How to install a Chef Server

The setup was performed on a freshly installed CentOS 6 VM using a “minimal ISO” image from the CentOS Project website. The VM was set up on a local VirtualBox installation, all settings being left to default except for the memory which was increased from 512Mb to 1Gb. Of course, the more, the better, but 1Gb is the lowest one can go without facing serious memory swapping.

Initial Setup

The successful Centos 6 installation leaves the external network interface disabled upon the initial boot, so this must be fixed before anything else. One must look into /etc/sysconfig/network-scripts/ifcfg-eth0 and change the ONBOOT parameter from no to yes. Afterwards, the network subsystem must be restarted, e.g.:

# vi /etc/sysconfig/network-scripts/ifcfg-eth0
...
ONBOOT=yes
...
# service network restart

Once the VM gets Internet access, it’s a good practice to update everything and reboot it before going forward with the Chef Server installation:

# yum -y update
# reboot

There is one important change one must perform in order to get the Chef Server properly set up: the hostname, as localhost.localdomain won’t do. The hostname must also be associated to a static IP address, which can be achieved in VirtualBox by playing with some networking settings (not presented here).

Inside the VM, this is easy to put in place:

  1. Make note of the external IP address:

    # ifconfig
    eth0	Link encap:Ethernet ****
    		inet addr: 10.0.2.15 ****
    		...
    
  2. Modify the hostname (e.g. put chef-server instead of localhost.localdomain):

    # vi /etc/sysconfig/network
    ...
    HOSTNAME=chef-server
    
  3. Associate the new hostname with the external IP address:

    # vi /etc/hosts
    ...
    10.0.2.15	chef-server chef-server.local
    
  4. Reboot.

At this point I recommend one should take a snapshot of the VM.

Chef Server Installation

Once the box is set up, we can go on with the Chef Server installation. I have chosen version 12.6.0 from late 2015. The following may work with newer versions but I have not checked any of those.

The 1st step is to simply install the rpm:

# rpm -ivh https://packages.chef.io/stable/el/6/chef-server-core-12.6.0-1.el5.x86_64.rpm

Once this is performed, one needs to set some things up for the next steps:

  1. Fix the PATH and the EDITOR in the local profile:

    # vi ~/.bash_profile
    ...
    EDITOR=/bin/vi
    
    PATH=$PATH:$HOME/bin:/opt/opscode/bin
    
    export EDITOR PATH
    ...
    # bash ~/.bash_profile
    
  2. Create 2 directories for future use:

    # mkdir -p ~/.chef ~/chef-repo
    

Now we can really get to the most important step:

# chef-server-ctl reconfigure

This will take some time to finish; there may be some warnings but all should be good in the end. If something goes wrong, one may go to the everyone’s favorite search engine and look the error up.

If all is good, the next 2 steps are the root user and the organization creation, e.g.:

# chef-server-ctl user-create root First Last root@chef-server.local 'password' -f ~/.chef/root.pem
# chef-server-ctl org-create chef 'Chef Server' -a root -f ~/.chef/chef-validator.pem

At this point, if no errors were triggered during the process, the Chef Server is practically set up.

Using the Chef Server

In order to use the Chef Server we have just set up, the knife configuration must be put in place. Feel free to copy/paste or adjust the parameters as you see fit:

# vi ~/.chef/knife.rb
...
log_level                :info
log_location             STDOUT
node_name                'root'
client_key               '/root/.chef/root.pem'
validation_client_name   'chef-validator'
validation_key           '/root/.chef/chef-validator.pem'
chef_server_url          'https://chef-server/organizations/chef'
syntax_check_cache_path  '/root/.chef/syntax_check_cache'
ssl_verify_mode          :verify_none
verify_api_cert          false
cookbook_path            '/root/chef-repo'

Next, let’s get knife to accept the server’s certificate:

# knife ssl fetch

At this point we’re really set for using the new server, e.g. create new users, bootstrapping nodes, … (with the command line).

# knife user create xxxxx -p yyyyy -a
# knife client list
# knife bootstrap test.node

Install the Web Interface

If the web interface is required, it can be installed with the following:

# chef-server-ctl install chef-manage
# opscode-manage-ctl reconfigure

That’s it for today, thank you for your read!


Leave a Reply

Your email address will not be published. Required fields are marked *