# The Chef Unit

.
16.9
Hello, and welcome back to this video on Azure VM configuration management with Chef. We talked about Azure automation. And when we were talking about Azure automation, we looked at the open source tools that are available in the market. And two names that clearly come out are Chef and Puppet. They’ve been in the community, got a very, very vibrant ecosystem. And if I was to put it, they were probably the first set of tools to introduce dev ops at scale. Chef is broadly used. It’s used in the Microsoft stack enterprises, as well as in the open source and non-Microsoft stack enterprises. And if you’re doing configuration management, it’s probably a tool that you’ve come across.
61.4
So as just part of infrastructure provisioning, infrastructure automation, Chef is something you’re bound to come across. So in this video here, we’re going to walk through the process of setting up Chef hosted, integrating that with Azure, seeing the amazing integration that exists between the two. And then set up a configuration run book which can change the configuration of the Azure VM to be a basic web server. Just like we covered with Azure automation, we’ll try and use a similar run book, but under the framework and tools offered by Chef. All right?
103.8
So before we get into the demo, there are just a couple of things worth calling out, which should hopefully make the flow of activities in the demo more clear to you. The first thing is there are really three moving parts here. One is you need a Chef server. You could use the Hosted Chef, which is really a SaaS version of the Chef offering. Is it SaaS or is PaaS? Well, think of it this way. It’s an offering provided by Chef. It’s hosted by ops code. So you don’t have to worry about administrating it. You don’t have to worry about making it highly available. It’s just provided as a service across to you, so it’s SaaS.
144.6
The other moving part here is setting up an administration workstation for Chef. Now if you’re going to do Chef related configuration, you need the Chef tools installed. And while it may seem pretty straightforward, but the number of open source components that Chef relies on, assembling that in a box can be challenging. Now when I picked up Chef three years back, and you can still see the video on channel nine, you’d find that it took about one hour to explain all the components and the different versions that needed to sit together to set up a Chef workstation. But since then the tools have only got better and easier to use.
186.7
While it was considered martial arts before, I would say it’s a walk in the park setting up a Chef workstation now. And we’ll work through it as we go into the demo. The last part here is the nodes. Now these are the target environments that you want to configure. And these are the target environments that basically need to connect with the hosted Chef instance. So think of it this way. You set up a hosted Chef. You have a workstation where you create your recipes. Those recipes need to be published to the hosted Chef instance. And all the nodes that connect to the Chef server now can pull those recipes and make themselves compatible with those recipes by applying them.
228.1
It’s a little bit related to the DSE concept that we covered in Azure automation. But behind the scenes, just a different platform, just a different technology stack of doing it. And so in this demo here, what we’re going to do is we’re going to have the first activity, which is setting up a hosted Chef server. So I’m going to flip right into the browser and navigate into the Chef website and we’ll work our way from there. OK, so I’m going to look for Chef hosted. It’s an offering provided by ops code. So let’s click on Managed Chef.
266.9
And as I click on it, if you already have an account on Chef, you’re given the option to use that to sign in. If you don’t already have an account, then this is where you will sign up for it. So you don’t have an account. Let’s sign up for it. Now let’s just call it Infra as Code training.
291.6
For the company name could be Iac Inc. And I’ve just created a separate email address. It’s called iac-devops2@outlook.com. I had to create a separate email address because apparently you can only sign up with one email address on one hosted Chef instance. If you need another one, you need another email address. OK? Clearly I already have a username with that name. So I’m just going to use another one. OK, let’s select another one. Let’s try iacinc. OK. That seems to work. So agree with the terms and click Get Started. Now at this point, behind the scenes it’s going to provision new tenant for you. And you will get the tenant fairly quickly.
340.5
But unless you validate the email notification that comes through as part of the provisioning process, you wouldn’t be able to access the instance. So I will set one password up and click Create User. At this point, the provisioning process should complete. In the free instance, you can invite a finite number of people to join the organisation that you set up within the hosted Chef instance. Now organisation is something that needs to be set up. Organisation within the hosted Chef is kind of the logical container to identify the servers with any Organisation. It could be a department. It could be a business unit. It could be whatever works for you, right?
