Skip to content

Latest commit

 

History

History
98 lines (66 loc) · 5.78 KB

README.md

File metadata and controls

98 lines (66 loc) · 5.78 KB

The chef-repo

All installations require a central workspace known as the chef-repo. This is a place where primitive objects--cookbooks, roles, environments, data bags, and chef-repo configuration files--are stored and managed.

The chef-repo should be kept under version control, such as git, and then managed as if it were source code.

Knife Configuration

Knife is the command line interface for Chef. The chef-repo contains a .chef directory (which is a hidden directory by default) in which the Knife configuration file (knife.rb) is located. This file contains configuration settings for the chef-repo.

The knife.rb file is automatically created by the starter kit. This file can be customized to support configuration settings used by cloud provider options and custom knife plugins.

Also located inside the .chef directory are .pem files, which contain private keys used to authenticate requests made to the Chef server. The USERNAME.pem file contains a private key unique to the user (and should never be shared with anyone). The ORGANIZATION-validator.pem file contains a private key that is global to the entire organization (and is used by all nodes and workstations that send requests to the Chef server).

More information about knife.rb configuration options can be found in the documentation for knife.

Cookbooks

A cookbook is the fundamental unit of configuration and policy distribution. A sample cookbook can be found in cookbooks/starter. After making changes to any cookbook, you must upload it to the Chef server using knife:

$ knife upload cookbooks/starter

For more information about cookbooks, see the example files in the starter cookbook.

Roles

Roles provide logical grouping of cookbooks and other roles. A sample role can be found at roles/starter.rb.

Getting Started

Now that you have the chef-repo ready to go, check out Learn Chef to proceed with your workstation setup. If you have any questions about Chef you can always ask our support team for a helping hand.

Overview

Every Chef installation needs a Chef Repository. This is the place where cookbooks, roles, config files and other artifacts for managing systems with Chef will live. We strongly recommend storing this repository in a version control system such as Git and treat it like source code.

While we prefer Git, and make this repository available via GitHub, you are welcome to download a tar or zip archive and use your favorite version control system to manage the code.

Repository Directories

This repository contains several directories, and each directory contains a README file that describes what it is for in greater detail, and how to use it for managing your systems with Chef.

  • certificates/ - SSL certificates generated by rake ssl_cert live here.
  • config/ - Contains the Rake configuration file, rake.rb.
  • cookbooks/ - Cookbooks you download or create.
  • data_bags/ - Store data bags and items in .json in the repository.
  • roles/ - Store roles in .rb or .json in the repository.

Rake Tasks

The repository contains a Rakefile that includes tasks that are installed with the Chef libraries. To view the tasks available with in the repository with a brief description, run rake -T.

The default task (default) is run when executing rake with no arguments. It will call the task test_cookbooks.

The following tasks are not directly replaced by knife sub-commands.

  • bundle_cookbook[cookbook] - Creates cookbook tarballs in the pkgs/ dir.
  • install - Calls update, roles and upload_cookbooks Rake tasks.
  • ssl_cert - Create self-signed SSL certificates in certificates/ dir.
  • update - Update the repository from source control server, understands git and svn.

The following tasks duplicate functionality from knife and may be removed in a future version of Chef.

  • metadata - replaced by knife cookbook metadata -a.
  • new_cookbook - replaced by knife cookbook create.
  • role[role_name] - replaced by knife role from file.
  • roles - iterates over the roles and uploads with knife role from file.
  • test_cookbooks - replaced by knife cookbook test -a.
  • test_cookbook[cookbook] - replaced by knife cookbook test COOKBOOK.
  • upload_cookbooks - replaced by knife cookbook upload -a.
  • upload_cookbook[cookbook] - replaced by knife cookbook upload COOKBOOK.

Configuration

The repository uses two configuration files.

  • config/rake.rb
  • .chef/knife.rb

The first, config/rake.rb configures the Rakefile in two sections.

  • Constants used in the ssl_cert task for creating the certificates.
  • Constants that set the directory locations used in various tasks.

If you use the ssl_cert task, change the values in the config/rake.rb file appropriately. These values were also used in the new_cookbook task, but that task is replaced by the knife cookbook create command which can be configured below.

The second config file, .chef/knife.rb is a repository specific configuration file for knife. If you're using the Opscode Platform, you can download one for your organization from the management console. If you're using the Open Source Chef Server, you can generate a new one with knife configure. For more information about configuring Knife, see the Knife documentation.

http://docs.opscode.com/knife.html

Next Steps

Read the README file in each of the subdirectories for more information about what goes in those directories.