{"id":30014955,"url":"https://github.com/dennyzhang/challenges-chef","last_synced_at":"2026-03-08T04:31:23.076Z","repository":{"id":67455776,"uuid":"110874470","full_name":"dennyzhang/challenges-chef","owner":"dennyzhang","description":":book: Challenges Your Chef Skills By Solving Real Questions.","archived":false,"fork":false,"pushed_at":"2018-11-05T23:38:07.000Z","size":2448,"stargazers_count":26,"open_issues_count":2,"forks_count":33,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-08-05T18:38:46.431Z","etag":null,"topics":["chef","configuration-management","denny-challenges","devops","study-project"],"latest_commit_sha":null,"homepage":"https://www.dennyzhang.com/battle","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dennyzhang.png","metadata":{"files":{"readme":"README.org","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-15T19:04:24.000Z","updated_at":"2023-08-24T11:35:18.000Z","dependencies_parsed_at":"2023-06-11T02:50:01.219Z","dependency_job_id":null,"html_url":"https://github.com/dennyzhang/challenges-chef","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/dennyzhang/challenges-chef","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dennyzhang%2Fchallenges-chef","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dennyzhang%2Fchallenges-chef/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dennyzhang%2Fchallenges-chef/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dennyzhang%2Fchallenges-chef/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dennyzhang","download_url":"https://codeload.github.com/dennyzhang/challenges-chef/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dennyzhang%2Fchallenges-chef/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30245212,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-08T00:58:18.660Z","status":"online","status_checked_at":"2026-03-08T02:00:06.215Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chef","configuration-management","denny-challenges","devops","study-project"],"created_at":"2025-08-05T18:06:22.129Z","updated_at":"2026-03-08T04:31:23.022Z","avatar_url":"https://github.com/dennyzhang.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"* Summary\n#+BEGIN_HTML\n\u003ca href=\"https://www.linkedin.com/in/dennyzhang001\"\u003e\u003cimg src=\"https://www.dennyzhang.com/wp-content/uploads/sns/linkedin.png\" alt=\"linkedin\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/DennyZhang\"\u003e\u003cimg src=\"https://www.dennyzhang.com/wp-content/uploads/sns/github.png\" alt=\"github\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://www.dennyzhang.com/slack\" target=\"_blank\" rel=\"nofollow\"\u003e\u003cimg src=\"https://slack.dennyzhang.com/badge.svg\" alt=\"slack\"/\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/DennyZhang\"\u003e\u003cimg align=\"right\" width=\"200\" height=\"183\" src=\"https://www.dennyzhang.com/wp-content/uploads/denny/watermark/github.png\" /\u003e\u003c/a\u003e\n\n\u003cbr/\u003e\u003cbr/\u003e\n\n\u003ca href=\"http://makeapullrequest.com\" target=\"_blank\" rel=\"nofollow\"\u003e\u003cimg src=\"https://img.shields.io/badge/PRs-welcome-brightgreen.svg\" alt=\"PRs Welcome\"/\u003e\u003c/a\u003e\n#+END_HTML\n* CheatSheet\nFile me [[https://github.com/DennyZhang/cheatsheet-kubernetes-A4/issues][Issues]] or star [[https://github.com/DennyZhang/cheatsheet-kubernetes-A4][this repo]].\n\nSee more challenges from Denny: [[https://github.com/topics/denny-challenges][#denny-challenges]]\n\n** Scenario-101: Chef HelloWorld I\n- Objective: Create a dummy cookbook, and test deployment in docker\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Use docker container to start a env with chef pre-installed\n2. Create a dummy cookbook and apply it\n#+END_EXAMPLE\n\n- See more: [[Scenario-101][Scenario-101]]\n\n** Scenario-102: Chef HelloWorld II\n- Objective: Pure VM deployment\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Start a VM, install chef facility\n2. Create a dummy cookbook to install jq package\n3. Before install jq, run \"apt-get update\" by chef. So you need berkshelf.\n4. Enforce rubocop and foodcritic for code static check\n#+END_EXAMPLE\n\n- See more: [[Scenario-102][Scenario-102]]\n\n** Scenario-103: Chef HelloWorld III\n- Objective: Setup chef server and chef client\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Start 3 containers to run chef server, knife workstation and chef client\n2. Install and configure knife\n3. From knife node run chef deployment in chef client node\n#+END_EXAMPLE\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/dennyzhang/challenges-chef/master/images/scenario-103-design.png\"/\u003e \u003c/a\u003e\n#+END_HTML\n- See more: [[Scenario-103][Scenario-103]]\n- TODO\n\n** Scenario-201: Enforce TDD For Your Chef Cookbooks I\n- Objective: Test your cookbooks. Run kitchen docker in your laptop.\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Use kitchen to test your cookbook: start a container and test the logic\n2. Enforce kitchen verify logic via serverspec\n#+END_EXAMPLE\n\n- See more: [[Scenario-201][Scenario-201]]\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/dennyzhang/challenges-chef/master/images/scenario-201-design.png\"/\u003e \u003c/a\u003e\n#+END_HTML\n** Scenario-202: Enforce TDD For Your Chef Cookbooks II\n- Objective: Deploy for 3 scenarios: docker, local VM and public cloud\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Use Kitchen to test local vm deployment\n2. Use Kitchen to test docker deployment\n3. Use Kitchen to test cloud VM deployment\n#+END_EXAMPLE\n\n- See more: [[Scenario-202][Scenario-202]]\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/dennyzhang/challenges-chef/master/images/scenario-202-design.png\"/\u003e \u003c/a\u003e\n#+END_HTML\n\n** Scenario-301: Use Chef To Deploy Jenkins I\n- Objective: Use chef to deploy one common service for real\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Deploy a standalone jenkins by chef\n2. Chef shall add one jenkins user\n3. Chef shall add a dummy job with slack notification enabled\n4. Run deployment in docker, vagrant and EC2\n5. Test both Ubuntu 14.04 and Centos 7\n#+END_EXAMPLE\n\n- See more: [[Scenario-301][Scenario-301]]\n\n** Scenario-302: Use Chef To Deploy Jenkins II\n- Objective: More Jenkins customization\n- Requirements:\n#+BEGIN_EXAMPLE\n1. For better security, only registered user can login\n2. For better security, Jenkins listen on port 18080, instead of 8080\n3. When Jenkins is down, get alerts\n#+END_EXAMPLE\n\n- See more: [[Scenario-302][Scenario-302]]\n\n** Scenario-303: Use Chef To Deploy Jenkins II\n- Objective: More Jenkins customization\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Use Jenkinsfile to create a Jenkins pipeline\n2. Enable and configure ThinBackup\n#+END_EXAMPLE\n\n- See more: [[Scenario-303][Scenario-303]]\n- TODO\n\n** Scenario-401: Use Chef To Deploy 2 Nodes Jenkins I\n- Objective: Test and verify the deployment for both all-in-one and 2 nodes cluster\n- Requirements:\n#+BEGIN_EXAMPLE\n1. Test 2 nodes jenkins cluster deployment in docker\n2. Use Jenkinsfile to configure Jenkins\n3. Define Jenkins pipeline\n#+END_EXAMPLE\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/dennyzhang/challenges-chef/master/images/scenario-401-design.png\"/\u003e \u003c/a\u003e\n#+END_HTML\n- See more: [[Scenario-303][Scenario-303]]\n- TODO\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg align=\"right\" width=\"201\" height=\"268\" src=\"https://raw.githubusercontent.com/USDevOps/mywechat-slack-group/master/images/denny_201706.png\"\u003e\u003c/a\u003e\n#+END_HTML\n* More Resources\nLicense: Code is licensed under [[https://www.dennyzhang.com/wp-content/mit_license.txt][MIT License]].\n\n- Useful links\n#+BEGIN_EXAMPLE\nhttps://github.com/chef-cookbooks/jenkins\nhttps://github.com/jenkinsci/pipeline-examples\n#+END_EXAMPLE\n\n#+BEGIN_HTML\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg align=\"right\" width=\"201\" height=\"268\" src=\"https://raw.githubusercontent.com/USDevOps/mywechat-slack-group/master/images/denny_201706.png\"\u003e\u003c/a\u003e\n\u003ca href=\"https://www.dennyzhang.com\"\u003e\u003cimg align=\"right\" src=\"https://raw.githubusercontent.com/USDevOps/mywechat-slack-group/master/images/dns_small.png\"\u003e\u003c/a\u003e\n\n\u003ca href=\"https://www.linkedin.com/in/dennyzhang001\"\u003e\u003cimg align=\"bottom\" src=\"https://www.dennyzhang.com/wp-content/uploads/sns/linkedin.png\" alt=\"linkedin\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/DennyZhang\"\u003e\u003cimg align=\"bottom\"src=\"https://www.dennyzhang.com/wp-content/uploads/sns/github.png\" alt=\"github\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://www.dennyzhang.com/slack\" target=\"_blank\" rel=\"nofollow\"\u003e\u003cimg align=\"bottom\" src=\"https://slack.dennyzhang.com/badge.svg\" alt=\"slack\"/\u003e\u003c/a\u003e\n#+END_HTML\n* org-mode configuration :noexport:\n#+STARTUP: overview customtime noalign logdone showall\n#+DESCRIPTION: \n#+KEYWORDS: \n#+AUTHOR: Denny Zhang\n#+EMAIL: denny@dennyzhang.com\n#+TAGS: noexport(n)\n#+PRIORITIES: A D C\n#+OPTIONS: H:3 num:t toc:nil \\n:nil @:t ::t |:t ^:t -:t f:t *:t \u003c:t\n#+OPTIONS: TeX:t LaTeX:nil skip:nil d:nil todo:t pri:nil tags:not-in-toc\n#+EXPORT_EXCLUDE_TAGS: exclude noexport\n#+SEQ_TODO: TODO HALF ASSIGN | DONE BYPASS DELEGATE CANCELED DEFERRED\n#+LINK_UP: \n#+LINK_HOME: \n* # --8\u003c-------------------------- separator ------------------------\u003e8-- :noexport:\n* [#A] Routine job by chef :IMPORTANT:noexport:\n# Delete old client\nknife client delete mdmsandbox -c ~/.chef/knife_mdm.rb -y\nknife node delete mdmsandbox -c ~/.chef/knife_mdm.rb -y\n# Delete cookbook\nknife cookbook delete nagios3 -c ~/.chef/knife_mdm.rb -y\n** update osc envs\nknife bootstrap www.oscgc.com --sudo -x ubuntu -N \"dennytest\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n*** Internal Jenkins: 192.168.1.184:4022\nknife bootstrap 192.168.1.184 --sudo -x root -P totvsJenkins -p 4022 -N \"osc@cloud.com\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n** update mdm envs\n*** MDM offical nagios: 104.236.159.226:22\nknife bootstrap 104.236.159.226 --sudo -x root -N \"mdmnagios\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n*** Internal sandbox: 10.165.4.67:7022\nknife bootstrap 10.165.4.67 --sudo -x root -P sophia1 -p 7022 -N \"dennysandbox\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n*** Internal Jenkins: 10.165.4.67:4022\nknife bootstrap 10.165.4.67 --sudo -x root -P totvsJenkins -p 4022 -N \"mdmnjenkins\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n*** MDM repo server, official Jenkins: 104.236.159.226:4022\nknife bootstrap 