Skip to end of metadata
Go to start of metadata
 

 

Installing using native Ubuntu or Debian ensures that Chef is installed in the same way as other software on your system.

These instructions use the Opscode APT repository for installing Chef 10. Opscode maintains the packages in this APT repo, as well as the packages that get included in Debian and Ubuntu's repositories.

 

These install instructions are deprecated in favor of the Omnibus installers and Chef 11.
The following distributions are supported within the Opscode APT repository:
  • Ubuntu 12.04 precise
  • Ubuntu 11.10 oneiric
  • Ubuntu 11.04 natty
  • Ubuntu 10.10 maverick
  • Ubuntu 10.04 lucid
  • Debian (unstable) sid
  • Debian (testing) wheezy
  • Debian 6 (stable) squeeze

Install Processes

Installing chef-server using the Opscode provided packages for Debian and Ubuntu requires that you:

  1. Add the Opscode Apt Repository to your apt sources,
  2. Install the chef-server package and its dependencies,
  3. Verify the installation succeeded, and
  4. Complete the Post-Install configuration

The following sections take you through each of these steps in detail.

 

 
 

Add the Opscode APT Repository

Create /etc/apt/sources.list.d/opscode.list.

/etc/apt/sources.list.d/opscode.list

 

If you would like to be able to download source packages, add an additional identical line, but change deb to deb-src line.

You can copy and paste these examples to create the necessary sources.list entry:

Ubuntu for Chef 0.10.x

Debian users will likely need to run 'apt-get install sudo wget lsb-release' as root before pasting the examples.

Add the GPG Key and Update Index

Before you install the packages, make sure you add the Opscode GPG key to apt.

Issues downloading from gnupg.net?

If you get an error when trying to download the key that states that the "keyserver timed out", try downloading the key directly from our apt repository instead:

Afterwards you'll also want to run this command again:

Now, we update apt-get with the newly added Opscode repository:

Installing the opscode-keyring package will keep the key up-to-date:

Upgrade Existing Packages

To ensure you are using the latest versions of libraries that chef depends on, you may wish to update your existing packages:

Install the chef-server package

You will be prompted by debconf for the Chef Server URL. Put in a value like "http://chef.example.com:4000". You will also be prompted for the rabbitmq consumer password and the webui admin password. The rabbitmq consumer password MUST NOT be left blank.

This will:

  • Install all the dependencies for Chef Server, including Merb, CouchDB, RabbitMQ, etc.
  • Starts CouchDB (via the couchdb package).
  • Starts RabbitMQ (via the rabbitmq-server package).
  • Start chef-server-api via /etc/init.d/chef-server, running a merb worker on port 4000
  • Start chef-server-webui via /etc/init.d/chef-server-webui, running a merb worker on port 4040
  • Start chef-solr-indexer via /etc/init.d/chef-solr-indexer, connecting to the rabbitmq-server
  • Start chef-solr via /etc/init.d/chef-solr, using the distro package for solr-jetty
  • Start chef-client via /etc/init.d/chef-client
  • Add configuration files in /etc/chef for the client, server, solr/solr-indexer and solo
  • Create all the correct directory paths per the configuration files

If you do not want the webui installed, install the server-api and expander packages separately:

This does the same as above without the chef-server-webui service.

Verify That All Components are Running

Now that you have Chef Server installed, you should have the following processes running.

Name

Listen Port

Example Program Name in ps (Erlang programs truncated)

Chef Server

4000

merb : chef-server (api) : worker (port 4000)

Chef Server WebUI

4040

merb : chef-server-webui : worker (port 4040)

CouchDB

5984

beam.smp -Bd -K true – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -couch_ini /usr/local/etc/couchdb/default.ini /usr/local/etc/couchdb/local.ini -s couch

RabbitMQ

5672

{{beam.smp -W w -K true -A30 – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -s rabbit -sname
rabbit -rabbit tcp_listeners [{"0.0.0.0", 5672}]}}

Chef Solr

8983

/usr/bin/java -Xmx250M -Xms250M -Dsolr.data.dir=/opscode/chef/features/data/solr/data -Dsolr.solr.home=/opscode/chef/features/data/solr/home -jar /opscode/chef/features/data/solr/jetty/start.jar

Chef Expander

none

ruby ./chef-solr/bin/chef-expander -c /etc/chef/solr.rb -l debug

Configure the Command Line Client

Once you've verified that all of Chef's components are working, it's time to configure the knife command line tool. On your Chef Server, run knife configure -i to interactively configure your knife client and create an admin account on the server. You can accept the default responses shown in brackets by pressing <enter>.

First, create the ~/.chef directory and copy the required certificates created by the server.

Certificates Read Only

Presumably you're running this as a normal non-privileged user. When the chef-server-api starts, it creates the validation and webui certificates as read/write only by the user that starts the process (chef).

