A key element in any Continuous Integration and Continuous Deployment strategy is the automation of infrastructure and application deployment. Over the past few years a discipline called "DevOps" has arisen around this philosophy, driven by the availability of automation tooling, such as Puppet from Puppet Labs and Chef from the company of the same name. Being able to codify how infrastructure is setup and how applications are deployed in a repeatable and immutable manner allows for a much higher velocity process without introducing the fallible human element. In other words, let the computers do what they do best.
We are going to install the Chef Server and Chef Client/Workstation; together these comprise the management, control, and authoring systems for Chef. Once you have these servers up and running we will create a Chef Node and initialize it to the server.
Note that we are going to be running these systems (Server, Client/Workstation, and Node) on separate servers (so you will end up provisioning 3 CenturyLink Cloud servers). We want to be running on a modern OS, so lets create these CenturyLink Cloud servers and bring the Ubuntu OS up to the latest version. Instructions for doing this are here.
Installing the Chef Server
Select the server you have chosen to be the Chef Server and login as root. We are going to set up a Chef version 11.1.4 server, you can check to see if there are newer deb packages and substitute the package name where appropriate. Also, since we are not setting up DNS, we will use the public IP as the FQDN to identify the Chef Server and Client/Workstation.
$ hostname **[Public IP]** $ wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.1.4-1_amd64.deb $ sudo dpkg -i chef-server_11.1.4-1_amd64.deb $ sudo chef-server-ctl reconfigure
Pull up your browser and point it to https://[public ip]. If you get a certificate error don't worry, just indicate you want to continue.You will see the Chef Server logon screen (as below). At this point we have successfully installed the Chef Server and next will install the Chef Client/Workstation.
Installing the Chef Client/Workstation
Next, select the server you want to install the Client/Workstation on, and login as root. We need to first grab
$ apt-get install git
Then, install Chef:
$ curl -L https://www.opscode.com/chef/install.sh | bash
And that's all there is to installing the Client/Workstation. Check that everything is OK by running a validation:
$ chef-client -v
You will get the version string of the installed version of Chef back.
Create the Chef repo
The Chef Client/Workstation is the primary interface to the Chef system, and will contain a local copy of the repository. In order to create the local repo:
$ cd ~ $ git clone git://github.com/opscode/chef-repo.git
Configure the client
In order to start using the Client/Workstation we need to set the local system variables and then configure the client to talk to the Chef Server. First, let's configure the local system vars:
$ cd chef-repo $ mkdir -p ~/chef-repo/.chef $ echo '.chef' >> .gitignore $ echo 'export PATH="/opt/chef/embedded/bin:$PATH"' >> ~/.bash_profile && source ~/.bash_profile $ cd ~/chef-repo/.chef
In order to securely contact and interact with the server we need the private keys for two accounts: admin and chef-validator. These are located on the server we created earlier, to fetch them we will use scp and connect to the server using its private IP.
$ scp root@**[Server private IP]**:/etc/chef-server/admin.pem . $ scp root@**[Server private IP]**:/etc/chef-server/chef-validator.pem .
The primary client program is called knife, we now need to create a knife configuration file. Start by:
$ knife configure --initial
Work through the questions, using the private IP of the server when asked for the server URL. Your screen should look like this when you are done:
Finally, make sure your Client/Workstation is installed and can talk to the server:
$ knife client list
Should return: chef-validator chef-ui
$ knife user list
Should return: admin knife
Installing the Chef Node
The final piece of the Chef configuration is the Chef Node. This is the server that will be deploying and running the code as specified by the appropriate run lists, cookbooks, and recipes. This process is very similar to setting up the Workstation. First, install Chef:
$ curl -L https://www.opscode.com/chef/install.sh | bash $ mkdir /etc/chef $ cd /etc/chef
Copy the chef-validator.pem key from the Chef Server:
$ scp root@**[Server private IP]**:/etc/chef-server/chef-validator.pem .
Register your Node with the Server:
$ chef-client -S https://**[Server private IP]**:443 -K /etc/chef/chef-validator.pem
Create a client.rb file in /etc/chef (using vi or your favorite editor) and add the following:
log_level :info log_location STDOUT chef_server_url 'https://**[Server private IP]**:443′
Finally, validate your Chef Node installation:
You should see a response that looks like:
You now have a working 3 server Chef installation running on the CenturyLink Cloud. The next steps will be to create cookbooks for your Chef Node and deploy them using the chef-client. An excellent resource to getting started is the Chef Supermarket, a large collection of cookbooks and recipes that have already been vetted by the Chef community.