How to install Chef server, workstation and node environment

Edit hosts file entries on 3 servers:
# vim /etc/hosts
192.168.0.100 chefserver.example.com
192.168.0.101 chefwork.example.com
192.168.0.102 chefnode.example.com  

Chef server installation:

Download Chef server RPM package and install
# rpm -ivh chef-server-11.1.6-1.el6.x86_64.rpm

configure chef server
# chef-server-ctl reconfigure

check service status
# chef-server-ctl status


Chef workstation installation:

Download and install chef RPM package and install
# rpm -ivh chef-12.0.3-1.x86_64.rpm

verify package
# rpmquery chef

create chef directory
# mkdir /root/.chef
# cd /root/.chef

copy chef valication certificates from chef server
# scp root@chef-server:/etc/chef-server/admin.pem .
# scp root@chef-server:/etc/chef-server/chef-validator.pem .
# scp root@chef-server:/etc/chef-server/chef-webui.pem .

fetch ssl certificates
# knife ssl fetch

verify ssl certificates
# knife ssl check

configure workstation and details
# knife configure -i
/root/./chef/knife.rb
https://chefserver.example.com:443
/etc/.chef/admin.pem
/etc/.chef/chef-validator.pem

verify client list
# knife client list
chef-validator
chef-webui

verify user list
# knife user list
admin
user

Chef node installation:

Download chef package and install
# rpm -ivh chef-12.0.3-1.x86_64.rpm
# rpmquery chef

create chef directory
# mkdir /etc/chef
# cd /etc/chef

copy chef validation key from chef server
# scp root@chef-server:/etc/chef-server/chef-validator

Fetch chef SSL certificates
# knife ssl fetch -s https://chefserver.example.com
# ll /root/.chef/trusted_certs
chefserver_example_com.crt
# knife ssl check -s https://chefserver.example.com
# cd /etc/chef

create a file to validate with chef server
# vim client.rb
log_level :info
log_location STDOUT
chef_server_url "https://chefsever.example.com:443"
trusted_certs_dir "/root/.chef/trusted_certs"

Add node to server (node side)
# chef-client -S https://chefserver.example.com -K /etc/chef/chef-validator.pem

Verify client on workstation
# knife client list
chef-validator
chef-webui
chefnode.example.com
# knife user list
admin
user

Now open browser and type chef server url
https://chefserver.example.com
login with default login credentials, then change password and verify node exists.


Go to workstation and create sample apache cookbook.
# knife cookbook create apache
# cd /var/chef/cookbooks/apache
# ll

Edit recipe default.rb and add
# vim recipes/default.rb
package 'httpd' do
 action :install
end
cookbook_file '/var/www/html/index.html' do
 source 'index.html'
end

template 'httpd.conf' do
 path '/etc/httpd/conf/httpd.conf'
 source 'httpd.conf.erb'
end

service 'httpd' do
 action [:restart, :enable]
end
:wq

# cd ../apache/files/default
# vim index.html
<html>
<title>Welcome to chef training by infostork </title>
<h1> Welcome to Chef </h1>
<h2> Using templates and attributes </h2>
</html>
:wq

Create template
# cd ../attributes/
# vim default.rb
default['apache']['Listen'] = '80'

# cd ../templates/default/
# cp /etc/httpd/conf/httpd.conf httpd.conf
# mv httpd.conf.erb
# vim httpd.conf.erb
Listen <%= node['apache']['Listen'] %>

Test cookbook
# knife cookbook test apache

Upload cookbook to chef server
# knife cookbook upload apache
Uploaded 1 cookbook

List cookbooks and verify
# knife cookbook list
apache 0.1.0

Upload cookbook to node's run-list
# knife node run_list add chefnode.example.com apache

also you can do it in GUI mode
Go to node tab, drag 'apache' cookbook recipe to run-list and save.


Apply the run-list to node (node-side)
# cat /etc/apache

now apply the run-list with
# chef-client
# cat /etc/apache

open browser and type node url
http://chefnode.example.com 
Welcome to chef

That's it run-list applied to node.

note: path to find cookbooks on chef server
# cd /var/opt/chef-server/bookshelf/data/bookshelf/
# grep -R -i "httpd.conf.erb" *
<path to recipe file>
# cat <path to recipe file>