PowerPoint 프레젠테이션 - PDF 무료 다운로드

Configuration Management with CHEF on Enterprise Cloud 이문선 (moonsun.lee@oracle.com) Sales Consultant, Infrastructure Cloud Aug 30, 2017

Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle.

Cloud Automation Infrastructure as Code DevOps

Public Cloud 의현재 - 2017 Enterprise Cloud 의지속적인성장 1. Hybrid Cloud Is the Preferred Enterprise Strategy, but Private Cloud Adoption Fell 2. Cloud Users Are Running Applications in Multiple Clouds 3. Public& Companies Private Run a Majority 75% Workloads of in in Cloud * Cloud Computing Trends: 2017 State of the Cloud Survey by RightScale.com

Public Cloud 의현재 - 2017 Enterprise Cloud 의지속적인성장 1. Enterprise Hybrid Cloud Hybrid Is the Preferred Cloud 82% Enterprise 85% Strategy, : but Private Cloud 점유율은 Adoption Fell 감소 2. 평균 Cloud 1.8 Users Public Are Running Cloud & Applications 2.3 Private Cloud : in 다양한 Multiple Clouds Vendor 이용 (Lock-in X) 3. Public& Companies Private Run a Majority 75% Workloads of in in Cloud * Cloud Computing Trends: 2017 State of the Cloud Survey by RightScale.com

현재의 IT 방식은 Cloud 에부적합 Cloud 로의새로운접근방식이필요해요

개발및배포 Waterfall 에서 Agile 로, 그리고 DevOps 전통적인환경의 Development and Deployment 클라우드환경의 Development and Deployment

5 VMs 다기억할수있어요!

15 VMs 엑셀에저장되어있어요

Even More???

IaC : Infrastructure as Code Infrastructure 와 Application 을 Code 로관리해요 Create Base Image Step 1 Pick a Tool Install Binaries Configure Software Make Software Work Together Patch/Push Config Changes Step 2 Script your environment Step 3 Automatically create IT environments

IaC : Infrastructure as Code Infrastructure 와 Application 을 Code 로관리해요 Create Base Image Step 1 Pick a Tool Install Binaries Configure Software IaC, DevOps를빼고 Cloud를얘기할수없어요 Step 2 Script your environment Make Software Work Together Step 3 Automatically create IT environments Patch/Push Config Changes Cloud 의꽃은자동화! Cloud 일수록 Code 로관리하는것이효과적!

Cloud & Infrastructure as Code #1 Code 로클라우드서버배포하기 CHEF Plug-in 을통한 Code 로서버배포 Chef Knife Plugin for Oracle Cloud

Chef Knife Plugin for Oracle Cloud knife bmcs server create --availability-domain 'kidk:phx-ad-1' --compartment-id 'ocidv1:tenancy:oc1:phx:14604065926 ' --image-id 'ocid1.image.oc1.phx.aaaaaaaaqutj4qjxihpl4mboabsa27 ' --shape 'VM.Standard1.1' --subnet-id 'ocid1.subnet.oc1.phx.aaaaaaaaxlc5cv7ewqr343ms4lvcpxr ' --ssh-authorized-keys-file ~/.keys/instance_keys.pub --display-name myinstance --identity-file ~/.keys/instance_keys --run-list 'recipe[my_cookbook::my_recipe]' --user-data-file./user_script.sh

Cloud & Infrastructure as Code #2 Application 의설정및배포하기 CHEF Code 를이용한 Software 배포 (+ OS 및 SW 의패치및설정변경 ) Version 1.0.0

Configuration Management 어떻게할까요? 코드로인프라와소프트웨어관리를자동화 인스턴스상태에영향을끼치는모든것을관리 버전컨트롤을통해관리 Code Configuration Data Development와 Operations의통합 Imagine Doing on Every Server!

Configuration Management 인프라와소프트웨어가 Code 로자동화된다는것은요 한번만작성하고, 어디서나사용하기 Be Versionable, Testable, Repeatable! 테스트주도개발 (TDD) Code 사전검증 휴먼에러줄이기 개발및배포속도향상하기 Manage All in One, Cross Cloud, Cross Platform

Configuration Management 무엇을할수있나요? 어플리케이션배포및구동을위한패키지설치 어플리케이션테스트및배포 사용자의계정과암호관리 / 보안설정및권한설정 패키지에대한라이브러리이슈등최적화 시스템모니터링 반복적인수작업 Imagine Doing on Every Server!

Project Management Tool

어떤 CM 툴이사용되고있을까요?

