Chef Working, installation steps, and a lot more about it

What is Configuration Management

It is a Method through which we automate admin tasks. This tool turns your Code into Infrastructure.

Advantages of Configuration Management Tool,

• Complete Automation

• Increase Chef -Uptime

• Improve Performance

• Ensure compliance

• Prevent error

• Reduce Cost

Two types of configuration tools are available:

1. Push Based: Push configuration sever pushes the configuration to your machine. In easy words you can say that the Whatsapp application has updated its version, it will notify and update your application. Here Server asks you to update your system. It is important when you need a machine's controls in your hand because you are deciding here when to update the configuration. exp. Ansible is a Push-based configuration tool

2. Pull Based: The machine will check with the server periodically and if there new configuration available it will fetch it from there. Here the controls goes to the machines. Chef & Puppet is a Pull-based configuration tool.

   

Why Chef?

Let us take a scenario, suppose you have shifted your office into a different environment and you wanted your system administrator to install, update and deploy software on hundreds of system overnight. When the system engineer does this task manually it may cause Human errors and some software’s may not function properly. At this stage, we use Chef which is a powerful automated tool which transfers infrastructure into code.

Chef automated the application configuration, deployment and management throughout the network even if we are operating it on cloud or hybrid. We can use chef to speed up the application deployment. Chef is a great tool for accelerating software delivery, the speed of software development refers to how quickly the software is able to change in response to new requirements or conditions

What is Chef

A chef is an automation tool that offers a mechanism to define infrastructure as a code.

Instead of using manual procedures, it believes in managing infrastructure by writing code. It utilizes the Ruby language for writing the configuration items. It automates infrastructure configuration, app deployment, and configurations managed across the network.

How Chef Works?

Chef basically consists of three components, Chef Server, workstations and Nodes. The chef server is center hubs of all the operations were changes are stored. The workstation is the place all the codes are created or changed. Nodes are a machine that is managed by chef.

The user can interact with chef and chef server through Chef Workstation. Knife and Chef command line tools are used for interacting with Chef Server. Chef node is a virtual or a cloud machine managed by chef and each node is configured by Chef-Client installed on it. Chef server stores all part of the configuration. It ensures all the elements are in right place and are working as expected.

The Core Components That Comprise Chef Are As Follows:

• Chef Server - The main hub where Chef propagates and stores recipes and cookbooks. The server may be hosted locally or remotely.

• Chef Client - Performs configuration tasks on the local machine and is installed on every node being managed from the Chef-Server. Chef-client checks the ohai state and updates the node accordingly.

• Workstation - Workstations are personal Computers or Virtual servers where all configuration code is created. Workstation communicates with chef server using Knife.

• Chef Analytics - A stage that delivers actions and runs history, real-time reporting, and notifications around Chef mechanization activities

• Chef Supermarket - An open-source directory of community-contributed cookbooks

• Chef-repo - The chef-repo is a directory on your workstation that stores everything you need to define your infrastructure with Chef Infra:

  • Cookbooks (including recipes, attributes, custom resources, libraries, and templates)

  • Data bags

  • Policy files

• Knife - The knife, a command-line interface tool, is the primary technique by which a client machine communicates the data of its chef-repo directory to a Chef server. This communication takes place between the client computer and the Chef server, which also uploads the Cookbook to the server.

• Test Kitchen: Test Kitchen is an automated testing framework for the Chef programming language.

• InSpec: Chef's InSpec is a free and open-source automation platform for security and compliance.

• chef-run: As a tool for executing random jobs, "chef-run" is a boon to the modern IT professional. The Chef Workstation App manages and keeps your chef equipment up-to-date.

• Ohai - Maintain current state information of chef code

• Node - Nodes are the system that requires the configuration or the machines that are managed or configured by the Chef Server, which may be virtual servers, network devices, or any other storage devices. Chef client is installed to execute the steps needed to bring the node into the required state as defined by a cookbook. Chef client makes it possible for the nodes to stay up to date and runs individually on each node to configure them. Each node has Ohai, Ohai fetches the current state of the node or All the system configuration data. Node communicates with the Chef-Server using the Chef-Client. Chef-Client is installed on every node.

  Cookbooks

  In Chef Infra, a Cookbook is the basic unit of configuration and policy distribution. You can think of a cookbook as a collection of all the recipes, files, characteristics, and metadata. A cookbook defines a scenario and contains everything that is required to support that scenario:

  • Recipes that specify which Chef Infra built-in resources to use, as well as the order in which they are to be applied

  • Attribute values, which allow environment-based configurations such as dev or production.

  • Custom Resources for extending Chef Infra beyond the built-in resources.

  • Files and Templates for distributing information to systems.

  • Custom Ohai Plugins for extending system configuration collection beyond the Ohai defaults.

  • The metadata.rb file, which describes the cookbook itself and any dependencies it may have.

As a cookbook is a collection of recipes and other files, that other file includes

• Chefignore - It is similar to gitignore.

• Kitchen.yml - For testing the cookbook.

• Metadata.rb - Contains name, version, and author, of cookbook.

• Readme.md - Information about the usage of cookbooks.

• Spec - For unit testing.

• Test - For integration testing.

Installing Chef on Amazon Linux

1. Launch Linux EC2 Instance.

   

2. Connect to Linux EC2 Instance through Putty.

   • Download the Private key of the instance using PuttyGen

   • Get access to the terminal using the downloaded private key.

3. Switch to the root user.

   sudo su

4. Update Server Packages.

   yum update -y

5. Download and Install the chef package

   packages.chef.io/files/stable/chef-workstat..

   wget https://packages.chef.io/files/stable/chef-workstation/20.7.96/el/7/chef-workstation-20.7.96-1.el7.x86_64.rpm

6. Verify the chef package and Version.

   • to list the downloaded contain

     ls

7. Install the Chef workstation

   for Amazon Linux - chef-workstation-23.3.1030-1.el7.x86_64.rpm

   yum install <workstation-name>

8. Verify the version

   chef-v

How actually the Chef workstation works and it command?

Once we installed the Chef workstation, we need to create the directory called Cookbooks, which will have as many cookbooks with recipes.

1. Create a directory called cookbooks

   mkdir cookbooks

2. To create a cookbook, go inside the cookbooks directory and generate the cookbook

   cd cookbooks

   Generating the cookbook,

   chef generate cookbook <cookbook-name>

   

   Output -

   

3. To create the recipes we have to go inside created cookbook directory and generate the cookbook.

   cd cookbook-name

   Generating the recipe,

   chef generate recipe <recipe-name>

   

   Output-

   

4. To build recipes back to the cookbooks directory and take the access using vim/vin command,

   Here the recipe has .rb extension, because recipes are written in Ruby langauge.

   vi cookbook-name/recipes/recipe-name.rb

   

5. Now create a file using the Chef recipe, by editing the recipe recipe-name.rb,

   Ruby scripting -

   file '/myfile' do

   content 'Welcome to Chef workstation'

   action :create

   end

   

   • Press i to enter text in file.

   • Press esc, and type :wq to save and exit the file.

6. To check Ruby scripting, with output syntax Ok or Not,

   chef exec ruby -c cookbook-name/recipes/recipe-name.rb

   

7. Calling chef-client,

   chef-client will check the Ohai status, and respond accordingly which means it will respond when Ohai doesn't contain the above state. Chef-client applies to recipe to bring node into desire state. The process is called Convergence.

   Here z - local machine & r - runlist which is to run recipe in sequence order but,

   Condition-1 is there must be only one recipe from one cookbook.

   chef-client -zr "recipe[cookbook-name::recipe-name]"

   

8. For multiple recipes and cookbooks

   Similarly for multiple recipes and cookbooks with some below changes,

   Condition-2 To run multiple recipes of the same cookbook

   Create a file called default.rb inside <cookbook-name>, modify it by adding an include keyword in front of recipes,

   To modify default.rb file,

   vi cookbook-name/recipes/default.rb

   Modify by adding multiple recipes in default.rb file,

   include-recipe "<cookbook-name>::recipe1"

   include-recipe "<cookbook-name>::recipe2"

   include-recipe "<cookbook-name>::recipe3"

   To excute the multiple recipes at node,

   chef-client -zr recipe[<cookbook-name>::default]

   To execute multiple cookbooks,

   chef-client -zr "recipe[<cookbook-name>], recipe[<cookbook-name>::default]"

Installation of Apache server

• Create Apache cookbook

  chef generate cookbook apache-cookbook

• Locate to the apache-cookbook directory

  cd apache-cookbook

• Create recipe

  chef generate recipe apache-recipe

  

• Modify the recipe form cookbooks location, with httpd server specification

  vi Apache-cookbook/recipes/apache-recipe.rb

  • package 'httpd' do

    action :install

    end

    file '/var/www/html/index.html' do

    content 'Welcome to Wafzee website'

    action :create

    end

    service 'httpd' do

    action [:enable, :start]

    end

• Execute the recipe,

  chef-client -zr “recipe[apache-cookbook::apache-recipe]”

  

• To check whether it is loading on the browser?

  Copy the public IP of the instance and paste it in the browser

  

Attributes

Attributes is a key value pair that represents a specific detail about the node, use to determine the current state of the node, and the state of the node at the end of the previous or current chef-client run.

Attributes are used for overriding default setting in a node.

Attributes are defined by:

• The node as saved on the Chef Infra Server

• Attributes passed using JSON on the command line

• Cookbooks (in attribute files and/or recipes)

• Policyfiles

Types of Attribute

1. Default , maximum priority

2. Force-default

3. Normal

4. Override

5. Force override

6. Automatic, least priority

Example Attributes are defined in cookbooks/recipes with #{<attribute>},

File ‘/besicinfo’ d0

Content “this id to get Attributes"

HOSTNAME: #{node[‘hostname’]}

IPADDRESS: #{node[‘ipaddress’]}

CPU: #{node[‘cpu’][‘0’][‘mhz’]}

MEMORY: #{node[‘memory’][‘total’]}”

owner ‘root’

group ‘root’

action :create

During every Chef-Client run, Chef-Client builds the attribute list using:

• Attributes passed using JSON on the command line

• Data about the node collected by Ohai.

• The node object that was saved to the ChefServer at the end of the previous Chef-Client run.

• The rebuilt node object from the current Chef-Client run, after it is updated for changes to cookbooks (attribute files and/or recipes) and/or Policyfiles, and updated for any changes to the state of the node itself.

The project to understand Chef and another important topic of chef will be covered in the next blog.

Stay tuned!!

For any query, you can contact to Atharva Deshpande