Getting started with Chef

Getting started with Chef

What is Chef?

Chef is a configuration management tool which helps to automate the infrastructure using Instfrasture as Code (IAC) practices.

What does that mean

  • You write the attributes of your server configurations as a code which can be rolled out on several machines and gives you the same result.
  • You have a backup of all configuration and can be applied within minutes.
  • You have control of all the configuration and patch management is very easy.

Chef Terminology

We will keep this blog short and won’t deep dive into the architecture but one should know the basic terminology before starting.

  • Chef server: Holds all the data about nodes, recipes, data bags, roles etc.
  • Chef client: This is the agent installed on the nodes/client machines.
  • Workstation: This is Development machine which is used for coding and testing the configurations.
  • Recipe: Smallest unit of chef server which has all the declaration for configurations.
  • Cookbook: Collection of multiple recipes and other relevant files which are related and treated as a single unit.
  • Template: This a file which can be manipulated dynamically.
  • Attributes: These are the attributes which are used as variables for dynamic data.

The below diagram shows how chef server, chef clients and workstations are connected.

chef components

 

Now let’s get our hands dirty and get started with chef server.

Prerequisites:

  1. Ubuntu 16.04 (we are using this for the demo. Please use OS as per your choice )
  2. NTP server should be installed to prevent time drift
  3. Make port 80 and 443 are accessible from chef server to workstation/chef-client.
  4. Your workstation should have ssh connectivity to the chef-client/node.

1. Install chef server

  • Download chef-server package from https://downloads.chef.io/chef-server.
  wget https://packages.chef.io/files/stable/chef-server/12.17.33/ubuntu/16.04/chef-server-core_12.17.33-1_amd64.deb
  • Install the chef server package
  sudo dpkg -i chef-server-core_12.17.33-1_amd64.deb
  • Start all services
  sudo chef-server-ctl reconfigure
  • Install chef management console
  chef-server-ctl install chef-manage
  chef-server-ctl reconfigure
  chef-manage-ctl reconfigure
  • Install chef Reporting to track the activities going on and chef-client run status
  chef-server-ctl install opscode-reporting
  chef-server-ctl reconfigure
  opscode-reporting-ctl reconfigure

2. Creating chef users

Once you are done with the installation you need users to write cookbooks and install chef-client on the nodes.

  • Create a user by using below command
   chef-server-ctl user-create upendrasingh Upendra Singh [email protected] 'password' --filename /opt/upendras.pem

3. Creating the chef organization

Once the user is created next we need an organization where all our resources are managed and mapped to nodes.

There are two ways to do this

  • Using command line
    chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem
  • Using Chef management console 
    • Login to chef management console using https://<IP address of your server>. You might get an insecure page warning as chef  server is a self-signed certificate.

 

Chef server installation is done.

4. Setting up workstation

Once you have chef server installation is completed you need a workstation to write and test cookbook.

    • Install Chef Development Kit. Go to https://downloads.chef.io/chefdk and download package as per your OS. ( I am using ubuntu 16.04 )
      wget https://packages.chef.io/files/stable/chefdk/2.5.3/ubuntu/16.04/chefdk_2.5.3-1_amd64.deb
      sudo dpkg -i chefdk_2.5.3-1_amd64.deb
    • Now login to chef management console and download the Chef Starter Kit. If you look the directory listing of this folder you will get below output.
tree -a 

.
├── .chef                       # This directory contains key information to connect to chef server
│   ├── knife.rb                # Chef server URL and key information 
│   └── upendrasingh.pem        # Key to connect to the server used to authenticate
├── .gitignore                  
├── README.md
├── cookbooks
│   ├── .DS_Store
│   ├── chefignore
│   └── starter
│       ├── attributes
│       │   └── default.rb
│       ├── files
│       │   └── default
│       │       └── sample.txt
│       ├── metadata.rb
│       ├── recipes
│       │   └── default.rb
│       └── templates
│           └── default
│               └── sample.erb
└── roles
    └── starter.rb

Now your workstation just cd to the chef-repo directory you downloaded.

5. Setting up chef-client

There are multiple ways to bootstrap a chef node but the easiest way is using knife bootstrap command which comes under the umbrella of chefdk. So we will be using the same to bootstrap a node.

  • Go to the chef-repo downloaded from chef management console.
    cd /pathtochef-repo
  • Run knife bootstrap command
    knife bootstrap <IP address >  -x <ssh user > -i <ssh key > --sudo --node-ssl-verify-mode none -N <node name>

-node-ssl-verify-mode none overwrites insecure SSL warning as our chef server is using a self-signed certificate.

This command will install the chef-client and registers the chef-client to the chef server.

We are done with chef server installation and registered node on it. In the next blog we will start working on chef cookbooks and recipes.

Leave a Reply

Your email address will not be published. Required fields are marked *