Getting Started with Chef on AWS

This is a guest post from 47Line Technologies

As explained in the last blog post, Chef comprises of three main elements – a server, one or more nodes, and at least one workstation.

  • The server acts as a hub that is available to every node. All chef-client nodes will be registered with the server. The server holds all the cookbooks, recipes and policies. Clients communicate with the server to get the right configuration elements from the server and apply it to the nodes.
  • The workstation is the development machine from which configuration elements like cookbooks, recipes and policies are defined. Configuration elements are synchronized with the chef-repo and uploaded to the server with knife command.
  • Nodes contain chef-client which performs all the infrastructure automation.

In this blog post, we will set up

  • Chef server on an AWS EC2 Ubuntu instance
  • Workstation on an AWS ECS Ubuntu instance

Chef Server Installation on Amazon EC2 Ubuntu 12.04

Download the Chef server from the main website, and select the appropriate package as shown below
Installing Chef server
Launch an instance of Ubuntu Server 12.04 LTS (PV) – ami-3c39686e (64-bit) in your AWS account and SSH to the server with the key file and username ubuntu

# switch to home folder
cd ~
# Download the Chef Server Package
wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.10-1.ubuntu.12.04_amd64.deb
# Install the Chef Server
sudo dpkg -i chef-server*
# reconfigure the service for your machine
sudo chef-server-ctl reconfigure

After the above step, you can access the web interface by typing https:// from your browser. Because the SSL certificate is signed by an authority not recognized by your browser, you will get a warning. Click on the “Proceed anyway” button. Ensure port 443 is open in the security group associated with the server.

Login with the default admin credentials

username: admin
password: p@ssw0rd1

Kindly change the default password immediately after logging in for the first time!

Setting up the Workstation

The first step in setting up the workstation is to install git or any other VCS of your choice. Chef community heavily uses git.

sudo apt-get update
sudo apt-get install git
# Download and run the client installation script from the Chef website.
curl -L https://www.opscode.com/chef/install.sh | sudo bash

The Chef package is now installed. The next step is to clone the chef-repo skeleton directory.

cd ~
git clone https://github.com/opscode/chef-repo.git

This will create a directory called chef-repo in your home directory. This is where the entire configuration will be contained.
Create a .chef directory inside chef-repo to save the authentication and configuration files.

mkdir ~/chef-repo/.chef


Login to the Chef Server (https://<<ElasticIP of the Chef Server>>) with the admin credentials.
Click on the “Clients” tab in the top navigation bar.
Chef Clients
Click on the “Edit” button associated with the chef-validator client. Regenerate the private key by selecting that check box and clicking “Save Client”
Chef-Validator
Copy the private key and save it in the chef-validator.pem file in ~/chef-repo/.chef directory.

Similarly Click on the Users tab in the Navigation bar, Click on the Edit hyperlink associated with admin user and regenerate the private key.

Copy the private key and save it in admin.pem file in ~/chef-repo/.chef directory
Chef Edit User
Next step is to configure the knife command

Knife is a command-line tool that provides an interface between a local chef-repo and the Chef server. Knife helps provisioning resources, manage recipes/cookbooks, nodes & more.

knife configure –initial

The command will prompt you for the path to pem files, server URL, username and password.

Add the .chef directory to be ignored in the .gitignore list.

Setup your email and name with git and add the ruby embedded with chef path to PATH variable.

To ensure everything is fine, run the “knife user list” command. It will list all the users.

In the next blog, we will look into bootstrapping EC2 instances with Chef.

Avatar

Written by

47Line Technologies

47Line is building solutions solving critical business problems using “cloud as the backbone”. The team has been working in Cloud Computing domain for last 6 years and have proven thought leadership in Cloud, Big Data technologies.


Related Posts

Albert Qian
Albert Qian
— November 13, 2019

Advantages and Disadvantages of Microservices Architecture

What are microservices? Let's start our discussion by setting a foundation of what microservices are. Microservices are a way of breaking large software projects into loosely coupled modules, which communicate with each other through simple Application Programming Interfaces (APIs). ...

Read more
  • AWS
  • Docker
  • Kubernetes
  • Microservices
Nisar Ahmad
Nisar Ahmad
— November 12, 2019

Kubernetes Services: AWS vs. Azure vs. Google Cloud

Kubernetes is a popular open-source container orchestration platform that allows us to deploy and manage multi-container applications at scale. Businesses are rapidly adopting this revolutionary technology to modernize their applications. Cloud service providers — such as Amazon Web Ser...

