Install Chef Server, Node & Workstation

(Last Updated On: June 25, 2020)

Install & Configure Chef Server, Node & Workstation

If we want to learn about Chef then the first thing you must consider that it is a configuration management tool written in ruby. We will go straight to the main thing which is how you can install chef-server and how to manage Chef-server. Then you need to install Workstation and Node as well.

So, the below process will guide you to install Chef Server, Workstation, and Node manually.

Installing Chef Server

We are using Centos8 for installing the Chef Server. You can use Ubuntu also. Please set a Static IP for the Chef Server. Here I have given static IP


Initial configuration commands for CentOS or RHEL

# yum update -y
# yum upgrade -y
# hostnamectl set-hostname chef-server.local
# firewall-cmd --add-service=http --permanent
# firewall-cmd --add-service=https --permanent
# firewall-cmd --reload
# reboot

Initial configuration commands for Ubuntu

# apt-get update -y
# apt -get upgrade -y
# hostnamectl set-hostname chef-server.local
# ufw allow http
# ufw allow https
# ufw reload
# reboot

Chef Server Installation and configuration commands

  • Download the package from here and upload it to the Chef server. Go to the upload directory and try listing the package.
# ls -l

chef server

# rpm -Uvh chef-server-core-13.1.13-1.el7.x86_64.rpm   (RHEL/CentOS)
# dpkg -i chef-server-core-13.1.13-1.el7.x86_64.deb    (Ubuntu)
  •  After a few minutes, the Chef Infra Server will be installed. Then run the following commands to start all of the services:
# chef-server-ctl reconfigure
# chef-server-ctl status

chef server

  • Bind the Server hostname with the server IP in the /etc/hosts file.

chef server

  • Now test the server from a browser “https://chef-server.local/“. Now you will be prompted to run a few more commands to install the Management Console.

chef server

  • Commands to install the  Management Console.
# chef-server-ctl install chef-manage
# chef-server-ctl reconfigure
# chef-manage-ctl reconfigure
  • Run the following command to create an administrator.
# chef-server-ctl user-create 'user_name' 'first_name' 'last_name' 'e-mail' 'password' --filename 'file_name'
For example:

chef server

Note* In here I have created the /.chef directory for storing the .pem file. You can give any name you want.

  • Run the following command to create an organization:
# chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem
For example:

chef server


  • The user_name should begin with a lower-case letter or a digit. Also, it may only contain lower-case letters, digits, hyphens, and underscores, and must be between 1 – 255 characters. For example “oit”.
  • The full_name should begin with a non-whitespace character and must be between 1-1023 characters. For example: ‘Obeyroy IT SYSTEMS’.
  • The association_user option will associate with the user_name with the admin’s security group on the Chef Infra Server.
  • An RSA private key will be generated automatically. This is the chef-validator key and should be saved to a safe place. The –filename option will save the RSA private key to the specified absolute path.


Now when everything is set up, you can log in to the chef-server graphically using the given credentials.

URL: https://chef-server.local/

chef server

chef server


Creating and registering a Node with the Chef server.

We are using ubuntu 16.04 for installing the Node (chef-client). Set the hostname first then move forward.

# hostnamectl set-hostname chef-client-node1

Now, we need to do some work in the chef-manage(GUI). Follow the steps below.

  • Create a basic role for the nodes in the chef-manage.

chef server

  • Copy the validation key or reset it to generate a new .pem file. 

The key you got after running ” chef-server-ctl org-create" command. If you lost it, you can generate a new one from Chef Manage. It will look like the below screenshot.

chef server

chef server

  • Create a directory as /etc/chef in the node manually. Then you need to create a file name “oit-validator.pem” and then add the validation key into it.


chef server

  • Create the “first-boot.json” file
# vim first-boot.json
add the below entry→ 
"run_list" :[

chef server

chef server


  • Create a “client.rb” file. It is needed to establish a connection between the chef-server and node.
#  vim client.rb

add the below the entry→

log_level                    :info
log_location                  STDOUT
chef_server_url              ""
validation_client_name       "oit-validator"
validation_key               "/etc/chef/oit-validator.pem"
trusted_certs_dir            "/etc/chef/trusted_certs"
node_name                    "chef-client-node1"
ssl_verify_mode              :verify_none
chef_license                 "accept"
  • Now Install node via “Install Script” and run the “first-boot.json” after the installation.
# curl -L | sudo bash
# chef-client -j first-boot.json
# ls -l

Now you can see that the node can communicate with the chef-server, hence it has downloaded some extra files from the server.

install chef server

Also from the chef-manage, you can identify the node.

install chef server


Install Workstation for uploading cookbooks to Chef-server.

For a workstation, we are using our base machine(windows system).

Install the package and then run the below commands.

# knife ssl fetch

Create a directory for cookbooks under your home directory. I have created ” C:\Users\OPTLPTP261\.chef\cookbooks ”

install chef server

Now create a new cookbook under the cookbooks folder.

# chef generate cookbook webserver

Now create one recipe inside that cookbook. Here it is a webserver. Also, add some content.

# chef generate recipe apache.rb

install chef server

check if the syntax is error-free or not. Then upload it to the server.

# chef exec ruby -c webserver/recipes/apache.rb
# knife cookbook upload webserver

install chef server



Now I am expecting your responses. If you like this content or even dislike,  just leave a comment. Your responses will motivate me to do better and deliver better. I will try my best to enrich my skills.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Ad Blocker Detected

Ad Blocker Detected, please disable it to help this page in many ways. Thank you so much.