How To Install Chef Server
Chef is an automation platform that configures and manages your infrastruture. It transforms the infrastruture into code. Information technology is a Ruby based configuration management tool. This automation platform consists of a Chef workstation, a Chef server and chef clients which are the nodes managed past the Chef server. All the chef configuration files, recipes, cookbooks, templates etc are created and tested on the Chef workstation and are uploaded to the Chef Server, then it distributes these across every possible nodes registered inside the organisations. It is an ideal automation framework for the Ceph and OpenStack. Not merely it gives us complete command but it's super easy to piece of work with.
In this article, I'm explaining the steps I followed for implementing a Chef automation environment on my CentOS 7 servers.
Pre-requisites
- It is recommended to take a FQDN hostname
- Chef supports only 64 bit compages
- Proper network/Firewall/hosts configurations are recommended
How Chef works?
Chef comprises of a workstation which is configured to develop the recipes and cookbooks. It is also configured to run the knife and synchronizes with the chef-repo to keep it upwardly-to-date. It helps in configuring organizational policy, including defining roles & environments and ensuring that critical data is being stored in data bags. One time these recipes/cookbooks are tested in the workstations, we tin can upload it to our Chef server. Chef server stores these recipes and assigns on to the nodes depending on their requirements. Basically nodes communicates with just the chef server and takes instructions and recipes from there.
In my demo setup, I'k having three servers namely
- chefserver.test20.com - Chef Server
- chefwork.test20.com - Chef Workstation
- chefnode.test20.com - Chef Node
Allow's us offset with building Workstation.
Setup a Workstation
Commencement of all, login to our server chefwork, and so download the Chef evolution package. Once the package is downloaded, we can install the packet using rpm command.
root@chefwork ~]# wget https://packages.chef.io/stable/el/7/chefdk-0.14.25-1.el7.x86_64.rpm --2016-05-twenty 03:47:31-- https://packages.chef.io/stable/el/vii/chefdk-0.14.25-1.el7.x86_64.rpm Resolving packages.chef.io (packages.chef.io)... 75.126.118.188, 108.168.243.150 Connecting to packages.chef.io (packages.chef.io)|75.126.118.188|:443... connected. HTTP request sent, awaiting response... 302 Location: https://akamai.bintray.com/87/879656c7736ef2a061937c1f45c623e99fd57aaa2f6d802e9799d333d7e5342f?__gda__=exp=1463716772~hmac=ef9ce287129ab2f035449b76a1adc32b7bf8cae37f018f59da5a642d3e2650fc&response-content-disposition=attachment%3Bfilename%3D%22chefdk-0.14.25-ane.el7.x86_64.rpm%22&response-content-blazon=application%2Foctet-stream [post-obit] --2016-05-20 03:47:32-- https://akamai.bintray.com/87/879656c7736ef2a061937c1f45c623e99fd57aaa2f6d802e9799d333d7e5342f?__gda__=exp=1463716772~hmac=ef9ce287129ab2f035449b76a1adc32b7bf8cae37f018f59da5a642d3e2650fc&response-content-disposition=attachment%3Bfilename%3D%22chefdk-0.14.25-1.el7.x86_64.rpm%22&response-content-type=application%2Foctet-stream Resolving akamai.bintray.com (akamai.bintray.com)... 104.123.250.232 Connecting to akamai.bintray.com (akamai.bintray.com)|104.123.250.232|:443... continued. HTTP request sent, awaiting response... 200 OK Length: 143927478 (137M) [application/octet-stream] Saving to: 'chefdk-0.14.25-i.el7.x86_64.rpm' 100%[====================================================================================================>] 14,39,27,478 2.52MB/southward in 55s 2022-05-20 03:48:29 (ii.49 MB/s) - 'chefdk-0.14.25-i.el7.x86_64.rpm' saved [143927478/143927478] [root@chefwork ~]# rpm -ivh chefdk-0.14.25-1.el7.x86_64.rpm warning: chefdk-0.fourteen.25-ane.el7.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY Preparing... ################################# [100%] Updating / installing... one:chefdk-0.14.25-ane.el7 ################################# [100%] Thank yous for installing Chef Development Kit! What is ChefDK?
