Sunday, 23 October 2016

PART 2: UNDERSTANDING CHEF COOKBOOK/RECIPE.

PART 2: UNDERSTANDING CHEF COOKBOOK/RECIPE.

This article will guide you through the creation of Chef Cookbook/Recipe and how to deploy it on CentOS/RHEL 6.4. 
The procedure mentioned in this tutorial is tested on:

OSCentOS 6.4
Chef Server11.0.8
Knife11.6.0

What is a Cookbook?
A cookbook is the fundamental unit of configuration and policy distribution. Each cookbook defines a scenario, such as everything needed to install and configure MySQL, and then it contains all of the components that are required to support that scenario.
What is a Recipe?
Recipe files are Ruby applications that define everything that is required to configure a system, including creating and configuring folders, installing and configuring packages, starting services, and so on. A recipe is a subset or “piece” of a cookbook
What is a Attribute?
Attributes files contain a set of attributes that represent values to be used by the recipes and templates.
For example, the built-in cookbook for the Rails App Server layer includes an attributes file with values for the Rails version, the application server stack, and so on.
What is Template?
Template files are templates that recipes use to create other files, such as configuration files.
Template files typically let you modify the configuration file by overriding attributes—which can be done without touching the cookbook—instead of rewriting a configuration file. The standard practice is that whenever you expect to change a configuration file on an instance even slightly, you should use a template file.
What is Databags?
A data bag is a global variable that is stored as JSON data and is accessible from a server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search. The contents of a data bag can vary, but they often include sensitive information (such as database passwords).
What is knife?
Knife is a command-line tool that provides an interface between a local chef-repo and the server. Knife helps users to manage nodes, cookbook, recipes, roles etc.
Steps to create a Sample Cookbook and configure a recipe
1) Login to Workstation node which have knife configured.
Adding the following line to create cookbook repo that can be uploaded to git (for version control).
   # vi /root/.chef/knife.rb
      cookbook_path [ '/usr/local/src/chef/cookbooks' ]
2) Create the cookbook directory.
   # mkdir -p /usr/local/src/chef/cookbooks
3) Now lets create sample cookbook to push users to Chef Nodes:
   # knife cookbook create cookbook-test
4) Navigate to cookbook directory and you will see the following structure got created.
   # cd /usr/local/src/chef/cookbooks
   # tree cookbook-test
 cookbook-test/
 ├── attributes
 ├── CHANGELOG.md
 ├── definitions
 ├── files
 │   └── default
 ├── libraries
 ├── metadata.rb
 ├── providers
 ├── README.md
 ├── recipes
 │   └── default.rb
 ├── resources
 └── templates
  └── default
5) Before creating the recipe lets generate the password for the new user using the following commands.
   # openssl passwd -1 "theplaintextpassword"
6) Now lets create a recipe for a new group (system-admins) and user by the name “sanjay”.
   # cat /usr/local/src/chef/cookbooks/cookbook-test/recipes/default.rb
 #
 # Cookbook Name:: cookbook-test
 # Recipe:: default
 #
 # Copyright 2013, YOUR_COMPANY_NAME
 #
 # All rights reserved - Do Not Redistribute
 #
 group "system-admins" do
                gid 1001
        end
 user "sanjay" do
  comment "Sanjay User"
  shell "/bin/bash"
  home "/home/sanjay"
  gid "system-admins"
  uid 1002
  supports :manage_home => true
  password "$1$QwuUa80Z$KZkYq8CqICVyIsK1tHZ7s0"
 end

Note: Please check the Group resource and User resource page for more info.
7) To upload the cookbooks/directory to the server, browse to the top level of the chef-repo and enter:
   # knife upload cookbooks

Note: This will upload all the cookbook.
8) To upload a single cookbook use following command:
   # knife upload cookbooks cookbook-test
9) Once we have upload the cookbook, now is the time to associate it with a Node using “run_list” Knife option:
   # knife node list
     node1.example.com
     node2.example.com
     node3.example.com

   #  knife node run_list add node1.example.com cookbook-test
      node1.example.com:
        run_list: recipe[cookbook-test]
9) Now login to machine “node1.example.com and run the following command:
   # chef-client
     [2013-10-25T04:47:36-07:00] INFO: Forking chef instance to converge...
     Starting Chef Client, version 11.6.2
     [2013-10-25T04:47:36-07:00] INFO: *** Chef 11.6.2 ***
     [2013-10-25T04:47:37-07:00] INFO: Run List is 
] [2013-10-25T04:47:37-07:00] INFO: Run List expands to [cookbook-test] [2013-10-25T04:47:37-07:00] INFO: Starting Chef Run for node1.example.com [2013-10-25T04:47:37-07:00] INFO: Running start handlers [2013-10-25T04:47:37-07:00] INFO: Start handlers complete. resolving cookbooks for run list: ["cookbook-test"] [2013-10-25T04:47:37-07:00] INFO: Loading cookbooks [cookbook-test] Synchronizing Cookbooks: [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/recipes/default.rb in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/metadata.rb in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/README.md in the cache. [2013-10-25T04:47:37-07:00] INFO: Storing updated cookbooks/cookbook-test/CHANGELOG.md in the cache. - cookbook-test Compiling Cookbooks... Converging 1 resources Recipe: cookbook-test::default * group[system-admins] action create[2013-10-25T22:23:38-07:00] INFO: Processing group[system-admins] action create (cookbook-test::default line 9) (up to date) * user[sanjay] action create[2013-10-25T04:47:37-07:00] INFO: Processing user[sanjay] action create (cookbook-test::default line 9) (up to date) [2013-10-25T04:47:37-07:00] INFO: Chef Run complete in 0.48225768 seconds [2013-10-25T04:47:37-07:00] INFO: Running report handlers [2013-10-25T04:47:37-07:00] INFO: Report handlers complete Chef Client finished, 0 resources updated

Note: Please check the Knife node run_list page for more info.
9) Try to check the user got created using following command:
   # su - sanjay
   $ id
     uid=1002(sanjay) gid=1001(system-admins) groups=1001(system-admins) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
   $ whoami
     sanjay
   $ pwd
     /home/sanjay

No comments:

Post a Comment