104.236.159.226 --sudo -x root -P totvsRepo -p 4022 -N \"mdmrepo\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none\n\n -r apt,jenkins-mdm -j \"{\\\"jenkins_mdm\\\": {\\\"jobs\\\":\\\"BuildMDMRepo\\\", \\\"enable_email_alerting\\\":\\\"1\\\", \\\"enable_job_scheduled\\\":\\\"1\\\"}}\"\n\nhttp://104.236.159.226:18000\nssh -N -p 5022 -f root@104.236.159.226 -L 18080:localhost:18080 -n /bin/bash1\nhttp://127.0.0.1:18080\n*** mdm all-in-one docker test\ndocker pull denny/sshd:latest\n\ndocker run -d --privileged -t -p 2200:22 -i denny/sshd:latest /usr/sbin/sshd -D\n\nknife bootstrap 104.236.180.184 --sudo -x root -P sophia1 -p 2200 -N \"aiodocker\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none -r apt,all-in-one -j \"{\\\"all-in-one\\\": {\\\"mgmt_timeout\\\":\\\"900000\\\", \\\"max_timeout\\\":\\\"960000\\\"}, \\\"app_mdm\\\":{\\\"cb_bucket_retries\\\":\\\"10\\\", \\\"cb_bucket_retryinterval\\\":\\\"10000\\\", \\\"cb_bucket_timeout\\\": \\\"100000\\\"}}\"\n*** mdm local all-in-one test box\n192.168.50.11\n\nknife bootstrap 192.168.50.11 --sudo -x vagrant -P vagrant -p 22 -N \"dennylocalbox\" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none -r apt,all-in-one -j \"{\\\"all-in-one\\\": {\\\"enable_check\\\":\\\"0\\\",\\\"enable_nagios\\\":\\\"0\\\",\\\"mgmt_timeout\\\":\\\"900000\\\", \\\"max_timeout\\\":\\\"960000\\\"}, \\\"app_mdm\\\":{\\\"cb_bucket_retries\\\":\\\"10\\\", \\\"cb_bucket_retryinterval\\\":\\\"10000\\\", \\\"cb_bucket_timeout\\\": \\\"100000\\\"}}\"\n** upload cookbooks by berks\ncd /Users/mac/Dropbox/private_data/project/chef/denny-chef-devops/cookbooks/devops-test\nberks install\nberks upload\nberks upload nagios3\n\n# upload cookbooks by knife\ncd /Users/mac/Dropbox/private_data/work/totvs/code/mdmdevops/cookbooks/\nls -1 | xargs knife cookbook upload -c ~/.chef/knife_mdm.rb --force\nknife cookbook upload -c ~/.chef/knife_mdm.rb backupdir\n\n# delete cookbook\nknife cookbook delete -c ~/.chef/knife_mdm.rb nagios3\n\n# list cookbooks\nknife cookbook list -c ~/.chef/knife_mdm.rb\n** ~/.berkshelf/config.json\n#+BEGIN_EXAMPLE\n{\n \"chef\": {\n \"chef_server_url\": \"https://104.236.159.226:443/organizations/digitalocean\",\n \"node_name\": \"admin\",\n \"client_key\": \"/Users/mac/.chef/chef_dennyzhang.pem\",\n \"validation_client_name\": \"digitalocean-validator\",\n \"validation_key_path\": \"/Users/mac/.chef/dennyzhang-validator.pem\"\n },\n \"ssl\": {\n \"verify\": false\n }\n}\n#+END_EXAMPLE\n** # --8\u003c-------------------------- separator ------------------------\u003e8--\n** DONE apt-get update\n CLOSED: [2015-04-26 Sun 17:21]\n -r apt\n\nTest:\napt-get update\n** DONE [#A] enable email sending by gmail\n CLOSED: [2015-04-24 Fri 11:09]\n -r ssmtp -j \"{\\\"ssmtp\\\": {\\\"credential_method\\\":\\\"plain\\\", \\\"auth_username\\\":\\\"navy.yang007@gmail.com\\\", \\\"auth_password\\\":\\\"file.navy1\\\", \\\"mailhub_name\\\":\\\"smtp.gmail.com\\\", \\\"mailhub_port\\\":587}}\"\n\nTest:\n\n# ssmtp cookbook doesn't come with mailutils package installed\napt-get install mailutils\nyum install mailx\n\necho \"This is a test mail.\" | mail -s \"test mail\" 249950670@qq.com\n** HALF enable nagios3 for monitoring and auto reporting\n -r nagios3 -j \"{\\\"nagios\\\": {\\\"server_ip\\\":\\\"127.0.0.1\\\", \\\"client_ip_list\\\":\\\"127.0.0.1\\\"}}\"\n\nTest:\nhttp://127.0.0.1/nagios\nnagiosadmin/password1234\n** DONE enable backup script\n CLOSED: [2015-04-24 Fri 11:22]\n -r backupdir -j \"{\\\"backupdir\\\": {\\\"dir_list\\\":\\\"/var/www/,/etc\\\"}}\"\n\nTest:\n** DONE enable hostname\n CLOSED: [2015-04-26 Sun 17:24]\n -r hostname -j \"{\\\"set_fqdn\\\": \\\"workstation.mdm.com\\\"}\"\n\nTest:\nhostname -a\nhostname -f\n** setup hub registry\n -r docker-registry2\n** # --8\u003c-------------------------- separator ------------------------\u003e8--\n** HALF enable mdm Jenkins\n -r apt,jenkins-mdm -j \"{\\\"jenkins_mdm\\\": {\\\"jobs\\\":\\\"BuildMDMRepo,UpdateSandboxMDM\\\"}}\"\n** TODO run mdm all-in-one\n -r apt,all-in-one -j \"{\\\"mdm\\\": {\\\"repo_server\\\":\\\"10.165.4.67:18000\\\"}}\"\n** # --8\u003c-------------------------- separator ------------------------\u003e8--\n** DONE [#A] Use osc chef server\n CLOSED: [2015-06-06 Sat 21:31]\ncd /Users/mac/Dropbox/private_data/osc/chef/iamdevops/cookbooks\nls -1 | xargs knife cookbook upload -c ~/.chef/knife_osc.rb --force\n\nknife bootstrap 192.168.1.185 --sudo -x root -P sophia1 -p 4022 -N \"dennytest\" -c ~/.chef/knife_osc.rb -V --node-ssl-verify-mode none -r apt,os-basic-auth -j \"{\\\"os_basic\\\": {\\\"enable_firewall\\\":\\\"0\\\"}}\"\n* [#A] chef: a systems and cloud infrastructure automation framework :IMPORTANT:noexport:\n:PROPERTIES:\n:type: cloud\n:END:\n\nchef's cookbook: /usr/local/src/chef/cookbooks/mycookbook\n| Num | Name | Summary |\n|-----+--------------+------------------------------------------------------------|\n| 1 | Resource | a statement of configuration policy |\n| 2 | Knife | upload items from the chef-repo to the Chef server |\n| 3 | workstation | |\n| 4 | cookbooks | fundamental unit of configuration and policy distribution. |\n|-----+--------------+------------------------------------------------------------|\n| 5 | recipes | |\n| 6 | Attribute | |\n| 7 | Databags | a global variable that is stored as JSON data |\n| 8 | Environments | |\n#+TBLFM: $1=@-1+1;N\n\n- chef server\n| Name | Summary |\n| /var/opt/chef-server | |\n| /var/chef/cache/cookbooks | |\n| /var/log/chef-server | |\n| /etc/chef-server | |\n| chef-server-ctl reconfigure | |\n| rpm -e chef-server | |\n\n- knife\n| Name | Summary |\n|---------------------+-------------------------------------------------------------------------------------------------------|\n| knife client list | |\n| knife user list | |\n| knife node list | |\n| knife cookbook list | |\n|---------------------+-------------------------------------------------------------------------------------------------------|\n| Upload cookbooks | knife cookbook upload -a |\n| Upload Data Bag | knife upload data_bags |\n| Upload Roles | knife role from file base.rb starter.rb webserver.rb |\n| Upload Environments | knife environment from file dev.rb production.rb |\n| Boostrap VM | knife bootstrap \u003cEXTERNAL_ADDRESS\u003e --sudo -x root -P ChangeMe1 -N \"node1\" --bootstrap-version 11.12.8 |\n| Configure Run_list | knife node run_list set node1 'role[webserver]' 'role[cron]' |\n\n- Misc command\n| Command | Summary |\n|-----------------------------------------------------------------------------------+----------------------------------------------------------|\n| chef-server-ctl test | |\n| knife configure --initial | |\n| sudo knife bootstrap 192.168.1.185 -x root -P ChangeMe -N centos --sudo | bootstrap a node |\n| /root/.chef/knife.rb | knife configuration |\n| /etc/chef/client.rb | chef client configuration |\n| knife node edit client1 | |\n|-----------------------------------------------------------------------------------+----------------------------------------------------------|\n| curl https://127.0.0.1:443/clients | |\n| curl https://centos-vm1.novalocal:443 | |\n| open https://FQDN-OR-IP-OF-CHEF-SERVER | admin/p@ssw0rd1; Make sure iptables doesn't ban 443 port |\n|-----------------------------------------------------------------------------------+----------------------------------------------------------|\n| knife cookbook create apache-tutorial-1 -o ./ | |\n| knife upload cookbooks cookbook-test | upload cookbook |\n| knife node run_list add node1.example.com cookbook-test | add run_list of a cookbook to a given node |\n| knife node run_list add centos187.osc.com 'recipe[don_cookbook1::testfile]' | add a recipe of a cookbook to a given node |\n| knife node run_list remove ubuntu.dennyzhang.com 'recipe[fluig-os::conf_history]' | |\n| knife node show dennyubuntu -r | show run_list |\n|-----------------------------------------------------------------------------------+----------------------------------------------------------|\n| chef-client | puppet agent |\n| chef-client -l debug | |\n| chef-client -i 3600 | poll every 3600 seconds for changes |\n| chef-client -S https://XXX -K /etc/chef/chef-validator.pem | |\n\n- The agents can be installed from the workstation using the knife tool that uses SSH for deployment, easing the installation burden.\n** [#A] Linux install chef utility\nhttps://docs.chef.io/install_omnibus.html\n\ncurl -L https://www.opscode.com/chef/install.sh | bash\n*** DONE [#A] install chef facility with given version\n CLOSED: [2016-05-05 Thu 16:45]\nhttp://stackoverflow.com/questions/20205889/how-to-update-the-chef-client-version\n(echo \"version=12.4.1\"; curl -L https://www.opscode.com/chef/install.sh) | sudo bash\n** DONE [#A] Chef server migration/backup/restore from chef 11 to chef 12\n CLOSED: [2015-04-22 Wed 16:53]\nhttp://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html\nhttp://docs.chef.io/server_backup_restore.html\n\n- install new chef server\n\nknife backup export -D ~/chef-backup/ -c ~/.chef/knife-orig.rb\nknife backup restore -D ~/chef-backup -c ~/.chef/knife-new.rb\n*** migration spchef\nmacs-MacBook-Air:.chef mac$ knife node list\n\nmacs-MacBook-Air:.chef mac$ knife backup restore -D ~/chef-backup\nWARNING: This will overwrite existing data!\nDo you want to restore backup, possibly overwriting exisitng data? (Y/N) y\n=== Restoring clients ===\n=== Restoring users ===\nERROR: Failed to create user[admin]: #\u003cNet::HTTPBadRequest:0x007fcbbb44c468\u003e; skipping\nERROR: Failed to create user[dennyadmin]: #\u003cNet::HTTPBadRequest:0x007fcbbb48f3d0\u003e; skipping\nERROR: Failed to create user[kungadmin]: #\u003cNet::HTTPBadRequest:0x007fcbbb4c4990\u003e; skipping\n=== Restoring nodes ===\nRestoring nodes from /Users/mac/chef-backup/nodes/all-in-one-sp.json\nRestoring nodes from /Users/mac/chef-backup/nodes/on-premise-deployment.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_buxeo1mg2tlyoe1q1428409660944.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_cg6b5hwpk56elgr31420578177412.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_hjgyd06p8gc621vq1416950631623.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_j920on7cdlpdb8m41417812176580.