Opscode Webinar: Managing Your VMware Infrastructure with Chef

Managing Your VMware Infrastructure with ChefAn intro to Chef and the various tools you can use to administer your VMware environment

Yvo van Doorn

Opscode, Inc.

A quick agenda

• Quick overview of Chef (some basic lingo & concepts)

• Integration points

• Demo of vagrant & VMware Fusion

• Demo of knife-vsphere & VMware vCenter

• Q&A

Chef – A quick introduction

Chef – A quick overview

• Chef is an Configuration Management Tool

• Think Chef as Infrastructure as Code

• Chef’s server is completely API driven.

• Uses an utility called ‘knife’ on a workstation to talk to the Chef server

• Chef client is written in Ruby, but you do not need to learn Ruby to use Chef.

• Chef supports Linux variants, Unix variants and Windows, all as first class citizens.

• Comes in two flavors: Open source & Enterprise Chef.

Chef – Lets break down the terms: Resource

• A resource is a definition of an action that can be taken.

• Example would be the installation of a package or maintaining a configuration file.

• The chef-client will parse every resource and associate them with a provider.

• Example: Yum provider is used during the installation of a package on a CentOS / Red Hat host or enabling / installing IIS on a Windows Server

On Linux based OSes: On Windows based OSes:

Chef – Lets break down the terms: Recipe

• A recipe is a collection of resources.

• Each resource is executed in the order they are listed.

• Chef client does not get opinionated. It depends on the user (you) to know in what order things should be put down.

• A basic recipe would consist of the package, template, and service resources

On Linux based OSes: On Windows based OSes:

Chef – Lets break down the terms: Cookbook

• A cookbook is a set of recipes.

• A cookbook is a defined set of items and different outcomes that you expect to address

• A cookbook could have a recipe to install apache2/httpd but also another set of recipe to activate modules required.

• The ‘default’ recipe will be run when no specific recipe is specified.

Chef – Workstation / Node / Server

• Workstation

• A host that has a copy of the chef environment setup

• Often your personal workstation you are working from

• A workstation can be a Linux, Mac or Windows based host, we don’t care.

• Uses a management tool called ‘knife’ which talks to Chef APIs over HTTPS

• Knife can (and should) be extended to provide additional functionality

• This is where a lot of our integration story will take place

• Server

• Hosts the cookbooks, attributes, search data, node data, and user information for your organization.

• Very scalable. The server is a repository of your cookbooks, but the actual work is done on the node

• Node

• The end point, whether it is bare metal, ec2 or a VMware virtual machine instance, is something running the ‘chef-client’.

Putting it all together…

Open Source Chef server

• Full single “org” Chef server

• Same API & client as Enterprise Chef

• Search based capabilities

• Absolutely free & code is available on github

Enterprise Chef

• Both offered as a hosted by Opscode solution and on premise / in your own datacenter solution.

• Hosted Enterprise Chef comes with 5 free nodes (0 billing information required)

• Fastest way to get started with Chef. All you do is set up your workstation and bootstrap your first instance.

• Enterprise Chef features

• multi tenancy support

• role based access (including integration into Active Directory)

• Soon: pushy & reporting

Two flavors of Chef Server

So where does VMware fit into this?

4 integration points for Chef with VMware

VMware Fusion / VMware Workstation

VMware ESXi

VMware vCenter

VMware vCloud Director

Vagrant Plugin

knife-esx

knife-vsphere

knife-vcloud

VMware Fusion / Workstation & Vagrant

• Vagrant is a tool used to quickly spin up & down new development environments, locally, on your workstation or laptop.

• Used for development to test automation or deployments of new software, or in Chef’s case: cookbooks.

• The vagrant plugin for Vmware Fusion/Workstation is an pay for add on for the free vagrant (http://www.vagrantup.com)

VMWare ESXi & knife-esxi

• Interacts with your solo, or non managed ESXi host.

• Uses knife & fog to interact with APIs presented on the ESXi host.

• Can list, delete and clone VMs on a single ESXi host.

• Installs (bootstraps) Chef & makes it part of a chef server and, additionally, can be configured to add the new node to specific environments and/or roles on your Chef server.

• Community maintained & under active development @ https://github.com/maintux/knife-esx

VMWare vSphere & knife-vsphere

• Integrates with your existing vSphere vCenter installation

• Uses knife & fog to interact with the vSphere API.

• Can list, clone, delete, snapshot VMs via knife

• Can also list datastores, resource pools and clusters.

• Can also execute commands on running VMs

• When cloning a VM, can interact with a customization specs to customize vCPUs, vRAM, IPs, hostname, etc at VM creation.

• Requires a VM template that can be customized like Ubuntu, Red Hat or Windows.

• Hint: when using CentOS, set the OS type to Red Hat not CentOS to take advantage of this!

• Community maintained & under active development @ https://github.com/ezrapagel/knife-vsphere

VMWare vCloud Director & knife-vcloud

• Integrates with your vCloud Director installation

• Uses knife & fog to interact with the APIs presented by vCloud Director

• Like knife-vsphere, can list, add, delete VMs through knife

• In addition to knife-vsphere, can also deploy vApps.

• Maintained by Opscode but seeking more community contributions @ https://github.com/opscode/knife-vcloud

Advantages when using Chef in a VMware environment

• No more golden images. Don’t simply brush this off, think about it….

• Maintain a VMware template that is “just enough OS”.

• Use Chef’s bootstrapping through various integration points to install Chef & configure the node as you specified in the command.

• Instead of managing snapshot chains of a VM, you update the Chef recipe, create a new VM and delete the old.

• Your VMs are no longer special snow flakes, they are objects that are defined from the Chef cookbooks you’ve written.

• Knife uses APIs to communicate with your ESXi/vCenter/vCloud host.

Demo: Vagrant & VMware Fusion

Demo: knife-vsphere & VMware vCenter