The Chef Evolution Kit contains everything to start with Chef, along with the tools essential for code managing.
- It contains a new command-line tool, "chef"
- The cookbook dependency manager Berkshelf
- The Exam Kitchen integration testing framework.
- ChefSpec for testing the cookbook syntax
- Foodcritic, a tool for doing static code assay on cookbooks.
- It as well has all the Chef tools like Chef Customer, Knife, Ohai and Chef Zero
Let's start with creating a some recipes in the Workstation and test it locally to ensure its working.
Create a folder named chef-repo on /root/ and inside that folder we tin create our recipes.
[root@chefwork ~]# mkdir chef-repo [root@chefwork ~]# cd chef-repo Creating a recipe called hello.rb. [root@chefwork chef-repo]# vim hello.rb [root@chefwork chef-repo]# [root@chefwork chef-repo]# cat hello.rb file '/etc/motd' practise content 'Welcome to Chef' finish This recipe hello.rb creates a file named /etc/motd with content "Welcome to Chef". This recipe brand utilise of the resource file to enhance this task.Now we tin can run this recipe to check its working.
[root@chefwork chef-repo]# chef-apply hi.rb Recipe: (chef-apply cookbook)::(chef-use recipe) * file[/etc/motd] action create (upward to date) Confirm the recipe execution: [root@chefwork chef-repo]# true cat /etc/motd Welcome to Chef Deleting the file
We can change our recipe file to delete the created file and run using the command chef-apply as below:
[root@chefwork chef-repo]# cat hullo.rb file '/etc/motd' practise activity :delete end [root@chefwork chef-repo]# chef-apply hullo.rb Recipe: (chef-apply cookbook)::(chef-apply recipe) * file[/etc/motd] action delete - delete file /etc/motd Installing a package
Nosotros're modifying our recipe file to install httpd packet on our server and copy an index.html file to the default certificate root to ostend the installation. The package and the service resource are used to implement this. Default activity for a bundle resource is installation, hence we needn't specify that action separately.
[root@chefwork chef-conf]# cat hi.rb package 'httpd' service 'httpd' do action [:enable, :start] terminate file '/var/world wide web/html/index.html' do content 'Welcome to Apache in Chef' terminate [root@chefwork chef-conf]# chef-utilise hi.rb Recipe: (chef-use cookbook)::(chef-apply recipe) * yum_package[httpd] action install - install version 2.4.six-40.el7.centos.1 of packet httpd * service[httpd] action enable - enable service service[httpd] * service[httpd] activity start - first service service[httpd] * file[/var/www/html/index.html] action create (up to appointment) The command execution conspicuously describes each example in the recipe. It installs the Apache package , enables and starts the httpd service on the server. And it creates an alphabetize.html file in the default certificate root with the content "Welcome to Apache in Chef". So we can verify it by running the server IP in the browser.
Creating Cookbooks
Now we can create our first cookbook, create a folder called chef-repo under the /root directory and execute the command "chef generate cookbook [cookbook proper name]" to generate our cookbook.
root@chefwork chef-repo]# mkdir cookbooks [root@chefwork chef-repo]# cd cookbooks/ [root@chefwork cookbooks]# chef generate cookbook httpd_deploy Installing Cookbook Gems: Compiling Cookbooks... Recipe: code_generator::cookbook * directory[/root/chef-repo/cookbook/httpd_deploy] action create - create new directory /root/chef-repo/cookbook/httpd_deploy 
This is the file construction of the created cookbook, let'south see the use of these files/folders within the cookbook one by 1.
Berksfile : It is the configuration file, which mainly tells BerkShelf what are the cookbook's dependencies, which tin can be specified directly inside this file or indirectly through metadata.rb. It too tells Berkshelf where it should wait for those dependencies.
