What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Chef Infrastructure Automation Cookbook Second Edition

Chapter 1. Chef Infrastructure

"What made Manhattan Manhattan was the underground infrastructure, that engineering marvel."
Andrew Cuomo

A well-engineered infrastructure builds the basis for successful companies. In this chapter, we will see how to set up the infrastructure around Chef as the basis of your infrastructure as code. We'll cover the following recipes in this chapter:

Using version control
Installing the Chef development kit on your workstation
Using the hosted Chef platform
Managing virtual machines with Vagrant
Creating and using cookbooks
Inspecting files on your Chef server with knife
Defining cookbook dependencies
Managing cookbook dependencies with Berkshelf
Downloading and integrating cookbooks as vendor branches into your Git repository
Using custom knife plugins
Deleting a node from the Chef server
Developing recipes with local mode
Using roles
Using environments
Freezing cookbooks
Running Chef client as a daemon
Using chef-shell

Using version control

Do you manually back up every file before you change it? And do you invent creative file name extensions such as _me and _you when you try to collaborate a file? If you answer yes to any of these, it's time to rethink your processes.

A version control system (VCS) helps you stay sane when dealing with important files and collaborating with them.

Using version control is a fundamental part of any infrastructure automation. There are multiple solutions (some free, some paid) to manage source version control, including Git, SVN, Mercurial, and Perforce. Due to its popularity among the Chef community, we will be using Git. However, you could easily use any other version control system with Chef.

Note

Don't even think about building your infrastructure as code without using a version control system to manage it!

Getting ready

You'll need Git installed on your local workstation. Either use your operating system's package manager (such as Apt on Ubuntu or Homebrew on OS X), or simply download the installer from www.git-scm.org.

Git is a distributed version control system. This means that you don't necessarily need a central host to store your repositories. However, in practice, using GitHub as your central repository has proven to be very helpful. In this book, I'll assume that you're using GitHub. Therefore, you need to go to www.github.com and create an (free) account to follow the instructions given in this book. Make sure that you upload your Secure Shell (SSH) key by following the instructions at https://help.github.com/articles/generating-ssh-keys, so that you're able to use the SSH protocol to interact with your GitHub account.

As soon as you have created your GitHub account, you should create your repository by visiting https://github.com while you're still logged in and using chef-repo as the repository name.

Make sure you have wget installed on your local workstation, in order to be able to download the required files from public servers.

How to do it...

Before you can write any cookbooks, you need to set up your initial Git repository on your development box. Chef Software, Inc. provides an empty Chef repository to get you started. Let's see how you can set up your own Chef repository with Git, using Chef's skeleton.

Download Chef's skeleton repository as a tarball:

mma@laptop
 $ wget http://github.com/chef/chef-repo/tarball/master
...TRUNCATED OUTPUT...
2014-11-30 22:00:43 (1.30 MB/s) - 'master' saved [9309/9309]

Extract the downloaded tarball:
```
mma@laptop $ tar xzvf master
```

Rename the directory:

mma@laptop:~ $ mv opscode-chef-repo-* chef-repo

Change to your newly created Chef repository:
```
mma@laptop:~ $ cd chef-repo/
```

Initialize a fresh Git repository:

mma@laptop:~/chef-repo $ git init .
Initialized empty Git repository in /Users/mma/work/chef-repo/.git/

Connect your local repository to your remote repository on github.com. Make sure to replace mmarschall with your own GitHub username:
```
mma@laptop:~/chef-repo $ git remote add origin git@github.com:mmarschall/chef-repo.git
```

Configure Git with your user name and e-mail address:

mma@laptop:~/chef-repo $ git config --global user.email "you@example.com"
mma@laptop:~/chef-repo $ git config --global user.name "Your Name"

Add and commit Chef's default directory structure:

mma@laptop:~/chef-repo $ git add .
mma@laptop:~/chef-repo $ git commit -m "initial commit"

[master (root-commit) 6148b20] initial commit
 11 files changed, 545 insertions(+), 0 deletions(-)
 create mode 100644 .gitignore
...TRUNCATED OUTPUT...
create mode 100644 roles/README.md

Push your initialized repository to GitHub. This makes it available to all your co-workers to collaborate on:

mma@laptop:~/chef-repo $ git push -u origin master

...TRUNCATED OUTPUT...
To git@github.com:mmarschall/chef-repo.git
 * [new branch]      master -> master

How it works...

You have downloaded a tarball containing Chef's skeleton repository. Then, you initialized chef-repo and connected it to your own repository on GitHub.

After that, you added all the files from the tarball to your repository and committed them. This makes Git track your files and the changes you make later.

Finally, you pushed your repository to GitHub, so that your co-workers can use your code too.

There's more...

Let's assume you're working on the same chef-repo repository, together with your co-workers. They cloned your repository, added a new cookbook called other_cookbook, committed their changes locally, and pushed their changes back to GitHub. Now, it's time for you to get the new cookbook downloaded on to your own laptop.

