+++ title = "Chef Infra Overview" draft = false gh_repo = "chef-web-docs" aliases = ["/chef_overview.html"] product = ["client", "server", "workstation"]
[menu] [menu.infra] title = "Chef Infra Overview" identifier = "chef_infra/overview/chef_overview.md Chef Infra Overview" parent = "chef_infra/overview" weight = 10 +++
{{< readfile file="content/reusable/md/chef.md" >}}
- Chef Workstation is the location where users interact with Chef Infra. With Chef Workstation, users can author and test cookbooks using tools such as Test Kitchen and interact with the Chef Infra Server using the knife and chef command line tools.
- Chef Infra Client Chef Infra Client runs on systems that are managed by Chef Infra. The Chef Infra Client executes on a schedule to configure a system to the desired state.
- Chef Infra Server acts as a hub for configuration data. Chef Infra Server stores cookbooks, the policies that are applied to nodes, and metadata that describes each registered node that's being managed by Chef. Nodes use the Chef Infra Client to ask the Chef Infra Server for configuration details, such as recipes, templates, and file distributions.
The following diagram shows the relationships between the various elements of Chef Infra, including the nodes, the server, and the workstation. These elements work together to provide the Chef Infra Client the information and instruction that it needs so that it can do its job. As you are reviewing the rest of this topic, use the icons in the tables to refer back to this image.
{{< figure src="/images/chef_overview_2020.svg" width=600 alt="Diagram of Chef Infra Client, Server, and Workstation">}}
Chef Infra has the following major components:
| Component | Description |
|---|---|
|
One (or more) workstations are configured to allow users to author, test, and maintain cookbooks. Workstation systems run the Chef Workstation package which includes tools such as Chef Infra Client, Chef InSpec, Test Kitchen, ChefSpec, Cookstyle, and other tools necessary for developing and testing your infrastructure with Chef products. |
|
Cookbooks are uploaded to the Chef Infra Server from these workstations. Some cookbooks are custom to the organization and others are based on community cookbooks available from the Chef Supermarket. |
|
Ruby is the programming language that's the authoring syntax for cookbooks. Most recipes are simple patterns (blocks that define properties and values that map to specific configuration items like packages, files, services, templates, and users. The full power of Ruby is available for when you need a programming language. |
|
{{< readfile file="content/reusable/md/node.md" >}} |
|
Chef Infra Client is installed on each node that's managed with Chef Infra. Chef Infra Client configures the node locally by performing the tasks specified in the run-list. Chef Infra Client will also pull down any required configuration data from the Chef Infra Server during a Chef Infra Client run. |
|
The Chef Infra Server acts as a hub of information. Cookbooks and policy settings are uploaded to the Chef Infra Server by users from workstations. The Chef Infra Client accesses the Chef Infra Server from the node on which it's installed to get configuration data, performs searches of historical Chef Infra Client run data, and then pulls down the necessary configuration data. After a Chef Infra Client run is finished, the Chef Infra Client uploads updated run data to the Chef Infra Server. |
|
Chef Supermarket is the location in which community cookbooks are shared and managed. Cookbooks that are part of the Chef Supermarket may be used by any Chef user. How community cookbooks are used varies from organization to organization. |
Chef Infra Client run reporting, compliance reporting, high availability configurations, and Chef Infra Server replication are available as part of Chef Automate.
The following sections discuss these elements (and their various components) in more detail.
A workstation is your local computer running Chef Workstation that you use to author cookbooks, interact with the Chef Infra Server, and interact with nodes.
The workstation is where users do most of their work, including:
- Developing and testing cookbooks
- Keeping the Chef Infra repository synchronized with version source control
- Configuring organizational policy by including defining roles and applying Policyfiles or policy groups
- Interacting with nodes, as (or when) required, such as performing a bootstrap operation
Some important tools and components of Chef Workstation include:
| Component | Description |
|---|---|
|
{{< readfile file="content/workstation/reusable/md/chef_workstation.md" >}} |
|
Chef Workstation includes important command-line tools:
|
|
The chef-repo is the repository structure in which cookbooks are authored, tested, and maintained:
The directory structure within the chef-repo varies. Some organizations prefer to keep all of their cookbooks in a single chef-repo, while other organizations prefer to use a chef-repo for every cookbook. |
|
{{< readfile file="content/workstation/reusable/md/test_kitchen.md" >}} |
|
{{< readfile file="content/reusable/md/chefspec_summary.md" >}} |
{{< readfile file="content/reusable/md/cookbooks_summary.md" >}}
The Chef Infra Client uses Ruby as its reference language for creating cookbooks and defining recipes, with an extended DSL for specific resources. A reasonable set of resources are available to the Chef Infra Client, enough to support many of the most common infrastructure automation scenarios; however, this DSL can also be extended when additional resources and capabilities are required.
Cookbooks are comprised of the following components:
| Component | Description |
|---|---|
|
{{< readfile file="content/reusable/md/cookbooks_attribute.md" >}} |
|
{{< readfile file="content/reusable/md/resource_cookbook_file_summary.md" >}} |
|
{{< readfile file="content/reusable/md/libraries_summary.md" >}} |
|
{{< readfile file="content/reusable/md/cookbooks_metadata.md" >}} |
|
{{< readfile file="content/reusable/md/cookbooks_recipe.md" >}} The Chef Infra Client will run a recipe only when asked. When the Chef Infra Client runs the same recipe more than once, the results will be the same system state each time. When a recipe is run against a system, but nothing has changed on either the system or in the recipe, the Chef Infra Client won't change anything. {{< readfile file="content/reusable/md/infra_lang_summary.md" >}} |
|
{{< readfile file="content/reusable/md/resources_common.md" >}} Chef has many built-in resources that cover all of the most common actions across all of the most common platforms. You can build your own resources to handle any situation that's not covered by a built-in resource. |
|
{{< readfile file="content/reusable/md/template.md" >}} |
|
Testing cookbooks improves the quality of those cookbooks by ensuring they're doing what they're supposed to do and that they're authored in a consistent manner. Unit and integration testing validates the recipes in cookbooks. Syntax testing---often called linting---validates the quality of the code itself. The following tools are popular tools used for testing Chef recipes: Test Kitchen, ChefSpec, and Cookstyle. |
{{< readfile file="content/reusable/md/node.md" >}}
{{< readfile file="content/reusable/md/node_types.md" >}}
The key components of nodes that are under management by Chef include:
| Component | Description |
|---|---|
|
{{< readfile file="content/reusable/md/chef_client_summary.md" >}} {{< readfile file="content/reusable/md/security_key_pairs_chef_client.md" >}} |
|
{{< readfile file="content/reusable/md/ohai_summary.md" >}} |
{{< readfile file="content/server/reusable/md/chef_server.md" >}}
| Feature | Description |
|---|---|
|
{{< readfile file="content/reusable/md/search.md" >}} |
|
{{< readfile file="content/reusable/md/chef_manager.md" >}} |
|
{{< readfile file="content/reusable/md/data_bag.md" >}} |
|
Policy defines how business and operational requirements, processes, and production workflows map to objects that are stored on the Chef Infra Server. Policy objects on the Chef Infra Server include roles, environments, and cookbook versions. |
{{< readfile file="content/reusable/md/policy_summary.md" >}}
Some important aspects of policy include:
| Feature | Description |
|---|---|
|
{{< readfile file="content/reusable/md/role.md" >}} |
|
{{< readfile file="content/reusable/md/environment.md" >}} |
|
{{< readfile file="content/reusable/md/cookbooks_version.md" >}} |
|
{{< readfile file="content/reusable/md/node_run_list.md" >}} |
Chef is a thin DSL (domain-specific language) built on top of Ruby. This approach allows Chef to provide just enough abstraction to make reasoning about your infrastructure easy. Chef includes a built-in taxonomy of all the basic resources one might configure on a system, plus a defined mechanism to extend that taxonomy using the full power of the Ruby language. Chef chose Ruby because it provides the flexibility to use both the simple built-in taxonomy, as well as being able to handle any customization path your organization requires.