ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Chef Recipes to Configure the Desired State of a System

Updated on February 14, 2016

Here i'm going to talk about Chef’s architecture and the basics and internals of a cookbook. A clear understanding of the Chef architecture and its internals will help view Chef in a holistic way.

Figure 1: Chef architecture
Figure 1: Chef architecture

Chef’s architecture

Figure 1 gives an overview of the Chef architecture. An organisation is independent of the components of Chef. It can be applied to your business unit or specific domain or project account. The DevOps process involves maintaining a database, source control management, software development, as well as testing the developed software and deployment in the production environment. Continuous integration (CI) plays a vital role here to invoke the execution of new checked-in code to the next stage. For example, if any code is checked-in by the developer, the CI triggers the build process, then tests the code and, finally, enables the deployment. If the code fails at any stage, it will alert the concerned stage and respective team requesting it to look into the matter. So an organisation can have different environments for development, testing and production. Further, a development environment can have different roles like maintaining software code and the relevant data in a database server, executing the application in the application server and monitoring the application by a dedicated monitoring server. Each role may associate one or more client nodes and every node can have one or more cookbooks. Nodes denote servers in the infrastructure, while the servers may be physical systems or virtual machines or hardware, which will represent compute instances. A cookbook consists of recipes, which in turn give the run list to enable the given nodes to reach a desired state after the deployment process. It may be creating a Web server, an ftp server, a mail server, a specific registry key, creating files or directories, manipulating file systems, setting up network components, installation of software packages, automating frequently executed tasks and managing services, etc.

So, to use Chef to configure your infrastructure, you should have a fair knowledge of cookbooks. This article will describe the writing of recipes in a cookbook. A recipe is about managing different resources and a resource is a fundamental building block of Chef. Let us name the cookbook ‘cookbook_101’. It contains code examples for different core resources, which are built into the Chef-clients. A resource can be of different types like a file, directory, command, network, script, package, service, etc, and these resources are grouped together into recipes, which will decide what configuration we want to set up for the target nodes. You should have domain expertise to understand your project’s requirements, and should know definitely what state your system should be in to solve your business problems. Please note that to understand the given code examples in this article, the reader should have a fair knowledge of UNIX commands and script writing.

Figure 2: Screen shot for Bootstrap execution
Figure 2: Screen shot for Bootstrap execution

Bootstrap the Chef-client node

First, we need to set up Chef in the target node by using the Bootstrap command as shown in Figure 2. Knife is the command to execute the Bootstrap command in the client system with user as the root, the password root123 and name of the node set as ‘demonode’. If the Bootstrap command is executed successfully, you will see the output shown in Figure
2. From the figure, we can see that the run list is empty and no resources have been updated in the client system.
Now let’s assume a systems administrator wants to perform the following tasks: configure n nodes to create a file, write some content into a file, create a directory to a given path, create a symbolic link for a file to find the total number of directories to a given path and store the value into a file, execute a given shell script or group of commands, copy a file content into some file, take backups of certain files, stop or start some service, set up a static IP address for a network device, create a new user and create a cron job to automate certain tasks into the nodes. Let us see how to configure the above resources in the form of a recipe in the cookbook_101.

Figure 3.1: Code for file creation
Figure 3.1: Code for file creation
Figure 3.2: Code for directory creation
Figure 3.2: Code for directory creation
Figure 3.3: Code for symbolic link file creation
Figure 3.3: Code for symbolic link file creation
Figure 3.4: Code for command execution
Figure 3.4: Code for command execution
Figure 3.5: Code for shell script execution
Figure 3.5: Code for shell script execution
Figure 3.6: Code for copying a file
Figure 3.6: Code for copying a file
Figure 3.7: Code for taking a backup
Figure 3.7: Code for taking a backup
Figure 3.8: Code for stopping a service
Figure 3.8: Code for stopping a service
Figure 3.9: Code for setting up a static IP address
Figure 3.9: Code for setting up a static IP address
Figure 3.10: Code for user creation
Figure 3.10: Code for user creation
Figure 3.11: Code for cron job creation
Figure 3.11: Code for cron job creation

Cookbook_101: Example code

In Figure 3.1, a file is a resource, which will create a ‘regular_file’ in /home/raju directory, the owner of which is Raju, and write some content into the file. The code given in this figure is part of cookbook_101 to help create a file with certain properties. The block of code between do and end typically executes as a single command.
The example code given in Figure 3.2 depicts how to create a directory, ‘dir_file’, with the directory resource, which has the properties of the owner, group and mode of the directory. The action is to create a directory if it has not already been created. The action may be deleted or ‘nothing’. The ‘nothing’ attribute in an ‘action’ specifies ‘don’t do anything unless some other resources invoke some action.’ If action is not included in the block of code, then Chef will execute the default action based on the resource type, which may create a file or directory, install a package or start the service.
The example code block given in Figure 3.3 will create a symbolic link file. Link is the resource type; by default, it will create a symbolic link. If you want to create a hard link file, you need to explicitly specify link_type as hard. The source file is list.txt and we want to create a symlink file as symlnk_ list.txt. If the link_type is symbolic, then including link_type is optional. Typically, if properties like user, mode, action, etc, are not mentioned in the resource block, they will be assigned their default value.

If you want to execute a command to find the total number of directories in a given path, the code example in Figure 3.4 can be used. ‘Execute’ is the resource type, and the command line specifies the command, which is to be executed. The command ls –Rl lists all the files, including sub-directories in the lab_demo. grep ^d filters only directories and wc –l will give the total number of directories, while the output will be stored in the totdir file.
In a given scenario, we may need to execute certain existing shell scripts in all the nodes. The code example given in Figure 3.5 will help us to do it. Script is the resource type, execute_given_script is the resource name, and we need to specify which shell interpreter should be used to execute the script since the syntax of a shell script is different in between shells. The available shells in a system are listed in the /etc/shells file. Apart from shell script, you can also execute Perl, Python or Ruby scripts. In our example, we use the Bash shell as the interpreter, the user is the root, current working directory (cwd) is /home/raju and the code <<-EOH is the starting block of a source code file, which ends with EOH. We can specify the scripts to be executed inside the block of source code.
The code example given in Figure 3.6 explains how to copy the content of a file test.txt into a new file testcp.txt. The resource type is file, and will read the contents from test.txt. The action is to create the testcp file. Taking backups of important files is an important task for a systems administrator. The code given in Figure 3.7 shows how to do it through a cookbook. Bash is the resource to do certain tasks like installing packages or executing blocks of commands. Here, take_backup is the name of the resource block. We group all the files into temp.tar using the tar command in the /home/raju directory, and then compress it with the gzip command. The created backup file temp.tar.gz is moved into /backup.
To set up a Web server or ftp server, we first need to install the necessary packages and start the service. The code in Figure 3.8 shows how to stop the iprdump service. We can set the static IP address of a network device eth0 in a different way. The code given in Figure 3.9 explains how to set up the IP address with ifconfig resource on eth0 in a cookbook.

One of the main tasks for a sys admin is user management — creating users, updating users, deleting user accounts and settings, locking or unlocking user passwords, etc. The code block in Figure 3.10 explains how the user resource type is used to create a user name newuser and the user’s home directory /home/newuser; /bin/bash is the login shell. If you want to automate particular tasks, you can use the cron job to do this periodically within a desired time frame.
Once we add run lists to nodes from Chef-server, we have to execute Chef-client commands to all the nodes to execute the run lists. If you have a large number of nodes, then frequently updating the cookbook will make it a tedious task to execute Chef-client in all the nodes after every cookbook update.
To automate this, write a cron job as shown in Figure 3.11. Cron is the resource type, and Chef-client is the name of the resource block. In general, using cron, we schedule routine background tasks at a given time interval on an ongoing basis. The time interval is specified in minutes, hours, day of the week and the month in which the command is to be executed. Here we expect, on an average, to upload the cookbook into nodes every 30 minutes; so we set ‘minute’ to 30 and execute the command as the root user.
The output of the Chef-client command execution is stored in the Chef_client_log file. Every execution of Chef-client will append the log file with its output due to >> being used in the command.
Create a cookbook file as cookbook_101 using the $knife cookbook create cookbook_101 command, go to /Chef-repo/cookbooks/cookbook_101/recipe/ directory, copy the given code examples (Figures 3.1 to 3.11) into the default.rb file and then save it.
To add the run list, specified in cookbook_101, execute the following command in the server: #knife node run_list add demonode “recipe[cookbook_101]”. Once the run list specified in the cookbook_101 is added into the demonode successfully, we need to execute the Chef-client command in the Chef-client system to execute this list. The Chef-client downloads the required system configuration in the form of a run list from the Chef-server and configures the node as mandated in cookbook_101.

Figure 4: Chef-client execution output
Figure 4: Chef-client execution output

The screenshot of the Chef-client command execution output is shown in Figure 4. From the figure, we can interpret that 11 resources are specified as recipes in the cookbook_101. All these resources are configured in the demonode and set the desired state. In the next article, we will dive deeper inside the cookbook and write advanced level recipes. For example, Linux flavours maintain different package names and services to set up a server. It is not advisable to write a specific cookbook for every Linux flavour (RHEL, CentOS, Fedora, Ubuntu etc,); instead we can write a cookbook in such a way that it will work for any Linux distribution.


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)