Install the Chef Server
There are three configuration scenarios for the Chef server:
- Standalone (everything on a single machine)
- High availability (machines configured for front-end and back-end, allowing for failover on the back-end and load-balancing on the front-end, as required)
- Tiered (machines configured for front-end and back-end, with a single back-end and load-balancing on the front-end, as required)
Prerequisites¶
The Chef server has the following prerequisites:
- An x86_64 compatible system architecture; Red Hat Enterprise Linux and CentOS may require updates prior to installation
- A resolvable hostname that is specified using a FQDN or an IP address
- A connection to Network Time Protocol (NTP) to prevent clock drift
- A local mail transfer agent that allows the Chef server to send email notifications
- Using cron and the
/etc/cron.d
directory for periodic maintenance tasks - Disabling the Apache Qpid daemon on CentOS and Red Hat systems
- Optional. A local user account under which services will run, a local user account for PostgreSQL, and a group account under which services will run. See UIDs and GIDs for more information.
Note
See the expanded list of prerequisites for a detailed list of software and hardware requirements.
Standalone¶
The standalone installation of Chef server creates a working installation on a single server. This installation is also useful when you are installing Chef server in a virtual machine, for proof-of-concept deployments, or as a part of a development or testing loop.
To install Chef server 12:
- Download the package from https://downloads.chef.io/chef-server/.
- Upload the package to the machine that will run the Chef server, and then record its location on the file system. The rest of these steps assume this location is in the
/tmp
directory. - As a root user, install the Chef server package on the server, using the name of the package provided by Chef. For Red Hat and CentOS 6:
$ rpm -Uvh /tmp/chef-server-core-<version>.rpm
For Ubuntu:
$ dpkg -i /tmp/chef-server-core-<version>.deb
After a few minutes, the Chef server will be installed.
- Run the following to start all of the services:
$ chef-server-ctl reconfigure
Because the Chef server is composed of many different services that work together to create a functioning system, this step may take a few minutes to complete.
- Run the following command to create an administrator:
$ chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename FILE_NAME
An RSA private key is generated automatically. This is the user’s private key and should be saved to a safe location. The
--filename
option will save the RSA private key to the specified absolute path.For example:
$ chef-server-ctl user-create stevedanno Steve Danno [email protected] 'abc123' --filename /path/to/stevedanno.pem
- Run the following command to create an organization:
$ chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem
The name must begin with a lower-case letter or digit, may only contain lower-case letters, digits, hyphens, and underscores, and must be between 1 and 255 characters. For example:
4thcoffee
.The full name must begin with a non-white space character and must be between 1 and 1023 characters. For example:
'Fourth Coffee, Inc.'
.The
--association_user
option will associate theuser_name
with theadmins
security group on the Chef server.An RSA private key is generated automatically. This is the chef-validator key and should be saved to a safe location. The
--filename
option will save the RSA private key to the specified absolute path.For example:
$ chef-server-ctl org-create 4thcoffee 'Fourth Coffee, Inc.' --association_user stevedanno --filename /path/to/4thcoffee-validator.pem
- Enable additional features of the Chef server! The packages may be downloaded directly as part of the installation process or they may be first downloaded to a local directory, and then installed.
Use Downloads
The
install
subcommand downloads packages from https://packages.chef.io/ by default. For systems that are not behind a firewall (and have connectivity to https://packages.chef.io/), these packages can be installed as described below.Feature Command Chef Manage Use Chef management console to manage data bags, attributes, run-lists, roles, environments, and cookbooks from a web user interface. On the Chef server, run:
$ chef-server-ctl install chef-manage
then:
$ chef-server-ctl reconfigure
and then:
$ chef-manage-ctl reconfigure
Note
Starting with the Chef management console 2.3.0, the Chef MLSA must be accepted when reconfiguring the product. If the Chef MLSA has not already been accepted, the reconfigure process will prompt for a
yes
to accept it. Or runchef-manage-ctlreconfigure --accept-license
to automatically accept the license.Chef Push Jobs Use Chef push jobs to run jobs—an action or a command to be executed—against nodes independently of a chef-client run. On the Chef server, run:
$ chef-server-ctl install opscode-push-jobs-server
then:
$ chef-server-ctl reconfigure
and then:
$ opscode-push-jobs-server-ctl reconfigure
Reporting Use Reporting to keep track of what happens during every chef-client runs across all of the infrastructure being managed by Chef. Run Reporting with Chef management console to view reports from a web user interface. On the Chef server, run:
$ chef-server-ctl install opscode-reporting
then:
$ chef-server-ctl reconfigure
and then:
$ opscode-reporting-ctl reconfigure
Use Local Packages
The
install
subcommand downloads packages from https://packages.chef.io/ by default. For systems that are behind a firewall (and may not have connectivity to packages.chef.io), these packages can be downloaded from https://downloads.chef.io/chef-manage/, and then installed manually. First download the package that is appropriate for the platform, save it to a local path, and then run theinstall
command using the--path
option to specify the directory in which the package is located:$ chef-server-ctl install PACKAGE_NAME --path /path/to/package/directory
For example:
$ chef-server-ctl install chef-manage --path /root/packages
The
chef-server-ctl
command will install the firstchef-manage
package found in the/root/packages
directory.
Update config for purchased nodes¶
When using more than 25 nodes, a configuration change to your Chef server needs to be made in order for your Chef server to be properly configured and recognize your purchased licenses. You will need to edit to your chef-server.rb
file by following the process below:
- On your Chef server, if the
chef-server.rb
file does not exist, create it.sudo mkdir /etc/opscode && sudo touch /etc/opscode/chef-server.rb
- Open up the newly created
chef-server.rb
file in your favorite text editor.sudo vi /etc/opscode/chef-server.rb
- Paste or add the following text. Please note the placement of the single quotation (‘) marks.
license['nodes'] = N where N is the number of licensed nodes you have purchased
- Save the file. Because we are using the vi editor, you can save your changes in vi with the following command:
:wq
- Run
chef-server-ctl reconfigure
for the changes to be picked up by your Chef server.sudo chef-server-ctl reconfigure
For more information on configuring your Chef server, see chef-server.rb Settings and chef-server.rb Optional Settings.
High Availability¶
The following links describe how to configure the Chef server for high availability:
High Availability using Amazon Web Services
High Availability using DRBD