chef infrastructure as code - paris.rb

Infrastructure as codewith Chef

<Nicolas Ledez>

Orange Business Service

IT&L@bs

IT&L@bsGit

Ruby

Cloud

Architecture

Human coders news / Ruby

http://rennesdevops.fr/

@Rennesdevops

https://groups.google.com/forum/#!forum/rennesdevops

@nledez

</Nicolas Ledez>

DevOps ?

Avec du "Opscode" dedans

Chef ?

http://www.vectorarts.net/people/free-woman-chef-tree-vector-graphics/

Il faut (pour faire comme moi)

Un Mac (sinon lis la doc)

Ruby (avec rbenv, rvm, pik, ce que tu veux)

Virtual Box (Sinon c'est plus cher et + dur)

Installation

% gem install chef --no-ri --no-rdocSuccessfully installed chef-11.4.41 gem installed

Création d'un compte

https://community.opscode.com

/users/new

Les fichiers

Ça vous donne :===== .chef/knife.rb current_dir = File.dirname(__FILE__) log_level :info log_location STDOUT node_name "nledez-demo" client_key "#{current_dir}/nledez-demo.pem" validation_client_name "nledez-demo-validator" validation_key "#{current_dir}/nledez-demo-validator.pem" chef_server_url "https://api.opscode.com/organizations/nledez-demo" cache_type 'BasicFile' cache_options( :path => "#{ENV['HOME']}/.chef/checksums" ) cookbook_path ["#{current_dir}/../cookbooks"]

Et aussi :

===== .chef/nledez-demo-validator.pem -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAtuj2RaZHccGQzTVo++ZMdO9NHhmOM+KjtBe5xdKcsRjdeJBZ DxcYt+gf/blIsf5V/MVt5WJDdaovwEXddwUnpnIAtKClOKqq7TZ0j6Z9LGmgSZ3X dRPYb7J3SvVgJCc3RIjvw5lBF1QANHZTMrymUptvJZQkqn9YstYrY128HaBJJqux m4dRFTuOZtEfM7PTioeyMg95WJkH3qrtz7ndsx/X1dUUOAl5xalj3g== -----END RSA PRIVATE KEY-----

Et enfin :

===== .chef/nledez-demo.pem -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAwCOC8jpxa+wqNsOKmwpwXyODDVLMkrO74LyK0vH1Rsn/MHO8 YAS/TNtj36Y/B/0sZSJSw1KEI99vie36M61XxVMytJRTGvOKHAx4HkHm+gdz5vi1 2JhkYo5JRCMzBXeMXgcrh8IDeUmdrjb2P/4yBYLPZrSSjwypbRrfB/Yx8cOZ9XKV JZYBAoGANwZ157/Afyus7ZIb5Rh3iCxCPqJKtmo257gh4Yzbv/MEcStI2Ync3k04 mCQ6MlSCH4XaEg6NhMDBy/ahnJ3gf8wzPsxDYbVMCgai9/RRxRJ5DTgDkyDma6f/ fbd1ldFNWrAyix7mOsIPLElEyYczVoYZDJsMf9EETwbvUArrcOo= -----END RSA PRIVATE KEY-----

Ça donne :% for i in node client cookbook environment role ; do echo "===== $i:" knife $i listdone===== node:!===== client:nledez-demo-validator===== cookbook:!===== environment:_default===== role:

Un repo tout prêt

% cd /mon/repertoire/de/chef% lsGemfile Gemfile.lock README.md% git clone https://github.com/opscode/chef-repo.gitCloning into 'chef-repo'...remote: Counting objects: 209, done.remote: Compressing objects: 100% (126/126), done.remote: Total 209 (delta 75), reused 170 (delta 49)Receiving objects: 100% (209/209), 35.05 KiB, done.Resolving deltas: 100% (75/75), done.

