Install Chef Components
Estimated time: 2 hours
In this step, you will install and set up all of the Chef Software components that you need for the Chef Desktop cookbook.
- Install Chef Automate and Chef Infra Server
- Set Up Chef Infra Server
- Install Chef Workstation
- Set up the
.chef
directory for storing Chef Infra keys and configurations
- Set up the
- Chef Infra
- Chef Infra is a powerful automation platform that transforms infrastructure into code. Chef Infra automates how infrastructure is configured, deployed, and managed across your network, no matter its size.
- Chef Workstation
- Chef Workstation gives you everything you need to get started with Chef. Start scanning and configuring your environments today with Chef InSpec and chef-run. Chef Workstation runs on the computer you use everyday, whether it’s Linux, macOS, or Windows. Chef Workstation ships with Chef Infra Client, Chef InSpec, Chef CLI, Test Kitchen, Cookstyle, and several other useful Chef tools. With this collection of programs and tools, you can make sure your Chef Infra code does what you intended before you deploy it to environments used by others.
- Chef InSpec
- Chef InSpec is a testing framework with a human- and machine-readable language for specifying compliance, security and policy requirements. When compliance is expressed as code, you can integrate it into your deployment pipeline and automatically test for adherence to security policies.
Install Chef Automate and Chef Infra Server
We recommend starting with a clean installation of Chef Automate, Chef Infra Server, and Chef Desktop. Combining existing Chef Automate nodes with new Chef Desktop leads to significant confusion, because the servers do not distinguish between the types of nodes that they mange.
For the purposes of this demonstration, we recommend installing Chef Automate and Chef Infra Server together on the same host. Talk to your account representative to decide if you should follow a different deployment pattern in production.
Prepare the System
In your clean Linux environment, update and install the system packages:
apt-get -qq update
apt-get install -y --no-install-recommends
apt-get clean
The Chef Automate installation requires the following settings:
sysctl -w vm.max_map_count=262144
sysctl -w vm.dirty_expire_centisecs=20000
Chef Product Download and Install
Download the Chef Automate CLI:
curl https://packages.chef.io/files/current/latest/chef-automate-cli/chef-automate_linux_amd64zip | gunzip - > chef-automate && chmod +x chef-automate
Deploy the packages with the following command:
sudo chef-automate deploy --product automate --product chef-server --product desktop
You will need the host names and user information later in this guide. They are located them in the automate-credentials.toml
.
Chef Infra Server Setup
SSH into Chef Automate using the user name from your local workstation
ssh <workstation_user_name>@<chef-automate.test>
After you have created your Chef Infra Server with Chef Automate, connect to the Chef Infra Server instance and run the following commands to create your first and user and organization. You need run these commands as an administrator or use
sudo
before each command.You will need information from both of these commands. Copy them from your command line to a file. Store the file securely.
chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename USER_NAME.pem
Create an organization:
chef-server-ctl org-create SHORT_NAME 'FULL_ORGANIZATION_NAME' --association_user USER_NAME --filename ORGANIZATION-validator.pem
Install Chef Workstation
Download Chef Workstation and run the installer on the developer machine. Accept the defaults.
Workstation Environment Setup
Create a .chef
folder for storing your configuration and keys. Creating the .chef
directory it in your “home” or “root” folder makes those settings globally available. Navigate to the root directory and create a .chef
directory:
For Powershell:
Set-Location -Path C:\Users\<user_name>
New-Item -Path . -Name ".chef" -ItemType "directory"
For macOS:
cd ~
mkdir .chef
Key Management
“Key management” is a software term that means “Safely and securely getting the right credentials from remote and local computers into the right directories–usually, but not always, on your local computer–in order to use software to run commands between computers”.
We recommend using a secure copy protocol (SCP) to move the public key and configuration file from the Chef Infra Server to the .chef
directory on your workstation.
macOS workstations should have the
scp
command,Windows workstations will need to install WinSCP or another similar tool.
- The public key is
ORGANIZATION-validator.pem
- The configuration file is
config.toml
- The public key is
This step is the reason that you copied output of the above commands to files. To manage your keys and credentials, you need to know:
- The host name (also called a FQDN) or ip of the Chef Infra Server
- The user name on the Chef Infra Server
- The password on the Chef Infra Server
Transfer Keys on Windows Workstations
- Install WinSCP
- Open the program using the icon on your workstation desktop.
- Select SCP as the file protocol
- Set port 22
- Fill in the host name, the user name, and the password that you created on your Chef Infra Server.
Transfer Keys on macOS Workstations
macOS systems come with scp
installed. Download the key and configuration files:
scp user_name@chef-automate.test:/remote/ORGANIZATION-validator.pem ~/.chef
scp user_name@chef-automate.test:/remote/config.toml ~/.chef
More Information on SCP
- SCP for macOS
- SCP is used to move files between your workstation to a remote computer. It uses ssh for data transfer.
scp
asks for passwords or passphrases if needed for authentication. - WinSCP for Windows
- WinSCP is an open source application for Windows used to move files between your workstation and a remote computer. WinSCP offers scripting and basic file manager functionality. The download page has many junk buttons, make sure you select Download WinSPC.
- SCP on Azure
- SCP on Azure is used to move files from your workstation up to an Azure Linux VM, or from an Azure Linux VM down to your workstation.