1.Q) What Is A Resource?

Ans: A resource represents a piece of infrastructure and its desired state, such as a package
that should be installed, a service that should be running, or a file that should be generated.

2.Q) What Is A Recipe?

Ans: A recipe is a collection of resources that describes a particular configuration or policy. A

recipe describes everything that is required to configure part of a system. Recipes do things
such as:

Install and configure software components.

Manage files.

Deploy applications.

Execute other recipes.

3.Q) What Happens When You Don’t Specify A Resource’s Action?

Ans: When you don’t specify a resource’s action, Chef applies the default action.

4.Q) Write A Service Resource That Stops And Then Disables The Httpd Service From
Starting When The System Boots?

Ans:

Service ‘httpd’ do

Action

End

5.Q) How Does A Cookbook Differ From A Recipe?

Ans: A recipe is a collection of resources, and typically configures a software package or

some piece of infrastructure. A cookbook groups together recipes and other information in a
way that is more manageable than having just recipes alone. For example, in this lesson you
used a template resource to manage your HTML home page from an external file. The recipe
stated the configuration policy for your web site, and the template file contained the data.
You used a cookbook to package both parts up into a single unit that you can later deploy.
6.Q) How Does Chef-apply Differ From Chef-client?

Ans: Chef-apply apply a single recipe; chef-client applies a cookbook. For learning purposes,
we had you start off with chef-apply because it helps you understand the basics quickly. In
practice, chef-apply is useful when you want to quickly test something out. But for
production purposes, you typically run chef-client to apply one or more cookbooks.

7.Q) What’s The Run-list?

Ans: The run-list lets you specify which recipes to run, and the order in which to run them.
The run-list is important for when you have multiple cookbooks, and the order in which they
run matters.

8.Q) What Are The Two Ways To Set Up A Chef Server?

Ans:

Install an instance on your own infrastructure.

Use hosted Chef.

9.Q) What’s The Role Of The Starter Kit?

Ans: The Starter Kit provides certificates and other files that enable you to securely
communicate with the Chef server.

10.Q) What Is A Node?

Ans: A node represents a server and is typically a virtual machine, container instance, or
physical server – basically any compute resource in your infrastructure that’s managed by
Chef.

11.Q) What Information Do You Need To In Order To Bootstrap?

Ans: You need:

Your node’s host name or public IP address.

A user name and password you can log on to your node with.
Alternatively, you can use key-based authentication instead of providing a user name and
password.

12.Q) What Happens During The Bootstrap Process?

Ans: During the bootstrap process, the node downloads and installs chef-client, registers
itself with the Chef server, and does an initial check in. During this check in, the node applies
any cookbooks that are part of its run-list.

13.Q) Which Of The Following Lets You Verify That Your Node Has Successfully
Bootstrapped?

Ans:

The Chef management console.

Knife node list

Knife node show

You can use all three of these methods.

14.Q) What Is The Command You Use To Upload A Cookbook To The Chef Server?

Ans: Knife cookbook upload.

15.Q) How Do You Apply An Updated Cookbook To Your Node?

Ans: We mentioned two ways. Run knife Ssh from your workstation. SSH directly into your
server and run chef-client. You can also run chef-client as a daemon, or service, to check in
with the Chef server on a regular interval, say every 15 or 30 minutes. Update your Apache
cookbook to display your node’s host name, platform, total installed memory, and number
of CPUs in addition to its FQDN on the home page. Update index.html.erb like this. hello
from <%= node %>< /h1> <%= node %> <%= node %> – <%= node %>

<%= node %> RAM

<%= node %> CPUs

Then upload your cookbook and run it on your node.

16.Q) What Would You Set Your Cookbook’s Version To Once It’s Ready To Use In
Production?
Ans: According to Semantic Versioning, you should set your cookbook’s version number to
1.0.0 at the point it’s ready to use in production.

17.Q) Create A Second Node And Apply The Awesome Customers Cookbook To It. How
Long Does It Take?

Ans: You already accomplished the majority of the tasks that you need. You wrote the
awesome customers cookbook, uploaded it and its dependent cookbooks to the Chef server,
applied the awesome customers cookbook to your node, and verified that everything’s
working. All you need to do now is:

Bring up a second Red Hat Enterprise Linux or Centos node.

Copy your secret key file to your second node.

Bootstrap your node the same way as before. Because you include the awesome customers
cookbook in your run-list, your node will apply that cookbook during the bootstrap process.

The result is a second node that’s configured identically to the first one. The process should
take far less time because you already did most of the work.

Now when you fix an issue or add a new feature, you’ll be able to deploy and verify your
update much more quickly!

18.Q) What’s The Value Of Local Development Using Test Kitchen? Ans: Local development
with Test Kitchen:

Enables you to use a variety of virtualization providers that create virtual machine or
container instances locally on your workstation or in the cloud.

Enables you to run your cookbooks on servers that resemble those that you use in
production.

Speeds up the development cycle by automatically provisioning and tearing down temporary
instances, resolving cookbook dependencies, and applying your cookbooks to your
instances.

