JasonBain.com
  • Home
  • Chef
  • Git & AWS
  • Blog

Step-by-step instructions installing Chef-server 11 and chef-client on CentOS 6.4 

*** First go over to http://www.opscode.com/chef/install and get the latest version of the rpm and store it locally.  I like to scp it to my fresh install in VirtualBox.  I have a fully automated CentOS install CD.  Those instructions will be on another page.


This is my procedure.  Documented for my personal use and posted for fun.  Enjoy!!!


Chef Server Install:

1) Install the server software via rpm:

# rpm -Uvh https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm

2) Configure the server once the software is installed:

# chef-server-ctl reconfigure

3) Test the install:

# chef-server-ctl test

4) edit iptables to allow for the chef-server ports

# vi /etc/sysconfig/iptables

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

# Chef
# -- web interface
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4040 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# -- chef-server
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4000 -j ACCEPT
# -- amqp server
-A INPUT -m state --state NEW -m multiport -p tcp --dport 5672,4369,50229 -j ACCEPT
# -- search indexes (solr)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8983 -j ACCEPT
# data store (couchdb)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5984 -j ACCEPT

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

5) restart iptables firewall service

# service iptables restart

6) check your server UI in a browser

https://chef-server/


Install chef-client

1) install chef-client software:

# curl -L https://www.opscode.com/chef/install.sh | bash

2) add the hostnames to /etc/hosts or to DNS

3) configure chef-client

# mkdir /etc/chef && cd /etc/chef && knife configure client ./

scp root@chef-server:/etc/chef-server/admin.pem .
scp root@chef-server:/etc/chef-server/chef-validator.pem ./validation.pem

4) edit /etc/chef/client.rb

Here is my example:

[root@chef-client chef]# cat /etc/chef/client.rb 
log_level        :info
log_location     STDOUT
chef_server_url  'https://chef-server:443'
validation_client_name 'chef-validator'

5) verify the client can connect 

# chef-client
# knife client list
# knife user list
Powered by Create your own unique website with customizable templates.