Powered By GitBook
zero-to-deploy-with-chef
Learn how to manage Compute Engine with Chef.
David Mailhot | Developer Programs Engineer | Google
Contributed by Google employees.
This tutorial shows how to quickly set up infrastructure on Google Cloud with the Chef configuration management tool. You will start from nothing and end with provisioning and configuring multiple resources on Google Cloud using open source Chef cookbooks.

Objectives

Before you begin

    1.
    Create a new Google Cloud project or select an existing one in the Cloud Console.
    2.
    Enable a billing account.
    3.
    Install the Cloud SDK.

Costs

This tutorial uses billable components of Google Cloud, including Compute Engine.
New Google Cloud users might be eligible for a free trial.

Setup

Provision a Compute Engine instance

This tutorial is written using the us-east1-b Compute Engine zone. You may choose any zone.
This tutorial is written using the Ubuntu 16.04 LTS machine image. You may use any machine image that supports Chef. See the list of all supported distributions for Chef Client.
    1.
    In the Cloud Console, go to the Compute Engine >> VM Instances page.
    2.
    Click the Create Instance button.
    3.
    Set Name to chef-workstation.
    4.
    For Zone, choose us-east1-b.
    5.
    For Machine type, choose f1-micro.
    6.
    In the Boot disk section, click Change to begin configuring your
    boot disk.
    7.
    In the Preconfigured image tab, choose Ubuntu 16.04 LTS.
    8.
    Click Select at the bottom of the dialog.
    9.
    Click the Create button at the bottom to create the instance.
You can also use the gcloud command instead:
1
gcloud compute instances create chef-workstation --machine-type f1-micro \
2
--image-family ubuntu-1604-lts --image-project ubuntu-os-cloud \
3
--zone us-east1-b
Copied!
It will take a few moments to create your new instance.

Download a service account key

You'll need a service account key to authorize Chef to manage your GCP project.
    1.
    In the Cloud Platform Console, go to **IAM & admin >> [Service
    2.
    If prompted, select your Google Cloud project.
    3.
    Click the Create Service Account button.
    4.
    Set Name to chef-service-account.
    5.
    For Role, choose Project >> Editor.
    6.
    Check the box Furnish a new private key.
    7.
    For Key type, select JSON.
    8.
    Click Create at the bottom of the dialog.
The service account key should be automatically downloaded to your computer as a JSON file with a name like YOUR_PROJECT_NAME-12345678abcdef.json.
You can also use the gcloud command instead:
1
gcloud iam service-accounts create chef-service-account --display-name \
2
"chef service account"
3
gcloud iam service-accounts keys create ~/chef-account-key.json \
4
--iam-account [email protected]_PROJECT_NAME.iam.gserviceaccount.com
Copied!
In this case, the service account key will be downloaded as ~/chef-account-key.json.
After your service account key is downloaded, you'll need to upload it to your new chef-workstation Compute Engine instance:
1
gcloud compute scp /PATH/TO/SERVICE_ACCOUNT_KEY.json \
2
chef-workstation:credentials.json --project YOUR_PROJECT_NAME --zone \
3
us-east1-b
Copied!

Install Chef client

    1.
    SSH into your chef-workstation instance.
    1
    gcloud compute ssh chef-workstation --zone us-east1-b
    Copied!
    2.
    Download the chef client package for Ubuntu 16.04.
    1
    wget https://packages.chef.io/files/stable/chef/13.8.5/ubuntu/16.04/chef_13.8.5-1_amd64.deb
    Copied!
    3.
    Install it.
    1
    sudo dpkg -i chef_*
    Copied!
If you selected a different machine image for your Compute Engine instance, you'll have to download the correct package and install it with the appropriate package manager.
Remain ssh'd into your chef-workstation instance.

Initialize a Chef repository

On your chef-workstation instance:
    1.
    Setup a cookbooks directory.
    1
    mkdir -p .chef/cookbooks
    2
    cd .chef
    Copied!
    2.
    Configure Git.
    1
    git config --global user.email "[email protected]"
    2
    git config --global user.name "Your Name"
    Copied!
    If git is not installed, install it:
    1
    sudo apt-get install git
    Copied!
    3.
    Initialize a Git repo.
    1
    git init
    2
    git commit -m genesis --allow-empty
    Copied!
You should see a message like [master (root-commit) 7d75bc7] genesis.
Having at least one commit allows you to start downloading Chef cookbooks, as you'll do in the next step.

Configure

Download the Chef Google Cloud cookbooks

On chef-workstation:
    1.
    Download the google-cloud cookbook from the Chef Supermarket via the knife command.
    1
    knife cookbook site install google-cloud
    Copied!
    ~/.chef/cookbooks is a default path for the knife cookbook command. If you want a different path, you'll need to specify it in a custom knife configuration file.
When installation finishes, you should see many new directories in the cookbooks directory, such as google-cloud, google-gauth, etc.

