Difference between revisions of "Chef infrastructure setup"
(Created page with "<yambe:breadcrumb>Chef|Chef</yambe:breadcrumb> =Chef infrastructure setup= ==Install Chef server== In case of a virtual server (such as openVZ container) 2.5GB RAM, 500k ino...") |
m |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[System administration tools]] > [[Chef|chef]] > [[Chef infrastructure setup]] | |||
'''These steps were tried on an openVZ container based setup. Unfortunately node bootstrap fails if all three machines server, workstation and node are configured as openVZ containers. Whether these steps work on a VM or not is not verified.''' | |||
==Install Chef server== | ==Install Chef server== | ||
Line 10: | Line 12: | ||
# rpm -ivh *.rpm | # rpm -ivh *.rpm | ||
# chef-server-ctl reconfigure | # chef-server-ctl reconfigure | ||
#:At least in the case of openVZ containers following additional things need to be done: | |||
#:# '<tt>chef-server-ctl reconfigure</tt>' needs to be run twice so that installation ends with | |||
#:#:<pre> | |||
#:#:: Chef Client finished, 396/448 resources updated in 109.272186048 seconds | |||
#:#:: opscode Reconfigured! | |||
#:#:</pre> | |||
#:# Container needs to be rebooted after package is installed for things to work. Without this following error message would be received while trying to create a new user using chef-server-ctl | |||
#:#:<pre> | |||
#:#::ERROR: Errno::ECONNRESET: Connection reset by peer - SSL_connect | |||
#:#:</pre> | |||
# Download ops-manage from http://downloads.getchef.com/chef-manage/ to /root | # Download ops-manage from http://downloads.getchef.com/chef-manage/ to /root | ||
# chef-server-ctl install opscode-manage --path /root | # chef-server-ctl install opscode-manage --path /root | ||
# opscode-manage-ctl reconfigure | # opscode-manage-ctl reconfigure | ||
# chef-server-ctl reconfigure | # chef-server-ctl reconfigure | ||
# chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@ | # chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@example.com secret123 --filename saurabh.pem | ||
# Open http://<server-IP>/ and login using username (saurabh) and password ( | # Open http://<server-IP>/ and login using username (saurabh) and password (secret123) | ||
# Create organization and download starter kit. It will warn about regenerating keys. That is ok. | # Create organization and download starter kit. It will warn about regenerating keys. That is ok. | ||
# Other way to create organization is: | # Other way to create organization is: | ||
Line 35: | Line 47: | ||
#:: | #:: | ||
#:::<pre> | #:::<pre> | ||
#:::: chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@ | #:::: chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@example.com secret123 --filename saurabh.pem | ||
#:::</pre> | #:::</pre> | ||
# Then create a new organization using: | # Then create a new organization using: | ||
Line 54: | Line 66: | ||
#:: log_level :info | #:: log_level :info | ||
#:: log_location STDOUT | #:: log_location STDOUT | ||
#:: node_name " | #:: node_name "saurabh" | ||
#:: client_key "#{current_dir}/saurabh.pem" | #:: client_key "#{current_dir}/saurabh.pem" | ||
#:: validation_client_name "saurabh-rekall" | #:: validation_client_name "saurabh-rekall" | ||
Line 63: | Line 75: | ||
#:: cookbook_path ["#{current_dir}/../cookbooks"] | #:: cookbook_path ["#{current_dir}/../cookbooks"] | ||
#:</pre> | #:</pre> | ||
#::Here node_name must match with the name of the user for which client key was generated. | |||
# Run "<tt>knife user list</tt>" and "<tt>knife client list</tt>" commands to verify whether knife configuration is working | # Run "<tt>knife user list</tt>" and "<tt>knife client list</tt>" commands to verify whether knife configuration is working | ||
# Create "<tt>~/cookbooks</tt>" folder for cookbooks as specified in ~/.chef/knife.rb | # Create "<tt>~/cookbooks</tt>" folder for cookbooks as specified in ~/.chef/knife.rb | ||
Line 80: | Line 93: | ||
#:: For example | #:: For example | ||
#:::<pre> | #:::<pre> | ||
#:::: knife bootstrap 192.168.122.105 --ssh-user root --ssh-password | #:::: knife bootstrap 192.168.122.105 --ssh-user root --ssh-password secret123 --node-name dns | ||
#:::</pre> | #:::</pre> | ||
Line 86: | Line 99: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[System administration tools]] > [[Chef|chef]] > [[Chef infrastructure setup]] |
Latest revision as of 12:09, 28 July 2022
Home > CentOS > CentOS 6.x > System administration tools > chef > Chef infrastructure setup
These steps were tried on an openVZ container based setup. Unfortunately node bootstrap fails if all three machines server, workstation and node are configured as openVZ containers. Whether these steps work on a VM or not is not verified.
