It seems like there are tons of articles about getting started with Chef and a whole bunch of documentation on the Opscode website, but I do not think that it is enough. Given all of the resources out there dedicated to helping people learn Chef, it still seems very difficult.
I began using chef about 2 years ago and at the time it seemed very overwhelming to try to grasp all of the concepts being introduced in the chef documentation. At the time, having a dedicated chef server seemed like overkill so I opted to use Chef Solo. That has worked great, however once you grow the number of servers that you manage from 2 to somewhere around 20 it gets to be a bit tedious. Now I am ready to move to full blown chef and have a dedicated server manage the rest of my servers.
Before I begin walking through the step by step instructions there are a few things that you will need to know up front. First, if you are going to follow along with me you will need at least 2 servers as well as a workstation. I am going to be using Rackspace to spin up all of the machines that I will need. These machines represent your development machine, your chef server and your production server (be it a web server, database server or whatever else it may be).
I am going to be using Rackspace, as I mentioned before and I am creating 3 machines using the Ubuntu 12.04 image with 20 GB of disk space and 512 MB of ram.
Before you go any further, there is one quick thing to set up that will make things work a bit more smoothly.
Log on to each of the machines and edit the /etc/hosts
file to contain the following:
(Make sure you replace IP_OF_CHEF_MACHINE with the actual IP address) This is so that we do not have to mess with setting up any DNS stuff for the time being.
This process actually is very simple. This is a great resource for setting up a chef server, however around step 9 things started getting confusing. Here are the steps to get the chef server up and running.
That is it! Your chef server is now up and running. Now if you open up https://chef-server
in your browser, you should see a page that looks like this one (if you do not, you may need to update your /etc/hosts
file):
If you notice on the right-hand side there are some instructions for logging in for the first time. Follow those instructions and you will be prompted to change the admin password and regenerate your private key. After completing that you should see a page that looks like this:
Before we move onto the next step, lets create a new client that we will use in some future steps. Click on the
clients tab, then click create. Choose a user name (I am going to call this client test
) and go ahead and
check the admin
checkbox. After submitting that form, you will be given a public and private key. Save those,
you will need them again soon.
gem install chef
knife
chef
.cd
into your newly created directoryknife configure
. This will prompt you multiple times:
knife.rb
)test
)test
for this one also)test.pem
- more on this in a minute)knife.rb
in your directory that looks like this:Remember when we created the test
admin user and saved the public and private keys? Copy
the private key and save it in the directory with your knife.rb
file and name it test.pem
.
At this point you should have a directory with 2 files in it. knife.rb
and test.pem
. Everything
that you need should be configured now. To test that everything is working run the following command:
You should see 3 things:
This means that our workstation can talk to our chef server via the knife command line tool. The next step is to get some cookbooks.
There is a lot of information that I am going to gloss over here. Really, the only thing that you need to know is that cookbooks is how recipes are distributed and recipes are what contain the instructions that will be run on the target server(s). You can read more about chef cookbooks and what they are made of here.
You will be on your workstation using the knife command.
cookbooks
directory inside of your chef
directory that we created when you set up your workstation.gitkeep
dummy file inside of the cookbooks directoryknife.rb
file:chef
directory that we created when we set up your workstationknife.rb
file and your cookbooks/.gitkeep
file to git and commit them.This will download the chef-client
cookbook from the opscode community site as well as any other cookbooks
which it may require as dependents.
You should see something like this:
When you pull up https://chef-server/cookbooks
in your browser you should see something like this:
At this point we have successfully set up a chef server and a workstation where we can interact with the server. We have published some cookbooks to our chef server and now we are ready for the final step. We need to tell the chef server to set up our production box the way we want.
So far, we have used 2 of our 3 machines. We have used our workstation machine to run the knife command, and we used the chef server machine to install the chef server. Now it is time that we do something with our last machine.
If you go out to https://chef-server/status
you should now see something like this:
The command that we just executed ran the chef-client cookbook on our production server and set the check in interval to 5 minutes.
Lets say that we want to install nginx on our production server.
That should be it. Once your production server checks in with the chef server again it will have nginx installed. Then you should be able to hit the IP address of your production server in a browser and see the default nginx 404.
It is not really anything great, but I hope you can see the possibilities. If you made it all the way through, then you should have been able to successfully setup a production server without having to ever log onto it (with the exception of the hosts file hack that we did early on - which you would not really do for a real server).
I hope this helps!