Write a Chef recipe

On chef-workstation:
    1.
    Create a new recipe directory under the google-cloud cookbook.
    1
    mkdir -p cookbooks/google-cloud/recipes
    Copied!
    2.
    Edit a new recipe file cookbooks/google-cloud/recipes/default.rb:
    1
    gauth_credential 'mycred' do
    2
    action :serviceaccount
    3
    path ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
    4
    scopes [
    5
    'https://www.googleapis.com/auth/compute'
    6
    ]
    7
    end
    8
    ​
    9
    gcompute_zone 'us-west1-a' do
    10
    action :create
    11
    project ENV['GCP_PROJECT'] # e.g. 'company-org:chef-gcp-project'
    12
    credential 'mycred'
    13
    end
    14
    ​
    15
    gcompute_disk 'instance-test-os-1' do
    16
    action :create
    17
    source_image 'projects/ubuntu-os-cloud/global/images/family/ubuntu-1604-lts'
    18
    zone 'us-west1-a'
    19
    project ENV['GCP_PROJECT']
    20
    credential 'mycred'
    21
    end
    22
    ​
    23
    gcompute_network 'mynetwork-test' do
    24
    action :create
    25
    project ENV['GCP_PROJECT']
    26
    credential 'mycred'
    27
    end
    28
    ​
    29
    gcompute_region 'us-west1' do
    30
    action :create
    31
    project ENV['GCP_PROJECT']
    32
    credential 'mycred'
    33
    end
    34
    ​
    35
    gcompute_address 'instance-test-ip' do
    36
    action :create
    37
    region 'us-west1'
    38
    project ENV['GCP_PROJECT']
    39
    credential 'mycred'
    40
    end
    41
    ​
    42
    gcompute_machine_type 'n1-standard-1' do
    43
    action :create
    44
    zone 'us-west1-a'
    45
    project ENV['GCP_PROJECT']
    46
    credential 'mycred'
    47
    end
    48
    ​
    49
    gcompute_instance 'instance-test' do
    50
    action :create
    51
    machine_type 'n1-standard-1'
    52
    disks [
    53
    {
    54
    boot: true,
    55
    auto_delete: true,
    56
    source: 'instance-test-os-1'
    57
    }
    58
    ]
    59
    network_interfaces [
    60
    {
    61
    network: 'mynetwork-test',
    62
    access_configs: [
    63
    {
    64
    name: 'External NAT',
    65
    nat_ip: 'instance-test-ip',
    66
    type: 'ONE_TO_ONE_NAT'
    67
    }
    68
    ]
    69
    }
    70
    ]
    71
    zone 'us-west1-a'
    72
    project ENV['GCP_PROJECT']
    73
    credential 'mycred'
    74
    end
    Copied!
    This example code is pulled from the Google Compute Engine Chef Cookbook.
    3.
    Set the appropriate environment variables. You can directly inline these values in the code; they are parameterized like this for your convenience.
    1
    # The service account key JSON file you uploaded earlier to
    2
    # '~/credentials.json'. However, CRED_PATH requires an absolute path.
    3
    export CRED_PATH='/home/USERNAME/credentials.json'
    4
    export GCP_PROJECT='YOUR_PROJECT_NAME'
    Copied!
    Feel free to experiment with more example code from any of the other Google Cloud cookbooks. (e.g. the Google Cloud SQL Chef Cookbook).

Deploy

Run Chef Client

On chef-workstation, run chef-client in 'local mode' with your recipe:
1
chef-client --local-mode --runlist 'recipe[google-cloud::default]'
Copied!
You should see output streaming by as the command operates. It should terminate with something like Chef Client finished, 2/8 resources updated in 35 seconds.
Awesome! You just provisioned a Compute Engine instance on Google Cloud using a single machine running Chef Client. You can check the status of your Compute Engine instance on the VM Instances page.

Cleaning up

After you've finished this tutorial, you can clean up the resources you created on Google Cloud Platform so you won't be billed for them in the future. The following sections describe how to delete or turn off these resources.

Deleting the project

The easiest way to eliminate billing is to delete the project you created for the tutorial.
To delete the project:
    1.
    In the Cloud Platform Console, go to the
    ​Projects page.
    2.
    Click the trash can icon to the right of the project name.
Warning: Deleting a project has the following consequences:
If you used an existing project, you'll also delete any other work you've done in the project. You can't reuse the project ID of a deleted project. If you created a custom project ID that you plan to use in the future, you should delete the resources inside the project instead. This ensures that URLs that use the project ID, such as an appspot.com URL, remain available.

Deleting instances

To delete your Compute Engine instances:
    1.
    In the Cloud Platform Console, go to the **[VM
    2.
    Click the checkbox next to the instances named chef-workstation,
    instance-test, and any other instances you may have provisioned via Chef.
    3.
    Click the Delete button at the top of the page to delete the instances.
You can use the gcloud command instead:
1
# Run on your local machine, _not_ the chef-workstation instance.
2
gcloud compute instances delete chef-workstation --zone us-east1-b
3
gcloud compute instances delete instance-test --zone us-east1-b
4
# Repeat with any other instances you may have made.
Copied!
Last modified 7mo ago