Skip to main content


AWS OpsWorks for Chef Automate

CIOs expect to shift 21% of their company’s applications to a public cloud this year, and 46% by 2020, according to a report by Morgan Stanley.


Recently, I attended a webinar on “Cloud Migration”. It was a joint presentation by folks from AWS and Chef. It touched on two key areas – “migration to cloud” and ” developing DevOps simultaneously”. They demonstrated how Chef can be used to migrate, monitor, secure and automate the application development in a hybrid environment. Why hybrid – cause that is what many smart companies do, maintain a hybrid version to minimize low availability risk.

Large organizations are slowly but steadily evaluating cloud adoption. Architecture teams are gradually modifying the organization’s Enterprise Reference Architecture. This reflects their willingness to investigate cloud technologies. Choices rendered for migration are either infrastructure centric or application centric.  Economic benefits drive infrastructure migration whereas cloud-native architectures drive application migration. This post covers a brief on Chef Automate for infrastructure centric migration. I use the words AWS and cloud interchangeably in my posts, primarily cause of my experience in the AWS space.

Application Centric Migration

As a Solutions Architect, the foremost question that I encounter when planning for cloud migration is – how to scrape a public cloud with minimal or no impact to my existing and rather healthy application development? Chef Automate in AWS OpsWorks appears to be a good answer.

Some organizations do have on premise Chef installation. The easiest way for them is to start with infrastructure centric cloud migration  is to spin an ec2 instance in cloud (security and networking setup implied), bootstrap the new ec2 instance to the inhouse Chef server and attach the existing runlist of required recipes to the instance. That is it! Your native Chef server will now treat this new node as any other instance in your organization’s network. It will push Cookbooks or Recipes to this new node as it has been doing to the existing ones. What did we achieve with this simple spinning and bootstrapping of ec2 instance – our first step on cloud without any impact on the existing DevOps process. Once the ec2 node is tested for stability and performance, more ec2 instances can then replace the inhouse instances. Hence comes along a gradual migration to cloud through DevOps.

For organizations that do not have on premise Chef installation as doing so requires specialized skill set, a simpler way is to proceed with AWS OpsWorks Chef Automate. It is a fully managed chef server that has all the goodies of rich Chef installation including but not limited to workflow automation, compliance checking and monitoring. It takes between 5-10 mins to set up the server. You get a choice to pick your server instance based on the number of projected nodes. Default security credentials to log onto the Chef Automate server and a sample test chef repository are made available through console. The test repository has the required directory structure built into it. Well that spares some time to do more meaningful work. Chef Automate is full compatible with supermarket. Most commonly used cookbooks can be found there. You can download and modify them for your application’s deployment needs. You can also generate a new one and code accordingly. However, that does require some knowledge of Ruby and JSON.  Once the server is up and running, you can bootstrap both the on premise and ec2 instances to this server. Now this appears to be a more confident and a bigger step towards infrastructure centric cloud migration. After your hybrid chef configuration is in place, you can set up DevOps workflow to automate your application deployment.

Compliance is another good features that comes out of the box with Chef Automate. CIS benchmark could be downloaded and configured with the Chef server and this will help evaluate each node’s security profile. Ultimate result “instance hardening”. Who loves to be hacked anyway!


In short, migration to cloud is a first step in a totally new direction. With this comes anxiety and no matter how adept the teams are, a little professional help to mitigate risks is always helpful. At Perficient we continue to monitor cloud technologies and trends. We do understand the challenges in embracing cloud technologies  and hence have come up with proven cloud based solutions, platforms, architectures and methodologies to aid smoother migration.  If you’re interested in learning more, please reach out to one of our specialists at and download our Amazon Web Services guide for additional information.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Shiv Singh, Director CPS, Solution Architecture and Delivery

More from this Author

Follow Us