a. Create a new cookbook called webserver
Use knife cookbook --help to figure out how to create new cookbook. Also refer to the student guide for examples
b. Update the metadata.rb
Make sure you add a dependency (depends) for the apache2 cookbook. See http://wiki.opscode.com/display/chef/Cookbooks for details
c. Update the the default.rb recipe in the ../cookbooks/webserver/recipes directory
#
# Cookbook Name:: webserver
# Recipe:: default
#
# Copyright 2010, Opscode, Inc..
#
# All rights reserved - Do Not Redistribute
#
include_recipe "apache2"
template "/var/www/index.html" do
source "index.html.erb"
owner "root"
group "root"
mode "0644"
end
This simple recipe will install apache and create a default page that will updated in the template in the next step.
d. Create the default web page Template file
<html>
<head>
<title>Welcome to <%= node[:hostname]%></title>
</head>
<body>
Chef rocks...you have reached:
<ul>
<li><b>FQDN</b>: <%= node[:fqdn] %></li>
<li><b>Public FQDN</b>: <%= node[:ec2][:public_hostname]%></li>
<li><b>IP Address</b>: <%= node[:ipaddress] %></li>
<li><b>Public IP</b>: <%= node[:ec2][:public_ipv4] %></li>
<li><b>Platform</b>: <%= node[:platform] %></li>
<li><b>Plaform Version</b>: <%= node[:platform_version] %></li>
<li><b>Run List</b>: <%= node.run_list %></li>
</ul>
</body>
</html>
The name of the erb file should match the name of the template source name specified in the recipe. Create the file in ../templates/default directory.
e. Upload the new Webserver cookbook
knife cookbook upload webserver
Check to see if the new cookbook "webserver" is loaded by issuing the following commands.
knife cookbook list
knife cookbook show webserver
knife cookbook show webserver 0.0.1
knife cookbook show webserver latest recipes
f. Create a new webserver.rb role file in ../chef-repo/roles
The new role file should include a description and a run_list that includes webserver recipe created in the previous step. See http://wiki.opscode.com/display/chef/Roles for examples.
g. Load the new webserver.rb role up to the Chef server
knife role from file webserver.rb
h. Show the newly loaded role
knife role show webserver
i. Create a new EC2 instance of the webserver
knife ec2 server create "role[webserver]" -f m1.small -i ami-6407f20d -G default
-S <SSH_Key_id> -x ubuntu -I ~/.ssh/id_rsa -y >/tmp/web1.out
Use the knife ec2 server create --help to see an explanation for the parms. Also get the AWS SSH key id and the SSH identity file from your instructor.
Check the /tmp/web1.out file to see if your instance was created and configured.
j. List your running instances and launch the web page using the following commands.
knife ec2 server list
knife status --run-list
knife status "role:webserver" --run-list
curl <the public IP of the webserver instance>
a. Search for a copy of the haproxy cookbook by issuing the following commands.
knife cookbook site search haproxy
knife cookbook site show haproxy
b. Download a copy of the haproxy cookbook.
knife cookbook site vendor -d haproxy
See ( http://wiki.opscode.com/display/chef/Chef+Repository#ChefRepository-cookbooks ) for an explanation of the vendor branch pattern used in this command.
c. Find the metadata.rb and list the supported OS's for this cookbook
d. Update the the default.rb recipe in the ../cookbooks/haproxy/recipes directory
In this step we are going to create modify the haproxy cookbook default recipe to make it data driven using the "search" api. Modify the existing default.rb to include the following code.
package "haproxy" do
action :install
end
template "/etc/default/haproxy" do
source "haproxy-default.erb"
owner "root"
group "root"
mode 0644
end
service "haproxy" do
supports :restart => true, :status => true, :reload => true
action [:enable, :start]
end
pool_members = search(:node, "role:#{node[:haproxy][:pool_role]}") || []
template "/etc/haproxy/haproxy.cfg" do
source "haproxy.cfg.erb"
owner "root"
group "root"
mode 0644
variables :pool_members => pool_members
notifies :restart, resources(:service => "haproxy")
end
Make sure you understand the relationship of the search API call and the variables used in the template. We will see later when we build the role for this example how the attribute "haproxy" sets the pool_role that gets resolved in the erb template.
e. Modify the the erb template for the haproxy cookbook.
In this step we are going to modify the default template erb template to match the updates made in the haproxy recipe. At this point you should know how to find the template file. Modify the existing haproxy.cfg template file to include the following code.
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#debug
#quiet
user haproxy
group haproxy
defaults
log global
mode http
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
# Set up application listeners here.
listen application 0.0.0.0:80
balance roundrobin
<% @pool_members.each do |member| %>
<% server_ip = member.has_key?("ec2") ? member.ec2.public_ipv4 : member.ipaddress %>
server <%= member.hostname %> <%= server_ip %>:80 weight 1 maxconn 1 check
<% end %>
listen admin 0.0.0.0:22002
mode http
stats uri /
In this example we are using the public IP address of the web servers. If the haproxy server and all of the web servers are on Amazon's cloud it is more efficient to use the private IP addresses. The following code is an example of using the the private IP addresses.