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_n90igti0hp4za70j1420656472829.json\nRestoring nodes from /Users/mac/chef-backup/nodes/vapp_yxd6ik7lv9xrapcd1418151775033.json\n=== Restoring roles ===\n=== Restoring data bags ===\n=== Restoring environments ===\n=== Restoring cookbooks ===\nRestoring cookbook [\"all-in-one\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: all-in-one exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nall-in-one:\n /Users/mac/chef-backup/cookbooks/all-in-one\n /Users/mac/chef-backup/cookbooks/all-in-one-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading all-in-one [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"build-iso\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: build-iso exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nbuild-iso:\n /Users/mac/chef-backup/cookbooks/build-iso\n /Users/mac/chef-backup/cookbooks/build-iso-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading build-iso [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"common-server\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: common-server exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\ncommon-server:\n /Users/mac/chef-backup/cookbooks/common-server\n /Users/mac/chef-backup/cookbooks/common-server-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading common-server [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-adsync\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-adsync exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-adsync:\n /Users/mac/chef-backup/cookbooks/fluig-adsync\n /Users/mac/chef-backup/cookbooks/fluig-adsync-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-adsync [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-apache\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-apache exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-apache:\n /Users/mac/chef-backup/cookbooks/fluig-apache\n /Users/mac/chef-backup/cookbooks/fluig-apache-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-apache [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-backup\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-backup exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-backup:\n /Users/mac/chef-backup/cookbooks/fluig-backup\n /Users/mac/chef-backup/cookbooks/fluig-backup-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-backup [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-basic-os\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-basic-os exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-basic-os:\n /Users/mac/chef-backup/cookbooks/fluig-basic-os\n /Users/mac/chef-backup/cookbooks/fluig-basic-os-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-basic-os [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-buildkit\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-buildkit exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-buildkit:\n /Users/mac/chef-backup/cookbooks/fluig-buildkit\n /Users/mac/chef-backup/cookbooks/fluig-buildkit-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-buildkit [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-cluster\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-cluster exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-cluster:\n /Users/mac/chef-backup/cookbooks/fluig-cluster\n /Users/mac/chef-backup/cookbooks/fluig-cluster-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-cluster [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-core\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-core exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-core:\n /Users/mac/chef-backup/cookbooks/fluig-core\n /Users/mac/chef-backup/cookbooks/fluig-core-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-core [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-couchbase\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-couchbase exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-couchbase:\n /Users/mac/chef-backup/cookbooks/fluig-couchbase\n /Users/mac/chef-backup/cookbooks/fluig-couchbase-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-couchbase [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-crontab\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-crontab exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-crontab:\n /Users/mac/chef-backup/cookbooks/fluig-crontab\n /Users/mac/chef-backup/cookbooks/fluig-crontab-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-crontab [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-dev-os\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-dev-os exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-dev-os:\n /Users/mac/chef-backup/cookbooks/fluig-dev-os\n /Users/mac/chef-backup/cookbooks/fluig-dev-os-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-dev-os [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-files\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-files exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-files:\n /Users/mac/chef-backup/cookbooks/fluig-files\n /Users/mac/chef-backup/cookbooks/fluig-files-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-files [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-initialize\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-initialize exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-initialize:\n /Users/mac/chef-backup/cookbooks/fluig-initialize\n /Users/mac/chef-backup/cookbooks/fluig-initialize-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-initialize [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-java\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-java exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-java:\n /Users/mac/chef-backup/cookbooks/fluig-java\n /Users/mac/chef-backup/cookbooks/fluig-java-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-java [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-jenkins\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-jenkins exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-jenkins:\n /Users/mac/chef-backup/cookbooks/fluig-jenkins\n /Users/mac/chef-backup/cookbooks/fluig-jenkins-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-jenkins [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-keystore\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-keystore exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-keystore:\n /Users/mac/chef-backup/cookbooks/fluig-keystore\n /Users/mac/chef-backup/cookbooks/fluig-keystore-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-keystore [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-logrotate\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-logrotate exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-logrotate:\n /Users/mac/chef-backup/cookbooks/fluig-logrotate\n /Users/mac/chef-backup/cookbooks/fluig-logrotate-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-logrotate [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-messaging\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-messaging exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-messaging:\n /Users/mac/chef-backup/cookbooks/fluig-messaging\n /Users/mac/chef-backup/cookbooks/fluig-messaging-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-messaging [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-nagios\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-nagios exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-nagios:\n /Users/mac/chef-backup/cookbooks/fluig-nagios\n /Users/mac/chef-backup/cookbooks/fluig-nagios-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-nagios [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-neo4j\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-neo4j exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-neo4j:\n /Users/mac/chef-backup/cookbooks/fluig-neo4j\n /Users/mac/chef-backup/cookbooks/fluig-neo4j-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-neo4j [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-postcheck\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-postcheck exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-postcheck:\n /Users/mac/chef-backup/cookbooks/fluig-postcheck\n /Users/mac/chef-backup/cookbooks/fluig-postcheck-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-postcheck [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-precheck\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-precheck exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-precheck:\n /Users/mac/chef-backup/cookbooks/fluig-precheck\n /Users/mac/chef-backup/cookbooks/fluig-precheck-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-precheck [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-racagent\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-racagent exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-racagent:\n /Users/mac/chef-backup/cookbooks/fluig-racagent\n /Users/mac/chef-backup/cookbooks/fluig-racagent-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-racagent [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-rest\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-rest exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-rest:\n /Users/mac/chef-backup/cookbooks/fluig-rest\n /Users/mac/chef-backup/cookbooks/fluig-rest-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-rest [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-rmi\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-rmi exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-rmi:\n /Users/mac/chef-backup/cookbooks/fluig-rmi\n /Users/mac/chef-backup/cookbooks/fluig-rmi-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-rmi [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-search\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-search exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-search:\n /Users/mac/chef-backup/cookbooks/fluig-search\n /Users/mac/chef-backup/cookbooks/fluig-search-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-search [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-tomcat\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-tomcat exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-tomcat:\n /Users/mac/chef-backup/cookbooks/fluig-tomcat\n /Users/mac/chef-backup/cookbooks/fluig-tomcat-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-tomcat [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"fluig-vmmanager-webapp\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: fluig-vmmanager-webapp exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nfluig-vmmanager-webapp:\n /Users/mac/chef-backup/cookbooks/fluig-vmmanager-webapp\n /Users/mac/chef-backup/cookbooks/fluig-vmmanager-webapp-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading fluig-vmmanager-webapp [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"ntp\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: ntp exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nntp:\n /Users/mac/chef-backup/cookbooks/ntp\n /Users/mac/chef-backup/cookbooks/ntp-1.6.5\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading ntp [1.6.5]\nUploaded 1 cookbook.