Home > Others > Standalone Chef Server / Workstation / Client Setup on CentOS 6

Standalone Chef Server / Workstation / Client Setup on CentOS 6

The standalone installation of Chef server creates a working installation on a single server. This installation is also useful when you are installing Chef server in a virtual machine, for proof-of-concept deployments, or as a part of a development or testing loop.

Before we start.

In our environment we will be creating the below nodes.
192.168.30.132  chefserver.ahmed.com    
192.168.30.142  chefworkstation.ahmed.com    
192.168.30.141  chefnode.ahmed.com 
Setup the /etc/hosts file on all the nodes.
127.0.0.1   localhost
192.168.30.132  chefserver.ahmed.com    chefserver
192.168.30.142  chefworkstation.ahmed.com    chefworkstation
192.168.30.141  chefnode.ahmed.com    chefnode
Install crontabs (if not already installed)
yum install crontabs
Flush all the iptables rules and save them on all Nodes.
iptables -F
service iptables save
Command output.
[root@chefnode Downloads]# iptables -F
[root@chefnode Downloads]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@chefnode Downloads]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@chefnode Downloads]#
Set selinux to Permissive mode on all nodes.
setenforce Permissive
getenforce
Command output.
[root@chefnode Downloads]# setenforce Permissive
[root@chefnode Downloads]# getenforce
Permissive
[root@chefnode Downloads]#
Download the package from http://ift.tt/1AVBlMj.
[root@chefnode Downloads]# ls -l
total 656944
-rwxr--r--. 1 root root  52338858 Jun  8 01:45 chef-12.10.24-1.el6.x86_64.rpm
-rwxr--r--. 1 root root 142488123 Jun  8 01:45 chefdk-0.14.25-1.el6.x86_64.rpm
-rwxr--r--. 1 root root 477870942 Jun  8 01:45 chef-server-core-12.6.0-1.el6.x86_64.rpm
[root@chefnode Downloads]#

Creating chef-server.

Install the package as below.
rpm -ivh chef-server-core-12.6.0-1.el6.x86_64.rpm
First thing we need to do is to reconfigure the server.
chef-server-ctl reconfigure
Create a user for the server.
chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename PATH_TO_FILE_NAME
Command.
chef-server-ctl user-create ahmed Zubair AHMED zubayr.a@gmail.com 'ahmed@123' --filename /etc/chef/ahmed.pem 
Create an organization.
chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem 
Command.
chef-server-ctl org-create ahmedinc 'Ahmed, Inc.' --association_user ahmed --filename /etc/chef/ahmed-validator.pem
Setting up and installing chef-manage.
chef-server-ctl install chef-manage
chef-server-ctl reconfigure
chef-manage-ctl reconfigure
Check server status using below command.
chef-server-ctl status
we see all the services running fine.
[root@chefserver Downloads]# chef-server-ctl status
run: bookshelf: (pid 6081) 4002s; run: log: (pid 6121) 4001s
run: nginx: (pid 8725) 2724s; run: log: (pid 6245) 3995s
run: oc_bifrost: (pid 5924) 4008s; run: log: (pid 5959) 4008s
run: oc_id: (pid 5976) 4006s; run: log: (pid 5984) 4006s
run: opscode-erchef: (pid 6192) 3999s; run: log: (pid 6160) 4001s
run: opscode-expander: (pid 6046) 4002s; run: log: (pid 6064) 4002s
run: opscode-solr4: (pid 6007) 4004s; run: log: (pid 6036) 4003s
run: postgresql: (pid 5901) 4009s; run: log: (pid 5914) 4009s
run: rabbitmq: (pid 5814) 4010s; run: log: (pid 5807) 4010s
run: redis_lb: (pid 8133) 2805s; run: log: (pid 6241) 3996s
[root@chefserver Downloads]#

Installing chefdk on workstation node.

More information here

Install chefdk-0.14.25-1.el6.x86_64.rpm on the node.