378.8
It is just a way of logically identifying the service that you put in within this container. The security boundary is kind of the container level as well. So let’s create an Organisation. Let’s call it IaC Org this time. And let’s give it a short name, iacorg. Let’s create the Organisation.
407.4
All right, there we go. So our Organisation’s created. I can see I’m logged in as my user. I’m within the scope of that Organisation. And I can manage the permissions at this level. If I look into the Node section, it’s empty. If I look in the Report section, it’s empty. I don’t have any policy set up at the moment. But at least the server is available, the tenant’s available for me to start doing my automation. So let’s park it at that and go back into the Azure portal. Now we’ve completed the first activity, which was set up the Chef server. Now the next activity that needs to be done is to set up the administration workstation.
450.9
So to save time, I have created a virtual machine already. I haven’t installed anything on that virtual machine, but it’s just the machine has been provisioned. I’m going to use the IacDemo-ChefWs2 workstation two to do the set up. So let’s drop into the virtual machine. See nothing’s installed there. If I look in the Server Manager, it’s all empty. The first thing that you need to do is instal the Chef development kit. So if you search for chef development kit. There you go. That’s the first search result. Now, as I mentioned earlier, you had to pull in these tools together, configure them separately. But now there is a package available that you can simply download and instal.
503
So let’s look for the Windows 10 package because that’s the version of my workstation. Windows 10 64. Let’s download this.
516.3
All right. So let’s click Run. Now the installer doesn’t give you too many customization options, and that’s for a reason. But just select all the defaults and press Instal. Now this will take some time to Instal, but meanwhile what we’ll look at is the Organisation tools that are available within the hosted Chef. So on this workstation machine, now let’s search for hosted Chef.
550.1
Let’s go into the login screen here.
556.2
Key in the account information.
561.4
All right. As I sign in here, and I go into the Administration section, I see this option here to–
573.8
yeah, within the Administration section, if I click on Organisation. I just need to select the Organisation and then these options are available for that Organisation. And the option I want to select is Starter Kit. Now, Starter Kit has a few things that are worth downloading. And of course, you don’t have to do it, but it just makes the set up a lot easier. Because what it does is, in the same folder it gives you the Knife settings file. It gives you a few other setting files, and a vanilla cookbook as well that you kind of need in order to start creating stuff for Chef. So we’ll just download this.
613.1
And the thing that you have to remember is to right click, go into Properties, and unblock this. If you don’t unblock it and unzip it, chances are you’re going to have a lot of failures when you try using it. So let’s extract this to the C Chef folder. Click Extract. Now it extracts pretty quickly. So let’s look at the Chef repo. Chef repo has a Dart Chef folder, which is called a key for me to use. And this is the SSH key basically that brokers the authorization between my host, my workstation, and the hosted Chef. If you have the wrong key, chances are it’s not going to work.
660
Every time you download the starter kit it generates a new key as well. So you might want to be careful when you download the starter kit again because then on machines that are workstations and that have the key set up, it’s not going to be valid. OK, so what we’ll do is we will just look at the status of the Instal. It’s going to take a few more minutes, so we will wait it out for the installation to complete. All right. So the installation is completed. Let’s click Finish and see what the installation has done in the background. In the C drive, it’s created a folder called opscode. And under this folder, it’s created chef development kit.
700.8
Now this has got everything, so you don’t have to worry about installing the right version of Ruby. You don’t need to worry about installing all the relevant gems. Then Knife installer and all of that is just built in here. If you go into the modules, you would see that there are a lot of modules that are specified. And so the first thing that you should do after the development kits installed is launch PowerShell. And let’s do that. And the first way to validate the installation of Chef development kit is to run the command chef verify. So what it does is it does a verification check on all the components that are set up as part of the installation.
