Install the Chef Infra Server
There are three configuration scenarios for the Chef Infra Server:
- Standalone (everything on a single machine)
- High availability (machines configured for front-end and back-end, allowing for failover on the back-end and load-balancing on the front-end, as required)
- Tiered (machines configured for front-end and back-end, with a single back-end and load-balancing on the front-end, as required)
Supported Platforms
The following table lists the commercially-supported platforms and versions for the Chef Infra Server:
Platform | Architecture | Version |
---|---|---|
Amazon Linux 2 | x86_64 | 2.x |
CentOS | x86_64 | 7.x , 8.x |
Oracle Enterprise Linux | x86_64 | 7.x , 8.x |
Red Hat Enterprise Linux | x86_64 | 7.x , 8.x |
SUSE Linux Enterprise Server | x86_64 | 12.x , 15.x |
Ubuntu | x86_64 | 16.04 , 18.04 , 20.04 |
Prerequisites
The Chef Infra Server has the following prerequisites:
- An x86_64 compatible system architecture; Red Hat Enterprise Linux and CentOS may require updates prior to installation
- A resolvable hostname that is specified using a FQDN or an IP address
- A connection to Network Time Protocol (NTP) to prevent clock drift
- If host-based firewalls (iptables, ufw, etc.) are being used, ensure that ports 80 and 443 are open. See the firewalls section of the install prerequisites for additional details.
- A local mail transfer agent that allows the Chef Infra Server to send email notifications
- Using cron and the
/etc/cron.d
directory for periodic maintenance tasks - Disabling the Apache Qpid daemon on CentOS and Red Hat systems. See the Apache Qpid of the prerequisite documentation for detailed steps.
- Optional. A local user account under which services will run, a local user account for PostgreSQL, and a group account under which services will run. See UIDs and GIDs for more information.
Note
Standalone
The standalone installation of Chef Infra Server creates a working installation on a single server. This installation is also useful when you are installing Chef Infra Server in a virtual machine, for proof-of-concept deployments, or as a part of a development or testing loop.
To install Chef Infra Server:
Download the package from https://www.chef.io/downloads/tools/infra-server/.
Upload the package to the machine that will run the Chef Infra Server, and then record its location on the file system. The rest of these steps assume this location is in the
/tmp
directory.As a root user, install the Chef Infra Server package on the server, using the name of the package provided by Chef. For Red Hat Enterprise Linux and CentOS:
sudo rpm -Uvh /tmp/chef-server-core-<version>.rpm
For Ubuntu:
sudo dpkg -i /tmp/chef-server-core-<version>.deb
After a few minutes, the Chef Infra Server will be installed.
Run the following to start all of the services:
sudo chef-server-ctl reconfigure
Because the Chef Infra Server is composed of many different services that work together to create a functioning system, this step may take a few minutes to complete.
Run the following command to create an administrator:
sudo chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename FILE_NAME
An RSA private key is generated automatically. This is the user’s private key and should be saved to a safe location. The
--filename
option will save the RSA private key to the specified absolute path.For example:
sudo chef-server-ctl user-create janedoe Jane Doe janed@example.com 'abc123' --filename /path/to/janedoe.pem
Run the following command to create an organization:
sudo chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem
For example:
sudo chef-server-ctl org-create 4thcafe 'Fourth Cafe, Inc.' --association_user janedoe --filename /path/to/4thcafe-validator.pem
The name must begin with a lower-case letter or digit, may only contain lower-case letters, digits, hyphens, and underscores, and must be between 1 and 255 characters. For example:
4thcafe
.The full name must begin with a non-white space character and must be between 1 and 1023 characters. For example:
'Fourth Cafe, Inc.'
.The
--association_user
option will associate theuser_name
with theadmins
security group on the Chef Infra Server.An RSA private key is generated automatically. This is the chef-validator key and should be saved to a safe location. The
--filename
option will save the RSA private key to the specified absolute path.
Update Configuration for Purchased Nodes
To use more than 25 nodes, you’ll need to change Chef Infra Server
configuration for the server to recognize your purchased licenses. Edit
your /etc/opscode/chef-server.rb
file by following the process below:
On your Chef Infra Server, if the
chef-server.rb
file does not exist, create it.sudo mkdir /etc/opscode && sudo touch /etc/opscode/chef-server.rb
Open up the newly created
chef-server.rb
file in your favorite text editor, for example:sudo vi /etc/opscode/chef-server.rb
Paste or add the following text. Please note the placement of the single quotation (’) marks. If you’re using the vi text editor, you’ll need to use the i key to insert the text.
license['nodes'] = N where N is the number of licensed nodes you have purchased
Save the file. If you’re using vi, from the example above, use the esc key and then:
:wq
Run
chef-server-ctl reconfigure
for the changes to be picked up by your Chef Infra Server.sudo chef-server-ctl reconfigure
For more information on configuring your Chef Infra Server, see chef-server.rb Settings and chef-server.rb Optional Settings.
High Availability
The following links describe how to configure the Chef Infra Server for high availability. The Backend Cluster setup is strongly recommended for new installations:
Tiered (Single Backend)
The following link describes how to configure the Chef Infra Server with a single backend machine and multiple frontend machines. Note that this process has been deprecated in favor of a Backend Cluster setup: