VMware + ChefA VMworld Workshop

CONFIDENTIAL 2

Agenda

1 What is Chef?

2 Benefits of Infrastructure as Code

3 Installing Chef DK

4 Building Blocks of Chef

5 Chef Tools and Testing

6 Chef VMware Integrations

7 Hands On with vCloud Air

8 Q&A

CONFIDENTIAL 3

Introduction

• Curtis Stewart

• Consultant for the DevOps by VMware Professional Services group

• 4+ years working with DevOps practices and Chef

• Automation Enthusiast

• Open Source Contributor

About Us: VMware DevOps Consulting Services

Build and deliver applications sooner

Fuel innovation and accelerate time to market

Transform your enterprise to support high velocity, modern application development

Deploy an agile future-ready datacenter where any app can thrive

CONFIDENTIAL 4

Developer friendly. Enterprise ready.

• Assessment • Strategy development• People, process & technology

transformation for• Continuous delivery• Configuration management • Cloud operations

• Security & resilience optimization

Our team of dedicated DevOps experts provide:

CONFIDENTIAL 5

Chef

• Chef is a configuration management tool

– Infrastructure as code

• Composed of various components

– Chef Server

– chef-client

– Nodes

– Cookbooks• Resources

• Recipes

– Workstation

CONFIDENTIAL 6

Benefits – Infrastructure as Code

• Rebuild your entire system from a code repository, data backups, and compute resources

• Programmatically provision and configure components

• Limits the needs for full instance backups

• Provides the ability to keep base images lightweight

• Executable documentation

CONFIDENTIAL 7

Lab 1: Quick Tour of Chef

• In this lab you will:– Install the Chef Development Kit

– Sign up for hosted Chef

– Verify connection to Chef server

• This will demonstrate:– Setting up your workstation for Chef development

– Overview of core components of Chef

CONFIDENTIAL 8

Lab 1: Quick Tour of Chef - Script

https://github.com/vmwaredevops/vmworld-chef-repo

CONFIDENTIAL 9

Lab 1: Quick Tour of Chef – ChefDK Installation

• Chef Downloads Page– https://downloads.chef.io/chef-dk/

• Chef Development Kit is easiest way to get started

• Most common Chef tools all bundled together

• Install latest version – v0.7.0 – for your platform

• Once package is downloaded, run the installer

CONFIDENTIAL 10

Lab 1: Quick Tour of Chef – Hosted Chef Signup

• Signup for a free trial of hosted Chef– https://manage.chef.io/signup/

• Click Create New Organization

• Enter full name and short name for your organization

• Click Create Organization

CONFIDENTIAL 11

Lab 1: Quick Tour of Chef – Chef User Key

• Navigate to the Administration panel and select Users from the left menu.

• Select your user, then click "Reset Key" from that Actions menu.

• Click "Reset Key" to download your key.

• Add downloaded user pem to:– /vmworld-chef-repo/.chef/[username].pem

CONFIDENTIAL 12

Lab 1: Quick Tour of Chef – Knife Setup

• Copy /vmworld-chef-repo/.chef/knife.rb.example to:

– ./vmworld-chef-repo/.chef/knife.rb

• Replace the following values with your signup information:

– INSERT_CHEF_USERNAME

– INSERT_CHEF_ORG_SHORTNAME

CONFIDENTIAL 13

Lab 1: Quick Tour of Chef – Cookbook Upload

• Upload your cookbook to the Chef server using knife

• This will also verify that out knife.rb file has been properly updated

CONFIDENTIAL 14

Lab 1: Quick Tour of Chef – ChefDK Verification

• Open Terminal (Mac) or PowerShell Console (Windows)

• Execute $ chef verify– Tests the embedded ChefDK applications

CONFIDENTIAL 15

Chef Components: Cookbook

• A cookbook is a collection of recipes

• Cookbooks are typically designed to be composable so you can pick and choose the pieces you need

CONFIDENTIAL 16

Chef Components: Resources and Recipes

• A resource is one of the most basic components of the Chef ecosystem– Examples of a resource: package, file, service

– Resources are defined using attributes and actions

• Recipes are a compilation of resources

• Resources within a recipe are executed sequentially

CONFIDENTIAL 17

Chef – Workstation / Server / Node / Chef-Client / Knife

• Your Chef workstation is where you’ll install the Chef DK to develop and test cookbooks as well as interact with the Chef server APIs

• The Chef Server is a centrally managed host for storing your configuration data and node objects– All of this data is indexed and completely searchable via RESTful APIs

– Chef Server available in two flavors• Hosted Chef – Centrally administered server hosted by Chef, Inc.• Open Source – Installable version to run on local infrastructure

• A node is any physical, virtual, or cloud machine that is managed by the chef-client

• The chef-client is an agent that’s installed on all nodes that actually performs the configurations

• Knife is a command line tool that provides an interface between local chef components and the Chef server

CONFIDENTIAL 18

Chef – Tools and Testing

• Test-Kitchen– Testing framework

– Supports multiple drivers including vSphere, vCloud Air and many more

• Berkshelf– Dependency manager for cookbooks

– Supports multiple sources including Chef Supermarket, repositories, local paths

