Step-by-step instructions installing Chef-server 11 and chef-client on CentOS 6.4
*** First go over to http://www.opscode.com/chef/install and get the latest version of the rpm and store it locally. I like to scp it to my fresh install in VirtualBox. I have a fully automated CentOS install CD. Those instructions will be on another page.
This is my procedure. Documented for my personal use and posted for fun. Enjoy!!!
Chef Server Install:
1) Install the server software via rpm:
# rpm -Uvh https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm
2) Configure the server once the software is installed:
# chef-server-ctl reconfigure
3) Test the install:
# chef-server-ctl test
4) edit iptables to allow for the chef-server ports
# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
# Chef
# -- web interface
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4040 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# -- chef-server
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4000 -j ACCEPT
# -- amqp server
-A INPUT -m state --state NEW -m multiport -p tcp --dport 5672,4369,50229 -j ACCEPT
# -- search indexes (solr)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8983 -j ACCEPT
# data store (couchdb)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5984 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
5) restart iptables firewall service
# service iptables restart
6) check your server UI in a browser
https://chef-server/
This is my procedure. Documented for my personal use and posted for fun. Enjoy!!!
Chef Server Install:
1) Install the server software via rpm:
# rpm -Uvh https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm
2) Configure the server once the software is installed:
# chef-server-ctl reconfigure
3) Test the install:
# chef-server-ctl test
4) edit iptables to allow for the chef-server ports
# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
# Chef
# -- web interface
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4040 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# -- chef-server
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4000 -j ACCEPT
# -- amqp server
-A INPUT -m state --state NEW -m multiport -p tcp --dport 5672,4369,50229 -j ACCEPT
# -- search indexes (solr)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8983 -j ACCEPT
# data store (couchdb)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5984 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
5) restart iptables firewall service
# service iptables restart
6) check your server UI in a browser
https://chef-server/
Install chef-client
1) install chef-client software:
# curl -L https://www.opscode.com/chef/install.sh | bash
2) add the hostnames to /etc/hosts or to DNS
3) configure chef-client
# mkdir /etc/chef && cd /etc/chef && knife configure client ./
scp root@chef-server:/etc/chef-server/admin.pem .
scp root@chef-server:/etc/chef-server/chef-validator.pem ./validation.pem
4) edit /etc/chef/client.rb
Here is my example:
[root@chef-client chef]# cat /etc/chef/client.rb
log_level :info
log_location STDOUT
chef_server_url 'https://chef-server:443'
validation_client_name 'chef-validator'
5) verify the client can connect
# chef-client
# knife client list
# knife user list
# curl -L https://www.opscode.com/chef/install.sh | bash
2) add the hostnames to /etc/hosts or to DNS
3) configure chef-client
# mkdir /etc/chef && cd /etc/chef && knife configure client ./
scp root@chef-server:/etc/chef-server/admin.pem .
scp root@chef-server:/etc/chef-server/chef-validator.pem ./validation.pem
4) edit /etc/chef/client.rb
Here is my example:
[root@chef-client chef]# cat /etc/chef/client.rb
log_level :info
log_location STDOUT
chef_server_url 'https://chef-server:443'
validation_client_name 'chef-validator'
5) verify the client can connect
# chef-client
# knife client list
# knife user list
