This does not intend to be a replacement for the tutorials on the Chef Website. In fact, I highly recommend reading and working through those tutorials as this blog intends to build on ideas and concepts presented there. In fact, most of this guide is based on the Chef Tutorial and Documentation on the same subject.
This page exists to document my workflows. So without further ado.
Chef Account Setup (Hosted Chef)
Head on over to the Sign Up Page to get signed up with a Hosted Chef. You can run Chef.io Hosted Chef for free up to 5 nodes. If you need more than that then you’re looking at paying for nodes, or hosting your own Chef Server.
Head over to The Organizations page in your manage interface (Administration -> Organizations). Find your organization, and select “Generate Knife Config”. You should download a
Then head over to Users (Administration -> Users) and find your user, then select “Reset Key”. You should download a `
Create a ` ~/.chef ` directory, and move your newly downloaded files into the ` ~/.chef ` directory.
knife.rb will look like
This guide assumes you’re not doing other Ruby development. If you use bundler and things get weird (Chef can’t find gems that are installed when you
gem list), you can remove the
Head over to the [ChefDK Downloads page}(https://downloads.chef.io/chefdk) and select the appropriate package. For me, I selected the Red Hat 7 rpm.
Once our ChefDK package is installed, we need to set up our shell. (Windows users, head over to ChefDK on Windows)
Then we can either log in a new shell, or just source our file:
If you’re using rbenv to manage Ruby, you’re own your own for now…
At this point you should have the ChefDK installed and should be able to communicate with your Hosted Chef account. We can verify by running a few commands:
(note: I already have nodes registered, you likely will not. So you’ll likely only see the validator key)
If you’re working with self signed certs or are behind some corporate proxies, Ruby will have a bad time validating SSL certs. While the best answer is always “fix your SSL”, but that is, unfortunately, not always a possible solution. These can be worked around with the below solutions.
Chef SSL Errors
Download SSL Certs
The first thing we can try is to download the SSL certs from the server.
Disable SSL Checking
If you’re dealing with a proxy, the above may not work still. You can disable ssl checking with knife entirely, though this is not recommended, disabling SSL for Knife is documented below.
Again, this disables all SSL checking and is not recommended!!!
Berkshelf SSL Errors
Disable ssl checking for berkshelf:
This should not be seen as condoning the use of docker in production! However, for the purposes of the next few posts, it will serve our needs. Again, this post mostly just follows the instructions found in the official documentation
I like to do my work in my
~/chef-dev directory. So let’s create this first.
Then we’ll create our first cookbook, this can be found on github, but it’s not much more than a base
chef generate cookbook <cookbook name>.
Running Test Kitchen
At this point, we should be in our new cookbook directory, and be able to run
kitchen test, but I’m having trouble and didn’t want to reboot at the moment…
So more on this later,
At this point, we should have:
- installed the ChefDK,
- installed Docker,
- Configured our
- created our first cookbook using the ChefDK generator
- Run Test Kitchen
We’re now ready to rock! Tune in next time when we discuss the cookbook development process.