Overview of Chef - For Microsoft developers and Administrators
Infrastructure as Code.
In Microsoft world, GUI based installation or configuration is popular around the Microsoft Engineers. This becomes difficult and unproductivity over the period of time when the volume of infrastructure management grown drastically. Later Microsoft Engineers adopted the scripted installation through the PowerShell scripts. However there is no guarantee or a framework to ensure the scripts will ran successfully across the environment. Last over 10 years, the infrastructure management evolves and engineers adopted to manage the infrastructure through code. The results of these, framework evolved and transformed the complex infrastructure into code and bringing the servers and services to live.
Chef – Overview
Chef is a systems and cloud infrastructure automation framework that makes it easy to deploy servers and applications to any physical, virtual, or cloud location, no matter the size of the infrastructure. Each organization is comprised of one (or more) workstations, a single server, and every node that will be configured and maintained by the chef-client.
Cookbooks (and recipes) are used to tell the chef-client how each node in your organization should be configured. The chef-client (which is installed on every node) does the actual configuration.
Chef framework is completely API driven and uses Ruby and it supports the extensibility for future needs. Desired state configuration and centralized the modelling of IT infrastructure are the key building blocks of Chef Automation. Chef offers both the hosted and on premise installation.
Chef Terminology
It’s important for an engineers to understand the terminology used in the chef automation. It’s very simple, however it’s a new for the people from Microsoft World.
Resource – A definition of action that can be take. Example – Install a package.
Recipe – A collection of resource and executed in an order it is defined.
Cookbook – A set of recipes.
Chef Architecture
Chef has five major components
Chef Client - chef-client is installed on every node or machine or server that is managed by the chef server. Chef client performs all the configuration task that are specified in the run-list (a type of configuration data)
Workstation - Workstation is a machine where the Chef Development kit is installed. It allows the engineers to author, test and maintain the cookbooks (i.e. a set of configuration details. Example: set of steps to configure the IIS and start the W3SVC service). Worked
Chef Server - It’s a hub of information. Cookbooks and Policies are uploaded and managed centrally. Chef clients download the cookbooks and policies to the registered node and install and configure the task according the configuration defined in the cookbooks. And also chef-client runs periodically to manage the desired state of configuration.
Chef server can be accessible through web interface as well as by command line interface.
Chef Analytics - Chef Analytics provides real-time visibility into what is happening on the Chef server, including what’s changing, who made those changes, and when they occurred. Details are tracked by the chef-client during the chef-client run. These details are uploaded to the Chef server at the end of the chef-client run. This data is used to build reports, run rules against the output of audit-mode, generate notifications based on the results of auditing, and visibility into messages that were generated during the chef-client run
Chef Supermarket – chef supermarket is a community channel where engineers can share and consume the cookbooks.
How chef works with Windows
Chef-client has specific components for Microsoft Windows Platform i.e. Windows PowerShell, Internet Information Services and SQL Server. Chef client has 6 resources like batch, env, powershell_Script, registry key and windows package and dsc_resource (in development). Chef supports both the x86 and x64 architectures and it provides the community cookbook for PowerShell, IIS and SQL Server.
Use Knife Windows
Knife Windows is command line tool to interact with and manage physical nodes that are running Microsoft windows such as desktops servers. Knife windows command supports both the NTLM and Kerberos authentication. To install the Knife Windows plugin, use the following command in the chef-client machine.
gem install knife-windows
In Microsoft Windows, most of the administrator writes a batch file or PowerShell script to automate the any task in windows server. As described earlier, Chef Automation supports both the batch process and PowerShell script execution in the chef.
How to execute the batch execution
Use the batch resource to execute a batch script using the cmd.exe interpreter. The batch resource creates and executes a temporary file (similar to how the script resource behaves), rather than running the command inline.
