In “The Moving Parts of Opscode Chef”
there was an interesting discussion about the need of a highly
available chef server if you want to use opscode chef as your
configuration management tool of choice. Especially for small to medium
sized enviroments running your own chef server is overkill. If you don’t
want to use chef-solo (a local “push” tool instead of the client-server
model of chef), you can sign up for an account at the opscode chef platform.
The opscode chef platform gives you an highly available chef server in
the cloud. After sign up, it’s only a matter of minutes to get your
first client (or ‘node’ in chef speak) under configuration management
Bootstrap A Chef-Client With Knife
If you have a box you want to have managed by the chef platform all
you need is ssh access to it and chef installed on your local
workstation. Just run
knife bootstrap www.example.com
(be sure you have the Net::SSH::Multi gem installed on your local workstation: $ sudo gem install net-ssh-multi)
to get chef-client installed and hooked up to the chef platform. After a few minutes you’ll find your brand new node ready to run cookbooks.
Roles, Nodes, And Cookbooks
Now you have the opscode chef platform acting as your chef server and
another box acting as chef-client. It’s time to get something installed
on that client using chef. Before we write any code, let’s have a look
at how everything plays together:
- Node: Every box you want to manage with Opscode Chef is a node. The node definition lives only on the chef server and can be modified by the command line tool knife. To display all the attributes of a node you simply type knife node show www.example.com at your local workstation.
- Role: Roles define what a node should be. Examples of roles could be mysql_master, load_balancer, gateway, etc. Within roles you define so called “run_list”s of recipies (or other roles) telling chef what to install on every box having this role assigned.
- Recipes: A recipe is a set of instructions which ensures that a node has everying setup as you need it. You can define a variety of resources like users, directories, packages, files, etc. You could have e.g. a recipe called nginx::source which will grab the source tarball of nginx form a website, unpack it, configure, make, make install it, and upload configuration files as well as setting up a runit service for it. As you’ve already seen, you tell a role which recipes it shall run on every node having that role.
- Cookbooks: Cookbooks are collections of recipes. There are simple cookbooks including only one recipe (like the logrotate cookbook) and others having multiple recipes (like the nginx cookbook which includes recipes for installing nginx from source or using a package manager). Opscode provides a huge set of ready made cookbooks. If you want to use them you can include them into your chef setup by using knife: knife cookbook site vendor nginx -d.
Assign A Role To A Node
Assuming you have a set of roles and cookbooks ready (that means: edited them on your local workstation and then uploaded them to the chef platform using e.g. knife cookbook upload load_balancer) its time now to get something installed on your new node. Just type knife node run_list add [NODE] [ENTRY] where [NODE] could be www.example.com and [ENTRY] could be role[load_balancer] if you want to assign the role load_balancer to your node www.example.com.
Now just run chef-client on www.example.com and it will grab the required cookbook and run its default recipe.