Read more
  • AWS
  • Azure
  • Google Cloud
  • Kubernetes
Avatar
Stuart Scott
— October 31, 2019

AWS Internet of Things (IoT): The 3 Services You Need to Know

The Internet of Things (IoT) embeds technology into any physical thing to enable never-before-seen levels of connectivity. IoT is revolutionizing industries and creating many new market opportunities. Cloud services play an important role in enabling deployment of IoT solutions that min...

Read more
  • AWS
  • AWS IoT Events
  • AWS IoT SiteWise
  • AWS IoT Things Graph
  • IoT
Avatar
Cloud Academy Team
— October 23, 2019

Which Certifications Should I Get?

As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...

Read more
  • AWS
  • Azure
  • Certifications
  • Cloud Computing
  • Google Cloud Platform
Valery Calderón Briz
Valery Calderón Briz
— October 22, 2019

How to Go Serverless Like a Pro

So, no servers? Yeah, I checked and there are definitely no servers. Well...the cloud service providers do need servers to host and run the code, but we don’t have to worry about it. Which operating system to use, how and when to run the instances, the scalability, and all the arch...

Read more
  • AWS
  • Lambda
  • Serverless
Avatar
Stuart Scott
— October 16, 2019

AWS Security: Bastion Hosts, NAT instances and VPC Peering

Effective security requires close control over your data and resources. Bastion hosts, NAT instances, and VPC peering can help you secure your AWS infrastructure. Welcome to part four of my AWS Security overview. In part three, we looked at network security at the subnet level. This ti...

Read more
  • AWS
Avatar
Sudhi Seshachala
— October 9, 2019

Top 13 Amazon Virtual Private Cloud (VPC) Best Practices

Amazon Virtual Private Cloud (VPC) brings a host of advantages to the table, including static private IP addresses, Elastic Network Interfaces, secure bastion host setup, DHCP options, Advanced Network Access Control, predictable internal IP ranges, VPN connectivity, movement of interna...

Read more
  • AWS
  • best practices
  • VPC
Avatar
Stuart Scott
— October 2, 2019

Big Changes to the AWS Certification Exams

With AWS re:Invent 2019 just around the corner, we can expect some early announcements to trickle through with upcoming features and services. However, AWS has just announced some big changes to their certification exams. So what’s changing and what’s new? There is a brand NEW ...

Read more
  • AWS
  • Certifications
Alisha Reyes
Alisha Reyes
— October 1, 2019

New on Cloud Academy: ITIL® 4, Microsoft 365 Tenant, Jenkins, TOGAF® 9.1, and more

At Cloud Academy, we're always striving to make improvements to our training platform. Based on your feedback, we released some new features to help make it easier for you to continue studying. These new features allow you to: Remove content from “Continue Studying” section Disc...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • ITIL® 4
  • Jenkins
  • Microsoft 365 Tenant
  • New content
  • Product Feature
  • Python programming
  • TOGAF® 9.1
Avatar
Stuart Scott
— September 27, 2019

AWS Security Groups: Instance Level Security

Instance security requires that you fully understand AWS security groups, along with patching responsibility, key pairs, and various tenancy options. As a precursor to this post, you should have a thorough understanding of the AWS Shared Responsibility Model before moving onto discussi...

Read more
  • AWS
  • instance security
  • Security
  • security groups
Avatar
Jeremy Cook
— September 17, 2019

Cloud Migration Risks & Benefits

If you’re like most businesses, you already have at least one workload running in the cloud. However, that doesn’t mean that cloud migration is right for everyone. While cloud environments are generally scalable, reliable, and highly available, those won’t be the only considerations dri...

Read more
  • AWS
  • Azure
  • Cloud Migration
Joe Nemer
Joe Nemer
— September 12, 2019

Real-Time Application Monitoring with Amazon Kinesis

Amazon Kinesis is a real-time data streaming service that makes it easy to collect, process, and analyze data so you can get quick insights and react as fast as possible to new information.  With Amazon Kinesis you can ingest real-time data such as application logs, website clickstre...

Read more
  • amazon kinesis
  • AWS
  • Stream Analytics
  • Streaming data