Chefignore : It tells Chef which all files should exist ignored while uploading a cookbook to the Chef server.
metadata.rb : It contains meta information about you cookbook, such as name, contacts or description. It tin can also land the cookbook'southward dependencies.
README.md : It contains documentation entry betoken for the repo.
Recipes : Contains the cookbook's recipes. It starts with executing the file default.rb.
default.rb : The default recipe format.
specs : It will be storing the unit test cases of your libraries.
exam : It will be storing the unit test cases of your recipes.
Creating a template
Side by side we are going to create a template file for ourselves. Earlier, we created a file with some contents, but that can't exist fit in with our recipes and cookbook structures. so allow's meet how we can create a template.
[root@chefwork cookbook]# chef generate template httpd_deploy index.html Installing Cookbook Gems: Compiling Cookbooks... Recipe: code_generator::template * directory[./httpd_deploy/templates/default] action create - create new directory ./httpd_deploy/templates/default * template[./httpd_deploy/templates/default/index.html.erb] action create - create new file ./httpd_deploy/templates/default/index.html.erb - update content in file ./httpd_deploy/templates/default/index.html.erb from none to e3b0c4 (unequal output suppressed by config) 
Now if you run across our cookbook file structure, there is a folder created with the name template with index.html.erb file. We can edit our alphabetize.html.erb template file and add to our recipe every bit below:
root@chefwork default]# true cat index.html.erb Welcome to Chef Apache Deployment [root@chefwork default]# pwd /root/chef-repo/cookbook/httpd_deploy/templates/default Creating the recipe with this template
[root@chefwork recipes]# pwd /root/chef-repo/cookbook/httpd_deploy/recipes [root@chefwork recipes]# cat default.rb # # Cookbook Name:: httpd_deploy # Recipe:: default # # Copyright (c) 2022 The Authors, All Rights Reserved. package 'httpd' service 'httpd' practise action [:enable, :start] end template '/var/www/html/index.html' do source 'alphabetize.html.erb' end Now go dorsum to our chef-repo binder and run/exam our recipe on our Workstation.
[root@chefwork chef-repo]# chef-client --local-mode --runlist 'recipe[httpd_deploy]' [2016-05-20T05:44:forty+00:00] WARN: No config file found or specified on control line, using command line options. Starting Chef Client, version 12.10.24 resolving cookbooks for run list: ["httpd_deploy"] Synchronizing Cookbooks: - httpd_deploy (0.i.0) Installing Cookbook Gems: Compiling Cookbooks... Converging 3 resources Recipe: httpd_deploy::default * yum_package[httpd] activeness install - install version two.4.6-40.el7.centos.i of package httpd * service[httpd] activity enable - enable service service[httpd] * service[httpd] action start - showtime service service[httpd] * template[/var/world wide web/html/index.html] activity create - update content in file /var/www/html/alphabetize.html from 152204 to 748cbd --- /var/www/html/index.html 2022-05-20 04:xviii:38.553231745 +0000 +++ /var/www/html/.chef-index.html20160520-20425-1bez4qs 2022-05-20 05:44:47.344848833 +0000 @@ -1,2 +i,2 @@ -Welcome to Apache in Chef +Welcome to Chef Apache Deployment Running handlers: Running handlers consummate Chef Client finished, 4/4 resources updated in 06 seconds [root@chefwork chef-repo]# true cat /var/www/html/index.html Welcome to Chef Apache Deployment According to our recipe, Apache is installed on our workstation, service is being started and enabled on kick. And a template file has been created on our default document root.
Now nosotros've tested our Workstation. It's fourth dimension for the Chef server setup.
Setting up the Chef Server
Beginning of all login to our Chef server "chefserver.test20.com" and download the chef server bundle combatible with our OS version.
