Note: Please go to to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > ServerTemplates > Infinity > ST > Chef Client Beta (v13 Infinity) > Chef Client Beta (v13 Infinity) - Tutorial

Chef Client Beta (v13 Infinity) - Tutorial

 icon-Beta-v1.png  Service-level response times are the same as for general-release features. Although this new feature/technology has undergone significant testing and is not expected to change significantly prior to general release, the use of this feature/technology is not recommended for production environments. You are encouraged to use this feature/technology for development and testing purposes only.  


Table of Contents    


Leading edge features

   ►  Tutorial


To set up a Chef Client in a public or private cloud environment. The Chef Client connects either to the Chef Server inside or outside RightScale or Hosted Chef from Opscode.


  • 'actor', 'designer', and 'library' user role privileges in the RightScale account
  • For Amazon EC2, Google, and other clouds that support security groups, you must have a security group defined with TCP port 22 open for SSH access and any other port and protocol access required by your application. Also, remember that 'iptables' is installed by default on all servers, as described in the Security section of this tutorial.
  • A running Chef Server that's configured to allow a connection (e.g. firewall permissions) from the Chef Client server (that you're planning to launch).


This tutorial describes the steps for launching one or more Chef Clients in a public/private cloud that connect to an existing Chef Server. Use this tutorial to see how you can use your existing Chef cookbooks and recipes in the RightScale platform without refactoring any of your code. 


Create Credentials

A private key is used to authenticate client-server connections. You will use this credential later in this tutorial when you set values for the required inputs. See Create a New Credential.

  1. CHEF_VALIDATION_KEY - Create a credential that contains the contents of the private key that matches the public key on the Chef Server. Name the credential accordingly. 
  2. CHEF_DATA_BAG_SECRET - Create a credential that contains the contents of the key used to encrypt data bag items.

Create Chef Client

Follow these steps to add Chef Client to the deployment.

  1. Go to the MultiCloud Marketplace (Design > MultiCloud Marketplace > ServerTemplates) and import the most recently published revision of the "Chef Client Beta" ServerTemplate into your RightScale account. (Note: This ServerTemplate was deprecated from the MultiCloud Marketplace and can no longer be imported.)
  2. (Optional) If you want to customize the ServerTemplate clone it to create an editable version. Rename the ServerTemplate accordingly. (e.g. My Chef Client)
  3. Before you make any changes to the ServerTemplate, click the Commit button so that the first revision of the ServerTemplate matches the original revision, which will make it easier to perform differentials in the future to see what changes were made to the "original" version. When committing the ServerTemplate you can use a simple commit message. (e.g. Original version. No changes.)
  4. While viewing the HEAD version of the editable ServerTemplate, click the Add Server button. For production environments, you should always use committed revisions of ServerTemplates to launch servers. However, if you are actively developing and testing the ServerTemplate, it's helpful to launch servers with a HEAD version of the ServerTemplate so that you can easily add alerts and/or scripts to the ServerTemplate for performing tests on a running Chef Client.
  5. Select the cloud for which you will configure a server.
  6. Select the deployment into which the new server will be placed and click Continue.
  7. Next, the Add Server Assistant wizard will walk you through the remaining steps that are required to create a server based on the selected cloud.
    • Server Name - Provide a nickname for your new Chef Client (e.g., Chef Client1).
    • Select the appropriate cloud-specific resources that are required in order to launch a server into the chosen cloud. The required resources may differ depending on the type of cloud infrastructure. If cloud supports multiple datacenters / zones, select a specific zone.
  8. Click Confirm, review the server's configuration and click Finish to create the server.

Configure Inputs

The next step is to define the properties of your Chef Client by entering values for inputs. It is best to do this at the deployment level. For a detailed explanation of how inputs are defined and used in Chef recipes and RightScripts, see Inheritance of Inputs.

To enter inputs for the Chef recipes that will run on your Chef Client, open the your deployment > Inputs tab and click Edit, then follow the directions below to configure input values. We recommend that you set up credentials for password values and any other sensitive data as shown in the examples.

Note: The following examples and sample values assume that you will connect the Chef Server inside or outside RightScale or Hosted Chef from Opscode. Please refer to the runbook for proper setup instructions.

 Input Name  Description  Example Value
Chef Server URL Enter the URL to connect to the remote Chef Server.

To connect to a Hosted Chef server, use the format:



For a standard or open source Chef Server, use the format:


Chef Client Validation Name Validation name, along with the private SSH key, is used to determine whether the Chef Client may register with the Chef Server. The validation_name located on the Server and in the Client configuration file must match. text:ORG-validator
Private Key to Register the Chef Client with the Chef Server

Private SSH key which will be used to authenticate the Chef Client on the remote Chef Server.

Select the credential that you created in an earlier step.

Chef Company Name Company name to be set in the Client configuration file. This attribute is applicable for Opscode Hosted Chef Server. The company name specified in both the Server and the Client configuration file must match. Example: MyCompany text:MyCompany
Data Bag Secret Key A secret key used to encrypt data bag items. It's recommended to create and use a credential for this sensitive value. cred:CHEF_DATA_BAG_SECRET
Chef Client Environment Specify the environment type for the Chef Client configuration file. text:development
Chef Client Node Name Name which will be used to authenticate the Chef Client on the remote Chef Server. Note: If nothing is specified, the instance FQDN will be used.

Set of Client Roles Comma-separated list of roles which will be applied to this instance. The Chef Client will execute the roles in the order specified here. text:webserver
JSON String used to override the first run of chef-client A custom JSON string to be added to the first run of chef-client text:recipe[ntp::default]
Chef Client Version Specify the Chef Client version to match the requirements of your Chef Server. text:10.24.0-1

Launch the Server

After configuring your inputs, launch the Chef Client. Refer to the instructions in Launch a Server if you are not already familiar with this process.

You must to post a comment.
Last modified
08:45, 28 Apr 2014


This page has no custom tags.


This page has no classifications.



© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.