Chef Cookbook - Third Edition

Chef Cookbook - Third Edition

By : Matthias Marschall

Buy this Book

Chef Cookbook - Third Edition

By: Matthias Marschall

Buy this Book

Overview of this book

Chef is a configuration management tool that lets you automate your more cumbersome IT infrastructure processes and control a large network of computers (and virtual machines) from one master server. This book will help you solve everyday problems with your IT infrastructure with Chef. It will start with recipes that show you how to effectively manage your infrastructure and solve problems with users, applications, and automation. You will then come across a new testing framework, InSpec, to test any node in your infrastructure. Further on, you will learn to customize plugins and write cross-platform cookbooks depending on the platform. You will also install packages from a third-party repository and learn how to manage users and applications. Toward the end, you will build high-availability services and explore what Habitat is and how you can implement it.

Chef Cookbook - Third Edition

Credits

About the Author

About the Reviewer

www.PacktPub.com

Customer Feedback

Preface

Free Chapter

Chef Infrastructure

Introduction

Using version control

Installing the Chef Development Kit on your workstation

Using the hosted Chef platform

Managing virtual machines with Vagrant

Creating and using cookbooks

Inspecting files on your Chef server with knife

Defining cookbook dependencies

Managing cookbook dependencies with Berkshelf

Using custom knife plugins

Deleting a node from the Chef server

Developing recipes with local mode

Using roles

Using environments

Freezing cookbooks

Running the Chef client as a daemon

Evaluating and Troubleshooting Cookbooks and Chef Runs

Introduction

Testing your Chef cookbooks with cookstyle and Rubocop

Flagging problems in your Chef cookbooks with Foodcritic

Test-driven development for cookbooks using ChefSpec

Compliance testing with InSpec

Integration-testing your Chef cookbooks with Test Kitchen

Showing affected nodes before uploading cookbooks

Overriding a node's run list to execute a single recipe

Using chef-shell

Using why-run mode to find out what a recipe might do

Debugging Chef client runs

Inspecting the results of your last Chef run

Using Reporting to keep track of all your Chef client runs

Raising and logging exceptions in recipes

Diff-ing cookbooks with knife

Using community exception and report handlers

Chef Language and Style

Introduction

Using community Chef style

Using attributes to dynamically configure recipes

Using templates

Mixing plain Ruby with Chef DSL

Installing Ruby gems and using them in recipes

Using libraries

Creating your own custom resource

Extending community cookbooks by using application wrapper cookbooks

Creating custom Ohai plugins

Creating custom knife plugins

Writing Better Cookbooks

Introduction

Setting environment variables

Passing arguments to shell commands

Overriding attributes

Using search to find nodes

Using data bags

Using search to find data bag items

Using encrypted data bag items

Accessing data bag values from external scripts

Getting information about the environment

Writing cross-platform cookbooks

Making recipes idempotent by using conditional execution

Working with Files and Packages

Introduction

Creating configuration files using templates

Using pure Ruby in templates for conditionals and iterations

Installing packages from a third-party repository

Installing software from source

Running a command when a file is updated

Distributing directory trees

Cleaning up old files

Distributing different files based on the target platform

Users and Applications

Introduction

Creating users from data bags

Securing the Secure Shell daemon

Enabling passwordless sudo

Managing NTP

Installing nginx from source

Creating nginx virtual hosts

Creating MySQL databases and users

Managing Ruby on Rails applications

Managing Varnish

Managing your local workstation with Chef Pantry

Servers and Cloud Infrastructure

Introduction

Creating cookbooks from a running system with Blueprint

Running the same command on many machines at once

Setting up SNMP for external monitoring services

Deploying a Nagios monitoring server

Using HAProxy to load-balance multiple web servers

Using custom bootstrap scripts

Managing firewalls with iptables

Managing fail2ban to ban malicious IP addresses

Managing Amazon EC2 instances

Managing applications with Habitat

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Managing fail2ban to ban malicious IP addresses

Every public-facing system is bombarded with automated attacks all the time.

The fail2ban tool monitors your log files and acts as soon as it discovers malicious behavior in the way you told it to. One common use case is blocking malicious IP addresses by establishing firewall rules on the fly using iptables.

In this section, we'll look at how to set up a basic protection for SSH using fail2ban and iptables.

Getting ready

Make sure that you have a cookbook named my_cookbook and that the run_list of your node includes my_cookbook, as described in the Creating and using cookbooks recipe in Chapter 1, Chef Infrastructure.

Make sure that you have created the ssh.erb template for your iptables rule as described in the Managing firewalls with iptables recipe in this chapter.

Create your Berksfile in your Chef repository including my_cookbook:

mma@laptop:~/chef-repo $ subl Berksfile
cookbook 'my_cookbook', path: './cookbooks/my_cookbook'

How to do it…

Let...

Chef Cookbook - Third Edition

By : Matthias Marschall

Chef Cookbook - Third Edition

By: Matthias Marschall

Overview of this book

Related Content you might be interested in

Current Title:

Chef Cookbook - Third Edition

Infrastructure as Code (IAC) Cookbook

DevOps Bootcamp

Puppet 5 Cookbook

Managing fail2ban to ban malicious IP addresses

Getting ready

How to do it…