[root@chefserver ~]# wget https://packages.chef.io/stable/el/7/chef-server-cadre-12.6.0-1.el7.x86_64.rpm --2016-05-20 07:23:46-- https://packages.chef.io/stable/el/7/chef-server-cadre-12.6.0-1.el7.x86_64.rpm Resolving packages.chef.io (packages.chef.io)... 75.126.118.188, 108.168.243.150 Connecting to packages.chef.io (packages.chef.io)|75.126.118.188|:443... connected. HTTP request sent, awaiting response... 302 Location: https://akamai.bintray.com/5a/5a36d0ffa692bf788e90315171582a758d4c5d8033a892dca9a81d3c03c44d14?__gda__=exp=1463729747~hmac=86e28bf2d5197154c84b571330b4c897006c2cb7f14cc9fc386c62d8b6e34c2d&response-content-disposition=attachment%3Bfilename%3D%22chef-server-cadre-12.6.0-1.el7.x86_64.rpm%22&response-content-type=application%2Foctet-stream [following] --2016-05-20 07:23:47-- https://akamai.bintray.com/5a/5a36d0ffa692bf788e90315171582a758d4c5d8033a892dca9a81d3c03c44d14?__gda__=exp=1463729747~hmac=86e28bf2d5197154c84b571330b4c897006c2cb7f14cc9fc386c62d8b6e34c2d&response-content-disposition=attachment%3Bfilename%3D%22chef-server-core-12.6.0-1.el7.x86_64.rpm%22&response-content-blazon=application%2Foctet-stream Resolving akamai.bintray.com (akamai.bintray.com)... 23.15.249.68 Connecting to akamai.bintray.com (akamai.bintray.com)|23.15.249.68|:443... connected. HTTP asking sent, pending response... 200 OK Length: 481817688 (459M) [application/octet-stream] Saving to: 'chef-server-core-12.6.0-ane.el7.x86_64.rpm' 100%[====================================================================================================>] 48,xviii,17,688 ii.90MB/s in 3m 53s [root@chefserver ~]# rpm -ivh chef-server-core-12.6.0-1.el7.x86_64.rpm warning: chef-server-core-12.6.0-ane.el7.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY Preparing... ################################# [100%] Updating / installing... 1:chef-server-cadre-12.6.0-i.el7 ################################# [100%] Now our Chef server is installed. But we need to reconfigure the Chef server to enable and kickoff all the services which is composed in the Chef server. We can run this control to reconfigure.
root@chefserver ~]# chef-server-ctl reconfigure Starting Chef Client, version 12.10.26 resolving cookbooks for run list: ["private-chef::default"] Synchronizing Cookbooks: - enterprise (0.10.0) - apt (2.9.2) - yum (three.10.0) - openssl (iv.4.0) - chef-sugar (3.3.0) - packagecloud (0.0.18) - runit (1.6.0) - individual-chef (0.1.0) Installing Cookbook Gems: Compiling Cookbooks... [2016-05-19T02:38:37+00:00] WARN: Chef::Provider::AptRepository already exists! Cannot create deprecation grade for LWRP provider apt_repository from cookbook apt Chef Client finished, 394/459 resource updated in 04 minutes 05 seconds Chef Server Reconfigured! Please confirm the service condition and their pids by running this command.
[root@chefserver ~]# chef-server-ctl status run: bookshelf: (pid 6140) 162s; run: log: (pid 6156) 162s run: nginx: (pid 6051) 165s; run: log: (pid 6295) 156s run: oc_bifrost: (pid 5987) 167s; run: log: (pid 6022) 167s run: oc_id: (pid 6038) 165s; run: log: (pid 6042) 165s run: opscode-erchef: (pid 6226) 159s; run: log: (pid 6214) 161s run: opscode-expander: (pid 6102) 162s; run: log: (pid 6133) 162s run: opscode-solr4: (pid 6067) 164s; run: log: (pid 6095) 163s run: postgresql: (pid 5918) 168s; run: log: (pid 5960) 168s run: rabbitmq: (pid 5876) 168s; run: log: (pid 5869) 169s run: redis_lb: (pid 5795) 290s; run: log: (pid 6280) 156s Hurray!! Our Chef Server is ready :). Now we tin can install the management console to become an spider web interface to manage our Chef server.