Install Chef server
In case of a virtual server (such as openVZ container) 2.5GB RAM, 500k inodes and 10GB disk space is recommended
- yum -y install postgresql
- Download chef server from http://downloads.chef.io/chef-server/
- rpm -ivh *.rpm
- chef-server-ctl reconfigure
- At least in the case of openVZ containers following additional things need to be done:
- 'chef-server-ctl reconfigure' needs to be run twice so that installation ends with
- Chef Client finished, 396/448 resources updated in 109.272186048 seconds
- opscode Reconfigured!
- Container needs to be rebooted after package is installed for things to work. Without this following error message would be received while trying to create a new user using chef-server-ctl
- ERROR: Errno::ECONNRESET: Connection reset by peer - SSL_connect
- 'chef-server-ctl reconfigure' needs to be run twice so that installation ends with
- At least in the case of openVZ containers following additional things need to be done:
- Download ops-manage from http://downloads.getchef.com/chef-manage/ to /root
- chef-server-ctl install opscode-manage --path /root
- opscode-manage-ctl reconfigure
- chef-server-ctl reconfigure
- chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@example.com secret123 --filename saurabh.pem
- Open http://<server-IP>/ and login using username (saurabh) and password (secret123)
- Create organization and download starter kit. It will warn about regenerating keys. That is ok.
- Other way to create organization is:
- chef-server-ctl org-create rekall Rekall Software Pvt. Ltd. --association_user saurabh --filename rekall.pem
- Save starter-kit on a workstation and use it to work with server
Steps learned from https://docs.chef.io/install_server.html
Configure chef-server and knife workstation combination using command line
- On chef server create a new user using:
- chef-server-ctl user-create user_name first_name last_name email password --filename FILE_NAME
-
-
- chef-server-ctl user-create saurabh Saurabh Barjatiya saurabh@example.com secret123 --filename saurabh.pem
-
- Then create a new organization using:
- chef-server-ctl org-create short_name full_organization_name --association_user user_name --filename FILE_NAME
-
- Example
- chef-server-ctl org-create rekall Rekall Software Pvt. Ltd. --association_user saurabh --filename rekall.pem
- Example
- Install chef development kit on client as explained at chef-apply and receipe syntax
- Verify using chef-client -v that client got installed properly
- Create ~/.chef and copy the two user and organization pem files to this folder
- Now create "~/.chef/knife.rb" with following content:
- current_dir = File.dirname(__FILE__)
- log_level :info
- log_location STDOUT
- node_name "saurabh"
- client_key "#{current_dir}/saurabh.pem"
- validation_client_name "saurabh-rekall"
- validation_key "#{current_dir}/rekall.pem"
- chef_server_url "https://chefserver/organizations/rekall"
- cache_type 'BasicFile'
- cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
- cookbook_path ["#{current_dir}/../cookbooks"]
-
- Here node_name must match with the name of the user for which client key was generated.
- Run "knife user list" and "knife client list" commands to verify whether knife configuration is working
- Create "~/cookbooks" folder for cookbooks as specified in ~/.chef/knife.rb
More info on knife configuration is available at https://docs.chef.io/config_rb_knife.html
Steps learned from http://sachinsharm.wordpress.com/2013/10/11/installsetup-and-configure-chef-serverworkstationnode-on-centosrhel-6-4/
Configure a new node to interact with chef-server
- To configure a new node to work with chef server use:
- knife bootstrap {{address}} --ssh-user {{user}} --ssh-password '{{password}}' --node-name node1 --run-list 'recipe[learn_chef_httpd]'
-
- For example
- knife bootstrap 192.168.122.105 --ssh-user root --ssh-password secret123 --node-name dns
- For example
Home > CentOS > CentOS 6.x > System administration tools > chef > Chef infrastructure setup