Generating Chef Recipes from Existing Configs

Posted by UpGuard

We've covered the benefits and pitfalls of configuration management tools like Chef in many articles. But let's assume you've done your homework and decided Chef is the tool for you. How do you get started?

Funnily enough, one of the inspirations for UpGuard was a not-so-successful Chef deployment. Only a poor craftsman blames his tools, so rather than pointing the finger at Chef we reflected on what we had done wrong. The problems we encountered trying to move a large, brown-field infrastructure to Chef, and to get culture, people, and processes to change at the same time, drove us to find a sound method for enterprise automation.

Essentially, we had put the cart before the horse: we started automating our infrastructure before we understood it. Without documentation of existing configuration state and scalable validation for the changes we were making, our automation efforts were bound to lead us in circles.

So, what did we do? We came up with our "three waves" methodology: visibility, control, automation. While UpGuard is built to make those steps as easy possible, we think you'll benefit from following those steps regardless of what tooling you choose. 

1. Visibility

The first step to making systemic changes to your infrastructure (or even just avoiding outages) is to know what you have. Historically this has been handled through barbaric methods like Word docs and spreadsheets. UpGuard starts by scanning nodes (Windows, *nix, cloud apps, etc) for configuration state, generating total state documentation that is completely up to date. 

learn more: MySQL vs MongoDB

2. Control

Once you know what you have you want to be able to anticipate and validate changes to it. You expect test driven development from the dev team so why should there be a lesser standard for Ops? In UpGuard, this just means selecting the changed configuration items from a dev or QA environment and adding them to a policy. Scan data is turned into executable documentation to validate any changes so you know you're never going off the rails. 

3. Automation

This is the golden ring, and if you've done the preparatory work you will reap your just reward. (The same goes if you rushed into automation without doing the prep work, but it will be an ironic Twilight Zone reward that's actually bad.) UpGuard has already captured the state of your development environment or existing infrastructure in a machine readable format, so now it's just a matter of selecting "Recipe" from a dropdown to get it as a Chef Recipe. 

5 Puppet Enterprise Problems You Need to Know About

Get Started

If you want to compare Chef to other tools in your environment, UpGuard also exports to the syntaxes of PowerShell DSC, Puppet, Ansible, Salt, and Docker. You can see the whole thing in action in this video from TechEd 2014. It's free forever on up to five nodes and doesn't require a credit card to start. If you want to see it in action at ChefConf, come by and talk to us at booth #316.

Get a Guided UpGuard Demo

More Blogs

The "Hacking" Of 000webhost—Or Why Free Should Never Be Synonymous With Unsecure

So how do events like 000webhost's massive data breach involving free web hosting providing 000webhost transpire? In a word, negligence. Gross negligence, to be precise.
Read Blog >

Why We Made Our Vulnerability Assessment Free for Everyone

Access to free vulnerability assessment should be a basic right in a world where computing is integral to social and economic life. For our part, we're offering our full product, including vulnerability assessment, free forever for a user's first ten machines.
Read Blog >

Understanding Risk in the 21st Century

Even today, the risk of data breaches in particular threaten to hamper business innovation. So what is cyber risk, and what can be done about it?
Read Blog >

Topics: chef, upguard

UpGuard Customers