Installing Management Console for Chef Server
We can install the management console past just running this control "chef-server-ctl install chef-manage" from the chef server.
[root@chefserver ~]# chef-server-ctl install chef-manage Starting Chef Client, version 12.10.26 resolving cookbooks for run list: ["private-chef::add_ons_wrapper"] Synchronizing Cookbooks: - enterprise (0.x.0) - apt (2.9.2) - yum (3.x.0) - openssl (4.4.0) - runit (1.6.0) - chef-saccharide (3.3.0) - packagecloud (0.0.eighteen) - private-chef (0.1.0) Installing Cookbook Gems: Compiling Cookbooks... Converging 4 resource Recipe: private-chef::add_ons_wrapper * ruby_block[addon_install_notification_chef-manage] action nothing (skipped due to action :nothing) * remote_file[/var/opt/opscode/local-mode-cache/chef-manage-2.3.0-1.el7.x86_64.rpm] activeness create - create new file /var/opt/opscode/local-mode-cache/chef-manage-2.three.0-ane.el7.x86_64.rpm - update content in file /var/opt/opscode/local-style-cache/chef-manage-2.3.0-ane.el7.x86_64.rpm from none to 098cc4 (file sizes exceed 10000000 bytes, diff output suppressed) * ruby_block[locate_addon_package_chef-manage] activeness run - execute the ruby block locate_addon_package_chef-manage * yum_package[chef-manage] action install - install version 2.3.0-ane.el7 of parcel chef-manage * ruby_block[addon_install_notification_chef-manage] action create - execute the red block addon_install_notification_chef-manage Running handlers: -- Installed Add-on Bundle: chef-manage - #<Course:0x00000006032b80>::AddonInstallHandler Running handlers complete Chef Customer finished, iv/v resources updated in 02 minutes 39 seconds Afterward installing the management console, we need to reconfigure the chef server to restart the chef server and its services to update these changes.
[root@chefserver ~]# opscode-manage-ctl reconfigure To utilize this software, you lot must agree to the terms of the software license agreement. Press any key to continue. Type 'yeah' to take the software license agreement, or anything else to abolish. yes Starting Chef Customer, version 12.4.1 resolving cookbooks for run list: ["omnibus-chef-manage::default"] Synchronizing Cookbooks: - charabanc-chef-manage - chef-server-ingredient - enterprise Recipe: omnibus-chef-manage::default * private_chef_addon[chef-manage] action create (upward to engagement) Recipe: bus-chef-manage::config Running handlers: Running handlers complete Chef Client finished, 62/79 resources updated in 44.764229437 seconds chef-manage Reconfigured! [root@chefserver ~]# chef-server-ctl reconfigure At present our Direction panel is set up, we need to setup our admin user to manage our Chef Server.
Creating Admin user/Organization
I've created the admin user named chefadmin with an organization linox on my chef server to manage it. We can create the user using the chef commandchef-server-ctl user-create and organization using the command chef-server-ctl org-create.
root@chefserver ~]# chef-server-ctl user-create chefadmin saheetha shameer saheetha@gmail.com 'chef123' --filename /root/.chef/chefadmin.pem [root@chefserver ~]# [root@chefserver .chef]# chef-server-ctl org-create linox Chef Linoxide --association_user chefadmin --filename /root/.chef/linoxvalidator.pem Our keys are saved inside the binder /root/.chef folder. We need to copy these keys from the Chef server to the Work station to initiate the communication between our Chef server and workstation.
Copying the Keys
I'thou copying my user and validator keys from the Chef server to the workstation to heighten the connectedness between the servers.
