Chef Delivery System: On-Premises and the Cloud

Chef Delivery is a continuous and unified delivery service that provides enterprise DevOps teams with a new workflow framework in which they can better manage the continuous delivery of their infrastructure. In sum, Chef Delivery automates changes to infrastructure, runtime environments and applications, but it provides a useful framework in which automated testing and continuous integration and delivery can be achieved. In addition, Chef Delivery provides software developers with relevant metrics, permissions management and a comprehensive change history for their code.

The system is built for infrastructure, containers, and applications and is geared toward Fortune 2000 companies and is intended to help IT teams become a ?high-velocity development engine."

Chef Delivery further extends Chef Inc. into the DevOps market and automates changes to runtime environments, applications, and infrastructure. In addition Chef Delivery offers a framework for automated testing and continuous integration and delivery with tools such as Jenkins

Chef Delivery is really a pipeline tool and is not considered a Chef add-on.

Chef Delivery codifies many of Chef's best practices and links with other automations tools as well, not just Chef. It supports Puppet and Ansible; however, rollout is very recent and has been very selective and participation is by invitation only. The product will be available by subscription only and the beta process is a closed door. Moreover, pricing, support plans and actual functionality have yet to be made public. It is rumored to be considered favorably with other pipeline/build DevOps tools.

Chef Delivery will allow changes to be visualized and dependencies will be automatically tested whenever changes occur. Chef Delivery automates software delivery pipelines -- pipelines as code and creates a common workflow for software applications. In addition, Chef Delivery contains tools for advanced analytics for performance metrics.

Slide No. 2: Chef Analytics

Chef analytics platform is a premium add-on feature for the Chef Delivery system that provides real-time visibility concerning Chef server activities, including any data that is being changed, the individual responsible for making the changes, and when the changes took place. Users can be notified of such in real-time.

The Chef analytics platform operates on hardware that is separate from the Chef Delivery system and provides the ability to log Chef actions and is used to gather and analyze data from Chef clients and servers.

Chef analytics is currently a premium feature of Chef; although access to premium features is free (up to 25 nodes) when the Chef server is installed on-premise, higher node counts require premium features that are installed from the command line.

Analytics provides real-time ability to monitor what is changing on Chef server and changes can be logged into the type of change and who performed it. Analytics can be integrated into DevOps tools such as HipChat and action logs are Actions. Actions are administration and policy changes on Chef server.

Actions can occur via the user interaction from the management console as well as via knife commands or via Chef client. All actions are tracked by Chef Analytics which provides an intuitive GUI into the action logs and the ability to monitor an action before it fails.

Chef Analytics pushes communication to the Chef server and does not require a virtual machine or cloud servers. Chef Analytics uses a publish-subscribe messaging platform and actions are archived into a database.

Data is searchable via web visualization tools. The action log GUI provides for viewing data and performing other actions and allows viewing of actions on any Chef object. In addition, you can view all actions within your organization and send out notifications to DevOps tools such as Confluence.

Chef Analytics also allows data mining into logging data.

Slide No. 3: The Chef Development Kit

The Chef Development Kit (ChefDK) contains additional development tools including the well-known cookbook dependency manager Berkshelf 3.0, the Test Kitchen integration testing framework, ChefSpec, which facilitates the preparation of unit testing cookbook, Foodcritic, a linting tool for performing static code analysis on cookbooks, as well as other Chef tools such as Chef Client, Knife, Ohai and Chef Zero.

The Chef Development Kit contains two executable tools: kitchen and chef.

ChefDK supports Mac, Windows, and popular distributions of Linux.

The Chef Development Kit also introduces two small gems, chef_gem and chef_generate.

Berkshelf 3.0 is a cookbook dependency manager that is designed for quick iteration of cookbooks and applications. Berkshelf helps resolve dependencies for community cookbooks. It also contains the methods and API to communicate with the Chef server and "Berks? can also be installed via a Ruby gem.

