Chef is an automation platform that “turns infrastructure into code,” allowing organizations or persons with large frameworks to generate a process that will save time and effort when making changes to part or all of their server fleet.
Chef Consist of 3 Component :
i) Chef server IP - 192.168.0.254
ii) Chef Workstation IP - 192.168.0.200
iii) Chef Nodes IP - 192.168.0.100
Chef Server :
This is the hub of Chef operations, where changes are stored for use.
This is the central location that stores configuration recipes, cookbooks, and node and workstation definitions.
Chef Workstation :
Workstations are static computers or virtual servers where all code is created or changed. There can been as many workstations as needed, whether this be one per person or otherwise.
Chef Nodes :
servers that need to be managed by Chef.
these are the machines that changes are being pushed to, generally a fleet of multiple machines that require the benefits of an automation program
Note: As you can see on Chef workstation there will be system admin who make changes and push to chef server then Chef node will retrive the changes and configuration from chef server
Note: Node can not directly community to chef workstation
@ OHAI the package which will take care of chef node configuration
Important : in Puppet there is factor software which done the same thing for puppet agent
DSL (domain specific language ) is design to focus more on describing about target it doesn't matter the way.
Note: here i am sharing a very simple recipe with you
root@ashulinux:/tmp# cat hello.rb
file 'abc.txt' do
action 'create'
content "go ahead ruby this is your world "
end
Important : To run this recipe
root@ashulinux:/tmp# chef-apply hello.rb
Recipe: (chef-apply cookbook)::(chef-apply recipe)
* file[abc.txt] action create
- create new file abc.txt
- update content in file abc.txt from none to d48d74
--- abc.txt 2016-05-03 00:46:52.857666363 +0530
+++ /tmp/.abc.txt20160503-6700-14hlwhq 2016-05-03 00:46:52.857666363 +0530
@@ -1 +1,2 @@
+go ahead ruby this is your world
OR
root@ashulinux:/tmp# chef-client --local-mode hello.rb
################################################################################
Setting up chef server :
==================
There are two methods of setting up chef-server
------------------------------------------------------------
i) Manual Method (download chef-server/chef-server-core rpm file then create SSL certificates)
ii) Automatic Method (dowload automated zip file from manage.chef.io where click on download server kit)
Note: make sure you have centos/redhat 6.4 or later and also download chef-server rpm from official website
Step 1: installing chef-server on centos 6.4
[root@chefserver chef-server]# rpm -ivh chef-server-11.0.4-1.el6.x86_64.rpm
Step 2: configure and check certificate created here
[root@chefserver chef-server]# chef-server-ctl reconfigure
[root@chefserver chef-server]# cd /etc/chef-server/
[root@chefserver chef-server]# ls
admin.pem chef-server-running.json chef-server-secrets.json chef-validator.pem chef-webui.pem
Setting UP chef-workstation :-
Step 1 : Installing chef software on workstation
root@chefserver chef-server]# rpm -ivh chef-11.8.0-1.el6.x86_64.rpm
Step 2: copy certificate from chef-server to workstation
root@chefserver mkdir .chef
root@chefserver pwd
root@chefserver cd .chef/
root@chefserver ls
root@chefserver scp root@192.168.0.108:/etc/chef-server/admin.pem .
root@chefserver scp root@192.168.0.108:/etc/chef-server/chef-validator.pem .
root@chefserver scp root@192.168.0.108:/etc/chef-server/chef-webui.pem .
Step 3: configure chef workstation
bash-4.1# knife configure -i
WARNING: No knife configuration file found
Where should I put the config file? [/root/.chef/knife.rb]
Please enter the chef server URL: [https://6d97a7550e04:443] https://192.168.0.108:443
Please enter a name for the new user: ashu
Please enter the existing admin name: [admin] admin
Please enter the location of the existing admin's private key: [/etc/chef-server/admin.pem] /root/.chef/admin.pem
Please enter the validation clientname: [chef-validator]
Please enter the location of the validation key: [/etc/chef-server/chef-validator.pem] /root/.chef/chef-validator.pem
Please enter the path to a chef repository (or leave blank):
Creating initial API user...
Please enter a password for the new user:
Created user[ashu]
Configuration file written to /root/.chef/knife.rb
Important : if during this process you face any error then you need to fetch ssl certificate
bash-4.1# knife ssl fetch
Step 4: check service and user list
bash-4.1# knife client list
chef-validator
chef-webui
bash-4.1# knife user list
admin
ashu
Configure Node :
step 1 : Install chef
step 2: copy chef-validator.pem to node from chef server
Note: chef modes:
i) if you have only chef client node (means no chef-server and chef-workstation) this is called local mode
II) if the chef-server , chef-workstation and chef-node are present then it is node as client mode.
iii) solo mode: same as local mode used before chef 11.8 it provide very limited facility
Introduction to OHAI :
: It is chef system profiler
: It run when chef-client run chef run
: It can be used to collect system info and have its own command line tool
Comments
Post a Comment