Installing using native Ubuntu or Debian ensures that Chef is installed in the same way as other software on your system.
These instructions use the Opscode APT repository for installing Chef 10. Opscode maintains the packages in this APT repo, as well as the packages that get included in Debian and Ubuntu's repositories.
The following distributions are supported within the Opscode APT repository:
Installing chef-server using the Opscode provided packages for Debian and Ubuntu requires that you:
The following sections take you through each of these steps in detail.
Add the Opscode APT Repository
If you would like to be able to download source packages, add an additional identical line, but change
You can copy and paste these examples to create the necessary sources.list entry:
Debian users will likely need to run 'apt-get install sudo wget lsb-release' as root before pasting the examples.
Add the GPG Key and Update Index
Before you install the packages, make sure you add the Opscode GPG key to apt.
Now, we update apt-get with the newly added Opscode repository:
Installing the opscode-keyring package will keep the key up-to-date:
Upgrade Existing Packages
To ensure you are using the latest versions of libraries that chef depends on, you may wish to update your existing packages:
Install the chef-server package
You will be prompted by debconf for the Chef Server URL. Put in a value like "http://chef.example.com:4000". You will also be prompted for the rabbitmq consumer password and the webui admin password. The rabbitmq consumer password MUST NOT be left blank.
If you do not want the webui installed, install the server-api and expander packages separately:
This does the same as above without the chef-server-webui service.
Verify That All Components are Running
Now that you have Chef Server installed, you should have the following processes running.
Configure the Command Line Client
Once you've verified that all of Chef's components are working, it's time to configure the knife command line tool. On your Chef Server, run
First, create the ~/.chef directory and copy the required certificates created by the server.
Next run the
API Client creation must use an existing admin client's credentials to create the new account. On a brand new server, the
The "chef-validator" client is a special account used to auto-register new nodes. Use the default clientname, and specify the validation.pem copied above.
Verify Your Knife Client Configuration
You can now run some basic knife commands to verify that you can communicate with the server.
Create a Knife Client for Your Laptop/Desktop
Create Your Client Account
When working with chef, you will spend a lot of time editing recipes and other files, and you'll find it much more convenient to edit them on your laptop/desktop (your management workstation), where you have your editor configured just to your liking. To facilitate this mode of working, we recommend you create a knife client to use knife on your development machine.
Make sure you've configured knife on your chef server as described above before proceeding with this step.
This command creates the client and writes its private key to
Copy Your Key and Configure Knife
Now you need to copy the key you just created to your development machine using scp (or some other file copy mechanism).
In order to use knife on your laptop, you'll need to install the chef-client. If your laptop's OS comes with rubygems (Mac OS X, for example) you can run
Knife looks for its configuration in
Now, enter your client name, exactly as you did when running
For these next settings, you can accept the defaults for now and update them later by editing your knife.rb file. The validation client name and key are used with knife's cloud computing commands:
We'll also leave the path to the chef repository blank for now. After you've created a chef repository, you'll want to configure it by editing knife.rb
Verify Your Configuration
You can run some
You're now ready to use Knife Bootstrap to automatically set up systems to become new Chef Clients to the server.