\nRestoring cookbook [\"os-security\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: os-security exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nos-security:\n /Users/mac/chef-backup/cookbooks/os-security\n /Users/mac/chef-backup/cookbooks/os-security-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading os-security [0.1.0]\nUploaded 1 cookbook.\nRestoring cookbook [\"squid\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: squid exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nsquid:\n /Users/mac/chef-backup/cookbooks/squid\n /Users/mac/chef-backup/cookbooks/squid-0.5.2\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading squid [0.5.2]\nUploaded 1 cookbook.\nRestoring cookbook [\"vsftpd\"]\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nWARNING: The cookbooks: vsftpd exist in multiple places in your cookbook_path.\nA composite version of these cookbooks has been compiled for uploading.\n\nIMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer\nbe able to have the same version of a cookbook in multiple places in your cookbook_path.\nWARNING: The affected cookbooks are located:\nvsftpd:\n /Users/mac/chef-backup/cookbooks/vsftpd\n /Users/mac/chef-backup/cookbooks/vsftpd-0.1.0\nWARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\nUploading vsftpd [0.1.0]\nUploaded 1 cookbook.\nmacs-MacBook-Air:.chef mac$\n*** TODO [#A] chef_server_url parameter need to be updated\n#+BEGIN_EXAMPLE\nroot@kitchen-identity-sandbox:~# cat /etc/chef/client.rb\ncat /etc/chef/client.rb\nlog_level :info\nlog_location STDOUT\nnode_name 'all-in-one-sp'\nclient_key '/etc/chef/client.pem'\nchef_server_url 'https://104.131.157.119/organizations/digitalocean'\ncache_type 'BasicFile'\nno_lazy_load true\ncache_options( :path =\u003e '/etc/chef/checksums' )\n# TODO: improve later\nssl_verify_mode :verify_none\nno_proxy 'no_proxy'root@kitchen-identity-sandbox:~#\n#+END_EXAMPLE\n*** web page: Migrating from one Chef server to another | ameir dot net\nhttp://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html\n**** webcontent :noexport:\n#+begin_example\nLocation: http://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html\nameir dot net\n\nGet your geek on\n\nGet your geek on\n\nHome » Linux Luvin' » Migrating from one Chef server to another\n\nRecent Posts\n\n * Get nameservers from resolv.conf with Ruby\n * Run multiple ssh commands in parallel with GNU Parallel\n * Elasticsearch cluster administration notes\n * Installing OpenVZ templates in Proxmox\n * IMAP Append – Message contains bare newlines\n\nRecent Comments\n\n * Ameir Abdeldayem on Easy way to backup entire folders\n * Ameir Abdeldayem on Run multiple ssh commands in parallel with GNU Parallel\n * denny on Run multiple ssh commands in parallel with GNU Parallel\n * denny on Easy way to backup entire folders\n * Ivan on Running Proxmox behind a single IP address\n\nSearch for: [ ] Search\nMigrating from one Chef server to another 6\n\n20 Apr, 2014 in Linux Luvin' by Ameir Abdeldayem\n---------------------------------------------------------------------------------------------------\n\nIt happens — you’re on a server that just can’t be upgraded any further, and you need more\nresources.  Or, you need to backup a Chef server.  Or, you need to setup a QA instance.  Or, you\nneed to finally migrate from Chef 10 to Chef 11.  Or, you have one of many other possible reasons,\nbut you need to be able to stand up a new Chef instance, and not have to do a ton of work.  If any\nof that applies to you, then this post is for you.\n\nIn the case where you’re migrating from one Chef server to another (i.e., the old one is going\nbye-bye), it would be very helpful to have your Chef server be CNAMEd (e.g. chef.company.com -\u003e\nvm101.iad.company.com) or behind a load balancer/proxy where you can change targets easily.  That\nway, you won’t need to update the client configs, and it’ll be an easy swap.  Everything should\n“just work” ™.\n\nFirst, we’ll make a copy of your knife.rb:\n\nShell\n[cp -a ~/.chef/knife{]\n\n1 cp -a ~/.chef/knife{,-orig}.rb\n\nNow, we’ll need to get access to your new Chef server via knife.  You can do so by logging in as\nadmin, and regenerating and saving a new private key.  You can also create a new user here instead\nof using admin, but I advise against this, as any user you create will conflict with users of the\nsame name from the old server.  Yes, that means that if you’ve been using ‘admin’ as the main user,\nyou may run into problems (but let’s just hope that you’ve been using per-person accounts).\n\nNow, we’ll update your current knife.rb to reflect the new node information in it:\n\n[... ]\n\n1 ...\n2 node_name 'admin'\n3 client_key '/Users/user/.chef/new-server-admin.pem'\n4 chef_server_url 'https://vm102.iad.company.com'\n5 ...\n\nIt wouldn’t hurt to check that you have access to the new node by doing a  knife user list .\n\nNow, we’ll need to download all of the data from the “old” Chef server.  To do so, we’ll be using\nthe nifty ‘knife backup‘ plugin.  To get it installed on OS X, I did:\n\nShell\n[sudo gem install kni]\n\n1 sudo gem install knife-backup\n\nNow, to finally back things up, we’ll do:\n\nShell\n[knife backup export ]\n\n1 knife backup export -D ~/chef-backup/ -c ~/.chef/knife-orig.rb\n\nNote that the argument after -D is the destination directory where all of the Chef data will go;\nthis directory will automatically be created for you.  The argument of -c tells knife which config\nfile to use; we’ll, of course, be using the “old” server here.  Also, if you only need to backup a\ncertain set of data from your Chef server (e.g. only users and environments), you can specify that.\n See the knife backup documentation for details.\n\nNow that we have all the data we need, we’ll need to push it up to the new server.  This works much\nthe same as the export:\n\nShell\n[knife backup restore]\n\n1 knife backup restore -D ~/chef-backup\n\nI left off the -c here because knife.rb is the default config file.\n\nOnce everything has been restored, your original user in Chef will now be available (you can verify\nthis via the Chef Server UI).  The amazing thing is that your keys have not changed, and can be\nused as-is.  Chef Server keeps track of your public keys, so all of your private keys for all nodes\n/clients are still good.\n\nThis, now, is where you update your knife.rb to reflect your original user settings.  If you’re\nrunning behind a load balancer/proxy, you can simply use your original config as-is after\nreplacing the old server with the new one.  If you’re doing the CNAME/A record route, you can do\nthe same once DNS has propagated.  Otherwise, you can overwrite your new config with your old one,\nand edit it to reflect the new server’s URL.\n\nIf your nodes are pointing to the wrong server in their client.rb, you can use knife ssh with sed\nto find/replace the server URLs.\n\nIf you’ll be accessing multiple Chef servers frequently enough, I highly recommend looking at the\nknife block plugin.  That way, you can switch between different configurations with ease, including\nthose for Berkshelf.\n\n---------------------------------------------------------------------------------------------------\n\nLeave a comment Cancel reply\n\nYour email address will not be published. Required fields are marked *\n\nName * [ ]\n\nEmail * [ ]\n\nWebsite [ ]\n\n [ ]\n [ ]\n [ ]\n [ ]\n [ ]\n [ ]\n [ ]\nComment [ ]\n\nYou may use these HTML tags and attributes: \u003ca href=\"\" title=\"\"\u003e \u003cabbr title=\"\"\u003e \u003cacronym title=\"\"\u003e\n\u003cb\u003e \u003cblockquote cite=\"\"\u003e \u003ccite\u003e \u003ccode class=\"\" title=\"\" data-url=\"\"\u003e \u003cdel datetime=\"\"\u003e \u003cem\u003e \u003ci\u003e \u003cq\ncite=\"\"\u003e \u003cstrike\u003e \u003cstrong\u003e \u003cpre class=\"\" title=\"\" data-url=\"\"\u003e \u003cspan class=\"\" title=\"\" data-url=\"\"\u003e\n\n Post Comment\n\n6 thoughts on “Migrating from one Chef server to another”\n\n * [ea665620]\n Phil Nguyen November 8, 2014 at 2:07 am\n\n Hi Ameir,\n The backup operation completed successfully (i.e. list of folders with json files etc..).\n However, the restore operation failed to process the backup folder as shown below. Do you know\n what am I missing? I will retry this using a Linux box to see if that will help. Thanks for the\n script. It will save a lot of pain if this works.\n\n D:\\P4\\depot\\vault\\main\\hpool\\chef-repo\u003eknife backup restore -D d:\\chef-backup -c C:\\Users\\\n pnguyen\\.chef\\knife.rb\n WARNING: This will overwrite existing data!\n Do you want to restore backup, possibly overwriting exisitng data? (Y/N)Y\n === Restoring clients ===\n === Restoring users ===\n === Restoring nodes ===\n === Restoring roles ===\n === Restoring data bags ===\n === Restoring environments ===\n === Restoring cookbooks ===\n\n * [d8fb36ec]\n Ameir Abdeldayem Post author November 8, 2014 at 2:37 am\n\n Hi Phil,\n\n Could you go into d:\\chef-backup and run knife diff? That’ll compare the local folder with the\n remote server, and let you know if there are differences. It’s possible that the files are the\n same (are you using the correct config file?). You could also try with a trailing slash; I\n don’t have a Windows box to test with, but there may be nuances there. Also, you could use\n knife upload instead of knife backup. The former is essentially what the latter does behind the\n scenes. To try that, go into d:\\chef-backup and do knife upload .. Hopefully that’ll work. Let\n me know if it doesn’t and I’ll try to help out.\n\n -Ameir\n\n * [ea665620]\n Phil Nguyen November 8, 2014 at 3:40 am\n\n Update: FYI, it worked when executing the backup/restore script via Ubuntu workstation. Thank\n you.\n\n * [d8fb36ec]\n Ameir Abdeldayem Post author November 9, 2014 at 2:16 am\n\n Excellent, glad to hear it! There must be an issue on the Windows side of things. Good luck\n with your new Chef server!\n\n * [34890ea3]\n gdanko November 25, 2014 at 5:06 pm\n\n I am seeing this:\n === Restoring cookbooks ===\n Restoring cookbook [“publiccloud_lms_install_jdk”]\n Uploading publiccloud_lms_install_jdk [0.1.0]\n ERROR: Server returned error 500 for https://localhost/sandboxes/\n 00000000000012b561684b15f8b1df3f, retrying 1/5 in 4s\n ERROR: Server returned error 500 for https://localhost/sandboxes/\n 00000000000012b561684b15f8b1df3f, retrying 2/5 in 7s\n ERROR: Server returned error 500 for https://localhost/sandboxes/\n 00000000000012b561684b15f8b1df3f, retrying 3/5 in 13s\n ERROR: Server returned error 500 for https://localhost/sandboxes/\n 00000000000012b561684b15f8b1df3f, retrying 4/5 in 29s\n ERROR: Server returned error 500 for https://localhost/sandboxes/\n 00000000000012b561684b15f8b1df3f, retrying 5/5 in 54s\n ERROR: internal server error\n Response: internal service error\n\n Any idea what could be wrong?