part of

your repository.

When using Data Bags with chef-solo, data

bags are stored in a directory hierarchy on
the machine running chef-solo
2013 SAP AG or an SAP affiliate company. All rights reserved. 20
Node [ A configuration / variant of your recipe ]

A host / instance where the Chef client will run

The chef client can transform / provision that node

to be a

Web server

Database server

File server

Application server

Any other role / recipe you may have in mind

Chef will be working on server & configure it /

validates its configuration.

2013 SAP AG or an SAP affiliate company. All rights reserved. 21

A simple recipe
A walkthrough of how to write a cookbook
Planning the cookbook

What do we want to automate ?

Does it require special stuff like:

Users

Groups

Nfs mounts, urls

Software packages

Other recipes ?

2013 SAP AG or an SAP affiliate company. All rights reserved. 23

Cooking with Apache

The majority of Applications requires

apache to be present.

A classic example of using Attributes

recipes and resources.

The recipes goal :: make apache available

on our instance

2013 SAP AG or an SAP affiliate company. All rights reserved. 24

Attributes [ examples ]

installation files and dir needed for Apache

These attributes will tell our recipe where to get the

swpm by utilizing a remote_file resource

2013 SAP AG or an SAP affiliate company. All rights reserved. 25

recipes

Apache should start right ?

2013 SAP AG or an SAP affiliate company. All rights reserved. 26

Templates

We need Apache conf file right ?

2013 SAP AG or an SAP affiliate company. All rights reserved. 27

Thats it you have a recipe => cookbook [README]

The README is for you to tell the world what you have done, for example what attributes
you defined and can be overwritten

2013 SAP AG or an SAP affiliate company. All rights reserved. 28

Thats it you have a recipe => cookbook [metadata.rb]

The README is for you to tell the world what you have done, for example what attributes
you defined and can be overwritten

2013 SAP AG or an SAP affiliate company. All rights reserved. 29

Thank you
Queries