Managing Your VMware Infrastructure with ChefAn intro to Chef and the various tools you can use to administer your VMware environment
Yvo van Doorn
Opscode, Inc.
A quick agenda
• Quick overview of Chef (some basic lingo & concepts)
• Integration points
• Demo of vagrant & VMware Fusion
• Demo of knife-vsphere & VMware vCenter
• Q&A
Chef – A quick introduction
Chef – A quick overview
• Chef is an Configuration Management Tool
• Think Chef as Infrastructure as Code
• Chef’s server is completely API driven.
• Uses an utility called ‘knife’ on a workstation to talk to the Chef server
• Chef client is written in Ruby, but you do not need to learn Ruby to use Chef.
• Chef supports Linux variants, Unix variants and Windows, all as first class citizens.
• Comes in two flavors: Open source & Enterprise Chef.
Chef – Lets break down the terms: Resource
• A resource is a definition of an action that can be taken.
• Example would be the installation of a package or maintaining a configuration file.
• The chef-client will parse every resource and associate them with a provider.
• Example: Yum provider is used during the installation of a package on a CentOS / Red Hat host or enabling / installing IIS on a Windows Server
On Linux based OSes: On Windows based OSes:
Chef – Lets break down the terms: Recipe
• A recipe is a collection of resources.
• Each resource is executed in the order they are listed.
• Chef client does not get opinionated. It depends on the user (you) to know in what order things should be put down.
• A basic recipe would consist of the package, template, and service resources
On Linux based OSes: On Windows based OSes:
Chef – Lets break down the terms: Cookbook
• A cookbook is a set of recipes.
• A cookbook is a defined set of items and different outcomes that you expect to address
• A cookbook could have a recipe to install apache2/httpd but also another set of recipe to activate modules required.
• The ‘default’ recipe will be run when no specific recipe is specified.
Chef – Workstation / Node / Server
• Workstation
• A host that has a copy of the chef environment setup
• Often your personal workstation you are working from
• A workstation can be a Linux, Mac or Windows based host, we don’t care.
• Uses a management tool called ‘knife’ which talks to Chef APIs over HTTPS
• Knife can (and should) be extended to provide additional functionality
• This is where a lot of our integration story will take place
• Server
• Hosts the cookbooks, attributes, search data, node data, and user information for your organization.
• Very scalable. The server is a repository of your cookbooks, but the actual work is done on the node
• Node
• The end point, whether it is bare metal, ec2 or a VMware virtual machine instance, is something running the ‘chef-client’.
Putting it all together…
Open Source Chef server
• Full single “org” Chef server
• Same API & client as Enterprise Chef
• Search based capabilities
• Absolutely free & code is available on github
Enterprise Chef
• Both offered as a hosted by Opscode solution and on premise / in your own datacenter solution.
• Hosted Enterprise Chef comes with 5 free nodes (0 billing information required)
• Fastest way to get started with Chef. All you do is set up your workstation and bootstrap your first instance.
• Enterprise Chef features
• multi tenancy support
• role based access (including integration into Active Directory)
• Soon: pushy & reporting
Two flavors of Chef Server
So where does VMware fit into this?
4 integration points for Chef with VMware
VMware Fusion / VMware Workstation
VMware ESXi
VMware vCenter
VMware vCloud Director
Vagrant Plugin
knife-esx
knife-vsphere
knife-vcloud
VMware Fusion / Workstation & Vagrant
• Vagrant is a tool used to quickly spin up & down new development environments, locally, on your workstation or laptop.
• Used for development to test automation or deployments of new software, or in Chef’s case: cookbooks.
• The vagrant plugin for Vmware Fusion/Workstation is an pay for add on for the free vagrant (http://www.vagrantup.com)
VMWare ESXi & knife-esxi
• Interacts with your solo, or non managed ESXi host.
• Uses knife & fog to interact with APIs presented on the ESXi host.
• Can list, delete and clone VMs on a single ESXi host.
• Installs (bootstraps) Chef & makes it part of a chef server and, additionally, can be configured to add the new node to specific environments and/or roles on your Chef server.
• Community maintained & under active development @ https://github.com/maintux/knife-esx
VMWare vSphere & knife-vsphere
• Integrates with your existing vSphere vCenter installation
• Uses knife & fog to interact with the vSphere API.
• Can list, clone, delete, snapshot VMs via knife
• Can also list datastores, resource pools and clusters.
• Can also execute commands on running VMs
• When cloning a VM, can interact with a customization specs to customize vCPUs, vRAM, IPs, hostname, etc at VM creation.
• Requires a VM template that can be customized like Ubuntu, Red Hat or Windows.
• Hint: when using CentOS, set the OS type to Red Hat not CentOS to take advantage of this!
• Community maintained & under active development @ https://github.com/ezrapagel/knife-vsphere
VMWare vCloud Director & knife-vcloud
• Integrates with your vCloud Director installation
• Uses knife & fog to interact with the APIs presented by vCloud Director
• Like knife-vsphere, can list, add, delete VMs through knife
• In addition to knife-vsphere, can also deploy vApps.
• Maintained by Opscode but seeking more community contributions @ https://github.com/opscode/knife-vcloud
Advantages when using Chef in a VMware environment
• No more golden images. Don’t simply brush this off, think about it….
• Maintain a VMware template that is “just enough OS”.
• Use Chef’s bootstrapping through various integration points to install Chef & configure the node as you specified in the command.
• Instead of managing snapshot chains of a VM, you update the Chef recipe, create a new VM and delete the old.
• Your VMs are no longer special snow flakes, they are objects that are defined from the Chef cookbooks you’ve written.
• Knife uses APIs to communicate with your ESXi/vCenter/vCloud host.
Demo: Vagrant & VMware Fusion
Demo: knife-vsphere & VMware vCenter