745.2
And this can take up to 10 minutes to complete because in the first instance, these modules, they can quickly validate. But for the rest of them, it has to do some intense checks which can take up to 10 minutes to complete Chef’s installed now. I’ve just clicked OK. What we’ll do is we’ll go and see what it installed in the background. So if I go into the C drive and go into the folder opscode, then chefdk is effectively what it’s installed here. As you can see that there are a bunch of modules that get installed.
777.3
And it’s way better than before where you had to Instal Ruby, you had to Instal the individual gems, all the modules yourself, and then work out what the compatibility between the versions was. None of that anymore. You simply Instal the development kit and it kind of does that. As soon as you finish the installation of the development kit, the first thing you should do is launch PowerShell. And we can do that right from here. Chef verify.
808.3
OK, so it’s starting the verification process now. It’ll take about 5, 10 minutes to complete. Awesome. So the verification is all good. It’s all green. As you can see on the screen here, it’s validated every component that Chef relies on for it’s set up. You kind of think Chef’s really gone out on cooking quite a bit here. They’ve got a chef-client, they’ve got knife, they’ve got sugar, a chef sugar. And you know the whole thing’s built around that concept of cooking. Funny enough, the marketplace where you can download the configuration files to set up your nodes with is called supermarket. No surprise. All right.
855.1
So now that the setup’s good, it’s worth mentioning that sometimes during the verification process you could hit certain roadblocks. One that I’ve encountered in the past is a similar exception like this. As you can see on the screen here, this exception says that it’s unable to find git installed. So the error message is quite descriptive. You just go and Instal git and set up the git global configuration with your username and email address and then run the verification again. It should be successful. But apart from that, I haven’t really come across any other issues after installing the development kit.
895.6
So now that this is in place and we’ve already downloaded the starter kit, we just have to do a couple more things for the workstation set up to be completed. But let’s go into the C Chef folder, Chef repo. And inside the dot chef folder, you see we have the knife.rb file. So let’s launch PowerShell ISE.
920.4
ISE.
923.8
OK, let’s try dragging it into– there we go. OK. So the PowerShell– within this, I can see that the knife.rb file has certain settings. What it’s saying is that the client key is available in the folder in the current directory and it’s called this. If you are going to create your own primary key for interacting from knife, which is the console to interact with Chef, then you just need to make sure that you specify here where the primary key is so that Knife can then use it to broker the conversation between the two systems. This is the hosted Chef endpoint.
959.7
Again, you can use multiple instances of Chef, you just maybe need different a knife.rb files or be sure to change the Chef server URL in the knife.rb file that you have. And this is specifying the cookbook path. Now if I go back in this folder, I can see all it’s saying is that one level up from here is the cookbook folder. So any recipes that you put in, either configuration files will be put in into this folder and this knife.rb file provides a hint to the knife console to look in this directory to identify the cookbooks.
1000
What we’re going to do is we’re going to copy the Chef Knife and the primary key out from this folder and just put it in the root folder here in Chef repo.
1014.7
Now in order to interact from Knife to Azure, we need to make Knife aware of our Azure configuration. Back in the day, you had something called Azure Publish Settings file. Now ever since we’ve had the PowerShell integration with Azure, that file is not used that much. But Chef still relies on the Publish Setting files. So what you can do is you can navigate to the good old Azure portal to download that file. It’s available by browsing to this URL. Let me bring this up on the screen here.
1055.6
It’s manage.windowsazure.com slash publish settings file. Now I’ve already copied my publish settings file here. So I’m just going to simply put it in the folder in C drive chef, chef repo.
1072.8
And I just need to make the knife.rb aware of where my publish settings file is.
1082.6
So I’m going to add a new value here, a new line, and just simply copy the setting. And I’ll talk you through what the setting does.
1094.2
So this is telling Knife that the Azure publish settings file is called this. And it’s in the same directory as where knife.rb is. So let’s copy the name of the settings file and paste it here. Save that. And we can close the knife.rb file here. OK, so now that we’ve saved the knife.rb file, let’s initiate a few more things with Chef, and then try and interact with Azure to validate whether our configuration is good enough to interact with Azure or not. So let’s just click here and type PowerShell. Launch the PowerShell console. I’ve got a few commands that you need to run. The first one is chef shell initialize. And this kind of initializes the shell of Chef.
