Setting Up Chef

I just finished setting up Chef, to have a play around with this DevOps stuff I keep hearing about. While Chef is quite well documented, I found myself struggling in places where things weren’t quite clear enough. So naturally, I’m posting how I got myself up and running.

[Note: I haven't actually done anything with this setup yet, other than get it working.]

Step One: Get A Server

There are 2 parts to a Chef install: client and server. You can run them all on one machine, but given how much Chef slows down my Joyent VM, I’d suggest keeping it off of your day-to-day workstation.

I used my Joyent credit to setup a new Ubuntu 12.04 64-bit server. Chef server only supports Ubuntu or RedHat/CentOS 64-bit. Once the server was provisioned, I followed this 5-minute guide to lockdown the server enough for my needs (this being just an experiment and all…)

Step Two: Set the Server FQDN

Once the server is prepared, make sure it has a resolvable, fully qualified domain name before going any further. While the Chef docs make mention of this, they do so after the rest of the setup instructions. This was one area I was banging my head against for ages, wondering why the built-in NginX server wasn’t working.

Setting the hostname on my Joyent VM was a case of running:

    $ sudo hostname 'chef.example.com'
    $ echo "chef.example.com" | sudo tee /etc/hostname

As I wasn’t on the same network as my Chef server, I added a DNS A record to match the server FQDN.

Step Three: Install Chef Server

This bit was really easy, probably the easiest part of the whole setup. In short: download the latest Chef Server package for your platform, install the package, run the reconfigure tool. In my case, this was:

    $ wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.10-1.ubuntu.12.04_amd64.deb
    $ sudo dpkg -i chef-server_11.0.10-1.ubuntu.12.04_amd64.deb
    $ sudo chef-server-ctl reconfigure

The Chef installer will whirr away, using Chef to setup your new installation automatically. How cool is that?

Step Four: Copy Server Certificates to Your Workstation

This wasn’t mentioned anywhere I could see, but I figured it out from some snippets written around the web. To successfully setup the Chef client, you need some security certificates from your new server. I used SCP from my local PC:

    $ scp user@chef.example.com:/etc/chef-server/admin.pem ~/tmp/
    $ scp user@chef.example.com:/etc/chef-server/chef-validator.pem ~/tmp/

If you find you don’t have permission to copy directly from their default location, SSH to the server and sudo copy them to somewhere you can.

Step Five: Install the Chef Client

Now we should be armed with everything we need to install the client tools. I’m using the Debian-derived Crunchbang, but any *NIX-based OS should be roughly the same as below. If you’re on Windows, I’m afraid you’re on your own.

Run the “Omniinstaller” for Chef:

    $ curl -L https://www.opscode.com/chef/install.sh | sudo bash

Create a .chef folder in your home directory, and add the certificates copied from the server

    $ mkdir ~/.chef
    $ cp ~/tmp/*.pem ~/.chef

Configure Knife (the main Chef CLI utility):

    $ knife configure --initial
    WARNING: No knife configuration file found
    Where should I put the config file? [/home/chris/.chef/knife.rb] /home/chris/.chef/knife.rb
    Please enter the chef server URL: [https://localhost:443] https://chef.example.com:443
    Please enter a name for the new user: [chris]
    Please enter the existing admin name: [admin]
    Please enter the location of the existing admin's private key: [/etc/chef-server/admin.pem] /home/chris/.chef/admin.pem
    Please enter the validation clientname: [chef-validator]
    Please enter the location of the validation key: [/etc/chef-server/chef-validator.pem] /home/chris/.chef/chef-validator.pem
    Please enter the path to a chef repository (or leave blank):
    Creating initial API user...
    Please enter a password for the new user:
    Created user[chris]
    Configuration file written to /home/chris/.chef/knife.rb

Test Knife by listing all users:

    $ knife user list
    admin
    chris

Wrap Up

That’s it! You now have a working Chef installation. Or at least, I do. Steps two and four are the steps I had to hunt out and piece together myself to get Chef up and running. Everything else is more or less as documented.

All that’s left to do now is figure out how to use Chef!

About these ads

About Chris

Dad. Techy. Professional Blasphemer. Part-time Wargamer. Full-time Geek. I work in the Oil & Gas sector for an IT services company

Share Your Thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s