Working With Multiple Chef Orgs

The Problem

It’s probably quite common that a lot of developers or operations engineers will typically work with a couple of Chef organisations. These organisations might represent the infrastructure configurations for different products; or perhaps a development and production environment, though this scenario is more often accomplished through the use of different Chef environments. But what if the nature of your work means you’re dealing with many Chef organisations at a time? It could become quite cumbersome managing individual working copies of different repositories representing the data you store in various Chef orgs; not to mention maintaining subtly different Knife configurations, and sets of user and validator PEM keys. So here’s my solution to this problem.

On Being A Technical Reviewer

While I don’t read as much fiction as I’d like, often favouring audio books from Amazon’s Audible while on the bus, I’m a bit of a sponge for non-fiction (number theory; the history of mathematics; quantum mechanics; web development; cloud computing and DevOps) and hoovering up everything interesting in my RSS reader. One day I’ll get around to writing my own book (perhaps on Amazon Web Services or something development/operations related), but until I manage to make more time and stop procrastinating, being a technical reviewer is a pretty good compromise.

AWS VPN Solutions with StrongSWAN

In this article, I’ll discuss how to connect two or more VPCs which are in different AWS regions. Using static routing, routes cannot be re-advertised and as such it’s not possible to write routing tables that allow a packet to traverse from one VPC to another via an intermediary VPC, where all VPCs are connected by IPSec tunnels. Because of this limitation, if you want complete connectivity between all peered regions, there must exist an IPSec tunnel between each and every region. Of course, if you want to join VPCs within the same region, you can use the recently released VPC Peering feature. Pay particular attention to the documentation about unsupported configurations.

Restoring A MySQL Dump To RDS

I’ve spent some of today migrating a MySQL database instance into RDS from another RDS instance in a separate AWS account as part of a larger piece of work. However, there were a few gotchas that caught me out, so it’s worth keeping the following in mind if you’re having issues.

Using Test Kitchen

I’ve been keenly watching the evolution of the test-kitchen project and I’ve recently spent some time using it with the minitest busser to validate that my cookbooks do what I intended them to do. Remember, Chef is already well covered by tests to ensure that e.g. its various resources do what they say they’ll do. With that in mind, the key to using test-kitchen is to write tests that validate your intentions, rather than testing that Chef is doing what it’s been asked. This post will offer a brief introduction to test-kitchen, with a focus on writing tests using the Minitest Busser. I’d also like to extend a big thank you to Fletcher Nichol and the rest of the Opscode team and contributors who are making test-kitchen and related tools such exciting projects to follow.