We recommend starting with a clean installation of Chef Automate, Chef Infra Server, and Chef Desktop. Combining existing Chef Automate nodes with new Chef Desktop leads to significant confusion, because the servers do not distinguish between the types of nodes that they mange.
For the purposes of this demonstration, we recommend installing Chef Automate and Chef Infra Server together on the same host. Talk to your account representative to decide if you should follow a different deployment pattern in production.
Note
In your clean Linux environment, update and install the system packages:
apt-get -qq update
apt-get install -y --no-install-recommends
apt-get clean
The Chef Automate installation requires the following settings:
sysctl -w vm.max_map_count=262144
sysctl -w vm.dirty_expire_centisecs=20000
Download the Chef Automate CLI:
curl https://packages.chef.io/files/current/latest/chef-automate-cli/chef-automate_linux_amd64.zip | gunzip - > chef-automate
chmod +x chef-automate
Deploy the packages with the following command:
sudo chef-automate deploy --product automate --product infra-server --product desktop --accept-terms-and-mlsa
You will need the host names and user information later in this guide. They are located them in the automate-credentials.toml.
You need run these commands as an administrator or use sudo before each command.
Note: You will need information from both of these commands. Copy them from your command line to a file. Store the file securely.
chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename USER_NAME.pem
Create an organization:
chef-server-ctl org-create SHORT_NAME 'FULL_ORGANIZATION_NAME' --association_user USER_NAME --filename ORGANIZATION-validator.pem
Transfer the generated user and validator keys to your workstation and put them in the .chef directory. If you already logged out of the server, you can read the next section on key management to find instructions on how to transfer them to your local workstation.
“Key management” is a software term that means “Safely and securely getting the right credentials from remote and local computers into the right directories–usually, but not always, on your local computer–in order to use software to run commands between computers”.
We recommend using a secure copy protocol (SCP) to move the public key and configuration file from the Chef Infra Server to the .chef directory on your workstation.
macOS workstations should have the scp command,
Windows workstations will need to install WinSCP or another similar tool.
ORGANIZATION-validator.pem
config.toml
This step is the reason that you copied output of the above commands to files. To manage your keys and credentials, you need to know:
macOS systems come with scp installed. Download the key and configuration files:
scp [email protected]:/remote/ORGANIZATION-validator.pem ~/.chef
scp [email protected]:/remote/config.toml ~/.chef
scp asks for passwords or passphrases if needed for authentication.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/desktop/automate_server/