[root@chefserver .chef]# scp chefadmin.pem root@139.162.35.39:/root/chef-repo/.chef/ The actuality of host '139.162.35.39 (139.162.35.39)' can't be established. ECDSA key fingerprint is 5b:0b:07:85:9a:fb:b6:59:51:07:7f:fourteen:1b:07:07:f0. Are you sure you want to continue connecting (yes/no)? yes Alarm: Permanently added '139.162.35.39' (ECDSA) to the list of known hosts. root@139.162.35.39's password: chefadmin.pem 100% 1678 1.6KB/s 00:00 [root@chefserver .chef]# [root@chefserver .chef]# scp linoxvalidator.pem root@139.162.35.39:/root/chef-repo/.chef/ The authenticity of host '139.162.35.39 (139.162.35.39)' tin't be established. ECDSA key fingerprint is 5b:0b:07:85:9a:fb:b6:59:51:07:7f:14:1b:07:07:f0. Are you sure yous want to continue connecting (aye/no)? yes Alarm: Permanently added '139.162.35.39' (ECDSA) to the list of known hosts. root@139.162.35.39'due south countersign: linoxvalidator.pem 100% 1678 1.6KB/south 00:00 [root@chefserver .chef]# At present login to our Direction panel for our Chef server with the user/password "chefadmin" created.
It'll ask to create an system from the Panel on Sign upward. Just create a different one.
Download the Starter Kit for WorkStation
Cull whatever of your organization and download the Starter Kit from the Chef Server to our Piece of work Station.
Afterwards downloading this kit. Move it your Workstation /root folder and extract. This provides you with a default Starter Kit to start up with your Chef server. It includes a chef-repo.
root@chefwork ~]# ls chef-starter.nil hello.rb [root@chefwork~]# unzip chef-starter.nothing Archive: chef-starter.zero creating: chef-repo/cookbooks/ creating: chef-repo/cookbooks/starter/ creating: chef-repo/cookbooks/starter/recipes/ inflating: chef-repo/cookbooks/starter/recipes/default.rb creating: chef-repo/cookbooks/starter/files/ creating: chef-repo/cookbooks/starter/files/default/ inflating: chef-repo/cookbooks/starter/files/default/sample.txt creating: chef-repo/cookbooks/starter/templates/ creating: chef-repo/cookbooks/starter/templates/default/ inflating: chef-repo/cookbooks/starter/templates/default/sample.erb inflating: chef-repo/cookbooks/starter/metadata.rb creating: chef-repo/cookbooks/starter/attributes/ inflating: chef-repo/cookbooks/starter/attributes/default.rb inflating: chef-repo/cookbooks/chefignore inflating: chef-repo/README.md inflating: chef-repo/.gitignore creating: chef-repo/.chef/ creating: chef-repo/roles/ inflating: chef-repo/.chef/knife.rb inflating: chef-repo/roles/starter.rb inflating: chef-repo/.chef/chefadmin.pem inflating: chef-repo/.chef/ln_blog-validator.pem
This is the file construction for the downloaded Chef repository. It contains all the required file structures to showtime with.
Cookbook SuperMarket
Chef cookbooks are available in the Cookbook Super Market, we tin can become to the Chef SuperMarket here. Download the required cookbooks from there. I'one thousand downloading one of the cookbook to install Apache from there.
root@chefwork chef-repo]# knife cookbook site download learn_chef_httpd Downloading learn_chef_httpd from Supermarket at version 0.2.0 to /root/chef-repo/learn_chef_httpd-0.2.0.tar.gz Cookbook saved: /root/chef-repo/learn_chef_httpd-0.two.0.tar.gz Extract this cookbook inside the "cookbooks" binder. [root@chefwork chef-repo]# tar -xvf learn_chef_httpd-0.2.0.tar.gz
All the required files are automatically created under this cookbook. We didn't crave to brand any modifications. Let'southward bank check our recipe description inside our recipe folder.
