These instructions use the ELFF yum repository. Matthew Kent currently maintains these packages as a service to the Chef community. Supported distribution releases:
Earlier CentOS 5 releases and RHEL 5 should work but haven't been tested with the latest packages. These packages are subject to change or obsoleting as newer packages are prepared and submitted to Fedora for review. The long term goal is making Chef available in Fedora and EPEL. You can follow the progress of this effort in CHEF-522. If you are wanting to submit changes to these packages or build your own checkout the opscode-packages git repository.
|
Pre-requisites
We'll assume you have sudo set up for your user. Otherwise su to root to run the commands listed w/ 'sudo' below.
- Make sure the system has a fully qualified domain name (FQDN) set properly.
should return a hostname like chef.example.com.
- Iptables needs to allow the proper ports (4000 by default for the server, 4040 for the webui), or be disabled.
- Install the EPEL Yum Repository.
- Install the ELFF Yum Repository.
 | Package Sources These instructions assume you are only using the EPEL and ELFF yum repositories (in addition to the base installed repositories) for your installed packages. These packages may not be compatible with ruby or other dependencies carried in other yum repositories or installed from source. |
Install a Server
Install the Chef Server RPM from ELFF.
This will:
- Install all the dependencies for Chef Server, including Merb, CouchDB, RabbitMQ, Java etc. The dependency tree can be pretty large on a new install - 73 packages for 161MB during a recent test.
- Add configuration files in /etc/chef for the client, server, solr, solr-indexer and solo.
- Create all the correct directory paths per the configuration files.
After chef-server is installed you can start couchdb, rabbitmq, chef-solr, chef-solr-indexer and chef-server. We'll also ensure the services start on boot by marking them as on.
This does the following:
- Starts CouchDB which listens on localhost:5984.
- Starts rabbitmq which listens on *:5672.
- Starts chef-solr, a Java application listening on *:8983 (CHEF-1086). Drops privileges to the chef user.
- Starts chef-solr-indexer which connects to rabbitmq/solr. Drops privileges to the chef user.
- Starts chef-server, a merb application using thin which listens on *:4000. Drops privileges to the chef user.
If you are planning on using the webui start and enable the chef-server-webui service:
The webui listens on *:4040 by default.
Alternately you can install the chef-server meta package to get both the chef-server-webui, chef-server-api and chef-solr installed.
Verify That All Components are Running
Now that you have Chef Server installed, you should have the following processes running.
| Name | Listen Port | Example Program Name in ps (Erlang programs truncated) |
|---|---|---|
| Chef Server | 4000 | merb : chef-server (api) : worker (port 4000) |
| Chef Server WebUI | 4040 | merb : chef-server-webui : worker (port 4040) |
| CouchDB | 5984 | beam.smp -Bd -K true – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -couch_ini /usr/local/etc/couchdb/default.ini /usr/local/etc/couchdb/local.ini -s couch |
| RabbitMQ | 5672 | beam.smp -W w -K true -A30 – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -s rabbit -sname rabbit -rabbit tcp_listeners [{"0.0.0.0", 5672}] |
| Chef Solr | 8983 | /usr/bin/java -Xmx250M -Xms250M -Dsolr.data.dir=/opscode/chef/features/data/solr/data -Dsolr.solr.home=/opscode/chef/features/data/solr/home -jar /opscode/chef/features/data/solr/jetty/start.jar |
| Chef Solr Indexer | none | ruby ./chef-solr/bin/chef-solr-indexer -c /etc/chef/solr.rb -l debug |
Configure the Command Line Client
Once you've verified that all of Chef's components are working, it's time to configure the knife command line tool. On your Chef Server, run knife configure -i to interactively configure your knife client and create an admin account on the server. You can accept the default responses by pressing <enter>.
A client is like a user, except it has a RSA private key instead of a password. What you're picking here is the username for the client you're creating:
knife configure -i has to use an existing admin client's credentials to create your account. On a brand new server, the Web UI is the only admin client. So just use the defaults here:
The "chef-validator" client is a special account used to auto-register new nodes. The defaults should be fine here.