19.Q) What are the responsibilities of system administrators in an organization?

Answer: System administrator is responsible for effective planning, installation,

configuration, and optimizing the IT infrastructure to achieve high availability and
performance.

20.Q) What do you mean by IT infrastructure?

Answer: IT infrastructure includes all the physical hardware such as systems, servers,
network systems, switch, routers, legacy interfaces and facilities like data centers, data
storage, and its retrieval and all the elements that are utilized to manage and use data and
information securely to protect business goals of an organization.

21.Q) Explain about Chef Desktop

Answer: It helps control IT resources like laptops, desktops, and kiosk workstations remotely
from a centralized location. It automates deployment, management, and secures the
maintenance of IT resources. It automates tasks such as implementing policy-driven
configuration and eliminates manual time-consuming processes.

22.Q) What are the features of Chef Compliance?

Answer: Chef Compliance helps enforce and maintain compliances and prevent security
incidents with standard audit and remediation content across heterogeneous estates to
provide visibility and control across hybrid and multi-cloud environments.

23.Q) How Chef Infra is used by the DevOps team in Infrastructure management?

Answer: Chef Infra automates configuration of infrastructure, ensures consistent, correct,

flexible, testable, versionable, and human-readable configuration policy, and any
modification in configuration will be applied universally across the entire infrastructure.

24.Q) Explain the features of Chef Habitat.

Answer: It offers automation in defining, packaging, and delivering applications to any

environment, irrespective of deployment platform or operating system. It creates deployable
artifacts for virtual machines or containers without refactoring or rewriting. It also helps
scale the adoption of agile delivery practices across operations and development.

25.Q) Explain the importance of Chef Inspec in compliance with automation.

Answer: Chef Inspec provides security and compliance rules across security engineers,
operations, and software developers. It enforces consistent standards in the managed
environment and in each stage of development by running automated tests for compliance,
security, and other policy requirements across servers, containers, and cloud APIs.

26.Q) Explain the use of Recipe in Chef.

Answer: Recipe is a collection of resources that decides the policy or configuration of a node.
To run a recipe, it must reside on the node’s run list. They are created using Ruby and have
all the instructions about everything that is required to run, update, or create on Chef
Client’s node.

27.Q) What does a Node represent in Chef?

Answer: Node can be any device, physical, virtual, cloud, or network device managed by
Chef Infra.
Physical node can be either an on-premise server or a virtual machine connected to a
network and can send, receive, and forward the information over the Internet.

Virtual node is a physical machine that runs as software implementation.

Cloud-based node is an external cloud-based service that is hosted with Amazon web
services, Google Cloud Platform, or Microsoft Azure. Chef Infra client is installed to deploy,
maintain, or configure these instances created with plug-in with the help of the knife tool.

Network node is a network device such as a switch, a router, connected to physical or logical
Ethernet and VLANs, for Chef to automate common network configurations.

28.Q) What is the role of OHAI in Chef?

Answer: OHAI is a tool that Chef Infra runs and collects system configuration data used
within Cookbooks. It detects common configuration details with help of built-in plug-in. It
also collects attributes from Operating System, Network, Memory, Disk, CPU, Kernel,
Hostnames, and Cloud provider metadata.

29.Q) Explain the use of Knife in Chef.

Answer: Knife is a command-line tool that acts as an interface between Chef Workstation
and Chef Server where it helps Chef Workstation to communicate the content of its chef-
repo directory with a Chef Server. Chef-Workstation contains the chef-repo directory where
cookbooks, roles, data bags, and environments are stored.

With Knife commands users can manage (create, delete, edit, list, show) nodes, roles, JSON
data storage, environments, cookbooks and recipes, cloud resources using Knife plug-ins.

30.Q) Explain dpkg_package resource.

Answer: To manage packages for dpkg platform, on a node, dpkg program from the Debian
package applies to install, remove, and retrieve information about .deb packages. Various
actions such as :install, :nothing, :remove of dpkg_package resource are used to manage
Debian package.

31.Q) List types of handlers in Chef.

Answer: ‘Chef_handler’ resource makes sure that all the handlers are enabled and are
available for Chef Infra Client run. The Chef handlers are of three types.

These are listed below:

Exception Handler

Report Handler

Start Handler

32.Q) Explain the Exception handler in Chef.

Answer: When Chef Infra client fails while running, this handler can be used at Chef Infra
Client run where a recipe containing chef handler resource is added to node’s run-list.
Exception handler runs with run_status object, returning its property value for ‘failed?’ as
true.

33.Q) Explain Report handler in Chef.

Answer: When Chef Infra Client runs successfully, sending a report on this run, we can use
this handler. A recipe containing chef handler resource is used to run a list of the node.
Report handler runs with run_status object returning its property value for ‘success?’ as
true.

34.Q) Explain Start handler in Chef.

Answer: As the name suggests, these handlers are applied in the client.rb setting while
starting Chef Infra Client, to run events, or by applying gem resources that are available in
chef-client cookbook recipe.

