Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to install chef in Linux system, which is very detailed and has certain reference value. Friends who are interested must finish it!

Chef is a server automation build tool. Is a system integration framework that provides configuration management functions for the entire architecture.

Introduction to Chef: Chef is a composition management tool for servers developed by Ruby

Instead of running commands, you write code through Chef to manage the server.

Chef is tightly integrated with applications, databases, LDAP directories, and so on.

Easily configure applications that need to understand the entire infrastructure

Linux system installs Chef concrete solution downloads ChefDK

ChefDK is an abbreviation for Chef Development Kit and is used on almost all platforms, including Debian-based distributions, Ubuntu, RedHat, CentOS, Mac OS X, and Windows. The current stable version of ChefDK is 0.11.2, and for RHEL-based systems, it is available for versions 6 and 7 (such as CentOS 6 and CentOS 7), and the RPM version is only 64-bit.

Download ChefDK on CentOS 7 using the following command

Cd ~ wget https://packages.chef.io/stable/el/7/chefdk-0.11.2-1.el7.x86_64.rpm on CentOS 6

Cd ~ wget https://packages.chef.io/stable/el/6/chefdk-0.11.2-1.el6.x86_64.rpm install ChefDK

Use RPM to install the ChefDK you just downloaded

# rpm-ivh chefdk-0.11.2-1.el7.x86_64.rpm Preparing... # # [100%] Updating / installing... 1:chefdk-0.11.2-1.el7 # # [100%] Thank you for installing Chef Development Kitty ChefDK is installed in the / opt/chefdk directory by default, as shown below

# ls-l / opt/chefdk/ drwxr-xr-x. 2 root root 4096 Mar 3 13:50 bin drwxr-xr-x. 7 root root 62 Mar 3 13:50 embedded-rw-r--r--. 1 root root 13249 Feb 22 14:26 version-manifest.json-rw-r--r--. 1 root root 8233 Feb 22 14:26 version-manifest.txt verifies the installation of ChefDK

Execute chef verify to verify all the different components from ChefDK and make sure they are working properly without any problems

# chef verify Running verification for component 'berkshelf' Running verification for component' test-kitchen' Running verification for component 'tk-policyfile-provisioner' Running verification for component' chef-client' Running verification for component 'chef-dk' Running verification for component' chef-provisioning' Running verification for component 'chefspec' Running verification for component' generated-cookbooks-pass-chefspec' Running verification for component 'rubocop' Running verification for component' fauxhai' Running verification for component 'knife-spork' Running verification for component' kitchen-vagrant' Running verification for component 'package installation' Running verification for Component 'openssl' Running verification for component' inspec'. -Verification of component 'test-kitchen' succeeded. Verification of component 'chef-dk' succeeded. Verification of component 'chefspec' succeeded. Verification of component 'rubocop' succeeded. Verification of component 'knife-spork' succeeded. Verification of component 'openssl' succeeded. Verification of component 'berkshelf' succeeded. Verification of component 'chef-client' succeeded. Verification of component 'fauxhai' succeeded. Verification of component 'inspec' succeeded. Verification of component 'tk-policyfile-provisioner' succeeded. Verification of component 'kitchen-vagrant' succeeded. Verification of component 'chef-provisioning' succeeded. Verification of component 'package installation' succeeded. Verification of component 'generated-cookbooks-pass-chefspec' succeeded. The following is an example of a chef verify failure. Note: Ruby is required in Chef and is embedded in ChefDK.

# chef verify.. / opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/mixlib-shellout-2.2.6/lib/mixlib/shellout.rb:289:in `roomidservant: Expected process to exit with [0] But received'1' (Mixlib::ShellOut::ShellCommandFailed)-Begin output of / usr/bin/ohai-v-STDOUT: STDERR: / opt/chefdk/embedded/lib/ruby/site_ruby/2.1.0/rubygems/dependency.rb:319:in `to_specs': Could not find 'chef-config' (= 12.8.0)-did find: [chef-config-12.7.2] (Gem::LoadError) above error The message shows: "Could not find 'chef-config' (= 12.8.0)-did find: [chef-config-12.7.2] (Gem::LoadError)" In the installed ChefDK, the version of chef-config is the old version of 12.7.2. After manually installing the version of chef-confg 12.8.0, execute chef verify, which shows that the verification is successful.

Verify the ChefDK version

Execute the chef-version command to display the version number of ChefDK and all accompanying components

# chef--version Chef Development Kit Version: 0.11.2 chef-client version: 12.7.2 berks version: 4.2.0 kitchen version: 1.5.0 set the Chef environment variable

Set Chef-related environment variables, such as GEM_ROOT GEM_HOME GEM_PATH.

Export GEM_ROOT= "/ opt/chefdk/embedded/lib/ruby/gems/2.1.0" export GEM_HOME= "/ root/.chefdk/gem/ruby/2.1.0" export GEM_PATH= "/ root/.chefdk/gem/ruby/2.1.0:/opt/chefdk/embedded/lib/ruby/gems/2.1.0" in addition, if you already have ruby installed on your system, you need to update the PATH variable associated with ruby, as shown below

Export PATH= "/ opt/chefdk/bin:/root/.chefdk/gem/ruby/2.1.0/bin:/opt/chefdk/embedded/bin:/opt/chefdk/bin:/root/.chefdk/gem/ruby/2.1.0/bin:/opt/chefdk/embedded/bin:/opt/chefdk/bin:/root/.chefdk/gem/ruby/2.1.0/bin:/opt/chefdk/embedded/bin:/usr/local/sbin:/usr/local/bin:/ "usr/sbin:/usr/bin:/root/bin" displays the environment variables for all Chef settings.

Chef shell-init bash wants to set these environment variables quickly, you can add them to the bash_profile file, as shown below.

Echo 'eval "$(chef shell-init bash)" > ~ / .Firewalld rules for bash_profile access to Chef

To access the Chef Manage GUI on the Chef server, add the following firewalld rule to open the appropriate port on the Chef server.

Firewall-cmd-- direct-- add-rule ipv4\ filter INPUT_direct 0-I eth0-p tcp\-- dport 443-j ACCEPT firewall-cmd-- direct-- add-rule ipv4\ filter INPUT_direct 0-I eth0-p tcp\-- dport 80-j ACCEPT firewall-cmd-direct-add-rule ipv4\ filter INPUT_direct 0-I eth0-p tcp\-dport 9683-j ACCEPT firewall-cmd-reload download Starter Kit from Chef Manage GUI

Log in to Chef Manage GUI, click the "Administration" option, and select "organization" from the list. In this example, "organization" is "example". With organization selected, click "Starter Kit" in the left menu.

After pressing the "Download" button, a warning message will pop up and press "Proceed", which will download the chef-starter.zip file to your local machine.

Decompress Starter Kit

Transfer the chef-starter.zip file to the Chef workstation and extract it to the home directory of root

# cd ~ # unzip chef-starter.zip Archive: chef-starter.zip creating: chef-repo/cookbooks/ creating: chef-repo/cookbooks/starter/ creating: chef-repo/cookbooks/starter/templates/ creating: chef-repo/cookbooks/starter/templates/default/ inflating: chef-repo/cookbooks/starter/templates/default/sample.erb creating: chef-repo/cookbooks/starter/files/ creating: chef-repo/cookbooks/starter/files/default/ inflating: Chef-repo/cookbooks/starter/files/default/sample.txt creating: chef-repo/cookbooks/starter/recipes/ inflating: chef-repo/cookbooks/starter/recipes/default.rb creating: chef-repo/cookbooks/starter/attributes/ inflating: chef-repo/cookbooks/starter/attributes/default.rb inflating: chef-repo/cookbooks/starter/metadata.rb inflating: chef-repo/cookbooks/chefignore inflating: chef-repo/README.md inflating: chef-repo / .gitignore creating: chef-repo/.chef/ creating: chef-repo/roles/ inflating: chef-repo/.chef/knife.rb inflating: chef-repo/roles/starter.rb inflating: chef-repo/.chef/ramesh.pem inflating: chef-repo/.chef/example-validator.pem if you manually create the chef-repo folder Then you need to manually create the above subdirectory and copy the knife.rb file, organization-validator.pem file (e.g. example-validator.pem), username.pem file (e.g. ramesh.pem) to the directory shown above.

SSL certificate of the Chef server

If you execute knife client list at this stage, you will get the following error message

# cd ~ / chef-repo # knife client list ERROR: SSL Validation failure connecting to host: centos.example.com-SSL_connect returned=1 errno=0 state=error: certificate verify failed ERROR: Could not establish a secure connection to the server. Use `knife ssl check` to troubleshoot your SSL configuration. If your Chef Server uses a self-signed certificate, you can use `knife ssl fetch` to make knife trust the server's certificates. Original Exception: OpenSSL::SSL::SSLError: SSLError connecting to https://centos.example.com/organizations/example/clients-SSL_connect returned=1 errno=0 state=error: certificate verify failed certificate verification failed because we did not download the SSL certificate from the Chef server, so we can execute the following "knife ssl fetch" at this time.

# cd ~ / chef-repo # knife ssl fetch WARNING: Certificates from centos.example.com will be fetched and placed in your trusted_cert directory (/ root/chef-repo/.chef/trusted_certs). Knife has no means to verify these are the correct certificates. You should verify the authenticity of these certificates after downloading. The certificate will be downloaded to the following truster_certs directory

# ls-l / root/chef-repo/.chef/trusted_certs-rw-r--r--. 1 root root 1379 Mar 20 20:17 centos_example_com.crt # cat / root/chef-repo/.chef/trusted_certs/centos_example_com.crt-BEGIN CERTIFICATE- MIIDzDCCArSgAwIBAgIBADANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJVUzEQ MA4GA1UECgwHWW91Q29ycDETMBEGA1UECwwKT3BlcmF0aW9uczEbMBkGA1UEAwwS ZXJhdGlvbnMxGzAZBgNVBAMMEmNlbnRvcy5leGFtcGxlLmNvbTCCASIwDQYJKoZI.. .. Final confirmation of WLyr2ORLMcck/OGsubabO/koMNTqhl2JJPECNiDJh06MeZ/2+BOwGZSpXDbw+vFE NJAsLfsTzihGWZ58einMFA==-END CERTIFICATE-Chef workstation

If the Chef workstation is working properly, when you execute "knife client list", it will show all clients connected to the workstation. Since we have just installed it, we can only see the organization we just created (organization)

# cd ~ / chef-repo # knife client list example-validator if you already have five servers connected to it on your existing Chef workstation machine, you will see the following message

# knife client list example-validator node1 node2 node3 node4 node5 above is all the content of the article "how to install chef on Linux system". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.