1140.9
Again, takes a few seconds to do. And the next thing is you need to invoke the PowerShell for Chef. Now that’s been done. You could actually– this is limited to this PowerShell session. Again, if you wanted to create a environment variable and preserve that setting, you could do that as well. Now we’re going to run a gem command to Instal the Azure component of Knife. Let’s run this. And what it basically does is it introduces a new module within– press Allow Access here. What it does is it introduces the new modules within Knife to allow it to interact with Chef.
1179.5
Think of it as the PowerShell equivalent of what we had to do to Instal the Azure RM modules when we were doing the sessions in module 2 and 3.
1195.3
OK. Now that it’s done, let’s look at what it was doing. Behind the scenes, it was downloading the Azure Resource Manager. The providers for compute, storage, network. Again, you know just downloading the API so it can allow you the interaction with Azure. So let’s just now run this command called knife azure image list. If all the modules have been successfully installed and the Azure RM providers are available as well, we should be able to get back the list of images available within Azure. There we go. So we get back the list of all the images that are available within Azure.
1233.4
Of course, we can refine this list further to say only return the list of images available within a region or within a location. But the point to be made here is that the set up is good. We’re able to interact with Azure, right, from within PowerShell using Knife. OK. Now that this is in place, let’s start off by creating our first cookbook for Chef. So I’m going to create a directory called– so we already have a directory called C chef, right? Let’s drop into the scope of that. And then within that we have the Chef repository. So what we’ll do is we’ll generate a cookbook.
1271.2
So as you can see here within Chef repo, we have a folder called cookbooks. And within this, let’s create another blank cookbook so that we can start working on it. So we’re going to create a cookbook called webserver. Let’s run this command. OK. As you can see, it’s creating a cookbook and it’s putting some default files in there. If I go into this folder now, it’s created a directory called webserver. And if you go within it, it’s got a recipes folder. And it’s got just that. So let’s go into the recipes folder, look at these default.rb, and open this in Notepad.
1313.5
Now it’s empty, right? So again I’m going to cheat and put some code in there that actually provisions the Instal of Ias. And again, as I said, while I’m cheating here, you can find a lot of samples on creating cookbooks for Chef if you search for them. But you can obviously go into the Chef Supermarket– and let’s have a look at it here– to take some inspiration or download ready-to-use recipes and cookbooks right from here. So let’s go into the cookbook section here. And you can sign in using the same account and authenticate yourself, which will allow you to then download stuff. So I’m going to use my account here. iac-devops02@outlook.com.
1371.4
And authorise Chef Supermarket to use the Chef account, yes. Now if you search for iis, you see there is a recipe available. And that’s where I’ve picked up this snippet from. If I go within here, I could just download the whole recipe book from here or look at the specifics of how to set up IIS configuration, which kind of shows you the example that you need to run. OK, so with that, I’m going to save my recipe. And then the next thing I’m going to do– seems like I forgot to copy the whole thing, so just bear with me for one quick second here. Let’s update this.
1416.3
Make sure we’ve got the full thing. Yes, we have. All right. So what’s happening in this recipe is we’re saying, go and set up iis. So go and Instal the Windows feature web server. Make sure that the W3 SVC service is there on the box and it’s enabled. And then deploy this template on the default website that you’re creating. Now the default.htm is something that will get provisioned on the target host. And what we’re saying is that the source file that needs to go in default.htm is specified here. Default.htm.erb. So we have to create the source file and put some content in there. So I’m going to run this command to do that.
1462.8
Let’s just run this command to here, which is chef generate template in the cookbooks folder.
1476.1
Webserver default HTM.
1482.8
So within– let’s move this. Within the templates folder, you can see it’s generated a default htm.erb file. What I’m going to do is I’m going to open this file in Notepad and put some HTML in there. Let’s just put a heading to say, hello world. And let’s put a paragraph here to say, Greetings from an amazing trainer.