• ChefSpec– Unit testing framework

– Fast feedback

• Serverspec– Integration testing framework

– Verifies end state of system is what we expected

CONFIDENTIAL 19

VMware + Chef Integration

• There are many products of VMware that Chef integrates with through various plugins

vCloud Airknife-vcairkitchen-vcair

VMware vSphereknife-vspherechef-provisioning-vsphere

vRealize Automationknife-vrealizekitchen-vravRO Chef Server Workflows

VMware Integrated OpenStackknife-openstackkitchen-openstack

VMware Fusion / Workstation Vagrant Plugins

VMware ESXi knife-esx

CONFIDENTIAL 20

VMware + Chef: vCloud Air

• knife-vcair– Create, bootstrap, and manage vCloud Air compute

instances

– List networks and templates

– Supports OnDemand and Subscription services

• kitchen-vcair– Test Kitchen driver for developing and testing cookbooks

against vCloud Air

– Currently supports Subscription services

CONFIDENTIAL 21

Lab 2: Chef + vCloud Air

• In this lab you will:– Install the knife-vcair plugin

– Configure knife with your vCloud Air endpoint

– Create and bootstrap a vCloud Air VM using your cookbook

• This will demonstrate:– Provisioning a VM in vCloud Air through Chef tools

– Bootstrapping your cookbook on your new VM

CONFIDENTIAL 22

Lab 2: Chef + vCloud Air – knife-vcair

$ chef exec gem install knife-vcair

CONFIDENTIAL 23

Lab 2: Chef + vCloud Air – knife.rb

knife[:vcair_username] = “vi-admin@vmwareprompt.com”

knife[:vcair_password] = “VMware123!”

CONFIDENTIAL 24

Lab 2: Chef + vCloud Air – Create VM

$ knife vcair server create \

--ssh-password vmworld2015 \

--image "CentOS64-64BIT" \

--node-name YOURNAME-chef-node \

--customization-script bootstrap/install-linux-vcair-example.sh \

--run-list 'recipe[hello_vmworld::default]' \

--ssh-gateway root@107.189.120.118 \

--fog-version 1.33.0 \

--vcair-net chef-routed-network \

--no-host-key-verify

CONFIDENTIAL 25

Lab 2: Chef + vCloud Air

CONFIDENTIAL 26

VMware + Chef: vSphere

• knife-vsphere– Integrates with your existing vSphere vCenter installation

– List, clone, delete, snapshot VMs via knife

– List datastores, resource pools and clusters.

– Execute commands on running VMs

– When cloning a VM, can interact with a customization specs to customize vCPUs, vRAM, IPs, hostname, etc at VM creation.

• chef-provisioning-vsphere– Use machine resources to declare the topology of your

app – machines and recipes to run on them

– Includes Test Kitchen driver to test your cookbooks on your existing vSphere vCenter installation

CONFIDENTIAL 27

VMware + Chef: Chef Provisioning Example

CONFIDENTIAL 28

VMware + Chef: vRealize Suite

• kitchen-vra– A driver to allow Test Kitchen to consume vRealize Automation (vRA) resources to perform testing

• knife-vrealize– Knife plugin that interacts with vRA and vRealize Orchestrator (vRO)

– List catalogs, servers

– Display detailed server information

– Create servers from catalog blueprints

– Execute vRO workflows

• vRO Chef Server Workflows– vRO plugin installed to vRO directly

– Interfaces directly with Chef Server REST API

CONFIDENTIAL 29

VMware + Chef: VIO

• knife-openstack– Create, bootstrap, and manage OpenStack compute

instances

– List networks, floating IPs, security groups, images, snapshots, volumes, flavors

• kitchen-openstack– Test Kitchen driver for testing your cookbooks on

OpenStack cloud resources instead of your workstation

– Supports various configurations including block device mappings, network settings, security groups

CONFIDENTIAL 30

VMware + Chef: Fusion and Workstation

• Vagrant is a free and open-sorce tool used to quickly spin up & down new development environments, locally, on your workstation or laptop.

• Used for development to test automation or deployments of new software, or in Chef’s case: cookbooks.

• The vagrant plugin for VMware Fusion/Workstation is a pay for add on for the free vagrant– Vagrant uses local hypervisor on your workstation

(VirtualBox, etc.)

– Vagrant VMware Fusion/Workstation plugin allows Vagrant to use VMware products, which are faster and more stable

– VMware Vagrant plug-ins are a commercial offering from HashiCorp

• http://www.vagrantup.com

CONFIDENTIAL 31

VMware + Chef: ESXi

• knife-esx– Interacts with your solo, or non managed ESXi host.

– Uses knife & fog to interact with APIs presented on the ESXi host.

– Can list, delete and clone VMs on a single ESXi host.

– Installs (bootstraps) Chef & makes it part of a Chef server and, additionally, can be configured to add the new node to specific environments and/or roles on your Chef server.

– Community maintained & under active development @ https://github.com/maintux/knife-esx

CONFIDENTIAL 32

Questions?

…comments…and thank you!