Information Technology Reference
In-Depth Information
up for Hosted Chef Server. If you registered with the username “seth” and the organization
“houseofbacon”, your
.chef
directory would contain:
▪
seth.pem
▪
houseofbacon.pem
▪
knife.rb
The
<username>.pem
file is a unique identifier used to authenticate
you
against Chef Server.
This should be treated like a password; do not share it with anyone, and do not alter the con-
tents of the file.
The
<organization>.pem
file is a unique identifier used to authenticate
your organization
against Chef Server. This should be treated like a password, but it must also be shared among
all your Chef developers. Anyone needing access to your Chef organization will also need a
copy of this file. Do not alter the contents of this file, either.
RSA KEY-PAIRS
The
.pem
files are RSA private keys generated during the signup process. Chef generates an RSA
key-pair for your username and your organization. Those private keys are packaged into your ZIP
download. The associated public keys are stored on the Hosted Enterprise Chef Server and used
to authenticate you and your organization when making requests to Chef Server.
Unlike the
.pem
files, the
knife.rb
file is meant to be edited, altered, and customized. The
knife.rb
file is recognized as Ruby and read by Chef when it issues commands:
current_dir
=
File
.
dirname
(
__FILE__
)
log_level
:info
log_location
STDOUT
node_name
"<username>"
client_key
"
#{
current_dir
}
/<username>.pem"
validation_client_name
"<organization>-validator"
validation_key
"
#{
current_dir
}
/<organization>-validator.pem"
chef_server_url
"https://api.opscode.com/organizations/<organization>"
cache_type
'BasicFile'
cache_options
(
:path
=>
"
#{
ENV
[
'HOME'
]
}
/.chef/checksums"
)
cookbook_path
[
"
#{
current_dir
}
/../cookbooks"
]