Chef Concept

Chef - Overview
Chef is an open source technology developed by Opscode. Adam Jacob, co-founder of

Opscode is known as the founder of Chef. This technology uses Ruby encoding to
develop basic building blocks like recipe and cookbooks. Chef is used in infrastructure
automation and helps in reducing manual and repetitive tasks for infrastructure
management.
Chef have got its own convention for different building blocks, which are required to
manage and automate infrastructure.
Why Chef?
Chef is a configuration management technology used to automate the infrastructure
provisioning. It is developed on the basis of Ruby DSL language. It is used to streamline
the task of configuration and managing the company’s server. It has the capability to get
integrated with any of the cloud technology.
In DevOps, we use Chef to deploy and manage servers and applications in-house and
on the cloud.
Features of Chef
Following are the most prominent features of Chef −
• Chef uses popular Ruby language to create a domain-specific language.
• Chef does not make assumptions on the current status of a node. It uses its
mechanisms to get the current status of machine.
• Chef is ideal for deploying and managing the cloud server, storage, and software.
Advantages of Chef
Chef offers the following advantages −
• Lower barrier for entry − As Chef uses native Ruby language for configuration,
a standard configuration language it can be easily picked up by anyone having
some development experience.
• Excellent integration with cloud − Using the knife utility, it can be easily
integrated with any of the cloud technologies. It is the best tool for an organization
that wishes to distribute its infrastructure on multi-cloud environment.
Disadvantages of Chef
Some of the major drawbacks of Chef are as follows −
• One of the huge disadvantages of Chef is the way cookbooks are controlled. It
needs constant babying so that people who are working should not mess up with
others cookbooks.
• Only Chef solo is available.
• In the current situation, it is only a good fit for AWS cloud.
• It is not very easy to learn if the person is not familiar with Ruby.
• Documentation is still lacking.
Key Building Blocks of Chef
Recipe
It can be defined as a collection of attributes which are used to manage the infrastructure.
These attributes which are present in the recipe are used to change the existing state or
setting a particular infrastructure node. They are loaded during Chef client run and
comparted with the existing attribute of the node (machine). It then gets to the status
which is defined in the node resource of the recipe. It is the main workhorse of the
cookbook.
Cookbook
A cookbook is a collection of recipes. They are the basic building blocks which get
uploaded to Chef server. When Chef run takes place, it ensures that the recipes present
inside it gets a given infrastructure to the desired state as listed in the recipe.
Resource
It is the basic component of a recipe used to manage the infrastructure with different kind
of states. There can be multiple resources in a recipe, which will help in configuring and
managing the infrastructure. For example −
• package − Manages the packages on a node
• service − Manages the services on a node
• user − Manages the users on the node
• group − Manages groups
• template − Manages the files with embedded Ruby template
• cookbook_file − Transfers the files from the files subdirectory in the cookbook to
a location on the node
• file − Manages the contents of a file on the node
• directory − Manages the directories on the node
• execute − Executes a command on the node
• cron − Edits an existing cron file on the node
Attribute
They are basically settings. They can be thought of as a key value pair of anything which
one wants to use in the cookbook. There are several different kinds of attributes that can
be applied, with a different level of precedence over the final settings that the node
operates under.
File
It’s a subdirectory within the cookbook that contains any static file which will be placed
on the nodes that uses the cookbooks. A recipe then can be declared as a resource that
moves the files from that directory to the final node.
Templates
They are similar to files, but they are not static. Template files end with the .ebr extension,
which means they contain embedded Ruby. They are mainly used to substitute an
attribute value into the files to create the final file version that will be placed on the node.
Metadata.rb
It is used to manage the metadata about the package. This includes details like the name
and details of the package. It also includes things such as dependency information that
tells which cookbooks this cookbook needs to operate. This allows the Chef server to
build the run-list of the node correctly and ensures that all of the pieces are transferred
correctly.
Default Cookbook Structure
C:\chef\cookbooks\nginx>tree
Folder PATH listing for volume Local Disk
Volume serial number is BE8B-6427
C: ├───attributes
├───definitions
├───files
│ └───default
├───libraries
├───providers
├───recipes
├───resources
└───templates
└───default
Chef − Related Technologies
Following is the list of Chef related technologies.
Puppet
Puppet provides a standard way of delivering and operating software, no matter where
it runs. It is an automated administrative engine for Linux, Unix, and Windows system
that performs administrative tasks based on centralized specification.
The primary features of Puppet are as follows −
• Implementing new systems with a uniform configuration.

• Updating the systems and upgrading the security and software packages.
• Incorporating new features and adding dexterous capabilities.
• Customizing configurations for ensuring the availability of data sources.
• Optimizing the available resources and minimizing the cost.
• Simplifying the roles and enabling the team to focus on core and productive issues.
• Getting a bird’s eye view of the available infrastructure.
Ansible
Ansible is a radically simple IT automation platform that makes your applications and
systems easier to deploy. Avoid writing scripts or custom code to deploy and update your
applications — automate in a language that approaches plain English, using SSH, with
no agents to install on remote systems.
The primary features of Ansible are as follows −
• Simple and easy to learn

• Written in Python
• Agentless
• YAML-based Playbooks
• Ansible galaxy
SaltStack
SaltStack is used for data-driven configuration. It is a new approach of infrastructure
management built on dynamic communication bus. It is used for data-driven
orchestration, remote execution for any infrastructure, and configuration management
for any app stack.
Fabric
Fabric is a Python-based programming language, which is developed as an API of
Python which needs to be imported in Python code in order to configure and manage an
infrastructure.
Chef - Architecture
Chef works on a three-tier client server model wherein the working units such as
cookbooks are developed on the Chef workstation. From the command line utilities such
as knife, they are uploaded to the Chef server and all the nodes which are present in the
architecture are registered with the Chef server.
In order to get the working Chef infrastructure in place, we need to set up multiple things
in sequence.
In the above setup, we have the following components.
Chef Workstation
This is the location where all the configurations are developed. Chef workstation is
installed on the local machine. Detailed configuration structure is discussed in the later
chapters of this tutorial.
Chef Server
This works as a centralized working unit of Chef setup, where all the configuration files
are uploaded post development. There are different kinds of Chef server, some are
hosted Chef server whereas some are built-in premise.
Chef Nodes
They are the actual machines which are going to be managed by the Chef server. All the
nodes can have different kinds of setup as per requirement. Chef client is the key
component of all the nodes, which helps in setting up the communication between the
Chef server and Chef node. The other components of Chef node is Ohai, which helps in
getting the current state of any node at a given point of time.
Chef - Version Control System Setup
Using Version Control system is a fundamental part of infrastructure automation. There
are multiple kinds of version control system such as SVN, CVS, and GIT. Due to the
popularity of GIT among the Chef community, we will use the GIT setup.
Note − Don’t think of building an infrastructure as a code without a version control
system.
On Windows
Step 1 − Download the Windows installer from www.git-scm.org and follow the
installation steps.
Step 2 − Sign up for a central repository on GitHub.
Step 3 − Upload the ssh key to the GitHub account, so that one can interact with it easily.
For details on ssh key visit the following
link https://help.github.com/articles/generatingssh-keys.
Step 4− Finally create a repo on the github account by
visiting https://github.com/new with the name of chef-repo.
Before actually starting to write a cookbook, one can set up an initial GIT repository on
the development box and clone the empty repository provided by Opscode.
Step 1 − Download Opscode Chef repository empty structure.
$ wget https://github.com/opscode/chef-repo/tarball/master
Step 2 − Extract the tar ball.
$ tar –xvf master
Step 3 − Rename the directory.
$ mv opscode-chef-repo-2c42c6a/ chef-repo
Step 4 − Change the current working directory to chef repo.
$ cd chef-repo
Step 5 − Initialize a fresh get repo.
$ git init.
Step 6 − Connect to your repo on the git hub.
$ git remote add origin git@github.com:vipin022/chef-
Step 7 − Push the local repo to github.
$ git add.
$ git commit –m “empty repo structure added”
$ git push –u origin maste
By using the above procedure, you will get an empty chef repo in place. You can then
start working on developing the recipes and cookbooks. Once done, you can push the
changes to the GitHub.
Chef - Workstation Setup

Chef follows the concept of client-server architecture, hence in order to start working with
Chef one needs to set up Chef on the workstation and develop the configuration locally.
Later it can be uploaded to Chef server to make them working on the Chef nodes, which
needs to be configured.
Opscode provides a fully packaged version, which does not have any external
prerequisites. This fully packaged Chef is called the omnibus installer.
On Windows Machine
Step 1 − Download the setup .msi file of chefDK on the machine.
Step 2 − Follow the installation steps and install it on the target location.
The setup will look as shown in the following screenshot.
ChefDK Path Variable

