After the step of “sudo apt-get install chef chef-server”
chef-server-webui failed to start
so, I had to manually start the webui, it went through, then stop and restart the service!
sudo /etc/init.d/chef-server-webui restart
it is strange.
I could not log in to the webui with the password I set up during the “sudo apt-get install chef chef-server” step, I had to recover the root/admin password with solution from below link
then restart chef-server and chef-server-webui
sudo service chef-server restart
sudo service chef-server-webui restart
sudo more sudo more /etc/chef/webui.rb
the default admin password is in the COMMENT
I think the reason is the password i set up initially was too short, it seems Chef-server-webui refused to accept it and ended up blocking me logging in.
BTW, the “sudo service chef-server-webui restart” does not always work, you have to verify by yourself
ps -ef|grep webui
but…..the “sudo /usr/sbin/chef-server-webui” is good.
Now set up the work station, where we manage the cookbooks and work on chef. We assume the user name is “smith”.
first start up a new VM, which will be Smith’s working box.
(this way, we always have a clean installation base)
Now install necessary components for work station – http://wiki.opscode.com/display/chef/Workstation+Setup+for+Debian+and+Ubuntu
However, I’d use part of steps to install chef
echo “deb http://apt.opscode.com/ precise-0.10 main” | sudo tee /etc/apt/sources.list.d/opscode.list
sudo mkdir -p /etc/apt/trusted.gpg.d
gpg –keyserver keys.gnupg.net –recv-keys 83EF826A
gpg –export email@example.com | sudo tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
sudo apt-get update
sudo apt-get -y install opscode-keyring
sudo apt-get upgrade
sudo apt-get -y install chef
This might install more than what we need? but it is simple and it works.
then install git
sudo apt-get -y install git
if the user “smith” not yet on the linux workstation, create it by
sudo addgroup staff
sudo adduser –home /home/smith –shell /bin/bash smith –ingroup employee
then login with smith or sudo su smith
below is what Smith will need to do to set up his chef work station
clone the chef-repository
git clone git://github.com/opscode/chef-repo.git
create the .chef directory to store the chef key files (the wiki example put keys in ~chef-repo/.chef, however it seems it is better to be in ~.chef directory since that is where knife wants)
mkdir -p ~/.chef
now we need to set up the “client” on chef server – a client represents the entity to communicate with chef-server and run chef commands, it is not necessary there must be one client per user(team member)
We could create a client named “devteam” and as long as the user “smith” has the devteam.pem and validation.pem under his .chef directory, he can run knife.
In our case, we will have a client name “tester”
We can do it through the webui or use command
knife client create tester -n -a -f /tmp/tester.pem
You may need to set the EDITOR variable
verify at http://my-chef-server:4040/clients
then on the work station, we download the private key file
scp user-on-chef-server@chef-server:/tmp/tester.pem ~/.chef/
also download the validation.pem from chef-server, which is in directory ~/.chef (in the step 7 when setting up server)
scp devops@server3:~/.chef/validation.pem ~/.chef/
now configure knife
Where should I put the config file? [/home/smith/.chef/knife.rb]
Please enter the chef server URL: [http://server4:4000] http://server3:4000
Please enter an existing username or clientname for the API: [devops] tester
Please enter the validation clientname: [chef-validator]
Please enter the location of the validation key: [/etc/chef/validation.pem] ~/.chef/validation.pem
Please enter the path to a chef repository (or leave blank): ~/chef-repo
knife environment list
now we have git repository and knife installed on Smith’s work station.
Next, Smith will use his chef workstation to create workbook and recipies.