Chef Infra

Automate infrastructure configuration

Chef Infra is a powerful automation platform that transforms infrastructure configuration into code. Whether you’re operating in the cloud, on-premises, or in a hybrid environment, Chef Infra automates how infrastructure is configured, deployed, and managed across your network, no matter its size.

New! See what's new in Chef Infra 16

Configuration Automation

Confidence Through Code
Define infrastructure as code, making the process of managing configurations automated and testable.
Consistent Configuration
Reduce duplicated manual configuration efforts, ensuring consistent configurations across the development lifecycle.
Eliminate Drift
Ensure configurations only change if a system diverges from the desired defined state and automatically correct configuration drift, if needed.
Extreme Flexibility
Use simple declarative definitions for common tasks or easily extend to support the most unique environmental requirements.

Configuration Management

Express your infrastructure configuration as code, and make your systems testable, portable, and auditable. Give your teams the freedom to focus on building new innovations, rather than on solving problems that have already been solved in the past. Automate your systems’ adherence to declared desired state and focus on solving the most important problems that your teams face.

# remove write permissions from path folders ($PATH) for all regular users  
# this prevents changing any system-wide command from normal users  

paths = %w[/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin] + node['os-hardening']['env']['extra_user_paths']  

paths.each do |folder|  

execute "remove write permission from #{folder}" do  
  command "chmod go-w -R #{folder}"
  not_if "find #{folder}  -perm -go+w -type f | wc -l | egrep '^0$'"

System Hardening

Applying OSes and patches, deploying core libraries to these Operating Systems, deploying apps into these images, and finally scanning everything for known vulnerabilities. Keep these patches, libraries and apps automatically updated. Leverage a rich set of APIs as well as the CLI to integrate with other tools.

DevOps and Cloud Automation

Integrate with tools across the DevOps toolchain, including source code and artifact repositories (GitHub, GitLab, Atlassian BitBucket), CI/CD tools (Cloudbees/Jenkins, CircleCI, Azure DevOps), provisioning (HashiCorp Terraform, Packer, Vagrant, Vault). Work with any cloud resource manager, including Azure Resource Manager and AWS CloudFormation. Multi-cloud automation enabled via integrations with provisioning tools like Terraform.

Incident Management

View a summary or detailed view to look at a node/app status or troubleshoot errors. Filter down to classes of nodes or classes of errors to isolate data. Display notifications on a per-node, per-failure basis, or configured for alerts to chat, to webhook endpoints, or to ServiceNow.

Chef Infra Ecosystem

Chef Workstation

Chef Workstation packages all the tools necessary to be successful with Chef Infra and InSpec.

Test Kitchen

Test Kitchen is an open source integration tool pioneered by Chef for developing and testing infrastructure code and software on isolated target platforms.

Chef Supermarket

Chef Supermarket is the site for community cookbooks. It provides an easily searchable cookbook repository and a friendly web UI.

Chef Cookstyle

Chef Cookstyle is a code linting tool that helps you write better Chef Infra cookbooks by detecting and automatically correcting style, syntax, and logic mistakes in your code.

