/effortless

Automated best practices for Chef Infra and Chef InSpec

Primary LanguageShellApache License 2.0Apache-2.0

Effortless

Build status

Project State: Active

Issues Response Time Maximum: 14 days

Pull Request Response Time Maximum: 14 days

Effortless is automated best practices for Chef Infra and Chef InSpec.

What can you do with Effortless Infrastructure?

  • Deliver brand new infrastructure configuration and automated security tests to your entire fleet, in 60 seconds.

  • Use a secure, pull-based workflow that scales. Use the same workflow in airgapped environments.

  • Update Chef Infra and Chef InSpec automatically, with always up-to-date best practices.

  • Report infrastructure configuration and security test runs to Chef Automate, automatically.

Quick Links

  • Chef Infra - Chef Infra automates infrastructure configuration, ensuring every system is configured correctly and consistently.

  • Chef InSpec - Automate security tests, ensuring consistent standards are enforced in every environment, at every stage of development.

  • Chef Habitat - Codify how the application is built, how it runs, and all of its dependencies to free the app from underlying infrastructure and make updates easy.

  • Chef Automate - Enterprise dashboard and analytics tool enabling cross-team collaboration with actionable insights for configuration and compliance and an auditable history of changes to environments.

Existing Users

If you're already familiar with the Chef stack, here's a quick rundown of how Effortless works.

  1. Effortless uses a build process to pull down all your cookbooks or profiles. The build creates a single, deployable package. For Chef Infra, it contains your cookbooks, an up-to-date Chef Infra client, and the latest best practices. For Chef InSpec, it contains your profiles, an up-to-date Chef InSpec client, and the latest best practices.

  2. At runtime, Chef Infra works without Chef Infra Server. It uses Chef Solo mode.

  3. At runtime, Chef InSpec works without pulling profiles from Chef Automate. All profiles, including those from Chef Automate, are vendored at build time.

  4. Chef Habitat manages Chef Infra and Chef InSpec, and provides a pull-based update strategy for continuous delivery.

  5. This workflow is a full replacement and improvement over the environment and role cookbook patterns or Berkshelf way.

  6. Effortless is production and enterprise ready because it is built on already battle-tested Chef tools that you know already.

Image of the Effortless pattern

Next Steps

If you're new to Effortless, the examples directory has a list of different kinds of packages and workflows that you can use to get started. If you just want to try something, start with examples/infra-linux-hardening.