A chef-client is an agent that runs locally on every node that is registered with the Chef Server. When a chef-client is run, it will perform all of the steps that are required to bring the node into the expected state, including:
- Registering and authenticating the node with the Chef Server
- Building the node object
- Synchronizing cookbooks
- Compiling the resource collection by loading each of the required cookbooks, including recipes, attributes, and all other dependencies
- Taking the appropriate and required actions to configure the node
- Looking for exceptions and notifications, handling each as required
The chef-client executable can be run as a command-line tool.
A client.rb file is used to specify the configuration details for the chef-client. This file is the default configuration file and is loaded every time the chef-client executable is run. The chef-client executable can be run as a daemon. The configuration file is located at: /etc/chef/client.rb.
This command has the following syntax:
chef-client OPTION VALUE OPTION VALUE ...
This command has the following options:
- -A, --fatal-windows-admin-check
- Indicates that a Chef run should fail if the chef-client does not have administrator privileges in Microsoft Windows.
- -c CONFIG, --config CONFIG
- The configuration file to use.
- -d, --daemonize
- Indicates that the executable will be run as a daemon. This option is only available on machines that run in UNIX or Linux environments. For machines that are running Microsoft Windows that require similar functionality, use the chef-client::service recipe in the chef-client cookbook: http://community.opscode.com/cookbooks/chef-client. This will install a chef-client service under Microsoft Windows using the Windows Service Wrapper.
- -E ENVIRONMENT_NAME, --environment ENVIRONMENT_NAME
- The name of the environment.
- -f, --fork
- Indicates that a Chef run will be contained in a secondary process with dedicated RAM. When the Chef run is complete the RAM will be returned to the master process. This option helps ensure that a chef-client will use a steady amount of RAM over time because the master process will not run recipes. This option will also help prevent memory leaks (such as those that can be introduced by the code contained within a poorly designed cookbook).
- -F FORMATTER, --format FORMATTER
- The output format.
- Indicates that formatter output will be used instead of logger output.
- Indicates that logger output will be used instead of formatter output.
- -g GROUP, --group GROUP
- The group that owns a process. This is required when starting any executable as a daemon.
- -h, --help
- Shows help for the chef-client.
- -i SECONDS, --interval SECONDS
- The interval at which the chef-client is run. This value is configured for the chef-client application run time, rather than in the Chef::Config. Default value: 1800.
- -j JSON_ATTRIBS, --json-attributes JSON_ATTRIBS
- Use to override attributes that are set from other locations, such as from within a cookbook or by a role. The value must be entered as JSON data.
- -k KEY_FILE, --client-key KEY_FILE
- The location of the file which contains the client key. Default value: /etc/chef/client.pem.
- -K KEY_FILE, --validation_key KEY_FILE
- The location of the file which contains the key used when a chef-client is registered with a Chef Server. A validation key is signed using the validation_client_name for authentication. Default value: /etc/chef/validation.pem.
- -l LEVEL, --log_level LEVEL
- The level of logging that will be stored in a log file: debug, info, warn, error, or fatal.
- -L LOGLOCATION, --logfile c
- The location in which log file output files will be saved. If this location is set to something other than STDOUT, standard output logging will still be performed (otherwise there would be no output other than to a file). Default value: STDOUT. This is recommended when starting any executable as a daemon.
- Use --no-color to disable colored output. Default setting: --color.
- -N NODE_NAME, --node-name NODE_NAME
- The name of the node.
- -o RUN_LIST_ITEM, --override-runlist RUN_LIST_ITEM
- Replace the current run list with the specified items.
- Indicates that the chef-client is run once and that interval and splay options are cancelled.
- -P PID_FILE, --pid PID_FILE
- The location in which a process identification number (pid) is saved. An executable, when started as a daemon, will write the pid to the specified file. Default value: /tmp/name-of-executable.pid.
- -R, --enable-reporting
- Indicates that data collection reporting during Chef runs is enabled.
- -s SECONDS, --splay SECONDS
- A number (in seconds) to add to the interval that is used to determine the frequency of chef-client runs. This number can help prevent server load when there are many clients running at the same time. Default value: nil.
- -S CHEF_SERVER_URL, --server CHEF_SERVER_URL
- The URL for the Chef Server.
- -u USER, --user USER
- The user that owns a process. This is required when starting any executable as a daemon.
- -v, --version
- Shows the version of Chef.
- -W, --why-run
- Indicates that the executable will be run in whyrun mode, which is a Chef run that does everything except modify the system. Use whyrun mode to understand why Chef makes the decisions that it makes and to learn more about the current and proposed state of the system.
Start a Chef run when the chef-client is running as a daemon
A chef-client that is running as a daemon can be woken up and started by sending the process a SIGUSR1. For example, to trigger a Chef run on a machine running Linux:
$ sudo killall -USR1 chef-client
Start a Chef run manually
$ ps auxw|grep chef-client
to return something like:
root 66066 0.9 0.0 2488880 264 s001 S+ 10:26AM 0:03.05
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby /usr/bin/chef-client -i 3600 -s 20
and then enter: