Download - Chef infrastructure as code - paris.rb
Infrastructure as codewith Chef
<Nicolas Ledez>
Orange Business Service
IT&L@bs
IT&L@bsGit
Ruby
Cloud
Architecture
Human coders news / Ruby
http://rennesdevops.fr/
@Rennesdevops
https://groups.google.com/forum/#!forum/rennesdevops
@nledez
</Nicolas Ledez>
DevOps ?
Avec du "Opscode" dedans
Chef ?
http://www.vectorarts.net/people/free-woman-chef-tree-vector-graphics/
Il faut (pour faire comme moi)
Un Mac (sinon lis la doc)
Ruby (avec rbenv, rvm, pik, ce que tu veux)
Virtual Box (Sinon c'est plus cher et + dur)
Installation
% gem install chef --no-ri --no-rdocSuccessfully installed chef-11.4.41 gem installed
Création d'un compte
https://community.opscode.com
/users/new
Les fichiers
Ça vous donne :===== .chef/knife.rb current_dir = File.dirname(__FILE__) log_level :info log_location STDOUT node_name "nledez-demo" client_key "#{current_dir}/nledez-demo.pem" validation_client_name "nledez-demo-validator" validation_key "#{current_dir}/nledez-demo-validator.pem" chef_server_url "https://api.opscode.com/organizations/nledez-demo" cache_type 'BasicFile' cache_options( :path => "#{ENV['HOME']}/.chef/checksums" ) cookbook_path ["#{current_dir}/../cookbooks"]
Et aussi :
===== .chef/nledez-demo-validator.pem -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAtuj2RaZHccGQzTVo++ZMdO9NHhmOM+KjtBe5xdKcsRjdeJBZ DxcYt+gf/blIsf5V/MVt5WJDdaovwEXddwUnpnIAtKClOKqq7TZ0j6Z9LGmgSZ3X dRPYb7J3SvVgJCc3RIjvw5lBF1QANHZTMrymUptvJZQkqn9YstYrY128HaBJJqux m4dRFTuOZtEfM7PTioeyMg95WJkH3qrtz7ndsx/X1dUUOAl5xalj3g== -----END RSA PRIVATE KEY-----
Et enfin :
===== .chef/nledez-demo.pem -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAwCOC8jpxa+wqNsOKmwpwXyODDVLMkrO74LyK0vH1Rsn/MHO8 YAS/TNtj36Y/B/0sZSJSw1KEI99vie36M61XxVMytJRTGvOKHAx4HkHm+gdz5vi1 2JhkYo5JRCMzBXeMXgcrh8IDeUmdrjb2P/4yBYLPZrSSjwypbRrfB/Yx8cOZ9XKV JZYBAoGANwZ157/Afyus7ZIb5Rh3iCxCPqJKtmo257gh4Yzbv/MEcStI2Ync3k04 mCQ6MlSCH4XaEg6NhMDBy/ahnJ3gf8wzPsxDYbVMCgai9/RRxRJ5DTgDkyDma6f/ fbd1ldFNWrAyix7mOsIPLElEyYczVoYZDJsMf9EETwbvUArrcOo= -----END RSA PRIVATE KEY-----
Ça donne :% for i in node client cookbook environment role ; do echo "===== $i:" knife $i listdone===== node:!===== client:nledez-demo-validator===== cookbook:!===== environment:_default===== role:
Un repo tout prêt
% cd /mon/repertoire/de/chef% lsGemfile Gemfile.lock README.md% git clone https://github.com/opscode/chef-repo.gitCloning into 'chef-repo'...remote: Counting objects: 209, done.remote: Compressing objects: 100% (126/126), done.remote: Total 209 (delta 75), reused 170 (delta 49)Receiving objects: 100% (209/209), 35.05 KiB, done.Resolving deltas: 100% (75/75), done.
