New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Any one using Chef on your servers?
Host4Geeks
Member, Host Rep
I did a search for this but not much of info was available. I am wondering if any one here uses Chef to automate and manage their nodes. Specially with cPanel servers, a large portion of repeated tasks and several server settings can be handled.
If anyone is using this I would like to know how and what are you using it for.
Note: Here is a cookbook by Derek that handles a few things - https://github.com/derekschultz/easyapache
Comments
I don't even know what that is. Link?
http://www.getchef.com/
I just had to reply to this :P. Nice typo.
Fixed.
Truthfully I've always felt a little outside of the loop on things like chef. When I start to read into what they do, it just sounds like a bunch of random buzzwords strung together. I need someone to sit down and put it in nerd english and pull the marketing from it
@jarland I'm going through a few videos on youtube. Seems like a good place to get started:
Never looked into chef myself but heard good words about ansible and I've started to read more about it. When you master something like this, it will make your life easier. The ride getting there is long and not always in a straight line.
I use SaltStack to provision my VPS and the staging server in Vagrant. It make the migration pretty painless, 10 - 15 min to setup the mysql, nginx, php-fpm, uwsgi, iptables, fail2ban, ssh etc.
I use Chef. I had been using Salt but one of the projects I'm involved with uses Chef, so I figured it wasn't worth it to have 2 separate systems.
Chef, Salt, and Puppet are all pretty awesome. If you have more than 10 servers, they become pretty necessary to avoid spending all your time updating machines one by one.
Start by automating some simple tasks and expand as you get more comfortable.
I use Chef for my own projects and at work. For the latter, we're using it on a few thousand servers. I personally operate it on ~500 or so servers. If you're managing a bunch of similarly-configured hosts, or if you throw away and rebuild hosts in a cloud, I'd highly recommend it. I'm thankful to have a local DevOps meetup that's run by one of the folks who works at Chef, so we get the inside scoop and additional insight on some things. I'd recommend watching some of the Chef videos on YouTube for some background.
Out of curiosity, how are you maintaining secrets? Do you use encrypted data bags, go to-hell-with-it and just store it plain text on Chef Server, or do you go heavy duty and use something like chef-vault?
I use Chef Vault, although that's technically using encrypted data bags. It's just an abstraction/management layer on top of pure Chef data bags.
What are some primary differences between Puppet and Chef?
Chef is more procedural, script like. Puppet is more declarative and tries to figure out the order for you.
Looked at both and decided they were too complex for our needs (LoadingDeck). I ended up writing some custom CloudLinux functionality to separate different parts of the system. Worked out much easier.
Ansible is quote popular these days. In my opinion it's way better than chef and puppet.
Ansible's got a nice flow to it but it's sorely lacking in secrets control.
I gave up. No matter how many ways I tell it to update a host using apt-get, it returns that it completed it's task and logging on the host reveals that it did nothing. Two hours and I accomplished all of nothing. Ended up using saltstack.
@jarland take a look at this: https://commando.io/ seems pretty simple and effective.
Fun jazz with cache_valid_time option on the apt module. I admit though, it takes quite a lot of extra variable plumbing if you want to 'force' an update based on previous installation step's success.
Currently I use my own bash scripts for setup and create new "sections" for doing upgrades (which then get called by the main setup.sh).
e.g
I have thought about chef etc for a while, its just been a bit too much of a hurdle and something new to learn when bash is pretty damn easy.
Thanks.
"Puppet is IT Automation Software for System Administrators."
"Chef models IT infrastructure and application delivery as code, giving you the power and flexibility to achieve awesomeness."
The first is an example of intelligible conversation. The second is an example of dipping your website in thick buzzword hipster syrup nonsense.
FWIW, I know a lot of people using Puppet. Haven't known anyone who uses chef...
Actually, there's a more LEB-friendly product...they even mention 128MB VPSes in the article
http://blog.normation.com/en/2011/02/23/why-we-use-cfengine-memory-footprint/
Oh god... Cfengine still gives me nightmares and I was using v3 which was suppose to be cleaned up. Too many passes / stages that go over the same code but in different ways. In many respects, it's like puppet but without the niceties of ruby. Footprint wise, ansible wins