Setting up a node from command line?

Chef Infra (archive)
1

So I’m installing Chef for the first time on an EC2 instance using the quick
start guide http://wiki.opscode.com/display/chef/Cookbook+Quick+Start and
I have hit a wall at the point where I have to add a node so that running
"sudo chef-client" does not give me a “401” error.

Here are the steps I’ve followed

sudo gem sources -a http://gems.opscode.com

sudo gem install ohai chef json

sudo apt-get install couchdb

sudo /etc/init.d/couchdb start

sudo /etc/init.d/couchdb status

sudo gem install chef-server chef-server-slice

sudo gem install stompserver

stompserver &

sudo vi /etc/chef/server.rb

sudo chef-indexer

sudo chef-server -c2 -N

git clone git://github.com/opscode/chef-repo.git

cd chef-repo

vi config/rake.rb

rake test
git ci -am ‘Add everything’

rake install

sudo chef-client

I have read through the managing nodes
pagehttp://wiki.opscode.com/display/chef/Nodes#Nodes-ManagingNodes
but
the documentation does not give me enough information to set myself up – I
have tried adding a registration token, but specifying it in
/etc/chef/server.rb does not seem to change anything, and neither does sudo
chef-client -t ‘token’

I cannot use a web browser on this instance (tried lynx, it doesn’t seem
sufficient), so anything I do has to be doable through command line. Help?

2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Dec 12, 2009 at 1:35 PM, Will Sargent wrote:

So I'm installing Chef for the first time on an EC2 instance using the quick
start guide and I have hit a wall at the point where I have to add a node so
that running "sudo chef-client" does not give me a "401" error.

Here are the steps I've followed

sudo gem sources -a http://gems.opscode.com

sudo gem install ohai chef json

sudo apt-get install couchdb

sudo /etc/init.d/couchdb start

sudo /etc/init.d/couchdb status

sudo gem install chef-server chef-server-slice

sudo gem install stompserver

stompserver &

sudo vi /etc/chef/server.rb

sudo chef-indexer

sudo chef-server -c2 -N

git clone git://github.com/opscode/chef-repo.git

cd chef-repo

vi config/rake.rb

rake test
git ci -am 'Add everything'

rake install

sudo chef-client

I have read through the managing nodes page but the documentation does not
give me enough information to set myself up -- I have tried adding a
registration token, but specifying it in /etc/chef/server.rb does not seem
to change anything, and neither does sudo chef-client -t 'token'

I cannot use a web browser on this instance (tried lynx, it doesn't seem
sufficient), so anything I do has to be doable through command line. Help?

You might like to look into GitHub - adamwiggins/sumo: Launch ec2 instances, pronto
I think it'll do what you want to do.
If you are trying specifically to learn the ins and outs of Chef then
reading the sumo source might be informative.
HTH

πόλλ' οἶδ ἀλώπηξ, ἀλλ' ἐχῖνος ἓν μέγα
[The fox knows many things, but the hedgehog knows one big thing.]
Archilochus, Greek poet (c. 680 BC – c. 645 BC)
http://wiki.hedgehogshiatus.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.10)

iEYEARECAAYFAksjBu8ACgkQL/DTCig+NhdwngCfYXXreTUQDFhAHTiGJXxtzt3O
20cAnRGblcjYkoAowkQ3/KOuywbjHEJ7
=Q2E9
-----END PGP SIGNATURE-----

3

On Fri, Dec 11, 2009 at 6:35 PM, Will Sargent will.sargent@gmail.com wrote:

So I'm installing Chef for the first time on an EC2 instance using the quick
start guide and I have hit a wall at the point where I have to add a node so
that running "sudo chef-client" does not give me a "401" error.

I have read through the managing nodes page but the documentation does not
give me enough information to set myself up -- I have tried adding a
registration token, but specifying it in /etc/chef/server.rb does not seem
to change anything, and neither does sudo chef-client -t 'token'

You likely have a pending registration for this client, and it's
making it so that you can't use the validation token for it. If you
delete the registration, it should complete with the token.