Pour le compléter% cd chef-repo% lsLICENSE Rakefile chefignore cookbooks environmentsREADME.md certificates config data_bags roles% rm -rf .git% mv README.md ../README-chef.md # Si vous voulez garder votre README.md d'origine% mv * ..mv .gitignore ..% cd ..% git add .gitignore *% git commit -m "Add a clean chef repo"[master 2e7e758] Add a clean chef repo11 files changed, 545 insertions(+), 1 deletion(-)create mode 100644 LICENSEcreate mode 100644 README-chef.mdcreate mode 100644 Rakefilecreate mode 100644 certificates/README.mdcreate mode 100644 chefignorecreate mode 100644 config/rake.rbcreate mode 100644 cookbooks/README.mdcreate mode 100644 data_bags/README.mdcreate mode 100644 environments/README.mdcreate mode 100644 roles/README.md
Premier CookbookEn mode TDD
TDD ?
Création du cookbook% knife cookbook create nginx_unicorn% git status# On branch master# Untracked files:# cookbooks/nginx_unicorn/% git add cookbooks/nginx_unicorn ; git commit -m "Fresh nginx_unicorn cookbook"[master 5be0d84] Fresh nginx_unicorn cookbook4 files changed, 95 insertions(+)create mode 100644 cookbooks/nginx_unicorn/CHANGELOG.mdcreate mode 100644 cookbooks/nginx_unicorn/README.mdcreate mode 100644 cookbooks/nginx_unicorn/metadata.rbcreate mode 100644 cookbooks/nginx_unicorn/recipes/default.rb
Sanity checks
% bundle exec foodcritic cookbooks/nginx_unicornFC008: Generated cookbook metadata needs updating: cookbooks/nginx_unicorn/metadata.rb:2FC008: Generated cookbook metadata needs updating: cookbooks/nginx_unicorn/metadata.
Édition des metadatas% cd cookbooks/nginx_unicorn% vi metadata.rb # Ou l'éditeur texte que vous voulez
name 'nginx_unicorn'maintainer 'YOUR_COMPANY_NAME'maintainer_email 'YOUR_EMAIL'license 'All rights reserved'description 'Installs/Configures nginx_unicorn'long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))version '0.1.0'
Les correctionsname 'nginx_unicorn'maintainer 'Ledez Incorporated'maintainer_email '[email protected]'license 'All rights reserved'description 'Installs/Configures nginx & unicorn'long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))version '0.1.0'
% bundle exec foodcritic .
Premier lancement de tests
% bundle exec knife cookbook create_specs nginx_unicorn** Creating specs for cookbook: nginx_unicorn% bundle exec rspec --color*!Pending:nginx_unicorn::default should do something# Your recipe examples go here.# ./spec/default_spec.rb:5!Finished in 0.00045 seconds1 example, 0 failures, 1 pending
Le testrequire 'chefspec'!describe 'nginx_unicorn::default' do let (:chef_run) { ChefSpec::ChefRunner.new.converge 'nginx_unicorn::default' } it 'should do something' do pending 'Your recipe examples go here.' endend
it 'should deploy nginx' do runner = expect(chef_run)! runner.to install_package "nginx"end
Le test KO% bundle exec rspec --colorCompiling Cookbooks...F!Failures:!1) nginx_unicorn::default should deploy nginxFailure/Error: runner.to install_package "nginx"No package resource named 'nginx' with action :install found.# ./spec/default_spec.rb:8:in `block (2 levels) in '!Finished in 0.00393 seconds1 example, 1 failure!Failed examples:!rspec ./spec/default_spec.rb:5 # nginx_unicorn::default should deploy nginx
Le code
## Cookbook Name:: nginx_unicorn# Recipe:: default## Copyright 2013, Ledez Incorporated## All rights reserved - Do Not Redistribute#package "nginx" do action :installend
Qui passe vert
% bundle exec rspec --colorCompiling Cookbooks....!
Finished in 0.00429 seconds1 example, 0 failures
Démo
QR ?
Merci
@nledez nicolas.ledez.net
