DevOps Engineering part 4. – Connect to the Chef server

Find a Chef Server

To work in a corporate environment, your organization needs access to a Chef server.

To learn Chef and test your cookbooks for free, you can create an account on the “hosted” Chef server, maintained by the Chef company. The plan allows five nodes at a time, so you can even launch a small server farm for yourself. Another option is to launch your own Chef server (on-premises) and manage up to 25 nodes on it for free. That could be enough for a small organization to get started with automation. Please see the Chef web portal for more information at https://www.chef.io/

To use the “hosted” Chef server

To launch your own Chef server

Accessing the Chef Server

To access the Chef server you need a user account to log into the web interface and a key to access the server with command line tools, like knife.

Until you set up your workstation to access the Chef server, you will  get the following error message:

WARNING: No knife configuration file found
WARN: Failed to read the private key C:\chef\client.pem: #<Errno::ENOENT: No such file or directory @ rb_sysopen - C:\chef\client.pem>
ERROR: Your private key could not be loaded from C:\chef\client.pem
Check your configuration file and ensure that your private key is readable

To create a user account on the Chef server

  • Open the Chef server page in your web browser,
  • Click the Click here to get started! link to create a new account,
  • Enter your name, email address and username you want to use and click the Get Started button,
  • Open the email Chef Notifications sent you and click the long link to verify your email address,
  • On the Email Verification page enter the password you want to use on the Chef server and click the Create User button,

Ask your Chef server administrator to invite you to an organization on the Chef server

The administrator

  • Using a web browser log into the Chef server user interface,
  • In the upper right corner select the organization to invite the user to,
  • On the Administration tab select Users on the left side,
  • Under Users click Invite,
  • Enter the username of the new registered user and click the Invite button

Accept the invite

  • Using a web browser log into the Chef server user interface,
  • On the Welcome to Chef page click the Accept Invite button. If you are already logged into the Chef server user interface, the upper right corner will show you the number of invitations you have received. Click on the number to accept the invitation.
  • Select the check box next to the organization you want to be part of and click the Accept button.

Download your key to access the Chef server

  • Using a web browser log into the Chef server user interface,
  • In the upper right corner click your name and select My Profile,
  • In the lower right click the Reset Key link,
  • Click the Download button to download your private .pem key file.

Configure knife

The knife command is used to interact with the Chef server. Before you can connect to the Chef server we need to configure knife

  • Open a Bash window in the c:\Chef folder
  • Execute
    knife configure
  • Answer the questions. To get the company specific values ask someone who already has a knife.rb file set up at C:\Chef\.chef
    Where should I put the config file? C:/Chef/.chef/knife.rb
    Please enter the chef server URL: YOUR_CHEF_SERVER_URL (the URL should end with the name of the organization)
    Please enter an existing username or clientname for the API: YOUR_CHEF_USERNAME
    Please enter the validation clientname: VALIDATOR_KEY_NAME (Ask your Chef server administrator)
    Please enter the location of the validation key: VALIDATOR_FILE_NAME.pem (Get the file from your Chef server administrator)
    Please enter the path to a chef repository (or leave blank): #{current_dir}/..
  • Open the C:/Chef/.chef/knife.rb file and make the following changes
    • Insert to the top of the file
       # See https://docs.getchef.com/config_rb_knife.html for more information on knife configuration options
      current_dir = File.dirname(__FILE__)
    • In the validation_key line replace C:/Chef with
      C:/Chef/.chef
    • Append to the end of the file to be able to edit cookbook files and data bags from the command line
      knife[:editor]="C:\\Users\\YOUR_USER_NAME\\AppData\\Local\\Programs\\Git\\usr\\bin\\vim.exe"
    • The file should look like this
      # See https://docs.getchef.com/config_rb_knife.html for more information on knife configuration options
      current_dir = File.dirname(__FILE__)
      log_level               :info
      log_location            STDOUT
      node_name               'YOUR_CHEF_USERNAME'
      client_key              'C:/Chef/.chef/YOUR_CHEF_USERNAME.pem'
      validation_client_name  'VALIDATOR_KEY_NAME'
      validation_key          'C:/Chef/.chef/VALIDATOR_FILE_NAME.pem'
      chef_server_url         'https://YOUR_CHEF_SERVER_URL/organizations/YOUR_ORGANIZATION'
      syntax_check_cache_path 'C:/Chef/.chef/syntax_check_cache'
      cookbook_path           [ '#{current_dir}/../cookbooks' ]
      knife[:editor]="C:\\Users\\YOUR_COMPUTER_USER_NAME\\AppData\\Local\\Programs\\Git\\usr\\bin\\vim.exe"
      

Save the key files on your workstation

  • Move the .pem Chef server private key file, you have downloaded during the Chef user registration, to the C:/Chef/.chef directory.
  • Get the VALIDATOR_FILE_NAME.pem file from your Chef server administrator and save it in the C:/Chef/.chef directory.

Test the Chef server connectivity

  • Open a Bash window in the folder of the cookbook at C:\Chef\cookbooks\test
  • Execute
knife cookbook list

to see the list of the available cookbooks on the Chef server.

Upload the cookbook to the Chef server

knife cookbook upload COOKBOOK_NAME --freeze

The –freeze option is the most important. It locks the cookbook on the Chef server so we are forced to increment the version before we upload a new version of the cookbook.


Next:

Create an enterprise cookbook in Beginner’s Guide to DevOps Engineering part 5.

Back:

to the Tutorials page

Leave a Reply