Configuration management doesn’t sound sexy, but it’s the single most important thing we do as sysadmins at 37signals. It’s about documenting an entire infrastructure setup in a single code base, rather than a set of disparate files, scripts and commands. This has been our biggest sysadmin pain point.
Recently we hit a milestone of easing this pain across our infrastructure by adopting Chef, the latest in a long line of configuration management tools.
We struggled with a few other tools before settling on Chef. We love it. It’s open source, easy to hack on, opinionated, written in Ruby and has a great community behind it. It’s really changed the way we work. I think of it as a Rails for Sysadmins.
Here’s a snippet of all the data required to make Chef configure a bare Ubuntu Linux install as a Basecamp application server.
:basecamp => {
:gems => ['fast_xs', ['hpricot', '0.8.1'], 'aws-s3', 'ruby-prof',
['net-ssh', '1.1.4'], ['net-sftp', '1.1.1'], ['tzinfo', '0.3.9']],
:packages => ['imagemagick', 'elinks', 'zip'],
:apache_modules => ["auth_token", "xsendfile", "rewrite"],
:passenger => { :tune_gc => true }
}
As an early adopter, we’ve helped Chef grow and opened our repository of Chef recipes. If you’re interested in using Chef, take a look there for some example uses. Please fork and provide feedback on Github.
ldk
on 27 Aug 09Wait, so you run this script and it installs the gems, packages modules and their dependencies? That’s it?
MI
on 27 Aug 09idk: No, that’s just the snippet that does the application level configuration. There is also code that we didn’t share here that does everything from configuring users/groups, setting up centralized logging, configuring log rotation, setting up time synchronization, and dozens of other steps that we want to do consistently for every machine.
And if we decide we want to do one of those things differently, we just change our Chef recipes and underlying configuration. We can then easily roll out the changes, consistently again, across our entire infrastructure.
Anon
on 27 Aug 09I maintain a similar deployment tool myself, except the required version are very specific, requiring a source build of the entire stack (it assumes a vanilla Debian system). It also has to worry about easy_install (pypi), gems, and many other goodies :^)
The Midnight Writer
on 28 Aug 09Catchy name in your post and very interesting engaging content for a technical blog. As a freelance writer, I’m impressed with your style. I could actually bear to read the information you were providing. No wonder you rank in the top fifteen of Fortune 500 blogs.
Anonymous Coward
on 28 Aug 09I love posts like these. Can we have more from the depths?
Cameron
on 28 Aug 09I love posts like these. Can we have more from the depths?
Joshua Sierles
on 28 Aug 09Cameron,
Now we’ve reached this milestone, we’ll post more about this particular setup and the ways we automate various tasks.
Brian Armstrong
on 28 Aug 09Looks great! This has definitely been a pain point for me in past setting up new servers. I love seeing this “rails philosophy” brought to more and more areas.
./configure, make, sudo make install is SOO last century… Brian
Attila
on 28 Aug 09There are many great project for this task. On the ruby world we can use Chef and Puppet. Why did you choose Chef?
Have you seen Moonshine from RailsMachine? It is really a rails way of setting up a new server. It is based on Puppet. However seems to be designed for one server scenario mostly.
Joshua Sierles
on 28 Aug 09Attila,
We looked at a number of solutions before Chef. Puppet definitely influenced most of the good ideas in Chef, but Chef takes them a step further and has a few important differences.
The main one for us was that the core language for writing recipes is Ruby, where Puppet has its own. Puppet also has a Ruby version, but the amount of code required to support these together is massive. The smaller code base and focus on Ruby eases the path to contributing fixes and enhancements to Chef.
Above all working with it just felt right to us, even in its early stages, so we stuck with it.
Edmund Haselwanter
on 29 Aug 09What I love about chef is, that you can even fall back to some shell script steps
bash "update_manager" do user node[:tomcat6][:user] action :nothing cwd node[:tomcat6][:webapps] code <<-EOH rm -rf ./manager cp -r #{usr_share_dir}/apache-tomcat-#{node[:tomcat6][:version]}/webapps/manager . EOH endThis discussion is closed.