Chef Infrastructure Management
Infrastructure Management Automation Tools
Ensure configurations are applied consistently in every environment with secure infrastructure automation solutions from Chef.
Chef continues to lead in the DevOps space by helping IT teams adopt modern day best practices including:
- Test Driven Development: Configuration change testing becomes parallel to application change testing.
- AIOps Support: IT operations can confidently scale with data consolidations and 3rd party integrations.
- Self-Service: Agile delivery teams can provision and deploy infrastructure on-demand.
Infrastructure Automation for Secure and Scalable Management
Chef® Infrastructure Management™ enables DevOps teams to model and deploy secure and scalable infrastructure automation across any cloud, VM, and/or physical infrastructure.
Chef Infrastructure Management Benefits
Change Safely
Automate systems’ adherence to declared desired state and minimize security delays and fire drills.
Run Everywhere
Automation solutions for Multi-OS, multi-cloud, on-prem, hybrid and complex legacy architectures.
Scale Easily
The largest companies in the world, like Facebook, GM and SAP, count on Chef to automate at massive scale.
Actionable Insights
Real-time data that is easy to filter and provides reachable and actionable data for every node under management.
Infrastructure Management Automation for Windows, Linux, Mac and more
With Chef Infrastructure management, define infrastructure as code (IAC), making the process of managing configurations and system state automated and testable. Unlike other configuration solutions, Chef takes a policy-based approach that builds upon the principles of test-driven development and idempotency. System configuration and application change testing can be done in parallel, so system states are easily enforced and monitored across all infrastructure and teams. With Chef, users define configurations once and then can apply them across mixed fleets of Linux, Mac and Windows systems, regardless of OS version and architecture.
A Single Agent for Configuration and Compliance
Security is at the heart of everything Chef does. Chef sees agent-less solutions as a major disadvantage for highly regulated organizations that have tight security requirements such as financial services (banks,
insurance and wealth management), healthcare and government. This is why Chef leverages an agent to ensure it’s nodes are ‘Autonomous Actors’ and can be
responsible for themselves unlike agent-less models.
The Chef Infra agent is self-updating, self-automating and works well in low bandwidth or remote environments. It also allows Chef to scale up and down as customers’
demands change. Chef Infra Compliance Phase simplifies the workflow needed to implement run compliance audits, view results and do analysis. It extends
our policy-based approach to configuration enabling a single agent than can handle the end-to-end workflow from state enforcement to, data aggregation to validation.
Enterprise Scale and Support
Chef Automate provides enterprise management and observability capabilities and is included with every Chef Subscription. Automate offers visual UIs, real-time interactive dashboards, role-based access controls, third-party integrations, data
APIs, and much more. Automate enables Infrastructure, DevOps, Security, Cloud and Release teams to easily collaborate and get work done, all while maintaining an auditable history of changes to systems environments.
In addition,
Chef Automate can be used to install Chef Infra Server either for a single-host installation that contains both Chef Infra Server and Chef Automate, or for a standalone Chef Infra Server instance. Chef Automate also provides a graphical
management console for the Chef Infra Server.
Multi-Cloud Support to the Edge and Back
With more than 25 industry recognized cloud providers in the market today, avoiding vendor lock-in is a top priority for many IT Leaders. For global organizations and those that need to support edge computing environments, a multi-cloud approach is also at many times necessary. Chef Infrastructure Management works independently of any cloud resource and enables operations teams to consistently deliver across clouds. Chef provides a GUI based control plane that can both report on in real-time, as well as trigger actions across the fleet of nodes, across clouds.
Chef Infrastructure Management Core Features
Automation That is Only as Complex as the Problems You Need to Solve
Chef uses standard human-readable language to provide an easy-to-use interface. You can start using Chef quickly with YAML, and when facing complex tasks it’s possible to use just enough Ruby to model for complex scenarios.
Robust Testing and Development Automation Tools
Chef Infrastructure Management includes features such as development tools for testing, dependency resolution, and cookbook generation. With Chef you can be ensured that whether you’re consuming existing chef policies, or creating your own, you have everything you need to get up and running quickly.
Enterprise Control and Coordination
Operating complex services and environments is a collaborative effort requiring a consistent view of intended and actual state across teams. Admins can create customizations to provide resource-specific authorization to users or teams, either created locally or imported from existing LDAP or Active Directory. Data within Automate are then restricted based on the project a user/team has been given access to. Notifications can be displayed on a per-node, per-failure basis, or configured for alerts to chat, webhook endpoints, or to ServiceNow.
Easily Map Data to 3rd Party Systems with ‘Data Path’
Chef Infrastructure Management supports the implementation of AIOps and with supported integrations that customers can leverage to send data to intelligence and monitoring systems via a feature called ‘Data Path’. This includes an advanced two-way integration with ServiceNow CMDB, and webhook-based notifications that can be used to parameterize other external reporting tools. We also enable the capability to export reports in CSV or JSON.