[root@chefwork recipes]# cat default.rb # # Cookbook Name:: learn_chef_httpd # Recipe:: default # # Copyright (C) 2022 # # # parcel 'httpd' service 'httpd' exercise action [:enable, :start] end template '/var/www/html/alphabetize.html' do source 'alphabetize.html.erb' end service 'iptables' practice action :terminate end [root@chefwork recipes]# [root@chefwork recipes]# pwd /root/chef-repo/cookbooks/learn_chef_httpd/recipes [root@chefwork recipes]# So nosotros just demand to upload this cookbook to our Chef server equally it looks perfect.
Validating the Connection b/w Server and Workstation
Before uploading the cookbook, we need to cheque and confirm the connection betwixt our Chef server and Workstation. Starting time of all, make certain you've proper Pocketknife configuration file.
[root@chefwork .chef]# cat pocketknife.rb current_dir = File.dirname(__FILE__) log_level :info log_location STDOUT node_name "chefadmin" client_key "#{current_dir}/chefadmin.pem" validation_client_name "linox-validator" validation_key "#{current_dir}/linox-validator.pem" chef_server_url "https://chefserver.test20.com:443/organizations/linox" cookbook_path ["#{current_dir}/../cookbooks"] This configuration file is location at /root/chef-repo/.chef folder. The highlighted portions are the main things to take care. Now you lot can run this command to bank check the connections.
root@chefwork .chef]# knife client list ERROR: SSL Validation failure connecting to host: chefserver.test20.com - SSL_connect returned=ane errno=0 country=fault: document verify failed ERROR: Could non plant a secure connection to the server. Use `knife ssl check` to troubleshoot your SSL configuration. If your Chef Server uses a self-signed certificate, you tin employ `knife ssl fetch` to make knife trust the server'southward certificates. Original Exception: OpenSSL::SSL::SSLError: SSL Error connecting to https://chefserver.test20.com/clients - SSL_connect returned=1 errno=0 state=fault: document verify failed Y'all can run across an SSL error reporting. In order to rectify this error, we need to fetch the SSL certificate for our Chef Server and store it inside the /root/.chef/trusted_certs folder. We can exercise this by running this command.
root@chefwork .chef]# pocketknife ssl fetch WARNING: Certificates from chefserver.test20.com will be fetched and placed in your trusted_cert directory (/root/chef-repo/.chef/trusted_certs). Knife has no ways to verify these are the correct certificates. Yous should verify the authenticity of these certificates afterward downloading. Calculation certificate for chefserver.test20.com in /root/chef-repo/.chef/trusted_certs/chefserver_test20_com.crt Verifying the SSL: [root@chefwork .chef]# knife ssl check Connecting to host chefserver.test20.com:443 Successfully verified certificates from `chefserver.test20.com' [root@chefwork .chef]# knife client list chefnode linox-validator [root@chefwork .chef]# knife user list chefadmin Uploading the Cookbook
Nosotros tin upload our cookbook to our chef server from the workstation using the knife command equally beneath:
#pocketknife cookbook upload learn_chef_httpd
[root@chefwork cookbooks]# knife cookbook upload learn_chef_httpd Uploading learn_chef_httpd [0.2.0] Uploaded 1 cookbook. Verify the cookbook from the Chef Server Management console.
