About the chef-repo Directory Structure

A chef is a configuration management system designed to allow you to automate and control large numbers of computers in an automated and reliable manner. The chef works with three core components: The Chef server, workstations, and nodes. The Chef server is the hub of Chef operations, where changes are stored for use.


See Also:

  • Puppet vs. Chef vs. Ansible vs. SaltStack
  • What is Chef Automation Tool and It’s Features
  • How to Install the Chef Server on CentOS/RHEL 5/6/7
  • Install and Configure a Chef Workstation on CentOS/RHEL 7/6
  • How to connect Chef Server with Nodes on Linux
  • The chef-repo is a directory on your workstation that stores:

  • Cookbooks (including recipes, attributes, resources, libraries, and templates)
  • Roles
  • Data bags
  • Environments
  • .chef


    Cookbooks are the main component of configuring nodes on a Chef infrastructure. Cookbooks are usually used to handle one specific service, application, or functionality. The cookbook is also used to configure a system in the infrastructure. There are many other directories and files that are used for different purpose in the cookbook. Few of them as below:

    1. Recipes
    A recipe is the most fundamental configuration element within the organization. Recipes are written in Ruby and contain information in regards to everything that needs to be run, changed, or created on a node.

    2. Attributes
    Attributes in Chef are basically settings. Attributes define specific values about a node and its configuration.These values are used to change the default run list and specify the order of run list define in a cookbook.

    3. Resources
    A resource is a statement of configuration policy. A resource defines a set of actions and attributes, Where a resource represents its desired state, a provider defines the steps that are needed to bring that piece of the system from its current state into the desired state.

    There are different types of resources. Few of them as well.

  • package: It is used to manage packages on a nodes
  • service: It is used to manage services on a nodes
  • user: It helps to manage users on the nodes
  • group: It helps to manage groups on the nodes
  • cookbook_file: Its transfer files from cookbook subdirectory to a nodes specific location
  • file: Its manage contents of a file on nodes
  • directory: Its manage directories on nodes
  • execute: Its help to execute a command on the nodes
  • cron: It will edit an existing cron file on the nodes
  • 4. Templates
    Templates are similar to files, but they are not static. Template files end with the .erb extension, meaning that they contain embedded Ruby.

    5. Libraries
    A library allows arbitrary Ruby code to be included in a cookbook, either as a way of extending the classes that are built-in to the chef-client—Chef::Recipe.


    Roles in Chef are a logical way of grouping nodes. A role is a way to define certain patterns and processes that exist across nodes in an organization as belonging to a single job function. Each role will contain the configuration details necessary to bring the machine to a fully operational state to fulfill its specific role. This means you can gather cookbooks that will handle package installations, service configuration, special attributes for that role, etc.


    Chef helps in performing environment specific configuration. It is always a good idea to have a separate environment for development, testing, and production. An environment is a way to map an organization’s real-life workflow to what can be configured and managed when using Chef server. An environment is simply a designation meant to help an administrator know what stage of the production process a server is a part of. Each server can be part of exactly one environment.

    Data Bags:

    Chef data bags can be defined as an arbitrary collection of data which one can use with cookbooks. A data bag is a global variable that is stored as JSON data and is accessible from a Chef server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search.


    The .chef directory is a hidden directory that is used to store validation key files and the knife.rb file. These files are required for interaction with a Chef server. Authentication files description as below:


    The knife command communicates between the chef-repo located on a workstation and the Chef server. knife is configured with the knife.rb file, and is used from the workstation:

    # cat /opt/chef-repo/.chef/knife.rb
    # See https://docs.getchef.com/config_rb_knife.html for more information on knife configuration options
    current_dir = File.dirname(__FILE__)
    log_level                :info
    log_location             STDOUT
    node_name                "ajain"
    client_key               "#{current_dir}/ajain.pem"
    chef_server_url          "https://chef.techoism.local/organizations/ajaindevops2017"
    cookbook_path            ["#{current_dir}/../cookbooks"]

    log_level: The default value, :info, notes that any informational messages will be logged. Possible values are :debug:, :warn, :error, and :fatal.
    log_location: The location of the log file. The default value of log_level is STOUT (standard output) logging. Possible values are :debug, :info, :warn, :error and :fatal.
    node_name: The username of the person using the workstation. This user will need a valid authorization key located on the workstation.
    client_key: The location of the user’s authorization key.
    chef_server_url: The URL of the Chef server. This can also be an IP address. /organizations/shortname must be included in the URL.
    syntax_check_cache_path: The location in which knife stores information about files that have been checked for appropriate Ruby syntax.
    cookbook_path: The path to the cookbook directory.

    1. https://docs.chef.io/

    Enjoy it!

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    The reCAPTCHA verification period has expired. Please reload the page.