chef knife setup

A knife is a command-line tool that provides an interface between your workstation and the Chef server. The knife enables you to upload your cookbooks to the Chef server and interact with nodes, the servers that you manage.

knife requires two files to authenticate with the Chef server.

An RSA private key:

*Every request to the Chef server is authenticated through an RSA public key pair.

*The Chef server holds the public part; you hold the private part.

A knife configuration file

The configuration file is typically named knife.rb and this configuration file contain information such as the Chef server’s URL, the location of your RSA private key, and the default location of your cookbooks both of these files are typically located in a directory named .chef. Both of these files are typically located in a directory named .chef by default, every time knife runs, it looks in the current working directory for the .chef directory. If the .chef directory does not exist, knife searches up the directory tree for a .chef directory.

We’ll configure Knife to be able to communicate with the Chef Server.

Generate chef repository directory

#chef generate repo chef-repo

#cd chef-repo

#ls -a

.  ..  .chef  cookbooks  .gitignore  README.md  roles

#cd .chef/

The .chef directory should contain two files:

*knife configuration file, knife.rb

*RSA private key

Download your RSA Private key from the Chef Server – This was generated during the installation of the Chef server

#cat config.rb

# See https://docs.getchef.com/config_rb.html for more information on knife configuration options

current_dir = File.dirname(__FILE__)

log_level                :info

log_location             STDOUT

node_name                "chefadmin"

client_key               "#{current_dir}/chefadmin.pem"

chef_server_url          "https://chefserver.zippyops.com/organizations/mycompany"

cookbook_path            ["#{current_dir}/../cookbooks"]

*mycompany should match the name of your Organization as created on the Chef server

*chef-server is the domain name of your Chef Server – resolvable on the Workstation machine

*chefadmin should be the username that was created on the chef-server

Fetch the SSL certificate from your Chef server using the below command

#knife ssl fetch

Validate the downloaded SSL certificate

#knife ssl check

Confirm that knife.rb is set up correctly by running the client list:

#knife client list

This command should output the validator name.


Relevant Blogs: 

chef cookbooks 

Chef Loops 

Introduction to YAML 

Manage linux package in puppet

Recent Comments

No comments

Leave a Comment