CHEF 란무엇인가요? Ruby언어기반 DSL(Domain Specific Language) 사용 : Cookbook, Recipe 추상화적용 인프라 / 어플리케이션설정이나갱신을자동화하는툴 서버환경의메타데이터를관리 노드의상태를조정하는운영프레임워크 많은사용자에기반한다양한설정파일 Repository 공개

요리와유사한점이있나요? 기존요리와같은메커니즘으로 Infrastructure 를관리 : system / software / code 요리를상상하며이해 Knife 는 Chef 의 CLI 이며, 요리처럼 Knife 를이용해 Chef 를제어

Node Remote server, local machine Cookbook mysql, ssh-access, LAMP Resource file, user, package, service Role Web server, database server, dev workstation Recipe install mysql-server, create database, add user Run list list of recipes to run in order for node

About Recipe(default.rb) Ruby( 제어문 Level) & DSL : Write What! Not How! Recipe는 Resource(Package, Template, Service ) 의모음 각 Resource는코드에작성된순서로실행 Recipe On Linux based OS On Windows based OS

어떻게동작할까요? CHEF framework & workflow Workstation, Server & Nodes HTTPs 통신 (Key 인증 ) Node 의주기적으로 Server 에접속해해당 Node 변경사항을체크 최신구성정보를 Node 에적용 ( 멱등성 ) Workstation 의 Cookbook 은 knife 에의해 Server 로 Upload Chef Solo + Vagrant [ 소규모, 테스트용 ]

유용한 Chef 의기능들 #1 Strong Community [ https://supermarket.chef.io ] $ knife cookbook site search cookbook_name $ knife cookbook site show cookbook_name $ knife cookbook site download cookbook_name

유용한 Chef 의기능들 #2 Cookbook 검증및오류찾기 [ http://www.foodcritic.io ] # Don't do this execute 'start-tomcat' do command '/etc/init.d/tomcat6 start' action :run End # Do this instead service 'tomcat' do action :start end $ foodcritic my_cookbook_dir 해당 Cookbook 에영향을받는 Node 및 Role 조회 Searching for nodes containing cookbook_name OR cookbook_name ::default in their expanded run_list 2 Nodes found 3 Roles found Webserver1 Webserver2 your admin_role your dev_role your dev2_role $ knife preflight my_cookbook_dir

유용한 Chef 의기능들 #3 diff 를활용한변경사항조회 [cookbooks, files ] --- cookbooks/apache/templates/default/index.html.erb +++ cookbooks/apache/templates/default/index.html.erb @@ -1,3 +1,5 @@ Hello, My name is +We love you +Dear 다중 Platform & Provider 지원 $ knife diff my_cookbook_dir service apache2 do case node[:platform] when centos, redhat, fedora, suse service_name httpd Apache Install Cookbook

유용한 Chef 의기능들 #4 knife search 를이용한 Node 검색 [role, recipe, platform, name ] 1 items found Node Name: oracle Environment: webserver FQDN: oracle.localdomain IP: 192.168.56.1 Run List: recipe[apache] Roles: webserver Recipes: apache Platform: ubuntu 14.04 여러노드에동일한명령어한번에실행 $ knife search node "ipaddress:192* AND platform:ubuntu Cf. $ knife search node role:role_name Cf. $ knife search node platform:os_name AND name:abc* $ knife ssh roles:role_name 명령어 $ knife ssh chef_environment:staging AND chef_environment:production uptime

CHEF 와 DevOps

다양한 Enterprise Feature 제공 Chef Automate / Compliance(InSpec) & Habitat Visibility, High availability, Compliance, Private supermarket 등

CM 툴 - CHEF 의장점 Automation 새로운 Infrastructure 와 Software 의배포자동화 in minutes Dynamic infrastructure Provision과 Configuration의 Code화 Hybrid Cloud, Multi-cloud vendors 등다양한환경의지원 Continuous delivery of infra and application 안전하고신속한배포 Versionable, Testable, Repetable workflow Compliance at velocity 자동화된테스트를사용하여규정준수를 workflow 에통합

In the Real World CHEF Server Develop Build Test Deploy

Live Demo With CHEF on Oracle Bare Metal Cloud Service

REST API / Console Billing / Metering Identity / Access Mgmt Oracle Bare Metal Cloud Service (BMCS) * BYO Hypervisor BM BM BM Compute Storage Networking Physical Infrastructure( / 36 Core ) 원하는 OS 와 Hypervisor 로 5 분이내에베어메탈서버를프로비전 (VM 도지원 ) 최상의성능보장, 최고의보안, 일래스틱프로비저닝, Pay-as-you-go Pricing Enterprise 를고려한관리체계 (compartments 및인증관리 ) 51

Trial 로테스트해보세요! Chef Server Installation Guide on Oracle Cloud Document [ http://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/computeiaas/chef_setup/chef_setup.html#section7 ] Orchestrations in Oracle IaaS with Chef Document Knife Plugin on Github [ https://community.oracle.com/community/oracle-cloud/oracle-cloud-developersolutions/blog/2016/10/31/orchestration-in-oracle-iaas-with-chef ] Knife Oracle Bare Metal Cloud Knife Plugin [ https://github.com/oracle/knife-bmcs ] [ https://docs.us-phoenix-1.oraclecloud.com/content/api/sdkdocs/knifeplugin.htm ]

Summary Configuration Management Automation 1 Cloud 환경에맞는인프라및소프트웨어관리 자동화된관리도구 / 상태모니터링 / 규정준수 2 인프라 / 소프트웨어변경의흐름을중앙집중화 Manage Everything in One ( Legacy & Cloud ) 3 DevOps : 변경사항을빠르게적용하여비즈니스민첩성증가