35.Q) Explain Handler DSL in Chef.

Answer: Events like sending email when Chef Infra Client run fails, or updation of aggregating
statistics about resources during Chef Infra Client runs to StatsD, Handler DSL is used to
attach a callback to such events.

36.Q) Explain Run-list in Chef.

Answer: Run-list contains information required by Chef to configure a node in the desired
state. Run-list has a list of roles, recipes, or both, which is run in the exact order they are
listed in it. They are stored on Chef Server as a part of a node object, maintained using a
knife uploaded from the Chef workstation. Run-list formats are fully qualified, cookbook, or
default.

Example: “role[role_name]”, or “recipe[COOKBOOK::RECIPE_NAME]”

37.Q) What details are required to bootstrap a node in Chef.

Answer: Following are a mandatory requirement:

Username and password as login credentials into a specific node.

Public IP address or Hostname of the node.

Key-based authentication, in place of username and password credentials.

38.Q) Explain ways to apply an updated Cookbook in Chef to a node.

Answer: There are three possible ways of applying an updated Cookbook to a node in a Chef.

These are:

Running knife ssh subcommand to invoke SSH commands from the workstation.
Running Chef-client command to direct ssh connection into the server.

Running Chef-client as a daemon or a service in order to regularly review Chef Server.

39.Q) What is Test Kitchen?

Answer: Test kitchen is a built-in tool that tests the recipe – (code to configure an
infrastructure), in an isolated environment, for any potential defects, that may change the
production environment. It allows testing code to configure infrastructure over any platform
or operating system using Chef Inspec.

With Test Kitchen, cookbook data can be verified across any combination of platforms and
test suites, kitchen.yml file gets created. Multiple kitchen instances can be created with this
yml file.

40.Q) How important is it to install SSL certificates in Chef?

Answer: SSL certificate is a digital signature or authentication for a website, and provides an
encrypted connection, which will secure our website from the hacker’s attack with the
intension to access sensitive data. It helps to create private keys and ensures secured data
transmission between Chef Server and Chef Client.

41.Q) What is SSL_CERT_FILE in chef?

Ans: Use the SSL_CERT_FILE environment variable to specify the location for the SSL
certificate authority (CA) bundle that is used by the chef-client.

42.Q) What is knife ssl check command in chef?

Ans: Run the knife ssl check subcommand to verify the state of the SSL certificate, and then
use the response to help troubleshoot issues that may be present.

43.Q) What is the chef resources file?

Ans: A file resource is used to manage files directly on a node.

A file resource block manages files that exist on nodes. For example, to write the home page
for an Apache website:

file ‘/var/www/customers/public_html/index.php’ do content ‘This is a placeholder for the

home page.’ mode ‘0755’ owner ‘web_admin’ group ‘web_admin’ end

44.Q) What is Data Bags?

Ans: A data bag is a global variable that is stored as JSON data and is accessible from a Chef
server. A data bag is indexed for searching and can be loaded by a recipe or accessed during
a search.
45.Q) What is chef_acl resource in chef?

Ans: Use the chef_acl resource to interact with access control lists (ACLs) that exist on the
Chef server.

Syntax: The syntax for using the chef_acl resource in a recipe is as follows:

chef_acl ‘name’ do attribute ‘value’ # see properties section below … action :action # see
actions section below end

46.Q) What information do you need in order to bootstrap in Chef?

Ans: Just mention the information you need in order to bootstrap:

Your node’s hostname or public IP address.

A user name and password you can log on to your node with.

Alternatively, you can use key-based authentication instead of providing a user name and
password.

47.Q) What is the command you use to upload a cookbook to the Chef server?

Ans: You can directly mention the command to upload a cookbook to the Chef server “knife
cookbook upload”.

48.Q) What is the run-list in Chef?

Ans: run-list lets you specify which Recipes to run, and the order in which to run them. The
run-list is important when you have multiple Cookbooks and the order in which they run
matters.

Depending on the discussion if you think more explanation is required just mention the
below points

A run-list is:

An ordered list of roles and/or recipes that are run in the exact order defined in the run-list;
if a recipe appears more than once in the run-list, the chef-client will not run it twice.

Always specific to the node on which it runs; nodes may have a run-list that is identical to
the run-list used by other nodes.

Stored as part of the node object on the Chef server.

Maintained using a knife, and then uploaded from the workstation to the Chef server, or is
maintained using the Chef management console.
49.Q) How do you apply an updated Cookbook to your node in Chef?

Ans: There are three ways to apply an updated Cookbook to a node you can mention all or
anyone, I will suggest you mention all three:

-Run knife ssh from your workstation.

-SSH directly into your server and run the chef-client.

-You can also run chef-client as a daemon, or service, to check in with the Chef server on a
regular interval, say every 15 or 30 minutes.

50.Q) Write a service Resource that stops and then disables the httpd service from starting
when the system boots in Chef?

Ans: Use the below Resource to stop and disable the httpd service from starting when
system boots.

service ‘httpd’ do action [:stop, :disable] end