Skip to content

Instantly share code, notes, and snippets.

@rayterrill

rayterrill/Node.md

Last active June 10, 2018 19:12
Show Gist options
  • Save rayterrill/232b68159faf52fb946355361919fbaa to your computer and use it in GitHub Desktop.
Save rayterrill/232b68159faf52fb946355361919fbaa to your computer and use it in GitHub Desktop.
Download ZIP
Infrastructure as Code Notes
Raw
Node.md

Terraform Hygiene

  1. Validate our code compiles
terraform validate
  1. Format our code correctly
terraform fmt

Berkshelf

  1. Edit the Berksfile in your cookbook with the following info (defines where to find unknown cookbooks, Where to find dependencies: in our cookbook's metadata file, and Where each of those cookbooks reside: in our case, the local relative path)
source 'https://supermarket.chef.io'

metadata

cookbook 'apache', path: '../apache'
cookbook 'php', path: '../php'
cookbook 'mariadb', path: '../mariadb'
  1. Upload all cookbooks and dependencies in one fell swoop
berks upload
  1. Update our Berksfile to use the MySQL cookbook vs the custom mariadb cookbook, and add the MySQL dependencies.
cookbook 'mysql', '8.0.4'
cookbook 'selinux'
cookbook 'yum-mysql-community', '~> 1.0'
  1. Note that we also need to make the same change in our cookbook's metadata.rb file.
depends "mysql" , '~> 8.0'
depends "selinux"
depends "yum-mysql-community", '~> 1.0'
  1. Download any missing cookbooks.
berks install
  1. Upload the new cookbooks.
berks upload

Chef Linting

  • Using cookstyle to get feedback about a cookbook
cookstyle
  • Allow cookstyle to make changes
cookstyle -a
  • Use foodcritic to audit our mysite cookbook (excluding the test directory)
foodcritic --exclude test cookbooks/mysite
  • We can also exclude specific rules if we dont care about those with -t (in this case, we exclude rule FC003)
foodcritic -t ~FC003 --exclude test cookbooks/mysite/

Probably should figure out unit testing with ChefSpec

Integration Testing Chef with Test Kitchen

  1. Define a .kitchen.yml at the root of our cookbook
---
driver:
  name: vagrant

provisioner:
  name: chef_zero

platforms:
  - name: centos-7.2

suites:
  - name: default
    data_bags_path: "../../data_bags"
    run_list:
      - recipe[mysite::default]
    attributes:
  1. Launch test kitchen
kitchen test
  1. Dump all our existing tests so we can start fresh and recreate the folder structure we need
cd cookbooks/mysite
rm -rf test/*
mkdir -p test/integration/default/serverspec
  1. Create our test/integration/default/serverspec/spec_helper.rb file
require 'serverspec'
# Required by serverspec
set :backend, :exec
  1. Create our tests
  • apache_spec.rb
require 'spec_helper'

describe package('httpd') do
  it { should be_installed }
end

describe service('httpd') do
  it { should be_enabled }
  it { should be_running }
end

describe port('80') do
  it { should be_listening }
end
  • php_spec.rb
require 'spec_helper'

describe package('php') do
  it { should be_installed }
end

describe package('php-cli') do
  it { should be_installed }
end

describe package('php-mysql') do
  it { should be_installed }
end
  1. Test, retest, etc.
kitchen converge
kitchen verify
  1. Destroy the environment when we're done
kitchen destroy

Deploy Code from Github with Chef

  • Our code is available at https://github.com/WordPress/WordPress
  • We want to try the latest revision (HEAD) and keep the last five revisions to allow rollbacks
  • Our HTTP web server runs under the apache user
  • The virtual host folder is inherited from an attribute set earlier (/var/www/#{node['sitename']})
  • There's no database migrations to execute with WordPress
deploy_revision 'wordpress' do
  repo 'https://github.com/WordPress/WordPress'
  revision 'HEAD'
  user 'apache'
  deploy_to "/var/www/#{node['sitename']}"
  keep_releases 5
  symlinks({})
  symlink_before_migrate({})
  migrate false
  action :deploy
end

Chef Environments

  1. Create our prod environment file in the environments folder at the root of our chef repo (mkdir environments, notepad environments/production.rb)
name 'production'
description 'The production environment'
cookbook_versions  'platform' => '= 0.1.0'
  1. Upload our environment to Chef server
knife environment from file environments/production.rb

Use Vagrant to Test Our Cookbook

  1. Install the vagrant-omnibus plugin
vagrant plugin install vagrant-omnibus
  1. Create a Vagrantfile in the root of our cookbook
Vagrant.configure("2") do |config|
  config.vm.box = "bento/centos-7.2"
  config.omnibus.chef_version = :latest
  config.vm.provision "chef_zero" do |chef|
    chef.cookbooks_path = "cookbooks"
    chef.environments_path = "environments"
    chef.roles_path = "roles"
    chef.nodes_path = "nodes"
    chef.environment = "production"
    chef.add_role "docker"
    config.berkshelf.berksfile_path = "cookbooks/platform/Berksfile"
    config.berkshelf.enabled = true
  end
end
  1. Run vagrant up to build out VM
vagrant up
  1. If the run succeeds, meaning the code from the Docker role is applied, we're safe. Let's destroy the VM/
vagrant destroy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment