Getting started with using Chef

Exclusive offer: get 50% off this eBook here
Instant Chef Starter [Instant]

Instant Chef Starter [Instant] — Save 50%

A practical guide to getting started with Chef, an indispensable tool for provisioning and managing your system's infrastructure with this book and ebook

£8.99    £4.50
by John Ewart | March 2013 | Architecture & Analysis Open Source

Now that you have a functioning Chef Server running and the tools needed to interact with it, we will discuss the steps involved in setting up nodes that talk to the Chef service and will use the information provided to install software and set up the server.

This article by John Ewart, author of Instant Chef Starter will take you through the process of using Chef to provision a new Ubuntu 12.10 server and set it up as a LAMP (Linux, Apache, MySQL, and PHP) server as this is a very simple and quite common server configuration at the moment. The basic steps will be as follows:

  1. Setting up the server.

  2. Downloading and examining cookbooks.

  3. Uploading cookbooks into your Chef Server.

  4. Creating and assigning roles to the node.

  5. Completing the process by applying changes to the node.

(For more resources related to this topic, see here.)

In order to provide the instructions for this article to work without modification, you will need administrative access to a system running Ubuntu 12.04 LTS with SSH service running and accessible via a network. Additionally, the system will need to be able to access the Chef Server and the public Internet for package updates and gem installation.

Bootstrapping servers

Bootstrapping is the process of setting up something without external intervention. Chef uses bootstrap scripts that are executed (over SSH) on a remote server to perform any initial configuration that you desire. These scripts are written using ERB (a Ruby template language) and serve as a launching pad to setting up a new server. Typically these scripts would be run on a brand new server, but can be applied to any server that you can SSH into.

Additionally, bootstrap files are Linux-distribution and Ruby-distribution dependent because they have commands that are specific to particular distributions. For example, an Ubuntu Linux server with Ruby 1.9 installed from source, or a RedHat Enterprise Linux server with Ruby 1.8.7 installed from EPEL.

In addition to any initial configuration, bootstrapping registers the node with the Chef Server so that it becomes a member of the infrastructure and can have configurations and roles applied to it.

How the process works

The bootstrapping begins with developing a bootstrap script that targets the distribution and version of that distribution that is running on the server you are looking to provision. Once the script is written, the knife tool is used to remotely log into the new system and run the script to perform the initial configuration.

Knife does some interpolation locally of the bootstrap script before it is run on the server. This means that you can leverage Chef's data and configuration during the bootstrap process. Common uses here would include setting up initial firewall rules, routes, users, or other mandatory initial provisioning.

Chef provides some pre-written bootstrap scripts for the following platforms, making it easy to get started:

  • centos5-gems

  • fedora13-gems

  • ubuntu10.04-gems

  • ubuntu10.04-apt

  • ubuntu12.04-gems

Examining the bootstrap script

If you are looking for an example of what a bootstrap file contains, you can find the ones provided with chef in lib/chef/knife/bootstrap inside the directory containing your Chef gem (which, if you used the Opscode packages on a Debian system, would reside in /usr/lib/ruby/vendor_ruby/chef).

I strongly suggest reading over the bootstrap script you will be using so that you have a good idea of what you're running on your system as root before doing so.

Performing the bootstrap

Bootstrapping a server is quite simple and involves a single invocation of knife (once your bootstrap script is complete). Knife looks for bootstrap files in a directory called bootstrap in your local Chef directory. Good names for bootstrap files would include the distribution name as well as the version and type of Ruby installation you are performing (that is, centos5-ruby19, ubuntu11.10-rvm-ruby19, and so on).

In our case, we will be using the pre-supplied bootstrap script that configures Ubuntu 12.04 with gems to bootstrap our new system. For example:

export SERVER_IP="" export USER="ubuntu_user" knife bootstrap -x $USER --sudo $SERVER_IP -d ubuntu12.04-gems

This is where the environment variable, $SERVER_IP, is set to the IP address of your newly setup server and $USER is set to the user you created on your Ubuntu server that can execute sudo.

When executed, this command tells knife to execute the bootstrap command, which is responsible for loading the bootstrap script specified by the -d flag (-d is for distribution) over SSH logging into the remote server specified by the environment variable, $SERVER_IP using the remote user specified by the -x flag. In this case, it would run the following steps:

  1. SSH as ubuntu_user to

  2. Execute the contents of ubuntu12.04-gems.erb on the remote server using sudo

Once that is complete, the server will be bootstrapped according to the steps in the bootstrap file, which, if you were to look at the provided bootstrap script, you would see the following:

  1. Update the APT repository

  2. Install Ruby 1.8 and some development dependencies from APT

  3. Install the latest version of RubyGems

  4. Update the local Ruby gems

  5. Use gem to install ohai, the system-reporting agent

  6. Use gem to install Chef

  7. Copy the validation certificate file to the server

  8. Copy the encrypted data bag secret (if applicable)

  9. Generate any ohai hints needed

  10. Copy the Chef Client configuration to the server

  11. Copy the first-run JSON data to the server

  12. Execute the Chef Client in order to:

    • Register the node

    • Run any initially configured run list data

Verifying the registration

Once this has been completed, we can verify that the node has been registered with the Chef Server in either of two ways: using knife, or using the web console.

Using knife

To verify the node was registered with the Chef Server, we will be using the client command provided by knife. This can be accomplished with the list subtask like this:

user@server:$> knife client list host1 host2 new-host-name

Where new-host-name would be the hostname of the node you just bootstrapped (Chef Client will automatically determine the hostname when it registers itself using the bootstrapped machine's FQDN as you set it up).

Via the web console

To verify that the node was registered using the web console, we must first log into our Chef Server using the administrative credentials that were configured during setup. Once logged in, there will be a set of tabs along the top where you can switch between the different data collections you can manage. The URL of the web console will vary between installations, but if you followed the instructions earlier, it would be accessible at

As you can see, there are tabs for managing environments, roles, nodes, cookbooks, data bags, clients, and users. Additionally, there is a tab for performing searches, which is useful for validating search queries to be used in recipes.

Once you are on the Nodes tab, you will see a list of nodes that Chef knows about, which will look like the following screenshot:

In our case, chef-server is the Chef Server itself that we registered during the installation phase, and monitoring-production is the hostname of the newly registered server.


In this Article, we have discussed the process of getting started with Chef.

Resources for Article :

Further resources on this subject:

Instant Chef Starter [Instant] A practical guide to getting started with Chef, an indispensable tool for provisioning and managing your system's infrastructure with this book and ebook
Published: February 2013
eBook Price: £8.99
See more
Select your format and quantity:

About the Author :

John Ewart

John Ewart is a system architect, software developer, and lecturer. He has designed and taught courses at a variety of institutions including the University of California, California State University, and local community colleges covering a wide range of computer science topics including Java, data structures and algorithms, operating systems fundamentals, Unix and Linux systems administration, and web application development. In addition to working and teaching, he maintains and contributes to a number of open source projects. He currently resides in Redmond, Washington, with his wife, Mary, and their two children.

Books From Packt

CFEngine 3 Beginner’s Guide
CFEngine 3 Beginner’s Guide


 BizTalk Server 2010 Cookbook
BizTalk Server 2010 Cookbook

Scalix: Linux Administrator's Guide
Scalix: Linux Administrator's Guide

MDX with Microsoft SQL Server 2008 R2 Analysis Services Cookbook
MDX with Microsoft SQL Server 2008 R2 Analysis Services Cookbook

 Plone 3 Products Development Cookbook
Plone 3 Products Development Cookbook

Learning Nagios 3.0
Learning Nagios 3.0

 Oracle Siebel CRM 8 Installation and Management
Oracle Siebel CRM 8 Installation and Management

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software