Portion of servers please, or how to start deployment with Opscode Chef
Most of the Russian articles on ( Opscode Chef ) that I came across contained excerpts from a cookbook and the story "What a cool thing Chef." And that's all. Like, look how I can! What and how to do with it is not clear. The official site has a detailed wiki. But in her, IMHO, it's easy to get lost. A simple manual “how to make an elementary work” found only in the form of a video, based on which this article was born.
If you have 5 servers, they need to be installed extremely rarely, then a couple of hands will be enough. You can also put / etc in Git or SVN, be sure to make regular backups and live in peace. To automate the application's deploys, the one that admin is best at, even if it is a simple script in bash / python / ruby, or capistrano / fabric / etc.
If there are more than a dozen machines, moreover, similar or identical, then the scripts are already quite complicated. Capistrano / fabric - gives some convenience, parallel launch on multiple servers, but you still have to write the logic yourself. It is convenient to deploy with them, especially the application in the same language, but not to configure or set up. Here you need to either build your own “crutches”, or, which is easier, take it ready.
From the Chief, I unlocked to the last, until I ran into the following. Let us have n identical servers, and / etc all in the same repository branch. Changed the nginx config. It is necessary to apply the changes on all other machines. How? For example, take dsh:
Here, in principle, you can add "/etc/init.d/nginx reload" and update everything, everywhere and immediately. But for prodakshina this is no good. Yes, and local users interruptions are not very pleasant. Everything else, there is still a supervisor, postgres, mongodb and many other services with which the same story. At a minimum, you have to do a script to reload each. In general, "crutches" are obtained.
And the Chief is just for this intended. Changed the config, it scattered throughout the farm, the necessary (and only necessary) services were overloaded. Plus abstraction from the * nix version, and MS, it seems, is supported. For configs, there are templates that are “assembled” depending on server parameters. In general, a lot of tasty. By the way, on the current project are used all at once: a couple of scripts on bash, fabric and Chef.
Closer to practice. Let's write from scratch and write down a simple kookbook installation nginx, at the same time we will understand. First you need a test machine with sudo. The instruction is designed for Ubuntu 11.10, but should fit any * nix.
Chef is written in Ruby. And Ruby is more convenient to install via Ruby Version Manager (RVM) .
On my machine, from the normal user:
Next, relogin, or open a new terminal (to reboot the bash profile).
RVM puts both itself and hack into ~ / .rvm if it is not run as root. The system does not get dirty, and easy to remove, if that.
We put Chef solo. You can also install from packages, but rubygems is a more “native” method, independent of the package manager.
There are 3 Chef configurations:
Configuring:
This will create the solodemo folder:
This is the so-called. "kitchen". In fact, a kind of simplified version of Chef Server, only on the local file system.
')
Create a kookbook to install nginx.
This is also a folder. We look.
Recipe (recipe) - a script that describes what should be done. Both Ruby and Bash, Perl, Python, csh inserts are supported.
There may be several recipes, but the “default” is executed if you do not specify any particular (when calling the Kukbook).
Add to recipes / default.rb
We save.
“Package” here is a resource. View a list of embedded resources on the wiki . They can be supplemented and expanded right in the cookbooks, if necessary. The language in which the recipients are written is Ruby DSL . The logic is built from the reverse. We simply say that the “nginx” package must be installed on the server. And Chef makes sure that it does what is required. In principle, the same can be described in any other language. But there are a lot of handy things, as they say, out of the box. Of course, there are nuances. For example, with packages, it is important to set the name correctly. So, for apache you need to write a condition, since in RPM-based distributions it is httpd, in Debian it is apache2.
Next, go to the test server and set the hostname. This is important because Chef distinguishes nodes by it.
and add to / etc / hosts
Checking:
If the answer "testserver.example.com" - everything is fine. No - rule / etc / hosts.
Now, from the local machine from the solodemo folder:
We'll have to wait a bit and maybe enter a password for sudo. Prepare will install chef-client, which will accept commands.
A file of the type testserver.example.com.json should appear in the nodes folder. We write to it:
That is, you need to run the kookbook “nginx”, or rather, the recipe “default” from it.
Then
Yes, dancing around one nginx is a lot. But for trivial tasks there are kukbuki, and they are quite flexible and well thought out. And for non-trivial - once written, the book allows the installation to be fully automated, and is a kind of documentation. In order to understand and describe the installation of the first server, I spent a week, but the installation from scratch now takes 20 minutes. How often is this necessary? Not yet. But configuring now is a pleasure. And if you still write documentation, so why not do it right away at Chef? Yes, and the customer can pick up and “touch” everything on his virtual machine with the help of a couple of commands.
I decided not to overload the article with information. This is still more of a guide. But the terms are referenced so that anyone is interested - easily found.
Part one. Ideological. What for.
If you have 5 servers, they need to be installed extremely rarely, then a couple of hands will be enough. You can also put / etc in Git or SVN, be sure to make regular backups and live in peace. To automate the application's deploys, the one that admin is best at, even if it is a simple script in bash / python / ruby, or capistrano / fabric / etc.
If there are more than a dozen machines, moreover, similar or identical, then the scripts are already quite complicated. Capistrano / fabric - gives some convenience, parallel launch on multiple servers, but you still have to write the logic yourself. It is convenient to deploy with them, especially the application in the same language, but not to configure or set up. Here you need to either build your own “crutches”, or, which is easier, take it ready.
