Add Nodes for the Chef Server to Manage
The chef-client
chef-client
agent software on those nodes.
The minimum supported version of chef-client
on nodes associated with an
AWS OpsWorks for Chef Automate server is 12.16.42. We recommend running chef-client
14.10.9.
This walkthrough demonstrates how to run a knife
command that adds, or
bootstraps, an EC2 instance so that the Chef server can manage it.
For more information about how to bootstrap nodes automatically by using a script
to
perform unattended association of nodes with the Chef server, see Adding Nodes Automatically in AWS OpsWorks for Chef Automate.
(Optional) Specify the URL of your Chef Automate Server Root CA
If your server is using a custom domain and certificate, you might need to edit the
ROOT_CA_URL
variable in the userdata script with a public URL that you
can use to get the root CA PEM-formatted certificate of your server. The following
AWS CLI
commands upload your root CA to an Amazon S3 bucket, and generate a presigned URL
that you
can use for one hour.
-
Upload the root CA PEM-formatted certificate to S3.
aws s3 cp
ROOT_CA_PEM_FILE_PATH
s3://bucket_name
/ -
Generate a presigned URL that you can use for one hour (3600 seconds, in this example) to download the root CA.
aws s3 presign s3://
bucket_name
/ROOT_CA_PEM_FILE_NAME
--expires-in 3600 -
Edit the variable
ROOT_CA_URL
in the userdata script with the value of the pre-signed URL.
Supported Operating Systems
For the current list of supported operating systems for nodes, see the Chef website
Add Nodes with Knife
The knife-ec2
knife-ec2
, you can use it instead of knife bootstrap
to
provision and bootstrap new EC2instances. Otherwise, launch a new EC2 instance, and
then
follow the steps in this section.
To add nodes to manage
-
Run the following
knife bootstrap
command. This command bootstraps an EC2 instance to the nodes that your Chef server will manage. Note that you are instructing the Chef server to run recipes from thenginx
cookbook that you installed in Use Policyfile.rb to Get Cookbooks from a Remote Source. For more information about adding nodes by running theknife bootstrap
command, see Bootstrap a Nodein the Chef documentation. The following table shows valid user names for node operating systems in the
knife
command in this step. If neitherroot
norec2-user
works, check with your AMI provider. For more information about connecting to Linux-based instances, see Connecting to Your Linux Instance Using SSH in the AWS documentation.Valid values for user names in node operating systemsOperating System Valid User Names Amazon Linux ec2-user
Red Hat Enterprise Linux 5 root
orec2-user
Ubuntu ubuntu
Fedora fedora
orec2-user
SUSE Linux root
orec2-user
knife bootstrap
INSTANCE_IP_ADDRESS
-NINSTANCE_NAME
-xUSER_NAME
--sudo --run-list "recipe[nginx]" -
Verify that the new node was added by running the following commands, replacing
INSTANCE_NAME
with the name of the instance that you just added.knife client show
INSTANCE_NAME
knife node showINSTANCE_NAME
More Info
Visit the Learn
Chef tutorial site