getting started with opscode's chef
i am mostly writing this to document how i went about getting started with chef. in the past i've use puppet for configuration management across servers but because a coworker of mine uses chef on some of the servers, i thought i would, too.
so, mostly i've been sitting looking at how-to's and quickstart guides. nothing really caught my eye. the goal i thought i wanted was to create a chef-server from which everything would be pulled/pushed/etc acting as the main brains. but i will probably just use opscode's managed server which might make my life a lot easier. so let's get started.
first steps
following the quickstart guide, i installed ruby on my arch linux laptop. this is the machine from which i'll be using to knife everything. after installing ruby, i made sure gem was updated by running sudo gem update --system
and verifying the version. now i'm at the point where i want to figure out how to get chef to provision a new server on my ec2 stuff.
after moving the files required by chef into .chef
, i installed knife-ec2 with gem install knife-ec2
and added my aws credentials to .chef/knife.rb
with the following information:
knife[:aws_access_key_id] = "..." knife[:aws_secret_access_key] = "........."now
knife ec2 server list
shows me the instances i have running.
now i tested whether i could create a node and provision it with knife. i installed a couple cookbooks, chef-client and ubuntu, using the following command:
$ knife cookbook site install chef-client $ knife cookbook site install ubuntui actually just ended up removing the entire cookbook directory and cloning the opscode repo of cookbooks and then uploaded those:
$ knife cookbook upload -aand launched my instance with the following command:
$ knife ec2 server create "role[ubuntu],role[chef-client]" -I ami-1aad5273 -f t1.micro -S optimus-fs --ssh-user ubuntu --region us-east-1i guess everything is working, but when i look at
knife show node
, i don't see the roles i created. but i think that was because i didn't actually create roles, so none of those recipes were run. there are a few recipes i do want to run, so we'll do that.
figuring out cookbooks, recipes, and roles
so now i have to figure out how to create a cookbook of recipes that i need to provision one of my servers. i have a few different types, but the 3 main servers i have are tomcat web apps, php web apps on apache, and mysql database servers.
there are also a couple of things i need on every machine i create and that is the ssh keys of the admins. this shouldn't be necessary since using ec2 my plan is to kill unruly instances, but it will be a good exercise in getting to know cookbooks and recipes.
so, there are a few packages i know i want to install, users, sudo, and ubuntu (because i'm using ubuntu, so why not?). these will comprise my 'base' role that every machine i have will run.
because the users cookbook gets its users from the users data bag, i created my user with this command knife data bag create users ren
and pasted
{ "id": "ren", "groups": "sysadmin", "ssh-keys": "ssh-rsa AA...RP ren@banana" }so far so good. REMEMBER, you need to upload your roles, so issue
$ rake rolesbefore trying to continue.
i started editing the role from knife, knife role create base
. i added stuff like "recipe[users]", "recipe[sudo]", "recipe[ubuntu]"
to the list. so now i'm retrying the command i used earlier to provision a server,
$ knife ec2 server create "role[base]" -I ami-1aad5273 -f t1.micro -S optimus-fs --ssh-user ubuntu --region us-east-1and seeing how it goes.
to be continued...