Verify Your Knife Client Configuration
You can now run some basic knife commands to verify that you can communicate with the server:
Create a Knife Client for Your Laptop/Desktop
Create Your Client Account
When working with chef, you will spend a lot of time editing recipes and other files, and you'll find it much more convenient to edit them on your laptop/desktop, where you have your editor configured just to your liking. To facilitate this mode of working, we recommend you create a knife client to use knife on your development machine.
Make sure you've configured knife on your chef server as described above before proceeding with this step.
This command creates the client and writes its private key to /tmp/my-username.pem. To verify the operation, use the knife client show command:
Copy Your Key and Configure Knife
Now you need to copy the key you just created to your development machine using scp (or some other file copy mechanism).
In order to use knife on your laptop, you'll need to install the chef-client. If your laptop's OS comes with rubygems (Mac OS X, for example) you can run sudo gem install chef; otherwise, check out the client installation instructions for your OS. Once you have chef installed, you can use knife's interactive configuration on your laptop (note we're not using the -i option here):
Knife looks for its configuration in HOME/.chef/knife.rb by default:
Now, enter your client name, exactly as you did when running knife client create above:
For these next settings, you can accept the defaults for now and update them later by editing your knife.rb file. The validation client name and key are used with knife's cloud computing commands:
We'll also leave the path to the chef repository blank for now. After you've created a chef repository, you'll want to configure it by editing knife.rb
Verify Your Configuration
You can run some list and show commands to verify everything is working:
Next Steps
Now that you have a working Chef installation, it's time to start configuring your infrastructure:
- Read up on Chef's concepts and terminology
- Get a repository to organize your work
- Learn how to write cookbooks
Install a Client
Install just a client. This is also applicable if you're planning to run chef-solo.
This also installs the very handy knife command.
If you are planning to run chef-solo, you can skip the next step. The configuration file for chef-solo is /etc/chef/solo.rb.
Start and enable the chef-client service:
Configuration
You may wish to take a look at the configuration files and see if they meet your needs, or modify for your environment. The files are commented, and located in /etc/chef (*.rb in that directory).
Next you'll probably want to set up a local repository to store configuration for your infrastructure and setup a copy of knife. Thierry Thelliez has put together a great Hello World example that includes the setup of both.
Comments (16)
Aug 05, 2009
Kirill Ishanov says:
Hi guys, I've followed the instructions to install Chef on GoGrid server images...Hi guys,
I've followed the instructions to install Chef on GoGrid server images (bot 64-bit CentOS 5.1 and 32-bit RHEL 5.1) but got this error on the last step:
Any ideas how to fix it?
Thanks
Aug 14, 2009
Matthew Kent says:
Believe this is caused by the older version of yum in CentOS 5.1. Any chance you...Believe this is caused by the older version of yum in CentOS 5.1. Any chance you could get a newer image or upgrade the existing one?
Aug 17, 2009
Roman Bogorodskiy says:
Do you have an idea what is the minimal supported yum version? I've updated yum ...Do you have an idea what is the minimal supported yum version? I've updated yum from CentOS repos and yum now is:
[root@### ~]# yum --version
3.2.19
And I still have problems with it:
[root@### ~]# chef-solo -c ~/solo.rb -j ~/chef.json -r http://s3.amazonaws.com/chef-solo/bootstrap-latest.tar.gz
[Mon, 17 Aug 2009 03:26:52 -0700] INFO: Starting Chef Solo Run
/usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/node/attribute.rb:372:in `method_missing': Attribute domain is not defined! (ArgumentError)
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/node.rb:236:in `send'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/node.rb:236:in `method_missing'
from /tmp/chef-solo/cookbooks/chef/attributes/server.rb:33:in `from_file'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/cookbook.rb:73:in `load_attributes'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/cookbook.rb:71:in `each'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/cookbook.rb:71:in `load_attributes'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/compile.rb:68:in `load_attributes'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/cookbook_loader.rb:117:in `each'
... 8 levels...
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/lib/chef/application.rb:57:in `run'
from /usr/lib/ruby/gems/1.8/gems/chef-0.7.8/bin/chef-solo:26
from /usr/bin/chef-solo:19:in `load'
from /usr/bin/chef-solo:19
[root@### ~]#
[root@### ~]# chef-solo --version
Chef: 0.7.8
Aug 17, 2009
Matthew Kent says:
yum 3.2.19 should work fine. Guessing your error is related to an issue ohai is ...yum 3.2.19 should work fine. Guessing your error is related to an issue ohai is having. Check if domain is getting outputted:
[root@chefdemo ~]# ohai | grep domain
"domain": "demo.domain.com"
You should try the mailing list or irc channel, don't think the wiki comments are great for install support.
