Register chef-client in AWS Autoscaling

24 / Jun / 2015 by Vikash Jha 1 comments

Recently, I was trying to implement a use case wherein, the server launched by an autoscaling group should automatically connects to chef server and register itself as node.

The Problem Statement:

How to install Chef Client on a node launched by aws autoscaling group?

Step 1. Prepare AMI with chef-client installed

To install chef-client on a node, we’ll use knife bootstrap command from our chef Workstation.

Installing Chef Client

[shell]knife bootstrap Public_IP -x ubuntu -i ~/Downloads/pemfile.pem –sudo [/shell]

This command will install a chef-client on a Public_IP node.

Once the chef-client is installed, it creates few files inside /etc/chef/ directory of the node.

a) client.rb: Configuration files used by chef-client.
log_level :info
log_location STDOUT
chef_server_url ‘’
validation_client_name ‘organizationsName-validator’
client_key ‘/etc/chef/client.pem’
node_name ”

This file contains:

chef_server_url: This is the URL of the chef server. Change this with your Chef Server URL.

validation_client_name: This is the name of pemfile file in /etc/chef/ that chef-client uses during the first run to communicate with chef-server.

client_key: chef-client uses client.pem to authenticate every request with chef-server.

b) validation.pem: Chef-client uses validation.pem file for the first time to communicate with the chef-server.

c) client.pem: Once the chef-client registered, after that each request to the chef server is authenticated by using client.pem file.

Now, you have the chef server installed on your node. You can create an AMI from this node.

Step 2. Update the Launch Config associated with autoscaling group.

Once you created an AMI, then you need to update the launch config to use the ami-id created in Step 1.

Step 3. Configure “userdata” scripts to register node with chef server launched during autoscaling.

We’re using the shell scripts mentioned below to bootstrap our instances in autoscaling.

1) _node_name: node name should be identical, so we are using prefix with instance-id.

2) Delete the existing client.pem: Since we are using an AMI for every launch which already contains an old client.pem. We have to delete the existing client.pem as this file automatically generates once we run chef-client on a node.

3) Execute chef-client: [shell] sudo chef-client -N "$_node_name" -o role["webserver"] [/shell]

-o is used to call a recipe. In this case we have created a role which contains a bunch of recipes to be called whenever chef-client runs.


#### Configuring Chef Client #####

_node_name="NodeName-`ec2metadata –instance-id`"
sudo rm -rf /etc/chef/client.pem
echo "node_name ‘$_node_name’" >> /etc/chef/client.rb
sudo chef-client -N "$_node_name" -o role["webserver"]

If everything works well, node get’s registered with chef server and you can see the node in the Chef Server Management Console.


comments (1 “Register chef-client in AWS Autoscaling”)

  1. Ajeet

    I used this method, but the subsequent chef-client command will fail on nodes as there is no value of node_name present in client.rb file and chef-client will try to use the default node_name i.e. node fqdn


Leave a Reply

Your email address will not be published. Required fields are marked *