VMware + ChefA VMworld Workshop
CONFIDENTIAL 2
Agenda
1 What is Chef?
2 Benefits of Infrastructure as Code
3 Installing Chef DK
4 Building Blocks of Chef
5 Chef Tools and Testing
6 Chef VMware Integrations
7 Hands On with vCloud Air
8 Q&A
CONFIDENTIAL 3
Introduction
• Curtis Stewart
• Consultant for the DevOps by VMware Professional Services group
• 4+ years working with DevOps practices and Chef
• Automation Enthusiast
• Open Source Contributor
About Us: VMware DevOps Consulting Services
Build and deliver applications sooner
Fuel innovation and accelerate time to market
Transform your enterprise to support high velocity, modern application development
Deploy an agile future-ready datacenter where any app can thrive
CONFIDENTIAL 4
Developer friendly. Enterprise ready.
• Assessment • Strategy development• People, process & technology
transformation for• Continuous delivery• Configuration management • Cloud operations
• Security & resilience optimization
Our team of dedicated DevOps experts provide:
CONFIDENTIAL 5
Chef
• Chef is a configuration management tool
– Infrastructure as code
• Composed of various components
– Chef Server
– chef-client
– Nodes
– Cookbooks• Resources
• Recipes
– Workstation
CONFIDENTIAL 6
Benefits – Infrastructure as Code
• Rebuild your entire system from a code repository, data backups, and compute resources
• Programmatically provision and configure components
• Limits the needs for full instance backups
• Provides the ability to keep base images lightweight
• Executable documentation
CONFIDENTIAL 7
Lab 1: Quick Tour of Chef
• In this lab you will:– Install the Chef Development Kit
– Sign up for hosted Chef
– Verify connection to Chef server
• This will demonstrate:– Setting up your workstation for Chef development
– Overview of core components of Chef
CONFIDENTIAL 8
Lab 1: Quick Tour of Chef - Script
https://github.com/vmwaredevops/vmworld-chef-repo
CONFIDENTIAL 9
Lab 1: Quick Tour of Chef – ChefDK Installation
• Chef Downloads Page– https://downloads.chef.io/chef-dk/
• Chef Development Kit is easiest way to get started
• Most common Chef tools all bundled together
• Install latest version – v0.7.0 – for your platform
• Once package is downloaded, run the installer
CONFIDENTIAL 10
Lab 1: Quick Tour of Chef – Hosted Chef Signup
• Signup for a free trial of hosted Chef– https://manage.chef.io/signup/
• Click Create New Organization
• Enter full name and short name for your organization
• Click Create Organization
CONFIDENTIAL 11
Lab 1: Quick Tour of Chef – Chef User Key
• Navigate to the Administration panel and select Users from the left menu.
• Select your user, then click "Reset Key" from that Actions menu.
• Click "Reset Key" to download your key.
• Add downloaded user pem to:– /vmworld-chef-repo/.chef/[username].pem
CONFIDENTIAL 12
Lab 1: Quick Tour of Chef – Knife Setup
• Copy /vmworld-chef-repo/.chef/knife.rb.example to:
– ./vmworld-chef-repo/.chef/knife.rb
• Replace the following values with your signup information:
– INSERT_CHEF_USERNAME
– INSERT_CHEF_ORG_SHORTNAME
CONFIDENTIAL 13
Lab 1: Quick Tour of Chef – Cookbook Upload
• Upload your cookbook to the Chef server using knife
• This will also verify that out knife.rb file has been properly updated
CONFIDENTIAL 14
Lab 1: Quick Tour of Chef – ChefDK Verification
• Open Terminal (Mac) or PowerShell Console (Windows)
• Execute $ chef verify– Tests the embedded ChefDK applications
CONFIDENTIAL 15
Chef Components: Cookbook
• A cookbook is a collection of recipes
• Cookbooks are typically designed to be composable so you can pick and choose the pieces you need
CONFIDENTIAL 16
Chef Components: Resources and Recipes
• A resource is one of the most basic components of the Chef ecosystem– Examples of a resource: package, file, service
– Resources are defined using attributes and actions
• Recipes are a compilation of resources
• Resources within a recipe are executed sequentially
CONFIDENTIAL 17
Chef – Workstation / Server / Node / Chef-Client / Knife
• Your Chef workstation is where you’ll install the Chef DK to develop and test cookbooks as well as interact with the Chef server APIs
• The Chef Server is a centrally managed host for storing your configuration data and node objects– All of this data is indexed and completely searchable via RESTful APIs
– Chef Server available in two flavors• Hosted Chef – Centrally administered server hosted by Chef, Inc.• Open Source – Installable version to run on local infrastructure
• A node is any physical, virtual, or cloud machine that is managed by the chef-client
• The chef-client is an agent that’s installed on all nodes that actually performs the configurations
• Knife is a command line tool that provides an interface between local chef components and the Chef server
CONFIDENTIAL 18
Chef – Tools and Testing
• Test-Kitchen– Testing framework
