Chef on Linux on POWER

Alex Manly

Solutions Architect

Email: am@chef.io

Twitter: @apmanly

16+ years experience in software engineering, design and architecture. Previously worked at IBM GBS based in Southbank for 7 years.

Roles included developer, enterprise architect, VP product development

Speaker in all things Continuous – Deployment automation, testing automation

Professional verticals have included financial (commercial and retail banking), insurance, government and media

Based in London, UK

Who is Alex?

Contents

• What is Chef• How Chef Works• DevOps Rising• The Chef Platform• Porting to Linux on POWER• Chef and IBM• Chef on Linux on POWER Demo

Leader in next generation of automation solutions

Leading the DevOps movement – Alignment between Infrastructure and Apps

Key partners: IBM, Amazon Web Services, Microsoft,HP, Accenture, PWC, VMWare

100%+ Enterprise & Usage Growth Year over Year

Offices in Seattle, San Francisco, Atlanta, and London

What is Chef?

The New Face of Business

Chef is an automation and delivery platform born in the service of velocity and scale.

In the data center+ in the cloud

Infrastructure+ applications

RE

QU

IRE

ME

NT

S

How Chef Works

• Define reusable resources and infrastructure state as code

• Manages deployment and on-going automation

• Community content available for all common automation tasks

1 ▼ package “httpd” do2 action :install3 ▲ end45 ▼ template “/etc/httpd/httpd.conf” do6 source “httpd.conf.erb”7 mode 07558 owner “root”9 group “root”10 ▲ end1112 ▼ service “httpd” do13 action [:enable, :start]14 done15

1 ▼ windows_feature ‘IIS-WebServerRole’ do2 action :install3 ▲ end45 ▼ windows_feature ‘IIS-ASPNET’ do6 action :install7 ▲ end89 ▼ iis_pool FooBarPool do10 runtime_version “4.0”11 action :add12 ▲ end1314 ▼ iis_site FooBarLTDSite do15 protocol :http16 port 8017 path C:\\FooBarSite18 action [:add, :start]19 ▲ end

Chef Architecture

Code RevisionControlSystem

AutomationServer

Nodes

Policy

State

Chef is Infrastructure as Code

Programmatically provision and configure components

Treat it like any other code base

Reconstruct business from code repository, data backup, and compute resources

DevOps Rising

DevOps is a primary movement in the growing trend to industrialize IT

service development and production.

IDC expects DevOps strategies will increasingly dominate enterprise and

service provider strategies.

By 2016, DevOps will be employed by 25% of Global 2000 organizations.

DevOps technologies will achieve revenue of $4B by 2018.

Chef is the leader of the DevOps market

Born with the DevOps movement

Partners with big web and the enterprise

Understands DevOps success patterns

Distilled these patterns into the Chef platform

Porting to Linux on POWER

• Actually very easy to do.• Chef uses Omnibus to create cross platform chef clients for each platform.• Followed x86 as much as possible, used GCC as the complier and not XLC.• We had to make a few minor patches and upgrade to the latest versions of

everything for POWER, but it did "mostly just work”• Chef Server uses OpenResty (a web server based on Nginx), OpenResty uses

Lua and we needed IBM to patch the LuaJIT for POWER support. • Swapped the Oracle JRE to the IBM JRE.• That’s all!!!

• By the way, POWER is the fastest kit we’ve worked on.

Chef and IBM

• Alpha versions of Chef Client 12 and Chef Server 12 available for Linux on POWER for Ubuntu LE and Red Hat Enterprise 7 BE and LE. Beta packages available by the end of June. Currently discussing adding support for SLES and RHEL6.

• Official support Chef Client 12 on AIX versions 6.1 and 7.1 in December 2014. Has the ability to manage services, packages, file shares, user and groups, cron jobs and file based resources. AIX cookbooks also provides primitives to support other AIX services, such as initab and inetd.

• Chef is core to IBMs OpenStack offering and IBM is very active in the Chef OpenStack community. Use Chef to deploy and consume OpenStack resources through knife-openstack, kitchen-openstack, Chef Provisioning and OpenStack cookbooks.

