I flew over to Austin last week to join 2,000 attendees at the increasingly popular ChefConf event. Chef is a configuration management tool for the DevOps community.
I’ve put together my highlights from the event, including the slides and quotes from some of my favorite talks.
Adding developers to the DevOps Process
Annie Hsieh is a cloud automation engineer at 10th Magnitude, a leading Azure consultancy.
A common mindset within companies is that developers don’t want to get involved in Chef code – and Ops people don’t want them to! But as companies grow the Ops team is put under increasing pressure from this process. Annie suggests that both parties should come to an agreement where developers learn the Chef deployment infrastructure and work alongside Ops.
- Developers do not tend to keep ownership of their code after it is deployed.
- Developers don’t fully understand Ops processes and so don’t write code with this in mind.
- This results in many change requests from Developers making the Ops team reactive and over-stressed.
- Having both teams work together and understand each other’s processes reduces the burden on Ops and increases the speed of the development process.
- This cooperation can take many forms
- Developers can learn how to write Chef code to better understand the Ops point of view.
- Developers can be granted write access to Chef code but have their changes reviewed by Ops.
- A company Wiki can be maintained to avoid duplicate requests being sent to Ops
Ephemeral Apps with Chef, Terraform, Nomad, and Habitat
Seth Vargo used to work at Chef and is now the Director of Technical Advocacy at HashiCorp.
Imagine a world where a code change can be tested in a completely isolated environment where 100% of the resources are ephemeral. This is the world of Chef, Terraform, Nomad, and Habitat.
Seth believes that the future for infrastructure-as-a-service is this ability to create one-off ephemeral environments for almost any purpose. So there is no need for long-lived staging or QA environments.
Chef provides the foundation to build and provision infrastructure resources for your application. Running in parallel, these tools can often provision all the infrastructure required for a cluster in a few minutes. Enabling rapid development, testing, QA, staging, and more.
Get the full picture by viewing Seth’s demo.
Chef Vault: A Deep Technical Dive
Nell Shamrell-Harrington is a software development engineer at Chef, focusing on the Supermarket open source product.
Balancing the need for security with the need for usability is not a new problem and one that is well known to Chef users. There are multiple tools attempting to solve this problem – and each has its own advantages and drawbacks. Nell took a deep dive into one of these tools: Chef Vault.
- Chef Vault is an alternative tool for managing secrets with Chef.
- It was initially developed by Nordstrom as an open source project.
- Chef Vault is just one approach to solve the issue of sharing keys manually across multiple users.
- Before Chef Vault, databags needed to be encrypted with an SSH key that had to be shared between all users.
- Each user with an account in the Chef Server has an associated SSH key. Chef Vault makes use of that existing key
- If you need auto-scaling Chef Vault is not an option for you.
- There are other alternatives like Citadel and Trousseau.
Find out more about Chef Vault strengths and weaknesses at Nell’s blog.
Sous Chefs – Fostering Better Community Cookbooks
Dan Webb is a community advocate for configuration management tools. Joseph Holsten is founder of Sous Chefs.
The Chef community has great cookbooks. It also has some not so well maintained and unloved cookbooks. This was a tale of a Sous Chefs’ adventure over the past 6 months.
- Many of the cookbooks in Supermarket are not updated for years and their original creators move on to other projects so the cookbooks are left unmaintained.
- Sous Chefs is a community of Chef users dedicated to maintain these projects and making sure they are constantly updated and healthy.
- Everybody is welcome to contribute no matter of what experience you have with Chef.
Get the full picture at Dan’s website.
You can check out more of my thoughts from the event at @scalablepath.