[6]DevOps 自动化运维工具Chef---如何通过Chef WorkStation在Window 7客户机节点上远程自动安装最新的Chef Client？

前面和大家分享了如何在Ubuntu的系统上安装Chef Client，这篇文章给大家分享一下如何在Window平台上通过WorkStation（安装在Ubuntu的系统上）来在Window系统上面自动安装Chef Client，笔者用Window 7 64 bit的平台为例子。内存4GB即可。具体步骤如下：
0. 配置C:\Windows\System32\drivers\etc\hosts
192.168.80.5 chef-master-rodney.example.com
chef-master-rodney192.168.80.9chef-c-win7-01.example.comchef-c-win7-01
其中，192.168.80.9 chef-c-win7-01.example.com chef-c-win7-01 就是Window 7的Chef 节点名字.

1. 在Window7系统上以admin权限执行下面的命令，开启Window romote的服务
winrm quickconfig
在Window 2.0以及以上系统默认端口
• HTTP: 5985
• HTTPS: 5986
在Window 1.0 系统默认端口
•HTTP: 80
• HTTPS: 443
注意，如果遇到wsmanfault access is denied 的异常，请参考下面的文章去解决
http://serverfault.com/questions/337905/enabling-powershell-remoting-access-is-denied
解决办法：
用administrator权限打开cmd，并执行下面的命令
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /vLocalAccountTokenFilterPolicy
/t REG_DWORD /d1 /f
2. 在Window7的机器上，以administrator的权限打开一个cmd，设置正确的认证，因为本实验是测试，所以使用Basic的认证即可.
winrm set winrm/config/client/auth @{Basic="true"}
winrm set winrm/config/service/auth @{Basic="true"}
winrm set winrm/config/service @{AllowUnencrypted="true"}
3. 在Workstation上，安装Knife-windows plugin
/opt/chef/embedded/bin/gem install knife-windows （安装的是chef client）
或者
sudo /opt/chefdk/embedded/bin/gem install knife-windows （安装的是chef dk）

其输出如下，如果我们需要自己定制自己的逻辑，可以参看下面的gem

Fetching: gssapi-1.2.0.gem (100%)
Successfully installed gssapi-1.2.0
Fetching: httpclient-2.8.2.4.gem (100%)
Successfully installed httpclient-2.8.2.4
Fetching: rubyntlm-0.6.1.gem (100%)
Successfully installed rubyntlm-0.6.1
Fetching: little-plugger-1.1.4.gem (100%)
Successfully installed little-plugger-1.1.4
Fetching: logging-2.1.0.gem (100%)
Successfully installed logging-2.1.0
Fetching: nori-2.6.0.gem (100%)
Successfully installed nori-2.6.0
Fetching: gyoku-1.3.1.gem (100%)
Successfully installed gyoku-1.3.1
Fetching: winrm-2.0.2.gem (100%)
Successfully installed winrm-2.0.2
Fetching: rubyzip-1.2.0.gem (100%)
Successfully installed rubyzip-1.2.0
Fetching: winrm-fs-1.0.0.gem (100%)
Successfully installed winrm-fs-1.0.0
Fetching: winrm-elevated-1.0.1.gem (100%)
Successfully installed winrm-elevated-1.0.1
Fetching: knife-windows-1.6.0.gem (100%)
Successfully installed knife-windows-1.6.0
Parsing documentation for gssapi-1.2.0
Installing ri documentation for gssapi-1.2.0
Parsing documentation for httpclient-2.8.2.4
Installing ri documentation for httpclient-2.8.2.4
Parsing documentation for rubyntlm-0.6.1
Installing ri documentation for rubyntlm-0.6.1
Parsing documentation for little-plugger-1.1.4
Installing ri documentation for little-plugger-1.1.4
Parsing documentation for logging-2.1.0
Installing ri documentation for logging-2.1.0
Parsing documentation for nori-2.6.0
Installing ri documentation for nori-2.6.0
Parsing documentation for gyoku-1.3.1
Installing ri documentation for gyoku-1.3.1
Parsing documentation for winrm-2.0.2
Installing ri documentation for winrm-2.0.2
Parsing documentation for rubyzip-1.2.0
Installing ri documentation for rubyzip-1.2.0
Parsing documentation for winrm-fs-1.0.0
Installing ri documentation for winrm-fs-1.0.0
Parsing documentation for winrm-elevated-1.0.1
Installing ri documentation for winrm-elevated-1.0.1
Parsing documentation for knife-windows-1.6.0
Installing ri documentation for knife-windows-1.6.0
Done installing documentation for gssapi, httpclient, rubyntlm, little-plugger, logging, nori, gyoku, winrm, rubyzip, winrm-fs, winrm-elevated, knife-windows after 6 seconds
12 gems installed

4. 在Workstation上,运行帮助命令查看knife bootstrap windows winrm名的用法
knife bootstrap windows winrm FQDN --help
5.用telnet命令检测网络是否通畅
在Workstation上机器上，用telnet 命令检查remote的Winrm的端口是否已经开通,如果通了，就可以继续下面的步骤，如果没有通的话，请检查你的网络防火墙是否开启，或者remote rm的服务器本身没有正常启动。
telnet 192.168.80.9 5985
telnet 192.168.80.9 5986
6. 在Workstation上，设置下面的命令
sudo knife bootstrap windows winrm chef-c-win7-01 -x 'chef-c-win7-01\rodney' -P password -N 'chef-c-win7-01' --run-list 'recipe[rodneytest]'
上面的命令首先会连接到Window的机器, 如果看到类似于下面的命令,
恭喜你，你已经连接上了Window的Client节点
Waiting for remote response before bootstrap.chef-c-win7-01 .
chef-c-win7-01 Response received.
Remote node responded after 0.0 minutes.
然后，这个命令会继续执行，探测chef的安装是否已经下载下来了，如果有的话，就删除，没有的话，就从https://www.chef.io/chef/download?p=windows&pv=2008r2&m=x86_64&DownloadContext=PowerShell&v=12这个地址下载，
具体的PowerShell脚本的执行如下，
powershell.exe -ExecutionPolicy Unrestricted -InputFormat None -NoProfile -NonInteractive -File C:\chef\wget.ps1 "https://www.chef.io/chef/download?p=windows&pv=2008r2&m=x86_64&DownloadContext=PowerShell&v=12"
"C:\Users\rodney\AppData\Local\Temp\chef-client-latest.msi"

如果想修改bootstrap的执行的步骤或者目标，下面的链接说明了bootstrap的时候，其安装的脚步是可以修改和定制的。
https://github.com/chef/knife-windows/blob/master/lib/chef/knife/bootstrap/windows-chef-client-msi.erb

7. 剩下的就是等待, 当前的Window的安装包大概有191M左右.
默认情况下，在Window7的机器上会执行下面的步骤。

•Installing Ruby 1.8.7 with RubyGems

•Installing the RubyInstaller Development Kit (DevKit)

•Installing Windows-specific gems to support Chef

• Installing Chef from RubyGems.org

• Writing out the validation key intoC:\chef\validation.pem

• Optionally writing out an encrypted data bag secret

•Writing the default configuration file for Chef inC:\chef\client.rb

•Creating the initial run-list JSON file inC:\chef\first-boot.json

• Runningchef-clientfor the first time to register the node with Chef

8. 安装完成后登陆Chef服务器的管理控制台，就能看到其Client节点已经注册



参考文章：
https://learn.chef.io/manage-a-node/windows/bootstrap-your-node/
https://docs.chef.io/plugin_knife_windows.html