Chef in a Nutshell
The Chef software family allows users to configure their IT systems and monitor them constantly.
In classical environments, configuration is done manually or with long shell scripts – making it non-reproducible or only applicable once. When using Chef, you state your desired state and your expectations of the configured system in an OS-independent way.
This configuration is portable across platforms and violations of your expectations will be automatically detected, reported and corrected.
Chef InSpec – Verify your IT systems‘ compliance and security posture, using CIS-certified benchmarks.
Chef Infra Client – Discover the „Test & Repair Principle“: Keep your infrastructure current and revert all manual changes within seconds.
Chef Habitat – Roll out software across different systems, platforms and runtime engines like Kubernetes or Docker.
Chef Automate – Implement a company-wide dashboard for managed servers, desktop clients, applications and their compliance status.
„DevOps“ is not a buzz word but a radical change of mentality and tools, which requires a long-term effort.
One of its main ideas is to spend more time on tasks that add value than on repetition or hand-overs between departments.
Starting with DevOps is not a sprint, but a marathon involving training, communication, exercise and mutual understanding.
As part of our Chef consulting, we guide you through all these related changes which are crucial to introducing tools like Chef – because DevOps is more about interactions than tools.
Professional Services + Development
If you just set up a web server in the cloud, things tend to be straightforward. But most projects, especially in an enterprise context, are mainly one thing: really complex.
Our consultants have been working with Chef for years and know when to deviate from the usual patterns. Starting with hands-on training and guiding you along the full implementation cycle, we can help you avoid the obstacles you would run into if you were purely self-studying. Our goal is to enable you and your employees to be self-sustaining within the Chef ecosystem, while offering you specialized consulting later on.
As every big project has its special requirements, we also develop technology just for you: Custom resources for Chef and InSpec, helper libraries and inventory plugins – even specialized drivers to enable you to test on your own infrastructure.
We love open source and publish our contributions to the ecosystem whenever possible.
Software licenses are complex and confusing. We offer to be your partner in this area, by checking your actual requirements and finding the best solution together with the vendor themselves.
tecRacer has been selling Chef licenses for years, from small customers to international enterprises. Contact us and talk to people who actually know the software that you want to buy – not somebody who just offers everything.
As every journey should start with thorough preparation, we are offering you the official Chef curriculum. And as reality rarely follows your textbooks, we are adding our practical project knowledge on top.
While there are many books and video courses on Chef, much of it is either dated or created out of pure theory. Instead of buying this book from 2013, you should get some first-hand knowledge of how things evolved over time.
tecRacer as CHEF Principal Partner
tecRacer has been awarded Principal Partner status in 2020, the highest partner level of Chef.
With this status, Progress Chef only distinguishes those partners who have the highest level of expertise, have a major influence on the market and can master both small and large customer projects with confidence.
Parallel to this, the cooperation at conferences and user groups has continued to grow: tecRacer has created the Chef Usergroup Germany. The Usergroup will not only invite speakers from tecRacer and other companies, but also Chef employees from different countries have expressed interest in reporting on news and their experiences.
Chef and tecRacer complement each other since 2017 in the area of Progress Chef Professional Services, Consulting, Reselling and Training. The segment for the DACH area has been experiencing continuous growth for years.
- Stop LLM/GenAI hallucination fast: Serverless Kendra RAG with GOam 20. September 2023
RAG is a way to approach the “hallucination” problem with LLM: A contextual reference increases the accuracy of the answers. Do you want to use RAG (Retrieval Augmented Generation) in production? The Python langchain library may be too slow for your production services. So what about serverless RAG in fast GO Lambda?
- AWS Client VPN - Access your Virtual Private Cloudam 20. September 2023
One of the most unknown options to access a VPC is Client VPN. Nearly all customers I am talking to are using a Bastion Host or similar to access services within their VPC. But what about direct access without any jumps in between? After reading this blog, you can create your own Client VPN.
- Teaching boto3 to store floats and datetime objects in DynamoDBam 7. September 2023
In this blog post, we’ll explore how you can teach the DynamoDB Table resource in boto3 (and the client) to store and retrieve Python’s datetime and float objects, which they can’t do natively. We’ll also discuss why you should or shouldn’t do that.
- Handling Errors and Retries in StepFunctionsam 28. August 2023
“Everything fails all the time” has been preached to us by Werner Vogels for a few years now. Every engineer working on building and maintaining systems knows this to be true. Distributed systems come with their own kind of challenges, and one of the AWS services that help deal with those is AWS Step Functions. AWS Step Functions allow you to describe workflows as JSON and will execute those workflows for you. In this blog, we’ll explore what happens when things inevitably go wrong and the options the service offers to perform error handling and retries using an example application.
- Assigning EKS Namespaces to Node Groupsam 25. August 2023
In AWS EKS clusters, there are a couple of use cases for which all pods of a namespace should be automatically scheduled to specific nodes in Kubernetes, including: Clear allocation of data plane infrastructure (and costs) to teams in large organizations, Running critical workloads on on-demand nodes and not on spot nodes, or Using specific hardware, such as GPU, only by workloads that actually require it. In this post, we will explore how to facilitate that in EKS.
- Hybrid DNS resolution using Route 53 Endpointsam 15. August 2023
When implementing a hybrid cloud solution and connecting your AWS VPCs with corporate data centers, setting up proper DNS resolution across the whole network is an important step to ensure full integration and functionality. In order to accomplish this task, Route53 Inbound and Outbound endpoints can be used. In combination with forwarding rules, they allow you to forward DNS traffic between your AWS VPC and on-premises data centers. In this blog post, I would like to show you how you can leverage Route53 endpoints in combination with Terraform to establish seamless DNS query resolution across your entire hybrid network.
- SBOMs on AWS - what?am 9. August 2023
Like most IT professionals, you might have read the title and googled “SBOM”. Now that you know it stands for “Software Bill of Materials”, read on to see why this will be very important in the next years. And what AWS can do to help you with this concept.
- HIVE_CURSOR_ERROR in Athena when reading parquet files written by pandasam 7. August 2023
In a recent project, a colleague asked me to look at a HIVE_CURSOR_ERROR in Athena that they weren’t able to get rid of. Since the error message was not incredibly helpful and the way this error appeared is not that uncommon, I thought writing this may help you, dear reader, and future me when I inevitably forget about it again.
- EKS Backup with Veleroam 4. August 2023
Velero is a tool to backup the kubernetes cluster state and its persistent volumes. It can be used for disaster recovery or cluster migration. Please refer to the official documentation for a more comprehensive description of use cases. This article describes the baseline setup for the backup to ease the start of backing up your EKS clusters.
- Using AWS Security Hub for EKS Securityam 4. August 2023
kube-bench is a tool for checking kubernetes clusters against requirements defined in the CIS Benchmark. The tool runs locally on a kubernetes node, performs its checks and prompts the outputs to the shell or to files. This is quite unhandy, because it means that a user needs to pick up the logs, store them somewhere and analyze them. A deployment of the tool via kubernetes can ease the process for example with the kubectl logs command, but it is still far from perfect. Luckily, there is an integration in AWS Security Hub.