\n\n * [d8fb36ec]\n Ameir Abdeldayem Post author November 25, 2014 at 7:31 pm\n\n A 500 error means that something server-side is having issues. Are you able to upload anything\n to your Chef server? Could you also add –verbose to your command to see if it gives any\n additional details?\n\n---------------------------------------------------------------------------------------------------\n\nPost navigation\n\n * ← Change Chef Server settings after installation\n * Enable XHProf for WordPress →\n\n· © 2015 ameir dot net · Designed by Press Customizr ·\n\nBack to top\n\n#+end_example\n** DONE [#A] setup and install chef 12\n CLOSED: [2015-04-22 Wed 16:49]\nhttps://docs.chef.io/install_server.html\n\n# Ubuntu 14.04\nhttp://downloads.chef.io/chef-server/ubuntu/#/\nwget https://web-dl.packagecloud.io/chef/stable/packages/ubuntu/trusty/chef-server-core_12.0.8-1_amd64.deb\n\napt-get update\ndpkg -i chef-server-core_12.0.8-1_amd64.deb\n\nchef-server-ctl reconfigure\n\nchef-server-ctl user-create chef_adminsp denny zhang denny.zhang001@gmail.com filebatpwd1 --filename /tmp/chef_adminsp.pem\nchef-server-ctl org-create digitalocean \"DigitalOcean, Inc.\" --association_user chef_adminsp -f /tmp/digitalocean-validator.pem\n\ncat \u003e ~/.ssh/knife.rb \u003c\u003cEOF\nlog_level :info\nlog_location STDOUT\nnode_name 'admin'\nclient_key '/Users/mac/.chef/admin.pem'\nvalidation_client_name 'digitalocean-validator'\nvalidation_key '/Users/mac/.chef/digitalocean-validator.pem'\nchef_server_url 'https://104.131.157.119/organizations/digitalocean'\nsyntax_check_cache_path '/Users/mac/.chef/syntax_check_cache'\nssl_verify_mode :verify_none\nEOF\n*** [#A] web page: How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers | DigitalOcean\nhttps://www.digitalocean.com/community/tutorials/how-to-set-up-a-chef-12-configuration-management-system-on-ubuntu-14-04-servers\n**** webcontent :noexport:\n#+begin_example\nLocation: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-chef-12-configuration-management-system-on-ubuntu-14-04-servers\njellingwood\nBy:\nJustin Ellingwood\nMarch 3, 2015\nHeartedHeart\n7\n1\nShare\n\n *\n *\n *\n *\n\nContents\nView All Results\nSign Up Log In\n\n[ ] submit\n * Tutorials\n * Questions\n * Projects\n * Main Site\n\n Community\nMenu\n\n * Tutorials\n * Questions\n * Projects\n * Main Site\n\nSign Up Log In\n[ ] submit\nHow To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers\n\nTutorial Series\n\nThis tutorial is part 2 of 8 in the series: Getting Started Managing Your Infrastructure Using Chef\n\nGetting Started Managing Your Infrastructure Using Chef\n\nChef is a powerful configuration management system that can be used to programmatically control\nyour infrastructure environment. Leveraging the Chef system allows you to easily recreate your\nenvironments in a predictable manner by automating the entire system configuration. In this series,\nwe will introduce you to Chef concepts and demonstrate how to install and utilize the its powerful\nfeatures to manage your servers.\n\n 1. How To Understand the Chef Configuration Environment on a VPS\n\n November 20, 2013\n 7\n 1\n By Justin Ellingwood\n 2. How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers\n\n March 2, 2015\n 7\n 1\n By Justin Ellingwood\n 3. How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances\n\n January 30, 2014\n 5\n 33\n By Justin Ellingwood\n 4. How To Create Simple Chef Cookbooks to Manage Infrastructure on Ubuntu\n\n February 3, 2014\n 9\n 12\n By Justin Ellingwood\n 5. How To Use Roles and Environments in Chef to Control Server Configurations\n\n February 4, 2014\n 5\n 5\n By Justin Ellingwood\n 6. How To Use the DigitalOcean Plugin for Knife to Manage Droplets in Chef\n\n February 9, 2014\n 3\n 6\n By Justin Ellingwood\n 7. How To Manage Your Cluster with Chef and Knife on Ubuntu\n\n October 30, 2014\n 0\n 0\n By Nik Wakelin\n 8. How To Automatically Add New Droplets to your Configuration Management System\n\n February 25, 2015\n 3\n 0\n By Justin Ellingwood\n\nPrevious Tutorial Next Tutorial\n\nIntroduction\n\nAs your infrastructure requirements expand, managing each server by hand becomes an increasingly\ndifficult task. This difficulty is compounded by the requirement for reproducibility, which becomes\nnecessary if a node fails or if horizontal scaling is needed.\n\nConfiguration management solutions are designed to address these issues by turning your\ninfrastructure administration into a code base. Instead of performing individual tasks on a number\nof machines, these tools allow you to commit your requirements to a central location where each\ncomponent can connect, pull down their configuration, and apply it.\n\nIn a previous guide, we talked, on a conceptual level, about the general structure of Chef\ncomponents and the way in which they interact to achieve the administrator's objectives. We talked\nabout relevant terminology and discussed the responsibility of each piece.\n\nIn this guide, we will install the actual software. We will set up a centralized Chef server which\nwill store and serve configuration instructions and node profiling information. We will also set up\na workstation where the administrator can work with the code base and alter the characteristics of\nthe infrastructure. We will follow this up by bootstrapping a new node to bring it under the\nmanagement of the Chef ecosystem.\n\nPrerequisites and Goals\n\nWe will be setting up version 12 of Chef in this guide. Configuration can be significantly\ndifferent between versions, so ensure that you are operating within the same major version number\nas this guide for best results.\n\nThe Chef documentation tells us that your Chef server should have at least 4 cores and 4 GB of RAM.\nIt should also have a 64-bit operating system. For our guide, we will be using an 4 core / 8 GB\nDigitalOcean Droplet with 64-bit Ubuntu 14.04.\n\nThe workstation and nodes have very few requirements. We will use Ubuntu 14.04 on those as well for\nconsistency.\n\nWhen we are finished, we will have a centralized Chef server to store and serve our configuration\ndata. Our workstation will be used to make changes, upload them to the server, and bootstrap and\nmanage new nodes. The node represents a single server within our infrastructure.\n\nConfigure the Chef Server\n\nWe will begin by setting up the Chef server. Remember, Chef recommends at least 4 cores and 4 GB of\nRAM for this server, so plan accordingly.\n\nEnsure that the Server is Accessible by Hostname\n\nOnce you are logged into the server you plan on installing the Chef server onto, the first task you\nneed to perform is to ensure that the hostname of the server is a resolvable fully qualified domain\nname (FQDN) or IP address. You can check this by typing:\n\nhostname -f\n\nThe result should be an address where the server can be reached. If this is not the case, you can\nset this to a domain name or IP address where the server can be reached by editing this file:\n\nsudo nano /etc/hosts\n\nThe file will look similar to this:\n\n127.0.1.1 current_hostname current_hostname_alias\n127.0.0.1 localhost\n\n. . .\n\nModify the top line to reflect the fully qualified domain name or the IP address, followed by a\nspace and any alias you want to use for your host. Add a line beneath the two lines shown that has\nyour server's public IP address in the first column, and the information that you modified at the\nend of the 127.0.1.1 line to the end. It should look something like this:\n\n127.0.1.1 fqdn_or_IP_address host_alias\n127.0.0.1 localhost\nIP_address fqdn_or_IP_address host_alias\n\nSo, if I do not have a domain name, my public IP address is 123.123.123.123, and if I also want my\nhost reachable by the hostname \"chef\", I could have a file that looks like this:\n\n127.0.1.1 123.123.123.123 chef\n127.0.0.1 localhost\n123.123.123.123 123.123.123.123 chef\n\nIf, on the other hand, this server has the fully qualified domain name of chef.example.com and an\nIP address of 234.234.234.234, my file might look something like this instead:\n\n127.0.1.1 chef.example.com chef\n127.0.0.1 localhost\n234.234.234.234 chef.example.com chef\n\nSave and close the file when you are finished. You can check that the value was set correctly by\ntyping:\n\nhostname -f\n\nThe result should be a value that you can use to reach your Chef server from anywhere in your\ninfrastructure.\n\nDownload and Install the Chef 12 Server software\n\nNext, we can go ahead and download the Chef 12 server software. You can find the package that must\nbe installed by visiting the Chef site. Specifically, for an Ubuntu installation, you can follow\nthis link.\n\nUnder the \"Ubuntu Linux 14.04\" header, right-click on the download link and copy the link location:\n\nChef server download\n\nBack on your server, change to your home directory. Paste the link you copied and use the wget\ncommand to download the package. The link you copied may be different from the one below if there\nhas been a minor version update since this writing:\n\ncd ~\nwget https://web-dl.packagecloud.io/chef/stable/packages/ubuntu/trusty/chef-server-core_12.0.5-1_amd64.deb\n\nOnce the download is complete, install the package by typing:\n\nsudo dpkg -i chef-server-core_*.deb\n\nThis will install the base Chef 12 system onto the server. If you have selected a server with less\npowerful hardware than the recommended amount, this step may fail.\n\nOnce the installation is complete, you must call the reconfigure command, which configures the\ncomponents that make up the server to work together in your specific environment:\n\nsudo chef-server-ctl reconfigure\n\nCreate an Admin User and Organization\n\nNext, we need to create an admin user. This will be the username that will have access to make\nchanges to the infrastructure components in the organization we will be creating.\n\nWe can do this using the user-create subcommand of the chef-server-ctl command. The command\nrequires a number of fields to be passed in during the creation process. The general syntax is:\n\nchef-server-ctl user-create USERNAME FIRST_NAME LAST_NAME EMAIL PASSWORD\n\nWe will include this information, and will also add -f, an additional flag, onto the end in order\nto specify a filename in which to output our new user's private RSA key. We will need this in order\nto authenticate using the knife management command later.