Chef is an open source configuration management and automation tool writen in Ruby and Erlang that is used to manage your IT infrastructure from centralized location.
As today's IT infrastructure requirements, managing and administrating server by hand becomes very difficult task for the system administrator. Chef is specially designed to resolve these issues by turning your infrastructure administration into a code base. Chef allows DevOps engineers to manage and deploy resources accross multiple nodes.
You can easily integrate Chef with major cloud providers such as Rackspace, Google Cloud, Openstack, and Amazon EC2. Chef can be used to speed up your application development, and manage hundreds of thousands of servers easily.
Many companies use Chef to manage their IT infrastructure like Mozilla, Facebook, HP Cloud, Diney, Rackspace, Citi and many more.
Manage each node from central location.
Support for Linux, Windows, Mac OS and many more.
Easily integrates with most cloud providers.
This tutorial explains step by step instruction to install and configure Chef server on Ubuntu-14.04 server.
A server machine running Ubuntu-14.04.
A connection to NTP server.
A resolvable hostname that can be accessed from your machine and nodes.
A non-root user account with sudo privilege set up on your server.
Minimum 4GB memory installed on your server.
Install Chef Server
Before installing Chef server, it is recommended you update your server.
To update your server local package cache, run the following command:
sudo apt-get update
Once your server is up to date, download the latest version of chef server from https://downloads.chef.io/chef-server/ubuntu.
You can easily download the Chef package using the following wget command:
Once the chef server is installed, you will need to configure chef server. The chef server main configuration file /etc/opscode/chef-server.rb contains additional settings. You can leave this file empty, but it is important to to configure chef server with hostname that's accessible from outside network.
Now, make the following changes by editing this file:
The management console is the web-based interface used to manage Chef server from web. It is not necessary for large deployments, it is very useful because it enables you to interact with nodes and understand how Chef server works.
You can easily install the management console on your chef server by running the following command:
Next, you will need to create an administrator account and an organization, that will have access to make changes to the infrastructure components in the organization we will be creating.
You can do this by using the user-create subcommand of the chef-server-ctl command. The command requires other fields to be passed in during the creation process.
Now, let's create user account with the following information:
Username : admin
First Name : admin
Last Name : admin
FIlename : admin.pem
Also, create an organization with the following information:
Short Name: hostpresto
Long Name: hostpresto.com
Association User: admin
Also, you will need to create a .chef directory to store the keys in home directory. In order to link workstations and nodes to the Chef server, an administrator and an organization need to be created with associated RSA private keys.
sudo mkdir .chef
Now, create an admin user account by running the following command:
Once installation is complete, you can access the web interface by typing the URL http://chef-server-ip from your web browser, you should see a warning because the SSL certificate is signed by an authority not recognized by your browser. Click on the "Proceed anyway" button.
You should see the login page as below:
After entering your login credentials, you should get "Chef Manage" page:
If you want to install additional Chef plugins such as Opscode Push Jobs plugin and Analytics plugin, run the following commands:
On Chef workstation, access your Chef server management console by typing the URL http://chef-server-ip, and download starter-kit from the chef manage web console on a workstation and use it to work with Chef server as shown below:
Next, you need to download and setup Chef development kit.
You can download chef development kit from its official web by running the following command:
The following directive should be adjusted as per your infrastructure:
node_name: This should be your username that knife will use to connect to your Chef server.
client_key: This is the name and path of the user key that you copied over from the Chef server.
validation_client_name: This is the name of the validation client that knife will use to bootstrap new nodes.
validation_key: This is the name and path of the validation key that you copied over from the Chef server.
chef_server_url: This is the full URL of the Chef server.
Next, create ~/cookbooks folder for cookbooks as specified knife.rb file.
sudo mkdir cookbooks
Next, run the following commands to verify whether knife configuration is working or not:
sudo knife user list
You should see the following error, because you do not have your Chef server's SSL certificate on your workstation.
ERROR: SSL Validation failure connecting to host: chef-server-ip - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
ERROR: Could not establish a secure connection to the server.
Use `knife ssl check` to troubleshoot your SSL configuration.
If your Chef Server uses a self-signed certificate, you can use
`knife ssl fetch` to make knife trust the server's certificates.
To resolve above error, you need to fetch the ssl certs and run the above command again:
sudo knife ssl fetch
WARNING: Certificates from chef-server-ip will be fetched and placed in your trusted_cert
Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.
Adding certificate for ubuntu-14-chef.test.com in /.chef/trusted_certs/ubuntu-14-chef_test_com.crt
After fetching ssl certs, run the following command:
sudo knife client list
Configure New Nodes to Interact with Chef Server
After configuring chef-server and the knife workstation, it's time to add new servers to our chef environment by Configuring a new node to interact with chef server.
Run the following command to configure a new node to work with chef server on Workstation:
Truth be told, it’s difficult for a web application that doesn’t have some kind of identification, even if you don’t see it as a security measure in and of itself. The Internet is a kind of lawless land, and even on free services like Google’s, authentication ensures that abuses will...
Although data persistence is almost always a fundamental element of applications, Node.js has no native integration with databases. Everything is delegated to third-party libraries to be included manually, in addition to the standard APIs. Although MongoDB and other non-relational databases are the most common choice with Node because if you...