What Chef configuration management can do for your IT systems
Chef configuration management tools possess a huge community of users. Learn more about product versions, capabilities, user resources and what Chef can offer an enterprise.
Chef configuration management tools automate the packaging and provisioning of software into an organization's operational IT environment. They are powerful tools that have a vibrant, active community of both large enterprise and individual users. Organizations such as Nordstrom, Etsy, Ancestry.com and MSN use Chef configuration management software.
The latest version of Chef is 12.4.1, released in February 2016. The basic version of Chef -- Chef Basics, download via GitHub -- is available through the Apache 2.0 licence. A fully supported version, Chef Automate, is available at $147 per node, payable annually. There is also a software as a service version, Hosted Chef, available at a cost of $72 per node -- minimum of 20 nodes -- payable annually.
Hosted Chef includes supported content, while Chef Automate includes workflow, compliance and end-to-end visibility functionality.
Chef Basics comes with 30 days of eight hour, five days a week support. Hosted Chef comes with continuous eight hour, five days a week support, while Chef Automate comes with 24/7 support. Additional service offerings are available for organizations that require them: Standard Support provides a named support engineer and extends support hours from 6am to 6pm Eastern Time working to an agreed service-level agreement; Premium Support provides 24/7 support on top of Standard; a Customer Success Subscription provides a proactive service model with help to identify and use the success patterns other organizations have achieved using Chef.
Alongside these support programs are a range of other programs. These include a Delivery Acceleration Program which helps to speed the move from initial use of Chef configuration management through proof of concept to operational use, through to a Success Maintenance Program, which provides an ongoing health check of a Chef environment, carried out by a Chef technical architect.
Chef Community
Chef configuration management is written in Ruby and Erlang, and uses a Ruby-based domain-specific language for writing systems configurations, which are known as recipes. These recipes can be aggregated into a cookbook. A recipe details all the dependencies that exist for an application such as what services need to be running and the order in which applications need to be installed.
Chef configuration management can run in either a client-server or a standalone mode. In client-server mode, node clients send details about themselves to the Chef server via agents. The Chef server acts as the central point for the Chef system. It holds records of all the recipes and cookbooks, and takes control of the activities on the nodes that it controls. The Chef server uses Apache Solr, an open source index and search engine, to index the node attributes, which can then be used in recipes. Developers and administrators use workstations to create, test and upload recipes and cookbooks to the Chef server.
Chef has two main community websites. The site supermarket.chef.io is a community of close to 70,000 Chef users. This user community has contributed around 3,000 cookbooks that are available for others who join the community. The site www.Chef.io/community provides access to cookbooks that are maintained by Chef, alongside podcasts, like "Food Fight", a mailing list and a means of logging any problems or issues that have become apparent in the Chef Basics open source software.
Although Chef was originally written to support configuration management for Linux platforms, it has grown to support Windows, OS X and various Unix variants. However, the server needs to run on Linux, supporting Red Hat Enterprise Linux, CentOS, Oracle Linux and Ubuntu operating systems. Chef also supports cloud platforms, including OpenStack.
On the security side, Chef offers Chef Vault -- a project developed by Nordstrom -- where secure socket layer certificate keys, application and database passwords can be securely stored in encrypted form.
Additionally, Chef provides InSpec and Habitat as open source packages. InSpec uses coded policies to maintain the security and compliance of applications. Habitat can be used to build and deploy application onto bare-metal, virtual machine, containers and platform as a service environments. Chef.github.io provides a range of other Chef-related downloads.
Although Chef representatives state that it is a suitable tool for any size of configuration management job, users report a steep learning curve to fully utilize all of Chef's capabilities. Therefore, it is recommended that Chef configuration management is deployed by larger organizations that have the skills and capabilities not only to ensure that Chef is set up correctly, but that users create and maintain all the recipes and cookbooks effectively. However, if individual users or smaller organizations are willing to put in the effort needed to gain a reasonable knowledge of Chef, the accessibility of community recipes and cookbooks makes it easier to be quickly up and running with a fully workable system. A good working knowledge of Ruby is recommended.
According to many users, Chef configuration management is more useful to developers, with Chef Knife plug-ins and the Chef Developer Kit, along with Chef Delivery being aimed more at the Dev side of DevOps organizations.