I want to get Chef installed and running before we dive into all of the lingo required to fully understand what Chef is doing. In this post we’ll install the Chef Server, a Chef client, and a test node we’ll be testing our Chef configs on. That being said, let’s dive right into the configuration!
Installing Chef Server
The Linux servers I’ll be using are based on CentOS (the exact ISO is CentOS-6.4-x86_64-minimal.iso). The Chef server is really the brains of the operation. The other two components we’ll use in the initial lab are the client and the node both of which interact with the server. So I’m going to assume that I’ve just installed Linux and haven’t done anything besides configured the hostname, IP address, gateway, and name server (as a rule, I usually disable SELinux as well). We’ll SSH to the server and start from there…
The base installation of CentOS I’m running doesn’t have wget installed so the first step is to get that…
yum install wget –y
The next step is to go the Chef website and let them tell you how to install the server. Browse to…
http://www.getchef.com/chef/install/
And select the server install option along with the details of the server you are installing it on…
Note: Maybe its my browsers (although I tried 3 different ones) but the Chef website is a bit of a mess with the overlapping menus
In this case, I right clicked on the ‘chef-server-11.1.4-1.el6.x86_64.rpm’, copied the URL, and then returned to my server and downloaded the file using wget…
wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.1.4-1.el6.x86_64.rpm
Once that’s done, you can run the installer with the following command…
rpm -ivh chef-server-11.1.4-1.el6.x86_64.rpm
Next we have to configure Chef with the base install. That’s done by executing this command…
chef-server-ctl reconfigure
Once that’s done, the server should officially be online. We can test this by connecting to the URL of the Chef server in a web browser. After accepting the security warning you should get this…
The default credentials are listed on the right hand side (admin/p@ssw0rd1). Login with those and it will prompt you to change the password…
Once that’s done, the server is configured!
Installing the Chef client
The chef client gets installed on whatever device you wish to use to manage the server and nodes. In my case, Im going to install the chef client on my Mac book. The install for the client is slightly easier…
curl -L https://www.opscode.com/chef/install.sh | sudo bash
Once this completes, we can check to make sure it’s installed by running…
chef-client –v
This should output the current running version of the client which in my case was 11.14.6. At this point, I like to set up what’s called the Chef repo. Basically, this is a file structure that you’ll work with when working with the Chef server. There’s a good example file structure out on git we can download.
cd ~
git clone https://github.com/opscode/chef-repo.git
The next step is to connect the client to the server. This is done in several steps. First, I'm going to make a folder on my Mac called ‘.chef’ (the dot in front means that it will be a hidden folder). This is the folder I’ll use to store the required configuration to talk to the server. The next thing I’ll do is download the two certificates from the Chef server that I’ll need to communicate with it. You could do this manually by logging into the server and copying the certs but I think it’s easier just to SCP over to the client…
mkdir ~/.chef
scp root@chefserver:/etc/chef-server/admin.pem ~/.chef
scp root@chefserver:/etc/chef-server/chef-validator.pem ~/.chef
Once I have all of that information on the client, I can configure the Chef client which is referred to as knife. This is done with the command…
knife configure -i
This will kick off a wizard which will ask you to specify the locations of the local repo, the certificates, and also ask you to create a new user. Here’s a screenshot of me completing the wizard…
Notice at the very bottom I run the command ‘knife user list’ and it returns the admin user as well as the user I just created. This confirms that I have good connectivity to the knife server.
Bootstrapping a client
This is by the far the easiest piece to do. Through the knife client you can ‘bootstrap’ a server. Essentially, so long as the server is IP reachable and you have the appropriate permissions, you can install the client remotely. Here’s the output of how I did it…
So the command I ran was in this syntax…
knife bootstrap 123.45.6.789 -x username -P password --sudo
We can verify that the node is attached by running the ‘knife node list’ command…
So that’s really it! We have a working Chef server, a Chef client, and a node successfully attached to the Chef server. In the next post, we’ll start talking more about Chef concepts and apply them in the lab!