1518.1
Let’s save this and then the next step really is to publish this run book. We’re almost there. The last step in this long running game is to just upload the cookbook that we’ve created with the hosted Chef server. And we will need to run the following command to do it. We’re telling Knife that there is a cookbook that we need to upload, it’s called webserver. And basically this session is going to look at the knife.rb file, figure out the path to the cookbook, and then look for the folder that’s called webserver. So let’s click this.
1583.9
Ta-dah. The only thing that I needed to do was change directory into the cookbooks folder because that is where the cookbook was. And after doing that, I re-ran the command knife cookbook upload webserver. What it’s done is it’s taken this cookbook and it’s uploaded to the hosted Chef. So if we navigate into the hosted Chef here, and go within policy, and look for cookbooks, we can– see that it’s showing up the website of our cookbook here. And it’s just got whatever you published. So it instals and configures a web server. Now if we just drop back to the slides that we had, we’ve just completed step two, which is administrators workspace for Chef. Now effectively, we set up Chef there.
1641.1
We created our first recipe. And then we simply published that cookbook from 2 to 1, which is pushing it from the workstation to the central server or Chef. Now the next thing we need to do, and the final thing, is building up to it, is to spin up a new instance of a VM. And within that instance of VM, Instal the Chef extension by putting in some configuration data to make it aware of where our Chef server is. But at that point, that node will register itself with the Chef server. And the moment it does that, it will be able to pull down the recipe, the webserver recipe that we’ve published to the Chef server.
1682.2
So let’s go back into the Azure portal here for a second. I’ve already provisioned us a VM. It’s called IacDemoChef-02. Let me refresh it.
1698.9
Here we go. IacDemoChef-02. I’m going to go on this VM and I’m going to click on Resource Manager so I can see the actual virtual machine. Click on the virtual machine. Now at the virtual machine level, I’m going to, on the left settings blade, I’m going to see the Extension option. I’m going to click on Extension and– well, you know bringing it home, the integration between Chef and Azure is so good that there is an out-of-box extension that’s provided within Azure that you can attach to any Windows Azure VM you have. Just by specifying the endpoint and the primary key, you’re able to establish connection from the node back to the Chef agent back to the Chef server.
1748.6
So let’s click Plus to see the extensions that are available. And if you scroll down at the very bottom, you would see there is an option for Chef. So let’s click this. Create. And the next option is, tell me about the Chef server URL. Now what I’m going to do is I’m going to go back to the agent here. The chef workstation we had created, open this up, load the Knife file because that has got all the settings we need. So this Knife file has the Chef server URL. Let’s copy this URL. Be sure to leave the codes out from here. Let’s copy this into here. What is the name of the node that we want to register?
1797.5
The name of the node is IacDemoChef-02. Let’s put that in here.
1810
Run list. Well, the run list that we want to put in here is the run list that we have just created. So if I go into the Policy, webserver– so that’s the run book that we want to associate, so let’s put that in here. Webserver.
1827.3
This needs to match the case, so just make sure you make it all lowercase here.
1834.5
The validation client name is the name of the key. So that is called iacdevops02.
1845.1
And then just the last bit here, you need to put in the key. So I’m going to copy the key from the workstation onto my local machine.
1856.9
I see devops key. Copy that, put it in here, and open it. OK? Now the rest of it is optional. I’m not going to change, and press OK. So behind the scenes it’s now starting to Instal this extension on this target machine. It would be worth staying on the extension page because as it instals the extension, it will show you the status of progression as well. What I’m also interested in doing is logging into the VM so that we can just validate as the configuration gets rolled out there. So let’s just log in onto that machine.
1909.8
All right. Just connecting up to this machine.
1917.8
As you can see, we’re logged into the machine and the Server Manager is refreshing itself. This is a vanilla Windows 2016 image. It does not have IS configured on it. So let’s come out of this space and go back into the actual portal. Just check on the status of the extension that was installing. Click on Extensions. As you can see that it’s starting to show up here in the Windows Chef extension. The version of the extension, it’s still unavailable. So the installation is still in flight. Let’s give it a few more seconds to complete.
1956.2