$ echo $PATH
/c/opscode/chef/bin:/c/opscode/chefdk/bin:
On Linux Machine
In order to set up on the Linux machine, we need to first get curl on the machine.
Step 1 − Once curl is installed on the machine, we need to install Chef on the workstation
using Opscode’s omnibus Chef installer.
$ curl –L https://www.opscode.com/chef/install.sh | sudo bash
Step 2 − Install Ruby on the machine.
Step 3 − Add Ruby to path variable.
$ echo ‘export PATH = ”/opt/chef/embedded/bin:$PATH”’ ≫
~/.bash_profile &&
source ~/.bash_profile
The Omnibus Chef will install Ruby and all the required Ruby gems
into /opt/chef/embedded by adding /opt/chef/embedded/bin directory to the
.bash_profile file.
If Ruby is already installed, then install the Chef Ruby gem on the machine by running
the following command.
$ gem install chef
Chef - Client Setup
In order to make Chef node communicate with Chef server, you need to set up Chef
client on the node.
Chef Client
This is one of the key components of Chef node, which retrieves the cookbooks from the
Chef server and executes them on the node. It is also known as the Chef provisioner.
Here, we will use Vagrant to manage VM. Vagrant can also be configured with the
provisioner such as Shell script, Chef and Puppet to get VM into a desired state. In our
case, we will use Vagrant to manage VMs using VirtualBox and Chef client as a
provisioner.
Step 1 − Download and install VirtualBox from https://www.virtualbox.org/wiki/downlod
Step 2 − Download and install Vagrant at http://downloads.vagrantup.com
Step 3 − Install Vagrant Omnibus plugin to enable Vagrant to install Chef client on the
VM.
$ vagrant plugin install vagrant-omnibus
Creating and Booting Virtual
Step 1 − We can download the required Vagrant box from the Opscode vagrant repo.
Download the opscode-ubuntu-12.04 box from the following URL https://opscode-
vmbento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box
Step 2 − Once you have the Vagrant file, download the path you need to edit the Vagrant
file.
vipin@laptop:~/chef-repo $ subl Vagrantfile
Vagrant.configure("2") do |config|
config.vm.box = "opscode-ubuntu-12.04"
config.vm.box_url = https://opscode-vm-bento.s3.amazonaws.com/
vagrant/opscode_ubuntu-12.04_provisionerless.box
config.omnibus.chef_version = :latest
config.vm.provision :chef_client do |chef|
chef.provisioning_path = "/etc/chef"
chef.chef_server_url = "https://api.opscode.com/
organizations/<YOUR_ORG>"
chef.validation_key_path = "/.chef/<YOUR_ORG>-validator.pem"
chef.validation_client_name = "<YOUR_ORG>-validator"
chef.node_name = "server"
end
end
In the above program, you need to update the <YOUR_ORG> name with the correct or
required organization name.
Step 3 − Next step after the configuration is, to get the vagrant box up. For this, you
need to move to the location where Vagrant box is located and run the following
command.
$ vagrant up
Step 4 − Once the machine is up, you can login to the machine using the following
command.
$ vagrant ssh
In the above command, vagrantfile is written in a Ruby Domain Specific Language (DSL)
for configuring the vagrant virtual machine.
In the vagrant file, we have the config object. Vagrant will use this config object to
configure the VM.
Vagrant.configure("2") do |config|
…….
End
Inside the config block, you will tell vagrant which VM image to use, in order to boot the
node.
config.vm.box = "opscode-ubuntu-12.04"
config.vm.box_url = https://opscode-vm-bento.s3.amazonaws.com/
vagrant/opscode_ubuntu-12.04_provisionerless.box
In the next step, you will tell Vagrant to download the omnibus plugin.
config.omnibus.chef_version = :latest
After selecting the VM box to boot, configure how to provision the box using Chef.
config.vm.provision :chef_client do |chef|
…..
End
Inside this, you need to set up instruction on how to hook up the virtual node to the Chef
server. You need to tell Vagrant where you need to store all the Chef stuff on the node.
chef.provisioning_path = "/etc/chef"
Chef - Test Kitchen Setup
Test Kitchen is Chef’s integrated testing framework. It enables writing test recipes, which
will run on the VMs once they are instantiated and converged using the cookbook. The
test recipes run on that VM and can verify if everything works as expected.
ChefSpec is something which only simulates a Chef run. Test kitchen boots up real node
and runs Chef on it.
Step 1 − Install test kitchen Ruby gem and test kitchen vagrant gem to enable test
kitchen to use vagrant for spinning up test.
$ gem install kitchen
$ gem install kitchen-vagrant
Step 2 − Set up test kitchen. This can be done by creating .kitchen.yml in the cookbook
directory.
driver_plugin: vagrant
driver_config:
require_chef_omnibus: true
platforms:
- name: ubuntu-12.04
driver_config:
box: opscode-ubuntu-12.04
box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_
ubuntu-12.04_provisionerless.box
suites:
- name: default
run_list:
- recipe[minitest-handler]
- recipe[my_cookbook_test]
attributes: { my_cookbook: { greeting: 'Ohai, Minitest!'} }
In the above code, one part defines that vagrant needs to spin up the VMs and it defines
that you want Omnibus to install Chef on the target node.
The second part defines which platform you want to test the cookbooks. Vagrant will
always create and destroy new instances. You do not have to fear about the side effects
with vagrant VMs you spin up using Vagrant file.
Test kitchen can be considered as a temporary environment that helps to run and test
cookbooks in a temporary environment that is similar to production. With test kitchen on,
one can make sure that the given piece of code is working, before it is actually getting
deployed on to testing, preproduction, and production environment. This feature of test
kitchen is followed by many organizations as a set before putting the cookbooks in an
actual working environment.
Test Kitchen Workflow
Following are the steps involved in Test Kitchen Workflow.
Creating a Cookbook Using Chef
Use the following code to create a cookbook.
$ chef generate cookbook motd_rhel
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: code_generator::cookbook
* directory[C:/chef/cookbooks/motd_rhel] action create
- create new directory C:/chef/cookbooks/motd_rhel
* template[C:/chef/cookbooks/motd_rhel/metadata.rb] action
create_if_missing
- create new file C:/chef/cookbooks/motd_rhel/metadata.rb
- update content in file
C:/chef/cookbooks/motd_rhel/metadata.rb from none to
d6fcc2 (diff output suppressed by config)
* template[C:/chef/cookbooks/motd_rhel/README.md] action
create_if_missing
- create new file C:/chef/cookbooks/motd_rhel/README.md
C:/chef/cookbooks/motd_rhel/README.md from none to 50deab
(diff output suppressed by config)
* cookbook_file[C:/chef/cookbooks/motd_rhel/chefignore] action
create
- create new file C:/chef/cookbooks/motd_rhel/chefignore
C:/chef/cookbooks/motd_rhel/chefignore from none to 15fac5
* cookbook_file[C:/chef/cookbooks/motd_rhel/Berksfile] action
create_if_missing
- create new file C:/chef/cookbooks/motd_rhel/Berksfile
C:/chef/cookbooks/motd_rhel/Berksfile from none to 9f08dc
* template[C:/chef/cookbooks/motd_rhel/.kitchen.yml] action
create_if_missing
- create new file C:/chef/cookbooks/motd_rhel/.kitchen.yml
C:/chef/cookbooks/motd_rhel/.kitchen.yml
from none to 49b92b (diff output suppressed by config)
*
directory[C:/chef/cookbooks/motd_rhel/test/integration/default/serv
erspec]
action create
- create new directory
C:/chef/cookbooks/motd_rhel/test/integration/default/serverspec
*
directory[C:/chef/cookbooks/motd_rhel/test/integration/helpers/serv
erspec]
action create
C:/chef/cookbooks/motd_rhel/test/integration/helpers/serverspec
* cookbook_file
[C:/chef/cookbooks/motd_rhel/test/integration/helpers/serverspec/sp
ec_helper.rb]
action create_if_missing
- create new file
C:/chef/cookbooks/motd_rhel/test/integration/helpers/serverspec/spe
c_helper.rb
C:/chef/cookbooks/motd_rhel/test/integration/helpers/serverspec/spe
c_helper.rb
from none to d85df4 (diff output suppressed by config)
* template
[C:/chef/cookbooks/motd_rhel/test/integration/default/serverspec/de
faul t_spec.rb]
- create new file
C:/chef/cookbooks/motd_rhel/test/integration/default/serverspec/def
ault_spec.rb
C:/chef/cookbooks/motd_rhel/test/integration/default/serverspec/def
ault_spec.rb
from none to 3fbdbd (diff output suppressed by config)
* directory[C:/chef/cookbooks/motd_rhel/spec/unit/recipes]
action create
C:/chef/cookbooks/motd_rhel/spec/unit/recipes
* cookbook_file
[C:/chef/cookbooks/motd_rhel/spec/spec_helper.rb] action
create_if_missing
- create new file
C:/chef/cookbooks/motd_rhel/spec/spec_helper.rb
C:/chef/cookbooks/motd_rhel/spec/spec_helper.rb from none
to 587075
* template
[C:/chef/cookbooks/motd_rhel/spec/unit/recipes/default_spec.rb]
- create new file
C:/chef/cookbooks/motd_rhel/spec/unit/recipes/default_spec.rb
C:/chef/cookbooks/motd_rhel/spec/unit/recipes/default_spec.rb
from none to ff3b17 (diff output suppressed by config)
* directory[C:/chef/cookbooks/motd_rhel/recipes] action create
- create new directory C:/chef/cookbooks/motd_rhel/recipes
* template[C:/chef/cookbooks/motd_rhel/recipes/default.rb]
- create new file
C:/chef/cookbooks/motd_rhel/recipes/default.rb
C:/chef/cookbooks/motd_rhel/recipes/default.rb from none
to c4b029
* execute[initialize-git] action run

- execute git init .
* cookbook_file[C:/chef/cookbooks/motd_rhel/.gitignore] action
create
- create new file C:/chef/cookbooks/motd_rhel/.gitignore
C:/chef/cookbooks/motd_rhel/.gitignore from none to 33d469
* execute[git-add-new-files] action run

- execute git add .
* execute[git-commit-new-files] action run

- execute git commit -m "Add generated cookbook content"
Following is the Created Cookbook Structure as an output of the above code.

Test Kitchen Configuration File
.kitchen.yaml file
driver:
name: vagrant
provisioner:
name: chef_zero
# verifier:
# name: inspec
# format: doc
platforms:
suites:
- name: default
run_list:
- recipe[motd_rhel::default]
attributes:
Drivers − It specifies the software which manages the machine.

Provisioner − It provides specification on how Chef runs. We are using chef_zero
because it enables to mimic a Chef server environment on the local machine. This allows
to work with node attributes and Chef server specifications.
Platform − This specifies the target operating system.
Suites − It defines what one wants to apply on the virtual environment. Here, you define
multiple definition. It is the location where you define the run list, which specifies which
recipe to run and in which sequence we need to run.
Running the Commands in Sequence
Kitchen List
$ kitchen list
Instance Driver Provisioner Verifier Transport Last Action
ubuntu-1404 Vagrant ChefZero Busser Ssh <Not Created>
Kitchen Create
$ kitchen create
-----> Starting Kitchen (v1.4.2)
-----> Creating <default-centos-72>...
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'opscode-centos-7.2' could not be found.
Attempting to find and install...
default: Box Provider: virtualbox
default: Box Version: >= 0
==> default: Box file was not detected as metadata. Adding it
directly...
==> default: Adding box 'opscode-centos-7.2' (v0) for
provider: virtualbox
default: Downloading:
https://opscode-
vmbento.s3.amazonaws.com/vagrant/virtualbox/
opscode_centos-7.1_chefprovisionerless.box[...]
Vagrant instance <default-centos-72> created.
Finished creating <default-centos-72> (3m12.01s).
-----> Kitchen is finished. (3m12.60s)
Kitchen Converge
$ kitchen converge
-----> Converging <default-centos-72>...
Preparing files for transfer
Preparing dna.json
Resolving cookbook dependencies with Berkshelf 4.0.1...
Removing non-cookbook files before transfer
Preparing validation.pem
Preparing client.rb
-----> Chef Omnibus installation detected (install only if
missing)
Transferring files to <default-centos-72>
Starting Chef Client, version 12.6.0
resolving cookbooks for run list: ["motd_rhel::default"]
Synchronizing Cookbooks: - motd_rhel (0.1.0)
Compiling Cookbooks... Converging 1 resources
Recipe: motd_rhel::default (up to date)
Running handlers: Running handlers complete
Chef Client finished, 0/1 resources updated in 01 seconds
Finished converging <default-centos-72> (0m3.57s).
Testing Setup
Kitchen login is used to test if the testing VM is provisioned correctly.
$ kitchen login
Last login: Thu Jan 30 19:02:14 2017 from 10.0.2.2
hostname: default-centos-72
fqdn: default-centos-72
memory: 244180kBcpu count: 1
Finally Exit
$ exit
Logout
Connection to 127.0.0.1 closed.
Destroying Setup
$ Kitchen destroy
-----> Starting Kitchen (v1.4.2)
-----> Destroying <default-centos-72>...
==> default: Forcing shutdown of VM...
==> default: Destroying VM and associated drives...
Vagrant instance <default-centos-72> destroyed.
Finished destroying <default-centos-72> (0m4.94s).
Chef - Knife Setup
Knife is Chef’s command-line tool to interact with the Chef server. One uses it for
uploading cookbooks and managing other aspects of Chef. It provides an interface
between the chefDK (Repo) on the local machine and the Chef server. It helps in
managing −
• Chef nodes
• Cookbook
• Recipe
• Environments
• Cloud Resources
• Cloud Provisioning
• Installation on Chef client on Chef nodes
Knife provides a set of commands to manage Chef infrastructure.
Bootstrap Commands
• knife bootstrap [SSH_USER@]FQDN (options)

Client Commands
• knife client bulk delete REGEX (options)

• knife client create CLIENTNAME (options)
• knife client delete CLIENT (options)
• knife client edit CLIENT (options)
• Usage: C:/opscode/chef/bin/knife (options)
• knife client key delete CLIENT KEYNAME (options)
• knife client key edit CLIENT KEYNAME (options)
• knife client key list CLIENT (options)
• knife client key show CLIENT KEYNAME (options)
• knife client list (options)
• knife client reregister CLIENT (options)
• knife client show CLIENT (options)
Configure Commands
• knife configure (options)

• knife configure client DIRECTORY
Cookbook Commands
• knife cookbook bulk delete REGEX (options)

• knife cookbook create COOKBOOK (options)
• knife cookbook delete COOKBOOK VERSION (options)
• knife cookbook download COOKBOOK [VERSION] (options)
• knife cookbook list (options)
• knife cookbook metadata COOKBOOK (options)
• knife cookbook metadata from FILE (options)
• knife cookbook show COOKBOOK [VERSION] [PART] [FILENAME] (options)
• knife cookbook test [COOKBOOKS...] (options)
• knife cookbook upload [COOKBOOKS...] (options)
Cookbook Site Commands
• knife cookbook site download COOKBOOK [VERSION] (options)

• knife cookbook site install COOKBOOK [VERSION] (options)
• knife cookbook site list (options)
• knife cookbook site search QUERY (options)
• knife cookbook site share COOKBOOK [CATEGORY] (options)
• knife cookbook site show COOKBOOK [VERSION] (options)
• knife cookbook site unshare COOKBOOK
Data Bag Commands
• knife data bag create BAG [ITEM] (options)

• knife data bag delete BAG [ITEM] (options)
• knife data bag edit BAG ITEM (options)
• knife data bag from file BAG FILE|FOLDER [FILE|FOLDER..] (options)
• knife data bag list (options)
• knife data bag show BAG [ITEM] (options)
Environment Commands
• knife environment compare [ENVIRONMENT..] (options)

• knife environment create ENVIRONMENT (options)
• knife environment delete ENVIRONMENT (options)
• knife environment edit ENVIRONMENT (options)
• knife environment from file FILE [FILE..] (options)
• knife environment list (options)
• knife environment show ENVIRONMENT (options)
Exec Commands
• knife exec [SCRIPT] (options)

Help Commands
• knife help [list|TOPIC]

Index Commands
• knife index rebuild (options)

Node Commands
• knife node bulk delete REGEX (options)

• knife node create NODE (options)
• knife node delete NODE (options)
• knife node edit NODE (options)
• knife node environment set NODE ENVIRONMENT
• knife node from file FILE (options)
• knife node list (options)
• knife node run_list add [NODE] [ENTRY[,ENTRY]] (options)
• knife node run_list remove [NODE] [ENTRY[,ENTRY]] (options)
• knife node run_list set NODE ENTRIES (options)
• knife node show NODE (options)
OSC Commands
• knife osc_user create USER (options)

• knife osc_user delete USER (options)
• knife osc_user edit USER (options)
• knife osc_user list (options)
• knife osc_user reregister USER (options)
• knife osc_user show USER (options)
Path-Based Commands
• knife delete [PATTERN1 ... PATTERNn]

• knife deps PATTERN1 [PATTERNn]
• knife diff PATTERNS
• knife download PATTERNS
• knife edit [PATTERN1 ... PATTERNn]
• knife list [-dfR1p] [PATTERN1 ... PATTERNn]
• knife show [PATTERN1 ... PATTERNn]
• knife upload PATTERNS
• knife xargs [COMMAND]
Raw Commands
• knife raw REQUEST_PATH

Recipe Commands
• knife recipe list [PATTERN]

Role Commands
• knife role bulk delete REGEX (options)

• knife role create ROLE (options)
• knife role delete ROLE (options)
• knife role edit ROLE (options)
• knife role env_run_list add [ROLE] [ENVIRONMENT] [ENTRY[,ENTRY]] (options)
• knife role env_run_list clear [ROLE] [ENVIRONMENT]
• knife role env_run_list remove [ROLE] [ENVIRONMENT] [ENTRIES]
• knife role env_run_list replace [ROLE] [ENVIRONMENT] [OLD_ENTRY] [NEW_ENTRY]
• knife role env_run_list set [ROLE] [ENVIRONMENT] [ENTRIES]
• knife role from file FILE [FILE..] (options)
• knife role list (options)
• knife role run_list add [ROLE] [ENTRY[,ENTRY]] (options)
• knife role run_list clear [ROLE]
• knife role run_list remove [ROLE] [ENTRY]
• knife role run_list replace [ROLE] [OLD_ENTRY] [NEW_ENTRY]
• knife role run_list set [ROLE] [ENTRIES]
• knife role show ROLE (options)
Serve Commands
• knife serve (options)

SSH Commands
• knife ssh QUERY COMMAND (options)

SSL Commands
• knife ssl check [URL] (options)

• knife ssl fetch [URL] (options)
Status Commands
• knife status QUERY (options)

Tag Commands
• knife tag create NODE TAG ...

• knife tag delete NODE TAG ...
• knife tag list NODE
User Commands
• knife user create USERNAME DISPLAY_NAME FIRST_NAME LAST_NAME EMAIL

PASSWORD (options)
• knife user delete USER (options)
• knife user edit USER (options)
• knife user key create USER (options)
• knife user key delete USER KEYNAME (options)
• knife user key edit USER KEYNAME (options)
• knife user key list USER (options)
• knife user key show USER KEYNAME (options)
• knife user list (options)
• knife user reregister USER (options)
• knife user show USER (options)
Knife Setup
In order to set up knife, one needs to move to .chef directory and create a knife.rb inside
the chef repo, which tells knife about the configuration details. This will have a couple up
details.
current_dir = File.dirname(__FILE__)
log_level :info
log_location STDOUT
node_name 'node_name'
client_key "#{current_dir}/USER.pem"
validation_client_name 'ORG_NAME-validator'
validation_key "#{current_dir}/ORGANIZATION-
validator.pem"
chef_server_url
'https://api.chef.io/organizations/ORG_NAME'
cache_type 'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
cookbook_path ["#{current_dir}/../cookbooks"]
In the above code, we are using the hosted Chef server which uses the following two
keys.
validation_client_name 'ORG_NAME-validator'
validation_key "#{current_dir}/ORGANIZATION-
validator.pem"
Here, knife.rb tells knife which organization to use and where to find the private key. It
tells knife where to find the users’ private key.
client_key "#{current_dir}/USER.pem"
The following line of code tells knife we are using the hosted server.
chef_server_url 'https://api.chef.io/organizations/ORG_NAME'
Using the knife.rb file, the validator knife can now connect to your organization’s hosted
Opscode.
Chef - Solo Setup

Chef-Solo is an open source tool that runs locally and allows to provision guest machines
using Chef cookbooks without the complication of any Chef client and server
configuration. It helps to execute cookbooks on a self-created server.
Before running Chef-Solo on the local machine, one needs to install the following two
files on the local machine.
• Solo.rb − This file tells Chef about where to find cookbooks, roles, and data bags.
• Node.json − This file sets the run list and any node-specific attribute, if required.
solo.rb Configuration
Following are the steps to configure solo.rb.
Step 1 − Create a solo.rb file inside the chef repo.
current_dir = File.expand_path(File.dirname(__FILE__))
file_cache_path "#{current_dir}"
cookbook_path "#{current_dir}/cookbooks"
role_path "#{current_dir}/roles"
data_bag_path "#{current_dir}/data_bags"
Step 2 − Add the file to git repo.

$ git add solo.rb
Step 3 − Create a node.json file inside the chef repo with the following content.
{
"run_list": [ "recipe[ntp]" ]
}
Step 4 − Get the ntp cookbook inside the chef repo using knife.
vipin@laptop:~/chef-repo $ knife cookbook site install ntp
Installing ntp to /Users/mma/work/chef-repo/cookbooks
…TRUNCATED OUTPUT…
Cookbook ntp version 1.3.0 successfully installed
Step 5 − Add the node.json file to Git.
$ git add node.json
Step 6 − Commit and push the files to git repo.
vipin@laptop:~/chef-repo $ git commit -m "initial setup for Chef
Solo"
vipin@laptop:~/chef-repo $ git push
Counting objects: 4, done.
Delta compression using up to 4 threads.
...TRUNCATED OUTPUT...
To git@github.com:mmarschall/chef-repo.git
b930647..5bcfab6 master -> master
Running the Cookbook on the Node
Step 1 − Login to the node where one wants to provision the Chef-Solo.
Step 2 − Clone the Chef repo on the machine.
$ git clone $URL_PATH
Step 3 − cd to the chef repo.
$ cd chef-repo
Finally, run the Chef-Solo to converge the node −
$ sudo chef-solo -c solo.rb -j node.json
[2017-20-08T22:54:13+01:00] INFO: *** Chef 11.0.0 ***
[2017-20-08T22:54:13+01:00] INFO: Setting the run_list to
["recipe[ntp]"] from JSON
[2012-12-08T22:54:16+01:00] INFO: Chef Run complete in 2.388374
seconds
[2012-12-08T22:54:16+01:00] INFO: Running report handlers
solo.rb configures Chef-Solo to look for its cookbooks, roles, and data bags inside the
current directory: the Chef repository.
Chef-Solo takes its node configuration from a JSON file. In our example, we called it
node.json. If you're going to manage multiple servers, you'll need a separate file for each
node. Then, Chef-Solo just executes a Chef run based on the configuration data found
in solo.rb and node.json.
Chef - Cookbooks
Cookbooks are fundamental working units of Chef, which consists of all the details
related to working units, having the capability to modify configuration and the state of
any system configured as a node on Chef infrastructure. Cookbooks can perform
multiple tasks. Cookbooks contain values about the desired state of node. This is
achieved in Chef by using the desired external libraries.
Key Components of a Cookbook
• Recipes
• Metadata
• Attributes
• Resources
• Templates
• Libraries
• Anything else that helps to create a system
Creating a Cookbook
There are two ways to dynamically create a cookbook.
• Using chef command

• Using knife utility
Using Chef Command
To create an empty cookbook using Chef command, run the following command.
C:\Users\vipinkumarm>chef generate cookbook <Cookbook Name>
C:\Users\vipinkumarm>chef generate cookbook VTest
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: code_generator::cookbook
* directory[C:/Users/vipinkumarm/VTest] action create
- create new directory C:/Users/vipinkumarm/VTest
* template[C:/Users/vipinkumarm/VTest/metadata.rb] action
create_if_missing
- create new file C:/Users/vipinkumarm/VTest/metadata.rb
C:/Users/vipinkumarm/VTest/metadata.rb
from none to 4b9435 (diff output suppressed by config)
* template[C:/Users/vipinkumarm/VTest/README.md] action
create_if_missing
- create new file C:/Users/vipinkumarm/VTest/README.md
- update content in file C:/Users/vipinkumarm/VTest/README.md
from none to 482077 (diff output suppressed by config)
* cookbook_file[C:/Users/vipinkumarm/VTest/chefignore] action
create
- create new file C:/Users/vipinkumarm/VTest/chefignore
C:/Users/vipinkumarm/VTest/chefignore
from none to 15fac5 (diff output suppressed by config)
* cookbook_file[C:/Users/vipinkumarm/VTest/Berksfile] action
create_if_missing
- create new file C:/Users/vipinkumarm/VTest/Berksfile
- update content in file C:/Users/vipinkumarm/VTest/Berksfile
from none to 9f08dc (diff output suppressed by config)
* template[C:/Users/vipinkumarm/VTest/.kitchen.yml] action
create_if_missing
- create new file C:/Users/vipinkumarm/VTest/.kitchen.yml
C:/Users/vipinkumarm/VTest/.kitchen.yml
from none to 93c5bd (diff output suppressed by config)
*
directory[C:/Users/vipinkumarm/VTest/test/integration/default/serve
rspec]
action create
C:/Users/vipinkumarm/VTest/test/integration/default/serverspec
*
directory[C:/Users/vipinkumarm/VTest/test/integration/helpers/serve
rspec]
action create
C:/Users/vipinkumarm/VTest/test/integration/helpers/serverspec
* cookbook_file
[C:/Users/vipinkumarm/VTest/test/integration/helpers/serverspec/sp
ec_helper.rb]
- create new file
C:/Users/vipinkumarm/VTest/test/integration/helpers/serverspec/spec
_helper.rb
C:/Users/vipinkumarm/VTest/test/integration/helpers/serverspec/spec
_helper.rb
from none to d85df4 (diff output suppressed by config)
* template
[C:/Users/vipinkumarm/VTest/test/integration/default/serverspec/def
ault _spec.rb]
- create new file
C:/Users/vipinkumarm/VTest/test/integration/default/serverspec/defa
ult_spec.rb
C:/Users/vipinkumarm/VTest/test/integration/default/serverspec/defa
ult_spec.rb
from none to 758b94 (diff output suppressed by config)
* directory[C:/Users/vipinkumarm/VTest/spec/unit/recipes] action
create
C:/Users/vipinkumarm/VTest/spec/unit/recipes
* cookbook_file[C:/Users/vipinkumarm/VTest/spec/spec_helper.rb]
- create new file
C:/Users/vipinkumarm/VTest/spec/spec_helper.rb
C:/Users/vipinkumarm/VTest/spec/spec_helper.rb
*
template[C:/Users/vipinkumarm/VTest/spec/unit/recipes/default_spec.
rb]
- create new file
C:/Users/vipinkumarm/VTest/spec/unit/recipes/default_spec.rb
C:/Users/vipinkumarm/VTest/spec/unit/recipes/default_spec.rb
- create new file
C:/Users/vipinkumarm/VTest/recipes/default.rb
C:/Users/vipinkumarm/VTest/recipes/default.rb
from none to 8cc381 (diff output suppressed by config)
* cookbook_file[C:/Users/vipinkumarm/VTest/.gitignore] action
create
- create new file C:/Users/vipinkumarm/VTest/.gitignore
C:/Users/vipinkumarm/VTest/.gitignore from none to 33d469
The cookbook structure with the name VTest will be created in the directory and following
will be the structure for the same.
Using Knife Utility
Use the following command to create a cookbook using knife utility.
C:\Users\vipinkumarm\VTest>knife cookbook create VTest2
WARNING: No knife configuration file found
** Creating cookbook VTest2 in C:/chef/cookbooks
** Creating README for cookbook: VTest2
** Creating CHANGELOG for cookbook: VTest2
** Creating metadata for cookbook: VTest2
Following will be the structure of the cookbook.
Chef - Cookbook Dependencies
The features of defining cookbook dependencies help in managing cookbook. This
feature is used when we want to use the functionality of one cookbook in other
cookbooks.
For example, if one wants to compile C code then one needs to make sure that all the
dependencies required to compile are installed. In order to do so, there might be
separate cookbook which can perform such a function.
When we are using chef-server, we need to know such dependencies in cookbooks
which should be decelerated in the cookbooks metadata file. This file is located at the
top on the cookbook directory structure. It provides hints to the Chef server which helps
in deploying cookbooks on the correct node.
Features of metadata.rb File
• Located at the top in the cookbook directory structure.
• Compiled when the cookbook is uploaded to Chef server using knife command.
• Compiled with knife cookbook metadata subcommand.
• Created automatically when the knife cookbook create command is run.
Configuration of metadata.rb
Following is the default content of a metadata file.
Chef - Roles
Roles in Chef are a logical way of grouping nodes. Typical cases are to have roles for
web servers, database servers, and so on. One can set custom run list for all the nodes
and override attribute value within roles.
Create a Role
vipin@laptop:~/chef-repo $ subl roles/web_servers.rb
name "web_servers"
description "This role contains nodes, which act as web servers"
run_list "recipe[ntp]"
default_attributes 'ntp' => {
'ntpdate' => {
'disable' => true
}
}
Once we have the role created, we need to upload to the Chef server.
Upload Role to Chef Server
vipin@laptop:~/chef-repo $ knife role from file web_servers.rb
Now, we need to assign a role to a node called server.
Assign a Role to Node
vipin@laptop:~/chef-repo $ knife node edit server
"run_list": [
"role[web_servers]"
]
Saving updated run_list on node server
Run the Chef-Client
user@server:~$ sudo chef-client
[2013-07-25T13:28:24+00:00] INFO: Run List is [role[web_servers]]
[2013-07-25T13:28:24+00:00] INFO: Run List expands to [ntp]
How It Works
• Define a role in a Ruby file inside the roles folder of Chef repository.
• A role consists of a name and a description attribute.
• A role consists of role-specific run list and role-specific attribute settings.
• Every node that has a role in its run list will have the role’s run list exacted into its
own.
• All the recipes in the role’s run list will be executed on the node.
• The role will be uploaded to Chef server using the knife role from file command.
• The role will be added to the node run list.
• Running Chef client on a node having the role in its run list will execute all the
recipes listed in the role.
Chef - Environment
Chef helps in performing environment specific configuration. It is always a good idea to
have a separate environment for development, testing, and production.
Chef enables grouping nodes into separate environments to support an ordered
development flow.
Creating an Environment
Creation of environment on the fly can be done using the knife utility. Following command
will open a Shell’s default editor, so that one can modify the environment definition.
vipin@laptop:~/chef-repo $ knife environment create book {
"name": "book",
"description": "",
"cookbook_versions": {
},
"json_class": "Chef::Environment",
"chef_type": "environment",
"default_attributes": {
},
"override_attributes": {
}
}
Created book
Testing a Created Environment
vipin@laptop:~/chef-repo $ knife environment list
_default
book
List Node for All Environments
vipin@laptop:~/chef-repo $ knife node list
my_server
_default Environment
Each organization will always start with at least a single environment called default
environment, which is always available to the Chef server. A default environment cannot
be modified in anyway. Any kind of changes can only be accommodated in the custom
environment that we create.
Environment Attributes
An attribute can be defined in an environment and then used to override the default
settings in the node. When the Chef client run takes place, then these attributes are
compared with the default attributes that are already present in the node. When the
environment attributes take precedence over the default attributes, Chef client will apply
these settings and values when the Chef client run takes place on each node.
An environment attribute can only be either default_attribute or override_attribute. It
cannot be a normal attribute. One can use default_attribute or override_attribute
methods.
Attribute Type
Default − A default attribute is always reset at the start of every Chef client run and have
the lowest attribute precedence.
Override − An override attribute is always reset at the start of every Chef client run and
has a higher attribute precedence than default, force_default and normal. An override
attribute is most often defined in the recipe but can also be specified in an attribute file
for a role or for an environment.
Order of Applying an Attribute
Chef - Chef-Client as Daemon

Running Chef-Client as daemon helps in knowing the state of all the nodes at any point
of time. This help in running the Chef-Client at any point of time.
Pre-requisites
The node should be registered with Chef server and it should be running Chef-Client
without any error.
Chef-Client in Daemon Mode
Start Chef-Client in daemon mode, running every 30 minutes.
user@server:~$ sudo chef-client -i 1800
In the above code, – i enables to run the Chef-Client in daemon mode on the required
node and 1800 seconds define that the Chef-Client daemon should run in every 30
minutes.
Validating Daemon Run
Validate that the Chef-Client is running as a daemon.
user@server:~$ ps auxw | grep chef-client
The above command will grep the running daemon process of Chef-Client.
Other Ways
Instead of running Chef-Client as a daemon, we can run the same as a cron job.
user@server:~$ subl /etc/cron.d/chef_client
PATH=/usr/local/bin:/usr/bin:/bin
# m h dom mon dow user command
*/15 * * * * root chef-client -l warn | grep -v 'retrying [1234]/5
in'
The above cron job will run after every 15 minutes.
Chef - Chef-Shell
Writing Chef cookbooks is always hard. It makes it even harder because of long
feedback cycle of uploading them to the Chef server, provisioning a vagrant VM,
checking how they failed there, rinsing and repeating. It would be easier if we could try
to test some pieces or recipes before we do all this heavy lifting at once.
Chef comes with Chef-Shell, which is essentially an interactive Ruby session with Chef.
In the Chef-Shell, we can create −
• Attributes
• Write Recipes
• Initializing Chef runs
It is used to evaluate parts of recipes on the fly, before uploading them to Chef server
and execute complete cookbooks on the node.
Running Shell
Step 1 − Run Chef-Shell in a standalone mode.
mma@laptop:~/chef-repo $ chef-shell
loading configuration: none (standalone chef-shell session)
Session type: standalone
Loading...[2017-01-12T20:48:01+01:00] INFO: Run List is []
[2017-01-12T20:48:01+01:00] INFO: Run List expands to []
done.
This is chef-shell, the Chef Shell.
Chef Version: 11.0.0
http://www.opscode.com/chef
http://wiki.opscode.com/display/chef/Home
run `help' for help, èxit' or ^D to quit.
Ohai2u mma@laptop!
chef >
Step 2 − Switch to attribute mode in the Chef-Shell
• chef > attributes_mode
Step 3 − Setting attribute value.
• chef:attributes > set[:title] = "Chef Cookbook"
o "Chef Cookbook"
• chef:attributes > quit
o :attributes
• chef >
Step 4 − Switch to recipe mode.
• chef > recipe_mode
Step 5 − Create a file resource.
chef:recipe > file "/tmp/book.txt" do
chef:recipe > content node.title
chef:recipe ?> end
=> <file[/tmp/book.txt] @name: "/tmp/book.txt" @noop: nil @

before: nil @params: {} @provider: Chef::Provider::File @allowed_
actions: [:nothing, :create, :delete, :touch, :create_if_missing]
@action: "create" @updated: false @updated_by_last_action: false
@supports: {} @ignore_failure: false @retries: 0 @retry_delay:
2 @source_line: "(irb#1):1:in ìrb_binding'" @elapsed_time: 0 @
resource_name: :file @path: "/tmp/book.txt" @backup: 5 @diff: nil
@cookbook_name: nil @recipe_name: nil @content: "Chef Cookbook">
chef:recipe >
Step 6 − Commence Chef run to create the file with the given content.
• chef:recipe > run_chef
[2017-01-12T21:07:49+01:00] INFO: Processing file[/tmp/book.txt]
action create ((irb#1) line 1)
---
/var/folders/1r/_35fx24d0y5g08qs131c33nw0000gn/T/cheftempfile201212
12-
11348-dwp1zs 2012-12-12 21:07:49.000000000
+0100
+++
/var/folders/1r/_35fx24d0y5g08qs131c33nw0000gn/T/chefdiff20121212-
11348-hdzcp1 2012-12-12 21:07:49.000000000 +0100
@@ -0,0 +1 @@
+Chef Cookbook
\ No newline at end of file
[2017-01-12T21:07:49+01:00] INFO: entered create
[2017-01-12T21:07:49+01:00] INFO: file[/tmp/book.txt] created file
/tmp/book.txt
How it Works
• Chef-Shell starts with an Interactive Ruby (IRB) session enhanced with some
specific features.
• It offers modes such as attributes_mode and interactive_mode.
• It helps in writing commands, which are written inside a recipe or cookbook.
• It runs everything in an interactive mode.
We can run Chef-Shell in three different modes: Standalone mode, Client mode,
and Solo mode.
• Standalone mode − It is the default mode. No cookbooks are loaded, and the
run-list is empty.
• Client mode − Here, the chef-shell acts as a chef-client.
• Solo mode − Here, the chef-shell acts as a chef-solo client.
Chef - Testing Cookbooks

In case the cookbook is directly deployed and run on the production server, there are
high chances that the cookbook can break up in production. The best way to prevent this
from happening is, testing the cookbook in the setup environment.
Following are the steps for testing.
Step 1 − Install the cookbook using the following command.
vipin@laptop:~/chef-repo $ knife cookbook site install <cookbook
name>
Step 2 − Run the knife cookbook test commands on the working cookbook.
vipin@laptop:~/chef-repo $ knife cookbook test VTest
checking ntp
Running syntax check on ntp
Validating ruby files
Validating templates
Step 3 − Break something in the cookbook and test again.
vipin@laptop:~/chef-repo $ subl cookbooks/VTest/recipes/default.rb
...
[ node['ntp']['varlibdir']
node['ntp']['statsdir'] ].each do |ntpdir|
directory ntpdir do
owner node['ntp']['var_owner']
group node['ntp']['var_group']
mode 0755
end
end
Step 4 − Run the knife test command again.

vipin@laptop:~/chef-repo $ knife cookbook test ntp
checking ntp
Running syntax check on ntp
Validating ruby files
FATAL: Cookbook file recipes/default.rb has a ruby syntax error:
FATAL: cookbooks/ntp/recipes/default.rb:25: syntax error,
unexpected tIDENTIFIER, expecting ']'
FATAL: node['ntp']['statsdir'] ].each do |ntpdir|
FATAL: ^
FATAL: cookbooks/ntp/recipes/default.rb:25: syntax error,
unexpected ']', expecting $end
FATAL: node['ntp']['statsdir'] ].each do |ntpdir|
FATAL:
Working Method
Knife cookbook test executes a Ruby syntax check on all the Ruby files within the
cookbook as well as all ERB templates. It loops through Ruby files and runs Ruby –
c against each of them. Ruby –c checks the syntax of the script and quits without running
it.
After going through all the Ruby files, knife cookbook test goes through all ERB
templates and pipes, the redundant version created by –x through Ruby –c.
Limitations
Knife cookbook test does only a simple syntax check on the Ruby files and ERB
templates. We can go ahead fully test driven by using ChefSpec and test kitchen.
Chef - Foodcritic
Writing good cookbooks without any issue is quite a difficult task. But there are ways
which can help in identifying the pitfalls. Flagging in Chef Cookbook is possible.
Foodcritic is one of the best way of archiving it, which tries to identify possible issues
with the logic and style of cookbooks.
Foodcritic Setup
Step 1 − Add Foodcritic gem.
vipin@laptop:~/chef-repo $ subl Gemfile
source 'https://rubygems.org'
gem 'foodcritic', '~>2.2.0'
Step 2 − Install the gem.
vipin@laptop:~/chef-repo $ bundle install
Fetching gem metadata from https://rubygems.org/
Installing foodcritic (2.2.0)
Foodcritic Gem
Step 1 − Run Foodcritic on the cookbook.
vipin@laptop:~/chef-repo $ foodcritic ./cookbooks/<Cookbook Name>
FC002: Avoid string interpolation where not required: ./cookbooks/
mysql/attributes/server.rb:220
FC024: Consider adding platform equivalents: ./cookbooks/<Cookbook
Name>/
recipes/server.rb:132
Step 2 − Generate a detailed report.
vipin@laptop:~/chef-repo $ foodcritic -C ./cookbooks/mysql
cookbooks/<cookbook Name>/attributes/server.rb
FC002: Avoid string interpolation where not required
[...]
85| default['<Cookbook Name>']['conf_dir'] = "#{mysql['basedir']}"
[...]
cookbooks/<Cookbook Name>/recipes/client.rb
FC007: Ensure recipe dependencies are reflected in cookbook
metadata
40| end
41|when "mac_os_x"
42| include_recipe 'homebrew'
43|end
44|
Working Method
Foodcritic defines a set of rules and checks recipe agents, each one of them. It comes
with multiple rules concerning various areas: styles, connectedness, attributes, string,
probability, search, services, files, metadata, and so on.
Chef - ChefSpec
Test Driven Development (TDD) is a way to write unit test before writing any actual
recipe code. The test should be real and should validate what a recipe does. It should
actually fail as there was no recipe developed. Once the recipe is developed, the test
should pass.
ChefSpec is built on the popular RSpec framework and offers a tailored syntax for testing
Chef recipe.
Creating ChefSpec
Step 1 − Create a gem file containing the chefSpec gem.
gem 'chefspec'
Step 2 − Install the gem.
vipin@laptop:~/chef-repo $ bundler install
Installing chefspec (1.3.1)
Using bundler (1.3.5)
Your bundle is complete!
Step 3 − Create a spec directory.
vipin@laptop:~/chef-repo $ mkdir cookbooks/<Cookbook Name>/spec
Step 4 − Create a Spec
vipin@laptop:~/chef-repo $ subl
cookbooks/my_cookbook/spec/default_spec.rb
require 'chefspec'
describe 'my_cookbook::default' do
let(:chef_run) {
ChefSpec::ChefRunner.new(
platform:'ubuntu', version:'12.04'
).converge(described_recipe)
}
it 'creates a greetings file, containing the platform

name' do
expect(chef_run).to
create_file_with_content('/tmp/greeting.txt','Hello!
ubuntu!')
end
end
Step 5 − Validate ChefSpec.

vipin@laptop:~/chef-repo $ rspec cookbooks/<Cookbook
Name>/spec/default_spec.rb
F
Failures:
1) <CookBook Name> ::default creates a greetings file, containing
the platform name
Failure/Error: expect(chef_run.converge(described_recipe)).to
create_file_with_content('/tmp/greeting.txt','Hello! ubuntu!')
File content:
does not match expected:
Hello! ubuntu!
# ./cookbooks/my_cookbook/spec/default_spec.rb:11:in `block
(2 levels) in <top (required)>'
Finished in 0.11152 seconds
1 example, 1 failure
Failed examples:
rspec ./cookbooks/my_cookbook/spec/default_spec.rb:10 # my_
cookbook::default creates a greetings file, containing the
platform name
Step 6 − Edit Cookbooks default recipe.
vipin@laptop:~/chef-repo $ subl cookbooks/<Cookbook
Name>/recipes/default.rb
template '/tmp/greeting.txt' do
variables greeting: 'Hello!'
end
Step 7 − Create a template file.

vipin@laptop:~/chef-repo $ subl cookbooks/< Cookbook
<%= @greeting %> <%= node['platform'] %>!
Step 8 − Run the rspec again.

vipin@laptop:~/chef-repo $ rspec cookbooks/<Cookbook
Name>/spec/default_spec.rb
.
Finished in 0.10142 seconds
1 example, 0 failures
How It Works
In order to make it work, we need to first set up the base infrastructure for using RSpec
with Chef. Then we need to ChefSpec Ruby gem and the cookbook needs a directory
called spec where all the tests will be saved.
Chef - Testing Cookbook with Test Kitchen

Test kitchen is Chef’s integration testing framework. It enables writing tests, which run
after VM is instantiated and converged using the cookbook. The tests run on VM and
can verify that everything works as expected.
This is node contract to ChefSpec, which only simulates a Chef run. Test Kitchen boots
up a real node and runs Chef on it.
Setting Up
In order to do this, we need to have Vagrant installed on the machine which helps in
managing a virtual machine. Then we need to have bookshelf installed and hooked with
Vagrant in order to manage cookbook dependencies.
Step 1 − Edit default recipe in the cookbook.
file "/tmp/greeting.txt" do
content node['my_cookbook']['greeting']
end
Step 2 − Edit cookbook attributes.

Name>/attributes/default.rb
default['my_cookbook']['greeting'] = "Ohai, Chefs!"
Step 3 − Edit gem file to install the necessary Ruby gems.

gem 'test-kitchen', '~> 2.0.0.alpha.7'
gem 'kitchen-vagrant'
Step 4 − Install the necessary Ruby gem.
Installing test-kitchen (1.0.0.alpha.7)
Installing kitchen-vagrant (0.10.0) ...TRUNCATED OUTPUT...
Step 5 − Create .kitchen.yml file in the cookbook.
vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ subl .kitchen.yml
---
driver_plugin: vagrant
driver_config:
require_chef_omnibus: true
platforms:
driver_config:
box: opscode-ubuntu-12.04
box_url:
https://opscode-vm.s3.amazonaws.com/vagrant/
opscode_ubuntu12.04_provisionerless.box
suites:
- name: default
run_list:
- recipe[minitest-handler]
- recipe[my_cookbook_test]
attributes: { my_cookbook: { greeting: 'Ohai, Minitest!'} }
Step 6 − Create a test directory inside the cookbook.

vipin@laptop:~/chef-repo/cookbooks/<Cookbook Name>$ mkdir test
Step 7 − Create a test cookbook for integration testing.
vipin@laptop:~/chef-repo/cookbooks/<Cookbook Name>/test $ knife
cookbook create my_cookbook_test
** Creating cookbook my_cookbook_test
** Creating README for cookbook: my_cookbook_test
** Creating CHANGELOG for cookbook: my_cookbook_test
** Creating metadata for cookbook: my_cookbook_test
Step 8 − Edit test cookbooks default recipe.
vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ subl
test/cookbooks/my_cookbook_test/recipes/default.rb
include_recipe 'my_cookbook::default'
Step 9 − Create Minitest Spec inside the cookbook.
vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ mkdir -p
test/cookbooks/my_cookbook_test/files/default/tests/minitest
vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ subl
test/cookbooks/my_cookbook_test/files/default/tests/minitest/defaul
t_test.rb
require 'minitest/spec'
describe_recipe 'my_cookbook::default' do
describe "greeting file" do
it "creates the greeting file" do
file("/tmp/greeting.txt").must_exist
end
it "contains what's stored in the 'greeting' node

attribute" do
file('/tmp/greeting.txt').must_include 'Ohai, Minitest!'
end
end
Step 10 − Edit your main cookbook's Berksfile.

vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ subl Berksfile
site :opscode
metadata
cookbook "apt"
cookbook "minitest-handler"
cookbook "my_cookbook_test", path:
"./test/cookbooks/my_cookbook_test"
Testing the Setup
vipin@laptop:~/chef-repo/cookbooks/my_cookbook $ kitchen test
-----> Starting Kitchen (v1.0.0.alpha.7)
-----> Converging <default-ubuntu-1204>
-----> Installing Chef Omnibus (true)
Starting Chef Client, version 11.4.4
[2013-06-29T18:33:57+00:00] INFO: *** Chef 11.4.4 ***
[2013-06-29T18:33:58+00:00] INFO: Setting the run_list to
["recipe[minitest-handler]", "recipe[my_cookbook_test]"]
from JSON
# Running tests:
recipe::my_cookbook::default::greeting
file#test_0001_creates the greeting file = 0.00 s = .
recipe::my_cookbook::default::greeting
file#test_0002_contains what's stored in the 'greeting'
node attribute = 0.00 s = .
Finished tests in 0.011190s, 178.7277 tests/s, 178.7277
assertions/s.
2 tests, 2 assertions, 0 failures, 0 errors, 0 skips
Chef - Nodes
Knife preflight shows details about all the nodes which uses a certain cookbook before
uploading it to Chef server.
Getting Started
In order to get started, we need to have knife-preflight gem installed.
Step 1 − Define the path in the gem file.
gem 'knife-preflight'
Step 2 − Run bundler to install knife-preflight gem.
Installing knife-preflight (0.1.6)
Working Method
Run knife-preflight on the given cookbook.
We can run the preflight command to find out which nodes and roles have the given
cookbook in their expanded run lists.
vipin@laptop:~/chef-repo $ knife preflight ntp
Searching for nodes containing ntp OR ntp::default in their
expanded run_list...
2 Nodes found
www-staging.example.com
cms-staging.example.com
Searching for roles containing ntp OR ntp::default in their
expanded run_list...
3 Roles found
your_cms_role
your_www_role
your_app_role
Found 6 nodes and 3 roles using the specified search
criteria
There are multiple ways for a cookbook to get executed on the node.
• You can assign the cookbook directly to a node by adding it to the node's run list.
• You can add a cookbook to the role and add the role to the node's run list.
• You can add the role to the run list of another role and add that other role to the
node's run list.
• A cookbook can be a dependency of another used cookbook.
No matter how a cookbook ends up in a node's run list, the knife preflight command will
catch it as Chef stores all expanded lists of roles and recipes in node attributes. The
knife preflight command issues a search for exactly those node attributes.
Chef - Chef-Client Run

In order to test Chef-Client run, we need to have Chef-Client configured to use the hosted
Chef or own hosted server.
Running Chef-Client in Debug Mode
vipin@server:~$ sudo chef-client -l debug
…TRUNCATED OUTPUT…
Hashed Path:A+WOcvvGu160cBO7IFKLYPhh9fI=
X-Ops-Content-Hash:2jmj7l5rSw0yVb/vlWAYkK/YBwk=
X-Ops-Timestamp:2012-12-27T11:14:07Z
X-Ops-UserId:vagrant'
Header hash: {"X-Ops-Sign"=>"algorithm=sha1;version=1.0;",
"X-Ops-Userid"=>"vagrant", "X-Ops-Timestamp"=>"2012-12-
27T11:14:07Z", "X-Ops-Content-
Hash"=>"2jmj7l5rSw0yVb/vlWAYkK/YBwk=", "X-Ops-
Authorization-
1"=>"HQmTt9U/
LJJVAJXWtyOu3GW8FbybxAIKp4rhiw9O9O3wtGYVHyVGuoilWDao",
"X-Ops-Authorization-
2"=>"2/uUBPWX+YAN0g1/
fD2854QAU2aUcnSaVM0cPNNrldoOocmA0U5HXkBJTKok",
3"=>"6EXPrEJg5T+
ddWd5qHAN6zMqYc3untb41t+eBpigGHPhtn1LLInMkPeIYwBm",
4"=>"B0Fwbwz2HVP3wEsYdBGu7yOatq7fZBXHfIpeOi0kn/
Vn0P7HrucnOpONmMgU", "X-Ops-Authorization-
5"=>"RBmmbetFSKCYsdg2v2mW/
ifLIVemhsHyOQjffPYPpNIB3U2n7vji37NxRnBY",
6"=>"Pb3VM7FmY60xKvWfZyahM8y8WVV9xPWsD1vngihjFw=="}
[2012-12-27T11:14:07+00:00] DEBUG: Sending HTTP Request via
GET to api.opscode.com:443/organizations/agilewebops/
nodes/vagrant
[2012-12-27T11:14:09+00:00] DEBUG: ---- HTTP Status and
Header Data: ----
[2012-12-27T11:14:09+00:00] DEBUG: HTTP 1.1 200 OK
[2012-12-27T11:14:09+00:00] DEBUG: server: nginx/1.0.5
[2012-12-27T11:14:09+00:00] DEBUG: date: Thu, 27 Dec 2012
Inspecting the Result of the Last Chef-Client Run
In order to check the last Chef-Client run especially failure issues when we are
developing a new cookbook, we need to know what exactly went wrong. Even though
Chef prints everything in stdout, one might want to see the debug log again.
If we want to test, we need to have a broken cookbook which is failing on compilation.
==================================================================
==============
Recipe Compile Error in /srv/chef/file_store/cookbooks/my_
cookbook/recipes/default.rb
==================================================================
==============
NoMethodError
-------------
undefined method èach' for nil:NilClass
Cookbook Trace:
---------------
/srv/chef/file_store/cookbooks/my_cookbook/recipes/default.
rb:9:in `from_file'
Relevant File Content:
----------------------
/srv/chef/file_store/cookbooks/my_cookbook/recipes/default.rb:
2: # Cookbook Name:: my_cookbook
3: # Recipe:: default
4: #
5: # Copyright 2013, YOUR_COMPANY_NAME
6: #
7: # All rights reserved - Do Not Redistribute
8: #
9≫ nil.each {}
10:
For more details, we can look into the stacktrace.
user@server:~$ less /srv/chef/file_store/chef-stacktrace.out
Generated at 2013-07-21 18:34:05 +0000
NoMethodError: undefined method èach' for nil:NilClass
/srv/chef/file_store/cookbooks/my_cookbook/recipes/default.rb:9:in
`from_file'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.4.4/lib/chef/
mixin/from_file.rb:30:in ìnstance_eval'
mixin/from_file.rb:30:in `from_file'
cookbook_version.rb:346:in `load_recipe'
Chef - Dynamically Configuring Recipes
Attributes are the key components for dynamically configuring cookbooks. Attributes
enable the authors to make the cookbook configurable. By overriding default values set
in cookbooks, the user can inject their own values.
Step 1 − Create a default file for cookbook attributes and add a default attribute to it.
cookbooks/my_cookbook/attributes/default.rb
default['my_cookbook']['message'] = 'hello world!'
Step 2 − Define the attribute inside the recipe.

message = node['my_cookbook']['message']
Chef::Log.info("** Saying what I was told to say: #{message}")
Step 3 − Uploading the modified cookbook.

vipin@laptop:~/chef-repo $ knife cookbook upload my_cookbook
Uploading my_cookbook [0.1.0]
Step 4 − Running Chef-Client of the defined node.
[2013-01-13T20:48:21+00:00] INFO: ** Saying what I was told to
say: hello world!
Working Method
Chef loads all attributes from the attribute file before it executes them. The attributes are
stored with the node object. One can access all the attributes stored with the node object
within recipes and retrieve their current values.
Chef has a restricted structure starting from the default being the lowest, then comes
normal (which is aliased with the set) and then overrides. The attribute level set in the
recipe has precedence over the same level set in an attribute file.
Overriding Attribute at the Node and Environment Level
Attribute defined in roles or environment have the highest precedence.
Step 1 − Create a role.
vipin@laptop:~/chef-repo $ subl roles/german_hosts.rb
name "german_hosts"
description "This Role contains hosts, which should print out
their messages in German"
run_list "recipe[my_cookbook]"
default_attributes "my_cookbook" => { "message" => "Hallo Welt!" }
Step 2 − Upload the role to Chef server.
vipin@laptop:~/chef-repo $ knife role from file german_hosts.rb
Updated Role german_hosts!
Step 3 − Assign the role to a node.
vipin@laptop:~/chef-repo $ knife node edit server
"run_list": [
"role[german_hosts]"
]
Saving updated run_list on node server
Step 4 − Run the Chef-Client.

[2013-01-13T20:49:49+00:00] INFO: ** Saying what I was told to
say: Hallo Welt!
Chef - Templates
In Infrastructure, configuration management is all about how well one configures the
hosts. In general, all the configurations are done using the configuration files. Chef uses
templates to be able to fill the configuration file with dynamic values.
Chef provides templates as a resource which can be used in the recipe. Configuration
files’ dynamic values can be retrieved from data bags, attributes or even calculate them
by passing them into the template.
How to Use It?
Step 1 − Add the template to the recipe.
template '/tmp/message' do
source 'Test.erb'
variables(
hi: 'Tesing',
world: 'Welt',
from: node['fqdn']
)
end
Step 2 − Add ERB Template file.

Name>/templates/default/test.erb
<%- 4.times do %>
<%= @hi %>, <%= @world %> from <%= @from %>!
<%- end %>
Step 3 − Upload the modified cookbook to Chef server.
vipin@laptop:~/chef-repo $ knife cookbook upload <Cookbook Name>
Run Chef Client on your node:
[2017-01-14T20:41:21+00:00] INFO: Processing template[/tmp/
message] action create (my_cookbook::default line 9)
[2017-01-14T20:41:22+00:00] INFO: template[/tmp/message] updated
content
Step 4 − Validate the content of the uploaded file.
user@server:~$ sudo cat /tmp/message
Hallo, Welt from vagrant.vm!
Workflow
Chef uses Erubis as its template language. It allows embedding pure Ruby code inside
special symbols in the templates.
• <%= %> is used if you want to print the value of a variable or Ruby expression
into the generated file.
• <%- %> is used if you want to embed Ruby logic into your template file. We use it
to loop our expression four times.
Chef - Plain Ruby with Chef DSL

In Chef, if one needs to create simple recipes one can use resources available in Chef,
such as templates, remote_file, and services. However as the recipes become elaborate,
one needs advanced techniques, such as conditional statements to execute parts of the
recipe on condition. This is the power of mixing plain Ruby with Chef Domain Specific
Language (DSL).
How to Use It?
Start Chef Shell on any of the node in the client mode to be able to access the Chef
server.
user@server:~$ sudo chef-shell --client
loading configuration: /etc/chef/client.rb
Session type: client
run `help' for help, èxit' or ^D to quit.
Ohai2u user@server!
Chef>
Basic Conditions with Chef DSL
Sort nodes by name using plain Ruby.
chef > nodes.sort! {|a,b| a.name <=> b.name }
=> [node[alice],node[server]]
Loop through the nodes, printing their operating system.
chef > nodes.each do |n|
chef > puts n['os']
chef ?>
end
linux
windows
=> [node[server], node[alice]]
Install multiple Ruby gems using an array, a loop, and string expansion to construct the
gem names.
chef > %w{ec2 essentials}.each do |gem|
chef > gem_package "knife-#{gem}"
chef ?> end => ["ec2", "essentials"]
Working Method
Chef recipes are Ruby files, which gets evaluated in the context of Chef run. They can
contain plain Ruby code such as if statement and loops as well as Chef DSL elements
such as resources.
Inside the recipe, one can simply declare Ruby variables and assign values to it.
Chef - Ruby Gems with Recipes

Recipes are the key building blocks of cookbook which is basically Ruby code. It is
possible to use all of the Ruby language features inside the Chef recipe. Most of the time
Ruby build in functionality is enough but sometimes one might need to use additional
Ruby gems. For example, if one needs to access MySQL database from the recipe itself.
Chef recipe has the capability to get the required Ruby gems in order to use them inside
the very same recipe.
Using iptable Gem in the Given Recipe
Step 1 − Edit the default recipe of the cookbook and install the gem to be used inside
the recipe.
cookbooks/my_cookbook/recipes/default.rb
chef_gem 'ipaddress'
require 'ipaddress'
ip = IPAddress("192.168.0.1/24")
Chef::Log.info("Netmask of #{ip}: #{ip.netmask}")
Step 2 − Upload the modified cookbook to the Chef server.

Step 3 − Running Chef client to see the output.
user@server $ sudo chef-client
[2013-01-18T14:02:02+00:00] INFO: Netmask of 192.168.0.1:
255.255.255.0
Working Method
Chef run steps consist of the compilation phase, where it compiles all the resources and
an execution phase where Chef runs the resource providers to converge the node to the
desired state. If one needs any particular Ruby gem inside the cookbook, one needs to
install the gem during the complication phase.
The chef_gem resource will exactly do the same, and in Chef, Omnibus is the only way
to work. Its main function is to make gems available to Chef itself.
Chef - Libraries
Libraries in Chef provides a place to encapsulate compiled logic so that the cookbook
recipes remain neat and clean.
Creating the Library
Step 1 − Create a helper method in cookbook’s library.
cookbooks/my_cookbook/libraries/ipaddress.rb
class Chef::Recipe
def netmask(ipaddress)
IPAddress(ipaddress).netmask
end
end
Step 2 − Use the helper method.

ip = '10.10.0.0/24'
mask = netmask(ip) # here we use the library method
Chef::Log.info("Netmask of #{ip}: #{mask}")
Step 3 − Upload the modified cookbook to the Chef Server.

Testing the Library
user@server $ sudo chef-client
[2013-01-18T14:38:26+00:00] INFO: Netmask of 10.10.0.0/24:
255.255.255.0
Working Method
Chef library code can open the chef::Recipe class and add new methods as done in Step
1. This step is not the cleanest but the simplest way of doing it.
class Chef::Recipe
def netmask(ipaddress)
...
end
end
Best Practices
Once we open the chef::recipe class, there are changes that it gets polluted. As a best
practice, it is always a better way to introduce a new sub class inside the library and
define a method as class method. This avoids pulling the chef::recipe namespace.
cookbooks/my_cookbook/libraries/ipaddress.rb
class Chef::Recipe::IPAddress
def self.netmask(ipaddress)
IPAddress(ipaddress).netmask
end
end
We can use the method inside the recipe like

IPAddress.netmask(ip)
Chef - Definition
Definition can be defined as a logical method of grouping resources, which are used
again and again. In this flow, we group the resources and give them a name to regain
readability of defined cookbooks.
In order to do this, we should have a recipe. In this case, we are using test_cookbook
and a run list of nodes, which includes the cookbook.
Creating a Definition
Step 1 − Create a new definition file in the cookbooks definition folder.
cookbooks/test_cookbook/definitions/
capistrano_deploy_dirs.rb
define :capistrano_deploy_dirs, :deploy_to => '' do
directory "#{params[:deploy_to]}/releases"
directory "#{params[:deploy_to]}/shared"
directory "#{params[:deploy_to]}/shared/system"
end
Step 2 − Use a definition inside the cookbooks default recipe.

cookbooks/test_cookbook/recipes/default.rb
capistrano_deploy_dirs do
deploy_to "/srv"
end
Step 3 − Upload the cookbook to the chef server.

vipin@laptop:~/chef-repo $ knife cookbook upload test_cookbook
Uploading test_cookbook [0.1.0]
Step 4 − Run the Chef client on the desired node.
vipin@laptop:~/chef-repuser@server $ sudo chef-client
[2013-01-18T16:31:11+00:00] INFO: Processing directory[/srv/
releases] action create (my_cookbook::default line 2)
[2013-01-18T16:31:11+00:00] INFO: directory[/srv/releases] created
directory /srv/releases
shared] action create (my_cookbook::default line 3)
[2013-01-18T16:31:11+00:00] INFO: directory[/srv/shared] created
directory /srv/shared
shared/system] action create (my_cookbook::default line 4)
[2013-01-18T16:31:11+00:00] INFO: directory[/srv/shared/system]
Definition in cookbooks are like micros, which group the resources and give them a
name. A definition has a name by which one can tell them from which can be called
inside the recipe and it has a list of perimeters.
In the definition, we have parameters which in our code looks like the following.
…..
directory "#{params[:deploy_to]}/releases"
directory "#{params[:deploy_to]}/shared"
directory "#{params[:deploy_to]}/shared/system”
……
It can be used inside the default recipe as follows.

capistrano_deploy_dirs do
deploy_to "/srv"`
end
Chef - Environment Variable
Environment variable is a key way to make Chef recipe run on any particular node
successfully. There are multiple ways of doing it, either manually setting them up or by
using a Shell script. Setting them via recipe is what we need to perform here.
To do this, we need to have a cookbook here we would use test_cookbook and a run list
which contains test_cookbook.
Setting Environment Variable Using Chef Recipe
Step 1 − Update the default recipe of cookbook with an environment variable.
ENV['MESSAGE'] = 'Testing environment variable update with chef !'
execute 'print value of environment variable $MESSAGE' do
command 'echo $MESSAGE > /tmp/message'
end
Step 2 − Upload the updated cookbook to the server.

Step 3 − Running the Chef client to create a temp file.
[2013-01-25T15:01:57+00:00] INFO: Processing execute[print
value of environment variable $MESSAGE] action run
(my_cookbook::default line 11)
[2013-01-25T15:01:57+00:00] INFO: execute[print value of
environment variable $MESSAGE] ran successfully
Validating Variable
user@server:~$ cat /tmp/message
Hello from Chef
Working Method
Ruby exposes the current environment variable via ENV –a hash to read and modify the
environment variable.
Execute Resource
We can use execute resource to do the same inside the Chef default recipe of cookbook.
mma@laptop:~/chef-repo $ subl
execute 'print value of environment variable $MESSAGE' do
command 'echo $MESSAGE > /tmp/message'
environment 'MESSAGE' => 'Hello from the execute resource'
end
Note − Setting an environment variable using ENV will make that variable available
during the whole Chef run. In contrast, passing it to the execute resource will only make
it available for that one command executed by the resource.
Chef - Data Bugs
Chef data bags can be defined as an arbitrary collection of data which one can use with
cookbooks. Using data bags is very helpful when one does not wish to hardcode
attributes in recipes nor to store attributes in cookbooks.
Working Method
In the following setup, we are trying to communicate to http endpoint URL. For this, we
need to create a data bag, which will hold the endpoint URL detail and use it in our
recipe.
Step 1 − Create a directory for our data bag.
mma@laptop:~/chef-repo $ mkdir data_bags/hooks
Step 2 − Create a data bag item for request bin. One needs to make sure one is using
a defined requestBin URL.
vipi@laptop:~/chef-repo $ subl data_bags/hooks/request_bin.json {
"id": "request_bin",
"url": "http://requestb.in/1abd0kf1"
}
Step 3 − Create a data bag on the Chef server

vipin@laptop:~/chef-repo $ knife data bag create hooks
Created data_bag[hooks]
Step 4 − Upload the data bag to the Chef server.
vipin@laptop:~/chef-repo $ knife data bag from file hooks
requestbin.json
Updated data_bag_item[hooks::RequestBin]
Step 5 − Update the default recipe of the cookbook to receive the required cookbook
from a data bag.
hook = data_bag_item('hooks', 'request_bin')
http_request 'callback' do
url hook['url']
end

Step 7 − Run the Chef client on the node to check if the http request bin gets executed.
[2013-02-22T20:37:35+00:00] INFO: http_request[callback]
GET to http://requestb.in/1abd0kf1 successful
How it Works
Data bag is a named collection of structure data entries. One needs to define data entry
and call the data bag item in JSON file. One can also search for data bag item from
within the recipes to use the data stored in the data bags.
We created a data bag called hooks. A data bag is a directory within Chef repository.
We used knife to create it on the server.
Chef - Scripts for Data Bugs

In certain conditions, it is not possible to put the server under the full control of Chef. In
such cases, one might need to access values in Chef data bags from scripts. In order to
do this, one needs to store data bag values in a JSON file and let the added script access
those values.
For this, one needs to have a cookbook. In our case we would use test_cookbook as
earlier and should have the run list of the node including test_cookbook definition in it.
Working Method
Step 1 − Create a data bag.
vipin@laptop:~/chef-repo $ mkdir data_bags/servers
vipin@laptop:~/chef-repo $ knife data bag create servers
Created data_bag[servers]
Step 2 − Create a data bag item.
vipin@laptop:~/chef-repo $ subl data_bags/servers/Storage.json {
"id": "storage",
"host": "10.0.0.12"
}
Step 3 − Update the data bag item.

vipin@laptop:~/chef-repo $ subl data_bags/servers/Storage.json {
"id": "storage",
"host": "10.0.0.12"
}
Using in Cookbook
Step 1 − Need to create a JSON file containing data bag values using the above
cookbook so that external scripts can access those values.
file "/etc/backup_config.json" do
owner "root"
group "root"
mode 0644
content data_bag_item('servers', 'backup')['host'].to_json
end
Step 2 − Upload test_cookbook to Chef server.

