Set up Automate Server
We recommend starting with a clean installation of Chef Automate, Chef Infra Server, and Chef Desktop. Combining existing Chef Automate nodes with new Chef Desktop leads to significant confusion, because the servers do not distinguish between the types of nodes that they mange.
For the purposes of this demonstration, we recommend installing Chef Automate and Chef Infra Server together on the same host. Talk to your account representative to decide if you should follow a different deployment pattern in production.
Note
Prepare the System
In your clean Linux environment, update and install the system packages:
apt-get -qq update
apt-get install -y --no-install-recommends
apt-get clean
The Chef Automate installation requires the following settings:
sysctl -w vm.max_map_count=262144
sysctl -w vm.dirty_expire_centisecs=20000
Download Automate and install with Desktop dashboard
Download the Chef Automate CLI:
curl https://packages.chef.io/files/current/latest/chef-automate-cli/chef-automate_linux_amd64.zip | gunzip - > chef-automate
chmod +x chef-automate
Deploy the packages with the following command:
sudo chef-automate deploy --product automate --product infra-server --product desktop --accept-terms-and-mlsa
You will need the host names and user information later in this guide. They are located them in the automate-credentials.toml
.
Configure the Infra server
You need run these commands as an administrator or use sudo
before each command.
Note: You will need information from both of these commands. Copy them from your command line to a file. Store the file securely.
chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename USER_NAME.pem
Create an organization:
chef-server-ctl org-create SHORT_NAME 'FULL_ORGANIZATION_NAME' --association_user USER_NAME --filename ORGANIZATION-validator.pem
Transfer the generated user and validator keys to your workstation and put them in the .chef
directory. If you already logged out of the server, you can read the next section on key management to find instructions on how to transfer them to your local workstation.
Read more about chef validator key.
Key Management
“Key management” is a software term that means “Safely and securely getting the right credentials from remote and local computers into the right directories–usually, but not always, on your local computer–in order to use software to run commands between computers”.
We recommend using a secure copy protocol (SCP) to move the public key and configuration file from the Chef Infra Server to the .chef
directory on your workstation.
macOS workstations should have the
scp
command,Windows workstations will need to install WinSCP or another similar tool.
- The public key is
ORGANIZATION-validator.pem
- The configuration file is
config.toml
- The public key is
This step is the reason that you copied output of the above commands to files. To manage your keys and credentials, you need to know:
- The host name (also called a FQDN) or ip of the Chef Infra Server
- The user name on the Chef Infra Server
- The password on the Chef Infra Server
Transfer Keys on Windows Workstations
- Install WinSCP
- Open the program using the icon on your workstation desktop.
- Select SCP as the file protocol
- Set port 22
- Fill in the host name, the user name, and the password that you created on your Chef Infra Server.
Transfer Keys on macOS Workstations
macOS systems come with scp
installed. Download the key and configuration files:
scp user_name@chef-automate.test:/remote/ORGANIZATION-validator.pem ~/.chef
scp user_name@chef-automate.test:/remote/config.toml ~/.chef
More Information on SCP
- SCP for macOS
- SCP is used to move files between your workstation to a remote computer. It uses ssh for data transfer.
scp
asks for passwords or passphrases if needed for authentication. - WinSCP for Windows
- WinSCP is an open source application for Windows used to move files between your workstation and a remote computer. WinSCP offers scripting and basic file manager functionality. The download page has many junk buttons, make sure you select Download WinSPC.
- SCP on Azure
- SCP on Azure is used to move files from your workstation up to an Azure Linux VM, or from an Azure Linux VM down to your workstation.