Bootstrapping new Chef nodes without knife bootstrap

There may be a time when you don’t want to (or cannot) make use of knife bootstrap to set up a new Chef node or a whole fleet of hundreds of nodes. If that’s the case, and you already have a “hook” into the hosts you want to turn into Chef nodes (such as an existing CM tool), you have an option.

  1. Install the proper Chef client package for the OS
  2. mkdir /etc/chef
  3. Drop your “validator“, typically validation.pem in /etc/chef
  4. Drop a basic client.rb in /etc/chef
  5. Drop a JSON file somewhere that includes the node attributes you want to set for the new node
  6. Run chef-client -E some-environment -j /your/json/file
  7. When you’re happy, rm -f /etc/chef/validation.pem

What’s interesting here (bug?) is that, when running chef-client, specifying -E some-environment will assign some-environment to the node and persist that setting on the Chef server. Trying to use -o 'role[myrole]' to prime and persist a run list for the node will not work (hence the JSON hack).

You should end up with a new client and node defined on your Chef server and the node should have the environment and run list set the way you specified.

Example files

# /etc/chef/client.rb
log_level        :auto
log_location     STDOUT
chef_server_url  "https://your-chef-server.example.com"
validation_client_name "chef-validator"
# /tmp/boot.json
{
  "run_list": ["role[myrole]", "recipe[foo::bar]"]
}

Leave a Reply

Your email address will not be published. Required fields are marked *