Multiple chef environments

Well, this is a little bit strange, but in opscode website, it’s not really clear how to configure your chef client to access multiple servers.

Not only that this is possible and more then just nice to have, in many cases, it’s essential:

  1. You might manage multiple servers
  2. You don’t want to create a knife file in a privileged directory
  3. You want to test a client configuration

To make it happen:

In any folder that you wish to create chef access, just create a .chef sub folder. ingredients for this folder are:

  1. knife.rb file.
  2. public and private key files (you get these from the chef server).

note that you need to set your permissions in the server, and most likely to have an admin access if you want the new user to be able to create/delete nodes.

 

Installing chef gems

This might sounds strange, but your regular gem location is not the location that chef is using. This is important in case you are trying to install any knife plugins, where regular gem just won’t work.

The usual location is:/opt/chef/embedded/bin/gem , but you might have it some place else. Generally, look for gem|chef|more, and this should do the trick.

Configuring chef

This article is about Ubuntu in all the machines used, client, server and node.

Node: target server – has nothing, we want to put some services on that

Server:  a chef server we will use to set up nodes

Client: our local machine that controls and produces content for the chef server. Runs knife, which is the chef tool

  1. Download and install chef server package from ops code. link: http://www.getchef.com/chef/install/ make sure you use the server version and not the client. For now it is up to 12.10 although Ubuntu server is already  version 1310. The login information is
    Username admin
    Password p@ssw0rd1

    source: http://docs.opscode.com/chef/manage_server_open_source.html

  2. On the same link, under client, download and install the client software, this time under client tab.
  3. Now you have the client installed. run knife –version to see that knife is installed (will return chef:xx.x.x) or a similar format
  4. login to the chef server you created, get the private keys for both the admin (or create an admin user, but you’ve already have one) and the chef-validator client (user is not a client). you need the private keys, so you must re-generate these. It is under edit. make sure you copy that pem text data, it will not be available again (but you can create a new one in the same way).
  5. Then configure knife, use http://www.getchef.com/blog/2013/03/11/chef-11-server-up-and-running/
  6. To set-up keys for the server, use this link (not needed if you are using a password)
  7. to run knife on the remote node run: knife bootstrap FQDN –sudo -x USERNAME -P PASSWORD -N NODENAME. This should connect, install and configure the remote (or virtual) node with all the information needed.
  8. To do this on ec2, you have no password, so a key must be used!
  9. Check your server->nodes it should be up there (in the default) environment
  10. Next, you must set a server FQDN. to do that:
    1. Edit /etc/hostname, to e.g. yourhost.dyndns.org
    2. Run: hostname -F /etc/hostname
    3. IP addresses are acceptable
  11. To create a cookbook named apache,  user knife cookbook create apache.
  12. to push use knife cookbook upload [name]

Possible errors:

  1. Too many authentication failures for XXX if you have too many ssh keys in your ssh dir (might happen…).
  2. Agent admitted failure to sign using the key. (Usually after error 1 was fixed by deleting all the keys) type ssh-add, this should fix this.
  3. ERROR: TypeError: can’t convert nil into String – (on ubuntu) solved by using the -o flag with a dir name to store the cookbook. This is usually a hack meaning there is something wrong with your configuration file, knife.rb.