Chef Supermarket

[edit on GitHub]

Chef Supermarket is the site for community cookbooks. It provides an easily searchable cookbook repository and a friendly web UI. Cookbooks that are part of the Chef Supermarket are accessible by any Chef user.

There are two ways to use Chef Supermarket:

  • The public Chef Supermarket is hosted by Chef and is located at Chef Supermarket.
  • A private Chef Supermarket may be installed on-premise behind the firewall on the internal network. Cookbook retrieval from a private Chef Supermarket is often faster than from the public Chef Supermarket because of closer proximity and fewer cookbooks to resolve. A private Chef Supermarket can also help formalize internal cookbook release management processes (e.g. “a cookbook is not released until it’s published on the private Chef Supermarket”).

Public Supermarket

The public Chef Supermarket hosted by Chef is located at Chef Supermarket.

To interact with the public Chef Supermarket, use knife supermarket commands.

_images/public_supermarket.svg

Private Supermarket

The private Chef Supermarket is installed behind the firewall on the internal network. Outside of changing the location from which community cookbooks are maintained, it otherwise behaves the same as the public Chef Supermarket.

Note

The source code for Chef Supermarket is located at the following URLs:

Installing Private Supermarket

To install a Private Supermarket, see the instructions here.

Set up Workstation

Configure config.rb

The config.rb file on the workstation should be configured for use with the private Chef Supermarket.

To configure config.rb for the private Chef Supermarket, do the following:

  1. Open the config.rb file in an editor.

  2. Add the following setting:

    knife[:supermarket_site] = 'https://your-private-supermarket'
    
  3. Save and close the file.

Create a Cookbook

The following examples show how to create a simple cookbook by using the chef command that is built into the the Chef Development Kit.

Generate a chef-repo

To generate a chef-repo, run a command similar to:

$ chef generate repo my_chef_repo

Access the chef-repo using the cd command:

$ cd my_chef_repo

Generate a cookbook

Note

Duplicate cookbook names on Chef Supermarket are not allowed. So first verify that a cookbook name is available.

To create the my_apache2_cookbook cookbook, run the following command:

$ chef generate cookbook cookbooks/my_apache2_cookbook

Generate a template

To generate a template, run a command similar to:

$ chef generate template cookbooks/my_apache2_cookbook index.html

This will create a file named index.html.etb in the /cookbooks/my_apache2_cookbook directory. Open the file using a text editor to add content. For example, some HTML:

<html>
  <body>
    <h1>Chef Love!</h1>
  </body>
</html>

Save and close the file.

Create a recipe

The default.rb recipe is created when a cookbook is generated. A recipe is updated using a text editor. For example:

package 'apache2' # Installs the apache2 package

service 'apache2' do
  action [:start, :enable] # Starts and enables the apache2 service on boot
end

template '/var/www/html/index.html' do
  source 'index.html.erb' # Template for /var/www/html/index.html
end

Upload a Cookbook

To upload a cookbook to Chef Supermarket, do the following:

  1. Add a setting for Chef Supermarket to the config.rb file:

    knife[:supermarket_site] = 'https://your-private-supermarket'
    
  2. Resolve SSL errors by fetching, and then verifying the SSL certificate for Chef Supermarket:

    $ knife ssl fetch https://your-private-supermarket
    

    and then:

    $ knife ssl check https://your-private-supermarket
    
  3. Upload the cookbook to Chef Supermarket:

    $ knife supermarket share mycookbook "Other"
    

Share a Cookbook

$ knife supermarket share 'my_cookbook'

Troubleshoot SSL Errors

If an SSL error is returned similar to:

ERROR: Error uploading cookbook my_cookbook to the Opscode Cookbook Site: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. Increase log verbosity (-VV) for more information.

this is because Chef server version 12.0 (and higher) enforces SSL by default when sharing cookbooks. A private Chef Supermarket uses self-signed certificates by default. Use the knife ssl fetch and knife ssl check commands to resolve this error.

First fetch the SSL certificate for the private Chef Supermarket:

$ knife ssl fetch https://your-private-supermarket

and then:

$ knife ssl check https://your-private-supermarket

Re-share the cookbook. This time the message returned should be similar to:

Generating metadata for my_cookbook from (...)
Making tarball my_cookbook.tgz
Upload complete!

supermarket-ctl (executable)

The Chef Supermarket installations that are done using the Chef installer include a command-line utility named supermarket-ctl. This command-line tool is used to start and stop individual services, reconfigure the Chef Supermarket server, run smoke tests, and tail the Chef Supermarket log files.

For more information about the supermarket-ctl command line tool, see supermarket-ctl.

supermarket.rb

The supermarket.rb file contains all of the non-default configuration settings used by the Chef Supermarket. The default settings are built-in to the Chef Supermarket configuration, and should only be added to the supermarket.rb file to apply non-default values. These configuration settings are processed when the supermarket-ctl reconfigure command is run. The supermarket.rb file is a Ruby file, which means that conditional statements can be used in the configuration file.

For more information about the supermarket.rb file, see supermarket.rb.

Supermarket API

The Supermarket API is used to provide access to cookbooks, tools, and users on the Chef Supermarket. All of the cookbooks, tools, and users on the Supermarket are accessible through a RESTful API by accessing supermarket.chef.io/api/v1/ via the supported endpoints. In most cases, knife is the best way to interact with the Supermarket; however in some cases, direct use of the Supermarket API is necessary.

For more information about the Supermarket API, see Supermarket API.

fieri

Fieri is an optional service what will check cookbook versions for certain metrics to determine the quality of the cookbook.

If you are using a private Chef Supermarket, you can activate the Fieri service like this:

  1. Add Fieri to your features attribute.

    ['supermarket_omnibus']['config']['features'] = "tools,github,announcement,fieri"
    
  2. Add the following Fieri attributes:

    ['supermarket_omnibus']['config']['fieri_key'] = "#{random string you generate}"
    ['supermarket_omnibus']['config']['fieri_supermarket_endpoint'] = "#{your_supermarket_url}"
    
  3. Reconfigure your Supermarket.

    (your-supermarket-node) $ sudo supermarket-ctl reconfigure
    (your-supermarket-node) $ sudo supermarket-ctl restart
    

After doing these steps, you should see a “Quality” tab when viewing a cookbook through the Supermarket UI. Click on this tab and you will see the results of the metrics run by Fieri.