The setup was performed on a freshly installed CentOS 6 VM using a “minimal ISO” image from the CentOS Project website. The VM was set up on a local VirtualBox installation, all settings being left to default except for the memory which was increased from 512Mb to 1Gb. Of course, the more, the better, but 1Gb is the lowest one can go without facing serious memory swapping.
The successful Centos 6 installation leaves the external network interface disabled upon the initial boot, so this must be fixed before anything else. One must look into /etc/sysconfig/network-scripts/ifcfg-eth0 and change the ONBOOT parameter from no to yes. Afterwards, the network subsystem must be restarted, e.g.:
# vi /etc/sysconfig/network-scripts/ifcfg-eth0 ... ONBOOT=yes ... # service network restart
Once the VM gets Internet access, it’s a good practice to update everything and reboot it before going forward with the Chef Server installation:
# yum -y update # reboot
There is one important change one must perform in order to get the Chef Server properly set up: the hostname, as localhost.localdomain won’t do. The hostname must also be associated to a static IP address, which can be achieved in VirtualBox by playing with some networking settings (not presented here).
Inside the VM, this is easy to put in place:
Make note of the external IP address:
# ifconfig eth0 Link encap:Ethernet **** inet addr: 10.0.2.15 **** ...
Modify the hostname (e.g. put chef-server instead of localhost.localdomain):
# vi /etc/sysconfig/network ... HOSTNAME=chef-server
Associate the new hostname with the external IP address:
# vi /etc/hosts ... 10.0.2.15 chef-server chef-server.local
At this point I recommend one should take a snapshot of the VM.
Chef Server Installation
Once the box is set up, we can go on with the Chef Server installation. I have chosen version 12.6.0 from late 2015. The following may work with newer versions but I have not checked any of those.
The 1st step is to simply install the rpm:
# rpm -ivh https://packages.chef.io/stable/el/6/chef-server-core-12.6.0-1.el5.x86_64.rpm
Once this is performed, one needs to set some things up for the next steps:
Fix the PATH and the EDITOR in the local profile:
# vi ~/.bash_profile ... EDITOR=/bin/vi PATH=$PATH:$HOME/bin:/opt/opscode/bin export EDITOR PATH ... # bash ~/.bash_profile
Create 2 directories for future use:
# mkdir -p ~/.chef ~/chef-repo
Now we can really get to the most important step:
# chef-server-ctl reconfigure
This will take some time to finish; there may be some warnings but all should be good in the end. If something goes wrong, one may go to the everyone’s favorite search engine and look the error up.
If all is good, the next 2 steps are the root user and the organization creation, e.g.:
# chef-server-ctl user-create root First Last email@example.com 'password' -f ~/.chef/root.pem # chef-server-ctl org-create chef 'Chef Server' -a root -f ~/.chef/chef-validator.pem
At this point, if no errors were triggered during the process, the Chef Server is practically set up.
Using the Chef Server
In order to use the Chef Server we have just set up, the knife configuration must be put in place. Feel free to copy/paste or adjust the parameters as you see fit:
# vi ~/.chef/knife.rb ... log_level :info log_location STDOUT node_name 'root' client_key '/root/.chef/root.pem' validation_client_name 'chef-validator' validation_key '/root/.chef/chef-validator.pem' chef_server_url 'https://chef-server/organizations/chef' syntax_check_cache_path '/root/.chef/syntax_check_cache' ssl_verify_mode :verify_none verify_api_cert false cookbook_path '/root/chef-repo'
Next, let’s get knife to accept the server’s certificate:
# knife ssl fetch
At this point we’re really set for using the new server, e.g. create new users, bootstrapping nodes, … (with the command line).
# knife user create xxxxx -p yyyyy -a # knife client list # knife bootstrap test.node
Install the Web Interface
If the web interface is required, it can be installed with the following:
# chef-server-ctl install chef-manage # opscode-manage-ctl reconfigure
That’s it for today, thank you for your read!