Luiz - Fotolia

Chef IT automation invigorates legacy apps amid cloud surge

Chef Software's Habitat tool carved out a niche as it matured, among enterprise IT pros tasked with modernizing legacy data center apps.

It's taken nearly four years, but the Chef Habitat IT automation tool has hit its major initial roadmap goals and begun to play a key role among enterprises that want to modernize legacy apps.

At its launch as an open source project in mid-2016, Chef Software made Habitat one of the main pieces of a renewed IT automation strategy. Chef had risen to prominence in configuration management, a field that stood to be overtaken by the emerging container trend. Chef Habitat introduced a packaging format that bundled together applications and their dependencies and decoupled them from underlying server operating systems and hardware to make them deployable and portable, with or without the use of Linux containers.

However, the concept of Chef Habitat took a while to sink in among enterprise IT shops. Many IT pros at ChefConf in 2018 didn't clearly understand how Habitat was different from Docker Linux containers and Kubernetes Helm charts, for example. Further confusing the issue, Chef Habitat is technically complementary to containers and Kubernetes; it can export any application that's been built with Habitat as a container and deploy it to Amazon or Azure container registries.

"Chef struggled to articulate it, but there's a compelling story there [for Habitat] about getting applications under better control, regardless of their underlying infrastructure," said Charles Betz, analyst at Forrester Research.

Chef Habitat and Chef Automate -- together at last

Chef's 2016 strategy update also introduced Chef Automate, an umbrella management tool for IT automation that would bring together all of Chef's products. These also included Chef Delivery, since renamed Chef Infra, which carries out configuration management tasks on server infrastructure, and the Chef InSpec compliance-as-code tool.

Chef integrated InSpec with Chef Automate as part of the plan in 2017. But Chef Habitat, which represented the most radical departure from Chef's traditional configuration management tools, remained separate until last month, when Chef Habitat 1.5 began to feed its data to Chef Automate dashboards.

Chef struggled to articulate it, but there's a compelling story there [for Habitat] about getting applications under better control, regardless of their underlying infrastructure.
Charles BetzAnalyst, Forrester Research

The main advantage of Chef Habitat's integration into Chef Automate will be centralized visibility and management of multiple Habitat runs, users said.

Chad LarkinChad Larkin

"Any time you can improve the observability into an automation tool, it helps make the case to management that the tool is dependable," said Chad Larkin, DevOps solution architect at Early Warning Services, a financial services firm in Scottsdale, Ariz. "We can use Automate to look inside Habitat Builder and see all the versions of all the dependent packages that are running, which is visibility we didn't have before."

Chef Habitat 1.5 also integrates with Chef Automate's native installation utility, single sign-on, backup and recovery features, so the two can be deployed together more easily. Users can also install version 1.5 using on-premises tools such as Artifactory, and deploy instances of Habitat Builder on premises, which will come in handy for some enterprises in highly security-sensitive, air-gapped environments.

"Chef Automate makes our security team happy, because it gives them one place to look and make sure everything is compliance with InSpec," said Christopher Maher, senior software engineer in Alaska Airlines' e-commerce division, an early adopter of Chef Habitat.

Christopher MaherChristopher Maher

In time, Chef Automate's dashboards will hopefully show critical vulnerabilities in software packages deployed with Chef Habitat and automate patches through Chef Infra, Larkin said. Chef reps said both features are on the product roadmap.

Chef Habitat teaches legacy apps new IT automation tricks

Some enterprise customers have used Habitat and its Kubernetes Operator for cloud-native apps in the past two years, but Chef reps didn't disclose what proportion of its users fit that profile. Meanwhile, among enterprise shops now speaking publicly about Chef Habitat, the main role for the tool so far has been in bypassing containerization for legacy apps, while adding container-like portability and automated deployment to them through a well-understood toolset in Chef Infra.

"As an airline, we're always going to have things on premises because of regulatory compliance," Maher said. "But we haven't been using Habitat in Kubernetes… that environment has its own automated tooling, such as Azure DevOps."

Thus, it's unclear what Chef Habitat's role will be as Kubernetes and containers take over, but it will take time before that happens, said Forrester's Betz. Chef Habitat could potentially play a role in legacy app migration to cloud and containers through its ability to export app packages into containers, he added.

"Chef Habitat doesn't solve Chef's Kubernetes problem to a certain extent, but Chef is well-advised to realize that if they jump ahead, someone else will come in to help customers get from point A to point B while they're screwing around with point Z," Betz said. "There's a role for them in that cloud migration process, and supporting infrastructure as code on edge devices as well."

For Early Warning Services, it's not yet certain what role Chef Habitat will play as greenfield apps move to containers and microservices. But in the meantime, putting legacy apps, particularly Windows apps, into containers to speed up their deployment represents too much of a time investment and learning curve, Larkin said.

"Chef Habitat pipelines are now in our strategic plan as we build out a Kubernetes environment for greenfield apps," Larkin said. "Everybody loves to talk about greenfield, but not how brownfield is going to get to the same place without rewriting legacy apps, which at the speed of business is impractical."

Developers also don't want to take the time to learn container orchestration concepts and rewrite apps that may serve an important purpose but aren't tied to the most pressing business development efforts.

"A key portion of the software in our on-premises data center relies on a Windows app built on a PowerShell script," Larkin said. "We're not going to take the time to teach people about Docker when we can export a package through Chef Habitat that decouples it from the underlying OS, so it can run anywhere, without changing any commands."

Meanwhile, Alaska Airlines plans to use Chef Habitat to align its on-premises legacy apps with the cloud-native apps it's deploying in Microsoft Azure.

"Our big goal is to make all the servers that host parts of our website follow the same patterns, and get to the same level of automation," said Alaska's Maher.

Maher's team uses Chef Habitat to break down monolithic servers in its on-premises QA and test environments into a microservices-like chain of single-service instances, and make their deployment standardized and repeatable. This year, the team plans to roll out Chef Habitat in its production on-premises infrastructure as well.

"I want developers to not even realize where an app is running, because the experience is the same," Maher said.

Dig Deeper on Systems automation and orchestration

Software Quality
App Architecture
Cloud Computing
Data Center