Saturday, August 5, 2017

Chef Infrastructure

Chef Infrastructure

 A cookbook is a collection of all components  needed to change something on  a server.Things such as installing MySql or configuring  SSH can be done by cookbooks.The most important part of the cookbook is recipes, which tell chef which resources  you want to configure on your host.

You need to deploy cookbooks to the nodes that you want to change,Chef offers multiple methods for this task.Most probably ,you will use a central  Chef server.You  can either run your  own server  or signup for hosted chef.

The Chef server is the central registry ,where each node  needs to be registered .The chef server distributes the cookbooks you uploaded to it, to your nodes.

Knife is Chef's command line tool to interact with the chef server.You run it on your local workstation and use it to upload the cookbooks  and manage other aspects of chef.

On your nodes, you need to install chef client - the program that runs on your nodes, retrieving cookbooks from the chef server  and executing them on the node.

Using Version control system

 A  version control system  is a fundamental part of any infrastructure automation.there are multiple solutions to manage source version control.

1)You will need Git installed on your local workstation.use your operating system's package manager (such as Apt on Ubuntu or Homebrew  on OS X ,or simply  download the  installer  from www.git-scm.org)


Installing the Chef  Development kit on your workstation

 If you want to use Chef,you will need to  install  the Chef  Development kit (DK) on your local workstation first.You  will have  to develop  your configuration  locally and use Chef  to distribute them to your chef server.

Chef provides  a fully  packaged version, which does not have any external prerequisites.This fully packaged chef is called the omnibus installer.

 How to do it?

 To install the Chef Development kit:

 1) Visit this page: https://downloads.chef.io/chefdk/.  The Chef Development kit supports macOS,Red Hat Enterprise linux, Ubuntu  and Microsoft Windows.

2) Select a platform  and then a package. (Chef-docs uses the MacOS setup within the documentation .)

3) Click the download button

4) Follow the steps in the installer and install the chef  development kit on your machine.The chef development kit is installed to /opt/chefdk / on your unix/linux system.

5) When finished, open a command window  and enter the following:

      $ chef verify


Using the Hosted chef platform
if  you want to get started  with Chef right away  (with out the need to install your own chef server) or  want  a third party  to give  you a Service level agreement  (SLA)  for your chef server, you can signup  for hosted chef  by Chef Software , Inc . Chef Software , Inc . operates  Chef as a cloud service .It's quick to setup  and gives  you full control ,using users and groups  to control access permissions to your Chef setup. We will configure knife, chef's command line to interact with the hosted chef,so that you can start managing your nodes.

Before being able to use  hosted chef, you need to sign up for the service.There is  a free account for up to five nodes:

Visit  http://manage.chef.io/signup  and registering for  a free account.

How to do it?

 Download Chef-starter kit  from hosted chef  or carry out the following steps  to interact with the hosted chef

 1.Create the configuration directory for your Chef client on your local workstation:

local@workstation:- $  cd  ~/chef-repo
mkdir .chef


2. Generate the knife config and put the downloaded knife.rb  into .chef directory  inside your chef-repo  directory.

Make sure  you have your  user's private key  saved as  .chef/< YOUR USERNAME>.pem ,If needed you can reset  it at  https://id.chef.io/id/profile and short name you chose for your organization  in your knife.rb file:
(osr is the organization name).
current_dir = File.dirname(_FILE_)
log_level:info
log_location    STD_OUT
node_name      "kau_osr"
client_key        "#{current_dir}/kau_osr.pem"
chef_server_url  "https://api.chef.io/organsations/osr "
cache_type          'BasicFile'
cache_options(  :path= >  "#{ENV['HOME']}/.chef/checksum"  )
cookbook_path    ["#current _dir}/../cookbooks"]NOTE



Note:

    You should add the following code to your .gitignore file inside chef-repo  to avoid your credentials ending up in your repository.


 .chef/*.pem


3.  Use knife to verify that you can connect to your hosted chef  organization .It should have any clients ,so far :



local@workstation:- $  knife client list 
How it works?

 The following line of code in your knife.rb file  tells knife  where to find  your users private key .

It is used to authenticate you with the chef-server :

Client_key         "#{current_dir}/kau_osr.pem"


Also,the following line of code in your knife.rb file tells knife that you are using the hosted chef.

You will find your  organization name as the last part of the url:

chef_server_url   "https://api.chef.io/organsations/osr"




Using the knife.rb file  and your user's key ,you can now connect  to your organization hosted by chef software inc.
There's more

  This setup is good for you, if you dont want to worry about running, scaling and updating your own chef server  and if your happy with saving all your configuration data in the cloud  and under the control of chef software  inc .

Note

If you need to have all your configuration data in your own network boundaries, you can install Chef server onpremises  by choosing  ON PREMISES CHEF  at https://www.chef.io/chef/chooseyourversion/ or install  the Open source version of chef server directly from Github  at https://github.com/chef/chef .


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)