Part 2: Install/Setup and configure Chef Server/Workstation/Node on CentOS/RHEL 6.4

This article will guide you through the installation and configuration steps of Chef Server/Workstation/Node on CentOS/RHEL 6.4.

The procedure mentioned in this tutorial is tested on:

OS CentOS 6.4
Chef Server 11.0.8
Knife 11.6.0

I) Prerequisite

  1. Host should have fully configured hostname.
  2. Should have DNS entry in place.
  3. Following package are required.
# yum install -y wget curl

II) Chef Server Installation

  1. Go to http://www.opscode.com/chef/install.
  2. Click the Chef Server tab.
  3. Select the Operating system, Version, and Architecture.
  4. Select the version of Chef Server 11.x to download, and then click the link that appears to download the package.
  5. Install the downloaded package using the correct method for the operating system on which Chef Server 11.x will be installed.
    # rpm -ivh https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm
  6. Configure Chef Server 11.x by running the following command:
    # chef-server-ctl reconfigure

    The *chef-server-ctl* command will set up all of the required components, including Erchef, RabbitMQ, PostgreSQL, and all of the cookbooks that are used by chef to maintain Chef Server 11.x.

  7. Verify the the hostname for the server by running the *hostname* command. The hostname for the server must be a FQDN.
    # hostname
  8. Verify the installation of Chef Server 11.x by running the following command:
    # chef-server-ctl test

    Note: Try to stop apache before running this test.

  9. You can explore the Chef Server URL using your favorite browser:
    # https://FQDN-OR-IP-OF-CHEF-SERVER

    Note: Default UserName/Password is admin/p@ssw0rd1

  10. The *chef-server-ctl* command is used on the Chef Server system for management. It has built-in help (-h) that will display the various sub-commands.

II) Chef WorkStation Installation

  1. Run the following command that appears (for UNIX and Linux environments):
    # curl -L https://www.opscode.com/chef/install.sh | bash
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                     Dload  Upload   Total   Spent    Left  Speed
      101  6790  101  6790    0     0   3826      0  0:00:01  0:00:01 --:--:-- 12190
      Downloading Chef  for el...
      Installing Chef
      warning: /tmp/tmp.KnyQTnqz/chef-.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
      Preparing...             ########################################### [100%]
      1:chef                   ########################################### [100%]
      Thank you for installing Chef!
    
  2. When the installation is finished enter the *chef-client* command to verify that the chef-client was installed:
    # chef-client -v
      Chef: 11.6.0
  3. Create the “.chef” directory
    This directory (.chef) is used to store three important files:

    • knife.rb
    • ORGANIZATION-validator.pem
    • USER.pem

    a) Copy Cert Keys from Chef Server to your Workstation User Folder:

    $ mkdir ~/.chef
    $ scp root@chef-server:/etc/chef-server/admin.pem ~/.chef
    $ scp root@chef-server:/etc/chef-server/chef-validator.pem ~/.chef
    

    b) Now we will configure the Client setting using *knife* command.

    $ knife configure -i
      Overwrite /root/.chef/knife.rb? (Y/N) y
      Please enter the chef server URL: [https://test.example.com:443] https://chef-server.example.com:443/
      Please enter a name for the new user: [root] knife-user1
      Please enter the existing admin name: [admin] Enter
      Please enter the location of the existing admin's private key: [/etc/chef-server/admin.pem] ~/.chef/admin.pem
      Please enter the validation clientname: [chef-validator]
      Please enter the location of the validation key: [/etc/chef-server/chef-validator.pem] ~/.chef/chef-validator.pem
      Please enter the path to a chef repository (or leave blank):
      Creating initial API user...
      Please enter a password for the new user:
      Created user[knife-user1]
      Configuration file written to /root/.chef/knife.rb
    

    c) Your Knife config file (knife.rb) will look like:

    $ cat ~/.chef/knife.rb
      log_level                :info
      log_location             STDOUT
      node_name                'knife-user1'
      client_key               '/root/.chef/knife-user1.pem'
      validation_client_name   'chef-validator'
      validation_key           '/root/.chef/admin.pem'
      chef_server_url          'https://chef-server.example.com:443/'
      syntax_check_cache_path  '/root/.chef/syntax_check_cache'
    

    d) Verify the install by running the following commands to ensure that every chef-client and user was registered correctly.

    $ knife client list
      chef-validator
      chef-webui
    
    $ knife user list
      admin
      knife-user1

    III) Chef Node Installation

    1. Run the following command that appears (for UNIX and Linux environments):

      # curl -L https://www.opscode.com/chef/install.sh | bash
       % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                     Dload  Upload   Total   Spent    Left  Speed
       101  6790  101  6790    0     0   3826      0  0:00:01  0:00:01 --:--:-- 12190
       Downloading Chef  for el...
       Installing Chef
       warning: /tmp/tmp.KnyQTnqz/chef-.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
       Preparing...             ########################################### [100%]
       1:chef                   ########################################### [100%]
       Thank you for installing Chef!
      
    2. Create the Chef Directory.
      # mkdir /etc/chef
    3. Copy Chef Server Validation Cert Keys from Chef Server to your Node at “/etc/chef”:
      # scp root@chef-server:/etc/chef-server/chef-validator.pem /etc/chef
    4. Log in to Chef client and run the following command in order for a client to register itself with Chef Server:
      # chef-client -S https://FQDN-OR-IP-OF-CHEF-SERVER -K /etc/chef/chef-validator.pem
    5. Once the client is verified, we need to create a “client.rb” file inside “/etc/chef”.
      # vi /etc/chef/client.rb
        log_level        :info
        log_location     STDOUT
        chef_server_url  'https://FQDN-OR-IP-OF-CHEF-SERVER'
      
    6. Verify the Node is successfully registered with Chef Server using:
      a) From Workstation Machine:

      # knife node list

      b) From Chef Server Web UI (Node List):

      # https://FQDN-OR-IP-OF-CHEF-SERVER
    7. Run the Chef Client to check if the respective cookbook (recipe’s) are pushed to that node:
      # chef-client
      # chef-client -l debug (In case if you want to debug)
    8. Starts the chef-client which will poll the chef-server every 3600 seconds for changes.
      # chef-client -i 3600

    Related Posts:

    Part 1: Chef and its Component
    Part 3: Understanding Chef Cookbook/Recipe.
    Part 4: Understanding Chef Cookbook/Recipe.

    Advertisements

9 thoughts on “Part 2: Install/Setup and configure Chef Server/Workstation/Node on CentOS/RHEL 6.4

  1. Thank you for writing this series. You saved me hours of work. This is a well written, useful, and accurate tutorial and guide. I think it’s better than Chef’s own install guide. You may want to include a mention of opening TCP port 443 in iptables on the chef server machine. That was an obvious step to many of us but may be overlooked by some beginners.

  2. Can you also include steps of how to create cookbooks/recipes using CHEF server UI instead of from workstation ?

  3. If you want to configure Chef on a different port other than 80 & 443, please create the following file and
    then run “chef-server-ctl reconfigure”
    ===============================================
    cat > /etc/chef-server/chef-server.rb <<EOF
    lb['api_fqdn'] = "”
    nginx[‘enable_non_ssl’] = true
    nginx[‘non_ssl_port’] = “”
    nginx[‘ssl_port’] = “”
    EOF
    ==============================================
    Note: Please update Machine Name, http & https port number (Eg: Machine_Name: test01.xactlycorporation.local, HTTP_PORT: 4000, HTTPS_PORT: 4443)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s