Perfect. Long wait there, but the provisioning is finally successful. At this point, the extension’s installed on this target VM. The extension should now be working behind the scenes to connect this node up to the hosted Chef. So if we drop into the hosted Chef and look in nodes, this would be like the moment to applaud. The node successfully registered. It’s just registered, but it’s never been checked. No recipes have been installed on it. It’s just connected. So this is– going back to the slides here.
1996.8
Step 3 is completed. The node has registered to the hosted Chef. And depending on the frequency of the refresh, it will pull down the recipe and apply. So let’s just come back and see if it’s doing that.
2014.7
There you go. The status has changed. It’s identified. It’s a Windows host. It’s picked up its IP address. It’s telling us that the uptime of this VM in its entirety has been one hour. It was checked last two minutes ago. So if we look at the run list, it’s set up to only run the webserver run list. And if I go into the report section– now the report doesn’t update as frequently, but if I click on Run History, I can see that the node has made contact with the hosted agent and that the template that we had put in where I put in some HTML has successfully been deployed. So let’s just double check here. Let’s look at the parameters.
2058.9
As you can see, this is the source and the destination replacement that it’s done. So let’s log onto that VM. chef02.
2074.6
As you can see here, iis is starting to show up, which means the webserver set up has been completed by Chef. Now if I do localhost–
2086.6
perfect. Hello, world. Greetings from an amazing trainer. Just to prove that the engine in Chef is quite robust and is able to detect even minor changes to the content of the file, what I’m going to do is I’m going to navigate into– what we could do is we could just go into inedpub folder. wwwroot, look at the default file. Open it in Notepad.
2117.8
Let’s change it from a very amazing trainer and see whether it’s able to detect the changes and then correct it by updating the file. Let’s just refresh it. The amendment I made is reflecting here. We’ll just have to wait for the next refresh between the node and the hosted Chef to see the changes come through. All righty. It’s finally updated itself. So the nodes connected back to the Chef server, identified that something’s changed, and we’ll just drop in and see whether it’s corrected itself or not. But as you can see on the Report section in the Run History that we have three records now. So clearly it’s done a sync.
2160.6
If we go back into the dashboard, the dashboard is yet to be updated. But at least in the Run History, we can see that three pings have happened between the node and the server. So let’s go back into the server. As you can see, it says, greetings from a very amazing trainer. Ta-dah. It’s updated. So you know, jokes apart, it’s quite powerful in the sense it can not only identify the configuration of the Windows feature but even the changes, not to the file name, but to the content of the file. It’s able to detect and self correct. It’s because it takes a checksum and identifies the delta on the checksum, and it finds its drifted so it just replaces it.
2201.9
So with that, we’ve seen Chef configuration. We pushed a recipe. We had it connect up to a node configurate. And then we changed the configuration and saw it correct itself. I also wanted to quickly show you another Chef instance. I have a hosted Chef to which I’ve attached a couple of nodes. And they’ve been running up since last night. So if I now going into the Report section, you can see it’s quite good because I can see the trend of all the connections that happen between the nodes and the Chef server. And if you start using this in the enterprise, you’ll quickly build a very, very long list of nodes.
2245.5
But the features available within Chef allow you to logically group the environments by name, by categories, and even within that it gives you some fluid metadata that can be applied in the form of tags. So you could just, for example, say, this is a web server tag. And then all the tags that you– all the web server nodes can be sliced, reported on, identified. So just one of those ways to manage servers in the enterprise. All right, well pat yourself on the back. This has been a pretty heavy module. We went on a journey. We started by looking at Azure Resource Manager, Providers, we understood the architecture. We looked at the automation there. We looked at dev test labs.
2293.3
We saw how we take templates created in dev test lab, bring them all the way out into production. And then we looked outside the perimeter of Azure. We looked at tools like Chef. And once you understand Chef and how it works, if you look at Puppet or Vagrant or Salt, well the language and the framework’s different, but in principle it’s still DSE. It’s still a node. It’s still working in similar fashion. So hopefully this learning from this module, you find useful and something that you can apply to start automating your enterprise landscape.

