Introduction 📝
In this blog, we will discuss chef infra's features. Chef is a corporation that specializes in automation. Since its launch in 2008, they have brought developers and system administrators together with our eponymous product, Chef Infra. Many features make the chef infra uniques. Let's discuss them one by one.
Chef-solo 🎫
Chef-solo is a feature of Chef Infra which is a command that runs the Chef Infra Client without requiring the Chef Infra Server to converge cookbooks. Chef-solo leverages Chef Infra Client's Chef localmode and does not support the following Chef Infra Client/server functionality:
-
Centralized distribution of cookbooks.
-
A centralized API for communicating with and integrating infrastructure components.
-
Authorization or authentication
Chef-solo can be run as a daemon. The chef-solo program is executed from the command line.
🔖Cookbooks
Chef-solo offers two places from which cookbooks can be distributed:
A directory on your computer.
A URL is pointing to a tar.gz archive.
The more popular option is to use a tar.gz archive, but cookbooks must be added to an archive.
🔖Nodes
Chef-solo stores node objects on a local disc as JSON files, whereas Chef Infra Client keeps node objects on the Chef Infra Server. Chef-solo keeps these files in a node folder in the same directory as your cookbooks directory by default. The value of the node path in your configuration file can be used to control the placement of this directory.
🔖Attributes
The Chef Infra Server is not contacted by chef-solo. As a result, node-specific information must be stored in a JSON file on the target system, a remote site (such as Amazon Simple Storage Service (S3)), or a local network web server.
You can visit the official docs of Chef-solo for more information.
Chef-solo (executable) 🎛️
The chef-solo program is executed from the command line. It has the following options.
🔖Options
The chef-solo command line follows the following syntax:
chef-solo OPTION VALUE OPTION VALUE ...
This command has the following options:
-c CONFIG, --config CONFIG
The configuration file to use.
-d, --daemonize
This option cannot be used with the —[no-]fork option. This option is only available on computers that run UNIX or Linux.
-E ENVIRONMENT_NAME, --environment ENVIRONMENT_NAME
The name of the environment.
-f, --[no-]fork
This option helps to ensure that a Chef Infra Client uses a consistent amount of RAM over a period of time because the master process does not execute recipes. It also helps to prevent memory leaks, which can be caused by code in a poorly designed cookbook.
-F FORMAT, --format FORMAT
The output format: doc (default) or min.
- Doc may be used to print the status of a Chef Infra Client run using complete strings that display a summary of changes as they happen.
- Min is used to printing the progress of a Chef Infra Client run in single characters.
You can visit the official docs of Chef-solo (executable) for more information.
🔖Run as Non-root User
Non-root users can use chef-solo. You can, for example, update the sudoers file:
# chef-solo privilege specification
chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo
Where the name of the non-root user is Chef, Chef-solo would be able to run any command on the node without requiring a password.
Solo.rb 🌐
Solo.rb is a Chef-solo configuration file. In which configuration setting of Chef solo is defined.
-
This file is loaded each time this program is executed.
-
Chef-solo expects to find this file in /etc/chef/solo.rb by default; use the —config option from the command line to modify this location.
-
This file is not automatically created.
- When a solo.rb file is present in this directory, and the settings in that file take precedence over the default configuration settings.
🔖Settings
This configuration file has the following settings:
add_formatter
An unofficial formatter. (An example of a third-party formatter is nyan-cat.) Each formatter must have its own entry.
checksum_path
The location where checksum files are kept. Individual cookbook files, such as recipes, are validated using them. The checksum is saved in the Chef Infra Server database and then compared to a file in the checksum path with the same filename as the checksum.
cookbook_path
The Chef Infra Client cookbook subdirectory. This value can be a text or an array of file system locations that will be processed in the order indicated. The final cookbook is thought to overrule local adjustments.
data_bag_path
The point at which a data bag is loaded. /var/chef/data bags is the default setting.
environment
The environment's name.
environment_path
The path to the environment. /var/chef/environments is the default setting.
file_backup_path
The location where backup files are kept. If this value is not specified, backup files are placed in the target file's directory. /var/chef/backup is the default setting.
file_cache_path
When recipes (and other temporary data) files are synced, they are saved at this place. This value can also be utilized in recipes that use the remote file resource to download files.
json_attribs
The location of a file containing JSON data.
sandbox_path
The location where cookbook files are temporarily kept during upload.
solo
Chef Infra Client should be run in chef-solo mode. This parameter controls whether the Chef Infra Client attempts to communicate with the Chef Infra Server. The default value is false.
syntax_check_cache_path
A cookbook's files must all have valid Ruby syntax. This parameter specifies where the knife stores information about files that have been verified for proper Ruby syntax.
umask
The file mode creation mask, also known as umask. 0022 is the default value.
verbose_logging
Configure the log level. True, nil and false are the available values. Notifications regarding specific resources being processed are suppressed when this is set to false (and are output at the: info logging level).
You can visit the official docs of Solo.rb for more information.
