Configuration management doesn’t sound sexy, but it’s the single most important thing we do as sysadmins at 37signals. It’s about documenting an entire infrastructure setup in a single code base, rather than a set of disparate files, scripts and commands. This has been our biggest sysadmin pain point.
Recently we hit a milestone of easing this pain across our infrastructure by adopting Chef, the latest in a long line of configuration management tools.
We struggled with a few other tools before settling on Chef. We love it. It’s open source, easy to hack on, opinionated, written in Ruby and has a great community behind it. It’s really changed the way we work. I think of it as a Rails for Sysadmins.
Here’s a snippet of all the data required to make Chef configure a bare Ubuntu Linux install as a Basecamp application server.
:basecamp => {
:gems => ['fast_xs', ['hpricot', '0.8.1'], 'aws-s3', 'ruby-prof',
['net-ssh', '1.1.4'], ['net-sftp', '1.1.1'], ['tzinfo', '0.3.9']],
:packages => ['imagemagick', 'elinks', 'zip'],
:apache_modules => ["auth_token", "xsendfile", "rewrite"],
:passenger => { :tune_gc => true }
}
As an early adopter, we’ve helped Chef grow and opened our repository of Chef recipes. If you’re interested in using Chef, take a look there for some example uses. Please fork and provide feedback on Github.
Joshua Sierles wrote this on Aug 27 2009 There are 11 comments.
ldk 27 Aug 09
Wait, so you run this script and it installs the gems, packages modules and their dependencies? That’s it?
MI 27 Aug 09
idk: No, that’s just the snippet that does the application level configuration. There is also code that we didn’t share here that does everything from configuring users/groups, setting up centralized logging, configuring log rotation, setting up time synchronization, and dozens of other steps that we want to do consistently for every machine.
And if we decide we want to do one of those things differently, we just change our Chef recipes and underlying configuration. We can then easily roll out the changes, consistently again, across our entire infrastructure.
Anon 27 Aug 09
I maintain a similar deployment tool myself, except the required version are very specific, requiring a source build of the entire stack (it assumes a vanilla Debian system). It also has to worry about easy_install (pypi), gems, and many other goodies :^)
The Midnight Writer 28 Aug 09
Catchy name in your post and very interesting engaging content for a technical blog. As a freelance writer, I’m impressed with your style. I could actually bear to read the information you were providing. No wonder you rank in the top fifteen of Fortune 500 blogs.
Anonymous Coward 28 Aug 09
I love posts like these. Can we have more from the depths?
Cameron 28 Aug 09
I love posts like these. Can we have more from the depths?
Joshua Sierles 28 Aug 09
Cameron,
Now we’ve reached this milestone, we’ll post more about this particular setup and the ways we automate various tasks.
Brian Armstrong 28 Aug 09
Looks great! This has definitely been a pain point for me in past setting up new servers. I love seeing this “rails philosophy” brought to more and more areas.
./configure, make, sudo make install is SOO last century… Brian
Attila 28 Aug 09
There are many great project for this task. On the ruby world we can use Chef and Puppet. Why did you choose Chef?
Have you seen Moonshine from RailsMachine? It is really a rails way of setting up a new server. It is based on Puppet. However seems to be designed for one server scenario mostly.
Joshua Sierles 28 Aug 09
Attila,
We looked at a number of solutions before Chef. Puppet definitely influenced most of the good ideas in Chef, but Chef takes them a step further and has a few important differences.
The main one for us was that the core language for writing recipes is Ruby, where Puppet has its own. Puppet also has a Ruby version, but the amount of code required to support these together is massive. The smaller code base and focus on Ruby eases the path to contributing fixes and enhancements to Chef.
Above all working with it just felt right to us, even in its early stages, so we stuck with it.
Edmund Haselwanter 29 Aug 09
What I love about chef is, that you can even fall back to some shell script steps
bash "update_manager" do user node[:tomcat6][:user] action :nothing cwd node[:tomcat6][:webapps] code <<-EOH rm -rf ./manager cp -r #{usr_share_dir}/apache-tomcat-#{node[:tomcat6][:version]}/webapps/manager . EOH endThis discussion is closed.