Thursday, January 12, 2017

DevOoops: Client Provisioning (Chef)

/
/
Notes on Chef from the 2015 Devoops Talk. Posting it so i can remove it from the slide deck but still refer to it.  Also relevant from a common problems with devops theme.

Chef allows you to define the state your servers (local or cloud) should be in and enforces it.

Web Interface



Environment Leakage


databags


knife is a Chef command line utility. The credentials are stored in data bags. Credentials can be encrypted.

Example:

 $ knife data bag list

Chef/knife (encrypted data bag)


Chef/knife with path to secret file
Chef Takeaways

 Be aware of what you put into chef recipes
Protect secrets/passwords

 Info on securing chef: https://learn.chef.io/skills/be-a-secure-chef/
/
/
, , ,
CG

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Copyright 2023 © Carnal0wnage Blog