Terry : Chef Server

Chef Server

Chef Server

The Chef Server acts as a hub for configuration data. The Chef Server stores cookbooks, the policies that are applied to cookbooks, and metadata that describes each registered node in the infrastructure. Nodes use the chef-client to ask the Chef Server for configuration details, such as recipes, templates, and file distributions. The chef-client then does as much of the configuration work as possible on the nodes themselves (and not on the Chef Server). This scalable approach distributes the configuration effort throughout the organization.

Types of Chef Servers

  • Hosted Chef
  • Private Chef
  • Open Source Chef

Chef Server Components

Starting with the release of Chef 11.x, the front-end for the Chef Server is written using Erlang, which is a programming language that first appeared in 1986, was open sourced in 1998, and is excellent with critical enterprise concerns like concurrency, fault-tolerance, and distributed environments. This version of Chef can scale to the size of any enterprise and is often referred to as Erchef.

The following diagram shows the various components that are part of a Chef Server deployment and how they relate to one another.

  • Bookshelf
    Bookshelf is used to store cookbook content—files, templates, and so on—that have been uploaded to the Chef Server as part of a cookbook version. Cookbook content is stored by content checksum. If two different cookbooks or different versions of the same cookbook include the same file or template, Bookshelf will store that file only once. The cookbook content managed by Bookshelf is stored in flat files and is separated from the Chef Server and search index repositories. All cookbooks are stored in a dedicated repository.
  • WebUI
    chef-server-webui is a Ruby on Rails 3.0 application that hosts the web interface for the Chef Server.
  • Erchef
    Erchef is a complete rewrite of the core API for the Chef Server, which allows it to be faster and more scalable than previous versions. The API itself is still compatible with the original Ruby-based Chef Server, which means that cookbooks and recipes that were authored for the Ruby-based Chef Server will continue to work on the Erlang-based Chef Server. The chef-client is still written in Ruby.
  • Message Queues
    Messages are sent to the Search Index using the following components:
    RabbitMQ is used as the message queue for the Chef Server. All items that will be added to the search index repository are first added to a queue.
    - chef-expander is used to pull messages from the RabbitMQ queue, process them into the required format, and then post them to chef-solr for indexing.
    - chef-solr wraps Apache Solr and exposes its REST API for indexing and search.
    All messages are added to a dedicated search index repository.
  • Nginx
    Nginx is an open-source HTTP and reverse proxy server that is used as the front-end load balancer for the Chef Server. All requests to the Chef Server API are routed through Nginx.
  • PostgreSQL
    PostgreSQL is the data storage repository for the Chef Server.

For Hosted Chef, these components are mostly transparent because of the hosted interface for the Chef Server. For Private Chef and the open source Chef Server, these relationships can be more complex, depending on how the machines on which the Chef Server will run need to be deployed.

Common Features

Each type of Chef Server provides the following features:

Chef Server APIThe Chef Server API is used to provide access to objects on the Chef Server.
Data BagsA data bag is a global variable that is stored as JSON data and is accessible from a Chef Server.
EnvironmentsAn environment is a way to map an organization’s real-life workflow to what can be configured and managed when using Chef Server.
Node ObjectsThe node object consists of the run-list and node attributes, which is a JSON file that is stored on the Chef Server. The chef-client gets a copy of the node object from the Chef Server during each Chef run and places an updated copy on the Chef Server at the end of each Chef run.
RolesA role is a way to define certain patterns and processes that exist across nodes in a Chef organization as belonging to a single job function.
SearchSearch indexes allow queries to be made for any type of data that is indexed by the Chef Server, including data bags (and data bag items), environments, nodes, and roles.


Install Chef Server

1. Download the Chef Server package

http://www.opscode.com/chef/install - Chef Server Tab

NOTE: To install Chef Client, use the install script or use OS specific packages, support Debian/Ubuntu, Enterprise Linux, SUSE Enterprise, openSUSE, Solaris, Windows.

# wget
curl -L https://www.opscode.com/chef/install.sh | sudo bash
# curl
wget -q https://www.opscode.com/chef/install.sh -O - | sudo bash

Download the Chef Server for Enterprise Linux {5,6} RPM or Ubuntu DEB.

2. Install the package

Enterprise Linux

rpm -ivh chef-server-11.0.8-1.el6.x86_64.rpm


dpkg -i chef-server_11.0.8-1.ubuntu.12.04_amd64.deb

3. Configure Chef Sever 11.x

Run the command to configure chef server

sudo chef-server-ctl reconfigure

NOTE: This command will set up all of the required components, including Erchef, RabbitMQ, PostgreSQL, and all of the cookbooks that are used by chef-solo to maintain Chef Server 11.x.

In fact this is the what it is going to run behind the scene

/opt/chef-server/embedded/bin/chef-solo -c /opt/chef-server/embedded/cookbooks/solo.rb -j /opt/chef-server/embedded/cookbooks/dna.json

NOTE: cookbooks are in /opt/chef-server/embedded/cookbooks.

4. Verify the the hostname for the Chef Server by running the hostname command. The hostname for the Chef Server must be a FQDN.

5. Verify the installation of Chef Server 11.x

Run the command

sudo chef-server-ctl test

This will run the chef-pedant test suite against the installed Chef Server 11.x and will report back that everything is working and installed correctly.

6. Set up a workstation

From the workstation, verify the install by running the following commands to ensure that every chef-client and user was registered correctly.

The knife client subcommand is used to manage an API client list and their associated RSA public key-pairs. This allows authentication requests to be made to the Chef Server by any entity that uses the Chef Server API, such as the chef-client and Knife.

knife client list

The knife user subcommand is used to manage the list of Chef users and their associated RSA public key-pairs.

knife user list

About Knife

About Knife

Knife Reference


Chef Server Overview

Chef 11 Server: Up and Running

Install the Chef Server

Install the Chef Server on a Virtual Machine