Test Kitchen is an integration testing framework that allows code to be executed on multiple platform in isolation. It contains a plug-in architecture to allow code execution on a virtual or physical server and is supported by community cookbooks such as MySQL. Test Kitchen supports virtualization technologies such as Amazon EC2.

ChefSpec is used to unit test cookbooks and does not require a virtual machine or cloud servers. In addition, ChefSpec uses Chef solo to locally run your cookbook, but cookbooks never converge on a node. ChefSpec allows for configurable testing under varying conditions.

Foodcritic performs code analysis on cookbooks and attempts to eliminate cookbook problems before attempting to converge on a node. Foodcritic automates checks for common cookbook problems and the code in a cookbook is compared to Foodcritic rules.

Foodcritic validates code and does not interpret the intention of the recipe.

Slide No. 4: Hosted Enterprise Chef

Enterprise Chef can be hosted by Chef Software, Inc. The hosted version of Chef securely stores your cookbooks, roles, nodes definitions, and the likes.

Hosted Enterprise Chef is most appropriate in situations where the nodes to be managed are cloud-based because Hosted Chef includes a comprehensive library of API primitives for the majority of cloud infrastructures (i.e., Amazon's AWS, Windows Azure, Rackspace, etc.).

Hosted Chef is free for up to five nodes, but users do not receive any technical support for the free version.

Support is provided for basic plans that start at $120/month. For a higher price, the Standard Hosted Chef package costs $300 and provides 50 nodes; for $700, the Enterprise Hosted Chef covers 100 nodes and offers additional features that justify its higher cost.

Hosted Enterprise Chef is cloud-based and the easiest option for novices. Upload your cookbooks and Chef does the rest and manages all hardware and software upgrades. In addition, Hosted Enterprise Chef also allows for provisioning and configuration of Windows machines.

It should be noted, though, that Hosted Chef is vulnerable to all risks inherent in the cloud and rollouts may be slower than in private hosting. Moreover, Hosted Chef offers less customization than in private hosting.

Premium support is chargeable and support expects you to have intermediate Chef knowledge.

Hosted Chef has all the features of Private Chef and can be configured and up and running in minutes.

Cloud hosting allows you to focus on your nodes

Hosted Chef requires no investment in additional infrastructure and added costs may be cheaper than hiring expertize for private hosted installations.

Private Chef which is hosted by you is a potentially cheaper alternative, but configuring Private Chef is exceedingly complex. Moreover, configuring Open Source Chef is even harder.

Private hosting options require extensive engineering knowledge.

Therefore, total costs should be considered, not just the software costs of the Hosted Enterprise Chef.

Slide No. 5: Open Source Chef

The two versions of Chef are free, open-source tool and an enterprise offering. The enterprise offering subdivides into hosted and on-premises (private) versions.

A free trial version of Enterprise is offered without corporate support for a maximum of five devices. The open source chef server requires either Ubuntu, or Enterprise Linux and a minimum of 4 gigs of RAM (this means it is not possible to use the open source version with the Free Tier on AWS).

By contrast, Hosted Chef is cloud-hosted, offers configuration support and provisioning assistance

On-premises (Private) Chef provides an Enterprise version within customers' private infrastructure. On-premises (Private) Chef also includes minimal assistance and support for server provisioning.

Open Source Chef is free and requires no support but excludes many add-ons available to enterprise users.

Chef Solo is decentralized, requires no server, and is similar to peer-to-peer Windows network.

Opsworks is a tweaked version of Chef by Amazon, for use with AWS.

Hosted Chef is an Enterprise offering; hardware management and software upgrades are handled by Chef. Cookbooks, roles, and node definitions are stored in cloud-based Chef server. The server is provisioned by Chef, Inc.; user uploads cookbooks with no further requirements.

Prices are high, payable monthly, and depend on the number of nodes and users -- Launch, Standard, and Premium packages.

A viable alternative is Enterprise Hosted Chef which is available on free trial basis; five nodes, two users, but with no support.

Hosted Chef vulnerabilities include publicly exposed cloud service; vulnerable to service outages and DDOS attacks.

On-premises Chef: server is provisioned by customer with full control over the server.

