Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Chef Infrastructure Automation Cookbook Second Edition

You're reading from   Chef Infrastructure Automation Cookbook Second Edition Over 80 recipes to automate your cloud and server infrastructure with Chef and its associated toolset

Arrow left icon
Product type Paperback
Published in May 2015
Publisher
ISBN-13 9781785287947
Length 278 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Matthias Marschall Matthias Marschall
Author Profile Icon Matthias Marschall
Matthias Marschall
Arrow right icon
View More author details
Toc

Table of Contents (9) Chapters Close

Preface 1. Chef Infrastructure FREE CHAPTER 2. Evaluating and Troubleshooting Cookbooks and Chef Runs 3. Chef Language and Style 4. Writing Better Cookbooks 5. Working with Files and Packages 6. Users and Applications 7. Servers and Cloud Infrastructure Index

Using the hosted Chef platform

If you want to get started with Chef right away (without the need to install your own Chef server) or want a third party to give you a Service Level Agreement (SLA) for your Chef server, you can sign up for hosted Chef by Chef Software, Inc. Chef Software, Inc. operates Chef as a cloud service. It's quick to set up and gives you full control, using users and groups to control the access permissions to your Chef setup. We'll configure knife, Chef's command-line tool to interact with hosted Chef, so that you can start managing your nodes.

Getting ready

Before being able to use hosted Chef, you need to sign up for the service. There is a free account for up to five nodes.

Visit http://manage.chef.io/signup and register for a free trial or a free account.

I registered as the user webops with an organization short name of awo.

After registering your account, it is time now to prepare your organization to be used with your chef-repo repository.

How to do it...

Carry out the following steps in order to interact with the hosted Chef:

  1. Create the configuration directory for your Chef client on your local workstation:
    mma@laptop:~/chef-repo $ mkdir .chef
    
  2. Navigate to http://manage.chef.io/organizations. After logging in, you can start downloading your validation keys and configuration file.
  3. Select your organization to be able to see its contents using the web UI.
    How to do it...

    Regenerate the validation key for your organization and save it as <your-organization-short-name>-validator.pem in the chef directory inside your chef-repo repository.

    How to do it...
  4. Generate the knife config and put the downloaded knife.rb into the .chef directory inside your chef-repo directory, as well. Make sure you have downloaded your user's private key from https://www.chef.io/account/password and replace webops with the username you chose for hosted Chef, and awo with the short name you chose for your organization:
    current_dir = File.dirname(__FILE__)
    log_level                :info
    log_location             STDOUT
    node_name                "webops"
    client_key               "#{current_dir}/webops.pem"
    validation_client_name   "awo-validator"
    validation_key           "#{current_dir}/awo-validator.pem"
    chef_server_url          "https://api.chef.io/organizations/awo"
    cache_type               'BasicFile'
    cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
    cookbook_path            ["#{current_dir}/../cookbooks"]

    Tip

    Take a look at the following code:

    .chef/*.pem
    .chef/encrypted_data_bag_secret

    You should add the preceding code to your .gitingore file inside chef-repo to avoid your credentials from ending up in your Git repository.

  5. Use knife to verify that you can connect to your hosted Chef organization. It should only have your validator client, so far. Instead of awo, you'll see your organization's short name:
    mma@laptop:~/chef-repo $ knife client list
    awo-validator
    

How it works...

Hosted Chef uses two private keys (called validators):

  • one for the organization
  • one for every user.

You need to tell knife where it can find these two keys in your knife.rb file.

The following two lines of code in your knife.rb file tell the knife about which organization to use and where to find its private key. The validation_key is used to allow new clients to authenticate the Chef server before getting their own Client key:

validation_client_name   "awo-validator"
validation_key           "#{current_dir}/awo-validator.pem"

The following line of code in your knife.rb file tells the knife where to find your users' private key. It is used by your local workstation to authenticate the Chef server:

client_key               "#{current_dir}/webops.pem"

Also, the following line of code in your knife.rb file tells knife that you are using hosted Chef. You will find your organization name as the last part of the URL:

chef_server_url          "https://api.chef.io/organizations/awo"

Using the knife.rb file and your two validators knife, you can now connect to your organization hosted by Chef Software, Inc.

You do not need your own self-hosted Chef server, nor do you need to use Chef client local mode in this setup.

There's more...

This setup is good for you if you do not want to worry about running, scaling, and updating your own Chef server and if you're happy with saving all your configuration data in the Cloud (under the control of Chef Software, Inc.).

Note

If you need to have all your configuration data within your own network boundaries, you can install Chef server on premises by choosing "ON PREMISES CHEF" at https://www.chef.io/chef/choose-your- version/ or install the Open Source version of Chef server directly from GitHub at https://github.com/chef/chef.

See also

You have been reading a chapter from
Chef Infrastructure Automation Cookbook Second Edition
Published in: May 2015
Publisher:
ISBN-13: 9781785287947
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image