Step 3 − Run the Chef client on the node.
[2013-03-14T20:30:33+00:00] INFO: Processing
file[/etc/backup_config.json] action create
(my_cookbook::default line 9)
[2013-03-14T20:30:34+00:00] INFO:
file[/etc/backup_config.json] owner changed to 0
[2013-03-14T20:30:34+00:00] INFO:
file[/etc/backup_config.json] group changed to 0
[2013-03-14T20:30:34+00:00] INFO:
file[/etc/backup_config.json] mode changed to 644
[2013-03-14T20:30:34+00:00] INFO:
file[/etc/backup_config.json] created file
/etc/backup_config.json
Step 4 − Validating the content of the generated JSON file.
user@server:~$ cat /etc/backup_config.json
"10.0.0.12"
Workflow of Scripts
In the above command, the file resource that we have used which creates JSON file
inside the /etc directory is defined in the default cookbook. It gets the file content directly
from the data bag using the data_bag_item method. We access the host values from the
data bag item and convert it to JSON. The file resource uses the JSON-converted values
as its content and writes it to the disk.
Chef - Cross-Platform for Cookbooks

Cross-Platform cookbooks are those cookbooks which adopt an underlying environment
on which it is going to run. Chef provides a host of features, which helps in writing
crossplatform cookbooks capable of running on any OS, on which it is going to get
deployed. This helps a developer to write a completely operational cookbook.
In order to do this, we need to have a cookbook. In our case it will be test_cookbook and
a run list which will have the cookbook definition in it.
Working Method
Retrieving the nodes platform detail and executing the conditional logic in our cookbook
depends on the platform. In our case, we will test it for Ubuntu.
Step 1 − Log a message if the node is Ubuntu.
Log.info("Running on ubuntu") if node.platform['ubuntu']
Step 2 − Upload the cookbook to Chef server.

Uploaded 1 cookbook.
Step 3 − Run the Chef client on the node.
[2013-03-03T20:07:39+00:00] INFO: Running on Ubuntu
Alternatively, if one is not interested in a specific platform but only needs to know which
declarative one is using, the following statement can be used.
Log.info("Running on a debian derivative") if
platform_family?('debian')
Uploading the modified cookbook and running Chef client on Ubuntu node will show the
following result.
[2013-03-03T20:16:14+00:00] INFO: Running on a debian
derivative
Workflow of Scripts
In the above command, Ohai will discover the current status of the node’s operating
system and store it as a platform attribute with the node object.
node['platform']
Or, you can use method style syntax −
node.platform
Setting Platform Specific Values
In order to set platform specific values chef offers convenience methods
value_for_platform and value_for_platform_family. They can be used to avoid complex
case statement and use a simple hash instead.
Example cookbook
execute "start-runsvdir" do
command value_for_platform(
"debian" => { "default" => "runsvdir-start" },
"ubuntu" => { "default" => "start runsvdir" },
"gentoo" => { "default" => "/etc/init.d/runit-start start" }
)
action :nothing
end
In the above example, the command is OS specific as defined.
• For Debian, "runsvdir-start" will work

• For Ubuntu, "start runsvdir" will work
• For Gentoo, "/etc/init.d/runit-start" will work
Chef - Resources
Chef resource represents a piece of the operating system at its desired state. It is a
statement of configuration policy that describes the desired state of a node to which one
wants to take the current configuration to using resource providers. It helps in knowing
the current status of the target machine using the Ohai mechanism of Chef. It also helps
in defining the steps required to perform to get the target machine to that state. The
resources are grouped in recipes which describes the working configuration.
In case of Chef, chef::Platform maps the providers and platform versions of each node.
At the beginning of every Chef-client run, Chef server collects the details of any
machines current state. Later, Chef server uses those values to identify the correct
provider.
Resource Syntax
type 'name' do
attribute 'value'
action :type_of_action
end
In the above syntax, ‘type’ is the resource type and ‘name’ is the name that we are going
to use. In the ‘do’ and ‘end’ block, we have the attribute of that resource and the action
that we need to take for that particular resource.
Every resource that we use in the recipe has its own set of actions, which is defined
inside the ‘do’ and ‘end’ block.
Example
type 'name' do
attribute 'value'
action :type_of_action
end
All resources share a common set of functionality, actions, properties, conditional

execution, notification, and relevant path of action.
Actions The :nothing action can be used with any

resource or custom resource.
Properties The ignore_failure, provider, retries,
retry_delay, and supports properties can
be used with any resource or custom
resources.
Guards The not_if and only_if conditional

executions can be used to put additional
guards around certain resources, so that
they are only run when the condition is
met.
Guard Evaluates a string command using a script-

Interpreters based resource: bash, csh, perl,
powershell_script, python, or ruby.
Notifications The notifies and subscribes notifications

can be used with any resource.
Relative The #{ENV['HOME']} relative path can be

Paths used with any resource.
Windows The template, file, remote_file,

File Security cookbook_file,
directory, and remote_directory resources
support the use of inheritance and access
control lists (ACLs) within recipes.
Run in Sometimes a resource needs to be run

Compile before every other resource or after all
Phase resources have been added to the
resource collection.
Available Resources
apt_package
Use the apt_package resource to manage packages for the Debian and Ubuntu
platforms.
Bash
Use the bash resource to execute scripts using the Bash interpreter. This resource may
also use any of the actions and properties that are available to the execute resource.
Commands that are executed with this resource are (by their nature) not idempotent, as
they are typically unique to the environment in which they are run. Use not_if and only_if
to guard this resource for idempotence.
Batch
Use the batch resource to execute a batch script using the cmd.exe interpreter.
The batch resource creates and executes a temporary file (similar to how
the script resource behaves), rather than running the command inline.
This resource inherits actions (:run and :nothing) and properties (creates, cwd,
environment, group, path, timeout, and user) from the execute resource. Commands
that are executed with this resource are (by their nature) not idempotent, as they are
typically unique to the environment in which they are run. Use not_if and only_if to
guard this resource for idempotence.
bff_package
Use the bff_package resource to manage packages for the AIX platform using
the installp utility. When a package is installed from a local file, it must be added to the
node using the remote_file or cookbook_file resources.
chef_gem
Use the chef_gem resource to install a gem only for the instance of Ruby that is
dedicated to the Chef-Client. When a gem is installed from a local file, it must be added
to the node using the remote_file or cookbook_file resources.
The chef_gem resource works with all of the same properties and options as
the gem_package resource, but does not accept the gem_binary property because it
always uses the CurrentGemEnvironment under which the Chef-Client is running. In
addition to performing actions similar to the gem_package resource,
the chef_gem resource does the above.
cookbook_file
Use the cookbook_file resource to transfer files from a sub-directory of
COOKBOOK_NAME/files/ to a specified path located on a host that is running the
ChefClient.
The file is selected according to file specificity, which allows different source files to be
used based on the hostname, host platform (operating system, distro, or as appropriate),
or platform version. Files that are located in the COOKBOOK_NAME/files/default
subdirectory may be used on any platform.
Cron
Use the cron resource to manage cron entries for time-based job scheduling. Properties
for a schedule will default to * if not provided. The cron resource requires access to a
crontab program, typically cron.
Csh
Use the csh resource to execute scripts using the csh interpreter. This resource may
Deploy
Use the deploy resource to manage and control deployments. This is a popular
resource, but is also complex, having the most properties, multiple providers, the added
complexity of callbacks, plus four attributes that support layout modifications from within
a recipe.
Directory
Use the directory resource to manage a directory, which is a hierarchy of folders that
comprises all of the information stored on a computer. The root directory is the top-level,
under which the rest of the directory is organized.
The directory resource uses the name property to specify the path to a location in a
directory. Typically, permission to access that location in the directory is required.
dpkg_package
Use the dpkg_package resource to manage packages for the dpkg platform. When a
package is installed from a local file, it must be added to the node using
the remote_file or cookbook_file resources.
easy_install_package
Use the easy_install_package resource to manage packages for the Python platform.
Env
Use the env resource to manage environment keys in Microsoft Windows. After an
environment key is set, Microsoft Windows must be restarted before the environment
key is available to the Task Scheduler.
erl_call
Use the erl_call resource to connect to a node located within a distributed Erlang
system. Commands that are executed with this resource are (by their nature) not
idempotent, as they are typically unique to the environment in which they are run. Use
not_if and only_if to guard this resource for idempotence.
Execute
Use the execute resource to execute a single command. Commands that are executed
with this resource are (by their nature) not idempotent, as they are typically unique to the
environment in which they are run. Use not_if and only_if to guard this resource for
idempotence.
File
Use the file resource to manage the files directly on a node.
freebsd_package
Use the freebsd_package resource to manage packages for the FreeBSD platform.
gem_package
Use the gem_package resource to manage gem packages that are only included in
recipes. When a package is installed from a local file, it must be added to the node using
the remote_file or cookbook_file resources.
Git
Use the git resource to manage source control resources that exist in a git repository.
git version 1.6.5 (or higher) is required to use all of the functionality in the git resource.
Group
Use the group resource to manage a local group.
homebrew_package
Use the homebrew_package resource to manage packages for the Mac OS X platform.
http_request
Use the http_request resource to send an HTTP request (GET, PUT, POST, DELETE,
HEAD, or OPTIONS) with an arbitrary message. This resource is often useful when
custom callbacks are necessary.
Ifconfig
Use the ifconfig resource to manage interfaces.
ips_package
Use the ips_package resource to manage packages (using Image Packaging System
(IPS)) on the Solaris 11 platform.
Ksh
Use the ksh resource to execute scripts using the Korn shell (ksh) interpreter. This
resource may also use any of the actions and properties that are available to the execute
resource.
Link
Use the link resource to create symbolic or hard links.
Log
Use the log resource to create log entries. The log resource behaves like any other
resource: built into the resource collection during the compile phase, and then run during
the execution phase. (To create a log entry that is not built into the resource collection,
use Chef::Log instead of the log resource)
macports_package
Use the macports_package resource to manage packages for the Mac OS X platform.
Mdadm
Use the mdadm resource to manage RAID devices in a Linux environment using the
mdadm utility. The mdadm provider will create and assemble an array, but it will not
create the config file that is used to persist the array upon reboot.
If the config file is required, it must be done by specifying a template with the correct
array layout, and then by using the mount provider to create a file systems table (fstab)
entry.
Mount
Use the mount resource to manage a mounted file system.
Ohai
Use the ohai resource to reload the Ohai configuration on a node. This allows recipes
that change system attributes (like a recipe that adds a user) to refer to those attributes
later on during the chef-client run.
Package
Use the package resource to manage packages. When the package is installed from a
local file (such as with RubyGems, dpkg, or RPM Package Manager), the file must be
added to the node using the remote_file or cookbook_file resources.
pacman_package
Use the pacman_package resource to manage packages (using pacman) on the Arch
Linux platform.
powershell_script
Use the powershell_script resource to execute a script using the Windows PowerShell
interpreter, much like how the script and script-based resources—bash, csh, perl,
python, and ruby—are used. The powershell_script is specific to the Microsoft Windows
platform and the Windows PowerShell interpreter.
Python
Use the python resource to execute scripts using the Python interpreter. This resource
may also use any of the actions and properties that are available to the execute resource.
Reboot
Use the reboot resource to reboot a node, a necessary step with some installations on
certain platforms. This resource is supported for use on the Microsoft Windows, Mac OS
X, and Linux platforms.
registry_key
Use the registry_key resource to create and delete registry keys in Microsoft Windows.
remote_directory
Use the remote_directory resource to incrementally transfer a directory from a
cookbook to a node. The directory that is copied from the cookbook should be located
under COOKBOOK_NAME/files/default/REMOTE_DIRECTORY.
The remote_directory resource will obey file specificity.
remote_file
Use the remote_file resource to transfer a file from a remote location using file
specificity. This resource is similar to the file resource.
Route
Use the route resource to manage the system routing table in a Linux environment.
rpm_package
Use the rpm_package resource to manage packages for the RPM Package Manager
platform.
Ruby
Use the ruby resource to execute scripts using the Ruby interpreter. This resource may
ruby_block
Use the ruby_block resource to execute Ruby code during a Chef-Client run. Ruby
code in the ruby_block resource is evaluated with other resources during convergence,
whereas Ruby code outside of a ruby_block resource is evaluated before other
resources, as the recipe is compiled.
Script
Use the script resource to execute scripts using a specified interpreter, such as Bash,
csh, Perl, Python, or Ruby. This resource may also use any of the actions and properties
that are available to the execute resource.
Service
Use the service resource to manage a service.
smart_os_package
Use the smartos_package resource to manage packages for the SmartOS platform.
solaris_package
The solaris_package resource is used to manage packages for the Solaris platform.
Subversion
Use the subversion resource to manage source control resources that exist in a
Subversion repository.
Template
Use the template resource to manage the contents of a file using an Embedded Ruby
(ERB) template by transferring files from a sub-directory of
COOKBOOK_NAME/templates/ to a specified path located on a host that is running the
Chef-Client. This resource includes actions and properties from the file resource.
Template files managed by the template resource follow the same file specificity rules
as the remote_file and file resources.
User
Use the user resource to add users, update existing users, remove users, and to
lock/unlock user passwords.
windows_package
Use the windows_package resource to manage Microsoft Installer Package (MSI)
packages for the Microsoft Windows platform.
windows_service
Use the windows_service resource to manage a service on the Microsoft Windows
platform.
yum_package
Use the yum_package resource to install, upgrade, and remove packages with Yum for
the Red Hat and CentOS platforms. The yum_package resource is able to resolve
provides data for packages much like Yum can do when it is run from the command line.
This allows a variety of options for installing packages, like minimum versions, virtual
provides, and library names.
Chef - Lightweight Resource Provider

