Chef Workstation

Chef Workstation collects everything you need to get started with Chef into a single, easy-to-install package. Chef Workstation includes InSpec and chef-run, giving you the ability to start scanning and configuring your estate in minutes.

Run Ad Hoc Configuration Tasks with chef-run

The chef-run utility allows you to execute ad hoc configuration updates on the systems you manage without needing to first set up a Chef server. With chef-run, you connect to servers over SSH or WinRM, and can apply single resources, recipes, or entire cookbooks directly from your local workstation.

Example: Installing NTP

Chef Workstation combines the power of InSpec and chef-run to give you the ability to easily detect and correct issues on any target instance. A common task an environment maintainer might have to perform is ensuring that the Network Time Protocol (NTP) is installed so that clocks are kept in sync between servers. InSpec allows us to simply query whether the package is installed via its package resource:

 describe package('ntp') do
   it { should be_installed }
 end

Chef provides a similar single-resource solution for ensuring the package is installed:

 package 'ntp' do
   action :install
 end

With chef-run, we can converge targets against a single resource without needing to create a cookbook or recipe – the resource can be run directly from the commandline like so:

 chef-run myhost package ntp action=install

Combined with the InSpec resource to validate whether the package was installed successfully, we have everything we need to define our requirements, and make sure they’re met with two simple commmands. Embed the above InSpec control (describe package) into a local InSpec profile to perform the following InSpec command. To learn more about creating InSpec profiles, check out the Compliance Automation track in Learn Chef Rally.

Chef Run NTP Installation

Recipe and Multi-Node Convergence

Chef Run can execute Chef recipes and cookbooks as well, and run against multiple targets in parallel. Here are a few other examples of chef-run in action.

Example: Recipe execution on multiple targets

Runs the default recipe from the defined cookbook against myhost1 & myhost2

chef-run myhost1,myhost2 /path/to/my/cookbook

Example: Alternate Recipe syntax and targets defined by a range

Runs the my_cookbook::my_recipe cookbook against servers myhost1 through myhost20

chef-run myhost[1:20] my_cookbook::my_recipe

Includes Everything in the Chef Development Kit

In addition to chef-run and InSpec, Chef Workstation includes all of the powerful cookbook creation, testing, and dependency management tools built into the ChefDK. This includes:

  • chef-client: an agent that configures your nodes
  • Ohai: a tool for collecting system profiling data
  • chef and knife: command-line utilities for generating Chef cookbooks and managing node configurations respectively
  • Test Kitchen: a testing harness for rapid validation of Chef code
  • InSpec: Chef’s open source security & compliance automation framework

A full list of tools collected in ChefDK can be found in the extended documentation

Learn More About Chef Workstation

Check out the Chef Workstation docs for more information on getting started, frequently asked questions, troubleshooting information, and more!