Install & Configure Chef Server, Node & Workstation
If we want to learn about Chef then the first thing you must consider that it is a configuration management tool written in ruby. We will go straight to the main thing which is how you can install chef-server and how to manage Chef-server. Then you need to install Workstation and Node as well.
So, the below process will guide you to install Chef Server, Workstation, and Node manually.
Installing Chef Server
We are using Centos8 for installing the Chef Server. You can use Ubuntu also. Please set a Static IP for the Chef Server. Here I have given static IP 10.100.6.21.
Initial configuration commands for CentOS or RHEL
# yum update -y # yum upgrade -y # hostnamectl set-hostname chef-server.local # firewall-cmd --add-service=http --permanent # firewall-cmd --add-service=https --permanent # firewall-cmd --reload # reboot
Initial configuration commands for Ubuntu
# apt-get update -y # apt -get upgrade -y # hostnamectl set-hostname chef-server.local # ufw allow http # ufw allow https # ufw reload # reboot
Chef Server Installation and configuration commands
- Download the package from here and upload it to the Chef server. Go to the upload directory and try listing the package.
# ls -l
# rpm -Uvh chef-server-core-13.1.13-1.el7.x86_64.rpm (RHEL/CentOS) OR # dpkg -i chef-server-core-13.1.13-1.el7.x86_64.deb (Ubuntu)
After a few minutes, the Chef Infra Server will be installed. Then run the following commands to start all of the services:
# chef-server-ctl reconfigure # chef-server-ctl status
- Bind the Server hostname with the server IP in the /etc/hosts file.
- Now test the server from a browser “https://chef-server.local/“. Now you will be prompted to run a few more commands to install the Management Console.
- Commands to install the Management Console.
# chef-server-ctl install chef-manage # chef-server-ctl reconfigure # chef-manage-ctl reconfigure
- Run the following command to create an administrator.
# chef-server-ctl user-create 'user_name' 'first_name' 'last_name' 'e-mail' 'password' --filename 'file_name'For example:
Note* In here I have created the /.chef directory for storing the .pem file. You can give any name you want.
- Run the following command to create an organization:
# chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem
For example:
Note*
- The user_name should begin with a lower-case letter or a digit. Also, it may only contain lower-case letters, digits, hyphens, and underscores, and must be between 1 – 255 characters. For example “oit”.
- The full_name should begin with a non-whitespace character and must be between 1-1023 characters. For example: ‘Obeyroy IT SYSTEMS’.
- The association_user option will associate with the user_name with the admin’s security group on the Chef Infra Server.
- An RSA private key will be generated automatically. This is the chef-validator key and should be saved to a safe place. The –filename option will save the RSA private key to the specified absolute path.
Now when everything is set up, you can log in to the chef-server graphically using the given credentials.
URL: https://chef-server.local/
Creating and registering a Node with the Chef server.
We are using ubuntu 16.04 for installing the Node (chef-client). Set the hostname first then move forward.
# hostnamectl set-hostname chef-client-node1
Now, we need to do some work in the chef-manage(GUI). Follow the steps below.
- Create a basic role for the nodes in the chef-manage.
- Copy the validation key or reset it to generate a new .pem file.
The key you got after running ” chef-server-ctl org-create" command. If you lost it, you can generate a new one from Chef Manage. It will look like the below screenshot.
- Create a directory as /etc/chef in the node manually. Then you need to create a file name “oit-validator.pem” and then add the validation key into it.
example:
- Create the “first-boot.json” file
# vim first-boot.json
add the below entry→
{
"run_list" :[
"role[basic]"
]
}
- Create a “client.rb” file. It is needed to establish a connection between the chef-server and node.
# vim client.rb add the below the entry→ log_level :info log_location STDOUT chef_server_url "https://10.100.6.21/organizations/oit" validation_client_name "oit-validator" validation_key "/etc/chef/oit-validator.pem" trusted_certs_dir "/etc/chef/trusted_certs" node_name "chef-client-node1" ssl_verify_mode :verify_none chef_license "accept"
- Now Install node via “Install Script” and run the “first-boot.json” after the installation.
# curl -L https://omnitruck.chef.io/install.sh | sudo bash
# chef-client -j first-boot.json
# ls -lNow you can see that the node can communicate with the chef-server, hence it has downloaded some extra files from the server.
Also from the chef-manage, you can identify the node.
Install Workstation for uploading cookbooks to Chef-server.
For a workstation, we are using our base machine(windows system).
- Download ChefDK from the web “https://downloads.chef.io/chefdk/stable/4.7.73“
Install the package and then run the below commands.
# knife ssl fetch
Create a directory for cookbooks under your home directory. I have created ” C:\Users\OPTLPTP261\.chef\cookbooks ”
Now create a new cookbook under the cookbooks folder.
# chef generate cookbook webserverNow create one recipe inside that cookbook. Here it is a webserver. Also, add some content.
# chef generate recipe apache.rb
check if the syntax is error-free or not. Then upload it to the server.
# chef exec ruby -c webserver/recipes/apache.rb # knife cookbook upload webserver
Conclusion:
Now I am expecting your responses. If you like this content or even dislike, just leave a comment. Your responses will motivate me to do better and deliver better. I will try my best to enrich my skills.
