Advancing Our Chef Infrastructure: Safety Without Disruption

Last year, I wrote a blog post titled Advancing Our Chef Infrastructure, where we explored the evolution of our Chef infrastructure over the years. We talked about the shift from a single Chef stack to a multi-stack model, and the challenges that came with it – from updating how we handle cookbook uploads to navigating the limitations around Chef searches.

If you haven’t had a chance to read that post yet, I highly recommend checking it out first to get the full context for this post.

At Slack, keeping our service reliable is always the top priority. In my last post, I talked about the first phase of our work to make Chef and EC2 provisioning safer. With that behind us, we started looking at what else we could do to make deploys even safer and more reliable.

One idea we explored was moving to Chef Policyfiles. That would have meant replacing roles and environments and asking dozens of teams to change their cookbooks. In the long run, it might have made things safer, but in the short term it would have been a huge effort and added more risk than it solved.

So instead, this post is about the path we chose: improving our existing EC2 framework in a way that doesn’t disrupt cookbooks or roles, while still giving us more safety in our Chef deployments.

Advancing Our Chef Infrastructure: Safety Without Disruption

Other newsrooms on this story

Related reading

From SSH to REST: A Security-Driven Modernization of Slack’s EMR Data Pipelines

Other newsrooms on this story

Related reading

From SSH to REST: A Security-Driven Modernization of Slack’s EMR Data Pipelines

Why Platform Engineering Is Quietly Reshaping Modern DevOps

Deploy Safety: Reducing customer impact from change

Approaching your observability migration with the right mindset | Datadog

Security Is Important. Automate It

Building a Production Grade AWS Infrastructure Project (Part 1)