Hundreds of Supported DevOps Integrations
Chef's infrastructure automation tools integrate with software across the DevOps ecosystem, including source code and artifact repositories (GitHub, GitLab, Atlassian BitBucket), CI/CD (Cloudbees/Jenkins, CircleCI, Azure DevOps), provisioning (HashiCorp Terraform, Packer, Vagrant, Vault), secrets management tools and many many others.
Getting Started
Install Chef Workstation
Start working with Chef Infra Client by installing Chef Workstation (formerly ChefDK) on any Windows, Mac or Linux machine where you do your work. Chef Workstation provides chef, knife, Test Kitchen and all the tools you need to start defining configurations as code on local or remote servers, virtual machines and containers.
~$ chef --version
Chef Workstation version: 21.1.233
Chef Infra Client version: 16.9.20
Chef InSpec version: 4.24.32
Chef CLI version: 3.0.35
Chef Habitat version: 1.6.181
Test Kitchen version: 2.9.0
Cookstyle version: 7.5.3
Create a Project Repo
Working with Chef Infra Client starts with creating workspaces that provide flexibility to manage a wide variety of configurations, policies, node lists and much more from your workstation. The chef generate repo <repo> and chef generate cookbook <cookbook_name> the context for your configuration management projects and creates initial files and folders to keep everything in order.
~$ chef generate cookbook try_chef_infra
Generating cookbook try_chef_infra
- Ensuring correct cookbook content
- Committing cookbook files to git
Your cookbook is ready. Type `cd try_chef_infra` to enter it.
There are several commands you can arun to get started locally developing and testing your cookbook.
Type `delivery local --help` to see a full list of local testing commands.
Why not start by writing an InSpec test? Tests for the default recipe are stored at:
test/integration/default/default_test.rb
If you would prefer to dive right in, the default recipe can be found at:
recipes/default.rb
Create Recipes
Chef Infra Client recipes contain lists of files, packages, services, users and other resources you want to configure on your managed hosts. You can run ad hoc chef-run actions from the command line for testing or add plain-language commands to your recipes when you move to production.
package "emacs" do
action: install
end
~$ chef-run host1.example.com ./recipes/default.rb
~$ chef-run host1.example.com package emacs --user myusername --password mypassword
[✓] Packaging cookbook... done!
[✓] Generating local policyfile... exporting... done!
[✓] Applying package[emacs] from resource to target.
|-- [✓] [host1.example.com] Successfully converged packing[emacs].
Test and Explore
Whether you’re new to Chef Infra Client or a seasoned pro, you can use Test Kitchen to test and run recipes, try publicly available cookbooks and policy configurations from the Chef Supermarket, and even create entire test environments using Vagrant, Docker, GCE, EC2, Azure and other familiar resources.
---
driver:
name: vagrant # Or dokken, azurerm, ec2, docker, etc
provisioner:
name: chef_zero
product_name: chef
product_version: 14.12.9
client_rb:
chef_license: accept
verifier:
name: inspec
platforms:
- name: ubunto-18.04
- name: centos-8
suites:
- name: default
verifier:
inspec_tests:
-test/integration/default
attributes:
Chef Infrastructure Management
Chef Infrastructure Management combines the power of open source community based software development and enterprise class support.
Chef Infra
Powerful open source solution that transforms infrastructure into code and automates how infrastructure is configured, deployed, and managed across environments.
ExploreChef Automate
Enterprise dashboard and analytics tool that enables cross-team collaboration with actionable insights for configuration and compliance across environments.
ExploreChef Enterprise Distributions
Dedicated services that include trusted, hardened, production-ready software distributions, support, expert help, training, reporting and much more.
ExploreChef Community
Chef Supermarket is the site for thousands of configuration templates (cookbooks), for Chef Infra, that are built and maintained by the Chef Community.
Explore
By implementing the self-healing solution, the productivity can be increased by 10 times with improved quality.
Infrastructure Automation Tool Use Cases
Consistent Configuration
Eliminate configuration drift and continuously enforce desired state.
System Hardening
Reduce risks by ensuring OSs, firmware, and system libraries are kept up to date.
Hybrid Cloud Control
Effectively work with different clouds minimizing complexity through multi-cloud support.
Automated Remediation
Event-driven automation that can immediately correct configuration drift.
High Security, Low Trust Environments
Control access and accelerate delivery in highly regulated environments.
Continuous Delivery Pipeline Automation
Enable developer services and drive pull-based CI/CD system workflows.
Recommended Content
Blog
Chef Recognized for “Class-leading” Governance and Compliance Features in Forrester Wave report
Read Now
Recommended Content
