Achieving DevOps Success with Chef Automate
-
Upload
chef -
Category
Technology
-
view
155 -
download
0
Transcript of Achieving DevOps Success with Chef Automate
![Page 1: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/1.jpg)
Achieving DevOps Success with Chef Automate
Nicole Johnson – Manager, Solutions Architects – East NA
![Page 2: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/2.jpg)
Chef Commercial Product
Chef InSpec Habitat Open SourceProducts
Cloud & Infrastructure Automation
Delivery Workflow
VisibilityCom
pliance
Application Automation
Chef Platform
![Page 3: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/3.jpg)
Barriers to Enterprise Adoption of DevOps
Anti-pattern = stitching together disparate tool chains
Thrashing on the shape of the workflow across that tooling, lack of skills, training and cultural adoption (can take years)
Siloed centers for DevOps
Security and compliance are an afterthought
![Page 4: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/4.jpg)
New Capabilities Accelerate and De-risk DevOps Adoption
Chef Compliance: Compliance as Code – just like Apps as Code and Infrastructure as code
Chef Automate: Full stack collaboration platform manages complex changes across:
• Infrastructure as Code• Containers as Code• Applications as Code• Compliance as Code
New: Enterprise Transformation Practice
![Page 5: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/5.jpg)
Go Fast Safely: Allow Teams to Build Code and Automate Systems
• Infrastructure as Code
• Containers as Code• Policy as Code• Process as Code• Applications
Reinforce the right behaviors to collaborate safely on code at velocityCulture
Automation
Governance
Build, deploy, and manage infrastructure and applications anywhere
Operate safely and in compliance with internal controls and regulatory requirements
version
collaborateconsistently
testautomatically
Deploy Anywhere● On-premise● Cloud● Hybrid-
Cloud
Configuration
Automation
Workflow
ApplicationInfrastructure
![Page 6: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/6.jpg)
Chef is Infrastructure as Code•Programmatically provision and configure components
•Treat like any other code base
•Reconstruct business from code repository, data backup, and compute resources
http://www.flickr.com/photos/louisb/4555295187/
![Page 7: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/7.jpg)
Automate infrastructure & applications with Chef
On Linux based OSes:
package "httpd" do action :installend
template ”/var/www/index.html" do source ”index.html.erb” mode "0644"end
service "httpd" do action [ :enable, :start ]end
![Page 8: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/8.jpg)
Building Blocks: What is a Resource?•A Resource is a system state you define
• Example: Package installed, state of a service, configuration file existing•You declare what state you want the resource in.
• Chef automatically determines HOW that state is achievedOn Linux based OSes: On Windows based OSes:
![Page 9: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/9.jpg)
Chef Workflow and Test-Driven Infrastructure
Apps
Runtime environments
Infrastructure
...
...
...
Targets/Workloads
Collaborative Dev
Chef Visibility
Production
Chef Server
Chef server
Chef Supermarket
Assessment
Chef Compliance
SearchAuditDiscover
ProvisionDeploy
Test
Chef Workflow
Local Dev/Remediation
ModelBuildTest
Chef DK
Chef Client & Cookbooks
![Page 10: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/10.jpg)
Documentation
SSH supports two different protocol versions. The original version, SSHv1, is subject to a number of different security vulnerabilities.
Please use the more secure SSHv2 to avoid these vulnerabilities
![Page 11: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/11.jpg)
Scripting Tools# grep “^Protocol” /etc/ssh/sshd_config | sed ‘s/Protocol//’# 2
![Page 12: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/12.jpg)
control 'cis-3.1' do impact 0.7 title 'Set Daemon umask’ desc 'Set the default umask for all processes started at boot time.'
describe file('/etc/sysconfig/init') do its('content') {should match 'umask 027'} endend
InSpec Testing Framework
![Page 13: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/13.jpg)
Compliance as Code
![Page 14: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/14.jpg)
Compliance as Code
Compliance
Security
DevOps
![Page 15: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/15.jpg)
How do we write and test our intended change?
![Page 16: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/16.jpg)
One path for change
Test the ArtifactsTest the Code
VERIFY BUILD ACCEPTANCE
REHEARSAL
DELIVEREDUNION
SubmitChang
e
![Page 17: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/17.jpg)
One path for change
VERIFY BUILD ACCEPTANCE REHEARSAL DELIVEREDUNIONAPPROVE DELIVER
LintSyntax
UnitSecurityQualityPublish
LintSyntax
Unit
ProvisionDeploySmoke
Functional
Provision
DeploySmoke
Functional
ProvisionDeploySmoke
Functional
ProvisionDeploySmoke
Functional
Submit
Change
Does thiscode
changelook
good?
Do we want
to ship this?
![Page 18: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/18.jpg)
One path for change
VERIFY BUILD ACCEPTANCE REHEARSAL DELIVEREDUNIONAPPROVE DELIVER
LintSyntax
UnitSecurityQualityPublish
LintSyntax
Unit
Submit
Change
Does thiscode
changelook
good?
![Page 19: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/19.jpg)
One path for change
VERIFY BUILD ACCEPTANCE REHEARSAL DELIVEREDUNIONAPPROVE DELIVER
LintSyntax
UnitSecurityQualityPublish
LintSyntax
Unit
ProvisionDeploySmoke
Functional
Submit
Change
Does thiscode
changelook
good?
Do we want
to ship this?
![Page 20: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/20.jpg)
Shared WorkflowWorkflow’s pipeline is shared across projects and teams
SUBMIT CHANGE VERIFY APPROVE
CHANGE
DELIVER CHANGEACCEPTANCEBUILD
UNION REHEARSAL DELIVERED
COOKBOOK Y
APPLICATION Y
COOKBOOK X
APPLICATION X
![Page 21: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/21.jpg)
SubscriptionIncludes:• Premium Features• 24x7 Support• Supported Content
Infrastructure Automation
Application Automation
Compliance Automation
Workflow Visibility Compliance
High AvailabilityContent (Chef Cookbooks, Habitat Plans, Compliance Profiles)
PremiumFeatures
Open SourceSoftware
![Page 22: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/22.jpg)
![Page 23: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/23.jpg)
Delivery PhasesPre-Artifact Post-Artifact
Verify and Build
Build
Unit Lint Syntax
Security Quality Publish
Acceptance, Union, Rehearsal, DeliveredProvision Deploy
Smoke Functional
![Page 24: Achieving DevOps Success with Chef Automate](https://reader035.fdocuments.us/reader035/viewer/2022062905/5871c22a1a28ab55058b6d0b/html5/thumbnails/24.jpg)
Delivery Phases – Example Java ApplicationPre-Artifact Post-Artifact
• JUnit
Verify and Build
Build
Unit Lint Syntax
Security Quality Publish
• Lint4J • javac
• Fortify • FindBugs • Maven• Artifacto
ry
Acceptance, Union, Rehearsal, Delivered
• EC2• Chef
Provisioning
Provision Deploy• Load jar in
Tomcat
• Curl $URL; check for 200 OK
Smoke Functional• Selenium• Cucumber• Chef InSpec