These instructions use the Opscode APT repository. Opscode maintains the packages on this APT repo, as well as the packages that get included in Debian and Ubuntu's repositories. Supported distribution releases with codenames and components.
|
Add the Opscode APT Repository
Create /etc/apt/sources.list.d/opscode.list.
Replace codename with the distribution codename per the list at the top of this page, or in distribution configuration (canonical straight from the repo). If you would like to be able to download source packages, add a deb-src line.
Copy and paste one-liner for Ubuntu 10.04 (packges only, no sources), e.g.:
Add the GPG Key and Update Index
Before you install the packages, make sure you add the Opscode GPG key to apt.
RubyGems Note
The libchef-ruby1.8 package now depends on RubyGems to make use of the gem_package resource. Because Chef loads all providers when it runs, and that provider requires the rubygems library, Chef will probably fail noisily if rubygems is not available.
You're not required to use RubyGems at all, it just has to be installed.
Install a Server
Install everything to get a nice chef-server up and running with both the API and WebUI (chef-server is a metapackage).
You will be prompted by debconf for the Chef Server URL. Put in a value like "http://chef.example.com:4000". You will also be prompted for the rabbitmq consumer password and the webui admin password.
This will:
- Install all the dependencies for Chef Server, including Merb, CouchDB, RabbitMQ, etc.
- Starts CouchDB (via the couchdb package).
- Starts RabbitMQ (via the rabbitmq-server package).
- Start chef-server-api via /etc/init.d/chef-server, running a merb worker on port 4000
- Start chef-server-webui via /etc/init.d/chef-server-webui, running a merb worker on port 4040
- Start chef-solr-indexer via /etc/init.d/chef-solr-indexer, connecting to the rabbitmq-server
- Start chef-solr via /etc/init.d/chef-solr, using the distro package for solr-jetty
- Start chef-client via /etc/init.d/chef-client
- Add configuration files in /etc/chef for the client, server, solr/solr-indexer and solo
- Create all the correct directory paths per the configuration files
If you do not want the webui installed, install the chef-server-api package only.
This does the same as above sans the webui service.
Verify That All Components are Running
Now that you have Chef Server installed, you should have the following processes running.
| Name | Listen Port | Example Program Name in ps (Erlang programs truncated) |
|---|---|---|
| Chef Server | 4000 | merb : chef-server (api) : worker (port 4000) |
| Chef Server WebUI | 4040 | merb : chef-server-webui : worker (port 4040) |
| CouchDB | 5984 | beam.smp -Bd -K true – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -couch_ini /usr/local/etc/couchdb/default.ini /usr/local/etc/couchdb/local.ini -s couch |
| RabbitMQ | 5672 | beam.smp -W w -K true -A30 – -root /usr/local/lib/erlang -progname erl – -noshell -noinput -s rabbit -sname rabbit -rabbit tcp_listeners [{"0.0.0.0", 5672}] |
| Chef Solr | 8983 | /usr/bin/java -Xmx250M -Xms250M -Dsolr.data.dir=/opscode/chef/features/data/solr/data -Dsolr.solr.home=/opscode/chef/features/data/solr/home -jar /opscode/chef/features/data/solr/jetty/start.jar |
| Chef Solr Indexer | none | ruby ./chef-solr/bin/chef-solr-indexer -c /etc/chef/solr.rb -l debug |
Configure the Command Line Client
Once you've verified that all of Chef's components are working, it's time to configure the knife command line tool. On your Chef Server, run knife configure -i to interactively configure your knife client and create an admin account on the server. You can accept the default responses by pressing <enter>.
A client is like a user, except it has a RSA private key instead of a password. What you're picking here is the username for the client you're creating:
knife configure -i has to use an existing admin client's credentials to create your account. On a brand new server, the Web UI is the only admin client. So just use the defaults here:
The "chef-validator" client is a special account used to auto-register new nodes. The defaults should be fine here.
Verify Your Knife Client Configuration
You can now run some basic knife commands to verify that you can communicate with the server:
Create a Knife Client for Your Laptop/Desktop
Create Your Client Account
When working with chef, you will spend a lot of time editing recipes and other files, and you'll find it much more convenient to edit them on your laptop/desktop, where you have your editor configured just to your liking. To facilitate this mode of working, we recommend you create a knife client to use knife on your development machine.
Make sure you've configured knife on your chef server as described above before proceeding with this step.
This command creates the client and writes its private key to /tmp/my-username.pem. To verify the operation, use the knife client show command:
Copy Your Key and Configure Knife
Now you need to copy the key you just created to your development machine using scp (or some other file copy mechanism).
In order to use knife on your laptop, you'll need to install the chef-client. If your laptop's OS comes with rubygems (Mac OS X, for example) you can run sudo gem install chef; otherwise, check out the client installation instructions for your OS. Once you have chef installed, you can use knife's interactive configuration on your laptop (note we're not using the -i option here):
Knife looks for its configuration in HOME/.chef/knife.rb by default:
Now, enter your client name, exactly as you did when running knife client create above:
For these next settings, you can accept the defaults for now and update them later by editing your knife.rb file. The validation client name and key are used with knife's cloud computing commands:
We'll also leave the path to the chef repository blank for now. After you've created a chef repository, you'll want to configure it by editing knife.rb
Verify Your Configuration
You can run some list and show commands to verify everything is working:
Next Steps
Now that you have a working Chef installation, it's time to start configuring your infrastructure:
- Read up on Chef's concepts and terminology
- Get a repository to organize your work
- Learn how to write cookbooks
Client Installation
Install just a client. This is also applicable if you're planning to run chef-solo or use knife on a local system.
You will be prompted for the Chef Server URL. If you are using the Opscode Platform, use your organization Chef Server URL, e.g., "https://api.opscode.com/organizations/ORGNAME". If you installed a local Chef Server, put in the value for your Chef Server's FQDN, e.g., "http://chef.example.com:4000".
Upon installation, this will:
- Install all the dependencies for Chef as a client.
- Start chef-client via /etc/init.d/chef-client.
- Add configuration files in /etc/chef for the client, server and indexer.
If you are planning to run chef-solo or use just knife, you can stop and disable the chef-client service. The configuration file for chef-solo is /etc/chef/solo.rb.
Install Supporting Packages
The following packages are not required to run the chef-client or chef-solo, and optional.
- libopenssl-ruby - if the chef-server has SSL (like the Opscode Platform), this is required.
- ruby-dev and build-essential - required to build gems that have native extensions from source with gem_package
Configuration
You may wish to take a look at the configuration files and see if they meet your needs, or modify for your environment. The files are commented, and located in /etc/chef (*.rb in that directory).
Next you'll probably want to set up a local repository to store configuration for your infrastructure.
 | Chef Bootstrap Cookbook The chef::bootstrap recipes are not needed for package installations of Chef. The packaging handles all the tasks of the bootstrap. You may wish to manage the Chef configuration for your nodes, which can be accomplished with the Opscode Chef Cookbook |