Skip to main content

Setting Up A Chef Server, Workstation, and Bootstrapping a Node

Hands-On Lab


Photo of Keith Thompson

Keith Thompson

DevOps Training Architect II in Content





Chef is one of the leading configuration management and devops tools used today. In this activity, the student will take the first step to utilizing Chef for configuration management by deploying the central Chef server, configuring a workstation, and bootstrapping the first node in the new infrastructure. Understanding this process will allow the student to feel comfortable getting started with Chef in the infrastructure that he/she manages.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Setting Up A Chef Server, Workstation, and Bootstrapping a Node

The Scenario

Our organization's infrastructure has grown beyond what we can manage manually. It's time to start automating the management of the infrastructure. To get started, we need to deploy a Chef server so that you can register and manage the nodes. After the Chef server has been created, we'll need to set up a workstation and start our organization's repository of Chef resources.

Finally, we'll need to bootstrap the first node in our new infrastructure and ensure that it can connect to the Chef server. Once we've completed this setup, our organization will be ready to start using Chef to management the configuration of new servers. Note: Please use the chef-server RPM located at /tmp/chef-server-core-12.17.33-1.el7.x86_64.rpm on the "Chef Server" cloud server when setting up your Chef Server.

Logging in

On the lab overview page, we'll see three EC2 instances: a Chef server ( we'll call it chef), a workstation (we'll call it worker) and a node (we'll call it node). The shell prompts in this lab guide will reflect which one we're running commands in at the moment.

Get Chef Server Running and Enabled

Since most of what we're doing requires root privileges, let's become root right off and get it over with using:

[cloud_user@chef]$ sudo su -

Install Chef Server

The chef-server ROM file is sitting in /tmp, so let's get in there and install it:

[root@chef]$ rpm -Uvh chef-server-core-12.17.33-1.el7.x86_64.rpm

Now we can configure it:

[root@chef]$ chef-server-ctl reconfigure

This will set up the entire chef-server for us. Now we need to create a user and an organization. We'll make a cloud_user user, and an organization named examplecom. This is needed just as default for the organization. The name of the organization can vary.

[root@chef]$ chef-server-ctl user-create cloud_user Cloud User 'p@ssw0rd' -f /home/cloud_user/cloud_user.pem
[root@chef]$ chef-server-ctl org-create examplecom '' --association_user cloud_user -f /home/cloud_user/examplecom-validator.pem

> ## Optional
> ### Chef Manage > If we're looking for a web-based UI to use for interacting with Chef, we can install Chef Manage. On our server, run: > > [root@chef]$ chef-server-ctl install chef-manage > > Runing these next two commands will reconfigure Chef and allow us to use Chef Manage: > > > [root@chef]$ chef-server-ctl reconfigure > [root@chef]$ chef-manage-ctl reconfigure > > > Follow the prompts and accept the license agreement, and then we can visit the Chef Manage interface in a web browser: https://<`chef`_PUBLIC_IP>

Configure Server 2 as a Workstation and Connect It to the Chef Server

This part of the show involves worker, one of the other two EC2 instances in the lab environment. Log into its public IP address (with SSH) and we'll find that we've got an RPM sitting in /tmp. This will install the Chef Development Kit (ChefDK). From /tmp, run:

[cloud_user@worker]$ sudo rpm -Uvh chdk-2.5.3-1.el7.x86_64.rpm

Once we're done, and back in our home directory. To make sure, moving forward, that we're running the proper version of chef, run:

[cloud_user@worker]$ eval "$(chef shell-init bash)"

Now we need to create a Chef repository (chef-repo):

[cloud_user@worker]$ chef generate repo ~/chef-repo

Then we'll configure knife to connect to our Chef Server:

[cloud_user@worker]$ knife configure

When we're prompted, we've got to enter the URL, which includes the host name of the Chef server. It's going to be something like this: https://ip-x-x-x-x.ec2.internal/organizations/examplecom

Just be sure that x-x-x-x is the private IP address of chef, and remember two swap the periods out for hyphens, like 10-0-0-1.

At the username prompt, cloud_user is the default. We can just hit Enter here.

To get the pem file, we've got to copy it from chef:

[cloud_user@worker]$ scp cloud_user@<chef_PRIVATE_IP>:~/cloud_user.pem ~/.chef

Now we can test the connection with:

[cloud_user@worker]$ knife node list

We'll get an error, but we can fix it with:

[cloud_user@worker]$ knife ssl fetch

Now our knife nodes list command will work.

If we get into our ~/chef-repo directory, we''ll be able to interact with Chef and build out our configuration.

> ## Optional
> ### Chef Starter Kit > If we've managed to get a repository all set up, and connect to it with knife, then this step is unnecessary. But if we want to use a starter kit that we can get by using the Chef Manage UI, then we're in the right place. In Chef Manage, get into the Administration tab and get into our organization, there's a menu option on the left called Starter Kit. > > We can click on that, then the Download Starter Kit button. We're greeted with a popup about resetting our keys (the ones that we set before). If you're not interested, stop here. But for you brave souls who want to see what happens, click Proceed and accept the download when its window pops up. > > This is going to download locally, to wherever we've got our own personal computers set to put downloaded files. We need to get it up to worker somehow, either in a regular terminal (with scp if we're running a Linux or Mac machine) or with something like Putty/Teraterm (for Windows users). However we get it up to worker, it needs to land in /home/cloud_user. > > Now, in our worker terminal, while sitting in /home/cloud_user, delete the chef-repo directory, as well as the .chef that we created. We need to unzip the file we just copied up, but have to install the unzip utility first: > > > [cloud_user@worker]$ rm -rf chef-reo > [cloud_user@worker]$ rm -rf .chef > [cloud_user@worker]$ sudo yum -y install unzip > [cloud_user@worker]$ unzip > > When we unzipped, the archive created chef-repo again, so get into that directory (cd chef-repo) and run the knife node list, knife node fetch, and knife node list command combination that we ran when we were setting things up before.

Bootstrap Server 3 and Connect It to the Chef Server

From worker, we're going to bootstrap node, using node's public IP address:

[cloud_user@worker]$ knife bootstrap <node_PUBLIC_IP> -N node1 -x cloud_user -P <SSH_PASSWORD> --sudo

SSH PASSWORD in that command is the same one we've been using all along to log into the EC2 instances as cloud_user. Once this client run finishes, we can check for nodes:

[cloud_user@worker]$ knife node list

We should see one listed there called node1.


We created a chef server, set up a workstation where we configured a repository, then bootstrapped a node to it. This was all to start the process of automating our infrastructure management. We're well on our way now. Congratulations!