\n\nFor our example, we will create a user with the following information:\n\n * Username: admin\n * First Name: admin\n * Last Name: admin\n * Email: admin@example.com\n * Password: examplepass\n * Filename: admin.pem\n\nThe command needed to create a user with this information is (you should change this to reflect\nyour information, especially the password):\n\nsudo chef-server-ctl user-create admin admin admin admin@example.com examplepass -f admin.pem\n\nYou should now have a private key called admin.pem in your current directory.\n\nNow that you have a user, you can create an organization with the org-create subcommand. An\norganization is simply a grouping of infrastructure and configuration within Chef. The command has\nthe following general syntax:\n\nchef-server-ctl org-create SHORTNAME LONGNAME --association_user USERNAME\n\nThe short name is the name that you will use to refer to the organization from within Chef. The\nlong name is the actual name of the organization. The --association_user specifies the username\nthat has access to administer the organization. Again, we will add the -f flag so that we can\nspecify the name of the file to place the private key. The key that will be created is used to\nvalidate new clients as part of the organization until they can get their own unique client key.\n\nWe will create an organization with the following qualities:\n\n * Short Name: digitalocean\n * Long Name: DigitalOcean, Inc.\n * Association User: admin\n * Filename: digitalocean-validator.pem\n\nTo create an organization with the above qualities, we will use the following command:\n\nsudo chef-server-ctl org-create digitalocean \"DigitalOcean, Inc.\" --association_user admin -f digitalocean-validator.pem\n\nFollowing this, you should have two .pem key files in your home directory. In our case, they will\nbe called admin.pem and digitalocean-validator.pem. We will need to connect to this server and\ndownload these keys to our workstation momentarily. For now though, our Chef server installation is\ncomplete.\n\nConfigure a Chef Workstation\n\nNow that our Chef server is up and running, our next course of action is to configure a\nworkstation. The actual infrastructure coordination and configuration does not take place on the\nChef server. This work is done on a workstation which then uploads the data to the server to\ninfluence the Chef environment.\n\nClone the Chef Repo\n\nThe Chef configuration for your infrastructure is maintained in a hierarchical file structure known\ncollectively as a Chef repo. The general structure of this can be found in a GitHub repository\nprovided by the Chef team. We will use git to clone this repo onto our workstation to work as a\nbasis for our infrastructure's Chef repository.\n\nFirst, we need to install git through the apt packaging tools. Update your packaging index and\ninstall the tool by typing:\n\nsudo apt-get update\nsudo apt-get install git\n\nOnce you have git installed, you can clone the Chef repository onto your machine. For this guide,\nwe will simply clone it to our home directory:\n\ncd ~\ngit clone https://github.com/chef/chef-repo.git\n\nThis will pull down the basic Chef repo structure into a directory called chef-repo in your home\ndirectory.\n\nPutting your Chef Repo Under Version Control\n\nThe configurations authored within the Chef repo itself are best managed within a version control\nsystem in the same way that you would manage code. Since we cloned the repo above, a git repo has\nalready been initialized.\n\nTo set your workstation up for new commits, you should do a few things.\n\nFirst, set the name and email that git will use to tag any commits you make. This is a requirement\nfor git to accept commits. We set this globally so that any git repo we create will use these\nvalues:\n\ngit config --global user.name \"Your Name\"\ngit config --global user.email \"username@domain.com\"\n\nNext, we will tell git to ignore any information contained within the ~/chef-repo/.chef directory.\nWe will create this directory in a few minutes to store some sensitive information. For now, we can\nadd this location to our .gitignore file so that git does not store data that should not be exposed\nto other people:\n\necho \".chef\" \u003e\u003e ~/chef-repo/.gitignore\n\nSince we have made a change to the .gitignore file, we can go ahead and make our first new commit\nto the version control system. First, add all of the modified files to the current staging area:\n\ncd ~/chef-repo\ngit add .\n\nNow, commit the changes. We will use the -m flag to specify an in-line commit message describing\nthe changes we are making:\n\ngit commit -m \"Excluding the ./.chef directory from version control\"\n\nOur Chef repo is now under version control. As we author configurations for our infrastructure, we\ncan use the above two commands to keep our git repo up-to-date.\n\nDownload and Install the Chef Development Kit\n\nNext, we need to install the Chef Development Kit, a suite of software designed for Chef\nworkstations. This includes many utilities that will be useful when designing configurations for\nyour infrastructure. The tool we are interested in at this point is the bundled knife command,\nwhich can communicate with and control both the Chef server and any Chef clients.\n\nWe can find the Chef 12 Development Kit on the Chef website. Since we are using Ubuntu 14.04 as our\nworkstation, the page here will contain the latest download link. Note that at the time of this\nwriting, the download link only references Ubuntu 12.04 and Ubuntu 13.10, but it should still\ninstall without issue on Ubuntu 14.04.\n\nRight-click on the download button under \"Ubuntu Linux\" and copy the link location:\n\nUbuntu Chef dev kit\n\nBack on your workstation, change to your home directory. Paste the link you copied and use the wget\ncommand to download the package. The link you copied may be different from the one below if a newer\ndevelopment kit version has been released:\n\ncd ~\nwget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chefdk_0.4.0-1_amd64.deb\n\nOnce the .deb package has been downloaded, you can install it by typing:\n\nsudo dpkg -i chefdk_*.deb\n\nAfter the installation, you can verify that all of the components are available in their expected\nlocation through the new chef command:\n\nchef verify\n\nIf your workstation will primarily be used to manage Chef for your infrastructure, you will likely\nwant to default to the version of Ruby installed with Chef. You can do this by modifying your\n.bash_profile so that Chef's Ruby takes precedence:\n\necho 'eval \"$(chef shell-init bash)\"' \u003e\u003e ~/.bash_profile\n\nAfterwards, you can source your .bash_profile file to set the correct environmental variables for\nthe current session:\n\nsource ~/.bash_profile\n\nIf you wish to manage your Ruby versions independently, you can skip the above steps.\n\nDownload the Authentication Keys to the Workstation\n\nAt this point, your workstation has all of the software needed to interact with a Chef server and\ncompose infrastructure configurations. However, it is not yet configured to interact with your Chef\nserver and your environment. In this section, we'll download the credentials we created on the Chef\nserver.\n\nWe will use the scp utility to download the user key and the organization validator key that we\ncreated on the Chef server. Before doing so, we will create the hidden directory where we will\nstore these files:\n\nmkdir ~/chef-repo/.chef\n\nThe method that you use to connect to the Chef server will determine how exactly we go about\ndownloading the keys. Follow the method below that matches your setup:\n\nHow To Download Keys when Connecting to a Chef Server with Passwords\n\nIf you connect to your Chef server through SSH using password-based authentication, the scp command\nwill work without significant modification.\n\nOn your workstation, specify the username and domain name or IP address used to connect to the Chef\nserver. Follow this immediately with a colon (:) and the path to the file you wish to download.\nAfter adding a space, indicate the directory on the local computer where you wish the download the\nfiles to be placed (~/chef-repo/.chef in our case).\n\nIf you log into the Chef server using the root user account, your commands will look something like\nthis. Remember to change both the domain name or IP address and the name of the key files you are\ntrying to download to match your environment:\n\nscp root@server_domain_or_IP:/root/admin.pem ~/chef-repo/.chef\nscp root@server_domain_or_IP:/root/digitalocean-validator.pem ~/chef-repo/.chef\n\nIf you connect to your Chef server using a non-root user, the commands will look more like this:\n\nscp username@server_domain_or_IP:/home/username/admin.pem ~/chef-repo/.chef\nscp username@server_domain_or_IP:/home/username/digitalocean-validator.pem ~/chef-repo/.chef\n\nHow To Download Keys when Connecting to a Chef Server Using SSH Keys\n\nIf, instead, you connect to your Chef server using SSH keys (recommended), you will need to perform\nsome additional steps.\n\nFirst, leave your SSH session with the workstation. We will need to reconnect momentarily with a\nnew parameter:\n\nexit\n\nOnce you are back on your local computer, you will need to add the SSH keys you use to connect to\nthe Chef server to an SSH agent. OpenSSH, the standard SSH suite, includes an SSH agent that can be\nstarted by typing:\n\neval $(ssh-agent)\n\nYou should see output that looks like this (the number will likely be different):\n\nAgent pid 13881\n\nOnce the agent is started, you can add your SSH key to it:\n\nssh-add\n\nIdentity added: /home/demo/.ssh/id_rsa (rsa w/o comment)\n\nThis will keep your SSH key stored in memory. Now, you can forward the stored key to your\nworkstation as you connect by using the -A option with ssh. This will allow you to connect to any\ncomputer from your workstation as if you were connecting from your local computer:\n\nssh -A username@workstation_domain_or_IP\n\nNow, you can connect to your Chef server without needing a password using the forwarded SSH\ncredentials. If the keys on your Chef server were available through the root user, the commands you\nwill need will look similar to this. Remember to change the Chef server domain name or IP address\nand the key names as needed:\n\nscp root@server_domain_or_IP:/root/admin.pem ~/chef-repo/.chef\nscp root@server_domain_or_IP:/root/digitalocean-validator.pem ~/chef-repo/.chef\n\nIf the SSH key configured for the Chef server instead is used to authenticate you to a regular user\naccount, your commands will look like this instead:\n\nscp username@server_domain_or_IP:/home/username/admin.pem ~/chef-repo/.chef\nscp username@server_domain_or_IP:/home/username/digitalocean-validator.pem ~/chef-repo/.chef\n\nConfiguring Knife to Manage your Chef Environment\n\nNow that you have your Chef credentials available on your workstation, we can configure the knife\ncommand with the information it needs to connect to and control your Chef infrastructure. This is\ndone through a knife.rb file that we will place in the ~/chef-repo/.chef directory along with our\nkeys.