Hi everyone,
I’m new to Chef and just started to play around with it a couple of weeks back, starting off with managing Windows.
While I am new to Chef, I have used other proprietary configuration management tools before such as Microsoft SCCM, among others. My approach may be wrong but I am trying to compare the process between using something like that (eg. SCCM) against Chef.
-
So typically, what would be done would be to create a template (for a vm, for example) where the necessary agents are installed. After booting a new instance of the vm from the template, the agent would automatically run and register itself with the management server (eg. SCCM server).
In the case of Chef, from the tutorials, it appears that we would need to bootstrap each of these individual new machines. Is it possible to pre-install the chef-client on a template to perform sort of a ‘reverse bootstrap’ process where once the machine boots up, it would attempt to contact and register itself with a predefined Chef server instead?
-
Whenever any machine that has already been registered with the management server has been decommisioned, it could be automatically removed from the database based on certain criteria.
With Chef, it seems that each of these machines would need to be deleted from either the web interface or the console manually. Is it possible to automate this? Or perhaps just change its status (in a custom attribute perhaps from ‘in production’ to ‘deleted’, for example)?
-
For existing production servers, there are usually tools to automate the deployment of the agents.
In a Chef environment, what are the common ways to bootstrap and distribute chef-clients in mass?
Again, as I’m new to Chef, my approach and take to these could be wrong but I’m just trying to see how this can be streamlined into existing processes.
Thanks in advance.
Regards,
Shaun
Hi,
Regarding 1 and 2 there is a great integration testing tool that comes with the ChefDK called Kitchen: http://kitchen.ci/
This tool will spin up a new VM for you using various providers (VirtualBox/Vagrant, OpenStack, VMWare…), installs the chef client and then runs your cookbook on the newly created VM. I have not used it with Windows yet, but I know that Microsoft provides Vagrant images for IE testing so it should be fairly easy to do. The kitchen blog has a nice entry to get you started quickly: http://kitchen.ci/blog/test-kitchen-windows-test-flight-with-vagrant/
Regarding 3: The knife bootstrap command can do this for you: http://devdocs.io/chef~12/12-9/knife_bootstrap
Is it possible to pre-install the chef-client on a template to perform sort of a 'reverse bootstrap' process where once the machine boots up, it would attempt to contact and register itself with a predefined Chef server instead?
I think what you are looking for here is unattended-install. You install chef on your template image along with your organizations validator.pem. On first run, it will register itself with the server.
With Chef, it seems that each of these machines would need to be deleted from either the web interface or the console manually. Is it possible to automate this? Or perhaps just change its status (in a custom attribute perhaps from 'in production' to 'deleted', for example)?
The easiest way to automate this is by having whatever process is decomissioning your nodes call knife node delete. That really just wraps the chef server's REST API so if its easier for your decommisioning process to make straight up HTTP calls, thats a possibility as well.
what are the common ways to bootstrap and distribute chef-clients in mass?
Others will have their own story. I think most use knife bootstrap in some form. Because its a commandline tool its easy to automate and wrap it into a larger script that can iterate over your infrastructure and plugin the appropriate parameters for each node.
Hey Joerg and Matt,
Thanks for the input.
Yes, the unattended installation option sounds like something that I was after and I will give that a try.
As for knife, I will give that a try as well, to see how I can wrap into some scripts or other tools.
Thanks again.
Regards,
Shaun