Adding a Node
This is the terminal step in the Chef implementation. We've setup a workstation, a Chef server and then now we need to add our clients to the Chef server for automation. I'm adding my chefnode to the server using the knife bootstrap command as below:
[root@chefwork cookbooks]# knife bootstrap 45.33.76.60 --ssh-user root --ssh-password dkfue@321 --node-proper name chefnode Creating new client for chefnode Creating new node for chefnode Connecting to 45.33.76.threescore 45.33.76.lx -----> Installing Chef Omnibus (-v 12) 45.33.76.60 downloading https://omnitruck-direct.chef.io/chef/install.sh 45.33.76.sixty to file /tmp/install.sh.5457/install.sh 45.33.76.60 trying wget... 45.33.76.threescore el 7 x86_64 45.33.76.threescore Getting information for chef stable 12 for el... 45.33.76.sixty downloading https://omnitruck-straight.chef.io/stable/chef/metadata?v=12&p=el&pv=7&m=x86_64 45.33.76.lx to file /tmp/install.sh.5466/metadata.txt 45.33.76.60 trying wget... 45.33.76.60 sha1 4def83368a1349959fdaf0633c4d288d5ae229ce 45.33.76.60 sha256 6f00c7bdf96a3fb09494e51cd44f4c2e5696accd356fc6dc1175d49ad06fa39f 45.33.76.60 url https://packages.chef.io/stable/el/7/chef-12.x.24-1.el7.x86_64.rpm 45.33.76.60 version 12.10.24 45.33.76.lx downloaded metadata file looks valid... 45.33.76.lx downloading https://packages.chef.io/stable/el/7/chef-12.10.24-1.el7.x86_64.rpm 45.33.76.60 to file /tmp/install.sh.5466/chef-12.ten.24-ane.el7.x86_64.rpm 45.33.76.60 trying wget... 45.33.76.60 Comparing checksum with sha256sum... 45.33.76.sixty Installing chef 12 45.33.76.60 installing with rpm... 45.33.76.sixty alarm: /tmp/install.sh.5466/chef-12.10.24-ane.el7.x86_64.rpm: Header V4 DSA/SHA1 Signature, central ID 83ef826a: NOKEY 45.33.76.60 Preparing... ################################# [100%] 45.33.76.60 Updating / installing... 45.33.76.threescore 1:chef-12.10.24-1.el7 ################################# [100%] 45.33.76.60 Thank you for installing Chef! 45.33.76.60 Starting the first Chef Client run... 45.33.76.sixty Starting Chef Client, version 12.10.24 45.33.76.60 resolving cookbooks for run list: [] 45.33.76.60 Synchronizing Cookbooks: 45.33.76.threescore Installing Cookbook Gems: 45.33.76.60 Compiling Cookbooks... 45.33.76.60 [2016-05-20T15:36:41+00:00] WARN: Node chefnode has an empty run list. 45.33.76.threescore Converging 0 resources 45.33.76.lx 45.33.76.60 Running handlers: 45.33.76.60 Running handlers complete 45.33.76.threescore Chef Client finished, 0/0 resource updated in 08 seconds [root@chefwork chef-repo]# This command volition also initialize the installation of the Chef-client in the Chef node. Y'all can verify it from the CLI on the workstation using the knife commands below:
[root@chefwork chef-repo]# knife node list chefnode [root@chefwork chef-repo]# knife node show chefnode Node Proper name: chefnode Environment: _default FQDN: chefnode.test20.com IP: 45.33.76.60 Run List: recipe[learn_chef_httpd] Roles: Recipes: Platform: centos 7.2.1511 Tags: Verifying it from the Management panel.
We tin become more information regarding the added node by selecting the node and viewing the Attributes section.
Managing Node Run List
Permit's run into how we can add a cookbook to the node and manage its runlist from the Chef server. Equally you lot see in the screenshot, you can click the Actions tab and select the Edit Runlist option to manage the runlist.
In the Available Recipes, you tin can see our learn_chef_httpd recipe, yous tin elevate that from the bachelor packages to the current run listing and save the runlist.
Now login to your node and just run the command chef-client to execute your runlist.
root@chefnode ~]# chef-customer Starting Chef Client, version 12.ten.24 resolving cookbooks for run list: ["learn_chef_httpd"] Synchronizing Cookbooks: - learn_chef_httpd (0.2.0) Installing Cookbook Gems: Compiling Cookbooks... Converging iv resources Recipe: learn_chef_httpd::default * yum_package[httpd] action install Similarly, we can add whatever number of nodes to your Chef Server depending on its configuration and hardware. I promise this article provided you with the basic understanding of Chef implementation. I would recommend your valuable comments and suggestions on this. Thank yous for reading this :)
Happy Automation with Chef!!
Source: https://linoxide.com/chef-workstation-server-node-centos-7/
Posted by: shumatesorece.blogspot.com
0 Response to "How To Install Chef Server"
Post a Comment