This article will guide you through the creation of Chef Cookbook/Recipe and how to deploy it on CentOS/RHEL 6.4.
The procedure mentioned in this tutorial is tested on:
What is a Cookbook?
A cookbook is the fundamental unit of configuration and policy distribution. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
What is a Recipe?
Recipe files are Ruby applications that define everything that is required to configure a system, including creating and configuring folders, installing and configuring packages, starting services, and so on. A recipe is a subset or “piece” of a cookbook
What is a Attribute?
Attributes files contain a set of attributes that represent values to be used by the recipes and templates.
For example, the built-in cookbook for the Rails App Server layer includes an attributes file with values for the Rails version, the application server stack, and so on.
What is Template?
Template files are templates that recipes use to create other files, such as configuration files.
Template files typically let you modify the configuration file by overriding attributes—which can be done without touching the cookbook—instead of rewriting a configuration file. The standard practice is that whenever you expect to change a configuration file on an instance even slightly, you should use a template file.
What is Databags?
A data bag is a global variable that is stored as JSON data and is accessible from a server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search. The contents of a data bag can vary, but they often include sensitive information (such as database passwords).
What is knife?
Knife is a command-line tool that provides an interface between a local chef-repo and the server. Knife helps users to manage nodes, cookbook, recipes, roles etc.
Steps to create a Sample Cookbook and configure a recipe
- Login to Workstation node which have knife configured.
Adding the following line to create cookbook repo that can be uploaded to git (for version control).
# vi /root/.chef/knife.rb cookbook_path [ '/usr/local/src/chef/cookbooks' ]
- Create the cookbook directory.
# mkdir -p /usr/local/src/chef/cookbooks
- Now lets create sample cookbook to push users to Chef Nodes:
# knife cookbook create cookbook-test
- Navigate to cookbook directory and you will see the following structure got created.
# cd /usr/local/src/chef/cookbooks # tree cookbook-test cookbook-test/ ├── attributes ├── CHANGELOG.md ├── definitions ├── files │ └── default ├── libraries ├── metadata.rb ├── providers ├── README.md ├── recipes │ └── default.rb ├── resources └── templates └── default
- Before creating the recipe lets generate the password for the new user using the following commands.
# openssl passwd -1 "theplaintextpassword"
- Now lets create a recipe for a new group (system-admins) and user by the name “sanjay”.
# cat /usr/local/src/chef/cookbooks/cookbook-test/recipes/default.rb # Cookbook Name:: cookbook-test # Recipe:: default # # Copyright 2013, YOUR_COMPANY_NAME # # All rights reserved - Do Not Redistribute # group "system-admins" do gid 1001 end user "sanjay" do comment "Sanjay User" shell "/bin/bash" home "/home/sanjay" gid "system-admins" uid 1002 supports :manage_home => true password "$1$QwuUa80Z$KZkYq8CqICVyIsK1tHZ7s0" end
- To upload the cookbooks/directory to the server, browse to the top level of the chef-repo and enter:
# knife upload cookbooks
Note: This will upload all the cookbook.
- To upload a single cookbook use following command:
# knife upload cookbooks cookbook-test
- Once we have upload the cookbook, now is the time to associate it with a Node using “run_list” Knife option:
# knife node list node1.example.com node2.example.com node3.example.com # knife node run_list add node1.example.com cookbook-test node1.example.com: run_list: recipe[cookbook-test]
- Now login to machine “node1.example.com” and run the following command:
# chef-client [2013-10-25T04:47:36-07:00] INFO: Forking chef instance to converge... Starting Chef Client, version 11.6.2 [2013-10-25T04:47:36-07:00] INFO: *** Chef 11.6.2 *** [2013-10-25T04:47:37-07:00] INFO: Run List is] [2013-10-25T04:47:37-07:00] INFO: Run List expands to [cookbook-test] [2013-10-25T04:47:37-07:00] INFO: Starting Chef Run for node1.example.com [2013-10-25T04:47:37-07:00] INFO: Running start handlers [2013-10-25T04:47:37-07:00] INFO: Start handlers complete. resolving cookbooks for run list: ["cookbook-test"] [2013-10-25T04:47:37-07:00] INFO: Loading cookbooks [cookbook-test] Synchronizing Cookbooks: [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/recipes/default.rb in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/metadata.rb in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/README.md in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/CHANGELOG.md in the cache. - cookbook-test Compiling Cookbooks... Converging 1 resources Recipe: cookbook-test::default * group[system-admins] action create[2013-10-25T22:23:38-07:00] INFO: Processing group[system-admins] action create (cookbook-test::default line 9) (up to date) * user[sanjay] action create[2013-10-25T04:47:37-07:00] INFO: Processing user[sanjay] action create (cookbook-test::default line 9) (up to date) [2013-10-25T04:47:37-07:00] INFO: Chef Run complete in 0.48225768 seconds [2013-10-25T04:47:37-07:00] INFO: Running report handlers [2013-10-25T04:47:37-07:00] INFO: Report handlers complete Chef Client finished, 0 resources updated
Note: Please check the Knife node run_list page for more info.
- Try to check the user got created using following command:
# su - sanjay $ id uid=1002(sanjay) gid=1001(system-admins) groups=1001(system-admins) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 $ whoami sanjay $ pwd /home/sanjay