Book Image

Mastering Chef

By : Mayank Joshi
Book Image

Mastering Chef

By: Mayank Joshi

Overview of this book

Table of Contents (20 chapters)
Mastering Chef
About the Author
About the Reviewers
Knife and Its Associated Plugins
Data Bags and Templates


Communication with the Chef server can be initiated by different mechanisms such as chef-client, Knife, and using API in code. Let's see how authentication works under different circumstances.


Every time a chef-client needs to communicate with the Chef server to fetch some data required for bootstrapping a machine, the chef-client needs to authenticate itself with the Chef server. It does so by using a private key located at /etc/chef/client.pem. However, as we saw in the bootstrap process, when a chef-client is executed for the very first time, there is no private key on the concerned machine. Hence, a chef-client makes use of the private key assigned to the chef-validator (/etc/chef/validation.pem). Once the initial request is authenticated, a chef-client will register with the Chef server using validation.pem, and subsequently the Chef server will return back a new private key to use for future communication. Once the initial chef-client run is over, validation...