Chef And Microsoft Windows

Chef and Microsoft Windows are getting very popular. As chef practitioner, you must learn how chef works on Microsoft Windows. As you know that the client-side components of Chef are written in Ruby. Ruby is a cross-platform by nature, thus support for Windows is as straightforward as support for Linux and UNIX-like systems. It has been around for quite some time now, dating back to the release of the knife-windows gem circa 2011.

Chef uses Ruby as the scripting language on client systems, and because of this, it is capable of running anywhere Ruby is supported. This alone makes Chef a very capable tool for managing a combination of different operating systems.

Chef goes one step further by providing you with a domain-specific language (DSL) that makes writing recipes for interacting with Windows hosts look no different than UNIX-like platforms. With the exception of some resource names and paths and the existence of Windows-specific resources such as the Windows Registry, recipes are almost drop-in compatible with either platform. This means that the wide variety of existing cookbooks and recipes available for Chef are available to use with little or no modification.

Chef and Microsoft Windows Server & Client

It's also important to note that while a lot of focus on server management, cloud scaling, and so on, Chef is not reserved solely for managing servers; it can be used to manage client workstations as well. With the available resources, you can just as easily install and configure desktop applications, import registry settings, manage users, set up printers, and so on.

Chef on Windows - Interacting with end hosts

Where Linux-based systems can execute commands over SSH, Windows platforms have an additional mechanism called Windows Remote Management (WinRM). In the same way that you would leverage knife ssh for Linux systems, knife winrm is available to execute commands remotely on a Windows host using the WinRM protocol. For example, one might execute the following command for connecting to Linux hosts:

knife ssh "role:mysql" "chef-client" --sudo x ubuntu

The following command would connect to Windows hosts in the same role:

knife winrm "role:mysql" "chef-client" x  Administrator

As you can see, the winrm subcommand supports executing a command on any number of hosts that match the supplied search criteria just like the ssh subcommand. While the protocol for communicating with the hosts may be different, the mechanism for interacting with them via knife remains consistent.

Bootstrapping Windows hosts

Bootstrapping a host is intended to prepare a host for, and complete registration with, the Chef service (be it your own Chef server or a hosted installation). Hosts that are being bootstrapped typically contain nothing more than a bare OS installation; however, it is also possible to bootstrap hosts that have existing software configurations. The bootstrapping script is responsible for performing the following functions:

Installing Ruby 1.8.7 with RubyGems
Installing the RubyInstaller Development Kit (DevKit)
Installing Windows-specific gems to support Chef
Installing Chef from RubyGems.org
Writing out the validation key into C:\chef\validation.pem
Optionally writing out an encrypted data bag secret
Writing the default configuration file for Chef in C:\chef\client.rb
Creating the initial run-list JSON file in C:\chef\first-boot.json

An example of bootstrapping a Windows host using the Windows Remote Management protocol might look like the following command:

knife bootstrap windows winrm windowshost.domain.com -x Administrator

This command will connect to windowshost.domain.com as Administrator via the Windows Remote Management protocol and then run the commands in the Windows bootstrap script.

Scaling with cloud providers

By combining the ability to automatically bootstrap a Windows system with a provider that supplies Windows virtual hosts, you can integrate cloud servers into your infrastructure with ease. Chef has existing support for using Azure, AWS, and Rackspace APIs to manage cloud infrastructure including starting, stopping, and provisioning new instances with those services automatically. If you are using a service that is currently unsupported, it is entirely possible to develop a plugin to provide integration with that provider. Through Chef, you can manage a collection of on-site and off-site hosts with a mix of physical and virtual servers with ease. This means that you can bring up new servers in a much shorter period of time when you need them and do away with them when they are not in use, saving you both time and money

Scripting with PowerShell

Modern Windows systems come with the PowerShell runtime, an incredibly powerful tool for interacting with the system. Naturally, as Chef is a developer-oriented way of managing systems, writing scripts to execute on end hosts is a convenient and flexible way of extending Chef's functionality. Chef provides a mechanism for executing PowerShell scripts in Windows in the same way it supports running Bash scripts on a Linux host. A very trivial example might be the following PowerShell script that writes a line of text into a file:

powershell "say-hello" do  
code -EOH  
$stream = [System.IO.StreamWriter]"C:\hello.txt"       $stream.WriteLine("Hello world!")  
$stream.Close()  
EOH end

The preceding code allows you to exercise the full power of PowerShell from within your recipes by executing scripts you define on the managed systems. These scripts can even be dynamically generated from configuration data and other variables in your recipes.

Working with Windows-specific resources

There are a handful of resources that Chef provides on a Windows system that is specific to Windows. Chef can automatically determine which type of host a recipe is being executed on and perform a different set of actions based on the host type. For example, the installation of a particular software package such as MySQL may be mostly identical between hosts but requires slightly different settings or needs to store Registry settings on a Windows system. Some of the resources that are specific to Windows include the following:

Batch scripts
PowerShell scripts
Autorun scripts
Software packages (MSIs, installers, and so on)
Printers
Windows Registry
Network paths
System tasks