How to get started with Chef Automate and AWS OpsWorks

As you may be aware this month during the AWS conference it was announced AWS OpsWork for Chef Automate. You may be wonder what this means for you and how it helps. I think this is a easy way to get started with CHEF and get your organization excited about the product.

Now, if you ask yourself does this works only with AWS ? The answer is no, you can have your clients talking to the CHEF Automate server from your on-prem datacenter or any other cloud provider. The only requirement is that the clients need to be able to connect to the server via HTTP(443).

  1. Login to your AWS console and click on OpsWorks2016-12-04_14-43-37
  2. Now click on create Chef Automate
    Choose a server name
    The instance size will point out how many nodes can manage. Remember you can have as many Chef Automate servers as you want. I would guess as time passes there are going to be more available regions
  3. I would recommend to connect select an SSH key in case you need to connect but it is not necessary at all
  4. Now will select you security, VPC, settings, subnet settings. The cool thing is that AWS will take care of updates to Chef Automate and you have to choose a maintenance window.

    A backup service is also included that window that you will select when to backup

  5. The process to create and configure the server takes around 20 minutes2016-12-04_14-56-59.png
  6. Click download the credentials but we will reset the password later on. This credential is to access the Chef web console.
  7. Click on Chef Automate dashboard
  8. Now to change the password click on admin on the top center pane and then click on the pencil next to admin
  9. You will need add first name, last name and email address if you want to change the password
  10. Now go back to AWS and click on download Starter Kit. This files are going to allow you communicate and configure your Chef Automate server
  11. Now we need to setup your local computer. You will need to download the CHEFDK from and choose the Operating System. This needs to be computer different than the CHEF Automate server. In Chef terms this is called a workstation. I will install the CHEFDK on my Windows 10 computer


    To install it just follow the prompts on the screen. To make sure it was installed properly open PowerShell window and type “chef verify”


    If everything is ok each component should say succeeded

  12. Create a new folder in the root of the C:\ drive called chef-repo
  13. Now unzip the content of the starter kit and move all the files from the folder into the chef-repo
  14. In order to interact with Chef server there is a tool called Knife. This tool allows you to manage the server via cli. For information about Knife click here

    You can run the following command to make sure you are communicating to CHEF server without problems “knife opc org list”. It should return default

    For a list of knife commands just type knife

  15. Let’s upload some cookbooks from the Chef supermarket. The Chef supermarket is a repository of cookbooks maintain by CHEF and the community. For information go to

    The easy way to upload cookbooks to the Chef Automate server is by using a tool called berks. This allow you to upload cookbook but it will also grab and dependencies on other cookbooks.

    On the c:\chef-repo folder there is file called berksfile. If you open it you can see what includes

  16. By default it will only add the chef-client cookbook to the Chef Automate server. In order to add more cookbooks just add a cookbook name
  17. Now run berks install
  18. Now that you have downloaded the cookbooks locally, it is time to upload them to chef server by running the following command
    berks upload --ssl-verify false


  19. The way to verify that the cookbooks are on the Chef Automate server
    – You can run

    knife cookbook list2016-12-04_17-19-13
  20. Now that we have some cookbook uploads lets bootstrap the chef client to a Linux sever. I already have a linux ec2 instance ready to get bootstrap and make sure you have ssh keys to authenticate against the node
    knife bootstrap -i my.pem -N test -x ec2-user --sudo

    -i = ssh key
    -N = Name of the node as is going to be reference in Chef Automate server
    -x = username


  21. Now if you check the Check the Chef Automate server you will see your managed node
  22. Login to you instance and run the following command to run the ntp cookbook to install and configure ntp
    sudo chef-client -r ntp


    You can also check on the web site what happened

  23. On the linux server if you run ntpq -p you can query the status

As you can see it is pretty easy to get going to start testing the Chef  Automate capabilities in conjunction with AWS. You also have the options to configure different environments, integrate with external repo like Github and Bitbucket and take advantage of the built-in pipeline

For more information about this offering you can go here



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s