[Watch] Chef Automate: Scale your use of automation

What is Chef Automate?

Chef Automate is our new approach to scaling up the use of automation across your organization. It builds on our open-source projects: Chef for infrastructure and cloud automation, InSpec for compliance automation, and the newly released Habitat for application automation.

Moving from manual processes to automated ones, incorporating compliance tests into your deployment pipeline, or better managing your applications throughout their lifecycle all present similar obstacles. With Chef Automate, your team has one product that brings end-to-end visibility, compliance, and a unified workflow to your organization’s deployment pipelines.

Try Chef Automate

Start your 30-day trial and transform your company into a highly collaborative, software-driven organization with Chef Automate as the engine. This will allow you access to premium content, world-class support, and tools you need for mission critical service.

See a Demo of Chef Automate

Watch this recorded webinar to learn about the different capabilities of Chef Automate and how it unifies Chef, Inspec, and Habitat into a comprehensive DevOps strategy for any company in today’s digital world.

We’ll show you how:
  • Workflow provides a common pipeline for governance and dependency management.
  • Visibility gives you deep insight into what’s happening in your organization, including serverless chef-client runs and data from multiple Chef servers.
  • Compliance enables automated compliance assessments as part of your workflow pipelines.

Q&A From Live Presentation

Q: Where does Test Kitchen fit into the Workflow feature of Chef Automate?

A: Workflow pipelines are driven by what is defined in the underlying build cookbook. As an example, for delivering a cookbook through workflow one would use the delivery-truck build-cookbook which would run all of the included InSpec tests that you write with your cookbook.

Q: Does Chef Automate licensing replace Chef Delivery licensing? Does this replace the Chef server licensing or is it an additional license?

A: The Chef Automate licensing is designed to simplify the licensing that was used for the Chef product line historically. If you have previous licensing, it’s best to reach out to your account manager or [email protected] for how to get started with Chef Automate.

Q: Is Chef Delivery integrated into Chef Automate?

A: Chef Delivery is now the Workflow feature of Chef Automate.

Q: Is there a migration path from chef-server -> chef-automate? e.g. to port over the organizations, nodes, and clients?

A: The Chef Server is still a core piece of Chef Automate. For information on ensuring your existing Chef Server implementation is ready for Chef Automate please refer to https://docs.chef.io/install_chef_automate.html

Q: What does it look like switching from chef-server, chef-analytics, chef-reporting to Chef Automate? Both technically and license-wise?

A: Technically the Chef Server API is part of Chef Automate, which means all of your cookbooks will just work. Functionality of Reporting and Analytics is now wrapped in the visibility feature of Automate. License-wise, it’s a simpler model too – just one license.

Q: Is Chef Automate a hosted offering? Is this different than Hosted Chef?

A: Chef Automate is not a hosted offering, it is designed to be installed in your environment. Hosted Chef is a great solution to minimal overhead when using the core features of Chef, however it is not planned to include the features of Chef Automate.

Q: Are there details on how to setup Chef Automate as a highly available system on the website or documentation?

A: Chef Automate does not support a high availability setup.

Q: How do I learn Chef from a basic level?

A: Learn Chef (learn.chef.io) is going to be your primary source for beginning your journey of learning Chef.

Q: In my org we use git and Jenkins, will this be part of the workflow in Chef Automate?

A: Workflow can be used to call out to your existing Jenkins implementation and be the primary way you interact with your existing implementation.

Q: What are the default security standards that come with Compliance?

A: Compliance includes several InSpec profiles out of the box. Included with these profiles are base security practices as well as CIS standards.

Q: Compliance has 2 hard parts — all the manual work responding to requests, but also the audit requirements change each time. We don’t know what the auditors will ask until they arrive. How do we automate when we don’t know the questions ahead of time? Any suggestions?

A: Compliance allows you to trigger ad-hoc audits to verify compliance against newly added profiles. Workflow allows you to integrate these profiles into your pipeline so that they are continually verified every time you ship. As you continually add more to your compliance profiles verifying the things you know as well as quickly adding to that set becomes easier.

Q: Can Chef Automate run on EC2 in AWS?

A: Yes, the Chef Automate installation can be setup in AWS.

Q: We are a very large organization. I can’t change everyone’s workflow, but i want to use Chef Automate in Operations for Infra and Compliance. Can I skip Habitat and use Chef Automate without that? I don’t ship software.

A: Definitely. Chef Automate will bring additional value whether you’re using it for your entire stack or slowly adding to what is being managed through it.

Q: Does this workflow/pipeline support other languages/integration testing? Such as: PowerShell and Pester?

A: Absolutely! Workflow in Chef Automate is flexible around the content of jobs it needs to run. E.g. if you’re building Windows boxes then Pester is a great testing tool and PowerShell is the native Shell to Windows – you’ll want to use both and workflow supports that.

Jamie Bright

Former Chef employee