A chef is a configuration management system designed to allow you to automate and control large numbers of computers in an automated and reliable manner. The chef works with three core components: The Chef server, workstations, and nodes. The Chef server is the hub of Chef operations, where changes are stored for use.
See Also: Puppet vs. Chef vs. Ansible vs. SaltStack What is Chef Automation Tool and It’s Features How to Install the Chef Server on CentOS/RHEL 5/6/7 Install and Configure a Chef Workstation on CentOS/RHEL 7/6 How to connect Chef Server with Nodes on Linux
The chef-repo is a directory on your workstation that stores: Cookbooks (including recipes, attributes, resources, libraries, and templates) Roles Data bags Environments .chef
Cookbooks are the main component of configuring nodes on a Chef infrastructure. Cookbooks are usually used to handle one specific service, application, or functionality. The cookbook is also used to configure a system in the infrastructure. There are many other directories and files that are used for different purpose in the cookbook. Few of them as below:
A recipe is the most fundamental configuration element within the organization. Recipes are written in Ruby and contain information in regards to everything that needs to be run, changed, or created on a node.
Attributes in Chef are basically settings. Attributes define specific values about a node and its configuration.These values are used to change the default run list and specify the order of run list define in a cookbook.
A resource is a statement of configuration policy. A resource defines a set of actions and attributes, Where a resource represents its desired state, a provider defines the steps that are needed to bring that piece of the system from its current state into the desired state.
There are different types of resources. Few of them as well. package: It is used to manage packages on a nodes service: It is used to manage services on a nodes user: It helps to manage users on the nodes group: It helps to manage groups on the nodes cookbook_file: Its transfer files from cookbook subdirectory to a nodes specific location file: Its manage contents of a file on nodes directory: Its manage directories on nodes execute: Its help to execute a command on the nodes cron: It will edit an existing cron file on the nodes
Templates are similar to files, but they are not static. Template files end with the .erb extension, meaning that they contain embedded Ruby.
A library allows arbitrary Ruby code to be included in a cookbook, either as a way of extending the classes that are built-in to the chef-client—Chef::Recipe.
Roles in Chef are a logical way of grouping nodes. A role is a way to define certain patterns and processes that exist across nodes in an organization as belonging to a single job function. Each role will contain the configuration details necessary to bring the machine to a fully operational state to fulfill its specific role. This means you can gather cookbooks that will handle package installations, service configuration, special attributes for that role, etc.
Chef helps in performing environment specific configuration. It is always a good idea to have a separate environment for development, testing, and production. An environment is a way to map an organization’s real-life workflow to what can be configured and managed when using Chef server. An environment is simply a designation meant to help an administrator know what stage of the production process a server is a part of. Each server can be part of exactly one environment.
Chef data bags can be defined as an arbitrary collection of data which one can use with cookbooks. A data bag is a global variable that is stored as JSON data and is accessible from a Chef server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search.
The .chef directory is a hidden directory that is used to store validation key files and the knife.rb file. These files are required for interaction with a Chef server. Authentication files description as below:
The knife command communicates between the chef-repo located on a workstation and the Chef server. knife is configured with the knife.rb file, and is used from the workstation:
# cat /opt/chef-repo/.chef/knife.rb
# See https://docs.getchef.com/config_rb_knife.html for more information on knife configuration options
current_dir = File.dirname(__FILE__)
log_level: The default value, :info, notes that any informational messages will be logged. Possible values are :debug:, :warn, :error, and :fatal.
log_location: The location of the log file. The default value of log_level is STOUT (standard output) logging. Possible values are :debug, :info, :warn, :error and :fatal.
node_name: The username of the person using the workstation. This user will need a valid authorization key located on the workstation.
client_key: The location of the user’s authorization key.
chef_server_url: The URL of the Chef server. This can also be an IP address. /organizations/shortname must be included in the URL.
syntax_check_cache_path: The location in which knife stores information about files that have been checked for appropriate Ruby syntax.
cookbook_path: The path to the cookbook directory.