Chef is a popular configuration management tool developed in Ruby. It helps you create recipes that define how Chef should manage your infrastructure and applications. You can also use Chef to manage your Azure infrastructure. In today's post, I will give a short overview of Chef and show you how to install it on Windows.
Follow me:
Latest posts by Anil Erduran (see all)

There are plenty of online resources to get up to speed on Chef. To get started, you can read this overview of the Chef components. In this series, I will focus mostly on managing Azure with Chef. In the upcoming posts, we are going to create recipes, cookbooks, and templates.

Chef overview ^

To automate your infrastructure in terms of configuration, deployment, and management, Chef uses small units of policies and configurations called cookbooks. In a cookbook, you can find several components like recipes, files, libraries, templates, and so on. A recipe is the most fundamental component in a cookbook and is simply a collection of resources that defines all requirements to configure a subset of your infrastructure. Chef maintains a collection of cookbooks, but you can also use thousands of community-maintained cookbooks with Chef.

To develop and test your cookbooks, you have to have at least one workstation. You need to use Chef Development Kit (ChefDK) on this workstation in order to have the required set of tools, including command-line utilities such as chef and knife. You can also use the popular Test Kitchen tool to test cookbook data across different platforms.

As a quick side note, you can also decide to install ChefDK on your target node and start managing it directly without needing a remote workstation.

Once you are ready to go, with a cookbook developed on a workstation, the next step is to upload cookbooks from the workstation to the Chef server.

Chef architecture

Chef architecture

The Chef server is the main management node for all configuration, including data collected from nodes via chef-clients. Each management node has chef-client installed to perform tasks and pull data from the Chef server. Once chef-client receives all data from the Chef server, including recipes and templates, it then tries to run configuration tasks on the nodes themselves.

This is a very high-level overview of Chef architecture. Now I'll discuss the requirements to configure a Windows workstation and start developing our first cookbook for Azure infrastructure.

Install Chef on Windows ^

First, you need to create a folder structure for the Chef toolsets and cookbooks. This is important because we will be defining these paths in some of the configuration files later.

Before installing Chef on your workstation,

  • Create the directory C:\Chef.
  • Create the subfolder C:\Chef\cookbooks.

Next, you need your Azure publishing settings so the knife-azure plugin can securely access your Azure subscription. You can download your publish settings for a particular Azure subscription from here.

That's actually an XML file that includes your subscription ID and management certificate. We will talk about how to provide these details to the knife tool shortly. You should save your publish settings file in the C:\Chef folder.

Next, if you haven't registered yet, you need to sign up for a Chef account and create your first organization.

Registering for Chef

Registering for Chef

You can provide Full and Short Names for your organization. Once you create a new organization, Chef will assign you validation keys.

Creating your first Chef organization

Creating your first Chef organization

Now it's time to install the Starter Kit for your account. If you already own an account and organization, you can simply hit the Administration tab and click Starter Kit to start download it again. This will reset your user key.

Downloading the Chef Starter Kit

Downloading the Chef Starter Kit

After downloading the .zip file, extract it to the C:\Chef folder created earlier. You should also copy all the content from the chef-starter\chef-repo\.chef folder to the C:\Chef directory.

At the end of all of these tasks, you should end up with your Azure publish setting file, .pem file, and knife.rb configuration file in the C:\Chef folder.

Next, we need to edit the knife.rb file. The knife command-line tool comes with ChefDK and sits between the Chef server and the workstation to manage nodes, cookbooks, and resources. The knife.rb file is the actual configuration for knife and loads each time the executable runs.

In the knife.rb file, we need to correct the cookbook path by removing "/../" to reference the cookbook's directory. We should also add the azure_publish_settings_file parameter to specify the Azure publish file location.

knife.rb configuration file content

knife.rb configuration file content

There are also some other options to define your Azure settings. If you don't want to provide your Azure publish settings file here, you can use the parameters below to define all requirements in the configuration file manually.

knife[:azure_subscription_id]= "bc535ad5b-e3ce-4jhcd-976a-126p990fd34"
knife[:azure_mgmt_cert]= cert.pem

You can find all of these values in the publish settings file.

Next, we need to install Chef Development Kit on our workstation computer. ChefDK is the collection of all tools and components needed to start developing your infrastructure-automation code. These tools are also useful to test all the code on your local workstation before deploying it in production.

Installing Chef Development Kit

Installing Chef Development Kit

After the installation, you will have the chef command-line tool available.

Testing your Chef installation ^

The Chef command line tool on Windows

The Chef command line tool on Windows

The next important thing is to verify the PATH environment variables for the Ruby and ChefDK bin directories. If you don't have these environment variables set, you will not be able to achieve most of the tasks on a Windows workstation.

You can run the (Get-Command ruby).path command to check the path for the Ruby script engine.

Getting the Ruby script engine path

Getting the Ruby script engine path

Then either through the GUI or by using PowerShell (PS), you should verify the following in the PATH environment variable and add it if necessary.


Next, we need to install the required files for Azure interactions. We can use the chef gem install command to install the knife plugins and drivers. We are going to use the knife-azure plugin, which helps us to create, delete, and enumerate Azure resources.

chef gem install knife-azure ––pre
Installing the knife azure plugin

Installing the knife azure plugin

Let's check the details of the installed plugin using the chef gem content command:

Verifying the knife azure plugin

Verifying the knife azure plugin

As the final step, we can list the available Azure images using the knife azure image list command to see if everything works as expected.

Listing Azure images with knife

Listing Azure images with knife

Let's list all classic virtual machines (VMs) on my Azure subscription:

Subscribe to 4sysops newsletter!

knife azure server list
Listing Azure images with knife

Listing Azure images with knife

The knife-azure plugin is working fine. In the next part, we are going to create our first cookbook and template.

1 Comment
  1. Mangesh 5 years ago


    Thanks for shearing this guideline document.

    I have some issue to configure chef-workstation, I followed all steps mention but still not able to execute any “knife azure * ” command.

    c:\chef>knife azure image list
    FATAL: Cannot find subcommand for: ‘azure image list’
    Available subcommands: (for details, knife SUB-COMMAND –help)

    c:\chef>knife -version
    ERROR: You need to pass a sub-command (e.g., knife SUB-COMMAND)

    Chef: 13.0.118

    C:\chef>chef gem list chef-dk

    *** LOCAL GEMS ***

    chef-dk (2.0.26)

    c:\chef>chef gem content knife-azure

    Please let me know your suggestion , where I went wrong, so I will correct that.

    Thanks in advanced!!

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account