[Part 2] Cooking with Chef and Digital Ocean – Bootstrapping your VM

Thanks for coming back for part 2 of my Chef Guide with Digital Ocean. In this part I will take you through setting up Chef with the Digital Ocean Gem and Bootstrapping your First VM. As a little bonus I will show you how to create a very simple cookbook to manage SSH Keys on your bootstrapped VM. If you have not already Done so remember to check out Part 1

The Digital Ocean Plugin

Setting Up the Plugin!

So now we have our chef server we should maybe put it to the test and bootstrap a new VM. To do this you will need to get the Digital Ocean plugin for knife.

[you@desktop ~] # chef exec gem install kife-digital_ocean

This will install the Digital Ocean Gem. Once you have done that you will need to generate an API Access Token from your Digital Ocean API section. Just click Generate Token and Copy it to your clipboard. Navigate to your chef-repo/.chef folder and edit the knife.rb file we created in part 1. You will need to add your API Token to this file.

knife[:digital_ocean_access_token] = 'Digital_Ocean_Access_Token_Hash'

Make sure you replace the red text with your access token. Note all commands regarding Knife must be run from your chef-repo! Once you have completed this step you can test it my listing your Digital Ocean Droplets [Virtual Machine].

[affix@desktop chef-repo] # knife digital_ocean droplet lists
ID       Name                     Size  Region       IPv4           Image    Status
1111111  avm.affix.me             2gb   Amsterdam 3      6.5 x64  active

If you followed along from part 1 you should have at least 1 Droplet since this is your chef server!

Your First Cookbook!

So if we are going to bootstrap our VM we should have something to bootstrap it with. This will be added to our run list. we can use knife to create our new cookbook. We do this by using cookbook create with knife.

[affix@desktop chef-repo] # knife cookbook create tutorial-ssh
** Creating cookbook tutorial-ssh in /Users/affix/chef-repo/cookbooks
** Creating README for cookbook: tutorial-ssh
** Creating CHANGELOG for cookbook: tutorial-ssh
** Creating metadata for cookbook: tutorial-ssh
[affix@desktop chef-repo] # cd cookbooks/tutorial-ssh

This has created some directories we do not need, so we can go ahead and delete those.

[affix@desktop tutorial-ssh] # rm -rfdefinitions libraries providers resources templates attributes

awesome now we can create our authorized_keys file. We create this in the files folder and it should be just as it appears on the server. If you don’t know how this should look please look it up as this is beyond the scope of this guide. I also recommend you add a comment explaining the file is chef managed so you can see changes. So on to the recipe. Inside the recipes folder we have a file called default.rb this is  where a little bit of Ruby or Scripting knowledge comes in handy. This is a really simple recipe.

# Cookbook Name:: tutorial-ssh
# Recipe:: default
# Copyright 2015, Affix
# All rights reserved - Do Not Redistribute

directory "/root/.ssh" do  # This defines a Directory for Chef
  mode "0700"              # the .ssh Directory must be 0700 to prevent unauthorized access
  action :create           # this line is totally optional, If you don't specify chefs default action is create

cookbook_file "/root/.ssh/authorized_keys" do  # Defines a file
  source "authorized_keys"                     # source is from the files directory and is called authorized_keys
  mode "0755"                                  # File mode 0755

So now we need to edit the metadata file. This just tells us a little information about the cookbook.

name             'tutorial-ssh'
maintainer       'Affix'
maintainer_email 'affix@affix.me'
license          'All rights reserved'
description      'Installs/Configures tutorial-ssh'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version          '0.1.0'

Now we just need to upload the cookbook to chef. We can do this 2 ways. By uploading all

[affix@desktop chef-repo] # knife cookbook upload -a

uploading all every time can get a little slow so we can upload a single recipe too.

[affix@desktop chef-repo] # knife cookbook upload tutorial-ssh
Uploading tutorial-ssh   [0.1.0]
Uploaded 1 cookbook.

Awesome we can now bootstrap our new VM!

Creating and Bootstrapping a new Droplet

before going any further make sure to add an SSH public key to chef as this is required for the rest of this tutorial. Verify your SSH Key is there by running

[affix@desktop chef-repo] # knife digital_ocean sshkey list
ID      Name      Fingerprint                                    
123456  Tutorial  df:17:19:f4:8d:b0:db:3d:e1:65:03:7d:f6:80:c5:59

If your SSH Key is there you can now proceed! So we need to find out a little about digital ocean before we can create our droplet. We should have our ssh key ID but we also need a Location ID, Image ID and Size ID. We can get this all from the Digital Ocean Knife Command. I will only be showing the lines of output I will be using.

[affix@desktop chef-repo] # knife digital_ocean region list
Region    Slug
London 1  lon1
[affix@desktop chef-repo] # knife digital_ocean size list
[affix@desktop chef-repo] # knife digital_ocean image list -P
10322623  CentOS        7 x64                                     centos-7-0-x64 

Thats everything we need. I have highlighted the exact values we need in bold. So lets create and bootstrap our droplet!

[affix@desktop chef-repo] # knife digital_ocean droplet create --server-name tutorial --image 10322623 --location lon1 --size 512mb --ssh-keys 123456 --bootstrap --run-list "recipe[tutorial-ssh]"
Droplet creation for tutorial started. Droplet-ID is 1234567
Waiting for IPv4-Addressdone
IPv4 address is:
Waiting for sshd:.done
Connecting to Installing Chef Client...
... Install Stuff ... Recipe: tutorial-ssh::default    * directory[/root/.ssh] action create (up to date)    * cookbook_file[/root/.ssh/authorized_keys] action create      - update content in file /root/.ssh/authorized_keys from d558e1 to e183d3
... Verbose Creation ... Running handlers: Running handlers complete Chef Client finished, 1/2 resources updated in 2.704613696 seconds

Congratulations! You have now learned how to build your own Chef Server, Setup Your Workstation, Setup Digital Ocean Integration, Create a Simple Cookbook and Finally Bootstrap your new node! Now we are finished you can go ahead and destroy your droplet. Unless you desire to use it and you are more than welcome to do so.

[affix@desktop chef-repo] # knife digital_ocean droplet destroy 1234567

And we are finished! To Learn More about Chef Check Out The Documentation : https://learn.chef.io Remember you can get $10 Digital Ocean Credit using my Link : https://www.digitalocean.com/?refcode=368a394500c1

Leave a Reply