Chef Delivery: A Guided Tour
// Chef Blog
Chef Delivery accelerates the adoption of continuous delivery and encourages DevOps collaboration. It provides a proven, reproducible workflow for managing changes as they progress from a developer's workstation, through a series of automated tests, and out into production.
In this recorded webinar (presented on November 17, 2015), Nathen Harvey and Michael Ducy introduce you to Chef Delivery. They show you how to submit changes to Delivery and how to use the UI to track them as they move through the different stages of the pipeline. They talk a bit about the kinds of tests you can run, show you our GitHub integration, and give you an overview of how to control what happens in the pipeline with build cookbooks.
Q&A from the live webinar, including questions we didn't have time to answer live, can be viewed below.
Q&A From Live Webinar
Does Chef Delivery integrate with SVN?
No, we do not have integration with SVN planned at this time. We are focused on providing an excellent experience for GitHub and Stash/Bitbucket users first, then will evaluate the possibility of integrating with other SCM systems.
If one attribute value of a policy (or role) is changed, do you still recommend Approve / Deliver phase?
Yes. All code changes should flow through the same workflow. Even what seems like the simplest of changes can lead to an outage.
Can you name your Delivery status to something that works well for your environment like (sandbox–>dev–>stage–>production)?
The stages in Delivery cannot be renamed, and may in fact be orthogonal to your existing development and testing environments. A useful way to think about this is that the Acceptance stage should provide you with the confidence you need to ship a change all the way through to production, or whatever your Delivered target may be.
If we already have a Chef Premium subscription, where do we download Chef Delivery?
Please contact your Chef account representative for instructions.
Will hosted Chef include Delivery? Or will Delivery always be for on premises Chef?
There are no plans to add Delivery to Hosted Chef at this time, but we will watch for demand and revisit this decision periodically.
Can you provision or deploy to VMware like you would to Amazon?
Absolutely. One of our customers did this using vRealize during their initial evaluation of Delivery.
I noticed that rehearsal started right after union successfully completed. Can you insert a manual approval step in between?
No, the approval steps are not configurable. The Rehearsal stage exists solely as a way to validate that fixes made in response to breaks in Union are valid.
You said it will be available for Stash, but does that mean Git only? Or will Mercurial be supported?
The Stash/Bitbucket integration will be for the Git workflow (i.e. PR-based).
Is Delivery designed to replace other CI/CD platforms like Bamboo or TeamCity?
Delivery is desinged to reinforce the proven workflow that we know to be successful at many of our customers. It reflects the tooling and workflow practices that we believe lead to great outcomes and allow you to move safely at high velocity.
Can Chef Delivery be implemented in-house ?
Yes, it is currently available only for on-premises installation. There is information about how to set up Delivery at https://docs.chef.io/delivery.html
Do you have a timeline when it will work with Stash? Will it technically work with any git repo even if it is not Github?
The Stash/Bitbucket integration is planned for completion in Q4 2015.
It's not clear to me if the merge activity requires human intervention using this pipeline. How is the interaction between the automation of the tool and the human decisions / revisions…?
Humans interact with the system in three places. First, a human will create and submit a change into the pipeline. Second, another human will review that code with an eye toward whether or not the code was written correctly (was it built correctly?). Third, a human will decide if what was built is ready to deliver (was the correct thing built?)
Which stage/task runs kitchen tests in your example?
Test Kitchen was not executed during our demo but should be run on the local development workstation and may also be run during one of the phases.
Can you do a demo that shows if something breaks somewhere in the process, fix it and rerun? Does it rerun end-to-end again or just continue where it bums out?
Each change that moves through the pipeline goes through the complete set of stages and phases, so the process does not resume where the break occurred but starts from the beginning again.
Can a single application infrastructure item be promoted into different provisioners. (i.e. AWS and Vcenter?)
Yes. You can drive any automated provisioning technology from within a pipeline. As such, it is possible to provision infrastructure in different clouds using different APIs all within a single provision phase of the pipeline.
What does the pricing structure look like for Chef Delivery? Is this a flat fee, monthly, based on application quantity, etc?
See https://www.chef.io/pricing/ for standard pricing of the Chef Premium subscription, which includes Delivery. Delivery can also be purchased as a stand-alone product with licenses per server and per user; please contact your Chef account rep for details.
Is it integrated with Stash?
Stash/Bitbucket integration work is now in progress and is planned for completion in Q4 2015.
Are all the tests handled by Delivery as well?
The recipes you write in the project's Build Cookbook dictate what happens in each Phase. For example, if you are using Cucumber for executing automated functional tests, you can tell Delivery to launch Cucumber and run the tests in the Functional Phase of the pipeline.
Is there an open source freebie version of Chef Delivery to play with?
Is it integrated with GitHub Enterprise yet?
Yes, this integration is complete.
What are my integration options between Delivery and Jenkins?
You can trigger Jenkins jobs via a Delivery pipeline from a phase job.
Can applications be delivered without being tied to a cookbook?
Yes. All projects have a build cookbook that tells Delivery what to do during each phase. The projects themselves do not need to be cookbook based nor have deployment controlled via cookbooks.
Is active directory integration available?
Delivery supports basic authentication via AD user names/passwords. We are looking to do more work on LDAP integration in the coming quarters.
Does Delivery intregrate well with both on-premise (vm and physical), and cloud technologies (AWS, Azure, Google)?
Delivery itself is an on-premises solution and can be hosted in the cloud, in your datacenter, or a mix of both (it is common to have build nodes living across clouds).
You mention that the appproval and deliver phases are manual (human) approval phases. Is it required that this be manual or can this be automated based on some metrics? % of tests passed, etc.
These approval gates are currently manual, but interest has been expressed by some customers in defining business rules to automate these steps. We will evaluate whether a product change in this area makes sense.
Why have the build phase after someone reviews the change? Would you not want getting feedback on the build before reviewing?
The Build stage happens after approval (review). Approval triggers the system to merge the change to the target branch and begin the Build stage. The purpose of this ordering is to drive continuous integration, increase pipeline velocity, and make sure that the resources spent on doing QA on build are not wasted on an artifact that could not be released or is not desired (not approved).
Shared via my feedly reader
Sent from my iPhone