![Page 2: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/2.jpg)
A word about Best Practices
Best practices themselves are subjective.
Chef is flexible and you can make it do what you want.
![Page 3: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/3.jpg)
Infrastructure as Code
Enable reconstruction of the business from nothing but a source code repository, application data backup and bare metal resources.
![Page 4: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/4.jpg)
Infrastructure as Code
Code is tracked with version control.
Everything we do is in code.
Everything is checked into version control.
![Page 5: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/5.jpg)
Chef Repository
Very simply, the Chef Repository is a version controlled directory that contains cookbooks and other components relevant to Chef.
It contains Infrastructure as Code.
![Page 6: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/6.jpg)
Documenting Your Infrastructure
Spiceweasel is a tool for generating knife commands to build infrastructure from a simple YAML or JSON file.
• Documents all dependencies
• Preserves ordering of deploys
• Not an official Chef tool
• http://bit.ly/spcwsl
![Page 7: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/7.jpg)
Spiceweaselcookbooks:- apache2: - 0.99.4- apt: - 1.1.2- mysql: - 1.0.5- glance:- nova:- openssl: - 1.0.0- rabbitmq: - 1.2.1data bags:- openstack: - glance - novaroles:- glance-single-machine:- nova-multi-compute:- nova-multi-controller:nodes:- controller: - role[nova-multi-controller] - -i ~/.ssh/mray.pem -x user --sudo -d ubuntu10.04-gems- compute: - role[nova-multi-compute] - -i ~/.ssh/mray.pem -x user --sudo -d ubuntu10.04-gems
![Page 8: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/8.jpg)
Git vs. Traditional VCS
Decentralized Development
Vendor Branching
Parallel Deployments
Stable Releases with Hotfixes
![Page 9: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/9.jpg)
Code sample
Gitflow
![Page 10: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/10.jpg)
Git
Learn by doing.
It's hard to fake.
Lean into it.
![Page 11: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/11.jpg)
Touchless Infrastructure
Modifying configuration machines by hand is "doing it wrong".
• Not tracked in version control.
• If it's a Chef-managed Resource, it will get undone.
![Page 12: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/12.jpg)
Nodes are Ephemeral
Do not configure individual nodes, use Roles.
• Nodes are ephemeral, they may not always exist.
• Nodes aren't stored in version control, Roles are.
![Page 13: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/13.jpg)
Start from Scratch
Do not delete or remove Resources, start from scratch.
• Reusing nodes is asking for trouble, since you don't know previous state.
• Reprovisioning servers is cheap.
![Page 14: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/14.jpg)
Hard Coding
Do not use hard-coded IPs or hostnames, use search.
• Nodes are ephemeral, they may not always exist.
• Leverage the search capabilities of Chef.
![Page 15: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/15.jpg)
Golden Images
Golden images are an anti-pattern.
• Tracking contents of images before they are managed is unnecessary effort.
• Start every node from a known minimal state.
• Caching is your friend.
![Page 16: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/16.jpg)
Environments
Environments are how we manage versioned infrastructures with Chef.
Different infrastructures such as production, staging, development, and testing managed from one Chef repository.
![Page 17: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/17.jpg)
Environments
Control the flow of Cookbooks
• Development->QA->Production
• Freeze from change
• RBAC restrict who can deploy where
Role runlists tied to Environments
Environment attributes to override settings
![Page 18: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/18.jpg)
Lean on the Community
The Chef Community is very friendly, don't be afraid to ask for help!
• IRC (200+ people)
• Mailing lists are active.
• Lots of GitHub activities.
![Page 19: Common Challenges in DevOps Change Management](https://reader033.vdocuments.mx/reader033/viewer/2022052822/554f65f9b4c905bb178b4a64/html5/thumbnails/19.jpg)
Questions
Matt Ray
Twitter/IRC/GitHub: mattray