Chapter 1. Configuration Management and Chef
Chef is a configuration management tool for information technology (IT) professionals, like you. Because there are a wide variety of definitions for the term configuration management, letâs take a moment to explain what configuration management means in the context of this book and why you need a configuration management tool. Weâll also cover what Chef is, and why you need it as well.
What Is Configuration Management?
With respect to IT, configuration management covers the set of engineering practices for managing the following entities involved in delivering software applications to consumers:
- Hardware
- Software
- Infrastructure
- People
- Process
Configuration management came about to address the fundamental challenges involved in doing group work. Managing change when you are a lone system administrator with a handful of servers to manage is relatively straightforward. Trying to coordinate the work of multiple system administrators and developers involving hundreds, or even thousands, of servers and applications to support a large customer base is complex and typically requires the support of a tool.
A modern IT configuration management tool usually involves an implementation inspired by the automation and policy-based theory originally developed by Mark Burgess. He developed the following core ideas of this theory for automating IT when he was a professor at Oslo University College in the late 1990s and early 2000s:
- Changes must be handled in a systematic fashion to ensure that a system is configured in a correct and reliable manner.
- There must be some form of autonomy in the system so that it can automatically detect faults and repair them without being explicitly told to do so.
Examples of modern IT configuration management tools are CFEngine, Puppet, the Desired State Configuration engine in Microsoft Windows, Ansible, SaltStack, and of course, Chef.
Why You Need a Configuration Management Tool to Automate IT
There are a number of reasons why automated configuration management tools play a vital role in managing complex enterprise infrastructures. Here are four of the most popular reasons:
Consistency. If your infrastructure is being configured manually, how do you know your servers are being set up in a consistent manner? Further, how do you know these changes are being performed in a way that meets your compliance and security requirements? (For instance, are administrators logging changes in the appropriate systems?)
Make life easier for your system administrators by automating repeated tasks with a configuration management tool. When repeated tasks are tedious, humans are alarmingly bad at performing them consistently. Automate tedious administration tasks with a configuration management tool so your staff can focus on other important things that humans do best.
Efficient change management. Whenever infrastructure is built manually without the aid of a configuration management tool, people tend to fear change. Over time, servers that are maintained by hand tend to become fragile environments that are hard to understand and modify.
In these situations, organizations tend to develop a lot of processes for managing changes, usually with the sole intent on minimizing change or even delaying it as long as possible. This tends to delay introducing new features your customers need.
When servers can be reproduced easily in a repeatable fashion, fewer processes are needed to manage change. Small change batches can be performed on a regular basis, such as daily, or even several times a day.
Simplicity in rebuild. When servers are built manually, itâs typically not easy to rebuild them from scratch. What would happen if you suddenly lost your servers in a catastrophic event? How quickly could you restore service if disaster struck?
Automated deployments using a configuration management tool help quickly restore service. Rather than bothering to upgrade or patch applications, which can be inherently fragile operations, system administrators can build a new, upgraded system in an automated fashion and throw the old one away, returning it to the server pool. When rebuilds are easy, system administrators gain confidence to make changes to infrastructure more rapidly.
Visibility. Configuration management tools include auditing and reporting capabilities. Monitoring the work performed by one system administrator doesnât require a sophisticated tool. But trying to understand what is going on with a team of, say, 10 system administrators and 10 software developers deploying software changes many times per day? You need a configuration tool.
When infrastructure changes are handled by automated systems, changes can be automatically logged in all relevant tracking systems to raise visibility on the meaningful work your teams are doing.
What Is Chef?
Chef is an automation platform that configures and manages your infrastructure whether it is on-premises or in the cloud. You can deploy to the infrastructure type that makes the most sense for your business. You can use Chef to speed up application deployment, even creating a continual deployment pipeline. The key to Chefâs power is that it turns infrastructure into code.
Infrastructure as code means that your computing environment has some of the same attributes as your application:
- Your infrastructure is versionable.
- Your infrastructure is repeatable.
- Your infrastructure is testable.
Figure 1-1 presents an overview of the major components of Chef.
The components of the Chef Development Kit help support you as you write Chef code on your development workstation. Chef Server provides additional components to help scale your configuration management capabilities to hundreds or thousands of servers, and beyond.
Why Chef Might Be a Good Tool for Your Enterprise
When Adam Jacob first created Chef in 2009, he had three key insights to address the shortcomings he saw in other configuration management tools:
- A configuration management tool should easily enable web IT, providing first-class support for managing cloud infrastructure.
- Everyoneâs infrastructure is unique. Complex, enterprise infrastructures benefit greatly from being able to model their IT infrastructure and application delivery process as code.
- Great tools and ideas also come out of a vibrant and involved user community. You canât do it alone.
Over time with community support, Chef has evolved to have a powerful set of features that make it unique among configuration management tools:
- Extreme scalability
- Customers such as Facebook use Chef to manage tens of thousands of servers using only a handful of employees.
- Power
- Chef is built on top of the Ruby programming language. When you need it, you have full access to the power of Ruby to customize Chef.
- Choice
- You are not locked into one way of using Chef. Chef can operate in a distributed standalone mode or in a centralized mode requiring a server. There are also options to use pull or push models (or both) for deployment.
- Open
- Chef is open source and supported by a vibrant community of system administrators and developers. Chef open source has been used to power products from Dell, from Facebook, and from Amazon Web Services.
- Visible
- As a premium feature, the Chef Analytics Platform provides powerful enhancements to Chef integrated with the tool, so that you can be notified when important changes are made as a way to enforce compliance.
Chefâs unique approach gives you tremendous flexibility. You donât need to struggle to conform to Chef. Chef adapts to you and your environment. You can deploy to the cloud or local infrastructure. You can describe any resource you have in code no matter how much it differs from a standard configuration.
With Chef there is no reason to start from scratch; many standard infrastructure configurations and tasks are already described in Chef cookbooks are available for free on the Chef Supermarket site.
Once you master Chef, you can use it to
As an example, Tom Hallet used Chef to create a tool called SoloWizard, which he uses to automate deployments of his Mac OS X development machines. SoloWizard is based on the work Pivotal Labs has done to promote the use of automation for developer and end-user systems. As you can see from Figure 1-2, SoloWizard lets you create a new development environment with a single command. You can even personalize the output script to meet your needs by making choices on a simple website. This tool is publicly available at the SoloWizard site.
Where Do We Go From Here?
In the first half of this book, weâll cover all the essential components of client-side Chef, showing you how to make your infrastructure versionable and repeatable with code. Weâll cover:
- Test Kitchen
- Chef Solo/Chef Local
- Cookbooks
Weâll also give you a firm foundation in the basics of infrastructure coding with Chef by providing lots of hands-on examples.
In the second half of this book, weâll introduce you to the essential topics related to Chef Server, showing you how to make your configuration management abilities scale as your infrastructure increases in complexity and scope:
- On-Premises Chef Server
- Chef Zero
- Roles, Data Bags, and Environments
- Knife
Tools covered in this book are freely available as open source downloads. Some paid tools will be mentioned, but are not required to learn or use Chef.
In the next chapter, weâll start your adventure with Chef by walking you through the Chef Development Kit installation process, so that you can get started right away writing Chef code.
Get Learning Chef now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
