Review: Chef cooks up configuration management

Using Chef Cookbooks
Cookbooks are Chef's configuration modules. They are used to craft configuration management elements to be deployed to nodes connected to the Chef server. Cookbooks are downloaded through Git on the workstation and wrapped by the knife command, which is the general Chef management tool. All Cookbooks are built in Ruby, as Chef uses Ruby for all Cookbook functions. This means that administrators of a Chef environment must be well versed in Ruby to build their own Cookbooks, though modifying existing Cookbooks will be somewhat less challenging. This dependence on Ruby is both a positive and negative aspect of Chef, as Ruby is not necessarily a common language for sys admins, and it can present quite a learning curve for nonprogrammers.

As an example, we may want to install a Cookbook to ensure that the NTP service is installed and configured for our environment on all of our nodes. To do this, we would use the knife command to download the NTP Cookbook:

knife cookbook site install ntp

This will place the NTP Cookbook in our chef-repo/cookbooks directory and set it up. From there, we need to dig into the Cookbook to make sure our preferred configuration settings are present.

Cookbooks have a specific file layout consisting of several directories such as "files," to store whole files that may need to be copied to the node; "templates," to house templates for the creation of new files with specific parameters; "attributes," to contain files that are parameter definitions; and "recipes," to store the Ruby scripts that are run to combine all of the above into a functioning Cookbook.

To continue with our example, the NTP Cookbook includes an attributes directory that contains a file named default.rb. This is where we would make changes to the default NTP servers. In this case, that's as simple as changing the default['ntp']['servers'] variable by adding our NTP servers:

default['ntp']['servers']   = %w{ 192.168.32.10, 192.168.16.16 }

We might change other parameters in this file to modify the various directory paths or the user and group the service runs under, for example.

In the recipes directory, we find a number of Ruby scripts that perform the actual configuration functions. These include scripts that ensure the NTP package for the target distribution is present on the system, scripts that use the template files in the template directory to build new configuration files, and scripts that ensure the service is stopped or started, depending on the configuration.

In this simple example, the Ruby scripts will install the NTP package if necessary, construct a new ntp.conf file by using the template, substitute the configuration parameters specified in the default.rb file under attributes, then start the ntpd service and verify it's running.

Once we've configured this Cookbook to our requirements, we need to upload it to the Chef server for deployment. This is done via the knife command:

knife cookbook upload ntp

This will upload the Cookbook to the server. Then through the command-line or the Web UI, we can assign that Cookbook to our nodes.