We’ve been on an Azure journey. We looked at Azure Resource Manager and its architecture and automation.

We then paused at DevTest labs where we created templates and used them in production. In the last section, we stopped outside of the parameters of Azure and looked at automation resources such as Chef, Puppet and Ansible.

This step demonstrates how you can manage your Azure VM configuration with Chef.

## What is Chef?

Chef is considered an Automation Resource that provides seamless integration with Azure with the Cloud API.

Chef has three main architectural components: Chef Server, Chef Client (node), and Chef Workstation.

• The Chef Server is the management point, and there are two options for the Chef Server: a hosted solution or an on-premises solution.
• The Chef Client (node) is the agent that sits on the servers you are managing.
• The Chef Workstation is the admin workstation where you create policies and execute management commands. You run the knife command from the Chef Workstation to manage your infrastructure.

There are also the concepts of Chef Cookbooks and Recipes. These are effectively the policies that you define and apply to your servers.

## Chef Cookbooks Templates

Chef uses a Cookbook to define a set of commands that you want to execute on your managed client. Creating a Cookbook is straightforward, and you use the chef generate cookbook command to generate a Cookbook template.

Before creating a cookbook, you must do the following:

• Create a managed Chef account
• Configure the Chef workstation
• Install the Chef Development Kit.

See the page Automating Azure virtual machine deployment with Chef to prepare for creating a cookbook.

This example calls the Cookbook web server for a policy that automatically deploys IIS.

Under your C:Chef directory, run the following command:

chef generate cookbook webserver

This will generate a set of files under the directory C:Chefcookbookswebserver. Next, you need to define the set of commands that you’d like the Chef client to execute on your managed virtual machine.

The commands are stored in the file default.rb. For this example, a set of commands will be defined that installs IIS, starts IIS, and copies a template file to the wwwroot folder.

Modify the C:chefcookbookswebserverrecipesdefault.rb file and add the following lines:

powershell_script 'Install IIS' doaction :runcode 'add-windowsfeature Web-Server'endservice 'w3svc' doaction [ :enable, :start ]endtemplate 'c:inetpubwwwrootDefault.htm' dosource 'Default.htm.erb'rights :read, 'Everyone'end

Save the file after you are done.

To generate the template, run the following command:

chef generate template webserver Default.htm

Now navigate to the C:chefcookbookswebservertemplatesdefaultDefault.htm.erb file. Edit the file by adding some simple ‘Hello World’ HTML code, and then save the file. Next, upload the cookbook to the Chef Server so that it appears under the Policy tab by running the following command:

chef generate template webserver Default.htm

## Deploy a VM with Knife Azure in Chef

To deploy an Azure VM and apply a Cookbook to install an IIS web service and default webpage, use the Knife Azure server create command:

knife azure server create --azure-dns-name 'diegotest01' --azure-vm-name 'testserver01' --azure-vm-size 'Small' --azure-storage-account 'portalvhdsxxxx' --bootstrap-protocol 'cloud-api' --azure-source-image 'a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201411.01-en.us-127GB.vhd' --azure-service-location 'Southeast Asia' --winrm-user azureuser --winrm-password 'myPassword123' --tcp-endpoints 80,3389 --r 'recipe[webserver]'

Substitute your variables for the parameters and run the command. Once the command is run, you can view the provision in the Azure portal:

The command prompt will then appear:

After the deployment is complete, you should be able to connect to the web service over port 80. The port was opened when the VM was provisioned with the Knife command.