\n\nOpen up a file called knife.rb in that directory in your text editor:\n\nnano ~/chef-repo/.chef/knife.rb\n\nIn this file, paste the following information:\n\ncurrent_dir = File.dirname(__FILE__)\nlog_level :info\nlog_location STDOUT\nnode_name \"name_for_workstation\"\nclient_key \"#{current_dir}/name_of_user_key\"\nvalidation_client_name \"organization_validator_name\"\nvalidation_key \"#{current_dir}/organization_validator_key\"\nchef_server_url \"https://server_domain_or_IP/organizations/organization_name\"\nsyntax_check_cache_path \"#{ENV['HOME']}/.chef/syntaxcache\"\ncookbook_path [\"#{current_dir}/../cookbooks\"]\n\nThe following items should be adjusted to suit your infrastructure:\n\n * node_name: This specifies the name that knife will use to connect to your Chef server. This\n should match your user name.\n * client_key: This should be the name and path to the user key that you copied over from the Chef\n server. We can use the #{current_dir} snippet to fill in the path if the key is in the same\n directory as the knife.rb file.\n * validation_client_name: This is the name of the validation client that knife will use to\n bootstrap new nodes. This will take the form of your organization short name, followed by\n -validator.\n * validation_key: Like the client_key, this includes the name and path to the validation key you\n copied from the Chef server. Again, you can use the #{current_dir} Ruby snippet to specify the\n current directory if the validation key is in the same directory as the knife.rb file.\n * chef_server_url: This is the URL where the Chef server can be reached. It should begin with\n https://, followed by your Chef server's domain name or IP address. Afterwards, the path to\n your organization should be specified by appending /organizations/your_organization_name.\n\nFor our guide, the knife.rb file will look similar to this. You still need to adjust the server's\ndomain name or IP address if you are following along:\n\ncurrent_dir = File.dirname(__FILE__)\nlog_level :info\nlog_location STDOUT\nnode_name \"admin\"\nclient_key \"#{current_dir}/admin.pem\"\nvalidation_client_name \"digitalocean-validator\"\nvalidation_key \"#{current_dir}/digitalocean-validator.pem\"\nchef_server_url \"https://server_domain_or_IP/organizations/digitalocean\"\nsyntax_check_cache_path \"#{ENV['HOME']}/.chef/syntaxcache\"\ncookbook_path [\"#{current_dir}/../cookbooks\"]\n\nWhen you are finished, save and close the knife.rb file.\n\nNow, we will test the configuration file by trying out a simple knife command. We need to be in our\n~/chef-repo directory for our configuration file to be read correctly:\n\ncd ~/chef-repo\nknife client list\n\nThis first attempt should fail with an error that looks like this:\n\nERROR: SSL Validation failure connecting to host: server_domain_or_IP - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed\nERROR: Could not establish a secure connection to the server.\nUse `knife ssl check` to troubleshoot your SSL configuration.\nIf your Chef Server uses a self-signed certificate, you can use\n`knife ssl fetch` to make knife trust the server's certificates.\n\nOriginal Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed\n\nThis occurs because we do not have our Chef server's SSL certificate on our workstation. We can\nacquire this by typing:\n\nknife ssl fetch\n\nThis should add the Chef server's certificate file to a list in our ~/chef-repo/.chef directory:\n\nWARNING: Certificates from server_domain_or_IP will be fetched and placed in your trusted_cert\ndirectory (/home/demo/chef-repo/.chef/trusted_certs).\n\nKnife has no means to verify these are the correct certificates. You should\nverify the authenticity of these certificates after downloading.\n\nAdding certificate for server_domain_or_IP in /home/demo/chef-repo/.chef/trusted_certs/server_domain_or_IP.crt\n\nAfter the SSL certificate has been fetched, the previous command should now work:\n\nknife client list\n\ndigitalocean-validator\n\nIf the above command correctly returns, your workstation is now set up to control your Chef\nenvironment.\n\nBootstrapping a New Node with Knife\n\nWith our Chef server and workstation configured, we can begin using Chef to configure new servers\nwithin our infrastructure.\n\nThis happens through a process called \"bootstrapping\" in which the Chef client executable is\ninstalled on the new computer and the organizational validator key is passed along as well. The new\nnode then contacts the Chef server with the validator key and, in return, receives its own unique\nclient key and any configuration that has been assigned to it. This process gets the new server\ninto its initial state and sets it up for any future management.\n\nTo connect to the new server, we will need a few pieces of information about the new node:\n\n * The domain name or IP address where it can be reached\n * The username used to complete administrative actions. This can be either root, or a user\n configured with sudo privileges.\n * A method of logging in as the above user. This can be either the password, or the ability to\n use an SSH key.\n * A method of performing administrative tasks. For root users, this is unnecessary. For users\n relying on sudo privileges, a password is generally necessary.\n\nThe general syntax of the command will be:\n\nknife bootstrap node_domain_or_IP [options]\n\nSome common options you may end up using are:\n\n * -x: Used to specify the username to authenticate with through SSH. This is usually required.\n * -N: The new name for the node, as displayed within Chef. Leaving this out will usually result\n in the hostname being used for the Chef node name.\n * -P: Used to specify the password for the username on the remote server. This is necessary if\n either the SSH session requires password authentication or if the username requires a password\n for sudo commands.\n * --sudo: If the username on the remote server will need to use sudo to perform administrative\n actions, this flag is needed. By default, it will prompt for the sudo password.\n * --use-sudo-password: If you are already providing the password for the user with the -P flag,\n using this flag in addition to the --sudo flag will use the -P password without prompting.\n * -A: This option forwards SSH keys to the remote host to login rather than using password\n authentication.\n\nWhen using the -A option, you must start an SSH agent on your local computer, add the SSH key that\ncan be used to connect to the new node, and forward that information to your workstation by\nconnecting with the -A flag initially. More information about how to do this can be found in the\nworkstation configuration section regarding downloading the keys from the Chef server.\n\nUsing the above information, it is possible to construct the correct bootstrapping commands for a\nvariety of situations.\n\nFor example, to bootstrap a node with the name \"testing\", using the username demo, which is\nconfigured with sudo privileges, and which needs a password for SSH and the sudo validation, we can\ntype:\n\nknife bootstrap node_domain_or_IP -N testing -x demo -P password --sudo --use-sudo-password\n\nIf we want to bootstrap using the root user, with SSH key authentication using keys available on\nthe workstation, and wish to keep use the node's hostname as the Chef node name, we can type:\n\nknife bootstrap node_domain_or_IP -x root -A\n\nIf we want to use SSH keys to authenticate to a sudo user, we will still need to provide a password\nusing the -P flag, the --sudo flag, and the --use-sudo-password flag to avoid prompts:\n\nknife bootstrap node_domain_or_IP -x demo -A -P password --sudo --use-sudo-password -N name\n\nIf you are in the above scenario, but do not mind being promted for the sudo password, you can\ninstead just type this:\n\nknife bootstrap node_domain_or_IP -x demo -A --sudo -N name\n\nOnce your new node is bootstrapped, you should have a new client:\n\nknife client list\n\ndigitalocean-validator\nname\n\nYou should also have a new node of the same name:\n\nknife node list\n\nname\n\nYou can use the above procedure to easily set up new Chef clients on any number of new servers.\n\nIf you want to learn about how to automatically add your new DigitalOcean Droplets to your existing\nChef infrastructure without having to bootstrap each one, check out this tutorial.\n\nConclusion\n\nAfter following this guide, you should have a fully functional Chef server configured for your\ninfrastructure. We have also set up a workstation that can be used to manage and maintain the\nconfigurations that Chef will apply to your infrastructure. We have demonstrated how to use the\nknife command to bootstrap the servers that will be configured by Chef.\n\nIn the next guide, we will demonstrate how to design configurations for your nodes using some Chef\nconstructs. We will go over the fundamentals of Chef recipes and cookbooks as ways to control your\ninfrastructure with declarative configs.\n\nTags: Configuration Management, Chef Distribution: Ubuntu\njellingwood\nBy: Justin Ellingwood\nHeartedHeart\n7\nSubscribe Subscribed\n\nShare\n\n *\n *\n *\n *\n\nTutorial Series\n\nGetting Started Managing Your Infrastructure Using Chef\n\nChef is a powerful configuration management system that can be used to programmatically control\nyour infrastructure environment. Leveraging the Chef system allows you to easily recreate your\nenvironments in a predictable manner by automating the entire system configuration. In this series,\nwe will introduce you to Chef concepts and demonstrate how to install and utilize the its powerful\nfeatures to manage your servers.\n\n 1. How To Understand the Chef Configuration Environment on a VPS\n\n November 20, 2013\n 7\n 1\n By Justin Ellingwood\n 2. How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers\n\n March 2, 2015\n 7\n 1\n By Justin Ellingwood\n 3. How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances\n\n January 30, 2014\n 5\n 33\n By Justin Ellingwood\n 4. How To Create Simple Chef Cookbooks to Manage Infrastructure on Ubuntu\n\n February 3, 2014\n 9\n 12\n By Justin Ellingwood\n 5. How To Use Roles and Environments in Chef to Control Server Configurations\n\n February 4, 2014\n 5\n 5\n By Justin Ellingwood\n 6. How To Use the DigitalOcean Plugin for Knife to Manage Droplets in Chef\n\n February 9, 2014\n 3\n 6\n By Justin Ellingwood\n 7. How To Manage Your Cluster with Chef and Knife on Ubuntu\n\n October 30, 2014\n 0\n 0\n By Nik Wakelin\n 8. How To Automatically Add New Droplets to your Configuration Management System\n\n February 25, 2015\n 3\n 0\n By Justin Ellingwood\n\nNeed a Server?