Install the Open Source Chef Server, Setup knife On Your Workstation, and Bootstrap Your First Client Server

Monday, September 16, 2013

OpsCode, the creators of Chef, offers a hosted Chef Server solution. However, I have always preferred to setup my own severs, and OpsCode also offers an open source Chef Server that you can install and host yourself.

The following install steps for Ubuntu and RHEL/CentOS are a very quick way to get the open source Chef Server 11.0.8-1 version installed. If you want Chef Server for a different operating system, version, or architecture then go to the OpsCode Download page.

Install Open Source Chef Server 11.0.8-1

Ubuntu Server 12.04 LTS Install

The following steps assume you already have a Ubuntu Server 12.04 LTS server setup somewhere. A minimal install will work just fine.

wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.8-1.ubuntu.12.04_amd64.deb

sudo dpkg -i chef-server_11.0.8-1.ubuntu.12.04_amd64.deb

sudo chef-server-ctl reconfigure

RHEL/CentOS 6 Install

The following steps assume you already have a RHEL 6 or CentOS 6 server setup somewhere. A minimal install will work just fine.

wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm

sudo yum localinstall chef-server-11.0.8-1.el6.x86_64.rpm

sudo chef-server-ctl reconfigure

Open Port 443

Regardless of which operating system you install on, if you have a firewall running (iptables, ufw, etc.), be sure to open port 443.

Install and Configure knife On Your Workstation

I will be working on an OS X workstation within the Development directory of my home folder. The following steps should work just as well on a Linux distribution with the necessary directory path changes.

Download the Chef Omnibus installer:

curl -O -L http://www.opscode.com/chef/install.sh

Begin the install:

sudo sh install.sh

Clone the Chef Repo skeleton directory to work in:

cd ~/Development

git clone https://github.com/opscode/chef-repo.git

Open a web browser, navigate to your open source Chef Server via its FQDN or IP address, login as the admin user (the default password is shown on the right hand side), and change the default admin password.

Next, regenerate the chef-validator Private Key by going to Clients > chef-validator > Edit, check the Regenerate Private Key box, and click Save Client. Copy the new Private Key to ~/Development/chef-repo/.chef/chef-validator.pem on your workstation.

Create a new user on your open source Chef Server by going to Users > Create, check the Admin box, fill out the necessary fields (I will use user jthorne in this example), and click Create User. Copy the Private Key to ~/Development/chef-repo/.chef/jthorne.pem.

Finally, open your console application and run knife configure. Fill out the fields as follows (knife will try and guess some of the values, overwrite them as necessary):

WARNING: No knife configuration file found
Where should I put the config file? [/Users/jthorne/.chef/knife.rb] /Users/jthorne/Development/chef-repo/.chef/knife.rb
Please enter the chef server URL: [https://macbookpro.local:443] https://chef-server.example.com:443
Please enter an existing username or clientname for the API: [jthorne] 
Please enter the validation clientname: [chef-validator] 
Please enter the location of the validation key: [/etc/chef-server/chef-validator.pem] /Users/jthorne/Development/chef-repo/.chef/chef-validator.pem
Please enter the path to a chef repository (or leave blank): /Users/jthorne/Development/chef-repo

You must place your client key in:
  /Users/jthorne/Development/chef-repo/.chef/jthorne.pem
Before running commands with Knife!

You must place your validation key in:
  /Users/jthorne/Development/chef-repo/.chef/chef-validator.pem
Before generating instance data with Knife!

Configuration file written to /Users/jthorne/Development/chef-repo/.chef/knife.rb

At this point knife is setup to interface with the open source Chef Server you installed earlier. Commands such as knife client list or knife node list should return lists of your registered clients and nodes, respectively.

Be aware, you will need to be in the ~/Development/chef-repo directory, or whatever directory you used, when using the knife command to interface with your open source Chef Server. It is entirely possible to follow the same steps above to create another directory on your workstation that interfaces with a different open source Chef Server. The knife command will look for .chef/knife.rb in whatever directory you are currently in to figure out what Chef Server it is suppose to interface with. If you only plan on using one open source Chef Server, you can also place .chef in your home directory, so you will be able to interface with your open source Chef Server using the knife command from any directory.

Bootstrap Your First Client Server

With knife installed on your workstation and the skeleton Chef repo directory in place, you are ready to bootstrap your first client server. Bootstrapping a client server will install the chef-client onto the client server and configure it to talk back to your open source Chef Server you installed earlier.

Assuming you already have a client server ready to go, to bootstrap it use the following command:

knife bootstrap -u root $FQDN_OF_CLIENT_SERVER

If the root user is unavailable, you can pass the sudo command line switch:

knife bootstrap -u $USERNAME --sudo $FQDN_OF_CLIENT_SERVER

After a couple of minutes the client server will be registered to your open source Chef Server and you can begin applying roles and recipes to it.

References

Install Chef 11.x on a Workstation



comments powered by Disqus