Book Image

Chef Essentials

By : John Ewart
Book Image

Chef Essentials

By: John Ewart

Overview of this book

<p>Chef is a configuration management tool that turns IT infrastructure into code. Chef provides tools to manage systems at scale. With this book, you will learn how to use the same tools that companies such as Facebook, Riot Games, and Ancestry.com use to manage and scale their infrastructure.</p> <p>This book takes you on a comprehensive tour of Chef's functionality, ranging from its core features to advanced development. You will be brought up to speed with what's new in Chef and how to set up your own Chef infrastructure for individuals, or small or large teams. Once you have the core components, you will get to grips with bootstrapping hosts to then develop and apply cookbooks. If you want to fully leverage Chef, this book will show you advanced recipes to help you handle new types of data providers and resources. By the end of this book, you will be confident in how to manage your infrastructure, scale using the cloud, and extend the built-in functionality of Chef itself.</p>

Related Content you might be interested in

Current Title:

Small book image
Chef Essentials
John Ewart
Sep, 2014 | 218 pages
No titles found
Table of Contents (15 chapters)
Chef Essentials
Chef Essentials
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Installing Chef
Installing Chef
Terminology
Working with Chef
Installing a Chef server
Configuring a Chef server
Validating that your service is working
Summary
2
Modeling Your Infrastructure
Modeling Your Infrastructure
Getting to know Chef
Modeling your infrastructure
Organizing your configuration data
Large-scale infrastructure
Summary
3
Integrating with the Cloud
Integrating with the Cloud
Leveraging the cloud
Summary
4
Working with Cookbooks
Working with Cookbooks
Attributes
Metadata
Recipes
Resources
Templates
Definitions
Recipes
Writing recipes
Summary
5
Testing Your Recipes
Testing Your Recipes
Testing recipes
RSpec
RSpec and ChefSpec
Getting started with ChefSpec
Summary
6
From Development to Deployment
From Development to Deployment
Describing the setup
Deploying software with Chef
Configuring your local environment
Modeling a simple Python application
Managing the cookbooks
Defining roles
Adding users
Provisioning EC2 instances
Configuring the web server
Deploying your software
Summary
7
Beyond Basic Recipes and Cookbooks
Beyond Basic Recipes and Cookbooks
Managing users
Writing custom extensions
Working with data bags
Summary
8
Extras You Need to Know
Extras You Need to Know
Vagrant and Chef-solo
Getting to know the Chef shell
Integration testing
Extending Chef
Automation and integration
Summary
Index
Index

Working with data bags

There are a number of things you can do with data bags.

Securing your data bags

Data bags are just JSON data, but they are stored in the system as plain text, without any security. They are also downloaded onto various hosts throughout the life cycle, which can lead to leaking of potentially sensitive information. Fortunately, Chef has a method that lets you secure this data by using knife, along with secret keys to keep data in data bags encrypted.

Secret keys

Encrypting a data bag item requires a secret key; one way of generating a secret key is to generate a random number and use the Base64 encoding of that number as the secret key. This should have any line endings removed to ensure it works properly on all platforms, regardless of platform-specific line endings. Here is a quick way to generate one using the openssl command line tool combined with tr to remove any line endings:

$ openssl rand -base64 512 | tr -d '\r\n' > ~/.chef/data_bag_secret

Encrypting your...

Previous Section
End of Section 4
Next Section