\n\nWe offer cloud servers that are quick to set up and easy to manage. Spin one up now for as little\nas $5/mo.\n\nStart Here\n\nRelated Tutorials\n\n * How To Use Roles and Environments in Chef to Control Server Configurations\n * How To Automatically Add New Droplets to your Configuration Management System\n * 5 Ways to Improve your Production Web Application Server Setup\n * How to Use Puppet to Manage WordPress Themes and Plugins on Ubuntu 14.04\n * How To Create an Ansible Playbook To Automate Drupal Installation on Ubuntu 14.04\n\n1 Comment\n\n[ ]\nLog In to Comment\n Load\n\nCreative Commons License\nThis work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0\nInternational License.\nCopyright © 2015 DigitalOcean™ Inc.\n\n * Community\n * Tutorials\n * Questions\n * Projects\n * Tags\n * Terms, Privacy, \u0026 Copyright\n * Security\n\nSign Up\n\nNot so fast, you must have an account before you can do that.\nLog In Create Account\n\n#+end_example\n** DONE Install chef server 11\n CLOSED: [2015-04-22 Wed 18:15]\n*** web page: How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances | DigitalOcean\nhttps://www.digitalocean.com/community/tutorials/how-to-install-a-chef-server-workstation-and-client-on-ubuntu-vps-instances\n**** webcontent :noexport:\n#+begin_example\nLocation: https://www.digitalocean.com/community/tutorials/how-to-install-a-chef-server-workstation-and-client-on-ubuntu-vps-instances\njellingwood\nBy:\nJustin Ellingwood\nJan 30, 2014\nHeartedHeart\n5\n31\nShare\n\n *\n *\n *\n *\n\nContents\nView All Results\nSign Up Log In\n\n[ ] submit\n * Tutorials\n * Questions\n * Projects\n * Main Site\n\n Community\nMenu\n\n * Tutorials\n * Questions\n * Projects\n * Main Site\n\nSign Up Log In\n[ ] submit\nHow to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances\n\nTutorial Series\n\nThis tutorial is part 3 of 8 in the series: Getting Started Managing Your Infrastructure Using Chef\n\nGetting Started Managing Your Infrastructure Using Chef\n\nChef is a powerful configuration management system that can be used to programmatically control\nyour infrastructure environment. Leveraging the Chef system allows you to easily recreate your\nenvironments in a predictable manner by automating the entire system configuration. In this series,\nwe will introduce you to Chef concepts and demonstrate how to install and utilize the its powerful\nfeatures to manage your servers.\n\n 1. How To Understand the Chef Configuration Environment on a VPS\n\n November 20, 2013\n 7\n 1\n By Justin Ellingwood\n 2. How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers\n\n March 2, 2015\n 7\n 1\n By Justin Ellingwood\n 3. How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances\n\n January 30, 2014\n 5\n 33\n By Justin Ellingwood\n 4. How To Create Simple Chef Cookbooks to Manage Infrastructure on Ubuntu\n\n February 3, 2014\n 9\n 12\n By Justin Ellingwood\n 5. How To Use Roles and Environments in Chef to Control Server Configurations\n\n February 4, 2014\n 5\n 5\n By Justin Ellingwood\n 6. How To Use the DigitalOcean Plugin for Knife to Manage Droplets in Chef\n\n February 9, 2014\n 3\n 6\n By Justin Ellingwood\n 7. How To Manage Your Cluster with Chef and Knife on Ubuntu\n\n October 30, 2014\n 0\n 0\n By Nik Wakelin\n 8. How To Automatically Add New Droplets to your Configuration Management System\n\n February 25, 2015\n 3\n 0\n By Justin Ellingwood\n\nPrevious Tutorial Next Tutorial\n\nNote: This guide is targeted at Chef 11. The Chef 12 platform introduces some significant\nconfiguration differences. You can find a guide on how to set up a Chef 12 server, workstation, and\nnode here.\n\nIntroduction\n\n---------------------------------------------------------------------------------------------------\n\nAs your organizational structure grows and the separate components necessary to manage your\nenvironment expand, administering each server and service can become unmanageable.\n\nConfiguration management solutions are designed to simplify the management of systems and\ninfrastructure. The goal of configuration management tools are to allow you to manage your\ninfrastructure as a code base. Chef is a configuration management solution that allows you to\nmanage large numbers of servers easily.\n\nIn a previous guide, we discussed the general structure of the Chef components and the way the\nsystem operates on a conceptual level. We went over some key terminology and the relationship\nbetween many different components.\n\nIn this guide, we will work to install a small Chef 11 setup. This will be one Chef server used to\nstore configuration data and administer access rights. This will serve as a hub for our other\nmachines.\n\nWe will also install a workstation that will allow us to interact with our server and build our\nconfiguration policies. This is where we will do the work to manage our infrastructure environment.\n\nFinally, we will bootstrap a node, which will represent one of the servers in our organization that\nwill be managed through Chef. We will do this using the server and workstation that we configured.\n\nAll three of these machines will be using Ubuntu 12.04 x86_64 VPS instances for simplicity's sake.\nWe will be targeting the Chef 11 release as it is stable and well tested.\n\nServer Installation\n\n---------------------------------------------------------------------------------------------------\n\nThe first component that we need to get online is the Chef server. Because this is central to the\ncommunication of our other components, it needs to be available for our other machines to complete\ntheir setup.\n\nBefore doing this, it is important to set up a domain name for your Chef server to resolve requests\ncorrectly. You can see our guide on getting a domain name set up with DigitalOcean here.\n\nIf you do not have a domain name, you will need to edit the /etc/hosts file on each of the VPS\ninstances that you will be using, so that they can all resolve the Chef server by name. If you do\nhave a domain name, this should only be necessary on the VPS you will be using as the Chef server.\nYou can do this by typing this on the VPS you will use as the Chef server:\n\nsudo nano /etc/hosts\n\nInside, add the IP address of this computer and then the name you would like to use to connect to\nthe server. You can then add a short name after that. Something like this:\n\n111.222.333.444 chef.domain.com chef\n\nChange the 111.222.333.444 to your Chef server's IP address and change the other two values to\nwhatever you'd like to use to refer to your server as. Add this line to point to your Chef server\nto this file on each of the machines you plan to use if you are not using a domain name.\n\nYou can check that this is setup correctly by typing:\n\nhostname -f\n\nThis should give you the name that is used to reach this server.\n\nYou can get the chef server package by visiting this page in your web browser.\n\nClick on the \"Chef Server\" tab and then select the menus that match your operating system:\n\nChef server select operating system\n\nSelect the most recent version of the Chef 11 server available to you on the right-hand side:\n\nChef server newest\n\nYou will be presented with a link to a deb file. Right-click on this and select the option that is\nsimilar to \"copy link location\".\n\nIn the VPS instance that you will be using as the server, change to your user's home directory and\nuse the wget utility to download the deb. At the time of this writing, the most recent link is\nthis:\n\ncd ~\nwget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.10-1.ubuntu.12.04_amd64.deb\n\nThis will download the installation package that you can then install like this:\n\nsudo dpkg -i chef-server*\n\nThis will install the server component on this machine.\n\nIt prints to the screen afterwards that you should run this next command to actually configure the\nservice around your specific machine. This will configure everything automatically:\n\nsudo chef-server-ctl reconfigure\n\nOnce this step is complete, the server should be up and running. You can access the web interface\nimmediately by typing https:// followed by your server's domain name or IP address.\n\nhttps://server_domain_or_IP\n\nBecause the SSL certificates were signed by an authority that your browser does not recognize by\ndefault, you will see a warning message appear:\n\nChef SSL warning\n\nClick the \"Proceed anyway\" button to bypass this screen and access the login screen. It will look\nsomething like this:\n\nChef server login screen\n\nThe default login credentials are as follows:\n\nDefault Username: admin\nDefault Password: p@ssw0rd1\n\nWhen you log in for the first time, you will be immediately prompted to change your password.\nSelect a new password and then click on the \"Save User\" button on the bottom:\n\nChef server change pw\n\nYou have now configured the server to a point where we can leave it and begin our workstation\nconfiguration.\n\nWorkstation Installation\n\n---------------------------------------------------------------------------------------------------\n\nOur workstation computer is the VPS that we will use to create and edit the actual policies that\ndictate our infrastructure environments. This machine has a copy of the Chef repo that describes\nour machines and services and it uploads those to the Chef server for implementation.\n\nWe will start by simply installing git for version control:\n\nsudo apt-get update\nsudo apt-get install git\n\nThis actually has two purposes. The obvious use is that we will be keeping our configuration under\nversion control to track changes. The second purpose is to temporarily cache our password with sudo\nso that the following command works.\n\nWe will now download and run the client installation script from the Chef website. Type this\ncommand to complete all of these steps:\n\ncurl -L https://www.opscode.com/chef/install.sh | sudo bash\n\nOur Chef workstation component is now installed. However it is very far from being configured.\n\nThe next step is to acquire the \"chef-repo\" directory structure for a properly formatted Chef\nrepository","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdennyzhang%2Fchallenges-chef","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdennyzhang%2Fchallenges-chef","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdennyzhang%2Fchallenges-chef/lists"}