Provision a AWS ec2 vm using chef
Step 1: Install chefdk
Step 2: Setup AWS Credentails
Step X: Setup your knife config
Step X: Make sure following is set and exported in env.
AWS_ACCESS_KEY_ID=secrets AWS_SECRET_ACCESS_KEY=secrets AWS_DEFAULT_REGION=us-east-1 AWS_SSH_KEY=your_ssh_key_name AWS_ACCESS_KEY=secrets AWS_SECRET_KEY=secrets
Step 3: Genrate a new repository using the chef generate command
> chef generate repo chefdk-provision-demo
> cd chefdk-provision-demo
Step 4: Generate a provision cookbook. This is the required name, and it must be in the current directory.
> chef generate cookbook provision
Step 5: Edit the default recipe, $EDITOR provision/recipes/default.rb with following code…
context = ChefDK::ProvisioningData.context with_driver 'aws::us-west-2' options = { ssh_username: 'admin', use_private_ip_for_ssh: false, bootstrap_options: { key_name: 'jtimberman', image_id: 'ami-0d5b6c3d', instance_type: 'm3.medium', }, convergence_options: context.convergence_options, } machine context.node_name do machine_options options action context.action converge true end
Understand the code:
> To break this down, first we get the ChefDK provisioning context that will pass in options to chef-provisioning.
> Then we tell chef-provisioning to use the AWS driver, and in the us-west-2 region.
> The options hash is used to setup the instance.
> We’re using Debian 8, which uses the admin user to log in, an SSH key that exists in the AWS region, the actual AMI, and finally the instance type.
> Then, we’re going to set the convergence options automatically from ChefDK. This is the important part that will ensure the node has the right run list.
Step 6: Generate a Policyfile.rb and And edit its content, $EDITOR Policyfile.rb.
> chef generate policyfile
> vi policyfile.rb
name "chefdk-provision-demo" default_source :community run_list "recipe[libuuid-user]" cookbook "libuuid-user"
Here we’re simply getting the libuuid-user cookbook from Supermarket and applying the default recipe to the nodes that have this policy.
Step 7: The next step is to install the Policyfile. This generates the Policyfile.lock.json, and downloads the cookbooks to the cache, ~/.chefdk/cache/cookbooks. If this isn’t run, chef will complain, with a reminder to run it.
> chef install
Step 8: Finally, we can provision a testing system with this policy:
> chef provision testing –sync -n debian-libuuid
Reference:
http://jtimberman.housepub.org/blog/2015/05/15/quick-tip-chefdk-provision/