I cannot use a web browser on this instance (tried lynx, it doesn't seem
sufficient), so anything I do has to be doable through command line. Help?

We've made this much better in the upcoming version of Chef, but for
now, you're only real interface is through the JSON file you can pass
on the command line.

You may also want to check out the version of Knife the 37 Signals folks set up:

In 0.8, you'll have a Knife that provides access to all the chef
server functionality from the CLI.

Regards,
Adam

--
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com

4

On Sat, Dec 12, 2009 at 10:13 AM, Adam Jacob adam@opscode.com wrote:

On Fri, Dec 11, 2009 at 6:35 PM, Will Sargent will.sargent@gmail.com
wrote:

So I'm installing Chef for the first time on an EC2 instance using
the quick
start guide and I have hit a wall at the point where I have to add a node
so
that running "sudo chef-client" does not give me a "401" error.

I have read through the managing nodes page but the documentation does
not
give me enough information to set myself up -- I have tried adding a
registration token, but specifying it in /etc/chef/server.rb does not
seem
to change anything, and neither does sudo chef-client -t 'token'

You likely have a pending registration for this client, and it's
making it so that you can't use the validation token for it. If you
delete the registration, it should complete with the token.

How do I delete the registration from the command line?

I cannot use a web browser on this instance (tried lynx, it doesn't seem
sufficient), so anything I do has to be doable through command line.
Help?

We've made this much better in the upcoming version of Chef, but for
now, you're only real interface is through the JSON file you can pass
on the command line.

Okay. How do I add a node using the JSON file?

You may also want to check out the version of Knife the 37 Signals folks
set up:

gist:104080 · GitHub

In 0.8, you'll have a Knife that provides access to all the chef
server functionality from the CLI.

The gist doesn't seem to include a way to add a node, only recipes.

Will.

5

Will Sargent wrote:

You likely have a pending registration for this client, and it's
making it so that you can't use the validation token for it.  If you
delete the registration, it should complete with the token.

How do I delete the registration from the command line?

There is now way to do this with the current version of Chef easily.

Have you thought about creating an SSH tunnel, and using your web
browser? I realize this is less than ideal (and the fix is in!) but it
will get you where you want to be for now.

Okay. How do I add a node using the JSON file?

With the -j option to chef-client or chef-solo.

http://wiki.opscode.com/display/chef/Setting+the+run_list+in+JSON

New nodes get added when they are first run - so the goal here would be
to set the validation token, then use a json file on each client to
configure it's settings.

Regards,
Adam

--
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com

6

On Sat, Dec 12, 2009 at 2:13 PM, Adam Jacob adam@opscode.com wrote:

Will Sargent wrote:

You likely have a pending registration for this client, and it's
making it so that you can't use the validation token for it.  If you
delete the registration, it should complete with the token.

How do I delete the registration from the command line?

There is now way to do this with the current version of Chef easily.

Have you thought about creating an SSH tunnel, and using your web
browser? I realize this is less than ideal (and the fix is in!) but it
will get you where you want to be for now.

Okay. How do I add a node using the JSON file?

With the -j option to chef-client or chef-solo.

http://wiki.opscode.com/display/chef/Setting+the+run_list+in+JSON

New nodes get added when they are first run - so the goal here would be
to set the validation token, then use a json file on each client to
configure it's settings.

Well, the docs say "The JSON attributes file can be used to add specific
Roles </display/chef/Roles> or Recipes </display/chef/Recipes> to a node
during chef-client/chef-solo run time." Not adding nodes themselves. So if
they can do that, it's undocumented.

So if I'm reading this right, I need to run

sudo chef-client -j nothing.json -t "token"

where nothing.json contains { "run_list": }

And that will automatically create a node on the system, with nothing added
to it?

Will.

7

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Will Sargent wrote:

Well, the docs say "The JSON attributes file can be used to add
specific Roles </display/chef/Roles> or Recipes
</display/chef/Recipes> to a node during chef-client/chef-solo run
time." Not adding nodes themselves. So if they can do that, it's
undocumented.

Thanks for the note - yeah, we should make it clear that nodes get
created when the clients are run.

So if I'm reading this right, I need to run

sudo chef-client -j nothing.json -t "token"

where nothing.json contains { "run_list": }

And that will automatically create a node on the system, with nothing
added to it?

Yes.

Adam

Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJLJpG3AAoJEK+ksDjf4JoCykEH/i5Q7/DFTffZW7cn7FwCNea2
7glTQ2eTzYOS++d/RPdtwVzJa6LRj0qaXqK13zl079dP6Nh0Rz8wur4xmbKtyLAa
4Ny9iZUh6KbE6rM7FV4Jw9ZekSgyOxutlDZfAhFHj2+48Ol1YBOkJxTFfvemBojo
uCGiqoMXifsl87a8DhzevODORqZ/3okUUC/W8DRxbYE6qr9HKxOr/3D+RrBTEDSY
JEvCMeDtHWhqkzz5wJh9VhAd8cL9Fk4Qtahpj4ipLc5ElM5k6zgqkl9MCslojIpS
kXDf97Py65Dt4k0FGTBI2AdxKaCoaeiD0yjAaRT3L5XYayXYWnfNrQOi39wxu24=
=qFR0
-----END PGP SIGNATURE-----

8

On Mon, Dec 14, 2009 at 11:27 AM, Adam Jacob adam@opscode.com wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Will Sargent wrote:

Well, the docs say "The JSON attributes file can be used to add
specific Roles </display/chef/Roles> or Recipes
</display/chef/Recipes> to a node during chef-client/chef-solo run
time." Not adding nodes themselves. So if they can do that, it's
undocumented.

Thanks for the note - yeah, we should make it clear that nodes get
created when the clients are run.

So if I'm reading this right, I need to run

sudo chef-client -j nothing.json -t "token"

where nothing.json contains { "run_list": }

And that will automatically create a node on the system, with nothing
added to it?

Okay. I think I'm getting a handle on this. What really screwed me up was
using the manual configuration guide in conjunction with the quick start
guide. The

http://wiki.opscode.com/display/chef/Manual+Chef+Server+Configuration

says to use /etc/chef/server.rb, and all the paths in there are pointing to
/var/chef

cookbook_path [ "/var/chef/site-cookbooks", "/var/chef/cookbooks" ]

Meanwhile, new cookbooks asks you to use the opcodes repository as a base...

http://wiki.opscode.com/display/chef/Chef+Repository#ChefRepository-CreatenewCookbooks

But when you use the chef-repo and run rake install, it copies everything to
/srv/cookbooks.

The best fix is probably to use /srv/chef as the canonical directory.

Will.

9

Will Sargent will.sargent@gmail.com writes:

Well, the docs say "The JSON attributes file can be used to add specific
Roles </display/chef/Roles> or Recipes </display/chef/Recipes> to a node
during chef-client/chef-solo run time." Not adding nodes themselves. So if
they can do that, it's undocumented.

So if I'm reading this right, I need to run

sudo chef-client -j nothing.json -t "token"

where nothing.json contains { "run_list": }

And that will automatically create a node on the system, with nothing added
to it?

Is a json file even necessary just to create a node? Does 'chef-client
-t token' only create the registration? If so, why? Seems fairly
intuitive that it'd create an empty node also.

Also, as a shortcut, you can take advantage of a bashism to avoid
needlessly creating a temp file:

chef-client -j <(echo '{"recipes": }') -t "token"

Matthew

--
I must take issue with the term "a mere child", for it has been my
invariable experience that the company of a mere child is infinitely
preferable to that of a mere adult.
-- Fran Lebowitz

10

On Tue, Dec 15, 2009 at 12:48 AM, Matthew King matthew.king@monnsta.net wrote:

Is a json file even necessary just to create a node? Does 'chef-client
-t token' only create the registration? If so, why? Seems fairly
intuitive that it'd create an empty node also.

Right - it will create a node with an empty run list by default.

Also, as a shortcut, you can take advantage of a bashism to avoid
needlessly creating a temp file:

chef-client -j <(echo '{"recipes": }') -t "token"

Nice!

Adam

--
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com