About the Compliance Phase 🖥️
The Compliance Phase is a feature of Chef Infra Client allows you to automatically perform compliance audits and view the findings as part of each Chef Infra Client run. The Compliance Phase of the Chef Infra Client run replaces the traditional audit cookbook and works with the properties of your current audit cookbooks; it can also be configured for new cookbooks. This extra step provides you with the most up-to-date compliance capabilities without requiring you to handle cookbook dependencies or juggle versions during Chef Infra Client updates.
Users can migrate the existing audit cookbook to the new Compliance Phase by uninstalling the audit cookbook and changing the node['audit']['compliance phase'] property to true.
By including Chef InSpec compliance checks into the Chef Infra Client run, the Compliance Phase replaces the audit cookbook. The Compliance Phase is intended to execute on any node in your system that has been configured for a chef-client run.
Chef Infra Client 17.8 is now available.
When the Compliance Phase is enabled, it always outputs its results in the CLI on manual runs. Reporters handle the output of automated runs.
You can visit the official docs of the Compliance Phase for more information.
About Ohai ⚙️
Ohai is a program that collects system configuration data and feeds it to Chef Infra Client for usage in cookbooks. Ohai is executed at the start of every Chef Infra run to determine the system state. Ohai accumulates attributes known as automated attributes. These properties are used by Chef Infra Client to verify that nodes are in the desired state after each configuration run.
Ohai includes both mandatory and optional plugins for detecting common configuration data. Ohai features a plugin concept and language that may be used to create custom plugins that capture additional system state information.
Ohai collects statistics for a variety of platforms, including AIX, macOS, Linux, FreeBSD, Solaris, and Windows.
For the most up-to-date information about Ohai, see the Chef Infra Client release notes.
🔖Get a list of automatic attributes for a node.
Ohai gathers a list of automated attributes At the outset of each Chef Infra Client run. This list will change from organization to organization, depending on the server type and the platform that operates those servers. Chef Infra Client cannot modify any of the attributes collected by Ohai. We have to run the ohai command on a system to see which automatic attributes Ohai has acquired for a specific node.
Each attribute type—automatic, default, normal, and override—can define blocklists in the client.rb file by utilizing the following settings:
Setting |
Description |
| blocked_automatic_attributes | A hash that blocklists automatic properties, preventing them from being saved. For instance, ['network/interfaces/eth0'] The default value is nil, which means that all attributes are saved. All characteristics are saved if the array is empty. |
| blocked_default_attributes | A hash that blocklists default properties, preventing them from being saved. ['filesystem/dev/disk0s2/size,' for example] . The default value is nil. All characteristics are saved if the array is empty.. |
| blocked_normal_attributes | A hash that blocklists normal attributes, preventing blocklisted attributes from being saved. For example: ['filesystem/dev/disk0s2/size']. Default value: nil. If the array is empty, all attributes are saved. |
| blocked_override_attributes | A hash in which blocklists override characteristics, preventing them from being preserved. For instance, ['map - autohome/size']. The default value is nil, which indicates that all attributes are saved. All characteristics are saved if the array is empty. |
🔖Default Plugins
The list below illustrates the many types of plugins that are provided with Ohai. The full list can be found in the ohai/lib/ohai/plugins directory of the Ohai version installed on your system:
About Handlers 🎯
Handlers are used to identify conditions that may occur during a Chef Infra Client run and then instruct Chef Infra Client on how to handle these events when they emerge.
There are three types of handlers:
Handler |
Description |
| exception | An exception handler is used to identify events that have resulted in the failure of a Chef Infra Client run. By adding a recipe containing the chef handler resource to a node's run-list, an exception handler can be loaded at the start of a Chef Infra Client run. |
| report | A report handler is used to report back on specific facts about that Chef Infra Client run. By adding a recipe containing the chef handler resource to a node's run-list, a report handler may be loaded at the start of a Chef Infra Client run. |
| start | A start handler runs events at the start of a Chef Infra Client run. This start handler can be loaded at the start of a Chef Infra Client run by adding it to the client.rb file's start handlers setting or by installing the gem that includes chef-client cookbook. (The chef handler resource cannot be used to load a start handler.) |
About Search 📇
Any type of file or data that is indexed by the Chef Infra Server can be searched for using search indexes, including data bags (and data bag items), environments, nodes, and roles. To accommodate search patterns like exact, wildcard, range, and fuzzy, a specified query syntax is employed. A search in chef infra is a full-text query that can be performed in a number of places, such as inside a recipe, using the knife search subcommand, using the search method in the Chef Infra Language, using the search box in the Chef management console. The search engine in chef infra is based on Elasticsearch and is run via the Chef Infra Server.
🔖Search Indexes
Search Index Name |
Description |
| client | API client |
| DATA_BAG_NAME | A data bag is a global variable that is stored as JSON data and is accessible from a Chef Infra Server. |
| environment | An environment is a way to link an organization's real-world operations to what Chef Infra Server can configure and administer. |
| node | Any server or virtual server that is set up to be maintained by a Chef Infra Client is referred to as a node. |
| role | A role is a means to categorize specific behaviors and procedures that occur across organizational nodes as being part of a single job function. |
Chef infra has many other fields in search as we can search by platform ID and instance type.
Recipe. And search by cookbook and search by node, search by node and environment, and search for nested attributes.
You can visit the official docs of the Chef Infra Search for more information.
34+ registered 