# Set up application listeners here.
listen application 0.0.0.0:80
balance roundrobin
<% @pool_members.each do |member| %>
server <%= member.hostname %> <%= member.ipaddress %>:80 weight 1 maxconn 1 check
<% end %>
f. Upload the updated haproxy
knife cookbook upload haproxy
g. Create a LB role
create a lb role
$EDITOR roles/lb.rb
name "lb"
description "load balancer"
override_attributes(
:haproxy => {:pool_role => "<input the correct value here>"}
)
run_list(
"recipe[haproxy]"
)
In this step you need to input the correct value for the override_attributes to coordinate with the previous code specified in the haproxy recipe and template. Remember the search API in the default.rb recipe will use this value to find all of the launched webservers. If you are not sure about this complete process please take this time to talk to your instructor for clarification.
h. Load the new lb.rb role up to the Chef server
knife role from file lb.rb
i. Show the newly loaded role
knife role show lb
j. Create a new EC2 instance of the lb server
knife ec2 server create "role[lb]" -f m1.small -i ami-6407f20d -G default,www
-S <SSH_Key_id> -x ubuntu -I ~/.ssh/id_rsa -y >/tmp/lb.out
Use the knife ec2 server create --help to see an explanation for the parms. Also get the AWS SSH key id and the SSH identity file from your instructor.
Also, make sure you use secruity groups that open up the following ports:
- 22 - ssh
- 80 - haproxy load balancer
- 22002 - haproxy administrative interface
Check the /tmp/lb.out file to see if your instance was created and configured.
k. List your running instances and launch the web page using the following commands.
knife ec2 server list
knife status --run-list
knife status "role:lb" --run-list
curl <the public IP of the lb instance>
Note: The IP address displayed from the page should match the IP address of your webserver instance.
Also display the haproxy admin interface.
curl <the public IP of the lb instance>:22002
l. Create a few new EC2 instances of the webserver to add the the haproxy pool.
knife ec2 server create "role[webserver]" -f m1.small -i ami-6407f20d -G default
-S <SSH_Key_id> -x ubuntu -I ~/.ssh/id_rsa -y >/tmp/web2.out
knife ec2 server create "role[webserver]" -f m1.small -i ami-6407f20d -G default
-S <SSH_Key_id> -x ubuntu -I ~/.ssh/id_rsa -y >/tmp/web3.out
Use the knife ec2 server create --help to see an explanation for the parms. Also get the AWS SSH key id and the SSH identity file from your instructor.
m. Rerun the chef-client on the haproxy server to update the load balance pool with the new servers.
knife ssh "role:lb" "sudo chef-client" -x ubuntu -a ec2.public_hostname
n. List all of your running instances and launch the web page using the following commands.
knife ec2 server list
knife status --run-list
knife status "role:webserver" --run-list
knife status "role:lb" --run-list
curl <the public IP of the lb instance>
Note: The IP address displayed from the page should match the IP address of your webserver instance.
Also display the haproxy admin interface.
curl <the public IP of the lb instance>:22002
This output should display the three webserver instances.
a. Issue the following commands and understand the output.
shows common flags and all subcommands
knife --help
show contextual help for node subcommands
knife node --help
knife status --run-list
knife status "role:lb" --run-list
knife status "role:webserver" --run-list
knife node list
knife node show <supply an instance id for the for the lb instance>
knife node show <supply an instance id for the for the lb instance> --run-list
sudo install gem-man
gem man chef
uptime
knife ssh "role:web" "uptime" -x ubuntu -a ec2.public_hostname
a. Start an instance from the the Amazon Console.
Login to the Amazon Console at ( https://console.aws.amazon.com/ ).
Start an EC2 instance with the following parameters:
- AMI - ami-6407f20d
- Security Group - default
- AWS SSH key - Use the same keypair used in the previous sessions
- Type - m1.small
b. Find the IP address of the new EC2 instance.
knife ec2 server list
c. Use the knife command to bootstrap the new instance.
knife bootstrap <Public IP Address of the new server> --sudo -x ubuntu
d. Verify the status of the bootstrapped instance.
knife status --run-list
e. Add a role to the new instances run_list.
knife node run_list add ip-10-195-111-34.ec2.internal "role[webserver]"
Use the node name displayed in the first field of the "knife status". Notice the default name of the bootstrapped node is not the instance id.
f. Use the "knife ssh" to re-drive the chef-client on all webserver nodes.
knife ssh "role:webserver" "sudo chef-client" -x ubuntu -a ec2.public_hostname
g. Rerun the chef-client on the haproxy server to update the load balance pool with the new servers.
knife ssh "role:lb" "sudo chef-client" -x ubuntu -a ec2.public_hostname
n. List all of your running instances and launch the web page using the following commands.
knife ec2 server list
knife status --run-list
knife status "role:webserver" --run-list
knife status "role:lb" --run-list
curl <the public IP of the lb instance>
Note: The IP address displayed from the page should match the IP address of one of your your webserver instances.
Also display the haproxy admin interface.
curl <the public IP of the lb instance>:22002
The output should install all of the servers listed from the following command:
knife status "role:webserver" --run-list
explore bootstrap templates
First install the gem-open package
sudo gem install gem-open
gem open chef