Example – Copy a file from one location to another location.
batch "unzip_and_move_ruby" do
code <<-EOH
xcopy C:\\source\\ruby-1.8.7-p352-i386-mingw32 C:\\ruby /e /y
EOH
end
How to use PowerShell in Chef
Use the powershell_script resource to execute a script using the Windows PowerShell interpreter, much like how the script and script-based resources. The powershell_script is specific to the Microsoft Windows platform and the Windows PowerShell interpreter. This resource creates and executes a temporary file (similar to how the script resource behaves), rather than running the command inline
powershell_script "name" do
attribute "value" # see attributes section below
...
action :action # see actions section below
end
Example
powershell_script "name_of_script" do
cwd Chef::Config[:file_cache_path]
code <<-EOH
# some script goes here
EOH
end
How to install Windows Package using chef
Install a Windows package - Use the windows_package resource to manage Microsoft Installer Package (MSI) packages for the Microsoft Windows platform
windows_package '7zip' do
action :install
source 'C:\myapplication.msi'
end
How to configure windows_service using chef
Use the windows_service resource to manage a service on the Microsoft Windows platform
windows_service "BITS" do
action :configure_startup
startup_type :manual
end
Chef Knife cloud plugins
A knife plugin is a set of one (or more) subcommands that can be added to knife to support additional functionality that is not built-in on the Knife. Many of the knife plugins are built by members of the Chef community and several of them are built and maintained by Chef. A knife plugin is installed to the ~/.chef/plugins/knife/ directory, from where it can be run just like any other knife subcommand
Commonly used Knife cloud plugins
Plugin Name |
Description |
Knife Azure |
The knife azure subcommand is used to manage API-driven cloud servers that are hosted by Microsoft Azure. |
Knife EC2 |
The knife ec2 subcommand is used to manage API-driven cloud servers that are hosted by Amazon EC2. |
Knife HP |
The knife hp subcommand is used to manage API-driven cloud servers that are hosted by HP Cloud Compute. |
Knife openstack |
The knife openstack subcommand is used to manage API-driven cloud servers that are hosted by OpenStack |
Knife rackspace |
The knife rackspace subcommand is used to manage API-driven cloud servers that are hosted by Rackspace cloud services |
Knife Azure
Microsoft Azure is a cloud hosting platform from Microsoft that provides virtual machines for Linux and Windows Server, cloud and database services, and more. The knife azure subcommand is used to manage API-driven cloud servers that are hosted by Microsoft Azure
Install Knife Azure Plugin
To install the knife azure plugin using RubyGems, run the following command:
gem install knife-azure
Knife azure commands
The below table list down the frequently used Knife azure commands to manage the servers in the azure environment.
Knife Azure Commands |
Description |
knife azure ag create |
Use ag create argument to create azure affinity group. |
Knife azure ag list |
ag list to list down the affinity groups |
Knife azure image list |
Image list to list down the list of VM images available in the azure gallery. |
Knife azure server create |
Use the server create to create new Microsoft azure cloud instance |
Knife azure server delete |
Use the server delete option to delete the cloud instance from the azure |
Knife azure vent create |
Use the vnet create argument to create a virtual network |
Knife azure vnet list |
Use the vnet |
Walkthrough of a simple recipe and cookbook for windows
This section walks through the simple recipe and cookbook to configure the Windows IIS and enable the W3Svc using powershell script that defined through the recipe and cookbook.
powershell_script 'Install IIS' do
code 'Add-WindowsFeature Web-Server'
guard_interpreter :powershell_script
not_if "(Get-WindowsFeature -Name Web-Server).Installed"
end
powershell_script 'Install IIS Management Console' do
code 'Add-WindowsFeature Web-Mgmt-Console'
guard_interpreter :powershell_script
not_if "$MgmtConsoleState = (Get-WindowsFeature Web-Mgmt-Console).InstallState
If ($MgmtConsoleState -eq 'Available')
{
echo $false
}
Elseif ($MgmtConsoleState -eq 'Installed')
{
echo $true
}"
end
service 'w3svc' do
action [:start, :enable]
end
template 'c:\inetpub\wwwroot\Default.htm' do
source 'index.html.erb'
end
The configuration above will do the following:
– Install IIS (Web-Server) if it is not already installed.
– Install the IIS Management Console (Web-Mgmt-Console) if it is not already installed.
– Start and enable the IIS Service (W3SVC)
– Set the Default.htm webroot page to whatever is configured in our template HTML file, index.html.erb
Now that we have everything in place, we need to apply the configuration changes to the Windows Server by running the chef-client command below:
Chef-client –local-mode –runlist ‘recipe[InstallIIS]’
Note: When you want to run a cookbook, as we have in this example, you use the chef-client command; however, if you want to run a single recipe, you use the chef-apply command.