[root@chefworkstation Downloads]# rpm -ivh chefdk-0.14.25-1.el6.x86_64.rpm
warning: chefdk-0.14.25-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID
Preparing...                ########################################### [100%]
   1:chefdk                 ########################################### [100% ]
Thank you for installing Chef Development Kit!
Check for selinux.
[root@chefworkstation Downloads]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
Set selinux to Permissive .
[root@chefworkstation Downloads]# setenforce Permissive
[root@chefworkstation Downloads]# getenforce
Permissive
Check installation using chef verify.
[root@chefworkstation chefdk]# chef verify
Running verification for component 'berkshelf'
Running verification for component 'test-kitchen'
Running verification for component 'tk-policyfile-provisioner'
Running verification for component 'chef-client'
Running verification for component 'chef-dk'
Running verification for component 'chef-provisioning'
Running verification for component 'chefspec'
Running verification for component 'generated-cookbooks-pass-chefspec'
Running verification for component 'rubocop'
Running verification for component 'fauxhai'
Running verification for component 'knife-spork'
Running verification for component 'kitchen-vagrant'
Running verification for component 'package installation'
Running verification for component 'openssl'
Running verification for component 'inspec'
Running verification for component 'delivery-cli'
Running verification for component 'git'
Running verification for component 'opscode-pushy-client'
Running verification for component 'chef-sugar'
Running verification for component 'knife-supermarket'
..............................................
---------------------------------------------
Verification of component 'fauxhai' succeeded.
Verification of component 'kitchen-vagrant' succeeded.
Verification of component 'openssl' succeeded.
Verification of component 'delivery-cli' succeeded.
Verification of component 'test-kitchen' succeeded.
Verification of component 'rubocop' succeeded.
Verification of component 'inspec' succeeded.
Verification of component 'opscode-pushy-client' succeeded.
Verification of component 'knife-supermarket' succeeded.
Verification of component 'berkshelf' succeeded.
Verification of component 'knife-spork' succeeded.
Verification of component 'git' succeeded.
Verification of component 'tk-policyfile-provisioner' succeeded.
Verification of component 'chefspec' succeeded.
Verification of component 'chef-sugar' succeeded.
Verification of component 'chef-client' succeeded.
Verification of component 'chef-dk' succeeded.
Verification of component 'package installation' succeeded.
Verification of component 'chef-provisioning' succeeded.
Verification of component 'generated-cookbooks-pass-chefspec' succeeded.
Setting up ruby.
[root@chefworkstation ahmed]# eval "$(chef shell-init bash)"
[root@chefworkstation ahmed]# which ruby
/opt/chefdk/embedded/bin/ruby
[root@chefworkstation ahmed]#
To make these changes persist, execute below command to update .bash_profile.
echo 'eval "$(chef shell-init bash)"' >> ~/.bash_profile

Getting the starter kit.

Goto the chef-server > Administration Tab > Select organization > Click Starter Kit on the left pane.
Admin Tab
files
Select starter-kit
files
Reset keys and download
files
Copy the starter kit (chef-repo) from the server and unzip and save it in the home directory on WORKSTATION NODE.
[root@chefworkstation ahmed]# pwd
/home/ahmed
[root@chefworkstation ahmed]# ls -l
total 40
drwxr-xr-x. 5 root  root  4096 Jun  8 03:27 chef-repo
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Desktop
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Documents
drwxr-xr-x. 2 ahmed ahmed 4096 Jun  8 02:55 Downloads
drwxrwxr-x. 6 ahmed ahmed 4096 Feb  3 01:39 github
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Music
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Pictures
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Public
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Templates
drwxr-xr-x. 2 ahmed ahmed 4096 May  7  2015 Videos
[root@chefworkstation ahmed]# tree chef-repo/
chef-repo/
├── cookbooks
│   ├── chefignore
│   ├── cm_setup
│   │   ├── Berksfile
│   │   ├── Berksfile.lock
│   │   ├── chefignore
│   │   ├── metadata.rb
│   │   ├── README.md
│   │   ├── recipes
│   │   │   └── default.rb
│   │   ├── spec
│   │   │   ├── spec_helper.rb
│   │   │   └── unit
│   │   │       └── recipes
│   │   │           └── default_spec.rb
│   │   ├── templates
│   │   │   └── default
│   │   │       ├── cloudera_manager.repo.erb
│   │   │       ├── my.cnf.erb
│   │   │       └── sysctl.conf.erb
│   │   └── test
│   │       └── integration
│   │           ├── default
│   │           │   └── serverspec
│   │           │       └── default_spec.rb
│   │           └── helpers
│   │               └── serverspec
│   │                   └── spec_helper.rb
│   └── starter
│       ├── attributes
│       │   └── default.rb
│       ├── files
│       │   └── default
│       │       └── sample.txt
│       ├── metadata.rb
│       ├── recipes
│       │   └── default.rb
│       └── templates
│           └── default
│               └── sample.erb
├── README.md
└── roles
    └── starter.rb

22 directories, 21 files
[root@chefworkstation ahmed]#

Fetching the SSL key from the chef-server.

[root@chefworkstation chef-repo]# knife ssl fetch
WARNING: Certificates from chefserver.ahmed.com will be fetched and placed in your trusted_cert
directory (/home/ahmed/chef-repo/.chef/trusted_certs).

Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.

Adding certificate for chefserver.ahmed.com in /home/ahmed/chef-repo/.chef/trusted_certs/chefserver_ahmed_com.crt
Check client currently available. Currently we see only the work station.
[root@chefworkstation chef-repo]# knife client list
ahmedinc-validator

Bootstrapping a Node.

More information here.

Setting up a client using the knife bootstrap command.

[root@chefworkstation chef-repo]#  knife bootstrap chefnode.ahmed.com -x ahmed -P ahmed --sudo
Doing old-style registration with the validation key at /home/ahmed/chef-repo/.chef/ahmedinc-validator.pem...
Delete your validation key in order to use your user credentials instead

Connecting to chefnode.ahmed.com
chefnode.ahmed.com This is BASH 4.1     - DISPLAY on
chefnode.ahmed.com
chefnode.ahmed.com Wed Jun  8 03:05:01 PDT 2016
chefnode.ahmed.com -----> Existing Chef installation detected
chefnode.ahmed.com Starting the first Chef Client run...
chefnode.ahmed.com Starting Chef Client, version 12.10.24
chefnode.ahmed.com Creating a new client identity for chefnode.ahmed.com using the validator key.
chefnode.ahmed.com resolving cookbooks for run list: []
chefnode.ahmed.com Synchronizing Cookbooks:
chefnode.ahmed.com Installing Cookbook Gems:
chefnode.ahmed.com Compiling Cookbooks...
chefnode.ahmed.com [2016-06-08T03:05:08-07:00] WARN: Node chefnode.ahmed.com has an empty run list.
chefnode.ahmed.com Converging 0 resources
chefnode.ahmed.com
chefnode.ahmed.com Running handlers:
chefnode.ahmed.com Running handlers complete
chefnode.ahmed.com Chef Client finished, 0/0 resources updated in 05 seconds
chefnode.ahmed.com Hasta la vista, baby
We can check the node using the below command.
[root@chefworkstation chef-repo]# knife client list                          
ahmedinc-validator
chefnode.ahmed.com
Here is how we can see the new node on the chef-server.
cookbook on chef-server
Lets update the starter cookbook and upload to server and add the cookbook to the node.
Update /home/ahmed/chef-repo/cookbooks/starter/recipes/default.rb with below contents.
log "Welcome to Chef, #{node["starter_name"]}!" do
  level :info
end

file '/etc/my_first_file' do
        content 'This is my first file creation using chef server'
end

file '/etc/my_second_file' do
        content 'My Second file'
end
Here is the contents from the command output.
[root@chefworkstation chef-repo]# pwd                                         
/home/ahmed/chef-repo
[root@chefworkstation chef-repo]# cat cookbooks/starter/recipes/default.rb
# This is a Chef recipe file. It can be used to specify resources which will
# apply configuration to a server.

log "Welcome to Chef, #{node["starter_name"]}!" do
  level :info
end

file '/etc/my_first_file' do
        content 'This is my first file creation using chef server'
end

file '/etc/my_second_file' do
        content 'My Second file'
end
Now lets upload the cookbook to the server.
[root@chefworkstation chef-repo]# knife upload cookbooks/starter
Created cookbooks/starter
[root@chefworkstation chef-repo]#
Starter cookbook on the chef-server
cookbook on chef-server
Contents of starter Cookbook
cookbook on chef-server
Now lets configure the node to get the cookbook assigned.
Edit Node Configuration
files
Select the cookbook and add to Current Run List
files
files

Sync client with server using chef-client command.

Once we have assigned we can logon to the ched-node and execute chef-client. This will communicate to the chef-server and get the cookbook and syncronize the server.
[root@chefnode Downloads]# chef-client
Starting Chef Client, version 12.10.24
resolving cookbooks for run list: ["starter"]
Synchronizing Cookbooks:
  - starter (1.0.0)
Installing Cookbook Gems:
Compiling Cookbooks...
Converging 2 resources
Recipe: starter::default
  * log[Welcome to Chef, Sam Doe!] action write

  * file[/etc/my_first_file] action create
    - create new file /etc/my_first_file
    - update content in file /etc/my_first_file from none to ad169c
    --- /etc/my_first_file      2016-06-08 03:37:02.461008058 -0700
    +++ /etc/.chef-my_first_file20160608-3200-18m1pty   2016-06-08 03:37:02.460008058 -0700
    @@ -1 +1,2 @@
    +This is my first file creation using chef server
    - restore selinux security context

Running handlers:
Running handlers complete
Chef Client finished, 2/2 resources updated in 05 seconds

Getting repo from git and sync with chef-server.

On the workstation node.
[root@chefworkstation cookbooks]# pwd
/home/ahmed/chef-repo/cookbooks
Get repo from git and upload to chef server.
[root@chefworkstation cookbooks]# git clone http://ift.tt/25M3fvU
Initialized empty Git repository in /home/ahmed/chef-repo/cookbooks/cm_setup/.git/
remote: Counting objects: 62, done.
remote: Compressing objects: 100% (35/35), done.
remote: Total 62 (delta 5), reused 61 (delta 4), pack-reused 0
Unpacking objects: 100% (62/62), done.
[root@chefworkstation cookbooks]# cd ..
[root@chefworkstation chef-repo]# ls
cookbooks  README.md  roles
Upload to server.
[root@chefworkstation chef-repo]# knife upload cookbooks/cm_setup
Created cookbooks/cm_setup
[root@chefworkstation chef-repo]#
As seen on the server.
files

from Blogger http://ift.tt/25M3V4k
via IFTTT

Advertisements
Categories: Others Tags: ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: