Using Chef? Why Risk your Business on a Lack of Support?

An upfront note: Cloudreach is a consulting partner and reseller of Chef’s awesome technology. This blog might appear as a bit "salesy" a first glance. That’s not my intent - I do strongly believe the recommendations are sound.

Erm, refresh my memory, what is Chef?

I’m sure the majority are familiar with the concept of configuration management. If you don’t use Chef, you’ve probably used Ansible or Puppet perhaps? If not, question why not: the more human actions you have in any given IT process, the more likely it is things will go wrong. Surely you’re not doing things manually or using a gigantic, unsupportable heap of bash scripts, are you?

Essentially, Chef provides a (Ruby-based) platform for writing "recipes" to manage, control and provision software and infrastructure in a programmatic fashion.

Chef is used to define the desired state of the infrastructure and makes sure that state is always applied.  It will continually test the state of the system and then repair it if necessary.  The state of the infrastructure is stored as code and is managed and treated as any other code base. It is checked into source control, tested, versioned and release the same way as software code.

By managing infrastructure with Chef and having a full workflow process to manage the code into production, manual ad-hoc changes to a system are no longer persistent: the next time the state is checked, the manual change is removed. This has a number of side effects:

  • it helps to eliminate configuration drift from environments
  • it builds a culture where all changes need to be written to source control and then promoted through your test paths, before production deployment
  •  you’ll have a fully automated, audit and compliance engine that can show what changes were made, when and by whom.

Why use a GUI to make a change manually when you can use version controlled code, right? Awesome.  

Why take the risk? Get some insurance!

We’ve been having a few conversations recently with clients regarding moving from the (brilliant) free version of Chef’s open Community tooling to the paid Enterprise subscription version.I’ve heard a few comments along the lines of:

"Why would I do this? It works fine as it is, nothing has gone wrong"

The response seems relatively straightforward: You’d do this if you’re using Chef in any kind of "enterprise" capacity, i.e. you’re using it to support/manage/provision infrastructure and/or software in a process or workflow which would impact your business if something went wrong.

It’s just like taking any other kind of insurance policy: you only need it when something unfortunate happens. This applies to everything from your home insurance (please tell me you have home insurance!) to buying support from other IT vendors like Cisco or AWS.

In the case of Chef, the Enterprise pricing currently starts at under $7 per node per month - a relatively low price for peace of mind surrounding the smooth configuration management of your IT estate.  

Ok, so what do I get?

Note: Some of the features listed below are also provided with the free community version of Chef, but only for a very limited number of nodes.

Well, first off I would argue the most important thing is a "proper" support package. There are more details of this here, but the addition of swift response times and round-the-clock support is likely to be important for you.  

Not convinced yet?

Ok, how about HA and Replication? These offerings are designed to ensure that the Chef platform is as reliable and resilient as your own infrastructure. So, for example, if you’re running your AWS estate across multiple Availability Zones, let Chef help ensure that its tooling and your scripts are always there when you need them.  

Still not convinced?

Would you like what has traditionally been called a 'Technical Account Manager'? Chef provides what they term a Customer Success Engineer (CSE) who will help you make the most of your Chef deployments (which will obviously already be perfect if Cloudreach built them for you). More seriously though, they can help to ensure you’re getting the best value from Chef across your business and yield some strong insight into implementing proper DevOps processes combined with CI/CD, for example.

Note: There’s an extra charge for the CSE, depending on the scope of input you would like - but again, this option flexibly priced based on the size of your estate.

You must be convinced by now?

If not, how about the full audit and reporting capability you’ll get from the analytics package on offer? This can be combined with the platforms your Ops team is probably already using for communication (ours is) like HipChat to provide real time notifications.

Ready to sign up?

Well, not everyone will, and it’s not mandatory (kudos to Chef for the Community version). It’s not easy to "monetise" such a great free piece of tooling, but certainly we at Cloudy Towers believe that anyone using Chef seriously in their company needs the Enterprise offering.