Configuring chef Part-2

Lets recap what all we have done in the last blog :

1.) Setup workstation and chef-repo.
2.) Registered on chef to use hosted chef as the chef-server.
3.) Bootstrapped a node to be managed by the chef-server.
4.) Downloaded the “apache” cookbook in our chef-repo.
5.) Uploaded the “apache” cookbook to the chef-server.
6.) Added the recipe[apache] in the run-list of the node.
7.) Ran the chef-client on the client to apply the cookbook.

Now lets continue, and try to understand some more concepts around chef and see them in action.

Node Object
The beauty of chef is that it gives an object oriented approach to the entire configuration management.
The Node Object as the name suggests is an object of the class Node (http://rubydoc.info/gems/chef/Chef/Node).
The node object consists of the run-list and node attributes, which is a JSON file that is stored on the Chef server. The chef-client gets a copy of the node object from the Chef server and maintains the state of a node.

Attributes: :
An attribute is a specific detail about a node, such as an IP address, a host name, a list of loaded kernel modules, etc.

Data-bags:
Data bags are JSON files used to store the data essential across all nodes and not relative to particular cookbooks.
They can be accessed inside the cookbooks, attribute files using search. example: user profiles, groups, users, etc. Used by roles and environments, a persistence available across all the nodes.

Now, lets explore the node object and see the attributes and databags. We will also see how we can modify and set them.
First lets see what all nodes are registered with chef-server:

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife node list
aws-linux-node
aws-node-ubuntu
awsnode

Now lets see the details of the node awsnode.

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife node show awsnode
Node Name:   awsnode
Environment: _default
FQDN:        ip-172-31-36-73.us-west-2.compute.internal
IP:          172.31.36.73
Run List:    recipe[apache]
Roles:       
Recipes:     apache, apache::default
Platform:    redhat 7.0
Tags:        

Finding specific attributes : You can find the fqdn of the aws node.

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife node show awsnode -a fqdn
awsnode:
  fqdn: ip-172-31-36-73.us-west-2.compute.internal

Search : Search is one of the best features of chef, ‘Search’. Chef Server uses Solr for searching the node objects. So we can provide Solr style queries to search the Json node object attributes and data-bags.

Lets see how we can search all the nodes and see their fqdn (fully qualiifed domain name)

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife search node "*:*" -a fqdn
2 items found

node1:
  fqdn: centos63.example.com

awsnode:
  fqdn: ip-172-31-36-73.us-west-2.compute.internal

Changing the defaults using attributes
Lets try to change some defaults in our apache cookbook using the attributes.

In the /chef-repo/cookbooks/apache/attributes folder we can find the file default.rb (create if not)
Add the following :

default["apache"]["indexfile"]="index1.html"

Now go to the folder cookbooks/apache/files/default and make a file index1.html

<html>
<body>
<h1> Dude!! This is index1.html, it has been changed by chef!</h1>
</body>
</html>

The last thing we need to do get this working is change the recipe and tell it to pick the default index file from the node attribute ‘indexfile’ which we have just set.
So, open the file ‘cookbooks/apache/recipes/default.rb’ and append this:

cookbook_file "/var/www/index.html" do
 source node["apache"]["indexfile"]
 mode "0644"
end

Now upload the cookbook to the chef server using the command :

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife cookbook upload apache

And then go to the node, and run the chef-client

opscode@awsnode:~$ sudo chef-client

Now, hit the external IP of the node in the browser, and we can see the change.
So, we just now used the attribute to change the default index page of the apache server.

An important thing to note here is the precedence of setting attributes.
defaults in recipe take a precedence over the attributes, and Role takes precedence over the recipes.
The order of precedence is as follows:

Ohai > Role > Environment > Recipe > Attribute

Roles:
A Role tell us what a particular node is acting as, the type of the node, is it a “web server”, a “database” etc. The use of this feature is that we can associate the run_list with it.
So, instead of providing recipies as run_list to the node, We will associate the run_lists with a role and then apply this role to a node.

Creating a role:

knife create role webserver

Check if role is created:

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife role show webserver
chef_type:           role
default_attributes:
  apache:
    sites:
      admin:
        port: 8000
description:         Web Server
env_run_lists:
json_class:          Chef::Role
name:                webserver
override_attributes:
run_list:            recipe[apache]

This role we just created has added apache recipe in the run_list.

Assign this role to the node “awsnode”

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife node run_list add awsnode 'role[webserver]'
awsnode:
  run_list:
    recipe[apache]
    role[webserver]

Upload this role to the chef-server:

Anirudhs-MacBook-Pro:chef-repo anirudh$ knife role from file webserver.rb

Now run chef-client on the node.

Environment:
Environment means a QA, dev or a Production environment.
We can assign a node any environment, and then apply some environment specific attributes.
It is a mere tagging of nodes, environment attributes DOES NOT supersede role attributes.

In the coming blogs we will see how we can use define dev, QA, production environments, apply different roles to nodes, configure attributes and data-bags and make a complete eco-system.

About these ads
Tagged with: ,
Posted in chef, continuous delivery, devops

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 152 other followers

Blog Stats
  • 10,348 hits
Follow

Get every new post delivered to your Inbox.

Join 152 other followers

%d bloggers like this: