Opscode
Home     Cookbooks     Blog     GitHub     Tickets 

Configuring Chef

Opscode provides a complete cookbook for installing a Chef Server and Chef Clients to talk to said server. This document describes how the cookbook actually configures Chef, and how you can override default configuration for your local site.

Configuration Files

The default configuration file and the associated applications/commands are:

  • /etc/chef/client.rb chef-client
  • /etc/chef/server.rb chef-server
  • /etc/chef/solo.rb chef-solo

These are loaded by the applications when they are started. The templates in the Chef cookbook are:

  • cookbooks/chef/templates/default/client.rb.erb
  • cookbooks/chef/templates/default/server.rb.erb

The solo.rb is not managed by the cookbook.
Table of Contents

To customize the template in your chef-repo, copy it to site-cookbooks/chef/templates/default and modify as needed. The config files have a lot of available options, for now we'll just look at what is there by default. For a complete list of configuration options, see Chef::Config.

Client

The client configuration options are:

  • log_level, info, debug.
  • log_location, set node attribute chef[:client_log] to STDOUT to send to the log managed by runit (see below).
  • ssl_verify_mode
  • registration_url
  • openid_url
  • template_url, where to retrieve templates
  • remotefile_url, where to retrieve remote_file and remote_directory
  • search_url
  • role_url
  • file_store_path
  • file_cache_path, location of cached cookbooks, etc.
  • pid_file, PID file, not needed by runit.

Server

The server supports the above options, plus:

  • validation_token, a secret token to authenticate automatically, must match on clients.
  • cookbook_path, string or array of paths searched in order specified for available cookbooks.
  • node_path
  • openid_store_path
  • openid_cstore_path
  • search_index_path, where the ferret search indexes are stored.
  • role_path, where role JSON data is stored.
  • openid_providers, allowed openid providers.
  • authorized_openid_identifiers, openid URLs that are authorized to login.

Solo

While chef-solo supports all the options of chef-client, the options most often used are:

  • file_cache_path, where to cache runtime data.
  • cookbook_path, where to find cookbooks.

Running Chef Clients

By default, chef-client is set up as a runit_service. It will run on a 30 minute interval with a short splay.

Prior to Chef 0.7.0, logs were by default sent to /var/log/chef/client.log which is unnecessary with Runit, as it will handle STDOUT logs (in /etc/sv/chef-client/log/main/current).

Chef Server Stack

The Chef Server itself requires several components which are configured by the chef::server recipe in the opscode/cookbooks.

Chef Server

The Chef Server merb application is set up as a mod_rails passenger under Apache. The Chef Server will still read the /etc/chef/server.rb configuration file.

Other known deployments are Nginx+Passenger, Thin+Mongrel, and Runit+Mongrel. Opscode does not provide any cookbooks for these stacks at this time.

Logs

Chef server logs can be found in:

  • /var/log/apache_dir/chef-*log where apache_dir is the value of the node attribute apache[:log_dir. These are the logs for the Apache vhost - error and access.
  • /var/log/chef/server.log the actual merb application log.

Chef Indexer

The Chef Indexer that handles indexing node data with Ferret is set up separately on CentOS and Red Hat.

CouchDB

If CouchDB is available as a package, it will be installed and the service started. The couchdb cookbook can be extended to manage the configuration file if desired, use site-cookbooks.

Stompserver

The stompserver gem, providing message queueing is installed as a runit_service.

Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Copyright © 2009 Opscode, Inc. All Rights Reserved.