Lightweight resource provider (LWRP) provides an option of extending the list of
available resources by extending it features and allows Chef user to create custom
resources.
By creating custom resources one can simply write cookbooks because one can own
enriched custom resources using Chef DSL which helps in making the recipe code more
expressive.
In Chef community, many of the custom resources are implemented using LWRPs.
There are many working examples of LWRP such
as iptables_rules and apt_repository.
Working Method
Make sure one has cookbook name Testing_resource and a run_list of node which
contains Testing_resource cookbook.
Building LWRP
Step 1 − Create a custom resource in Testing_resource cookbook.
cookbooks/Testing_resource/resources/default.rb
actions :create, :remove
attribute :title, kind_of: String, default: "World"
attribute :path, kind_of: String, default: "/tmp/greeting.txt"
Step 2 − Create a provider for resources in Tesing_resource cookbook.

cookbooks/Testing_resource/provider/default.rb
action :create do
log "Adding '#{new_resource.name}' greeting as #{new_resource.
path}"
file new_resource.path do
content "#{new_resource.name}, #{new_resource.title}!"
action :create
end
action :remove do
Chef::Log.info "Removing '#{new_resource.name}' greeting
#{new_resource.path}"
file new_resource.path do
action :delete
end
end
Step 3 − Use a new resource by editing Testing_resource default recipe.

cookbooks/Tesing_resource/recipes/default.rb
greeting "Ohai" do
title "Chef"
action :create
end
Step 4 − Upload the modified cookbook to Chef server.

vipin@laptop:~/chef-repo $ knife cookbook upload greeting
Uploading greeting [0.1.0]
Step 5 − Run Chef-Client on the node.
vipin@server:~$ sudo chef-client
2013-06-28T21:32:54+00:00] INFO: Processing greeting[Ohai] action
create (greeting::default line 9)
[2013-06-28T21:32:54+00:00] INFO: Adding 'Ohai' greeting as /tmp/
greeting.txt
[2013-06-28T21:32:54+00:00] INFO: Processing file[/tmp/greeting.
txt] action create (/srv/chef/file_store/cookbooks/greeting/
providers/default.rb line 7)
[2013-06-28T21:32:54+00:00] INFO: file[/tmp/greeting.txt] created
file /tmp/greeting.txt
Step 6 − Validate the content of the generated file.
user@server:~$ cat /tmp/greeting.txt
Ohai, Chef!
Workflow Scripts
LWRPs live in cookbooks. A custom resource lives inside the cookbooks, and will be
available under the cookbook name. In the workflow, first we define the definitions and
then pass the attributes to the resources which is going to be used in the cookbook.
Finally, we use those actions and attributes in our recipe.
Chef - Blueprints
In Chef, blueprints are the tools to find out and record exactly what is present on the
server. Blueprints record all the things required such as directors, packages,
configuration files, and so on. Blueprints have the capability to split server information in
various formats. One of them is Chef recipe. This helps to configure unique server using
Chef.
Woring Method
We need to have Python and Git installed on the node where we need to run the
blueprint.
Step 1 − Install the blueprint.
vipin@server:~$ pip install blueprint
Step 2 − Create a blueprint.
user@server:~$ sudo blueprint create internal-cookbook
# [blueprint] using cached blueprintignore(5) rules
# [blueprint] searching for Python packages
# [blueprint] searching for PEAR/PECL packages
# [blueprint] searching for Yum packages
# [blueprint] searching for Ruby gems
# [blueprint] searching for npm packages
# [blueprint] searching for software built from source
# [blueprint] searching for configuration files
# [blueprint] /etc/ssl/certs/AC_Ra\xc3\xadz_Certic\xc3\
xa1mara_S.A..pem not UTF-8 - skipping it
# [blueprint] /etc/ssl/certs/NetLock_Arany_=Class_Gold=_F\xc5\
x91tan\xc3\xbas\xc3\xadtv\xc3\xa1ny.pem not UTF-8 - skipping it
# [blueprint] /etc/ssl/certs/EBG_Elektronik_Sertifika_Hizmet_Sa\
xc4\x9flay\xc4\xb1c\xc4\xb1s\xc4\xb1.pem not UTF-8 - skipping it
# [blueprint] /etc/ssl/certs/Certinomis_-_Autorit\xc3\xa9_Racine.
pem not UTF-8 - skipping it
# [blueprint] /etc/ssl/certs/T\xc3\x9cB\xc4\xb0TAK_UEKAE_K\xc3\
xb6k_Sertifika_Hizmet_Sa\xc4\x9flay\xc4\xb1c\xc4\xb1s\xc4\xb1_-_S\
xc3\xbcr\xc3\xbcm_3.pem not UTF-8 - skipping it
# [blueprint] searching for APT packages
# [blueprint] searching for service dependencies
Step 3 − Create a cookbook from the blueprint.
user@server:~$ blueprint show -C internal-cookbook my-
server/recipes/default.rb
Step 4 − Validate the content of the generated file.
user@server:~$ cat internal-cookbook /recipes/default.rb
#
# Automatically generated by blueprint(7). Edit at your own risk.
#
cookbook_file('/tmp/96468fd1cc36927a027045b223c61065de6bc575.tar')
do
backup false
group 'root'
mode '0644'
owner 'root'
source 'tmp/96468fd1cc36927a027045b223c61065de6bc575.tar'
end
execute('/tmp/96468fd1cc36927a027045b223c61065de6bc575.tar') do
command 'tar xf
"/tmp/96468fd1cc36927a027045b223c61065de6bc575.tar"'
cwd '/usr/local'
end
directory('/etc/apt/apt.conf.d') do
service('ssh') do
action [:enable, :start]
subscribes :restart, resources('cookbook_file[/etc/default/
keyboard]', 'cookbook_file[/etc/default/console-setup]',
'cookbook_file[/etc/default/ntfs-3g]', 'package[openssh-
server]',
'execute[96468fd1cc36927a027045b223c61065de6bc575.tar]')
end
Workflow Script
Blueprint is a Python package that finds out all the relevant configuration data of the
server and stores it in a Git repo. Each blueprint has its own name.
One can ask the blueprint to show the content of its Git repo in various formants.
user@server:~$ ls -l internal-cookbook /
total 8
drwxrwxr-x 3 vagrant vagrant 4096 Jun 28 06:01 files
-rw-rw-r-- 1 vagrant vagrant 0 Jun 28 06:01 metadata.rb
drwxrwxr-x 2 vagrant vagrant 4096 Jun 28 06:01 recipes
Blueprints Show Commands
user@server:~$ blueprint show-packages my-server
apt wireless-regdb 2011.04.28-1ubuntu3
apt zlib1g-dev 1:1.2.3.4.dfsg-3ubuntu4
python2.7 distribute 0.6.45
python2.7 pip 1.3.1
pip blueprint 3.4.2
pip virtualenv 1.9.1
The preceding command shows all kinds of installed packages. Other show commands
are as follows −
• show-files
• show-services
• show-sources
Chef - Files & Packages
In Chef, creating configuration files and moving packages are the key components.
There are multiple ways how Chef manages the same. There are multiple ways how
Chef supports in dealing with the files and software packages.
Installing Packages from Third-Party Repo
Step 1 − Edit the default recipe of the cookbook.
include_recipe "apt"
apt_repository "s3tools" do
uri "http://s3tools.org/repo/deb-all"
components ["stable/"]
key "http://s3tools.org/repo/deb-all/stable/s3tools.key"
action :add
end
package "s3cmd"
Step 2 − Edit the metadata to add dependency on the apt cookbook.

vipin@laptop:~/chef-repo $ subl cookbooks/my_cookbook/metadata.rb
...
depends "apt"
Step 4 − Validate that the package you are trying to install, is not yet installed.
Step 5 − Validate the default repo.
Step 6 − Run Chef-Client on the node.
Step 7 − Validate that the required package is installed.
Installing Software from Source
If one needs to install a piece of software that is not available as a package for a given
platform, one needs to compile it oneself. In Chef, we can do this by using the script
resource.
Step 1 − Edit the default recipe.
vipin@laptop:~/chef-repo $ subl cookbooks/my_cookbook/recipes/
default.rb
version = "1.3.9"
bash "install_nginx_from_source" do
cwd Chef::Config['file_cache_path']
code ≪-EOH
wget http://nginx.org/download/nginx-#{version}.tar.gz
tar zxf nginx-#{version}.tar.gz &&
cd nginx-#{version} &&
./configure && make && make install
EOH

Step 3 − Run the Chef-Client on the node.
Step 4 − Validate that the nginx is installed.
Chef - Community Cookbooks

Community cookbooks are similar to any other cookbook. The only reason it is called
community cookbook is because anyone who knows to write cookbooks can join this
community and upload their cookbooks to the centralized hub. These cookbooks are
available for free and anyone can download and use it. In order to use these community
cookbooks, one needs to download them, modify them as per the requirement, and
upload them to their respective Chef server.
One needs to have knife configured on their system in order to update, upload, and
download the cookbooks. Interact with cookbooks using the knife cookbook commands.
With knife cookbook, you can create, delete, show, list, download, and upload
cookbooks. Read the knife cookbook commands documentation for more information in
Chapter 7.
Following is the link of community
cookbooks: https://supermarket.chef.io/cookbooksdirectory

Chef Concept

Uploaded by

Copyright:

Available Formats

Chef Concept

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chef Concept

Uploaded by

Copyright:

Available Formats

Chef - Overview

Chef is an open source technology developed by Opscode. Adam Jacob, co-founder of

• Implementing new systems with a uniform configuration.

• Simple and easy to learn

Chef - Workstation Setup

ChefDK Path Variable

* execute[initialize-git] action run

* execute[git-add-new-files] action run

* execute[git-commit-new-files] action run

Following is the Created Cookbook Structure as an output of the above code.

Drivers − It specifies the software which manages the machine.

• knife bootstrap [SSH_USER@]FQDN (options)

• knife client bulk delete REGEX (options)

• knife configure (options)

• knife cookbook bulk delete REGEX (options)

• knife cookbook site download COOKBOOK [VERSION] (options)

• knife data bag create BAG [ITEM] (options)

• knife environment compare [ENVIRONMENT..] (options)

• knife exec [SCRIPT] (options)

• knife help [list|TOPIC]

• knife index rebuild (options)

• knife node bulk delete REGEX (options)

• knife osc_user create USER (options)

• knife delete [PATTERN1 ... PATTERNn]

• knife raw REQUEST_PATH

• knife recipe list [PATTERN]

• knife role bulk delete REGEX (options)

• knife serve (options)

• knife ssh QUERY COMMAND (options)

• knife ssl check [URL] (options)

• knife status QUERY (options)

• knife tag create NODE TAG ...

• knife user create USERNAME DISPLAY_NAME FIRST_NAME LAST_NAME EMAIL

Chef - Solo Setup

Step 2 − Add the file to git repo.

• Using chef command

Chef - Chef-Client as Daemon

=> <file[/tmp/book.txt] @name: "/tmp/book.txt" @noop: nil @

Chef - Testing Cookbooks

Step 4 − Run the knife test command again.

it 'creates a greetings file, containing the platform

Step 5 − Validate ChefSpec.

Step 7 − Create a template file.

Step 8 − Run the rspec again.

Chef - Testing Cookbook with Test Kitchen

Step 2 − Edit cookbook attributes.

Step 3 − Edit gem file to install the necessary Ruby gems.

Step 6 − Create a test directory inside the cookbook.

it "contains what's stored in the 'greeting' node

Step 10 − Edit your main cookbook's Berksfile.

Chef - Chef-Client Run

Step 2 − Define the attribute inside the recipe.

Step 3 − Uploading the modified cookbook.

Step 4 − Run the Chef-Client.

Step 2 − Add ERB Template file.

Chef - Plain Ruby with Chef DSL

Chef - Ruby Gems with Recipes

Step 2 − Upload the modified cookbook to the Chef server.

Step 2 − Use the helper method.