Possibilities include faster rollout and better integration along with closer physical proximity.

Customer's firewalls shield from public global issues and payment is monthly on a per-node basis.

Open-source Chef is viable for highly confident Chef managers.

Open-source Chef has a large active user community including Github, Stackoverflow, and other Chef community sites and assistance is easily obtainable via the web.

Chef solo is available to those with less experience but still seeking open source

Chef solo is a serverless, scaled-down version and only basic configuration is required.

Slide No. 6: Using Enterprise Chef

Enterprise Chef automates provisioning and management of resources in terms of computing, networking, and storage resources. Automation is achieved by having the Chef client installed on each server, virtual machine, container, or other managed networking device ("nodes"). One of the more useful features of Enterprise Chef is that the client automatically reviews Chef server latest policy and state of networks and the client updates any node that is outdated.

Automation is accomplished from a single platform and Chef automatically stores recipes as well as other configuration data. In addition, features also include automation capabilities for Windows.

Integration with leading networking and storage providers is possible as well as the automation of configuration management, cloud management, delivery of applications and dependent infrastructure.

Enterprise Chef was previously offered as two products: Private Chef and Hosted Chef which has since been realigned under a single brand; Enterprise Chef can be used on premise or as a hosted service.

Compute and networking resources are managed from a single automation platform and there is greater speed in bandwidth provisioning; IT operations accelerated; system availability are all improved.

Major systems integrate with Enterprise Chef. For instance, Arista Extensible Operating System uses code to automate configuration of physical and virtual networking ports which takes care of the alignment between core datacenter resources by coordinating change management. In sum, coordination occurs between compute and networking infrastructure.

Cisco's One Platform Kit (onePK) integrates with Enterprise Chef and enables automation of networking port configuration via Chef cookbooks.

Plexxi integrates Enterprise Chef and Affinity networking and offers open model to describe application workload. In addition, Plexxi also offers seamless, flexible solution for the automation of network behavior and capacity with compute infrastructure

Enterprise Chef integrates with Cumulus Linux for a standard Linux interface and Chef manages switches like standard Linux servers.

Chef Inc. s collaboration with Microsoft Corp is to take advantage of Windows PowerShell Desired State Configuration feature on Windows Management Framework and offers configuration automation capabilities while avoiding drift in enterprise IT environments.

There is native, open-source Windows functionality for several critical operations and server provisioning and configuration management are included. In addition, new options are to automate Windows resources in the data center

Slide No. 7: Using Chef Solo

Chef Solo is an open source version of Chef client that allows the use of cookbooks with nodes.

Access to a Chef server not required and Chef Solo can run cookbooks from a local directory.

In addition, Chef Solo supports a tar.gz archive URL which is the more common approach currently used today; however, tar.gz requires that cookbooks be added to an archive.

It should be noted that Chef Solo does not interact with the Chef server and node-specific attributes must therefore be located in a JSON file on the target system, a remote location (e.g,, Amazon S3), or a web server on the local network.

Chef solo runs directly on the node and runs peer-to-peer.

Chef solo does not support: persistent attributes, search indexes or node storage.

Environments, roles, data bags, and cookbooks are all stored in the local file structure.

Cookbooks use the Chef DSL to install and configure packages required for servers and chef solo is used to configure resources on the server.

Recipe is written in Ruby using block style syntax and value_for_platform method selects package name of the resource based on the platform. Chef solo uses the gem Ohai for information about the node or server

A common temp directory is to be added for downloading files, packages, and the likes and the main recipe setup includes other recipes for the server. The main recipe setup is handy for adding/removing recipes. When recipes are in place, the run order is configured.

The cookbook of recipes is applied to a node and code can be added to box of interest using bash script.

Required dependencies are set up first, the project is then cloned and Chef solo is run on it. Testing is performed after Chef script is completed, the recipe is then modified and a default Ruby version is installed.

Slide No. 8: Choosing the Correct Platform

Chef can be installed on a variety of platforms and servers can be virtual or physical.

In addition, Chef networks may also be distributed.