– Supports multiple drivers including vSphere, vCloud Air and many more
• Berkshelf– Dependency manager for cookbooks
– Supports multiple sources including Chef Supermarket, repositories, local paths
• ChefSpec– Unit testing framework
– Fast feedback
• Serverspec– Integration testing framework
– Verifies end state of system is what we expected
CONFIDENTIAL 19
VMware + Chef Integration
• There are many products of VMware that Chef integrates with through various plugins
vCloud Airknife-vcairkitchen-vcair
VMware vSphereknife-vspherechef-provisioning-vsphere
vRealize Automationknife-vrealizekitchen-vravRO Chef Server Workflows
VMware Integrated OpenStackknife-openstackkitchen-openstack
VMware Fusion / Workstation Vagrant Plugins
VMware ESXi knife-esx
CONFIDENTIAL 20
VMware + Chef: vCloud Air
• knife-vcair– Create, bootstrap, and manage vCloud Air compute
instances
– List networks and templates
– Supports OnDemand and Subscription services
• kitchen-vcair– Test Kitchen driver for developing and testing cookbooks
against vCloud Air
– Currently supports Subscription services
CONFIDENTIAL 21
Lab 2: Chef + vCloud Air
• In this lab you will:– Install the knife-vcair plugin
– Configure knife with your vCloud Air endpoint
– Create and bootstrap a vCloud Air VM using your cookbook
• This will demonstrate:– Provisioning a VM in vCloud Air through Chef tools
– Bootstrapping your cookbook on your new VM
CONFIDENTIAL 22
Lab 2: Chef + vCloud Air – knife-vcair
$ chef exec gem install knife-vcair
CONFIDENTIAL 23
Lab 2: Chef + vCloud Air – knife.rb
knife[:vcair_username] = “[email protected]”
knife[:vcair_password] = “VMware123!”
CONFIDENTIAL 24
Lab 2: Chef + vCloud Air – Create VM
$ knife vcair server create \
--ssh-password vmworld2015 \
--image "CentOS64-64BIT" \
--node-name YOURNAME-chef-node \
--customization-script bootstrap/install-linux-vcair-example.sh \
--run-list 'recipe[hello_vmworld::default]' \
--ssh-gateway [email protected] \
--fog-version 1.33.0 \
--vcair-net chef-routed-network \
--no-host-key-verify
CONFIDENTIAL 25
Lab 2: Chef + vCloud Air
CONFIDENTIAL 26
VMware + Chef: vSphere
• knife-vsphere– Integrates with your existing vSphere vCenter installation
– List, clone, delete, snapshot VMs via knife
– List datastores, resource pools and clusters.
– Execute commands on running VMs
– When cloning a VM, can interact with a customization specs to customize vCPUs, vRAM, IPs, hostname, etc at VM creation.
• chef-provisioning-vsphere– Use machine resources to declare the topology of your
app – machines and recipes to run on them
– Includes Test Kitchen driver to test your cookbooks on your existing vSphere vCenter installation
CONFIDENTIAL 27
VMware + Chef: Chef Provisioning Example
CONFIDENTIAL 28
VMware + Chef: vRealize Suite
• kitchen-vra– A driver to allow Test Kitchen to consume vRealize Automation (vRA) resources to perform testing
• knife-vrealize– Knife plugin that interacts with vRA and vRealize Orchestrator (vRO)
– List catalogs, servers
– Display detailed server information
– Create servers from catalog blueprints
– Execute vRO workflows
• vRO Chef Server Workflows– vRO plugin installed to vRO directly
– Interfaces directly with Chef Server REST API
CONFIDENTIAL 29
VMware + Chef: VIO
• knife-openstack– Create, bootstrap, and manage OpenStack compute
instances
– List networks, floating IPs, security groups, images, snapshots, volumes, flavors
• kitchen-openstack– Test Kitchen driver for testing your cookbooks on
OpenStack cloud resources instead of your workstation
– Supports various configurations including block device mappings, network settings, security groups
CONFIDENTIAL 30
VMware + Chef: Fusion and Workstation
• Vagrant is a free and open-sorce tool used to quickly spin up & down new development environments, locally, on your workstation or laptop.
• Used for development to test automation or deployments of new software, or in Chef’s case: cookbooks.
• The vagrant plugin for VMware Fusion/Workstation is a pay for add on for the free vagrant– Vagrant uses local hypervisor on your workstation
(VirtualBox, etc.)
– Vagrant VMware Fusion/Workstation plugin allows Vagrant to use VMware products, which are faster and more stable
– VMware Vagrant plug-ins are a commercial offering from HashiCorp
• http://www.vagrantup.com
CONFIDENTIAL 31
VMware + Chef: ESXi
• knife-esx– Interacts with your solo, or non managed ESXi host.
– Uses knife & fog to interact with APIs presented on the ESXi host.
– Can list, delete and clone VMs on a single ESXi host.
– Installs (bootstraps) Chef & makes it part of a Chef server and, additionally, can be configured to add the new node to specific environments and/or roles on your Chef server.
– Community maintained & under active development @ https://github.com/maintux/knife-esx
CONFIDENTIAL 32
Questions?
…comments…and thank you!