Claus Beerta

Use Chef with Kickstart / Cobbler

If a full stack deployment of Chef to manage your Infrastructure seems a little nerve wracking to start with, there are ways to incorporate it with your current work flow in a less invasive manner.

I wanted a Kickstart environment that was capable of deploying a number of different distribution. To get the system off the ground, i decided to go with cobbler as the alternative solutions didn’t seem mature enough, or to distribution specific at the time.

The problem then is, how to configure the different distribution so the resulting installations have a common setup and feel. Cobbler has some mechanisms to do so, but i decided to go for Chef of course.

Getting Chef-Solo onto a fresh install #

I’ve tried various ways to get Chef onto a system in the past. From distribution supplied packages, to using gem install. The issue here however is, that you end up with various versions of Chef with various distribution specific Bugs (Ubuntu’s random ruby segfaulting for example)

Recently Opscode started to create a full-stack package of Chef called “Omnibus Chef”. These packages come with ruby and everything required for Chef to run.

In the Cobbler configuration, there is a snippet that Looks like:

# Install Omnibus Chef
curl -L https://www.opscode.com/chef/install.sh | bash

# Create Chef Solo Config
mkdir -p /etc/chef/
cat <<EOBM > /etc/chef/solo.rb
file_cache_path "/var/chef-solo/cache"
cookbook_path ["/var/chef-solo/cookbooks", "/var/chef-solo/site-cookbooks"]
role_path "/var/chef-solo/roles"
data_bag_path "/var/chef-solo/data_bags"
EOBM

# Clone Chef Cookbooks for chef-solo
rm -rf /var/chef-solo
/usr/bin/git clone http://<git-server>/git/chef.git /var/chef-solo

# chef solo needs fqdn to be set properly
# something that can't be guaranteed during install
/bin/hostname localhost

# Run Chef solo
/opt/chef/bin/chef-solo \
    -o 'recipe[acme::cobbler-install]'
    -c /etc/chef/solo.rb \
    -L /var/log/chef-client.log

This way you hand over control of the Systems Configuration to Chef the soonest possible, and don’t have to Shell Script or Cobbler Template for the different Distributions.

Testing the whole thing #

To test the entire stack from Cobbler to Chef I’ve build a script that uses Cobblers XMLRPC Interface to switch distributions after the Chef Minitests have successfully finished. A little `rc.local' script tests the Cookbooks, and on success switches the distribution, scrubs the disk and reboots. On failure, the system just stops waiting for somebody to fix the Cookbooks and tests.