Home > Chef, Ubuntu > Ubuntu preseed script to install chef client agent

Ubuntu preseed script to install chef client agent

October 28th, 2015 Leave a comment Go to comments

I recently embarked on a project to build an Ubuntu PXE OS deployment server that would allow for unattended installation of both physical/virtual servers. This piece of work is part of a wider 'automation' project, for which we are using Chef as our configuration management tool. As part of the unattended installation of new servers, I wanted to automate the installation and configuration of the Chef client agent.

To do this, I put together the following post installation script, that I place at the bottom of the preseed file on my PXE OS deployment server:

# post install script
d-i preseed/late_command string \
mkdir /target/etc/chef; \
echo "-----BEGIN RSA PRIVATE KEY-----" > /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" >> /target/etc/chef/orgname-validator.pem; \
echo "-----END RSA PRIVATE KEY-----" >> /target/etc/chef/orgname-validator.pem; \
echo "log_level        :info" > /target/etc/chef/client.rb; \
echo "log_location     STDOUT" >> /target/etc/chef/client.rb; \
echo "chef_server_url  'https://api.opscode.com/organizations/orgname'" >> /target/etc/chef/client.rb; \
echo "validation_key         '/etc/chef/orgname-validator.pem'" >> /target/etc/chef/client.rb; \
echo "validation_client_name 'orgname-validator'" >> /target/etc/chef/client.rb; \
echo "wget https://www.chef.io/chef/install.sh -O /etc/chef/install.sh" > /target/etc/chef/chefsetup.sh; \
echo "chmod +x /etc/chef/install.sh" >> /target/etc/chef/chefsetup.sh; \
echo "sudo /etc/chef/install.sh" >> /target/etc/chef/chefsetup.sh; \
echo "sudo /usr/bin/chef-client --runlist 'role[linux-std]'" >> /target/etc/chef/chefsetup.sh; \
echo "rm /etc/cron.d/chef" >> /target/etc/chef/chefsetup.sh; \
echo "rm /etc/chef/orgname-validator.pem" >> /target/etc/chef/chefsetup.sh; \
echo "rm /etc/chef/install.sh" >> /target/etc/chef/chefsetup.sh; \
echo "rm /etc/chef/chefsetup.sh" >> /target/etc/chef/chefsetup.sh; \
chmod +x /target/etc/chef/chefsetup.sh; \
echo "@reboot root /etc/chef/chefsetup.sh" > /target/etc/cron.d/chef

I know it's not that pretty, and there may be better ways to drop the orgname-validator.pem private key file (perhaps using cat << EOF) but it works, every time.

Here is a breakdown of what's the preseed script does:

  1. Creates a /etc/chef directory as this does not yet exist on the file system
  2. Drops an orgname-validator.pem private key file (see notes below)
  3. Drops a client.rb file which is used by the Chef client agent for it's first run
  4. Drops a chefsetup.sh script that uses Chef Omnibus to download and install the latest agent, initiate a 'run' associated with a predefined role on my Chef server called linux-std and then tidies up after itself
  5. Drops a file in /etc/cron.d that invokes chefsetup.sh after a reboot (a reboot always occurs after PXE installation has finished)
Notes

  • The multiple XXX in the preseed need to be replaced with your organisation validator private key file from your Chef server
  • You should find and replace 'orgname' in my script with your own organisation name defined on your Chef server
  • If the server you are installing the Chef client agent on already exists as a registered node on your Chef server, your freshly installed server won't be re-registered with your Chef server

Categories: Chef, Ubuntu Tags: , , , ,
  1. No comments yet.

*

code