Next run the knife configure command, and pass the -i flag so the initial client that will be used to authenticate with the API.

API Client creation must use an existing admin client's credentials to create the new account. On a brand new server, the chef-webui is created by chef-server-api startup. Use the default for the clientname, and specify the webui.pem copied above.

The "chef-validator" client is a special account used to auto-register new nodes. Use the default clientname, and specify the validation.pem copied above.

Finally, specify a location for the Chef Repository. This is used to configure knife to point to the directory where Cookbooks will be stored.

Verify Your Knife Client Configuration

You can now run some basic knife commands to verify that you can communicate with the server.

Create a Knife Client for Your Laptop/Desktop

Create Your Client Account

When working with chef, you will spend a lot of time editing recipes and other files, and you'll find it much more convenient to edit them on your laptop/desktop (your management workstation), where you have your editor configured just to your liking. To facilitate this mode of working, we recommend you create a knife client to use knife on your development machine.

Make sure you've configured knife on your chef server as described above before proceeding with this step.

This command creates the client and writes its private key to /tmp/my-username.pem. To verify the operation, use the knife client show command:

Copy Your Key and Configure Knife

Now you need to copy the key you just created to your development machine using scp (or some other file copy mechanism).

In order to use knife on your laptop, you'll need to install the chef-client. If your laptop's OS comes with rubygems (Mac OS X, for example) you can run sudo gem install chef; otherwise, check out the client installation instructions for your OS. Once you have chef installed, you can use knife's interactive configuration on your laptop (note we're not using the -i option here):

Knife looks for its configuration in HOME/.chef/knife.rb by default:

Now, enter your client name, exactly as you did when running knife client create above:

For these next settings, you can accept the defaults for now and update them later by editing your knife.rb file. The validation client name and key are used with knife's cloud computing commands:

We'll also leave the path to the chef repository blank for now. After you've created a chef repository, you'll want to configure it by editing knife.rb

Verify Your Configuration

You can run some list and show commands to verify everything is working:

You're now ready to use Knife Bootstrap to automatically set up systems to become new Chef Clients to the server.

 

 


Installation

 


Installing Chef Client and Chef Solo

 

Labels
  • None

8 Comments

Hide/Show Comments

  1. Oct 21, 2011

    Ivan Storck

    This key 83EF826A is not on keys.gnupg.net

    UPDATED: Must have been a temporary local connection issue

    1. Jun 11, 2012

      Steven Danna

      Including information from your support ticket here so other can see it:

      The needed key does exist on the key server listed in the directions. This can be confirmed with the following:

      Anyone experiencing problems obtaining these keys is encouraged to contact us at www.opscode.com/support. If possible please use gpg's --verbose flag and include any error messages you encounter.

      Thanks!

  2. Aug 24, 2012

    Marcus Bointon

    I found that installing from the Opscode Lucid repo did not install `rabbitmq-server` or `chef-solr` packages. Installing them manually worked ok.

  3. Oct 28, 2012

    Jarret Raim

    A warning. Do not use passwords with special characters in them. The installation scripts of the chef packages don't properly escape and the installation will fail.

  4. Oct 31, 2012

    Sabrina Kavanaugh

    With Ubuntu 12.10 (quantal) we had a problem installing chef-server with dependency conflicts between ruby-yajl and libyajl-ruby. The problem was with the ohai package being pulled from Canonical (using ruby-yajl) instead of opscode (using libyajl-ruby) because the Canonical repo was one rev up(atow, 6.14.0-2 vs 6.14.0-1 in opscode). To work around, you have to install ohai before installing chef and chef-server with the version in the opscode repo (apt-get install ohai=6.14.0-1 ) and also install libohai-ruby1.8(matching ohai version) because installing libohai-ruby doesn't install the needed files. I installed libohai-ruby1.8 after installing chef-server (and having it fail to start) so I don't know if there are other dependencies if you install it before chef, although I would hope that it will still work.

    1. Mar 07, 2013

      Chris Benson

      Sabrina, I followed your instructions (much appreciated), but am having the exact same problem as Jim below.  I'm using Ubuntu Server 12.10 64-bit.  Any suggestions?

  5. Jan 17, 2013

    jim west

    Am not able to install latest version of chef even after following Sabrina's instructions.

    Attempting to run chef-client results in an ohai load error.

    /usr/lib/ruby/vendor_ruby/chef/rest/rest_request.rb:33:in `require': no such file to load -- ohai (LoadError)

    Any ideas?

    OS: Ubuntu Oneiric 11.10 64bit

    1. Mar 07, 2013

      Chris Benson

      Jim, I followed Sabrina's instructions, but am having the exact same problem as you.  I'm using Ubuntu Server 12.10 64-bit.  Did you ever get it sorted?