Roles and Its Importance in CHEF
Prerequisite => https://bansalkushagra.medium.com/what-is-bootstrapping-uploading-cookbook-in-chef-server-node-configurations-db59c1991514
Basic commands to List and delete cookbooks, roles, list of clients and nodes
1. To list cookbooks in chef-server
Ø knife cookbook list
2. To delete the cookbook from the chef-server
Ø knife cookbook delete <cookbook_name> -y
3. To list nodes in chef-server
Ø knife node list
4. To delete a node from chef-server
Ø knife node delete <Node_name> -y
5. To list Client in chef-server
Ø knife client-list
6. To delete clients from chef-server
Ø knife client delete <client_name > -y
7. To list roles in chef-server
Ø knife role list
8. To delete role form chef-server
Ø Knife role delete <role_name> -y
It’s very important to learn bootstrapping which I had already published on the blog. You must go through it; without knowledge of it you can’t proceed.
Let’s come to the implementation.
First, we will create a Role and will define a recipe that we want to run on the node. After that, role and cookbooks will update to chef-server and after creating an EC-2 instance node we will connect the node to Role run_list using bootstrap command and will automate the pull process such that the node can check after a minute if any update required or not from role’s we create.
Step-1:
Right now this is my present ec-2 chef workstation which I had already created and downloaded the chef-workstation.
First, create a cookbook and recipe inside it.
Cookbook name: role_cookbook
Recipe name: role_recipe.rb
Go to chef-repo> cookbooks> create your cookbook and inside the cookbook create the recipe.
Command:
Ø chef generate cookbook role_cookbook
Ø chef generate recipe role_recipe
Ø vi recipes/role_recipe.rb
Recipe code:
package ‘httpd’ do
action :install
end
file ‘/var/www/html/index.html’ do
content ‘Automating the chef process using crontab scheduler’
action :create
end
service ‘httpd’ do
action [:enable, :start]
end
Now go to the chef-repo directory because it contains all the sever files and everything will be executed in the folder.
Step-2:
Now let’s create a role inside the Roles directory present in chef-server and upload it to the server.
Either you can check roles present in the server using CLI or through accessing the server(In Realtime we can’t access the server).
Command:
Ø knife role from file roles/devops2.rb
Ø Knife role list
Follow the below output
Step-3:
Now let’s create an Ec-2 instance node say “chef-node-6” and connect the node to the chef-server.
Remember: Availability Zone must be the same to prevent future errors. Here we have taken “ap-south-1b”
Add two protocol SSH and HTTP with source ANYWHERE
At last, it will ask to choose key-pair if existing-key is present use it otherwise create new.
Never use the key of your workstation in which currently you are working.
And using WinSCP software move your node key from windows to the Linux server inside the chef-repo directory. (Follow the previous blog if don’t know how to do).
Command to connect the node to chef-server:
Ø knife bootstrap <node_private_IP> — ssh-user ec2-user — sudo -i <instance_key> -N <Any_name_For_node> -y
Ø knife bootstrap 172.31.11.231 — ssh-user ec2-user — sudo -i Node-key.pem -N Node6 -y
To list node upload on server
Ø Knife node list
Step-4:
Now, add a role to the runlist of the node and we will set a crontab scheduler in such a way that at every minute node will send a pull request to validate if any update is present at chef-server or not.
Command to adding at runlist:
Ø knife node run_list set Node6 “role[devops2]”
Ø Knife node show Node6
Here in the above screenshot, Roles and Recipes values are still unknown.
Step-5:
Now, Upload the cookbook to the chef-server
Command:
Ø knife cookbook upload role_cookbook
Step-6:
Open your node and schedule a crontab job to create a pull request to the chef-server client node.
Now, Copy your public IP and run it through the browser.
Roles and Recipes values that were unknown are updates now when nodes make a pull request.
Part-2:
If, we want to implement more than 1 recipe present in our cookbook we can provide just the name of the cookbook in our role and upload it to the server.
Original role:
name “devops2”
description “web hosting”
run_list “recipe[role_cookbook::role_recipe]”
New Role Code:
name “devops2”
description “web hosting”
run_list “recipe[role_cookbook]”
Here we just only provide the cookbook name.
Now, Upload the updated role to the server by following the below command.
Ø Knife role from file roles/devops.rb
Part-3:
Now, suppose instead of using a recipe(role_recipe), we want to work on a new recipe say role2.rb
Step-1: Create a new recipe say “role2”
Command:
Ø Go to role_cookbook directory
Ø Vi recipes/role2.rb
Code:
file ‘/basicinfo’ do
content “This is to get Attributes
HOSTNAME: #{node[‘hostname’]}
IPADDRESS: #{node[‘ipaddress’]}
CPU: #{node[‘cpu’][‘0’][‘mhz’]}
MEMORY: #{node[‘memory’][‘total’]}”
owner ‘root’
group ‘root’
action :create
end
Upload the updated cookbook to the server. Go to the chef-repo directory first.
Command:
Ø Knife cookbook upload role_cookbook
Now, go to roles > devops2.rb and change the recipe name
Code:
name “devops2”
description “web hosting”
run_list “recipe[role_cookbook::role2]”
Upload the updated recipe to the server.
Command:
Ø Knife role from file roles/devops2.rb
Open the node i.e chef-node-6 and you will see the files have been created with the name “basicinfo” and if run an IP it will show an output too. That means both recipes worked well.
👋 Join FAUN today and receive similar stories each week in your inbox! ️ Get your weekly dose of the must-read tech stories, news, and tutorials.
Follow us on Twitter 🐦 and Facebook 👥 and Instagram 📷 and join our Facebook and Linkedin Groups 💬
