• Support
  • Get In Touch
Login
September 23, 2016

Install and Configure Chef Server on Ubuntu-14.04

Want your very own server? Get our 1GB memory, Xeon V4, 25GB SSD VPS for £10.00 / month.
Get a Cloud Server

Introduction

Chef is an open source configuration management and automation tool writen in Ruby and Erlang that is used to manage your IT infrastructure from centralized location.

As today’s IT infrastructure requirements, managing and administrating server by hand becomes very difficult task for the system administrator. Chef is specially designed to resolve these issues by turning your infrastructure administration into a code base. Chef allows DevOps engineers to manage and deploy resources accross multiple nodes.

You can easily integrate Chef with major cloud providers such as Rackspace, Google Cloud, Openstack, and Amazon EC2. Chef can be used to speed up your application development, and manage hundreds of thousands of servers easily.

Many companies use Chef to manage their IT infrastructure like Mozilla, Facebook, HP Cloud, Diney, Rackspace, Citi and many more.

Features:

  • Manage each node from central location.
  • Support for Linux, Windows, Mac OS and many more.
  • Easily integrates with most cloud providers.

This tutorial explains step by step instruction to install and configure Chef server on Ubuntu-14.04 server.

Requirements

  • A server machine running Ubuntu-14.04.
  • A connection to NTP server.
  • A resolvable hostname that can be accessed from your machine and nodes.
  • A non-root user account with sudo privilege set up on your server.
  • Minimum 4GB memory installed on your server.

Install Chef Server

Before installing Chef server, it is recommended you update your server.

To update your server local package cache, run the following command:

sudo apt-get update

Once your server is up to date, download the latest version of chef server from https://downloads.chef.io/chef-server/ubuntu.

You can easily download the Chef package using the following wget command:

wget https://packages.chef.io/stable/ubuntu/14.04/chef-server-core_12.8.0-1_amd64.deb

Once download is complete, run the following command to install Chef server:

sudo dpkg -i chef-server-core_12.8.0-1_amd64.deb

Alternatively, you can install Chef server using following curl command:

sudo curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef-server

Configure Chef Server

Once the chef server is installed, you will need to configure chef server. The chef server main configuration file /etc/opscode/chef-server.rb contains additional settings. You can leave this file empty, but it is important to to configure chef server with hostname that’s accessible from outside network.

Now, make the following changes by editing this file:

sudo nano /etc/opscode/chef-server.rb

Make the changes as shown below:

    server_name = "CHEF_SERVER_FQDN"
    api_fqdn server_name
    bookshelf['vip'] = server_name
    nginx['url'] = "https://#{server_name}"
    nginx['server_name'] = server_name
    nginx['ssl_certificate'] = "/var/opt/opscode/nginx/ca/#{server_name}.crt"
    nginx['ssl_certificate_key'] = "/var/opt/opscode/nginx/ca/#{server_name}.key"

Save the file and run the following command to apply the configuration settings and start the server.

sudo chef-server-ctl reconfigure

Next, check the chef server status by running the following command:

sudo chef-server-ctl status

You should see the following output:

    run: bookshelf: (pid 4486) 39s; run: log: (pid 4526) 30s
    run: nginx: (pid 4269) 44s; run: log: (pid 4679) 31s
    run: oc_bifrost: (pid 4199) 46s; run: log: (pid 4246) 23s
    run: oc_id: (pid 4253) 45s; run: log: (pid 4258) 46s
    run: opscode-erchef: (pid 4591) 36s; run: log: (pid 4580) 35s
    run: opscode-expander: (pid 4367) 41s; run: log: (pid 4469) 40s
    run: opscode-expander-reindexer: (pid 4435) 40s; run: log: (pid 4475) 42s
    run: opscode-solr4: (pid 4308) 42s; run: log: (pid 4344) 41s
    run: postgresql: (pid 4151) 46s; run: log: (pid 4174) 48s
    run: rabbitmq: (pid 1685) 136s; run: log: (pid 4138) 42s
    run: redis_lb: (pid 4086) 64s; run: log: (pid 4673) 31s

The chef server is now installed and started.

Install the Management Console and Features

The management console is the web-based interface used to manage Chef server from web. It is not necessary for large deployments, it is very useful because it enables you to interact with nodes and understand how Chef server works.

You can easily install the management console on your chef server by running the following command:

sudo chef-server-ctl install chef-managesudo
sudo chef-server-ctl reconfigure
sudo chef-manage-ctl reconfigure

Next, install reporting features by running the following command:

sudo chef-server-ctl install opscode-reporting
sudo chef-server-ctl reconfigure
sudo opscode-reporting-ctl reconfigure

Create an Administrator Account and Organization

Next, you will need to create an administrator account and an organization, that will have access to make changes to the infrastructure components in the organization we will be creating.

You can do this by using the user-create subcommand of the chef-server-ctl command. The command requires other fields to be passed in during the creation process.

Now, let’s create user account with the following information:

    Username : admin
    First Name : admin
    Last Name : admin
    Email: admin@hostpresto.com
    Password: password
    FIlename : admin.pem

Also, create an organization with the following information:

    Short Name: hostpresto
    Long Name: hostpresto.com
    Association User: admin
    Filename: hostpresto.pem

Also, you will need to create a .chef directory to store the keys in home directory. In order to link workstations and nodes to the Chef server, an administrator and an organization need to be created with associated RSA private keys.

sudo mkdir .chef

Now, create an admin user account by running the following command:

sudo chef-server-ctl user-create admin admin admin admin@hostpresto.com password -f ~/.chef/admin.pem

Next, create an organization with the org-create subcommand:

sudo chef-server-ctl org-create hostpresto "hostpresto.com" --association_user admin -f ~/.chef/hostpresto.pem

Now, you should see two .pem key files in ~/.chef/ directory by running the following command:

ls

Output:

    admin.pem  hostpresto.pem

Now, Chef server installation is complete. It’s time to install the GUI plugin for the Chef.

You can install it by running the following command:

sudo chef-server-ctl install opscode-manage
sudo opscode-manage-ctl reconfigure
sudo chef-server-ctl reconfigure

Once installation is complete, you can access the web interface by typing the URL http://chef-server-ip from your web browser, you should see a warning because the SSL certificate is signed by an authority not recognized by your browser. Click on the “Proceed anyway” button.

You should see the login page as below:

After entering your login credentials, you should get “Chef Manage” page:

If you want to install additional Chef plugins such as Opscode Push Jobs plugin and Analytics plugin, run the following commands:

sudo chef-server-ctl install opscode-push-jobs-server

sudo opscode-push-jobs-server-ctl reconfigure

sudo chef-server-ctl reconfigure

sudo chef-server-ctl install opscode-analytics

echo 'analytics_fqdn "FQDN"' | sudo tee -a /etc/opscode-analytics/opscode-analytics.rb

sudo opscode-analytics-ctl reconfigure

sudo chef-server-ctl reconfigure

##Configure Workstation on Chef server

Your Chef server is up and running. Next, we are going to setup its workstation to create and configure any recipes, cookbooks, attributes, and other changes.

First, you will need to create a new user and an organization in order to setup a workstation.

Run the following command to create user and organization.

sudo chef-server-ctl user-create hostpresto Hostpresto hitesh hitesh@gmail.com hostpresto123 --filename hitesh.pem

sudo chef-server-ctl org-create blogs Hostpresto_Inc Blogs Inc. --association_user hostpresto --filename blogs.pem

On Chef workstation, access your Chef server management console by typing the URL http://chef-server-ip, and download starter-kit from the chef manage web console on a workstation and use it to work with Chef server as shown below:

Next, you need to download and setup Chef development kit.

