Chef learning on Rasbperry Pi 2

Friday, May 15th 2015

GINA has been slowly chef’ing our infrastructure over the last few years. I’ve been unable to join the team in the process in any useful ways because I’ve not been able to fully wrap my head around all the complex parts of using Chef.

I decided to pull the trigger on fully setting up my new Raspberry Pi 2 using Chef. My goal was to get a better handle on how to do things in Chef using the new Chef 12 and GINA chef workflows. My previous runs at Chef have been piles of chaotic learning in my spare time. Being homesick for a Friday was the perfect opportunity to turn my freshly install of Raspbian on my new Raspberry Pi 2 into a Chef client.

Chef workstation & Server

I already had a functional chef workstation in hand that was setup to do commands against the GINA Chef server. This comes down to the following tools:

• Chef Development Kit (chefdk) latest and greatest!
  • install it and toss export PATH=/opt/chefdk/bin:$PATH in your .bashrc
• vagrant
• VirtualBox

To avoid using that I decided to instead use a hosted Chef Server from the Chef.io folks. This turned out to be silly simple to have multiple chef servers in your life if you are OK with managing a few symbolic links.

• login to manage.chef.io and download your organization’s starter kit.
• move the .chef directory from that to ~/.chef-your_org
• move your existing .chef to ~/.chef-whatever_else
  • .chef-gina in my case
• create the symlink to make it all right:
  • ln -s .chef-your_org .chef

basic Pi setup

Before starting with Chef stuff I had installed Raspbian on the Pi and put it on the network in a way I could ssh into the system by putting my ssh keys in place for both the pi@ and root@ accounts.

bootstrapping

Next step was to bootstrap the system to have chef-client. This turned out to be a bit of a pain as the new Chef 12 needs a new ruby (>2) and Raspbian is Debian Weezey with ruby-1.9. To solve this problem I forked @tinoschroer’s raspbian_bootstrap that was written back for an older chef. Updated the bootstrap to use ruby-build and do a few other nice things.

https://github.com/dayne/raspbian_bootstrap

Getting organization base repo started

We’ve been aiming to update our Chef approach to use an organize-base cookbook to get the basics out of the way. See Jamie Winsor’s post on The Environment Cookbook Pattern for a brief description of what role a Organization Base cookbook plays.

Since I was started from scratch I decided to create d-base through the following basics:

chef cookbook
cd d-base
git init .
git add .
git commit -m 'initial commit of base cookbook'

At this point it was just a generic template repo. I needed to make this mine. A few quick edits to metadata.rb put my name and email in place. I was ready start. First thing was make sure all my ducks really were in a row. I can pass tests and things work.

chef exec rspec    # ensure basic unit test passing (of course they did)
kitchen converge   # ensure I can launch the testing VMs via vagrant

Once I had those ducks in a row it was time to make this repo useful. Get chef-client actually installed as a service on the Raspberry Pi

Adding chef-client to d-base

Once you know what you are doing it is fairly easy to add the dependency of the chef-client to the d-base cookbook. I found a few bugs/gotchas since I was testing with both CentOS and Ubuntu.

• recipes/default.rb
  • include_recipe 'chef-client::config'
  • include_recipe 'chef-client::service'
• metadata.rb
  • depends 'chef-client'
• Berksfile
  • cookbook 'chef-client'

Captured in this Github Commit

Had berks download all the dependancies (not sure if this was needed)

berks

I then make sure things were still converging and good:

chef exec rspec
kitchen converge

Upload to Chef Server

With tests passing I was ready to upload to the chef server.

berks upload

Of course just having the node resync with the chef server didn’t actually have d-base or this new chef-client cookbook applied to it. Lets check this out using knife status and knife node show.

Apply d-base cookbook to the Pi

For future Pi deploys I will bootstrap them with the d-base as part of the process. Since I did this out of order I had to update the run-list of the Pi manually using knife to add d-base. Not a problem:

 knife node run_list add raspberrypi "recipe[d-base::default]"

With that I was able to successfully apply d-base which turned chef-client into a service. Hopefully the last manual running of the chef-client on the pi needed (except during heavy hacking sessions).

 sudo chef-client

Happy Hacking!