Steps Involved:
- Chef-server installation and key generation
- Launching chef-server webui.
- Transferring keys to admin workstation (admin.pem and chef-validator.pem)
- Adding new node
- Deploying cookbook on newly added node (bootstrap)
1) Installation of chef-server
- Download chef-server from this link: http://www.getchef.com/chef/install/
- I am using chef-server-11.0.10 for my ubuntu 12.0.4 64 bit machine.
- Insatall chef-server
- $ sudo dpkg -i chef-server_11.0.10-1.ubuntu.12.04_amd64.deb
- Create /etc/chef-server/chef-server.rb file
- Use this file to configure it
- http://docs.opscode.com/config_rb_chef_server.html
- Reconfigure it
- $ sudo chef-server-ctl reconfigure
- Test to verify installation
- $ sudo chef-server-ctl test
- Make sure your all test passed else, debug them.
- Run all service
- $ sudo chef-server-ctl start
- Launch web-ui
- https://ip.addres.of.yourMachine
(in case of error, see the troubleshooting section) - If all service are running you'll be able to access web-ui through https protocol
- Use default chef-server password which you can see at the right side on the login screen
- Login and change password. Make sure to copy the private key and it's what our admin machine/workstation will use to connect to chef-server
- Copy and name the private key to : "admin.pem"
2) Installation of chef-client on admin workstation
- Make sure you've copied all private keys(.pem files) from chef server to your admin machine.
- These files are chef-webui.pem, admin.pem(which you recreated after login to webui), and chef-validator.pem
- Create chef-repo ,preferrably inside admin home directory.
I am creating it under /root/chef-repo - git clone https://github.com/opscode/chef-repo
- This is blank repo provided by opscode which we can use
- Create .chef directory under chef-repo folder and copy all your keys( STEP 1) in here.
- Generate knife.rb file
- cd chef-repo/.chef
- Run command to let make knife generate knife.rb file or you can write your own. Here we're taking aid of knife command.
- $ sudo knife configure init
- Enter what it ask you. After completion my knife.rb looks like this
- log_level :info
- log_location STDOUT
- node_name 'admin'
- client_key '/root/chef-repo/.chef/admin.pem'
- validation_client_name 'chef-validator'
- validation_key '/root/chef-repo/.chef/chef-validator.pem'
- chef_server_url 'https://192.168.50.40'
- syntax_check_cache_path '/root/chef-repo/.chef/syntax_check_cache'
- Try connecting to chef-server
- $ knife client list
- If you succeed connecting to server you would see following list:
- chef-validator
- chef-webui
- That cover your chef-client installation: The admin workstation setup
3) Add new node and try boostrapping it with a cookbook
- knife bootstrap is command to add new node into infrastructure
- $ knife bootstrap IP.Addres --sudo -x SSH_USERNAME -P SSH_PASSWORD -N NODE_NAME_TO_ASSIGN
- eg
knife bootstrap 192.168.50.43 --sudo -x vagrant -P vagrant -N slave03 - List your new node via "knife node" command
- $ knife node list
slave03 - You just added new node into your infrastructure. From webgui you also see your new node listed under "node" and "client" tab with no recipes currently added.
3) Writing and adding cooking for our nodes
- Create new cookbook
- $knife cookbook create apache
- It will create a apache folder under ../cookbooks dir
- Write recipe inside apache/recipes/default.rb file
- There are two ways of running recipe at client
- SSH's node and run sudo chef-client
- It'll pull recipe list assigned to it from server and run it
- run bootstrap command from admin workstation but this time assign recipe list as well
- $ knife bootstrap 192.168.50.43 --sudo -x vagrant -P vagrant -r "recipe_01, recipe_02, ..."
-----------------------------------------------------
Troubleshooting
- lost private keys
- Lost of admin.pem file
- Visit webui
- Edit account >> Edit >> Regnerate private key
- Lost chef-validator private key
- cleanse chef-server and start from scratch
- sudo chef-server-ctl cleanse
- ERROR: TypeError: can't convert nil into String
- Most probably argument error. I get this while executing following cookbook command:
$ knife cookbook create apache - Reason it give me this error was my knife.rb file was incomplete. I didn't specify cookbook_path variable. This mean i've to explicitly specify cookbook path while executing knife commands.
- I solved this by adding "cookbook_path" variable in my knife.rb file
OR - giving -o argument to specify cookbook directory
$ knife cookbook create MYCOOKBOOK -o /path/to/my/cookbook_dir - Not able to communicate with chef-server
- /opt/chef/embedded/lib/ruby/1.9.1/net/http.rb:763:in `initialize': Connection re
- used - connect(2) (Errno::ECONNREFUSED)
- Most probably chef-server is not configured with right parameters like server name
- Visit chef-server and cd /etc/chef-server or wherever your chef-server is installed
- make chef-server.rb file and enter following parametersserver_name = "192.168.56.11"api_fqdn server_namenginx['url'] = "https://#{server_name}"nginx['server_name'] = server_namelb['fqdn'] = server_namebookshelf['vip'] = server_name
- verify chef-server configuration :$ sudo chef-server-ctl show-config
- More info here: http://stackoverflow.com/questions/19586040/install-chef-server-11-on-ec2-instance
- Old recipes are getting run on node
- Most probably you forget to commit your changes and upload on chef-server
- $ knife cookbook upload cookbook_02
Reference:
- http://www.getchef.com/blog/2013/03/11/chef-11-server-up-and-running/
- chef_server.rb and chef-server configuratioin:
- https://github.com/opscode-cookbooks/chef-server
- http://docs.opscode.com/config_rb_chef_server.html
- http://docs.opscode.com/config_rb_knife.html
- http://leopard.in.ua/2013/02/17/chef-server-getting-started-part-1/
- http://sanketdangi.com/post/50649257357/chef-11-configuration-aws-ec2-rhel-6-3-instance
No comments:
Post a Comment