Add nodes individually
Important
AWS OpsWorks for Chef Automate reached end of life on May 5, 2024 and has been disabled for both new and existing customers. We recommend that existing customers migrate to Chef SaaS or an alternative solution. If you have questions,
you can reach out to the AWS Support Team on AWS re:Post
This section describes how to run a knife
command that adds, or
bootstraps, an EC2 instance so that the Chef server can manage it.
The minimum supported version of chef-client
on nodes associated with an
AWS OpsWorks for Chef Automate server is 13.x. We recommend running the most current, stable chef-client
version.
Topics
(Optional) Specify the URL of your Chef Automate Server Root CA
If your server is using a custom domain and certificate, you might need to edit the
ROOT_CA_URL
variable in the userdata script with a public URL that you
can use to get the root CA PEM-formatted certificate of your server. The following AWS CLI
commands upload your root CA to an Amazon S3 bucket, and generate a presigned URL that you
can use for one hour.
-
Upload the root CA PEM-formatted certificate to S3.
aws s3 cp
ROOT_CA_PEM_FILE_PATH
s3://bucket_name
/ -
Generate a presigned URL that you can use for one hour (3600 seconds, in this example) to download the root CA.
aws s3 presign s3://
bucket_name
/ROOT_CA_PEM_FILE_NAME
--expires-in 3600 -
Edit the variable
ROOT_CA_URL
in the userdata script with the value of the pre-signed URL.
Supported Operating Systems
For the current list of supported operating systems for nodes, see the Chef website
Add Nodes with Knife
The knife-ec2
knife-ec2
, you can use it instead of knife bootstrap
to
provision and bootstrap new EC2instances. Otherwise, launch a new EC2 instance, and then
follow the steps in this section.
To add nodes to manage
-
Run the following
knife bootstrap
command. This command bootstraps an EC2 instance to the nodes that your Chef server will manage. Note that you are instructing the Chef server to run recipes from thenginx
cookbook that you installed in Use Policyfile.rb to Get Cookbooks from a Remote Source. For more information about adding nodes by running theknife bootstrap
command, see Bootstrap a Nodein the Chef documentation. The following table shows valid user names for node operating systems in the
knife
command in this step. If neitherroot
norec2-user
works, check with your AMI provider. For more information about connecting to Linux-based instances, see Connecting to Your Linux Instance Using SSH in the AWS documentation.Valid values for user names in node operating systemsOperating System Valid User Names Amazon Linux ec2-user
Red Hat Enterprise Linux 5 root
orec2-user
Ubuntu ubuntu
Fedora fedora
orec2-user
SUSE Linux root
orec2-user
knife bootstrap
INSTANCE_IP_ADDRESS
-NINSTANCE_NAME
-xUSER_NAME
--sudo --run-list "recipe[nginx]" -
Verify that the new node was added by running the following commands, replacing
INSTANCE_NAME
with the name of the instance that you just added.knife client show
INSTANCE_NAME
knife node showINSTANCE_NAME