33. Don’t assume EC2/RackSpace/MyCloudInc
# Allow app servers to access DB
-A INPUT -p tcp
-s <%= node[:ec2][:local_ipv4] %>
--dport <%= node[:mysql][:port] %>
-j ACCEPT
34. Don’t assume EC2/RackSpace/MyCloudInc
# Allow app servers to access DB
-A INPUT -p tcp
-s <%= local_ip(node) %>
--dport <%= node[:mysql][:port] %>
-j ACCEPT
35. Don’t assume EC2/RackSpace/MyCloudInc
# Returns the local-network IP of a node
# based on the environment.
def local_ip(node)
return “127.0.0.1” if in_vagrant?
return node[:ec2][:local_ipv4] if in_ec2?
raise “Unknown server environment.”
end
38. Short-circuit Recipes/Manifests
# Only install certain software when not
# in Vagrant.
if !in_vagrant?
include_recipe “flume::node”
include_recipe “kiip_monitoring::client”
...
end
39. Short-circuit Recipes/Manifests
INFO: Chef Run complete in 946.418511 seconds
INFO: Running report handlers
INFO: Report handlers complete
Not great, but I’ll take 50% speedups.
41. Role Composition
run_list => [
“role[base]”,
“role[kiip_mongodb]”,
“role[kiip_memcached]”,
“role[kiip_web]”,
“role[kiip_utility]”
]
Normally different servers.
But no problem on one!