Pour le compléter% cd chef-repo% lsLICENSE Rakefile chefignore cookbooks environmentsREADME.md certificates config data_bags roles% rm -rf .git% mv README.md ../README-chef.md # Si vous voulez garder votre README.md d'origine% mv * ..mv .gitignore ..% cd ..% git add .gitignore *% git commit -m "Add a clean chef repo"[master 2e7e758] Add a clean chef repo11 files changed, 545 insertions(+), 1 deletion(-)create mode 100644 LICENSEcreate mode 100644 README-chef.mdcreate mode 100644 Rakefilecreate mode 100644 certificates/README.mdcreate mode 100644 chefignorecreate mode 100644 config/rake.rbcreate mode 100644 cookbooks/README.mdcreate mode 100644 data_bags/README.mdcreate mode 100644 environments/README.mdcreate mode 100644 roles/README.md

Premier CookbookEn mode TDD

TDD ?

Création du cookbook% knife cookbook create nginx_unicorn% git status# On branch master# Untracked files:# cookbooks/nginx_unicorn/% git add cookbooks/nginx_unicorn ; git commit -m "Fresh nginx_unicorn cookbook"[master 5be0d84] Fresh nginx_unicorn cookbook4 files changed, 95 insertions(+)create mode 100644 cookbooks/nginx_unicorn/CHANGELOG.mdcreate mode 100644 cookbooks/nginx_unicorn/README.mdcreate mode 100644 cookbooks/nginx_unicorn/metadata.rbcreate mode 100644 cookbooks/nginx_unicorn/recipes/default.rb

Sanity checks

% bundle exec foodcritic cookbooks/nginx_unicornFC008: Generated cookbook metadata needs updating: cookbooks/nginx_unicorn/metadata.rb:2FC008: Generated cookbook metadata needs updating: cookbooks/nginx_unicorn/metadata.

Édition des metadatas% cd cookbooks/nginx_unicorn% vi metadata.rb # Ou l'éditeur texte que vous voulez

name 'nginx_unicorn'maintainer 'YOUR_COMPANY_NAME'maintainer_email 'YOUR_EMAIL'license 'All rights reserved'description 'Installs/Configures nginx_unicorn'long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))version '0.1.0'

Les correctionsname 'nginx_unicorn'maintainer 'Ledez Incorporated'maintainer_email 'yes-I-love@spam.com'license 'All rights reserved'description 'Installs/Configures nginx & unicorn'long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))version '0.1.0'

% bundle exec foodcritic .

Premier lancement de tests

% bundle exec knife cookbook create_specs nginx_unicorn** Creating specs for cookbook: nginx_unicorn% bundle exec rspec --color*!Pending:nginx_unicorn::default should do something# Your recipe examples go here.# ./spec/default_spec.rb:5!Finished in 0.00045 seconds1 example, 0 failures, 1 pending

Le testrequire 'chefspec'!describe 'nginx_unicorn::default' do  let (:chef_run) { ChefSpec::ChefRunner.new.converge 'nginx_unicorn::default' }  it 'should do something' do    pending 'Your recipe examples go here.'  endend

it 'should deploy nginx' do  runner = expect(chef_run)!  runner.to install_package "nginx"end

Le test KO% bundle exec rspec --colorCompiling Cookbooks...F!Failures:!1) nginx_unicorn::default should deploy nginxFailure/Error: runner.to install_package "nginx"No package resource named 'nginx' with action :install found.# ./spec/default_spec.rb:8:in `block (2 levels) in '!Finished in 0.00393 seconds1 example, 1 failure!Failed examples:!rspec ./spec/default_spec.rb:5 # nginx_unicorn::default should deploy nginx

Le code

## Cookbook Name:: nginx_unicorn# Recipe:: default## Copyright 2013, Ledez Incorporated## All rights reserved - Do Not Redistribute#package "nginx" do  action :installend

Qui passe vert

% bundle exec rspec --colorCompiling Cookbooks....!

Finished in 0.00429 seconds1 example, 0 failures

Démo

QR ?

Merci

@nledez nicolas.ledez.net