CHEF - HIGH AVAILABILITY

Chef-Automate High Availability and Architecture⭕

The chef-automate high availability ensures that there is no failure. It deals with zones of failure that might arise in the system. It increases the reliability of the system.

The architecture includes things like Postgres, Chef Server, and Open Search.

📌The architecture consists of two main parts

1️⃣Backend Cluster

These are persistent services. These include Postgres and OpenSearch.

📍Postgres

Postgres is a database management system. It is very stable. It supports both SQL and JSON. Postgres follows the leader-follower approach wherein out of the three nodes required for data management, one is the leader, and the other two are followers.

📍OpenSearch

OpenSearch allows the user to access huge amounts of data with an integrated visualization tool. This makes searching the data easier for the users.

2️⃣Frontend Cluster

This cluster includes the application services. This basically has Chef Automate and Chef Server.

Install Chef Automate with Chef Habitat Builder On-prem💻

Now we will install the chef habitat builder on-prem. Follow this part clearly, and you will be ready to start with chef-high availability!

Why do we need to use On-premises Chef Habitat Builder❓

 The answer is simple. This is done so that the chef habitat packages are used by the customers and supervisors.

System Requirements💻

Hardware Requirements📌

Let us have a look at the hardware requirements to install chef automate with chef habitat builder on-prem(these are the minimum requirements on a single host)

1️⃣16 GB RAM

2️⃣130 GB free disk space

3️⃣4vCPUs

4️⃣LAN Connectivity

⭕For high-scale productions the system hardware requirements are as follows

1️⃣64 GB RAM

2️⃣200 GB Diskspace

3️⃣16 vCPUs

Software Requirements💻

The software side requirements are as follows

1️⃣A Linux kernel

2️⃣Curl or wget

3️⃣Init system as the systemd

4️⃣useradd

Steps for Installation and Setup!

🎯Download the Chef Automate installer

curl https://packages.chef.io/files/current/latest/chef-automate-cli/chef-automate_linux_amd64.zip | gunzip - > chef-automate && chmod +x chef-automate

📌Deploy Chef Automate and Chef Habitat Builder on-prem

Usually, there is a requirement for a license for the deployment of chef habitat builder with chef automate. Users who have this license can directly follow the next steps. For the rest of the users, you can start with the 30-day free license trial available!

Deploy Chef automate and Chef habitat builder

Copy the command

 ./chef-automate deploy --product builder --product automate

In this, you need to mention the builder and automate products(you have to accept the license with y)

📌Deploy Chef Habitat Builder with Chef Automate Auth

What this basically means is that the user wants to deploy the chef habitat builder on a host other than the chef automate. For this automate product needs not be specified. Only the builder product is to be specified in the given command in the command -line.

 ./chef-automate deploy --product builder

⭕Sign in to the Chef Habitat Builder and Chef Automate

1️⃣For signing in first, you must know your login credentials. You can view your login credentials from the following command.

cat automate-credentials.toml

The output that you will get should be of the form

url = "https://automate.example.com"
username = "admin"
password = "abcdefgh1234567890PASSWORDSTRING"

2️⃣Go to the URL and sign in to Chef Automate using the credentials.

3️⃣Go to the navigation menu and select Applications. Select Chef Habitat Builder and finally select sign in with Chef Automate.

Installing Chef Infra Server with Automate💻

For the Chef Infra Server with Automate, there are 3 supported configurations.

📌Stand Alone(single machine supported)

📌Chef-High Availability(allows failovers on the backend without the system crashing)

📌Tiered(Single backend and load balancing on frontend)

System Requirements❓

The system requirements for Chef Infra Server with automate are

📌The compatible system architecture of x86_64.

📌A resolvable hostname using IP Address.

📌A Network Time Protocol connection.

📌A local mail transfer agent.

Installing Chef Infra Server✅

This blog will look at the installation and setup of one of the three types, Chef-High Availability.

Chef-High Availability of Chef Infra Server ensures automated load balancing in the system.

To make it more understandable, the servers are split into two segments, the frontend group and the backend group.

Frontend Group-This part of Chef-High Availability handles the requests to the Chef-Infra server API. There should be more nodes ideally to handle more requests.

Backend Group-It has 3 nodes. It helps provide data persistence to the frontend.

Nodes✔

Three cluster nodes are required for Chef-High Availability backend installation.

System Requirements for Chef-High Availability💻

Before the installation and setup, we must ensure our devices are equipped with the below-mentioned requirements.

📌A point to be noted is that frontend groups are more CPU bound and backend groups are more disk bound.

These requirements are for the 64-bit architecture.

Requirements for the Frontend

1️⃣20 GB Free Disk Space

2️⃣4 GB RAM

3️⃣4 cores

Requirements for backend

1️⃣50 GB Server

2️⃣2 Cores

3️⃣8 GB RAM

Let us now start with the Installation and setup!✅. We need to look at some important points before the installation.📌

📌The frontend group should have root access to all the nodes in Chef-High Availability.

📌Three backend nodes are necessary.

📌A drift of at least 1.5s should be there between the nodes in Chef-High Availability.

Steps to Installation📍

1️⃣Cluster should be created

The first backend node should be the Chef Backend page.

Download it from https://www.chef.io/downloads/tools/backend

You will see a command as

 /etc/chef-backend/chef-backend.rb,

change it to

publish_address 'external_IP_address_of_this_box' # External ip address of this backend box

Bring backend and frontend groups to the same server using

publish_address 'external_IP_address_of_this_box' # External ip address of this backend box
postgresql.md5_auth_cidr_addresses = ["samehost", "samenet", "<NET-1_IN_CIDR>", ..., "<NET-N_IN_CIDR>"]

Finally, run chef-backend-ctl create-cluster.

2️⃣The credentials must be shared with other nodes as well

Use

scp /etc/chef-backend/chef-backend-secrets.json <USER>@<IP_BE2>:/home/<USER>
scp /etc/chef-backend/chef-backend-secrets.json <USER>@<IP_BE3>:/home/<USER>

3️⃣Install and Configure the rest of the Backend Nodes.

Download the Chef Backend page first.

If the backend and frontend nodes are in the same network then don't modify the current node’s

 /etc/chef-backend/chef-backend.rb

For root:

chef-backend-ctl join-cluster <IP_BE1> -s /home/<USER>/chef-backend-secrets.json

Check chef-backend-ctl join-cluster --help 

for more information on answering the prompts regarding IP Addresses.

Delete the chef-backend-secrets.json file if you initially added it to the home directory.

From any node in the high availability cluster, you can also run the following command

 chef-backend-ctl status

4️⃣Now we have to generate the Chef-Infra Server Configuration

Use 

chef-backend-ctl gen-server-config <FE1-FQDN> -f chef-server.rb.FE1
scp chef-server.rb.FE1 USER@<IP_FE1>:/home/<USER>

5️⃣Installing the first frontend 

📌Install the package chef-server-core from the command line.

📌Run the command /etc/opscode and copy 

`cp /home/<USER>/chef-server.rb.<FE1> /etc/opscode/chef-server.rb` to it.

📌Run

 chef-server-ctl reconfigure 

as the root.

You can also add more frontend nodes. Refer to the documentation of Chef for information regarding this https://docs.chef.io/server/install_server_ha/#

6️⃣Configuring the Server

📌Create an administrator using 

sudo chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename FILE_NAME

📌Create an organisation using 

sudo chef-server-ctl org-create short_name 'full_organization_name' --association_user user_name --filename ORGANIZATION-validator.pem

If you have reached here, you are all set with the Chef-High Availability Infra server.

Chef-Deployment Methods📃

There are two types of deployments that are satisfied by Chef, these are

⭕AWS(Amazon Web Services) Deployment

⭕On-prem deployment.

🎯AWS Deployment

1️⃣Infrastructure provisioning.

2️⃣Deploying services on this provisional infrastructure.

🎯On-prem Deployment

Firstly, virtual machines should have operating systems setup done.

Security policies should be up to date.

After this, the services will be deployed to these virtual machines based on configuration.

Frequently Asked Questions

What is Chef Automate?

It basically is a single dashboard to increase software delivery speed and minimization of the risks included.

What is a node in Chef?

A node is nothing but any machine that the Chef server is currently managing. It can be attached to any network that can send, and receive information.

What is an attribute in Chef?

An attribute is basic information about any particular node. It basically depicts the state of the node.

What is meant by bootstrap in Chef?

It basically means setting up the chef-client on a node

On what language is chef based?

Chef is based on Ruby Language.

Conclusion

In this blog, we learned about Chef in detail. We looked at the concepts involved in understanding the chef. This blog also discussed the installation and configuration of Chef High Availability and deployment methods.

 You can refer to other similar articles as well

• DevOps Interview Questions - Coding Ninjas Coding Ninjas Studio
• Amazon DevOps Guru - Coding Ninjas Coding Ninjas Studio
• Ansible vs Chef
• Ansible vs Puppet
• What is DevOps

 

Refer to our guided paths on Coding Ninjas Studio to learn more about DSA, Competitive Programming, JavaScript, System Design, etc. Enroll in our courses and refer to the mock test and problems available.

Happy Learning Ninja! 🥷