Chef

Top 50 Chef interview questions and answers

February 16, 2022 1 Comment
Chef

Table of Contents

1.Q) What Is A Resource?


Ans: A resource represents a piece of infrastructure and its desired state, such as a package that should be installed, a service that should be running, or a file that should be generated.

2.Q) What Is A Recipe?


Ans: A recipe is a collection of resources that describes a particular configuration or policy. A recipe describes everything that is required to configure part of a system. Recipes do things such as:

Install and configure software components.
Manage files.
Deploy applications.
Execute other recipes.

3.Q) What Happens When You Don’t Specify A Resource’s Action?


Ans: When you don’t specify a resource’s action, Chef applies the default action.

4.Q) Write A Service Resource That Stops And Then Disables The Httpd Service From Starting When The System Boots?


Ans:

Service ‘httpd’ do
Action
End

5.Q) How Does A Cookbook Differ From A Recipe?


Ans: A recipe is a collection of resources, and typically configures a software package or some piece of infrastructure. A cookbook groups together recipes and other information in a way that is more manageable than having just recipes alone. For example, in this lesson you used a template resource to manage your HTML home page from an external file. The recipe stated the configuration policy for your web site, and the template file contained the data. You used a cookbook to package both parts up into a single unit that you can later deploy.


6.Q) How Does Chef-apply Differ From Chef-client?


Ans: Chef-apply apply a single recipe; chef-client applies a cookbook. For learning purposes, we had you start off with chef-apply because it helps you understand the basics quickly. In practice, chef-apply is useful when you want to quickly test something out. But for production purposes, you typically run chef-client to apply one or more cookbooks.


7.Q) What’s The Run-list?


Ans: The run-list lets you specify which recipes to run, and the order in which to run them. The run-list is important for when you have multiple cookbooks, and the order in which they run matters.


8.Q) What Are The Two Ways To Set Up A Chef Server?

Ans:

Install an instance on your own infrastructure.
Use hosted Chef.

9.Q) What’s The Role Of The Starter Kit?


Ans: The Starter Kit provides certificates and other files that enable you to securely communicate with the Chef server.


10.Q) What Is A Node?


Ans: A node represents a server and is typically a virtual machine, container instance, or physical server – basically any compute resource in your infrastructure that’s managed by Chef.


11.Q) What Information Do You Need To In Order To Bootstrap?


Ans: You need:

Your node’s host name or public IP address.
A user name and password you can log on to your node with.
Alternatively, you can use key-based authentication instead of providing a user name and password.

12.Q) What Happens During The Bootstrap Process?


Ans: During the bootstrap process, the node downloads and installs chef-client, registers itself with the Chef server, and does an initial check in. During this check in, the node applies any cookbooks that are part of its run-list.


13.Q) Which Of The Following Lets You Verify That Your Node Has Successfully Bootstrapped?

Ans:

The Chef management console.
Knife node list
Knife node show
You can use all three of these methods.

14.Q) What Is The Command You Use To Upload A Cookbook To The Chef Server?


Ans: Knife cookbook upload.


15.Q) How Do You Apply An Updated Cookbook To Your Node?


Ans: We mentioned two ways. Run knife Ssh from your workstation. SSH directly into your server and run chef-client. You can also run chef-client as a daemon, or service, to check in with the Chef server on a regular interval, say every 15 or 30 minutes. Update your Apache cookbook to display your node’s host name, platform, total installed memory, and number of CPUs in addition to its FQDN on the home page. Update index.html.erb like this. hello from <%= node %>< /h1> <%= node %> <%= node %> – <%= node %>

<%= node %> RAM

<%= node %> CPUs

Then upload your cookbook and run it on your node.


16.Q) What Would You Set Your Cookbook’s Version To Once It’s Ready To Use In Production?


Ans: According to Semantic Versioning, you should set your cookbook’s version number to 1.0.0 at the point it’s ready to use in production.


17.Q) Create A Second Node And Apply The Awesome Customers Cookbook To It. How Long Does It Take?


Ans: You already accomplished the majority of the tasks that you need. You wrote the awesome customers cookbook, uploaded it and its dependent cookbooks to the Chef server, applied the awesome customers cookbook to your node, and verified that everything’s working. All you need to do now is:

Bring up a second Red Hat Enterprise Linux or Centos node.
Copy your secret key file to your second node.
Bootstrap your node the same way as before. Because you include the awesome customers cookbook in your run-list, your node will apply that cookbook during the bootstrap process.
The result is a second node that’s configured identically to the first one. The process should take far less time because you already did most of the work.
Now when you fix an issue or add a new feature, you’ll be able to deploy and verify your update much more quickly!

18.Q) What’s The Value Of Local Development Using Test Kitchen? Ans: Local development with Test Kitchen:

Enables you to use a variety of virtualization providers that create virtual machine or container instances locally on your workstation or in the cloud.
Enables you to run your cookbooks on servers that resemble those that you use in production.
Speeds up the development cycle by automatically provisioning and tearing down temporary instances, resolving cookbook dependencies, and applying your cookbooks to your instances.

19.Q) What are the responsibilities of system administrators in an organization?

Answer: System administrator is responsible for effective planning, installation, configuration, and optimizing the IT infrastructure to achieve high availability and performance.

20.Q) What do you mean by IT infrastructure?

Answer: IT infrastructure includes all the physical hardware such as systems, servers, network systems, switch, routers, legacy interfaces and facilities like data centers, data storage, and its retrieval and all the elements that are utilized to manage and use data and information securely to protect business goals of an organization.

21.Q) Explain about Chef Desktop

Answer: It helps control IT resources like laptops, desktops, and kiosk workstations remotely from a centralized location. It automates deployment, management, and secures the maintenance of IT resources. It automates tasks such as implementing policy-driven configuration and eliminates manual time-consuming processes.

22.Q) What are the features of Chef Compliance?

Answer: Chef Compliance helps enforce and maintain compliances and prevent security incidents with standard audit and remediation content across heterogeneous estates to provide visibility and control across hybrid and multi-cloud environments.

23.Q) How Chef Infra is used by the DevOps team in Infrastructure management?

Answer: Chef Infra automates configuration of infrastructure, ensures consistent, correct, flexible, testable, versionable, and human-readable configuration policy, and any modification in configuration will be applied universally across the entire infrastructure.

24.Q) Explain the features of Chef Habitat.

Answer: It offers automation in defining, packaging, and delivering applications to any environment, irrespective of deployment platform or operating system. It creates deployable artifacts for virtual machines or containers without refactoring or rewriting. It also helps scale the adoption of agile delivery practices across operations and development.

25.Q) Explain the importance of Chef Inspec in compliance with automation.

Answer: Chef Inspec provides security and compliance rules across security engineers, operations, and software developers. It enforces consistent standards in the managed environment and in each stage of development by running automated tests for compliance, security, and other policy requirements across servers, containers, and cloud APIs.

26.Q) Explain the use of Recipe in Chef.

Answer: Recipe is a collection of resources that decides the policy or configuration of a node. To run a recipe, it must reside on the node’s run list. They are created using Ruby and have all the instructions about everything that is required to run, update, or create on Chef Client’s node.

27.Q) What does a Node represent in Chef?

Answer: Node can be any device, physical, virtual, cloud, or network device managed by Chef Infra.

Physical node can be either an on-premise server or a virtual machine connected to a network and can send, receive, and forward the information over the Internet.
Virtual node is a physical machine that runs as software implementation.
Cloud-based node is an external cloud-based service that is hosted with Amazon web services, Google Cloud Platform, or Microsoft Azure. Chef Infra client is installed to deploy, maintain, or configure these instances created with plug-in with the help of the knife tool.
Network node is a network device such as a switch, a router, connected to physical or logical Ethernet and VLANs, for Chef to automate common network configurations.

28.Q) What is the role of OHAI in Chef?

Answer: OHAI is a tool that Chef Infra runs and collects system configuration data used within Cookbooks. It detects common configuration details with help of built-in plug-in. It also collects attributes from Operating System, Network, Memory, Disk, CPU, Kernel, Hostnames, and Cloud provider metadata.

29.Q) Explain the use of Knife in Chef.

Answer: Knife is a command-line tool that acts as an interface between Chef Workstation and Chef Server where it helps Chef Workstation to communicate the content of its chef-repo directory with a Chef Server. Chef-Workstation contains the chef-repo directory where cookbooks, roles, data bags, and environments are stored.

With Knife commands users can manage (create, delete, edit, list, show) nodes, roles, JSON data storage, environments, cookbooks and recipes, cloud resources using Knife plug-ins.

30.Q) Explain dpkg_package resource.

Answer: To manage packages for dpkg platform, on a node, dpkg program from the Debian package applies to install, remove, and retrieve information about .deb packages. Various actions such as :install, :nothing, :remove of dpkg_package resource are used to manage Debian package.

31.Q) List types of handlers in Chef.

Answer: ‘Chef_handler’ resource makes sure that all the handlers are enabled and are available for Chef Infra Client run. The Chef handlers are of three types.

These are listed below:

Exception Handler
Report Handler
Start Handler

32.Q) Explain the Exception handler in Chef.

Answer: When Chef Infra client fails while running, this handler can be used at Chef Infra Client run where a recipe containing chef handler resource is added to node’s run-list. Exception handler runs with run_status object, returning its property value for ‘failed?’ as true.

33.Q) Explain Report handler in Chef.

Answer: When Chef Infra Client runs successfully, sending a report on this run, we can use this handler. A recipe containing chef handler resource is used to run a list of the node. Report handler runs with run_status object returning its property value for ‘success?’ as true.

34.Q) Explain Start handler in Chef.

Answer: As the name suggests, these handlers are applied in the client.rb setting while starting Chef Infra Client, to run events, or by applying gem resources that are available in chef-client cookbook recipe.

35.Q) Explain Handler DSL in Chef.

Answer: Events like sending email when Chef Infra Client run fails, or updation of aggregating statistics about resources during Chef Infra Client runs to StatsD, Handler DSL is used to attach a callback to such events.

36.Q) Explain Run-list in Chef.