You can download chef development kit from its official web by running the following command:

wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chefdk_0.6.2-1_amd64.deb

Install it by using the dpkg command:

sudo dpkg -i chefdk_0.6.2-1_amd64.deb

Once installation is complete, you can verify it by running the following command:

sudo chef verify

The output looks like the following:

    Running verification for component 'berkshelf'
    Running verification for component 'test-kitchen'
    Running verification for component 'chef-client'
    Running verification for component 'chef-dk'
    Running verification for component 'chefspec'
    Running verification for component 'rubocop'
    Running verification for component 'fauxhai'
    Running verification for component 'knife-spork'
    Running verification for component 'kitchen-vagrant'
    Running verification for component 'package installation'
    Running verification for component 'openssl'
    ..............
    ---------------------------------------------
    Verification of component 'rubocop' succeeded.
    Verification of component 'knife-spork' succeeded.
    Verification of component 'openssl' succeeded.
    Verification of component 'berkshelf' succeeded.
    Verification of component 'chef-dk' succeeded.
    Verification of component 'fauxhai' succeeded.
    Verification of component 'test-kitchen' succeeded.
    Verification of component 'kitchen-vagrant' succeeded.
    Verification of component 'chef-client' succeeded.
    Verification of component 'chefspec' succeeded.
    Verification of component 'package installation' succeeded.

Next, you will need to create chef directory and copy the two user and organization pem files to this folder from chef server.

You can do this by running the following command:

mkdir ~/.chef

On the chef server, run the following command:

sudo scp hostpresto.pem blogs.pem admin.pem hitesh.pem root@workstation:/.chef/

Configure Knife to Manage Chef Environment

On chef workstation, you will need to create file “~/.chef/knife.rb”:

sudo nano ~/.chef/knife.rb

add the following content:

    current_dir = File.dirname(__FILE__)

    log_level :info
    log_location STDOUT
    node_name "admin"
    client_key "#{current_dir}/admin.pem"
    validation_client_name "admin-hostpresto"
    validation_key "#{current_dir}/hostpresto.pem"
    chef_server_url "https://chef-server-ip/organizations/hostpresto"
    cache_type 'BasicFile'
    cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
    cookbook_path ["#{current_dir}/../cookbooks"]

The following directive should be adjusted as per your infrastructure:

node_name: This should be your username that knife will use to connect to your Chef server.

client_key: This is the name and path of the user key that you copied over from the Chef server.

validation_client_name: This is the name of the validation client that knife will use to bootstrap new nodes.

validation_key: This is the name and path of the validation key that you copied over from the Chef server.

chef_server_url: This is the full URL of the Chef server.

Next, create ~/cookbooks folder for cookbooks as specified knife.rb file.

sudo mkdir cookbooks

Next, run the following commands to verify whether knife configuration is working or not:

sudo knife user list

You should see the following error, because you do not have your Chef server’s SSL certificate on your workstation.

    ERROR: SSL Validation failure connecting to host: chef-server-ip - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
    ERROR: Could not establish a secure connection to the server.
    Use `knife ssl check` to troubleshoot your SSL configuration.
    If your Chef Server uses a self-signed certificate, you can use
    `knife ssl fetch` to make knife trust the server's certificates.

To resolve above error, you need to fetch the ssl certs and run the above command again:

sudo knife ssl fetch

Output:

     WARNING: Certificates from chef-server-ip will be fetched and placed in your trusted_cert
    directory (/.chef/trusted_certs).

    Knife has no means to verify these are the correct certificates. You should
    verify the authenticity of these certificates after downloading.

    Adding certificate for ubuntu-14-chef.test.com in /.chef/trusted_certs/ubuntu-14-chef_test_com.crt

After fetching ssl certs, run the following command:

sudo knife client list

Output:

    admin-hostpresto

Configure New Nodes to Interact with Chef Server

After configuring chef-server and the knife workstation, it’s time to add new servers to our chef environment by Configuring a new node to interact with chef server.

