Post on 21-Oct-2014
description
transcript
Configuration Management for the Devops generation.
Friday, 17 May 13
We Live In A Confusing World?
Friday, 17 May 13
And We’ve All Experienced This?
Sometimes Feels Like it
is Dev vs. Ops
vs. ITIL?
Friday, 17 May 13
* Applications delivered quickly to help business succeed
* Allowing us to work on interesting projects
* Tools that will simplify configuration, release and change
But We All Want The Same Thing?
Friday, 17 May 13
* Applications delivered quickly to help business succeed
* Allowing us to work on interesting projects
* Tools that will simplify configuration, release and change
But We All Want The Same Thing?
Friday, 17 May 13
* Applications delivered quickly to help business succeed
* Allowing us to work on interesting projects
* Tools that will simplify configuration, release and change
But We All Want The Same Thing?
And not this ?
Friday, 17 May 13
* You built your own or * You bought something * You had to bend your thinking * It was hard to install if it worked * You had an empty vessel* Did it support multiple OS’s or scale
It took a long time to go anywhere.
In The Past
Friday, 17 May 13
Enter DevOps and Chef
Friday, 17 May 13
Chef is an automation platform for developers & systems engineers to continuously define, build, and manage infrastructure.
CHEF USES:
Recipes and Cookbooks that describe Infrastructure as Code.
Chef enables people to easily build & manage complex & dynamic applications at massive scale
• New model for describing infrastructure that promotes reuse
• Programmatically provision and configure
• Reconstruct business from code repository, data backup, and bare metal resources
Chef
Chef is available in open source, PaaS and Enterprise options
Friday, 17 May 13
Consider this.....
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
Typical Infrastructure
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
• Move SSH off port 22
• Lets put it on 2022
New Compliance Mandate!
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
• Change, Restart
• Repeat
• Typically manually
Many Changes , Mostly Manual?
• Don’t break anything!
• Bob just got fired =(
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
• More Complexity
• More wiring
• Bigger run-book
Scale Out
Friday, 17 May 13
And It Gets Worse?
Application Servers
Application Database Cache
Load Balancers
Floating IP?
Application Databases
Friday, 17 May 13
And It Gets Worse?
Application Servers
Application Database Cache
Load Balancers
Floating IP?
Application Databases
Evolving complexity
Virtualization
Cloud
Portability
Friday, 17 May 13
Complexity Grows Quickly
DC1
DC3
DC2
Friday, 17 May 13
Configuration Desperation
Code Sample
http://www.flickr.com/photos/francoforeshock/5716969942/Friday, 17 May 13
• But you already guessed that, didn’t you?
Chef Solves this Problem
Friday, 17 May 13
Chef is Infrastructure as Code
http://www.flickr.com/photos/louisb/4555295187/
• Programmatically provision and configure
• Treat like any other code base
• Reconstruct business from code repository, data backup, and bare metal resources.
