Configuring Chef part 1
Below are the first steps in getting started with using chef.
The three main components of chef are :
- Work station
- Chef-Server
This is the main server on which all the cookbooks, roles, policies are uploaded. - Node
This is the instance which would be provisioned by applying the cookbooks uploaded on the chef-server.
This is the developer’s machine will be used to author cookbooks and recipes and upload them to the chef-server using the command line utility called knife.
So, lets get started:
- Set up the workstation
- install Chef in your workstation. To do that follow here: http://www.getchef.com/chef/install/
- Use hosted chef as chef-server
- Register on chef on the chef’s site at http://www.getchef.com
- You can use hosted Chef, it gives you the option to manage upto 5 nodes for free.
- Create your user and an organisation.
- Set up chef-repo in the workstation
- Open your workstation, go to the folder which you want to be your base folder for writing cookbooks.
- Download the chef-repo from opscode git repo or use the starter kit provided on the chef site.
- Put these 3 files in your .chef folder inside the chef-repo folder in your workstation (Create .chef, if not already present).
Setting up the node
- Bootstrap any instance
- Download a cookbook
- We will download an already existing cookbook of apache webserver, using the following knife command (Remember all the knife commands should be executed from the base chef-repo directory).
- Upload a cookbook to the chef-server
- To see all my nodes
- Apply the run-list to the node
- Run chef-client on the node
In order to authenticate your workstation with the chef-server we would need these 3 things:
-[validator].PEM -knife.rb -[username].PEM
So, you need to download these 3 items in your workstation. (You can try reset keys option or download the starter kit.)
Now your workstation is set, authenticated with chef-server and your chef-repo is configured. So lets begin configuring a node on which the cookbooks would be applied.
The node could be an EC2 instance or could be provided by any other cloud provider or a vm.
The first step is to bootstrap it.
knife bootstrap [ip-address] --sudo -x [user-name] -P [password] -N "[node name]"
Or for an AWS instance:
knife bootstrap [AWS external IP] --sudo -x ec2-user -i [AWS key] -N "awsnode"
These are things that happen during the bootstraping :
1.) Installs chef client and OHAI on the node 2.) Establishes authentication for ssh keys. 3.) Send the 3 keys to chef-client
Once the node is bootstrapped, Its now time to author some cookbooks to apply on the node.
knife cookbook site download apache
This will download the tar.gz zipped folder in your chef-repo, We will need to unzip and copy it to the cookbooks folder. (After unzipping it remove the zipped file) (use tar -xvf [file], then mv command)
mv apache ../chef-repo/cookbooks
Inside the apache folder we can find the “recipes” folder and inside that there is a file called as “default.rb”
This “default.rb” ruby file contains the default recipe required to configure the apache server. Lets have a look at an excerpt from it.
.... package "httpd" do action :install end ....
So this cookbook is defining the default action on application of this recipe to be “install”, this will install the apache webserver on the node. More details about these we will cover in the next blog, for now lets just upload this coookbook.
knife cookbook upload apache
Now, the cookbook is uploaded on to the chef-server. Once chef-server has the cookbook we can apply it to any of the nodes which are configured with the chef-server. First lets find what all nodes we have.
knife node list
In order to apply the cookbook to a given node , we need to add it to the run-list of the node:
knife node run_list add node-name "recipe[apache]"
Now we have successfully uploaded a cookbook and added it to the run-list of a node with alias “node-name”. Next time when chef-client will run on the node, it will fetch the details of its run-list from the chef-server and download any cookbook required from the chef-server and run it.
For now, lets ssh into the node and run the chef-client manualy to see the results.
sudo chef-client
If the chef-client run is successful, we can hit the IP address of the instance to see the default page of apache up and running. If you are using AWS, don’t forget to open the port 80.
This was just a basic introduction to chef, in the next blog we will see the killer feature of chef, which is search and go into the details of node object, roles, environments.
Reference: | Configuring Chef part 1 from our JCG partner Anirudh Bhatnagar at the anirudh bhatnagar blog. |