This article will discuss installation of Chef Server on CentOS 8 / RHEL 8. Chef Infra is an open-source infrastructure Automation framework that gives you powers to define the state of your systems and automatically keep them that way.

The Chef Server is responsible for storing your configuration policy, defined in Chef cookbooks, as well as searchable metadata for each node managed. The Nodes managed by Chef regularly check in with the Chef server to ensure that their local configurations are always kept up to date.

Chef is typically comprised of three parts:

  • Workstation: This is the computer from which you write Chef cookbooks and administer your entire network.
  • Chef server: This acts as a central repository for your authored cookbooks as well as for information about every node it manages.
  • Nodes: This is computer that has Chef client installed and is managed by a Chef server. A node can be any physical or virtual machine in your network.

The structure is as illustrated in the diagram below.

Detailed overview:

In our previous guide, we covered the installation of Chef Server on Ubuntu 18.04 LTS. Today article will be focused on the installation of Chef Server on CentOS 8 / RHEL 8 Linux system.

Prerequisites

  • A CentOS/RHEL 8 server with 8GB Ram allocated
  • Assign a hostname to the Chef server which should be on its Domain name.

My server has 8GB of RAM and 4vcpus.

$ free -h
              total        used        free      shared  buff/cache   available
Mem:          7.6Gi       162Mi       7.2Gi        16Mi       257Mi       7.2Gi
Swap:         4.0Gi          0B       4.0Gi

$ $ lscpu 
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              4
On-line CPU(s) list: 0-3
Thread(s) per core:  1
Core(s) per socket:  1
Socket(s):           4
NUMA node(s):        1
Vendor ID:           GenuineIntel
CPU family:          6
Model:               94
Model name:          Intel Core Processor (Skylake, IBRS)
Stepping:            3
CPU MHz:             3599.986
BogoMIPS:            7199.97
Hypervisor vendor:   KVM
Virtualization type: full
L1d cache:           32K
L1i cache:           32K
L2 cache:            4096K
L3 cache:            16384K
NUMA node0 CPU(s):   0-3
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single pti ssbd ibrs ibpb stibp fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm mpx rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 arat md_clear

Step 1: Update System

Set proper hostname for Chef server machine before updating.

sudo hostnamectl set-hostname chefserver.computingforgeeks.com --static

If you don’t have a valid DNS server in your network, add A record to /etc/hosts file.

$ sudo vi /etc/hosts
10.10.1.162 chefserver.computingforgeeks.com chefserver

Then install basic standard packages and update the server:

sudo dnf -y install git vim wget curl bash-completion
sudo dnf -y update
sudo reboot

Step 2: Configure NTP

The Chef server is particularly sensitive to clock drift and it requires that the systems on which it is running be connected to Network Time Protocol (NTP).

Refer to our previous guide:

How To Configure NTP Server Using Chrony on RHEL 8 / CentOS 8

Step 3: Install Chef Server on CentOS 8 / RHEL 8

Visit the Chef Infra Server Downloads page choose the current or stable release version to Download.

wget https://packages.chef.io/files/current/chef-server/13.0.40/el/8/chef-server-core-13.0.40-1.el7.x86_64.rpm

After downloading the package, install it with your distribution package manager.

sudo dnf localinstall chef-server-core-13.0.40-1.el7.x86_64.rpm

Accept installation by pressing the y key when asked.

Dependencies resolved.
===================================================================================================================================================
 Package                                Arch                         Version                              Repository                          Size
===================================================================================================================================================
Installing:
 chef-server-core                       x86_64                       13.0.40-1.el7                        @commandline                       328 M

Transaction Summary
===================================================================================================================================================
Install  1 Package

Total size: 328 M
Installed size: 1.0 G
Is this ok [y/N]: y

Once the installation is complete, we need to reconfigure the chef server components for all Chef Server services to be configured properly and started.

sudo chef-server-ctl reconfigure

Be patient as this may take some time to complete.

.....................................................
Recipe: private-chef::partybus
  * execute[set initial migration level] action run
    - execute cd /opt/opscode/embedded/service/partybus && ./bin/partybus init
  * ruby_block[migration-level file sanity check] action run (skipped due to not_if)
Recipe: private-chef::rabbitmq
  * script[hard_kill_rabbitmq] action run
    - execute "bash"  "/tmp/chef-script20190920-14976-1jvsbez"

Running handlers:
Running handlers complete
Chef Infra Client finished, 482/1032 resources updated in 02 minutes 26 seconds
Chef Server Reconfigured!

Chef Server components status can be checked by running the command:

$ sudo chef-server-ctl status
run: bookshelf: (pid 14851) 90s; run: log: (pid 9251) 174s
run: nginx: (pid 14681) 92s; run: log: (pid 9869) 130s
run: oc_bifrost: (pid 14586) 93s; run: log: (pid 8936) 194s
run: oc_id: (pid 14678) 92s; run: log: (pid 8961) 190s
run: opscode-erchef: (pid 14882) 90s; run: log: (pid 9395) 168s
run: opscode-expander: (pid 14742) 90s; run: log: (pid 9115) 180s
run: opscode-solr4: (pid 14714) 91s; run: log: (pid 9039) 184s
run: postgresql: (pid 14576) 93s; run: log: (pid 8432) 206s
run: rabbitmq: (pid 15362) 85s; run: log: (pid 10142) 124s
run: redis_lb: (pid 9480) 164s; run: log: (pid 9479) 164s

All Chef Server services will run under the username/group opscode. The username for PostgreSQL is opscode-pgsql.

If you’re using firewalld, open port http and https ports.

sudo firewall-cmd --permanent --add-service={http,https}
sudo firewall-cmd --reload

Step 4: Create Admin user and Organization

Admin user account is not created automatically upon installation. We need to create one.

The syntax for creating user is:

chef-server-ctl user create USERNAME FIRST_NAME [MIDDLE_NAME] LAST_NAME EMAIL PASSWORD

Save variables required and run user creation commands.

# Set values
USERNAME="chefadmin"
FIRST_NAME="Chef"
LAST_NAME="Administrator"
EMAIL="[email protected]"
KEY_PATH="/root/chefadmin.pem"

# Create user
sudo chef-server-ctl user-create ${USERNAME} ${FIRST_NAME} ${LAST_NAME} ${EMAIL} -f ${KEY_PATH} --prompt-for-password

Used options:

  • –prompt-for-password : Prompt for user password
  • -f: Write private key to file specified rather than STDOUT

To view list of users, run:

$ sudo chef-server-ctl user-list
chefadmin
pivotal

Create Chef Organization

Next is to create an organization. An organization is the top-level entity for role-based access control in the Chef Infra Server. The Chef Infra Server supports multiple organizations.

The org-create subcommand is used to create an organization. Full command syntax is:

$ chef-server-ctl org-create ORG_NAME "ORG_FULL_NAME" \
--association_user USERNAME --filename ORGANIZATION-validator.pem (options)

Notes:

  • The name must begin with a lower-case letter or digit,
  • The full name must begin with a non-white space character
  • The --association_user option will associate the user with the admins security group on the Chef server.
  • An RSA private key is generated automatically. This is the chef-validator key and should be saved to a safe location.
  • The --filename option will save the RSA private key to the specified absolute path.

Example:

sudo chef-server-ctl org-create computingforgeeks 'ComputingForGeeks, Inc.' \
--association_user chefadmin \
--filename /root/computingforgeeks-validator.pem

Verify organization creation:

$ sudo chef-server-ctl org-list
computingforgeeks

You should have to RSA private keys under /root – For user and organization.

$ sudo find /root -name "*.pem"
/root/chefadmin.pem
/root/computingforgeeks-validator.pem

Step 5: Install Chef Manage (Optional)

Chef Manage is a premium add-on that provides a graphical user interface for managing common Chef server tasks. It’s free for up to 25 nodes.

Let’s install the management console

sudo chef-server-ctl install chef-manage 
sudo chef-server-ctl reconfigure 
sudo chef-manage-ctl reconfigure

You should be able to access the Chef web admin dashboard on https://serverip/login. Login with created admin user and password.

Chef Manage dashboard:

Install additional packages from https://packages.chef.io/

Step 6: Install Chef Workstation

Our next article will cover installation of Chef Client & Workstation on RHEL / CentOS 8.

How To Install Chef Workstation on CentOS 8 / RHEL 8

Also check related guides:

How to configure Chef Knife, Upload Cookbooks and Run a recipe on Chef Client Nodes

How to install Chef Development Kit / Workstation on Ubuntu 18.04

How to install Chef Development Kit on Arch Linux