Friday, 17 May 13
• Chef-Client generates configurations directly on nodes from their run list
• Reduce management complexity through abstraction
• Store the configuration of your programs in version control
http://www.flickr.com/photos/ssoosay/5126146763/
Nodes
Friday, 17 May 13
Collections of Resources
• Networking
• Files
• Directories
• Symlinks
• Mounts
• Routes
• Users
• Groups
• Tasks
• Packages
• Software
• Services
• Configurations
• Other Stuffhttp://www.flickr.com/photos/stevekeys/3123167585/
Friday, 17 May 13
Declarative Interface to Resources
• Define policy
• Say what, not how
• Pull not Push
http://www.flickr.com/photos/bixentro/2591838509/Friday, 17 May 13
Recipes and Cookbooks
• Recipes are collections of Resources
• Cookbooks contain recipes, templates, files, custom resources, etc
• Code re-use and modularity
• Written in Ruby - extend as necessary
• Hundreds already on Community.opscode.com
http://www.flickr.com/photos/shutterhacks/4474421855/Friday, 17 May 13
http://www.flickr.com/photos/kathycsus/2686772625
• IP addresses
• Hostnames
• FQDNs
• Search for when static config isn’t enough
• data-driven power
Search
Friday, 17 May 13
pool_members = search("node","role:webserver”)
template "/etc/haproxy/haproxy.cfg" do source "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]"end
Pass Results to Templates
Friday, 17 May 13
# Set up application listeners here.listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%><% if node["haproxy"]["enable_admin"] -%>listen admin 0.0.0.0:22002 mode http stats uri /<% end -%>
Pass Results to Templates
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
So when this
NagiosGraphite
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
Becomes this
Friday, 17 May 13
Jboss App
Memcache
Postgres Slaves
Postgres Master
NagiosGraphite
Updates can be automatic
Friday, 17 May 13
NagiosGraphite
Count the resources
Jboss App
Memcache
Postgres Slaves
• Load balancer config
• Nagios host ping
• Nagios host ssh
• Nagios host HTTP
• Nagios host app health
• Graphite CPU
• Graphite Memory
• Graphite Disk
• Graphite SNMP
• Memcache firewall
• Postgres firewall
• Postgres authZ config
• 12+ resource changes for 1 node addition
Friday, 17 May 13
Build anything
• Simple internal applications
• Complex external applications
• Workstations
• Hadoop clusters
• IaaS infrastructure
• PaaS infrastructure
• SaaS applications
• Storage systems
• You name it
http://www.flickr.com/photos/hyku/245010680/
Friday, 17 May 13
And manage it simply
http://www.flickr.com/photos/helico/404640681/
• Automatically reconfigure everything
• Linux, Windows, Unixes, BSDs
• Load balancers
• Metrics collection systems
• Monitoring systems
• Cloud migrations become trivial
Friday, 17 May 13
Code Sample
Chef Components
Friday, 17 May 13
knife with the Chef Server
• knife node
• create/delete/edit
• list
• knife cookbook ...
• knife role ...
• knife environment ...
Friday, 17 May 13
knife search
• What operating systems are running?
• What version of ruby is running?
• How much memory do you have on each machine?
Friday, 17 May 13
Discovery & Data Driven (Ohai!)
Friday, 17 May 13
knife search
knife search “*:*” -a platform
knife search “*:*” -a languages.ruby.version
knife search “*:*” -a memory.total
Friday, 17 May 13
knife ssh
$ knife ssh "roles:rails-web" "sudo chef-client"
Friday, 17 May 13
And the Cloud.....
$ knife ec2Available ec2 subcommands: (for details, knife SUB-COMMAND --help)
** EC2 COMMANDS **knife ec2 flavor list (options)knife ec2 instance data (options)knife ec2 server create (options)knife ec2 server delete SERVER [SERVER] (options)knife ec2 server list (options)
$ knife ec2 server create -S keypair -i ~/.ssh/id_rsa -x ubuntu -I ami-4721882e -f m1.small -r 'role[webserver]'
• knife ec2
• knife rackspace
• knife hp
• knife google
• knife azure
• knife cloudstack
• knife openstack
• knife vsphere
• ... and many others
Friday, 17 May 13
Community
Friday, 17 May 13
The Chef Community
• Apache License, Version 2.0
• 1200+ Individual contributors
• 200+ Corporate contributors
• Google, HP, Dell, Rackspace, VMware, Joyent, Calxeda, Heroku, SUSE and many more
• 800+ cookbooks
• http://community.opscode.com
Friday, 17 May 13
How Do I Start?
•docs.opscode.com
•learnchef.com
•opscode.eventbrite.com
•lists.opscode.com
Friday, 17 May 13
Friday, 17 May 13
Yep, we’re hiring!
Friday, 17 May 13
Thanks! Any Questions?
Andy Hawkinsandy@opscode.com
Friday, 17 May 13