Aug 19, 2009
Anthony Lopez says:
going to try the list or irc channelgoing to try the list or irc channel
Jan 20, 2010
Alex Soto says:
GOTCHA NOTE: Beware upgrading rubygems on your chef-server. For another piece o...GOTCHA NOTE:
Beware upgrading rubygems on your chef-server. For another piece of software I did a
on a Centos 64 server and the gem paths switched from /usr/lib/ruby/... to /usr/lib64/ruby/... so all the gems were no longer visible, requiring a re-install.
Jul 23
Jerome Castang says:
Hi All, For x86_64 we might use: rpm -Uvh http://download.fedora.redhat.com/pu...Hi All,
For x86_64 we might use:
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm
rpm -Uvh http://download.elff.bravenet.com/5/x86_64/elff-release-5-3.noarch.rpm
My 2 cents,
Jul 29
Matthew Kent says:
The i386/x86_64 packages are the same as they are noarch.The i386/x86_64 packages are the same as they are noarch.
Jul 28
Chris Pepper says:
Everything starts except chef-server (and chef-server-webui). Is it because host...Everything starts except chef-server (and chef-server-webui). Is it because hostname -f doesn't work? FYI: This is a new (virtual) system, installed with VMware Fusion's autopilot.
Jul 29
Matthew Kent says:
hostname --fqdn will definitely need to return the current hostname to make ohai...hostname --fqdn will definitely need to return the current hostname to make ohai happy. Check the output of 'ohai' for this.
You could also check the logs in /var/log/chef to see why start up is failing.
This is better debugged in the chef irc channel or the mailing list though.
Aug 05
Chris Pepper says:
Thanks, you're right – it was a hostname misconfiguration. "hostname --fqd...Thanks, you're right – it was a hostname misconfiguration. "hostname --fqdn" worked, chef-server & chef-server-webui started up and listened successfully.
Aug 10
Sasha Ovsankin says:
Couldn't install on CentOS 5.0. The error message says "Error: Missing Dependenc...Couldn't install on CentOS 5.0. The error message says "Error: Missing Dependency: rubygem(rest-client) is needed by package rubygem-chef". "gem install chef" worked though.
> sudo yum --enablerepo=elff-testing install chef
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
rightscale 100% |=========================| 951 B 00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package chef.noarch 0:0.9.8-1.el5 set to be updated
--> Running transaction check
--> Processing Dependency: rubygem-chef = 0.9.8-1.el5 for package: chef
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Package rubygem-chef.noarch 0:0.9.8-1.el5 set to be updated
--> Running transaction check
--> Processing Dependency: rubygem(mixlib-authentication) >= 1.1.3 for package: rubygem-chef
...Snip...
--> Running transaction check
--> Processing Dependency: rubygem(rest-client) for package: rubygem-chef
--> Finished Dependency Resolution
Error: Missing Dependency: rubygem(rest-client) is needed by package rubygem-chef
Aug 12
Matthew Kent says:
Did you install the EPEL repository as well? That's where rest-client comes from...Did you install the EPEL repository as well? That's where rest-client comes from.
Aug 12
Sasha Ovsankin says:
Yes, there is epel.repo in /etc/yum.repos.d. rubygem-est-client doesn't seem to ...Yes, there is epel.repo in /etc/yum.repos.d. rubygem-est-client doesn't seem to be there.
Aug 13
Matthew Kent says:
Not sure what's going on as it's definitely there: http://download.fedora.redha...Not sure what's going on as it's definitely there:
http://download.fedora.redhat.com/pub/epel/5/x86_64/rubygem-rest-client-1.3.1-5.el5.noarch.rpm
Suggest dropping by the irc channel, I can better help you there.
Aug 13
Sasha Ovsankin says:
Thanks, will do if I hit any more problems. Right now I am OK as install via "ge...Thanks, will do if I hit any more problems. Right now I am OK as install via "gem" worked.