install chef server on ubuntu 12.04


After the step of “sudo apt-get install chef chef-server”
chef-server-webui failed to start
solution is…..
so, I had to manually start the webui, it went through, then stop and restart the service!
sudo /usr/sbin/chef-server-webui
sudo /etc/init.d/chef-server-webui restart
it is strange.

Another issue,
I could not log in to the webui with the password I set up during the “sudo apt-get install chef chef-server” step, I had to recover the root/admin password with solution from below link

curl http://localhost:5984/chef/_design/users/_view/all
curl -X DELETE http://localhost:5984/chef/0d115d13-7664-428a-a4ac-2c5dd7d8874b?rev=1-643d259bac4d77c16dcc7735c91687af

then restart chef-server and chef-server-webui
sudo service chef-server restart
sudo service chef-server-webui restart
sudo more sudo more /etc/chef/webui.rb
the default admin password is in the COMMENT

I think the reason is the password i set up initially was too short, it seems Chef-server-webui refused to accept it and ended up blocking me logging in.

BTW, the “sudo service chef-server-webui restart” does not always work, you have to verify by yourself
ps -ef|grep webui
but…..the “sudo /usr/sbin/chef-server-webui” is good.

Now set up the work station, where we manage the cookbooks and work on chef. We assume the user name is “smith”.

first start up a new VM, which will be Smith’s working box.
(this way, we always have a clean installation base)
Now install necessary components for work station –
However, I’d use part of steps to install chef

echo “deb precise-0.10 main” | sudo tee /etc/apt/sources.list.d/opscode.list
sudo mkdir -p /etc/apt/trusted.gpg.d
gpg –keyserver –recv-keys 83EF826A
gpg –export | sudo tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
sudo apt-get update
sudo apt-get -y install opscode-keyring
sudo apt-get upgrade
sudo apt-get -y install chef

This might install more than what we need? but it is simple and it works.
then install git
sudo apt-get -y install git

if the user “smith” not yet on the linux workstation, create it by
sudo addgroup staff
sudo adduser –home /home/smith –shell /bin/bash smith –ingroup employee
then login with smith or sudo su smith

below is what Smith will need to do to set up his chef work station
clone the chef-repository
git clone git://

create the .chef directory to store the chef key files (the wiki example put keys in ~chef-repo/.chef, however it seems it is better to be in ~.chef directory since that is where knife wants)
mkdir -p ~/.chef

now we need to set up the “client” on chef server – a client represents the entity to communicate with chef-server and run chef commands, it is not necessary there must be one client per user(team member)
We could create a client named “devteam” and as long as the user “smith” has the devteam.pem and validation.pem under his .chef directory, he can run knife.

In our case, we will have a client name “tester”

We can do it through the webui or use command
knife client create tester -n -a -f /tmp/tester.pem
You may need to set the EDITOR variable
export EDITOR=/usr/bin/X11/vi
verify at http://my-chef-server:4040/clients

then on the work station, we download the private key file
scp user-on-chef-server@chef-server:/tmp/tester.pem ~/.chef/

also download the validation.pem from chef-server, which is in directory ~/.chef (in the step 7 when setting up server)
scp devops@server3:~/.chef/validation.pem ~/.chef/

now configure knife
knife configure

Where should I put the config file? [/home/smith/.chef/knife.rb]
Please enter the chef server URL: [http://server4:4000] http://server3:4000
Please enter an existing username or clientname for the API: [devops] tester
Please enter the validation clientname: [chef-validator]
Please enter the location of the validation key: [/etc/chef/validation.pem] ~/.chef/validation.pem
Please enter the path to a chef repository (or leave blank): ~/chef-repo

knife environment list

now we have git repository and knife installed on Smith’s work station.

Next, Smith will use his chef workstation to create workbook and recipies.


install Oracle java7 on Ubuntu 12.04

tar xvf jdk-7u4-linux-i586.tar.gz
sudo mkdir -p /usr/lib/jvm/jdk1.7.0
sudo mv jdk1.7.0_04/* /usr/lib/jvm/jdk1.7.0/
sudo update-alternatives –install “/usr/bin/java” “java” “/usr/lib/jvm/jdk1.7.0/bin/java” 1
sudo update-alternatives –install “/usr/bin/javac” “javac” “/usr/lib/jvm/jdk1.7.0/bin/javac” 1
sudo update-alternatives –install “/usr/bin/jar” “jar” “/usr/lib/jvm/jdk1.7.0/bin/jar” 1

VM post startup script and heart beat

In last post, I created vagrant base box and use it to start VM to run Ubuntu 12.04 server.
Now I want to hook the VMs with the internal DNS servers, which means
1, VMs should be able to “report” its IP address (I am using DHCP)
2, DNS server should be able to receive VM message and update its bind9 files
3, VM needs to update its ResolvConf head file to have the internal DNS

At VM side, I think it can run a post-startup script to find and report its IP

I found this command will display the host IP (eth0) and VM ip (eth1)
/sbin/ifconfig | grep “inet addr” | grep -v “” | awk ‘{ print $2 }’ | awk -F: ‘{ print $2 }’

1, sudo apt-get install curl
2, vi ~/
echo after vm started …
/sbin/ifconfig | grep “inet addr” | grep -v “” | awk ‘{ print $2 }’ | awk -F: ‘{ print $2 }’ > my.ip
echo done of post-start-up
curl -X POST –data-binary @my.ip http://my-host-address/service/box-is-up
chmod +x

add to local-rc
sudo cp /etc/init.d
sudo chmod +x /etc/init.d/
sudo update-rc.d defaults 98 02

at the server side, the web app needs to parse the passed body and update the DNS records in two files
db.xx.yy (reverse ip)

may add a crontab job to broadcast the my.op periodically as a heartbeat from VM
*/2 * * * * ~/ > /dev/null 2>&1

Also, install Oracle JDK 1.7 and Git on the VM. We can install Java through Chef, but this is much easier by installing on a vagrant VM and create a base box from it or create a custom EC2 image.
Now we are at it, install git too.