Hello everybody,
I’m new using chef and I want know if winrm protocol is the only way to boostrap a windows node and run updates on this. I’d like to know if exist other way to make this without remote connection and ip address because the nodes will not be in the same network (and this protocol is not a viable option for my company).
I’ll be attentive, thanks in advance.
Regards.
(Sorry for my english)
@carlos727, it depends on how and where you are running things.
Azure has a VM extension that can be used to install and configure Chef Client. Other platforms could include your custom install logic into a cloud-init or first-boot scenario. Or you could bake chef-client and your validator key into your image and configure a scheduled task to run chef-client when network is available.
If you don’t have network access to the machines that are spinning up, you’ll have to do a bit of pre-work on the image or with the image provisioning platform.
Hi @Steven_Murawski, the idea is execute commands for many physical machines at the same time. I have read about schedule task, then is possible configuring the nodes to run cookbooks from my chef server without before boostrap them from my workstaion. (I hope you understand what I try to say)
There are two scenarios, the first is with a chef server and the second is without a chef server.
If you are using a chef server in your environment, you can get the effect of bootstrapping the node, but you have to push that step either earlier in the machine provisioning lifecycle (including chef-client in the image or installing it as part of it’s cloud-init or system setup). Once you have chef-client (and your basic configuration information - a client.rb that points it to your chef-server and a validator key that can register the new node), the chef-client can run (either via a scheduled task or some other orchestration (maybe azure automation or powershell workflows for example) and register with the chef server.
The other main scenario is without a chef server, in which case you just need to get the chef-client installed (again either as part of the image or part of your image deployment process) and getting a scheduled task set up to run chef-client in “local-mode”. That will require that you get all the cookbooks you need to that local node as well.
In either case, you have to do some work either as part of your base image creation, at the time your new system is provisioned, or after provisioning via some other orchestration or command execution tool.
Ok, I think I understand. Then, I need install the chef-client in all machines and edit the client.rb file in order to can communicate with chef server (in other words, defining chef_server_url and client_key in client.rb?), but is possible runing chef-client in a specific hour in windows machines?
I really appreciate your help and know that are many question, but I don’t find much documentation about it.
There are two options on Windows to run chef-client on a schedule. First is the chef-client service, which I do not recommend. Feel free to check the archives on this list for why, there are a couple of threads about it.
The second is using the built-in task scheduler. There is a community cookbook (the chef-client cookbook) that can help in getting that set up or you can customize a scheduled task with PowerShell or schtasks.
The docs on the chef-client have some pretty good detail as to what happens during the chef-client run. You probably won’t have the client key at the first run, so you’ll need your validator key so that the chef-client can get a new client key for that node.
Hi @Steven_Murawski again, I lately have been applying all knowledge gained with chef tutorials and google & github searchs. I did make some cookbooks that work fine in nodes with Windows 7 OS. However, I need that chef-client run these cookbooks automatically and I check the chef-client cookbook but it doesn’t support W7. Also, I check windows cookbook and says only support Windows Server. Then, I like to know if exist any way to do the automation without use chef-client as a service because the chef-client must run daily in a specific hour.
I would try using the chef-client cookbook’s task recipie to create a scheduled task for the chef client to run. I know the chef-client cookbook, as well as many others, limit their support to server skus but often that does not mean that the recipies do not work in client SKUs, Because chef is largely a server based tool used mostly in server environments, most organizations including chef limit their testing matrix to server operating systems and therefore only formally support those.
Regardless, many like yourself may still find success using these cookbooks with client OS versions. I have not personally tried using the chef-client cookbook with Windows 7, but I’d give it a shot.
