https://github.com/dennyzhang/challenges-chef
:book: Challenges Your Chef Skills By Solving Real Questions.
https://github.com/dennyzhang/challenges-chef
chef configuration-management denny-challenges devops study-project
Last synced: 3 months ago
JSON representation
:book: Challenges Your Chef Skills By Solving Real Questions.
- Host: GitHub
- URL: https://github.com/dennyzhang/challenges-chef
- Owner: dennyzhang
- Created: 2017-11-15T19:04:24.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2018-11-05T23:38:07.000Z (over 7 years ago)
- Last Synced: 2025-08-05T18:38:46.431Z (10 months ago)
- Topics: chef, configuration-management, denny-challenges, devops, study-project
- Language: Ruby
- Homepage: https://www.dennyzhang.com/battle
- Size: 2.33 MB
- Stars: 26
- Watchers: 11
- Forks: 33
- Open Issues: 2
-
Metadata Files:
- Readme: README.org
Awesome Lists containing this project
README
* Summary
#+BEGIN_HTML
#+END_HTML
* CheatSheet
File me [[https://github.com/DennyZhang/cheatsheet-kubernetes-A4/issues][Issues]] or star [[https://github.com/DennyZhang/cheatsheet-kubernetes-A4][this repo]].
See more challenges from Denny: [[https://github.com/topics/denny-challenges][#denny-challenges]]
** Scenario-101: Chef HelloWorld I
- Objective: Create a dummy cookbook, and test deployment in docker
- Requirements:
#+BEGIN_EXAMPLE
1. Use docker container to start a env with chef pre-installed
2. Create a dummy cookbook and apply it
#+END_EXAMPLE
- See more: [[Scenario-101][Scenario-101]]
** Scenario-102: Chef HelloWorld II
- Objective: Pure VM deployment
- Requirements:
#+BEGIN_EXAMPLE
1. Start a VM, install chef facility
2. Create a dummy cookbook to install jq package
3. Before install jq, run "apt-get update" by chef. So you need berkshelf.
4. Enforce rubocop and foodcritic for code static check
#+END_EXAMPLE
- See more: [[Scenario-102][Scenario-102]]
** Scenario-103: Chef HelloWorld III
- Objective: Setup chef server and chef client
- Requirements:
#+BEGIN_EXAMPLE
1. Start 3 containers to run chef server, knife workstation and chef client
2. Install and configure knife
3. From knife node run chef deployment in chef client node
#+END_EXAMPLE
#+BEGIN_HTML
#+END_HTML
- See more: [[Scenario-103][Scenario-103]]
- TODO
** Scenario-201: Enforce TDD For Your Chef Cookbooks I
- Objective: Test your cookbooks. Run kitchen docker in your laptop.
- Requirements:
#+BEGIN_EXAMPLE
1. Use kitchen to test your cookbook: start a container and test the logic
2. Enforce kitchen verify logic via serverspec
#+END_EXAMPLE
- See more: [[Scenario-201][Scenario-201]]
#+BEGIN_HTML
#+END_HTML
** Scenario-202: Enforce TDD For Your Chef Cookbooks II
- Objective: Deploy for 3 scenarios: docker, local VM and public cloud
- Requirements:
#+BEGIN_EXAMPLE
1. Use Kitchen to test local vm deployment
2. Use Kitchen to test docker deployment
3. Use Kitchen to test cloud VM deployment
#+END_EXAMPLE
- See more: [[Scenario-202][Scenario-202]]
#+BEGIN_HTML
#+END_HTML
** Scenario-301: Use Chef To Deploy Jenkins I
- Objective: Use chef to deploy one common service for real
- Requirements:
#+BEGIN_EXAMPLE
1. Deploy a standalone jenkins by chef
2. Chef shall add one jenkins user
3. Chef shall add a dummy job with slack notification enabled
4. Run deployment in docker, vagrant and EC2
5. Test both Ubuntu 14.04 and Centos 7
#+END_EXAMPLE
- See more: [[Scenario-301][Scenario-301]]
** Scenario-302: Use Chef To Deploy Jenkins II
- Objective: More Jenkins customization
- Requirements:
#+BEGIN_EXAMPLE
1. For better security, only registered user can login
2. For better security, Jenkins listen on port 18080, instead of 8080
3. When Jenkins is down, get alerts
#+END_EXAMPLE
- See more: [[Scenario-302][Scenario-302]]
** Scenario-303: Use Chef To Deploy Jenkins II
- Objective: More Jenkins customization
- Requirements:
#+BEGIN_EXAMPLE
1. Use Jenkinsfile to create a Jenkins pipeline
2. Enable and configure ThinBackup
#+END_EXAMPLE
- See more: [[Scenario-303][Scenario-303]]
- TODO
** Scenario-401: Use Chef To Deploy 2 Nodes Jenkins I
- Objective: Test and verify the deployment for both all-in-one and 2 nodes cluster
- Requirements:
#+BEGIN_EXAMPLE
1. Test 2 nodes jenkins cluster deployment in docker
2. Use Jenkinsfile to configure Jenkins
3. Define Jenkins pipeline
#+END_EXAMPLE
#+BEGIN_HTML
#+END_HTML
- See more: [[Scenario-303][Scenario-303]]
- TODO
#+BEGIN_HTML
#+END_HTML
* More Resources
License: Code is licensed under [[https://www.dennyzhang.com/wp-content/mit_license.txt][MIT License]].
- Useful links
#+BEGIN_EXAMPLE
https://github.com/chef-cookbooks/jenkins
https://github.com/jenkinsci/pipeline-examples
#+END_EXAMPLE
#+BEGIN_HTML
#+END_HTML
* org-mode configuration :noexport:
#+STARTUP: overview customtime noalign logdone showall
#+DESCRIPTION:
#+KEYWORDS:
#+AUTHOR: Denny Zhang
#+EMAIL: denny@dennyzhang.com
#+TAGS: noexport(n)
#+PRIORITIES: A D C
#+OPTIONS: H:3 num:t toc:nil \n:nil @:t ::t |:t ^:t -:t f:t *:t <:t
#+OPTIONS: TeX:t LaTeX:nil skip:nil d:nil todo:t pri:nil tags:not-in-toc
#+EXPORT_EXCLUDE_TAGS: exclude noexport
#+SEQ_TODO: TODO HALF ASSIGN | DONE BYPASS DELEGATE CANCELED DEFERRED
#+LINK_UP:
#+LINK_HOME:
* # --8<-------------------------- separator ------------------------>8-- :noexport:
* [#A] Routine job by chef :IMPORTANT:noexport:
# Delete old client
knife client delete mdmsandbox -c ~/.chef/knife_mdm.rb -y
knife node delete mdmsandbox -c ~/.chef/knife_mdm.rb -y
# Delete cookbook
knife cookbook delete nagios3 -c ~/.chef/knife_mdm.rb -y
** update osc envs
knife bootstrap www.oscgc.com --sudo -x ubuntu -N "dennytest" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
*** Internal Jenkins: 192.168.1.184:4022
knife bootstrap 192.168.1.184 --sudo -x root -P totvsJenkins -p 4022 -N "osc@cloud.com" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
** update mdm envs
*** MDM offical nagios: 104.236.159.226:22
knife bootstrap 104.236.159.226 --sudo -x root -N "mdmnagios" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
*** Internal sandbox: 10.165.4.67:7022
knife bootstrap 10.165.4.67 --sudo -x root -P sophia1 -p 7022 -N "dennysandbox" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
*** Internal Jenkins: 10.165.4.67:4022
knife bootstrap 10.165.4.67 --sudo -x root -P totvsJenkins -p 4022 -N "mdmnjenkins" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
*** MDM repo server, official Jenkins: 104.236.159.226:4022
knife bootstrap 104.236.159.226 --sudo -x root -P totvsRepo -p 4022 -N "mdmrepo" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none
-r apt,jenkins-mdm -j "{\"jenkins_mdm\": {\"jobs\":\"BuildMDMRepo\", \"enable_email_alerting\":\"1\", \"enable_job_scheduled\":\"1\"}}"
http://104.236.159.226:18000
ssh -N -p 5022 -f root@104.236.159.226 -L 18080:localhost:18080 -n /bin/bash1
http://127.0.0.1:18080
*** mdm all-in-one docker test
docker pull denny/sshd:latest
docker run -d --privileged -t -p 2200:22 -i denny/sshd:latest /usr/sbin/sshd -D
knife bootstrap 104.236.180.184 --sudo -x root -P sophia1 -p 2200 -N "aiodocker" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none -r apt,all-in-one -j "{\"all-in-one\": {\"mgmt_timeout\":\"900000\", \"max_timeout\":\"960000\"}, \"app_mdm\":{\"cb_bucket_retries\":\"10\", \"cb_bucket_retryinterval\":\"10000\", \"cb_bucket_timeout\": \"100000\"}}"
*** mdm local all-in-one test box
192.168.50.11
knife bootstrap 192.168.50.11 --sudo -x vagrant -P vagrant -p 22 -N "dennylocalbox" -c ~/.chef/knife_mdm.rb -V --node-ssl-verify-mode none -r apt,all-in-one -j "{\"all-in-one\": {\"enable_check\":\"0\",\"enable_nagios\":\"0\",\"mgmt_timeout\":\"900000\", \"max_timeout\":\"960000\"}, \"app_mdm\":{\"cb_bucket_retries\":\"10\", \"cb_bucket_retryinterval\":\"10000\", \"cb_bucket_timeout\": \"100000\"}}"
** upload cookbooks by berks
cd /Users/mac/Dropbox/private_data/project/chef/denny-chef-devops/cookbooks/devops-test
berks install
berks upload
berks upload nagios3
# upload cookbooks by knife
cd /Users/mac/Dropbox/private_data/work/totvs/code/mdmdevops/cookbooks/
ls -1 | xargs knife cookbook upload -c ~/.chef/knife_mdm.rb --force
knife cookbook upload -c ~/.chef/knife_mdm.rb backupdir
# delete cookbook
knife cookbook delete -c ~/.chef/knife_mdm.rb nagios3
# list cookbooks
knife cookbook list -c ~/.chef/knife_mdm.rb
** ~/.berkshelf/config.json
#+BEGIN_EXAMPLE
{
"chef": {
"chef_server_url": "https://104.236.159.226:443/organizations/digitalocean",
"node_name": "admin",
"client_key": "/Users/mac/.chef/chef_dennyzhang.pem",
"validation_client_name": "digitalocean-validator",
"validation_key_path": "/Users/mac/.chef/dennyzhang-validator.pem"
},
"ssl": {
"verify": false
}
}
#+END_EXAMPLE
** # --8<-------------------------- separator ------------------------>8--
** DONE apt-get update
CLOSED: [2015-04-26 Sun 17:21]
-r apt
Test:
apt-get update
** DONE [#A] enable email sending by gmail
CLOSED: [2015-04-24 Fri 11:09]
-r ssmtp -j "{\"ssmtp\": {\"credential_method\":\"plain\", \"auth_username\":\"navy.yang007@gmail.com\", \"auth_password\":\"file.navy1\", \"mailhub_name\":\"smtp.gmail.com\", \"mailhub_port\":587}}"
Test:
# ssmtp cookbook doesn't come with mailutils package installed
apt-get install mailutils
yum install mailx
echo "This is a test mail." | mail -s "test mail" 249950670@qq.com
** HALF enable nagios3 for monitoring and auto reporting
-r nagios3 -j "{\"nagios\": {\"server_ip\":\"127.0.0.1\", \"client_ip_list\":\"127.0.0.1\"}}"
Test:
http://127.0.0.1/nagios
nagiosadmin/password1234
** DONE enable backup script
CLOSED: [2015-04-24 Fri 11:22]
-r backupdir -j "{\"backupdir\": {\"dir_list\":\"/var/www/,/etc\"}}"
Test:
** DONE enable hostname
CLOSED: [2015-04-26 Sun 17:24]
-r hostname -j "{\"set_fqdn\": \"workstation.mdm.com\"}"
Test:
hostname -a
hostname -f
** setup hub registry
-r docker-registry2
** # --8<-------------------------- separator ------------------------>8--
** HALF enable mdm Jenkins
-r apt,jenkins-mdm -j "{\"jenkins_mdm\": {\"jobs\":\"BuildMDMRepo,UpdateSandboxMDM\"}}"
** TODO run mdm all-in-one
-r apt,all-in-one -j "{\"mdm\": {\"repo_server\":\"10.165.4.67:18000\"}}"
** # --8<-------------------------- separator ------------------------>8--
** DONE [#A] Use osc chef server
CLOSED: [2015-06-06 Sat 21:31]
cd /Users/mac/Dropbox/private_data/osc/chef/iamdevops/cookbooks
ls -1 | xargs knife cookbook upload -c ~/.chef/knife_osc.rb --force
knife bootstrap 192.168.1.185 --sudo -x root -P sophia1 -p 4022 -N "dennytest" -c ~/.chef/knife_osc.rb -V --node-ssl-verify-mode none -r apt,os-basic-auth -j "{\"os_basic\": {\"enable_firewall\":\"0\"}}"
* [#A] chef: a systems and cloud infrastructure automation framework :IMPORTANT:noexport:
:PROPERTIES:
:type: cloud
:END:
chef's cookbook: /usr/local/src/chef/cookbooks/mycookbook
| Num | Name | Summary |
|-----+--------------+------------------------------------------------------------|
| 1 | Resource | a statement of configuration policy |
| 2 | Knife | upload items from the chef-repo to the Chef server |
| 3 | workstation | |
| 4 | cookbooks | fundamental unit of configuration and policy distribution. |
|-----+--------------+------------------------------------------------------------|
| 5 | recipes | |
| 6 | Attribute | |
| 7 | Databags | a global variable that is stored as JSON data |
| 8 | Environments | |
#+TBLFM: $1=@-1+1;N
- chef server
| Name | Summary |
| /var/opt/chef-server | |
| /var/chef/cache/cookbooks | |
| /var/log/chef-server | |
| /etc/chef-server | |
| chef-server-ctl reconfigure | |
| rpm -e chef-server | |
- knife
| Name | Summary |
|---------------------+-------------------------------------------------------------------------------------------------------|
| knife client list | |
| knife user list | |
| knife node list | |
| knife cookbook list | |
|---------------------+-------------------------------------------------------------------------------------------------------|
| Upload cookbooks | knife cookbook upload -a |
| Upload Data Bag | knife upload data_bags |
| Upload Roles | knife role from file base.rb starter.rb webserver.rb |
| Upload Environments | knife environment from file dev.rb production.rb |
| Boostrap VM | knife bootstrap --sudo -x root -P ChangeMe1 -N "node1" --bootstrap-version 11.12.8 |
| Configure Run_list | knife node run_list set node1 'role[webserver]' 'role[cron]' |
- Misc command
| Command | Summary |
|-----------------------------------------------------------------------------------+----------------------------------------------------------|
| chef-server-ctl test | |
| knife configure --initial | |
| sudo knife bootstrap 192.168.1.185 -x root -P ChangeMe -N centos --sudo | bootstrap a node |
| /root/.chef/knife.rb | knife configuration |
| /etc/chef/client.rb | chef client configuration |
| knife node edit client1 | |
|-----------------------------------------------------------------------------------+----------------------------------------------------------|
| curl https://127.0.0.1:443/clients | |
| curl https://centos-vm1.novalocal:443 | |
| open https://FQDN-OR-IP-OF-CHEF-SERVER | admin/p@ssw0rd1; Make sure iptables doesn't ban 443 port |
|-----------------------------------------------------------------------------------+----------------------------------------------------------|
| knife cookbook create apache-tutorial-1 -o ./ | |
| knife upload cookbooks cookbook-test | upload cookbook |
| knife node run_list add node1.example.com cookbook-test | add run_list of a cookbook to a given node |
| knife node run_list add centos187.osc.com 'recipe[don_cookbook1::testfile]' | add a recipe of a cookbook to a given node |
| knife node run_list remove ubuntu.dennyzhang.com 'recipe[fluig-os::conf_history]' | |
| knife node show dennyubuntu -r | show run_list |
|-----------------------------------------------------------------------------------+----------------------------------------------------------|
| chef-client | puppet agent |
| chef-client -l debug | |
| chef-client -i 3600 | poll every 3600 seconds for changes |
| chef-client -S https://XXX -K /etc/chef/chef-validator.pem | |
- The agents can be installed from the workstation using the knife tool that uses SSH for deployment, easing the installation burden.
** [#A] Linux install chef utility
https://docs.chef.io/install_omnibus.html
curl -L https://www.opscode.com/chef/install.sh | bash
*** DONE [#A] install chef facility with given version
CLOSED: [2016-05-05 Thu 16:45]
http://stackoverflow.com/questions/20205889/how-to-update-the-chef-client-version
(echo "version=12.4.1"; curl -L https://www.opscode.com/chef/install.sh) | sudo bash
** DONE [#A] Chef server migration/backup/restore from chef 11 to chef 12
CLOSED: [2015-04-22 Wed 16:53]
http://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html
http://docs.chef.io/server_backup_restore.html
- install new chef server
knife backup export -D ~/chef-backup/ -c ~/.chef/knife-orig.rb
knife backup restore -D ~/chef-backup -c ~/.chef/knife-new.rb
*** migration spchef
macs-MacBook-Air:.chef mac$ knife node list
macs-MacBook-Air:.chef mac$ knife backup restore -D ~/chef-backup
WARNING: This will overwrite existing data!
Do you want to restore backup, possibly overwriting exisitng data? (Y/N) y
=== Restoring clients ===
=== Restoring users ===
ERROR: Failed to create user[admin]: #; skipping
ERROR: Failed to create user[dennyadmin]: #; skipping
ERROR: Failed to create user[kungadmin]: #; skipping
=== Restoring nodes ===
Restoring nodes from /Users/mac/chef-backup/nodes/all-in-one-sp.json
Restoring nodes from /Users/mac/chef-backup/nodes/on-premise-deployment.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_buxeo1mg2tlyoe1q1428409660944.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_cg6b5hwpk56elgr31420578177412.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_hjgyd06p8gc621vq1416950631623.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_j920on7cdlpdb8m41417812176580.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_n90igti0hp4za70j1420656472829.json
Restoring nodes from /Users/mac/chef-backup/nodes/vapp_yxd6ik7lv9xrapcd1418151775033.json
=== Restoring roles ===
=== Restoring data bags ===
=== Restoring environments ===
=== Restoring cookbooks ===
Restoring cookbook ["all-in-one"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: all-in-one exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
all-in-one:
/Users/mac/chef-backup/cookbooks/all-in-one
/Users/mac/chef-backup/cookbooks/all-in-one-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading all-in-one [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["build-iso"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: build-iso exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
build-iso:
/Users/mac/chef-backup/cookbooks/build-iso
/Users/mac/chef-backup/cookbooks/build-iso-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading build-iso [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["common-server"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: common-server exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
common-server:
/Users/mac/chef-backup/cookbooks/common-server
/Users/mac/chef-backup/cookbooks/common-server-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading common-server [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-adsync"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-adsync exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-adsync:
/Users/mac/chef-backup/cookbooks/fluig-adsync
/Users/mac/chef-backup/cookbooks/fluig-adsync-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-adsync [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-apache"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-apache exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-apache:
/Users/mac/chef-backup/cookbooks/fluig-apache
/Users/mac/chef-backup/cookbooks/fluig-apache-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-apache [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-backup"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-backup exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-backup:
/Users/mac/chef-backup/cookbooks/fluig-backup
/Users/mac/chef-backup/cookbooks/fluig-backup-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-backup [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-basic-os"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-basic-os exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-basic-os:
/Users/mac/chef-backup/cookbooks/fluig-basic-os
/Users/mac/chef-backup/cookbooks/fluig-basic-os-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-basic-os [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-buildkit"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-buildkit exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-buildkit:
/Users/mac/chef-backup/cookbooks/fluig-buildkit
/Users/mac/chef-backup/cookbooks/fluig-buildkit-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-buildkit [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-cluster"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-cluster exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-cluster:
/Users/mac/chef-backup/cookbooks/fluig-cluster
/Users/mac/chef-backup/cookbooks/fluig-cluster-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-cluster [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-core"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-core exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-core:
/Users/mac/chef-backup/cookbooks/fluig-core
/Users/mac/chef-backup/cookbooks/fluig-core-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-core [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-couchbase"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-couchbase exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-couchbase:
/Users/mac/chef-backup/cookbooks/fluig-couchbase
/Users/mac/chef-backup/cookbooks/fluig-couchbase-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-couchbase [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-crontab"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-crontab exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-crontab:
/Users/mac/chef-backup/cookbooks/fluig-crontab
/Users/mac/chef-backup/cookbooks/fluig-crontab-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-crontab [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-dev-os"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-dev-os exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-dev-os:
/Users/mac/chef-backup/cookbooks/fluig-dev-os
/Users/mac/chef-backup/cookbooks/fluig-dev-os-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-dev-os [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-files"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-files exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-files:
/Users/mac/chef-backup/cookbooks/fluig-files
/Users/mac/chef-backup/cookbooks/fluig-files-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-files [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-initialize"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-initialize exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-initialize:
/Users/mac/chef-backup/cookbooks/fluig-initialize
/Users/mac/chef-backup/cookbooks/fluig-initialize-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-initialize [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-java"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-java exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-java:
/Users/mac/chef-backup/cookbooks/fluig-java
/Users/mac/chef-backup/cookbooks/fluig-java-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-java [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-jenkins"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-jenkins exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-jenkins:
/Users/mac/chef-backup/cookbooks/fluig-jenkins
/Users/mac/chef-backup/cookbooks/fluig-jenkins-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-jenkins [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-keystore"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-keystore exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-keystore:
/Users/mac/chef-backup/cookbooks/fluig-keystore
/Users/mac/chef-backup/cookbooks/fluig-keystore-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-keystore [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-logrotate"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-logrotate exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-logrotate:
/Users/mac/chef-backup/cookbooks/fluig-logrotate
/Users/mac/chef-backup/cookbooks/fluig-logrotate-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-logrotate [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-messaging"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-messaging exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-messaging:
/Users/mac/chef-backup/cookbooks/fluig-messaging
/Users/mac/chef-backup/cookbooks/fluig-messaging-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-messaging [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-nagios"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-nagios exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-nagios:
/Users/mac/chef-backup/cookbooks/fluig-nagios
/Users/mac/chef-backup/cookbooks/fluig-nagios-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-nagios [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-neo4j"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-neo4j exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-neo4j:
/Users/mac/chef-backup/cookbooks/fluig-neo4j
/Users/mac/chef-backup/cookbooks/fluig-neo4j-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-neo4j [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-postcheck"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-postcheck exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-postcheck:
/Users/mac/chef-backup/cookbooks/fluig-postcheck
/Users/mac/chef-backup/cookbooks/fluig-postcheck-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-postcheck [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-precheck"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-precheck exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-precheck:
/Users/mac/chef-backup/cookbooks/fluig-precheck
/Users/mac/chef-backup/cookbooks/fluig-precheck-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-precheck [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-racagent"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-racagent exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-racagent:
/Users/mac/chef-backup/cookbooks/fluig-racagent
/Users/mac/chef-backup/cookbooks/fluig-racagent-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-racagent [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-rest"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-rest exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-rest:
/Users/mac/chef-backup/cookbooks/fluig-rest
/Users/mac/chef-backup/cookbooks/fluig-rest-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-rest [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-rmi"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-rmi exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-rmi:
/Users/mac/chef-backup/cookbooks/fluig-rmi
/Users/mac/chef-backup/cookbooks/fluig-rmi-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-rmi [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-search"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-search exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-search:
/Users/mac/chef-backup/cookbooks/fluig-search
/Users/mac/chef-backup/cookbooks/fluig-search-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-search [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-tomcat"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-tomcat exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-tomcat:
/Users/mac/chef-backup/cookbooks/fluig-tomcat
/Users/mac/chef-backup/cookbooks/fluig-tomcat-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-tomcat [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["fluig-vmmanager-webapp"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: fluig-vmmanager-webapp exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
fluig-vmmanager-webapp:
/Users/mac/chef-backup/cookbooks/fluig-vmmanager-webapp
/Users/mac/chef-backup/cookbooks/fluig-vmmanager-webapp-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading fluig-vmmanager-webapp [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["ntp"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: ntp exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
ntp:
/Users/mac/chef-backup/cookbooks/ntp
/Users/mac/chef-backup/cookbooks/ntp-1.6.5
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading ntp [1.6.5]
Uploaded 1 cookbook.
Restoring cookbook ["os-security"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: os-security exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
os-security:
/Users/mac/chef-backup/cookbooks/os-security
/Users/mac/chef-backup/cookbooks/os-security-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading os-security [0.1.0]
Uploaded 1 cookbook.
Restoring cookbook ["squid"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: squid exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
squid:
/Users/mac/chef-backup/cookbooks/squid
/Users/mac/chef-backup/cookbooks/squid-0.5.2
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading squid [0.5.2]
Uploaded 1 cookbook.
Restoring cookbook ["vsftpd"]
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
WARNING: The cookbooks: vsftpd exist in multiple places in your cookbook_path.
A composite version of these cookbooks has been compiled for uploading.
IMPORTANT: In a future version of Chef, this behavior will be removed and you will no longer
be able to have the same version of a cookbook in multiple places in your cookbook_path.
WARNING: The affected cookbooks are located:
vsftpd:
/Users/mac/chef-backup/cookbooks/vsftpd
/Users/mac/chef-backup/cookbooks/vsftpd-0.1.0
WARNING: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Uploading vsftpd [0.1.0]
Uploaded 1 cookbook.
macs-MacBook-Air:.chef mac$
*** TODO [#A] chef_server_url parameter need to be updated
#+BEGIN_EXAMPLE
root@kitchen-identity-sandbox:~# cat /etc/chef/client.rb
cat /etc/chef/client.rb
log_level :info
log_location STDOUT
node_name 'all-in-one-sp'
client_key '/etc/chef/client.pem'
chef_server_url 'https://104.131.157.119/organizations/digitalocean'
cache_type 'BasicFile'
no_lazy_load true
cache_options( :path => '/etc/chef/checksums' )
# TODO: improve later
ssl_verify_mode :verify_none
no_proxy 'no_proxy'root@kitchen-identity-sandbox:~#
#+END_EXAMPLE
*** web page: Migrating from one Chef server to another | ameir dot net
http://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html
**** webcontent :noexport:
#+begin_example
Location: http://www.ameir.net/blog/archives/326-migrating-from-one-chef-server-to-another.html
ameir dot net
Get your geek on
Get your geek on
Home » Linux Luvin' » Migrating from one Chef server to another
Recent Posts
* Get nameservers from resolv.conf with Ruby
* Run multiple ssh commands in parallel with GNU Parallel
* Elasticsearch cluster administration notes
* Installing OpenVZ templates in Proxmox
* IMAP Append – Message contains bare newlines
Recent Comments
* Ameir Abdeldayem on Easy way to backup entire folders
* Ameir Abdeldayem on Run multiple ssh commands in parallel with GNU Parallel
* denny on Run multiple ssh commands in parallel with GNU Parallel
* denny on Easy way to backup entire folders
* Ivan on Running Proxmox behind a single IP address
Search for: [ ] Search
Migrating from one Chef server to another 6
20 Apr, 2014 in Linux Luvin' by Ameir Abdeldayem
---------------------------------------------------------------------------------------------------
It happens — you’re on a server that just can’t be upgraded any further, and you need more
resources. Or, you need to backup a Chef server. Or, you need to setup a QA instance. Or, you
need to finally migrate from Chef 10 to Chef 11. Or, you have one of many other possible reasons,
but you need to be able to stand up a new Chef instance, and not have to do a ton of work. If any
of that applies to you, then this post is for you.
In the case where you’re migrating from one Chef server to another (i.e., the old one is going
bye-bye), it would be very helpful to have your Chef server be CNAMEd (e.g. chef.company.com ->
vm101.iad.company.com) or behind a load balancer/proxy where you can change targets easily. That
way, you won’t need to update the client configs, and it’ll be an easy swap. Everything should
“just work” ™.
First, we’ll make a copy of your knife.rb:
Shell
[cp -a ~/.chef/knife{]
1 cp -a ~/.chef/knife{,-orig}.rb
Now, we’ll need to get access to your new Chef server via knife. You can do so by logging in as
admin, and regenerating and saving a new private key. You can also create a new user here instead
of using admin, but I advise against this, as any user you create will conflict with users of the
same name from the old server. Yes, that means that if you’ve been using ‘admin’ as the main user,
you may run into problems (but let’s just hope that you’ve been using per-person accounts).
Now, we’ll update your current knife.rb to reflect the new node information in it:
[... ]
1 ...
2 node_name 'admin'
3 client_key '/Users/user/.chef/new-server-admin.pem'
4 chef_server_url 'https://vm102.iad.company.com'
5 ...
It wouldn’t hurt to check that you have access to the new node by doing a knife user list .
Now, we’ll need to download all of the data from the “old” Chef server. To do so, we’ll be using
the nifty ‘knife backup‘ plugin. To get it installed on OS X, I did:
Shell
[sudo gem install kni]
1 sudo gem install knife-backup
Now, to finally back things up, we’ll do:
Shell
[knife backup export ]
1 knife backup export -D ~/chef-backup/ -c ~/.chef/knife-orig.rb
Note that the argument after -D is the destination directory where all of the Chef data will go;
this directory will automatically be created for you. The argument of -c tells knife which config
file to use; we’ll, of course, be using the “old” server here. Also, if you only need to backup a
certain set of data from your Chef server (e.g. only users and environments), you can specify that.
See the knife backup documentation for details.
Now that we have all the data we need, we’ll need to push it up to the new server. This works much
the same as the export:
Shell
[knife backup restore]
1 knife backup restore -D ~/chef-backup
I left off the -c here because knife.rb is the default config file.
Once everything has been restored, your original user in Chef will now be available (you can verify
this via the Chef Server UI). The amazing thing is that your keys have not changed, and can be
used as-is. Chef Server keeps track of your public keys, so all of your private keys for all nodes
/clients are still good.
This, now, is where you update your knife.rb to reflect your original user settings. If you’re
running behind a load balancer/proxy, you can simply use your original config as-is after
replacing the old server with the new one. If you’re doing the CNAME/A record route, you can do
the same once DNS has propagated. Otherwise, you can overwrite your new config with your old one,
and edit it to reflect the new server’s URL.
If your nodes are pointing to the wrong server in their client.rb, you can use knife ssh with sed
to find/replace the server URLs.
If you’ll be accessing multiple Chef servers frequently enough, I highly recommend looking at the
knife block plugin. That way, you can switch between different configurations with ease, including
those for Berkshelf.
---------------------------------------------------------------------------------------------------
Leave a comment Cancel reply
Your email address will not be published. Required fields are marked *
Name * [ ]
Email * [ ]
Website [ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
Comment [ ]
You may use these HTML tags and attributes:
Post Comment
6 thoughts on “Migrating from one Chef server to another”
* [ea665620]
Phil Nguyen November 8, 2014 at 2:07 am
Hi Ameir,
The backup operation completed successfully (i.e. list of folders with json files etc..).
However, the restore operation failed to process the backup folder as shown below. Do you know
what am I missing? I will retry this using a Linux box to see if that will help. Thanks for the
script. It will save a lot of pain if this works.
D:\P4\depot\vault\main\hpool\chef-repo>knife backup restore -D d:\chef-backup -c C:\Users\
pnguyen\.chef\knife.rb
WARNING: This will overwrite existing data!
Do you want to restore backup, possibly overwriting exisitng data? (Y/N)Y
=== Restoring clients ===
=== Restoring users ===
=== Restoring nodes ===
=== Restoring roles ===
=== Restoring data bags ===
=== Restoring environments ===
=== Restoring cookbooks ===
* [d8fb36ec]
Ameir Abdeldayem Post author November 8, 2014 at 2:37 am
Hi Phil,
Could you go into d:\chef-backup and run knife diff? That’ll compare the local folder with the
remote server, and let you know if there are differences. It’s possible that the files are the
same (are you using the correct config file?). You could also try with a trailing slash; I
don’t have a Windows box to test with, but there may be nuances there. Also, you could use
knife upload instead of knife backup. The former is essentially what the latter does behind the
scenes. To try that, go into d:\chef-backup and do knife upload .. Hopefully that’ll work. Let
me know if it doesn’t and I’ll try to help out.
-Ameir
* [ea665620]
Phil Nguyen November 8, 2014 at 3:40 am
Update: FYI, it worked when executing the backup/restore script via Ubuntu workstation. Thank
you.
* [d8fb36ec]
Ameir Abdeldayem Post author November 9, 2014 at 2:16 am
Excellent, glad to hear it! There must be an issue on the Windows side of things. Good luck
with your new Chef server!
* [34890ea3]
gdanko November 25, 2014 at 5:06 pm
I am seeing this:
=== Restoring cookbooks ===
Restoring cookbook [“publiccloud_lms_install_jdk”]
Uploading publiccloud_lms_install_jdk [0.1.0]
ERROR: Server returned error 500 for https://localhost/sandboxes/
00000000000012b561684b15f8b1df3f, retrying 1/5 in 4s
ERROR: Server returned error 500 for https://localhost/sandboxes/
00000000000012b561684b15f8b1df3f, retrying 2/5 in 7s
ERROR: Server returned error 500 for https://localhost/sandboxes/
00000000000012b561684b15f8b1df3f, retrying 3/5 in 13s
ERROR: Server returned error 500 for https://localhost/sandboxes/
00000000000012b561684b15f8b1df3f, retrying 4/5 in 29s
ERROR: Server returned error 500 for https://localhost/sandboxes/
00000000000012b561684b15f8b1df3f, retrying 5/5 in 54s
ERROR: internal server error
Response: internal service error
Any idea what could be wrong?
* [d8fb36ec]
Ameir Abdeldayem Post author November 25, 2014 at 7:31 pm
A 500 error means that something server-side is having issues. Are you able to upload anything
to your Chef server? Could you also add –verbose to your command to see if it gives any
additional details?
---------------------------------------------------------------------------------------------------
Post navigation
* ← Change Chef Server settings after installation
* Enable XHProf for WordPress →
· © 2015 ameir dot net · Designed by Press Customizr ·
Back to top
#+end_example
** DONE [#A] setup and install chef 12
CLOSED: [2015-04-22 Wed 16:49]
https://docs.chef.io/install_server.html
# Ubuntu 14.04
http://downloads.chef.io/chef-server/ubuntu/#/
wget https://web-dl.packagecloud.io/chef/stable/packages/ubuntu/trusty/chef-server-core_12.0.8-1_amd64.deb
apt-get update
dpkg -i chef-server-core_12.0.8-1_amd64.deb
chef-server-ctl reconfigure
chef-server-ctl user-create chef_adminsp denny zhang denny.zhang001@gmail.com filebatpwd1 --filename /tmp/chef_adminsp.pem
chef-server-ctl org-create digitalocean "DigitalOcean, Inc." --association_user chef_adminsp -f /tmp/digitalocean-validator.pem
cat > ~/.ssh/knife.rb <> ~/chef-repo/.gitignore
Since we have made a change to the .gitignore file, we can go ahead and make our first new commit
to the version control system. First, add all of the modified files to the current staging area:
cd ~/chef-repo
git add .
Now, commit the changes. We will use the -m flag to specify an in-line commit message describing
the changes we are making:
git commit -m "Excluding the ./.chef directory from version control"
Our Chef repo is now under version control. As we author configurations for our infrastructure, we
can use the above two commands to keep our git repo up-to-date.
Download and Install the Chef Development Kit
Next, we need to install the Chef Development Kit, a suite of software designed for Chef
workstations. This includes many utilities that will be useful when designing configurations for
your infrastructure. The tool we are interested in at this point is the bundled knife command,
which can communicate with and control both the Chef server and any Chef clients.
We can find the Chef 12 Development Kit on the Chef website. Since we are using Ubuntu 14.04 as our
workstation, the page here will contain the latest download link. Note that at the time of this
writing, the download link only references Ubuntu 12.04 and Ubuntu 13.10, but it should still
install without issue on Ubuntu 14.04.
Right-click on the download button under "Ubuntu Linux" and copy the link location:
Ubuntu Chef dev kit
Back on your workstation, change to your home directory. Paste the link you copied and use the wget
command to download the package. The link you copied may be different from the one below if a newer
development kit version has been released:
cd ~
wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chefdk_0.4.0-1_amd64.deb
Once the .deb package has been downloaded, you can install it by typing:
sudo dpkg -i chefdk_*.deb
After the installation, you can verify that all of the components are available in their expected
location through the new chef command:
chef verify
If your workstation will primarily be used to manage Chef for your infrastructure, you will likely
want to default to the version of Ruby installed with Chef. You can do this by modifying your
.bash_profile so that Chef's Ruby takes precedence:
echo 'eval "$(chef shell-init bash)"' >> ~/.bash_profile
Afterwards, you can source your .bash_profile file to set the correct environmental variables for
the current session:
source ~/.bash_profile
If you wish to manage your Ruby versions independently, you can skip the above steps.
Download the Authentication Keys to the Workstation
At this point, your workstation has all of the software needed to interact with a Chef server and
compose infrastructure configurations. However, it is not yet configured to interact with your Chef
server and your environment. In this section, we'll download the credentials we created on the Chef
server.
We will use the scp utility to download the user key and the organization validator key that we
created on the Chef server. Before doing so, we will create the hidden directory where we will
store these files:
mkdir ~/chef-repo/.chef
The method that you use to connect to the Chef server will determine how exactly we go about
downloading the keys. Follow the method below that matches your setup:
How To Download Keys when Connecting to a Chef Server with Passwords
If you connect to your Chef server through SSH using password-based authentication, the scp command
will work without significant modification.
On your workstation, specify the username and domain name or IP address used to connect to the Chef
server. Follow this immediately with a colon (:) and the path to the file you wish to download.
After adding a space, indicate the directory on the local computer where you wish the download the
files to be placed (~/chef-repo/.chef in our case).
If you log into the Chef server using the root user account, your commands will look something like
this. Remember to change both the domain name or IP address and the name of the key files you are
trying to download to match your environment:
scp root@server_domain_or_IP:/root/admin.pem ~/chef-repo/.chef
scp root@server_domain_or_IP:/root/digitalocean-validator.pem ~/chef-repo/.chef
If you connect to your Chef server using a non-root user, the commands will look more like this:
scp username@server_domain_or_IP:/home/username/admin.pem ~/chef-repo/.chef
scp username@server_domain_or_IP:/home/username/digitalocean-validator.pem ~/chef-repo/.chef
How To Download Keys when Connecting to a Chef Server Using SSH Keys
If, instead, you connect to your Chef server using SSH keys (recommended), you will need to perform
some additional steps.
First, leave your SSH session with the workstation. We will need to reconnect momentarily with a
new parameter:
exit
Once you are back on your local computer, you will need to add the SSH keys you use to connect to
the Chef server to an SSH agent. OpenSSH, the standard SSH suite, includes an SSH agent that can be
started by typing:
eval $(ssh-agent)
You should see output that looks like this (the number will likely be different):
Agent pid 13881
Once the agent is started, you can add your SSH key to it:
ssh-add
Identity added: /home/demo/.ssh/id_rsa (rsa w/o comment)
This will keep your SSH key stored in memory. Now, you can forward the stored key to your
workstation as you connect by using the -A option with ssh. This will allow you to connect to any
computer from your workstation as if you were connecting from your local computer:
ssh -A username@workstation_domain_or_IP
Now, you can connect to your Chef server without needing a password using the forwarded SSH
credentials. If the keys on your Chef server were available through the root user, the commands you
will need will look similar to this. Remember to change the Chef server domain name or IP address
and the key names as needed:
scp root@server_domain_or_IP:/root/admin.pem ~/chef-repo/.chef
scp root@server_domain_or_IP:/root/digitalocean-validator.pem ~/chef-repo/.chef
If the SSH key configured for the Chef server instead is used to authenticate you to a regular user
account, your commands will look like this instead:
scp username@server_domain_or_IP:/home/username/admin.pem ~/chef-repo/.chef
scp username@server_domain_or_IP:/home/username/digitalocean-validator.pem ~/chef-repo/.chef
Configuring Knife to Manage your Chef Environment
Now that you have your Chef credentials available on your workstation, we can configure the knife
command with the information it needs to connect to and control your Chef infrastructure. This is
done through a knife.rb file that we will place in the ~/chef-repo/.chef directory along with our
keys.
Open up a file called knife.rb in that directory in your text editor:
nano ~/chef-repo/.chef/knife.rb
In this file, paste the following information:
current_dir = File.dirname(__FILE__)
log_level :info
log_location STDOUT
node_name "name_for_workstation"
client_key "#{current_dir}/name_of_user_key"
validation_client_name "organization_validator_name"
validation_key "#{current_dir}/organization_validator_key"
chef_server_url "https://server_domain_or_IP/organizations/organization_name"
syntax_check_cache_path "#{ENV['HOME']}/.chef/syntaxcache"
cookbook_path ["#{current_dir}/../cookbooks"]
The following items should be adjusted to suit your infrastructure:
* node_name: This specifies the name that knife will use to connect to your Chef server. This
should match your user name.
* client_key: This should be the name and path to the user key that you copied over from the Chef
server. We can use the #{current_dir} snippet to fill in the path if the key is in the same
directory as the knife.rb file.
* validation_client_name: This is the name of the validation client that knife will use to
bootstrap new nodes. This will take the form of your organization short name, followed by
-validator.
* validation_key: Like the client_key, this includes the name and path to the validation key you
copied from the Chef server. Again, you can use the #{current_dir} Ruby snippet to specify the
current directory if the validation key is in the same directory as the knife.rb file.
* chef_server_url: This is the URL where the Chef server can be reached. It should begin with
https://, followed by your Chef server's domain name or IP address. Afterwards, the path to
your organization should be specified by appending /organizations/your_organization_name.
For our guide, the knife.rb file will look similar to this. You still need to adjust the server's
domain name or IP address if you are following along:
current_dir = File.dirname(__FILE__)
log_level :info
log_location STDOUT
node_name "admin"
client_key "#{current_dir}/admin.pem"
validation_client_name "digitalocean-validator"
validation_key "#{current_dir}/digitalocean-validator.pem"
chef_server_url "https://server_domain_or_IP/organizations/digitalocean"
syntax_check_cache_path "#{ENV['HOME']}/.chef/syntaxcache"
cookbook_path ["#{current_dir}/../cookbooks"]
When you are finished, save and close the knife.rb file.
Now, we will test the configuration file by trying out a simple knife command. We need to be in our
~/chef-repo directory for our configuration file to be read correctly:
cd ~/chef-repo
knife client list
This first attempt should fail with an error that looks like this:
ERROR: SSL Validation failure connecting to host: server_domain_or_IP - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
ERROR: Could not establish a secure connection to the server.
Use `knife ssl check` to troubleshoot your SSL configuration.
If your Chef Server uses a self-signed certificate, you can use
`knife ssl fetch` to make knife trust the server's certificates.
Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
This occurs because we do not have our Chef server's SSL certificate on our workstation. We can
acquire this by typing:
knife ssl fetch
This should add the Chef server's certificate file to a list in our ~/chef-repo/.chef directory:
WARNING: Certificates from server_domain_or_IP will be fetched and placed in your trusted_cert
directory (/home/demo/chef-repo/.chef/trusted_certs).
Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.
Adding certificate for server_domain_or_IP in /home/demo/chef-repo/.chef/trusted_certs/server_domain_or_IP.crt
After the SSL certificate has been fetched, the previous command should now work:
knife client list
digitalocean-validator
If the above command correctly returns, your workstation is now set up to control your Chef
environment.
Bootstrapping a New Node with Knife
With our Chef server and workstation configured, we can begin using Chef to configure new servers
within our infrastructure.
This happens through a process called "bootstrapping" in which the Chef client executable is
installed on the new computer and the organizational validator key is passed along as well. The new
node then contacts the Chef server with the validator key and, in return, receives its own unique
client key and any configuration that has been assigned to it. This process gets the new server
into its initial state and sets it up for any future management.
To connect to the new server, we will need a few pieces of information about the new node:
* The domain name or IP address where it can be reached
* The username used to complete administrative actions. This can be either root, or a user
configured with sudo privileges.
* A method of logging in as the above user. This can be either the password, or the ability to
use an SSH key.
* A method of performing administrative tasks. For root users, this is unnecessary. For users
relying on sudo privileges, a password is generally necessary.
The general syntax of the command will be:
knife bootstrap node_domain_or_IP [options]
Some common options you may end up using are:
* -x: Used to specify the username to authenticate with through SSH. This is usually required.
* -N: The new name for the node, as displayed within Chef. Leaving this out will usually result
in the hostname being used for the Chef node name.
* -P: Used to specify the password for the username on the remote server. This is necessary if
either the SSH session requires password authentication or if the username requires a password
for sudo commands.
* --sudo: If the username on the remote server will need to use sudo to perform administrative
actions, this flag is needed. By default, it will prompt for the sudo password.
* --use-sudo-password: If you are already providing the password for the user with the -P flag,
using this flag in addition to the --sudo flag will use the -P password without prompting.
* -A: This option forwards SSH keys to the remote host to login rather than using password
authentication.
When using the -A option, you must start an SSH agent on your local computer, add the SSH key that
can be used to connect to the new node, and forward that information to your workstation by
connecting with the -A flag initially. More information about how to do this can be found in the
workstation configuration section regarding downloading the keys from the Chef server.
Using the above information, it is possible to construct the correct bootstrapping commands for a
variety of situations.
For example, to bootstrap a node with the name "testing", using the username demo, which is
configured with sudo privileges, and which needs a password for SSH and the sudo validation, we can
type:
knife bootstrap node_domain_or_IP -N testing -x demo -P password --sudo --use-sudo-password
If we want to bootstrap using the root user, with SSH key authentication using keys available on
the workstation, and wish to keep use the node's hostname as the Chef node name, we can type:
knife bootstrap node_domain_or_IP -x root -A
If we want to use SSH keys to authenticate to a sudo user, we will still need to provide a password
using the -P flag, the --sudo flag, and the --use-sudo-password flag to avoid prompts:
knife bootstrap node_domain_or_IP -x demo -A -P password --sudo --use-sudo-password -N name
If you are in the above scenario, but do not mind being promted for the sudo password, you can
instead just type this:
knife bootstrap node_domain_or_IP -x demo -A --sudo -N name
Once your new node is bootstrapped, you should have a new client:
knife client list
digitalocean-validator
name
You should also have a new node of the same name:
knife node list
name
You can use the above procedure to easily set up new Chef clients on any number of new servers.
If you want to learn about how to automatically add your new DigitalOcean Droplets to your existing
Chef infrastructure without having to bootstrap each one, check out this tutorial.
Conclusion
After following this guide, you should have a fully functional Chef server configured for your
infrastructure. We have also set up a workstation that can be used to manage and maintain the
configurations that Chef will apply to your infrastructure. We have demonstrated how to use the
knife command to bootstrap the servers that will be configured by Chef.
In the next guide, we will demonstrate how to design configurations for your nodes using some Chef
constructs. We will go over the fundamentals of Chef recipes and cookbooks as ways to control your
infrastructure with declarative configs.
Tags: Configuration Management, Chef Distribution: Ubuntu
jellingwood
By: Justin Ellingwood
HeartedHeart
7
Subscribe Subscribed
Share
*
*
*
*
Tutorial Series
Getting Started Managing Your Infrastructure Using Chef
Chef is a powerful configuration management system that can be used to programmatically control
your infrastructure environment. Leveraging the Chef system allows you to easily recreate your
environments in a predictable manner by automating the entire system configuration. In this series,
we will introduce you to Chef concepts and demonstrate how to install and utilize the its powerful
features to manage your servers.
1. How To Understand the Chef Configuration Environment on a VPS
November 20, 2013
7
1
By Justin Ellingwood
2. How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers
March 2, 2015
7
1
By Justin Ellingwood
3. How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances
January 30, 2014
5
33
By Justin Ellingwood
4. How To Create Simple Chef Cookbooks to Manage Infrastructure on Ubuntu
February 3, 2014
9
12
By Justin Ellingwood
5. How To Use Roles and Environments in Chef to Control Server Configurations
February 4, 2014
5
5
By Justin Ellingwood
6. How To Use the DigitalOcean Plugin for Knife to Manage Droplets in Chef
February 9, 2014
3
6
By Justin Ellingwood
7. How To Manage Your Cluster with Chef and Knife on Ubuntu
October 30, 2014
0
0
By Nik Wakelin
8. How To Automatically Add New Droplets to your Configuration Management System
February 25, 2015
3
0
By Justin Ellingwood
Need a Server?
We offer cloud servers that are quick to set up and easy to manage. Spin one up now for as little
as $5/mo.
Start Here
Related Tutorials
* How To Use Roles and Environments in Chef to Control Server Configurations
* How To Automatically Add New Droplets to your Configuration Management System
* 5 Ways to Improve your Production Web Application Server Setup
* How to Use Puppet to Manage WordPress Themes and Plugins on Ubuntu 14.04
* How To Create an Ansible Playbook To Automate Drupal Installation on Ubuntu 14.04
1 Comment
[ ]
Log In to Comment
Load
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0
International License.
Copyright © 2015 DigitalOcean™ Inc.
* Community
* Tutorials
* Questions
* Projects
* Tags
* Terms, Privacy, & Copyright
* Security
Sign Up
Not so fast, you must have an account before you can do that.
Log In Create Account
#+end_example
** DONE Install chef server 11
CLOSED: [2015-04-22 Wed 18:15]
*** web page: How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances | DigitalOcean
https://www.digitalocean.com/community/tutorials/how-to-install-a-chef-server-workstation-and-client-on-ubuntu-vps-instances
**** webcontent :noexport:
#+begin_example
Location: https://www.digitalocean.com/community/tutorials/how-to-install-a-chef-server-workstation-and-client-on-ubuntu-vps-instances
jellingwood
By:
Justin Ellingwood
Jan 30, 2014
HeartedHeart
5
31
Share
*
*
*
*
Contents
View All Results
Sign Up Log In
[ ] submit
* Tutorials
* Questions
* Projects
* Main Site
Community
Menu
* Tutorials
* Questions
* Projects
* Main Site
Sign Up Log In
[ ] submit
How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances
Tutorial Series
This tutorial is part 3 of 8 in the series: Getting Started Managing Your Infrastructure Using Chef
Getting Started Managing Your Infrastructure Using Chef
Chef is a powerful configuration management system that can be used to programmatically control
your infrastructure environment. Leveraging the Chef system allows you to easily recreate your
environments in a predictable manner by automating the entire system configuration. In this series,
we will introduce you to Chef concepts and demonstrate how to install and utilize the its powerful
features to manage your servers.
1. How To Understand the Chef Configuration Environment on a VPS
November 20, 2013
7
1
By Justin Ellingwood
2. How To Set Up a Chef 12 Configuration Management System on Ubuntu 14.04 Servers
March 2, 2015
7
1
By Justin Ellingwood
3. How to Install a Chef Server, Workstation, and Client on Ubuntu VPS Instances
January 30, 2014
5
33
By Justin Ellingwood
4. How To Create Simple Chef Cookbooks to Manage Infrastructure on Ubuntu
February 3, 2014
9
12
By Justin Ellingwood
5. How To Use Roles and Environments in Chef to Control Server Configurations
February 4, 2014
5
5
By Justin Ellingwood
6. How To Use the DigitalOcean Plugin for Knife to Manage Droplets in Chef
February 9, 2014
3
6
By Justin Ellingwood
7. How To Manage Your Cluster with Chef and Knife on Ubuntu
October 30, 2014
0
0
By Nik Wakelin
8. How To Automatically Add New Droplets to your Configuration Management System
February 25, 2015
3
0
By Justin Ellingwood
Previous Tutorial Next Tutorial
Note: This guide is targeted at Chef 11. The Chef 12 platform introduces some significant
configuration differences. You can find a guide on how to set up a Chef 12 server, workstation, and
node here.
Introduction
---------------------------------------------------------------------------------------------------
As your organizational structure grows and the separate components necessary to manage your
environment expand, administering each server and service can become unmanageable.
Configuration management solutions are designed to simplify the management of systems and
infrastructure. The goal of configuration management tools are to allow you to manage your
infrastructure as a code base. Chef is a configuration management solution that allows you to
manage large numbers of servers easily.
In a previous guide, we discussed the general structure of the Chef components and the way the
system operates on a conceptual level. We went over some key terminology and the relationship
between many different components.
In this guide, we will work to install a small Chef 11 setup. This will be one Chef server used to
store configuration data and administer access rights. This will serve as a hub for our other
machines.
We will also install a workstation that will allow us to interact with our server and build our
configuration policies. This is where we will do the work to manage our infrastructure environment.
Finally, we will bootstrap a node, which will represent one of the servers in our organization that
will be managed through Chef. We will do this using the server and workstation that we configured.
All three of these machines will be using Ubuntu 12.04 x86_64 VPS instances for simplicity's sake.
We will be targeting the Chef 11 release as it is stable and well tested.
Server Installation
---------------------------------------------------------------------------------------------------
The first component that we need to get online is the Chef server. Because this is central to the
communication of our other components, it needs to be available for our other machines to complete
their setup.
Before doing this, it is important to set up a domain name for your Chef server to resolve requests
correctly. You can see our guide on getting a domain name set up with DigitalOcean here.
If you do not have a domain name, you will need to edit the /etc/hosts file on each of the VPS
instances that you will be using, so that they can all resolve the Chef server by name. If you do
have a domain name, this should only be necessary on the VPS you will be using as the Chef server.
You can do this by typing this on the VPS you will use as the Chef server:
sudo nano /etc/hosts
Inside, add the IP address of this computer and then the name you would like to use to connect to
the server. You can then add a short name after that. Something like this:
111.222.333.444 chef.domain.com chef
Change the 111.222.333.444 to your Chef server's IP address and change the other two values to
whatever you'd like to use to refer to your server as. Add this line to point to your Chef server
to this file on each of the machines you plan to use if you are not using a domain name.
You can check that this is setup correctly by typing:
hostname -f
This should give you the name that is used to reach this server.
You can get the chef server package by visiting this page in your web browser.
Click on the "Chef Server" tab and then select the menus that match your operating system:
Chef server select operating system
Select the most recent version of the Chef 11 server available to you on the right-hand side:
Chef server newest
You will be presented with a link to a deb file. Right-click on this and select the option that is
similar to "copy link location".
In the VPS instance that you will be using as the server, change to your user's home directory and
use the wget utility to download the deb. At the time of this writing, the most recent link is
this:
cd ~
wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.10-1.ubuntu.12.04_amd64.deb
This will download the installation package that you can then install like this:
sudo dpkg -i chef-server*
This will install the server component on this machine.
It prints to the screen afterwards that you should run this next command to actually configure the
service around your specific machine. This will configure everything automatically:
sudo chef-server-ctl reconfigure
Once this step is complete, the server should be up and running. You can access the web interface
immediately by typing https:// followed by your server's domain name or IP address.
https://server_domain_or_IP
Because the SSL certificates were signed by an authority that your browser does not recognize by
default, you will see a warning message appear:
Chef SSL warning
Click the "Proceed anyway" button to bypass this screen and access the login screen. It will look
something like this:
Chef server login screen
The default login credentials are as follows:
Default Username: admin
Default Password: p@ssw0rd1
When you log in for the first time, you will be immediately prompted to change your password.
Select a new password and then click on the "Save User" button on the bottom:
Chef server change pw
You have now configured the server to a point where we can leave it and begin our workstation
configuration.
Workstation Installation
---------------------------------------------------------------------------------------------------
Our workstation computer is the VPS that we will use to create and edit the actual policies that
dictate our infrastructure environments. This machine has a copy of the Chef repo that describes
our machines and services and it uploads those to the Chef server for implementation.
We will start by simply installing git for version control:
sudo apt-get update
sudo apt-get install git
This actually has two purposes. The obvious use is that we will be keeping our configuration under
version control to track changes. The second purpose is to temporarily cache our password with sudo
so that the following command works.
We will now download and run the client installation script from the Chef website. Type this
command to complete all of these steps:
curl -L https://www.opscode.com/chef/install.sh | sudo bash
Our Chef workstation component is now installed. However it is very far from being configured.
The next step is to acquire the "chef-repo" directory structure for a properly formatted Chef
repository