From the Chief, I unlocked to the last, until I ran into the following. Let us have n identical servers, and / etc all in the same repository branch. Changed the nginx config. It is necessary to apply the changes on all other machines. How? For example, take dsh:
dsh -r ssh -c -M -m node1 -m node2 -m nodeN -- 'cd /etc && sudo git pull' Here, in principle, you can add "/etc/init.d/nginx reload" and update everything, everywhere and immediately. But for prodakshina this is no good. Yes, and local users interruptions are not very pleasant. Everything else, there is still a supervisor, postgres, mongodb and many other services with which the same story. At a minimum, you have to do a script to reload each. In general, "crutches" are obtained.
And the Chief is just for this intended. Changed the config, it scattered throughout the farm, the necessary (and only necessary) services were overloaded. Plus abstraction from the * nix version, and MS, it seems, is supported. For configs, there are templates that are “assembled” depending on server parameters. In general, a lot of tasty. By the way, on the current project are used all at once: a couple of scripts on bash, fabric and Chef.
Closer to practice. Let's write from scratch and write down a simple kookbook installation nginx, at the same time we will understand. First you need a test machine with sudo. The instruction is designed for Ubuntu 11.10, but should fit any * nix.
2. Installation and configuration
Chef is written in Ruby. And Ruby is more convenient to install via Ruby Version Manager (RVM) .
On my machine, from the normal user:
bash -s stable < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer) Next, relogin, or open a new terminal (to reboot the bash profile).
rvm install 1.9.2 rvm use 1.9.2 --default RVM puts both itself and hack into ~ / .rvm if it is not run as root. The system does not get dirty, and easy to remove, if that.
We put Chef solo. You can also install from packages, but rubygems is a more “native” method, independent of the package manager.
gem install knife-solo There are 3 Chef configurations:
- Solo - gives you the opportunity to run Kukbuk.
- Server - centralized repository for kukbooks, data about servers, search by them, web-interface.
- Client - runs on a managed machine.
Configuring:
cd ~ knife configure -r . --defaults 3. Kitchen, cookbook and knife
knife kitchen solodemo This will create the solodemo folder:
cd solodemo tree . |-- cookbooks - . . |-- data_bags - (, , , ). |-- nodes - (). |-- roles - . . , Apache , MySQL . |-- site-cookbooks `-- solo.rb This is the so-called. "kitchen". In fact, a kind of simplified version of Chef Server, only on the local file system.
')
Create a kookbook to install nginx.
cd solodemo knife cookbook create nginx -o cookbooks This is also a folder. We look.
cd cookbooks tree . |-- attributes |-- definitions |-- files | `-- default |-- libraries |-- metadata.rb |-- providers |-- README.md |-- recipes - " ". default.rb , . . | `-- default.rb |-- resources `-- templates - ERB. `-- default Recipe (recipe) - a script that describes what should be done. Both Ruby and Bash, Perl, Python, csh inserts are supported.
There may be several recipes, but the “default” is executed if you do not specify any particular (when calling the Kukbook).
Add to recipes / default.rb
package "nginx" We save.
“Package” here is a resource. View a list of embedded resources on the wiki . They can be supplemented and expanded right in the cookbooks, if necessary. The language in which the recipients are written is Ruby DSL . The logic is built from the reverse. We simply say that the “nginx” package must be installed on the server. And Chef makes sure that it does what is required. In principle, the same can be described in any other language. But there are a lot of handy things, as they say, out of the box. Of course, there are nuances. For example, with packages, it is important to set the name correctly. So, for apache you need to write a condition, since in RPM-based distributions it is httpd, in Debian it is apache2.
Next, go to the test server and set the hostname. This is important because Chef distinguishes nodes by it.
hostname testserver.example.com echo "testserver.example.com" > /etc/hostname and add to / etc / hosts
10.10.10.10 testserver.example.com Checking:
hostname -f If the answer "testserver.example.com" - everything is fine. No - rule / etc / hosts.
Now, from the local machine from the solodemo folder:
knife prepare ubuntu@testserver.example.com We'll have to wait a bit and maybe enter a password for sudo. Prepare will install chef-client, which will accept commands.
A file of the type testserver.example.com.json should appear in the nodes folder. We write to it:
{ "run_list": ["recipe[nginx]"] } That is, you need to run the kookbook “nginx”, or rather, the recipe “default” from it.
Then
knife cook ubuntu@testserver.example.com Everything.findings
Yes, dancing around one nginx is a lot. But for trivial tasks there are kukbuki, and they are quite flexible and well thought out. And for non-trivial - once written, the book allows the installation to be fully automated, and is a kind of documentation. In order to understand and describe the installation of the first server, I spent a week, but the installation from scratch now takes 20 minutes. How often is this necessary? Not yet. But configuring now is a pleasure. And if you still write documentation, so why not do it right away at Chef? Yes, and the customer can pick up and “touch” everything on his virtual machine with the help of a couple of commands.
I decided not to overload the article with information. This is still more of a guide. But the terms are referenced so that anyone is interested - easily found.
Links
- Video by Matt Schaeffer , for which his immense gratitude. :) It is advisable to watch all the episodes at once.
- Repository with official kukbukami. They can draw a lot, or use fully.
- Site and Wiki by Chef.
Source: https://habr.com/ru/post/140596/
All Articles