Answer: Run-list contains information required by Chef to configure a node in the desired state. Run-list has a list of roles, recipes, or both, which is run in the exact order they are listed in it. They are stored on Chef Server as a part of a node object, maintained using a knife uploaded from the Chef workstation. Run-list formats are fully qualified, cookbook, or default.

Example: “role[role_name]”, or “recipe[COOKBOOK::RECIPE_NAME]”

37.Q) What details are required to bootstrap a node in Chef.

Answer: Following are a mandatory requirement:

Username and password as login credentials into a specific node.
Public IP address or Hostname of the node.
Key-based authentication, in place of username and password credentials.

38.Q) Explain ways to apply an updated Cookbook in Chef to a node.

Answer: There are three possible ways of applying an updated Cookbook to a node in a Chef.

These are:

Running knife ssh subcommand to invoke SSH commands from the workstation.
Running Chef-client command to direct ssh connection into the server.
Running Chef-client as a daemon or a service in order to regularly review Chef Server.

39.Q) What is Test Kitchen?

Answer: Test kitchen is a built-in tool that tests the recipe – (code to configure an infrastructure), in an isolated environment, for any potential defects, that may change the production environment. It allows testing code to configure infrastructure over any platform or operating system using Chef Inspec.

With Test Kitchen, cookbook data can be verified across any combination of platforms and test suites, kitchen.yml file gets created. Multiple kitchen instances can be created with this yml file.

40.Q) How important is it to install SSL certificates in Chef?

Answer: SSL certificate is a digital signature or authentication for a website, and provides an encrypted connection, which will secure our website from the hacker’s attack with the intension to access sensitive data. It helps to create private keys and ensures secured data transmission between Chef Server and Chef Client.

41.Q) What is SSL_CERT_FILE in chef?

Ans: Use the SSL_CERT_FILE environment variable to specify the location for the SSL certificate authority (CA) bundle that is used by the chef-client.

42.Q) What is knife ssl check command in chef?

Ans: Run the knife ssl check subcommand to verify the state of the SSL certificate, and then use the response to help troubleshoot issues that may be present.

43.Q) What is the chef resources file?

Ans: A file resource is used to manage files directly on a node.

A file resource block manages files that exist on nodes. For example, to write the home page for an Apache website:

file ‘/var/www/customers/public_html/index.php’ do content ‘This is a placeholder for the home page.’ mode ‘0755’ owner ‘web_admin’ group ‘web_admin’ end


44.Q) What is Data Bags?

Ans: A data bag is a global variable that is stored as JSON data and is accessible from a Chef server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search.


45.Q) What is chef_acl resource in chef?

Ans: Use the chef_acl resource to interact with access control lists (ACLs) that exist on the Chef server.

Syntax: The syntax for using the chef_acl resource in a recipe is as follows:

chef_acl ‘name’ do attribute ‘value’ # see properties section below … action :action # see actions section below end

46.Q) What information do you need in order to bootstrap in Chef?

Ans: Just mention the information you need in order to bootstrap:

Your node’s hostname or public IP address.

A user name and password you can log on to your node with.

Alternatively, you can use key-based authentication instead of providing a user name and password.


47.Q) What is the command you use to upload a cookbook to the Chef server?

Ans: You can directly mention the command to upload a cookbook to the Chef server “knife cookbook upload”.


48.Q) What is the run-list in Chef?

Ans: run-list lets you specify which Recipes to run, and the order in which to run them. The run-list is important when you have multiple Cookbooks and the order in which they run matters.

Depending on the discussion if you think more explanation is required just mention the below points

A run-list is:

An ordered list of roles and/or recipes that are run in the exact order defined in the run-list; if a recipe appears more than once in the run-list, the chef-client will not run it twice.

Always specific to the node on which it runs; nodes may have a run-list that is identical to the run-list used by other nodes.

Stored as part of the node object on the Chef server.

Maintained using a knife, and then uploaded from the workstation to the Chef server, or is maintained using the Chef management console.


49.Q) How do you apply an updated Cookbook to your node in Chef?

Ans: There are three ways to apply an updated Cookbook to a node you can mention all or anyone, I will suggest you mention all three:

-Run knife ssh from your workstation.

-SSH directly into your server and run the chef-client.

-You can also run chef-client as a daemon, or service, to check in with the Chef server on a regular interval, say every 15 or 30 minutes.


50.Q) Write a service Resource that stops and then disables the httpd service from starting when the system boots in Chef?

Ans: Use the below Resource to stop and disable the httpd service from starting when system boots.

service ‘httpd’ do action [:stop, :disable] end

Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)
Subscribe
Notify of
guest
1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
khanna
khanna
1 year ago

15.Q) How Do You Apply An Updated Cookbook To Your Node?
<%= node %> RAM
<%= node %> CPUs
Then upload your cookbook and run it on your node.
https://www.devopsschool.com/blog/top-50-chef-interview-questions-and-answers/

Hi Team,
I think there is some mistake in above code. i think it should be something like below.
<%= node[‘hostname’] %>
<%= node[‘cpu’] %>

0
1
0
Would love your thoughts, please comment.x
()
x