Infrastructure management has come a long way. (Mostly) gone are the days of manual configurations and deployments, when using SSH in a “for” loop was a perfectly reasonable way to execute server changes. Automation is a way of life.
Configuration management tools like Chef, Puppet, and Ansible — once on the bleeding edge — are now used by most enterprises. With infrastructure automation, you get a central place for managing all of your systems, networks, and devices — both on-prem and in the cloud — so you can deploy infrastructure and applications faster, without sacrificing reliability.
In this post, I’ll offer a brief introduction to Chef, giving you an idea of how to use Chef to automate infrastructure management (with a few tips for getting started).
Why treat infrastructure as code?
Traditional infrastructure management relied on manual processes that were slow, error-prone, and hard to scale. Custom scripts fall out of sync easily, and can’t be readily shared among teams. Regular maintenance tasks, like updating operating systems across devices, can take days or even weeks. Configuring dev and test environments to align with production environments across all systems is cumbersome (at best), and more often than not, unattainable. You only have so many hours in the day.
On the other hand, when you treat infrastructure as code, you can apply software delivery practices like version control, automated testing, and continuous delivery to infrastructure and applications. You write code that provisions and manages your infrastructure predictably and consistently, no matter its environment.
Since everything is defined and documented within your code, everyone is working from the same playbook — which improves collaboration and helps meet shared business goals.
You also benefit from added visibility and stability, which lets you move faster, shipping software more quickly at scale.
Using Chef to automate infrastructure management
If you want to treat your infrastructure as code, a configuration management platform like Chef makes it possible. You use prewritten code, or Chef “recipes,” to define your infrastructure, security policies, and system dependencies, and Chef gives you a central place to manage it all.
Chef automatically detects and repairs configuration drift, and keeps systems in compliance. You can roll out security changes and spin up VMs, cloud instances, and containers in minutes.
Using a tool like Chef means gaining visibility, consistency, and repeatability into your systems, so you can stop focusing on tasks that keep the lights on, and start working on the projects that move your company forward.
Getting started with Chef
A key benefit of using a tool like Chef is relying on a community of practitioners who have solved the same problems you’re encountering. There are thousands of Chef cookbooks on GitHub to help you automate things like SSH, firewalls, users and groups, and to use Chef alongside AWS, Docker, and Sensu. (See the Sensu + Chef Cookbook.)
As with any new tool, start small. Automate your runbook, automate away an outage, or automate a simple application installation. Think about the manual tasks that you do over and over, or the things that cause the most errors or annoyances, and see how automation can free up your time (and likely make your job more enjoyable).
Implementing IaC is a good start, but you must also consistently test and monitor your deployments. It’s about moving faster with assurance that your infrastructure is operating how it’s meant to, wherever it’s meant to.
I’m looking forward to seeing many of you at ChefConf in May, where I’ll be sharing my experience building a portable home lab to improve my understanding of Habitat and Kubernetes. Plus, we're hosting a meetup on May 21 following the conference (6:30-8:30pm). Join me, Caleb Hailey, and the rest of the Sensu crew for delicious drinks, snacks, and a Sensu Go demo. See you in Seattle!