DevOps Classroom Series – 18/Jun/2021

Roles

• Generally when we try to apply configurations to a Node, Nodes can be

  • web servers
  • DB servers
  • app servers
  • mail servers

• These group of servers will have the same run_list

  • web server in qa, dev or prod environment might have the same run_list for a specific project.

• Chef roles can help in organizing the run_lists Refer Here

• Created the roles

  • webserver

    name "webserver"
    description "Web Server for QT"
    run_list "recipe[lampserver::apache]"
    override_attributes({
    "starter_name" => " khaja",
    })
    
    

  • dbserver

    name "dbserver"
    description "DB Server for mysql"
    run_list "recipe[lampserver::mysql]"
    override_attributes({
    "starter_name" => " khaja",
    })
    
    

• upload the roles to the server

• Now we will change the run_list of the nodes to use roles rather than recipes

• Now lets assume your organization has the following requirements.

  • Git should be installed on all web servers.
  • In the case of the role we can just update the role to include new recipe and wait for convergence. If you don’t use the role we need to go to the run list of every webserver node and change the run_list manually for every node.

• For this demonstration, lets assume we need to install tomcat on all web servers

• With role, we manage run_lists

Environments

• Create any cookbook and have 2 versions of the cookbook
• Now lets assume for qa nodes i.e node 1 version 2 has to be applied and for the prod nodes version 1 has to be applied
• First lets add this recipe to the run list of webserver
• Refer Here for the official documentation of chef environments
• All the nodes in chef belong to any one environment, the _default is the default environment
• We can create environments where we can put restrictions of which version of cookbook is valid for which environment
• Create environment file in folder chef-repo/environments

# prod.rb
name 'prod'
description 'This is prod environment'
cookbook_versions ({
	'envdemo' => '= 1.0.0',
	'lampserver' => '= 1.0.1'
})

#qa.rb
name 'qa'
description 'This is qa environment'
cookbook_versions ({
	'envdemo' => '> 1.0.0',
	'lampserver' => '~> 1.0.0'
})

• Now change the environments of the node

• Now execute the run_list for webserver on qa and prod environments

  • prod
  • qa

• Next Steps:

  • What are different places where we can create attributes
  • How can we encrypt the sensitive contents in chef
  • Installing chef server on the Linux VM

How to change convergence on Chef nodes

• Chef nodes are configured to converge for every 30 minutes by default.
• Refer Here
• If we add the dependency of the this cookbook and create an attribute

default['chef_client']['interval'] = 60 # time in seconds for convergence to occur