Pull your co-workers' changes from GitHub. This will merge their changes into your local copy of the repository. Use the pull subcommand:

mma@laptop:~/chef-repo $ git pull --rebase

From github.com:mmarschall/chef-repo
 * branch            master     -> FETCH_HEAD
...TRUNCATED OUTPUT...
create mode 100644 cookbooks/other_cookbook/recipes/default.rb

In case of any conflicting changes, Git will help you merge and resolve them.

Installing the Chef development kit on your workstation

If you want to use Chef, you'll need to install the Chef development kit (DK) on your local workstation first. You'll have to develop your configurations locally and use Chef to distribute them to your Chef server.

Chef provides a fully packaged version, which does not have any external prerequisites. This fully packaged Chef is called the omnibus installer. We'll see how to use it in this section.

How to do it...

Let's see how to install the Chef DK on your local workstation using Chef's omnibus installer:

Download the Chef DK for your specific workstation platform from https://downloads.chef.io/chef-dk/ and run the installer.

Verify that Chef installed all the required components:

mma@laptop:~ $ chef verify

...TRUNCATED OUTPUT...
Verification of component 'rubocop' succeeded.
Verification of component 'kitchen-vagrant' succeeded.
Verification of component 'chefspec' succeeded.
Verification of component 'berkshelf' succeeded.
Verification of component 'fauxhai' succeeded.
Verification of component 'test-kitchen' succeeded.
Verification of component 'package installation' succeeded.
Verification of component 'chef-dk' succeeded.
Verification of component 'knife-spork' succeeded.
Verification of component 'chef-client' succeeded.

Add the newly installed Ruby to your path:
```
mma@laptop:~ $ echo 'export PATH="/opt/chefdk/embedded/bin:$PATH"' >> ~/.bash_profile && source ~/.bash_profile
```
Note
You may not want to use (and don't have to use) ChefDK's Ruby, especially if you are a Rails Developer.
If you're happily using your Ruby rvm, or rbenv environment, you can continue to do so. Just ensure that the ChefDK-provided applications appear first in your PATH, before any gem-installed versions, and you're good to go.

How it works...

The omnibus installer will download Ruby and all required Ruby gems into /opt/chefdk.

Using the hosted Chef platform

If you want to get started with Chef right away (without the need to install your own Chef server) or want a third party to give you a Service Level Agreement (SLA) for your Chef server, you can sign up for hosted Chef by Chef Software, Inc. Chef Software, Inc. operates Chef as a cloud service. It's quick to set up and gives you full control, using users and groups to control the access permissions to your Chef setup. We'll configure knife, Chef's command-line tool to interact with hosted Chef, so that you can start managing your nodes.

Getting ready

Before being able to use hosted Chef, you need to sign up for the service. There is a free account for up to five nodes.

Visit http://manage.chef.io/signup and register for a free trial or a free account.

I registered as the user webops with an organization short name of awo.

After registering your account, it is time now to prepare your organization to be used with your chef-repo repository.

How to do it...

Carry out the following steps in order to interact with the hosted Chef:

Create the configuration directory for your Chef client on your local workstation:
```
mma@laptop:~/chef-repo $ mkdir .chef
```
Navigate to http://manage.chef.io/organizations. After logging in, you can start downloading your validation keys and configuration file.
Select your organization to be able to see its contents using the web UI.
Regenerate the validation key for your organization and save it as <your-organization-short-name>-validator.pem in the chef directory inside your chef-repo repository.

Generate the knife config and put the downloaded knife.rb into the .chef directory inside your chef-repo directory, as well. Make sure you have downloaded your user's private key from https://www.chef.io/account/password and replace webops with the username you chose for hosted Chef, and awo with the short name you chose for your organization:

current_dir = File.dirname(__FILE__)
log_level                :info
log_location             STDOUT
node_name                "webops"
client_key               "#{current_dir}/webops.pem"
validation_client_name   "awo-validator"
validation_key           "#{current_dir}/awo-validator.pem"
chef_server_url          "https://api.chef.io/organizations/awo"
cache_type               'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
cookbook_path            ["#{current_dir}/../cookbooks"]

Tip

Take a look at the following code:

.chef/*.pem
.chef/encrypted_data_bag_secret

You should add the preceding code to your .gitingore file inside chef-repo to avoid your credentials from ending up in your Git repository.

Use knife to verify that you can connect to your hosted Chef organization. It should only have your validator client, so far. Instead of awo, you'll see your organization's short name:
```
mma@laptop:~/chef-repo $ knife client list
awo-validator
```

How it works...

Hosted Chef uses two private keys (called validators):

one for the organization
one for every user.

You need to tell knife where it can find these two keys in your knife.rb file.

The following two lines of code in your knife.rb file tell the knife about which organization to use and where to find its private key. The validation_key is used to allow new clients to authenticate the Chef server before getting their own Client key:

validation_client_name   "awo-validator"
validation_key           "#{current_dir}/awo-validator.pem"

The following line of code in your knife.rb file tells the knife where to find your users' private key. It is used by your local workstation to authenticate the Chef server:

client_key               "#{current_dir}/webops.pem"

Also, the following line of code in your knife.rb file tells knife that you are using hosted Chef. You will find your organization name as the last part of the URL:

chef_server_url          "https://api.chef.io/organizations/awo"

Using the knife.rb file and your two validators knife, you can now connect to your organization hosted by Chef Software, Inc.

You do not need your own self-hosted Chef server, nor do you need to use Chef client local mode in this setup.

There's more...

This setup is good for you if you do not want to worry about running, scaling, and updating your own Chef server and if you're happy with saving all your configuration data in the Cloud (under the control of Chef Software, Inc.).

Note

If you need to have all your configuration data within your own network boundaries, you can install Chef server on premises by choosing "ON PREMISES CHEF" at https://www.chef.io/chef/choose-your- version/ or install the Open Source version of Chef server directly from GitHub at https://github.com/chef/chef.

This book is for system engineers and administrators who have a fundamental understanding of information management systems and infrastructure. It helps if you've already played around with Chef; however, this book covers all the important topics you will need to know. If you don't want to dig through a whole book before you can get started, this book is for you, as it features a set of independent recipes you can try out immediately.

What you will learn

Set up your local development and testing environment for Chef

Debug your cookbooks and Chef runs by using the numerous inspection and logging facilities of Chef

Drive your cookbooks from external data or nodespecific attributes

Manage and scale your cloud infrastructure by automating your configuration management

Extend Chef to meet your advanced needs by creating custom plugins for knife and Ohai

Test your Chef cookbooks and infrastructure by writing examples

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Frequently bought together

€36.99

Chef Infrastructure Automation Cookbook Second Edition

€36.99

Total € 73.98

Filter reviews by

All

Amazon verified reviews

Michael Aug 08, 2015

I really like this book so far. I was concerned that the recipe format would not be best for a beginner but it has great step-by-step guides in here that will bring you up to speed quickly. Highly recommend for those just learning Chef.

Amazon Verified review

John D. Aug 09, 2015

It helps to have a basic understanding of how Chef works before this book is really valuable, and this book could be summed up as chapters full of bite-sized mini-HOWTOs that help you get from basic knowledge to really knowing your way around.I use Chef a lot, and really enjoyed reading the first edition of this book, and I hadn't used Chef a whole ton back then. Upon reading the second edition, I'm still able to have some "a-ha" moments, and further my understanding. Another great way to think about this book is a substitute for the Chef documentation - it's a great cheat sheet for some of the most common tasks you'll perform.Some of the only quirks (should only impact novice to intermediate users):- the lack of visual representations, but this will matter a lot less if you have some experience- the mini-HOWTO (my description) sections have 'how it works' subsections at the end - you may want to skip ahead if things don't make sense- it would also really help to have a basic understanding of git and vagrant before startingSide note: this is in the upper 5% of Packt Publishing books I've readTL;DR: a must-have resource for any Chef user, and the only books that compare in any way are the O'Reilly books on Chef

Antonio Dec 22, 2015

Very helpful reading. I have worked with Ansible an Salt before and this book got me up to speed with Chef. Of course, it's not deeply elaborating specific points but if you already have knowledge of configuration management this will help you to catch up quickly.

Jean Remy Aug 05, 2015

This book has a lot of great examples which helped me tremendously testing some of the recipes. As an intermediate user it was fairly easy to work my way through the chapters. However, this book is not for a novice user since it does not have a lot of diagrams to explain visually the overall intent of each recipes.

Matthew Dresden Dec 21, 2016

This is too far out of date to be of any practical use, but unfortunately this is the case for all Chef books.Chefs docs and Github are the only place worth looking at, plus someone who already knows chef.It would otherwise be a very long painful process to real use chef appropriately.It advises against wrapping, which is now the standard.

Chef Infrastructure Automation Cookbook Second Edition: Over 80 recipes to automate your cloud and server infrastructure with Chef and its associated toolset

What do you get with a Packt Subscription?

Chef Infrastructure Automation Cookbook Second Edition

Chapter 1. Chef Infrastructure

Introduction

Using version control

Note

Getting ready

How to do it...

How it works...

There's more...

See also

Installing the Chef development kit on your workstation

How to do it...

Note

How it works...

See also

Using the hosted Chef platform

Getting ready

How to do it...

Tip

How it works...

There's more...

Note

See also

Page 1 of 19

Description

What you will learn

Product Details

What do you get with a Packt Subscription?

Product Details

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

Filter reviews by

People who bought this also bought

About the author

FAQs

Chef Infrastructure Automation Cookbook Second Edition: Over 80 recipes to automate your cloud and server infrastructure with Chef and its associated toolset

What do you get with a Packt Subscription?

Note

Tip

Description

What you will learn

Product Details

What do you get with a Packt Subscription?

Product Details

Packt Subscriptions

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

Filter reviews by

People who bought this also bought

About the author

FAQs