chef+ environments safer infrastructure

t

f

g

sethvargo

what’s an environment?

{ "name" : "production", "description" : "Production cluster in EC2", "override_attributes" : { ... }, "default_attributes" : { ... }}

target specificenvironments

$ knife search node "chef_environment:production"

$ knife ssh "chef_environment:production" "reboot"

default_attributes

override_attributescookbook_versions

chef_type

name

description

default_attributes

override_attributescookbook_versions

chef_type

name

description

lock cookbooks in production

{ "name" : "production", "description" : "Production cluster in EC2", "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... }}

“lock” cookbooks in staging

{ "name" : "staging", "description" : "Production cluster in EC2", "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... }}

unlock cookbooks in development

{ "name" : "development", "description" : "Production cluster in EC2", "cookbook_versions" : { ... }, "override_attributes" : { ... }, "default_attributes" : { ... }}

updating a cookbook

1. test in development

2. promote in staging

{ "name" : "staging", "description" : "Production cluster in EC2", "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... }}

{ "name" : "staging", "description" : "Production cluster in EC2", "cookbook_versions" : { "passenger_apache2" : "0.99.4" }, "override_attributes" : { ... }, "default_attributes" : { ... }}

{ "name" : "staging", "description" : "Production cluster in EC2", "cookbook_versions" : { "passenger_apache2" : "1.1.0" // major version bump }, "override_attributes" : { ... }, "default_attributes" : { ... }}

$ knife dwim environments/staging.json

1 knife-dwim: https://github.com/mpasternacki/knife-dwim

3. verify in staging

4. promote in production

1. run around screaming

2. demote in production

3. dance (optional)

scenario:updating passenger

default_attributes

override_attributescookbook_versions

chef_type

name

description

default_attributes

override_attributescookbook_versions

chef_type

name

description

{ "name" : "production", "description" : "Production cluster in EC2", "override_attributes" : { "passenger" : { "version" : "2.1.4" } },}

1. test in development

2. promote in staging

{ "name" : "production", "description" : "Production cluster in EC2", "override_attributes" : { "passenger" : { "version" : "2.1.4" } },}

{ "name" : "production", "description" : "Production cluster in EC2", "override_attributes" : { "passenger" : { "version" : "2.1.4" } },}

{ "name" : "production", "description" : "Production cluster in EC2", "override_attributes" : { "passenger" : { "version" : "3.0.18" // major version bump } },}

$ knife dwim environments/staging.json

1 knife-dwim: https://github.com/mpasternacki/knife-dwim

3. verify in staging

4. promote in production

chef+ environments safer infrastructure

t

f

g

sethvargo