In the preferred Chef client/server mode, we need a Chef server to centralize all the information and action. We can build our own, either for testing purposes or for production use (with the maintenance overhead that goes with it), or we can use Hosted Chef, the Chef server hosted by the company who wrote Chef. You'll learn here how to create a free Hosted Chef account, so we can start coding with Chef as soon as possible and not worry about the server part. After this first step, we'll download the Chef Start Kit, an archive containing a fully working Chef repository, with a sample role and cookbook we can use right away—and that's what we'll do by sending this sample cookbook to the server using our first knife command.
To work through this recipe, you will need the following:
- An Internet connection
- A working Chef DK installation on the workstation
Follow these steps for Creating a free hosted server Chef account and a Puppet server:
- Go to https://manage.chef.io/signup.
- Fill in the details, use a valid e-mail address, and validate.
- Click on the link in the e-mail to validate your account.
- Create a password you remember.
- Create a new Chef organization.
- Download the Starter Kit.
- Uncompress the Starter Kit somewhere safe:
$ unzip chef-starter.zip Archive: chef-starter.zip inflating: chef-repo/README.md inflating: chef-repo/cookbooks/starter/files/default/sample.txt inflating: chef-repo/cookbooks/starter/recipes/default.rb inflating: chef-repo/cookbooks/starter/attributes/default.rb inflating: chef-repo/cookbooks/starter/metadata.rb inflating: chef-repo/cookbooks/starter/templates/default/sample.erb inflating: chef-repo/cookbooks/chefignore inflating: chef-repo/.gitignore inflating: chef-repo/.chef/knife.rb inflating: chef-repo/roles/starter.rb inflating: chef-repo/.chef/iacbook.pem
- Verify the connection to Hosted Chef using the
knifecommand and request, for example, the list of the users (this will return you user):$ cd chef-repo $ knife user list iacbook
- Upload the initial
startercookbook, still using theknifecommand:$ knife upload cookbooks/starter Created cookbooks/starter
There's no hosted Puppet server offering. We need to deploy our own Puppet server. To simulate a small infrastructure, we will use Vagrant with Ubuntu boxes (for more information about Vagrant, please refer to Chapter 1, Vagrant Development Environment). Let's start with a single node infrastructure, with only a Puppet server. Here is our Vagrantfile:
vm_memory = 2048
vm_cpus = 2
unless Vagrant.has_plugin?("vagrant-hostmanager")
raise 'vagrant-hostmanager is not installed!'
end
Vagrant.configure("2") do |config|
config.hostmanager.enabled = true
config.hostmanager.manage_guest = true
config.hostmanager.manage_host = true
config.vm.define "puppet.pomes.pro" do |puppet|
puppet.vm.box="bento/ubuntu-16.04"
puppet.vm.hostname="puppet.pomes.pro"
puppet.vm.provider :virtualbox do |vb|
vb.memory = vm_memory
vb.cpus = vm_cpus
end
puppet.vm.network :private_network, ip: "192.168.50.10"
puppet.hostmanager.aliases = %w(puppet)
puppet.vm.provision :shell, :path => "puppet_master.sh"
puppet.vm.synced_folder "puppetcode", "/etc/puppetlabs/code/environments/production"
end
endThis Vagrant file relies on the vagrant-hostmaster plugin. If you don't already have it, you will need to install it manually using vagrant plugin install vagrant-hostmanager. This Vagrant plugin is used to create host entries in /etc/hosts in managed boxes and in your workstation. A shared folder will be used to edit code directly from your workstation.
The puppet_master.sh provisioning script is as follows:
#!/usr/bin/env bash
# Exit immediately if a command exits with a non-zero status
set -e
# puppetlabs URL
DEBREPO="https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb"
# Install the PuppetLabs repo
echo "Configuring PuppetLabs repo..."
debrepo=$(mktemp)
wget --output-document=${debrepo} ${DEBREPO}
dpkg -i ${debrepo}
apt-get update
# Install Puppet Server from puppetlabs
# This will remove puppet-common package provided by the vagrant box (if any)
echo "Installing Puppet..."
apt-get install -y puppetserver
# For tests, limit memory usage. 512m is enough
sed -i 's/2g/512m/g' /etc/default/puppetserver
# For tests, enable autosign for all csr
echo "autosign=true" | tee --append /etc/puppetlabs/puppet/puppet.conf
# Restart puppetserver
service puppetserver restart
# Ensure puppetserver is running and enable it on boot
/opt/puppetlabs/bin/puppet resource service puppetserver ensure=running enable=true
echo "Puppet server installed!"In this example, we are using a bundled Puppet server from the Puppet Collections repository provided by Puppet Labs. For simplicity and following recipes in this chapter, the auto-signing feature has been enabled. This means that when a Puppet node is contacting the server for the first time, a CSR is generated on the node and the Puppet server automatically signs it: subsequent requests will be authenticated and secured.
Let's create the shared folder and start Vagrant:
mkdir puppetcode vagrant up
We now have an Ubuntu Puppet server listening on 192.168.50.10, with FQDN puppet.pomes.pro. A short name puppet is also available, and has been populated by the vagrant-hostmanager plugin.