Edit hosts file entries on 3 servers:
# vim /etc/hosts
192.168.0.100 chefserver.example.com
192.168.0.101 chefwork.example.com
192.168.0.102 chefnode.example.com
Chef server installation:
Download Chef server RPM package and install
# rpm -ivh chef-server-11.1.6-1.el6.x86_64.rpm
configure chef server
# chef-server-ctl reconfigure
check service status
# chef-server-ctl status
Chef workstation installation:
Download and install chef RPM package and install
# rpm -ivh chef-12.0.3-1.x86_64.rpm
verify package
# rpmquery chef
create chef directory
# mkdir /root/.chef
# cd /root/.chef
copy chef valication certificates from chef server
# scp root@chef-server:/etc/chef-server/admin.pem .
# scp root@chef-server:/etc/chef-server/chef-validator.pem .
# scp root@chef-server:/etc/chef-server/chef-webui.pem .
fetch ssl certificates
# knife ssl fetch
verify ssl certificates
# knife ssl check
configure workstation and details
# knife configure -i
/root/./chef/knife.rb
https://chefserver.example.com:443
/etc/.chef/admin.pem
/etc/.chef/chef-validator.pem
verify client list
# knife client list
chef-validator
chef-webui
verify user list
# knife user list
admin
user
Chef node installation:
Download chef package and install
# rpm -ivh chef-12.0.3-1.x86_64.rpm
# rpmquery chef
create chef directory
# mkdir /etc/chef
# cd /etc/chef
copy chef validation key from chef server
# scp root@chef-server:/etc/chef-server/chef-validator
Fetch chef SSL certificates
# knife ssl fetch -s https://chefserver.example.com
# ll /root/.chef/trusted_certs
chefserver_example_com.crt
# knife ssl check -s https://chefserver.example.com
# cd /etc/chef
create a file to validate with chef server
# vim client.rb
log_level :info
log_location STDOUT
chef_server_url "https://chefsever.example.com:443"
trusted_certs_dir "/root/.chef/trusted_certs"
Add node to server (node side)
# chef-client -S https://chefserver.example.com -K /etc/chef/chef-validator.pem
Verify client on workstation
# knife client list
chef-validator
chef-webui
chefnode.example.com
# knife user list
admin
user
Now open browser and type chef server url
https://chefserver.example.com
login with default login credentials, then change password and verify node exists.
Go to workstation and create sample apache cookbook.
# knife cookbook create apache
# cd /var/chef/cookbooks/apache
# ll
Edit recipe default.rb and add
# vim recipes/default.rb
package 'httpd' do
action :install
end
cookbook_file '/var/www/html/index.html' do
source 'index.html'
end
template 'httpd.conf' do
path '/etc/httpd/conf/httpd.conf'
source 'httpd.conf.erb'
end
service 'httpd' do
action [:restart, :enable]
end
:wq
# cd ../apache/files/default
# vim index.html
<html>
<title>Welcome to chef training by infostork </title>
<h1> Welcome to Chef </h1>
<h2> Using templates and attributes </h2>
</html>
:wq
Create template
# cd ../attributes/
# vim default.rb
default['apache']['Listen'] = '80'
# cd ../templates/default/
# cp /etc/httpd/conf/httpd.conf httpd.conf
# mv httpd.conf.erb
# vim httpd.conf.erb
Listen <%= node['apache']['Listen'] %>
Test cookbook
# knife cookbook test apache
Upload cookbook to chef server
# knife cookbook upload apache
Uploaded 1 cookbook
List cookbooks and verify
# knife cookbook list
apache 0.1.0
Upload cookbook to node's run-list
# knife node run_list add chefnode.example.com apache
also you can do it in GUI mode
Go to node tab, drag 'apache' cookbook recipe to run-list and save.
Apply the run-list to node (node-side)
# cat /etc/apache
now apply the run-list with
# chef-client
# cat /etc/apache
open browser and type node url
http://chefnode.example.com
Welcome to chef
That's it run-list applied to node.
note: path to find cookbooks on chef server
# cd /var/opt/chef-server/bookshelf/data/bookshelf/
# grep -R -i "httpd.conf.erb" *
<path to recipe file>
# cat <path to recipe file>
