Chef Server
Chef Server
The Chef Server acts as a hub for configuration data. The Chef Server stores cookbooks, the policies that are applied to cookbooks, and metadata that describes each registered node in the infrastructure. Nodes use the chef-client to ask the Chef Server for configuration details, such as recipes, templates, and file distributions. The chef-client then does as much of the configuration work as possible on the nodes themselves (and not on the Chef Server). This scalable approach distributes the configuration effort throughout the organization.
Types of Chef Servers
- Hosted Chef
- Private Chef
- Open Source Chef
Chef Server Components
Starting with the release of Chef 11.x, the front-end for the Chef Server is written using Erlang, which is a programming language that first appeared in 1986, was open sourced in 1998, and is excellent with critical enterprise concerns like concurrency, fault-tolerance, and distributed environments. This version of Chef can scale to the size of any enterprise and is often referred to as Erchef.
The following diagram shows the various components that are part of a Chef Server deployment and how they relate to one another.
Components
- Bookshelf
Bookshelf is used to store cookbook content—files, templates, and so on—that have been uploaded to the Chef Server as part of a cookbook version. Cookbook content is stored by content checksum. If two different cookbooks or different versions of the same cookbook include the same file or template, Bookshelf will store that file only once. The cookbook content managed by Bookshelf is stored in flat files and is separated from the Chef Server and search index repositories. All cookbooks are stored in a dedicated repository. - WebUI
chef-server-webui is a Ruby on Rails 3.0 application that hosts the web interface for the Chef Server. - Erchef
Erchef is a complete rewrite of the core API for the Chef Server, which allows it to be faster and more scalable than previous versions. The API itself is still compatible with the original Ruby-based Chef Server, which means that cookbooks and recipes that were authored for the Ruby-based Chef Server will continue to work on the Erlang-based Chef Server. The chef-client is still written in Ruby. - Message Queues
Messages are sent to the Search Index using the following components:
- RabbitMQ is used as the message queue for the Chef Server. All items that will be added to the search index repository are first added to a queue.
- chef-expander is used to pull messages from the RabbitMQ queue, process them into the required format, and then post them to chef-solr for indexing.
- chef-solr wraps Apache Solr and exposes its REST API for indexing and search.
All messages are added to a dedicated search index repository. - Nginx
Nginx is an open-source HTTP and reverse proxy server that is used as the front-end load balancer for the Chef Server. All requests to the Chef Server API are routed through Nginx. - PostgreSQL
PostgreSQL is the data storage repository for the Chef Server.
For Hosted Chef, these components are mostly transparent because of the hosted interface for the Chef Server. For Private Chef and the open source Chef Server, these relationships can be more complex, depending on how the machines on which the Chef Server will run need to be deployed.
Common Features
Each type of Chef Server provides the following features:
| Feature | Description |
|---|---|
| Chef Server API | The Chef Server API is used to provide access to objects on the Chef Server. |
| Data Bags | A data bag is a global variable that is stored as JSON data and is accessible from a Chef Server. |
| Environments | An environment is a way to map an organization’s real-life workflow to what can be configured and managed when using Chef Server. |
| Node Objects | The node object consists of the run-list and node attributes, which is a JSON file that is stored on the Chef Server. The chef-client gets a copy of the node object from the Chef Server during each Chef run and places an updated copy on the Chef Server at the end of each Chef run. |
| Roles | A role is a way to define certain patterns and processes that exist across nodes in a Chef organization as belonging to a single job function. |
| Search | Search indexes allow queries to be made for any type of data that is indexed by the Chef Server, including data bags (and data bag items), environments, nodes, and roles. |
Install Chef Server
1. Download the Chef Server package
http://www.opscode.com/chef/install - Chef Server Tab
NOTE: To install Chef Client, use the install script or use OS specific packages, support Debian/Ubuntu, Enterprise Linux, SUSE Enterprise, openSUSE, Solaris, Windows.
# wget curl -L https://www.opscode.com/chef/install.sh | sudo bash # curl wget -q https://www.opscode.com/chef/install.sh -O - | sudo bash
Download the Chef Server for Enterprise Linux {5,6} RPM or Ubuntu DEB.
2. Install the package
Enterprise Linux
rpm -ivh chef-server-11.0.8-1.el6.x86_64.rpm
Ubuntu
dpkg -i chef-server_11.0.8-1.ubuntu.12.04_amd64.deb
3. Configure Chef Sever 11.x
Run the command to configure chef server
sudo chef-server-ctl reconfigure
NOTE: This command will set up all of the required components, including Erchef, RabbitMQ, PostgreSQL, and all of the cookbooks that are used by chef-solo to maintain Chef Server 11.x.
In fact this is the what it is going to run behind the scene
/opt/chef-server/embedded/bin/chef-solo -c /opt/chef-server/embedded/cookbooks/solo.rb -j /opt/chef-server/embedded/cookbooks/dna.json
NOTE: cookbooks are in /opt/chef-server/embedded/cookbooks.
4. Verify the the hostname for the Chef Server by running the hostname command. The hostname for the Chef Server must be a FQDN.
5. Verify the installation of Chef Server 11.x
Run the command
sudo chef-server-ctl test
This will run the chef-pedant test suite against the installed Chef Server 11.x and will report back that everything is working and installed correctly.
6. Set up a workstation
From the workstation, verify the install by running the following commands to ensure that every chef-client and user was registered correctly.
The knife client subcommand is used to manage an API client list and their associated RSA public key-pairs. This allows authentication requests to be made to the Chef Server by any entity that uses the Chef Server API, such as the chef-client and Knife.
knife client list
The knife user subcommand is used to manage the list of Chef users and their associated RSA public key-pairs.
knife user list
About Knife
Reference
Chef 11 Server: Up and Running
Install the Chef Server on a Virtual Machine