Chef and IBM

• IBM’s SoftLayer Cloud also has great Chef support. The knife-softlayer plugin allows you to easily launch, configure and manage compute instances in the IBM SoftLayer Cloud. There is a Chef Provisioning driver for SoftLayer written by an IBM employee: https://github.com/IMC3ofC/chef-provisioning-softlayer

• IBM developed community cookbooks for managing IBM HTTP Server, IBM Installation Manager, WebSphere Application Server, WebSphere Liberty Profile and WebSphere eXtreme Scale.

• A Chef developed, soon to be open sourced, knife plugin that gives knife the ability to create, bootstrap, and manage virtual machines in a Linux Kernal-Based Virtual Machine (KVM) hypervisors such as IBM PowerKVM. Plans for a kitchen and Chef provisioning driver.

KNIFE-KVM

Chef on Linux on POWER Demo

Demo Steps.

• Make changes to application code.• Locally test my changes:

• Lint testing – code correctness

• Unit testing

• System testing using a Docker container.

• Upload cookbook to hosted Chef Server.• Bootstrap my Linux on POWER node with the Chef Client and register it with the

Chef Server.• Assign the cookbooks to the run list of the Linux on POWER node.• Converge the node.

ChefDK: TDI In a Box

Rubocop Foodcritic

ChefSpec

Test Kitchen

Chef

Code Correctness

Unit Tests

Deploy sample environments

A wrapper to tie it all together

Not just syntactic correctness but quality gates too!

Provisioning

Rubocop Because Ruby

• Identify potential Ruby errors• Unclosed strings, etc.

• Identify style/convention that helps write better code• Single quotes vs. double quotes

• This is useful for new Chefs, and helps make the code more readable

• Exclude rules that do not apply• Not everyone is the same – some tests won’t work for your organization or for Chef code

• Run against static code, so tests are very fast (<5 seconds to run)

Code Correctness

Food CriticTest Your “Chef Style”

• Flag problems that might cause your Chef cookbooks to fail on convergeFC010: Invalid search syntax

• Identify style/convention that has been adopted by the Chef communityFC004: Use a service resource to start and stop services

• Create custom rules for your own organization’s compliance/standardsCOMP001: Do not allow recipes to mount disk volumes

• Run against static code, so tests are very fast (<5 seconds to run)

Code Correctness

ChefSpec Simulate Chef

• Did I send a properly formed piece of code to Chef?• Especially important if there is mutability in your code

• This can cover things like feature flags, or behavior that changes on a per-OS basis

• "If on Debian-based Linux I need to install package apache2, but on EL variants I need to install package httpd.”

• Tests are very fast to run• Even with simple code, it is useful for new Chefs to find simple errors

quickly

• Useful for regression testing – to make sure new changes don’t break stuff that worked before.

Unit Tests

Test KitchenLet’s do this (almost) for real

• “Signal Out” testing for Chef code• Just because I said something and it was interpreted correctly, doesn't mean that

what I said is what I meant.

• Executes your Chef code on an actual, factual node• These nodes should be disposable (local virtualization – VMs /

Containers, cloud instances, etc.)• Use any number of “signal out” testing products to ensure expected

results• BATS

• ServerSpec

• Can pull in other cookbook dependencies as well, and execute against a machine that looks the same as your standard image

Deploy sample environments

Infrastructure Change Control PipelineChange/Feature

Request

Change Complete

Write/Modify Unit TestWrite/Modify Cookbook

CodeLint, Run Unit Tests Pass?

Push feature/hotfix branch to Git

Merge to Master, Release Artifact to Chef Server

Update EnvironmentPass &

Approved?

Autobuild: Lint, Run Unit Tests, Run

Integration Tests

De

vel

op

er

Wo

rks

tati

on

Co

nti

nu

ou

s In

teg

rati

on

&

Git

Sys

tem

s

Human Review of Pull Requests

Demo Time

Thank You

Alex ManlyEmail: am@chef.ioTwitter: @apmanly