Setup ChefΒΆ

Create a directory to store the cookbook needed for this tutorial and change to that directory.

~$ mkdir cookbooks
~$ cd cookbooks

Create a subdirectory named .chef.

~/cookbooks$ mkdir .chef

Put your Chef credentials into the .chef subdirectory. Here is what that subdirectory contains after I stored my Chef credentials there.

~/cookbooks$ ls .chef
DCM-validator.pem   gforghetti.pem      knife.rb
~/cookbooks$ cat .chef/knife.rb
current_dir = File.dirname(__FILE__)
log_level                :info
log_location             STDOUT
node_name                "gforghetti"
client_key               "#{current_dir}/gforghetti.pem"
validation_client_name   "DCM-validator"
validation_key           "#{current_dir}/DCM-validator.pem"
chef_server_url          "https://api.opscode.com/organizations/gaf"
cache_type               'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
cookbook_path            ["#{current_dir}/../"]      

Test the Chef connection.

~/cookbooks$ knife environment list
_default

Download the tutorial Chef cookbook at this link OpenLDAP Server Chef cookbook into the cookbooks directory.

~/cookbooks$ ls -la openldap_example.tar.gz
-rw-r--r--  1 gforghetti  staff  9522 Jan 26 12:26 openldap_example.tar.gz

Run the following command to download the cookbooks required for this tutorial from the Chef Supermarket.

for package in chef-sugar compat_resource freebsd iptables 'nscd 1.0.1' openldap openssh openssl ssl_certificate ; do knife cookbook site download $package; done
Downloading chef-sugar from Supermarket at version 3.3.0 to /Users/gforghetti/Cookbooks/chef-sugar-3.3.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/chef-sugar-3.3.0.tar.gz
Downloading compat_resource from Supermarket at version 12.10.6 to /Users/gforghetti/Cookbooks/compat_resource-12.10.6.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/compat_resource-12.10.6.tar.gz
Downloading freebsd from Supermarket at version 0.6.0 to /Users/gforghetti/Cookbooks/freebsd-0.6.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/freebsd-0.6.0.tar.gz
Downloading iptables from Supermarket at version 2.2.0 to /Users/gforghetti/Cookbooks/iptables-2.2.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/iptables-2.2.0.tar.gz
Downloading nscd from Supermarket at version 1.0.1 to /Users/gforghetti/Cookbooks/nscd-1.0.1.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/nscd-1.0.1.tar.gz
Downloading openldap from Supermarket at version 2.2.0 to /Users/gforghetti/Cookbooks/openldap-2.2.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/openldap-2.2.0.tar.gz
Downloading openssh from Supermarket at version 2.0.0 to /Users/gforghetti/Cookbooks/openssh-2.0.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/openssh-2.0.0.tar.gz
Downloading openssl from Supermarket at version 4.4.0 to /Users/gforghetti/Cookbooks/openssl-4.4.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/openssl-4.4.0.tar.gz
Downloading ssl_certificate from Supermarket at version 1.12.0 to /Users/gforghetti/Cookbooks/ssl_certificate-1.12.0.tar.gz
Cookbook saved: /Users/gforghetti/Cookbooks/ssl_certificate-1.12.0.tar.gz

Run the following command to extract the cookbooks from their archive files.

for cookbook in `ls -1 *.tar.gz`; do tar -zxf $cookbook && echo "Chef cookbook ${cookbook} extracted."; done
Chef cookbook chef-sugar-3.3.0.tar.gz extracted.
Chef cookbook compat_resource-12.10.6.tar.gz extracted.
Chef cookbook freebsd-0.6.0.tar.gz extracted.
Chef cookbook iptables-2.2.0.tar.gz extracted.
Chef cookbook nscd-1.0.1.tar.gz extracted.
Chef cookbook openldap-2.2.0.tar.gz extracted.
Chef cookbook openldap_example.tar.gz extracted.
Chef cookbook openssh-2.0.0.tar.gz extracted.
Chef cookbook openssl-4.4.0.tar.gz extracted.
Chef cookbook ssl_certificate-1.12.0.tar.gz extracted.

Run the following command to upload the cookbooks to your Chef server.

knife cookbook upload --all
Uploading acme-openldap-server [0.1.0]
Uploading chef-sugar   [3.3.0]
Uploading compat_resource [12.10.6]
Uploading freebsd      [0.6.0]
Uploading iptables     [2.2.0]
Uploading nscd         [1.0.1]
Uploading openldap     [2.2.0]
Uploading openssh      [2.0.0]
Uploading openssl      [4.4.0]
Uploading ssl_certificate [1.12.0]
Uploaded all cookbooks.

Create the acme-openldap-server Chef role.

knife role from file acme-openldap-server/roles/acme-openldap-server.rb
Updated Role acme-openldap-server!