Run the following command to configure a new node to work with chef server on Workstation:

sudo knife bootstrap chef-server-ip --ssh-user root --ssh-password password --node-name newnode

You should see the following output:

        Doing old-style registration with the validation key at /.chef/hostpresto.pem...
        Delete your validation key in order to use your user credentials instead

        Connecting to chef-server-ip
        chef-server-ip Installing Chef Client...
        chef-server-ip --2016-09-22 22:21:16-- https://www.opscode.com/chef/install.sh
        chef-server-ip Resolving www.opscode.com (www.opscode.com)... 184.106.28.91
        chef-server-ip Connecting to www.opscode.com (www.opscode.com)|184.106.28.91|:443... connected.
        chef-server-ip HTTP request sent, awaiting response... 200 OK
        chef-server-ip Length: 18736 (18K) [application/x-sh]
        chef-server-ip Saving to: ‘STDOUT’
        chef-server-ip
        100%[======================================>] 18,736 --.-K/s in 0s
        chef-server-ip
        chef-server-ip 2016-09-22 22:21:17 (200 MB/s) - written to stdout [18736/18736]
        chef-server-ip
        chef-server-ip Downloading Chef 12 for ubuntu...
        chef-server-ip downloading https://www.opscode.com/chef/metadata?v=12&prerelease=false&nightlies=false&p=ubuntu&pv=14.04&m=x86_64
        chef-server-ip to file /tmp/install.sh.26024/metadata.txt
        chef-server-ip trying wget...

You can list node created above by running the following command:

sudo knife node list

Output:

    newnode

Similarly you can add multiple nodes to your chef infrastructure by providing ssh credentials with the same above knofe bootstrap command.

Want your very own server? Get our 1GB memory, Xeon V4, 25GB SSD VPS for £10.00 / month.
Get a Cloud Server

Share this Article!

Related Posts

Node.js Authentication – A Complete Guide with Passport and JWT

Node.js Authentication – A Complete Guide with Passport and JWT

Truth be told, it’s difficult for a web application that doesn’t have some kind of identification, even if you don’t see it as a security measure in and of itself. The Internet is a kind of lawless land, and even on free services like Google’s, authentication ensures that abuses will be avoided or at least […]

September 30, 2021
Read More Node.js Authentication – A Complete Guide with Passport and JWT
Node.js and MongoDB: How to Connect MongoDB With Node

Node.js and MongoDB: How to Connect MongoDB With Node

MongoDB is a document-oriented NoSQL database, which was born in 2007 in California as a service to be used within a larger project, but which soon became an independent and open-source product. It stores documents in JSON, a format based on JavaScript and simpler than XML, but still with good expressiveness. It is the dominant […]

September 27, 2021
Read More Node.js and MongoDB: How to Connect MongoDB With Node
Using MySQL with Node.js: A Complete Tutorial

Using MySQL with Node.js: A Complete Tutorial

Although data persistence is almost always a fundamental element of applications, Node.js has no native integration with databases. Everything is delegated to third-party libraries to be included manually, in addition to the standard APIs. Although MongoDB and other non-relational databases are the most common choice with Node because if you need to scale an application, […]

September 7, 2021
Read More Using MySQL with Node.js: A Complete Tutorial
Node.Js Vs Django: Which Is the Best for Your Project

Node.Js Vs Django: Which Is the Best for Your Project

Django and NodeJs are two powerful technologies for web development, both have great functionality, versatile applications, and a great user interface. Both are open source and can be used for free. But which one fits your project best? NodeJs is based on JavaScript, while Django is written in Python. These are two equally popular technologies […]

August 31, 2021
Read More Node.Js Vs Django: Which Is the Best for Your Project
Nodejs Vs PHP: Which Works Best?

Nodejs Vs PHP: Which Works Best?

Before getting into the “battle” between Node.js and PHP we need to understand why the issue is still ongoing. It all started with the increased demand for smartphone applications, their success forcing developers to adapt to new back-end technologies that could handle a multitude of simultaneous requests. JavaScript has always been identified as a client-side […]

August 30, 2021
Read More Nodejs Vs PHP: Which Works Best?