Forgive me if my question is too vague. I am new to both AWS and Chef automation tool. I am trying to create an RDS instance on AWS using Chef automation. I want the details of the RDS instance to be in the cookbook and I do not want to go through the AWS console. I did some research and found a community cookbook that does this:
https://github.com/gosuri/aws-rds-cookbook/blob/master/README.md
In my experience with Chef, I always had a node that I did sudo to, and it made sure that the node was following the policies listed in the cookbook.
I am confused here as I do not even have a node in the first place. I am trying to create one using cookbook. Is this possible? Can someone point me in the right direction?
Chef is an agent-based system, so you need a node of some kind. With tools like chef-provisioning (you would want to use the AWS driver in this case) you sometimes use your workstation and run chef-client from there, or make a dedicated "provisioning node" which basically just sits there and does nothing but run provisioning recipes.
Related
Bear with me, what I am requesting may be impossible. I am a AWS noob.
So I am going to describe to you the situation I am in...
I am doing a freelance gig and was essentially handed the keys to AWS. That is, I was handed the root user login credentials for the AWS account that powers this website.
Now there are 3 EC2 instances. One of the instances is a linux box that, from what I am being told, is running a Django Python backend.
My new "service" if you will must exist within this instance.
How do I introduce new source code into this instance? Is there a way to pull down the existing source code that lives within it?
I am not be helped by any existing/previous developers so I am kind of just handed the AWS credentials and have no idea where to start.
Is this even possible. That is, is it possible to pull the source code from an EC2 instance and/or modify the code? How do I do this?
EC2 instances are just virtual machines. So you can use SSH/SCP/SFTP files to and from. You can use the AWS CLI tools to copy stuff from S3. Dealers choice...
Now to get into this instance... If you look in the web console you can find its IP(s), what the security groups (firewall rules), and the key pair name. Hopefully they gave you the keys. You need these to SSH in.
You'll also want to check to make sure there's a security group applied that has SSH open. Hopefully only to your IP :)
If you don't have the keys you'll have to create an AMI image of the instance so you can create a new one with a key pair you do have.
Amazon has a set of tools for you in Amazon CodeSuite.
The tool used for "deploying" the code is Amazon CodeDeploy. By using this service you install an agent onto your host, then when triggered it will pull down an artifact of a code base and install it matching hosts. You can even specify additional commands through the hook system.
But you also want to trigger this to happen, maybe even automatically? CodeDeploy can be orchestrated using the CodePipeline tool.
I installed my existing Kubernetes Cluster (1.8) running in AWS using KOPS.
I would like to add Windows Container to the existing cluster but I can not find the right solution! :(
I thought of following these given steps given in:
https://kubernetes.io/docs/getting-started-guides/windows/
I downloaded the node binaries and copied it to my Windows machine (Kubelet, Kube-dns, kube-proxy, kubectl) but I got a little confused about the multiple networking options.
They have also given the kubeadmin option to join the node to my Master, which I have no idea why since I used Kops to create my cluster.
Can someone advise or help me on how I can get my windows node added?
KOPS is really good if the default architecture satisfies your requirements, if you need to make some changes it will give you some trouble. For example I needed to add a GPU Node, I was able to add it, but unable to make this process automatic, being unable to create an auto scaling group.
Kops has a lot of pros, like creating all the cluster in a transparent way.
Do you really need a windows node?
If yes, try to launch a cluster using kube-adm, then joining the windows node to this cluster.
Kops will take some time to add this windows nodes feature.
I'm exploring some disaster recovery scenarios and how to comeback from them quickly. Disasters like our root AWS account being hacked, or all of Oregon going down. Basically situations where we need to recreate our entire infrastructure in another region or account.
Obviously Cloudformation is the best way to tackle this, but I have some questions on how to integrate it with Chef. My plan is to have a CF script create a new Chef server as well as all the other servers, then the Chef server pulls all it's cookbooks from a repository and configures all the servers. Is this a reasonable process or is there a better way to handle it?
I figured this was better than maintaining AMIs specific to applications and copying those over.
Thanks for the help in advance!
Chef has a chef-server cookbook that will provision a stand-alone instance. I'm actually writing a wrapper for it now as I'm dealing with the same situation.
Our plan is similar to yours but we're using Terraform to orchestrate the environments.
Have a repository of cookbooks gzipped and ready for deployment. After provisioning and configuring the Chef server, deploy said cookbooks to it. The Chef server would need to be fully bootstrapped with all cookbooks, environment configs, and data bags before attempting to create any other nodes. Once complete, bootstrapping the rest of the environment would look like any other deployment.
Using the AWS SDK, when using the RunInstances method to programmatically start up an EC2 instance, what is the proper method for automatically deploying a specific script or setup of software to the instance once it's started? AWS CodeDeploy? Or is that overkill?
Essentially I want to:
Programmatically start up an On-Demand instance (I got this figured out)
After startup, automatically deploy some basic Node.js scripts to the server
Automatically execute those scripts.
All of the steps need to be automatic. You can assume the Node.js scripts are in some accessible Git repo hosted somewhere
What is the best and most simple straightforward way to accomplish this?
The Instance User Data can be a simple script that does that, check out http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html
I have a hosted chef account working with AWS EC2 instances.
The instances can connect to hosted chef by way of chef-client and run the inital
run_list that is presetly a role called servers. Everything runs and installs
correctly on initial provision.
I should also mention I have autoscaling on ec2 instances that increses the amount of instances
provisioned on an 'as needed' basis and this works fine.
I found one talk that sort of makes sense but seems a bit more involved.
https://www.youtube.com/watch?v=yHub6E4DNvg
My questions are around how to maintain the servers after initial provisioning. First, if I have an update to my role to include more cookbooks or configuration, and how would I push this out to say X amount servers in a simple way.
Second, how would chef server know if a node has failed and notify the admin?
Any guidance?
That's quite vast question ...
For the easy one: failing node => the solution is to use report handlers see the doc here
For the keep in desired state, the idea is to have chef run periodically on the nodes, so it keep enforcing the conf defined in cookbooks, any change will be updated accordingly. (that's the way chef has been concepted).
If you want more control on which server run when you can:
use the push-jobs addon (commercial addon, not free)
use some orchestration tool (I personnaly use rundeck for adhoc runs in addition to periodic runs).
There's a lot of way to do this and which one to use is a question of preference and environment.
I think you could also use knife to run a chef-client based on a certain criteria:
knife ssh 'role:somerole' 'chef-client' -x username -P password
Here is chef's documentation: https://docs.chef.io/knife_ssh.html