Technical Blog of Francis Setash

Chef - Bootstrapping Windows in Service Mode

Posted on — Feb 1, 2017

So; chef windows bootstrap doesnt have an install as service option. Dang it; that would be too convenient. Even the official docs dont say anything about it..

Here is the official documentation.

Quick snippet:

-G GATEWAY, --ssh-gateway GATEWAY
    The SSH tunnel or gateway that is used to run a bootstrap action on a machine that is not accessible from the workstation.
    The SSH identity file used for authentication. Key-based authentication is recommended.
-j JSON_ATTRIBS, --json-attributes JSON_ATTRIBS
    A JSON string that is added to the first run of a chef-client.
-N NAME, --node-name NAME
    The name of the node.
    Use --no-host-key-verify to disable host key verification. Default setting: --host-key-verify.

Right. Ok.

That said; here’s a very interesting github pull request:

             :description => "Bootstrap a distro using a template",
              :default => "windows-chef-client-msi"
 +          option :install_as_service,
 +            :long => "--install-as-service",
 +            :description => "Install chef-client as service in windows machine",
 +            :default => false
            option :template_file,
              :long => "--template-file TEMPLATE",
              :description => "Full path to location of template to use",


          def install_command(executor_quote)
 -          "msiexec /qn /log #{executor_quote}%CHEF_CLIENT_MSI_LOG_PATH%#{executor_quote} /i #{executor_quote}%LOCAL_DESTINATION_MSI_PATH%#{executor_quote}"
 +          if @config[:install_as_service] || @knife_config[:install_as_service]
 +            "msiexec /qn /log #{executor_quote}%CHEF_CLIENT_MSI_LOG_PATH%#{executor_quote} /i #{executor_quote}%LOCAL_DESTINATION_MSI_PATH%#{executor_quote} ADDLOCAL=#{executor_quote}ChefClientFeature,ChefServiceFeature#{executor_quote}"
 +          else              
 +            "msiexec /qn /log #{executor_quote}%CHEF_CLIENT_MSI_LOG_PATH%#{executor_quote} /i #{executor_quote}%LOCAL_DESTINATION_MSI_PATH%#{executor_quote}"
 +          end
          # Returns a string for copying the trusted certificates on the workstation to the system being bootstrapped


Let’s see if it works.

> knife bootstrap windows winrm sts601-dsc -r 'baselineRecipe' -x 'DOAMIN\USER' -P NO_PASSWORD_HERE --install-as-service



Edit: Submitted a pull request to update the Chef documentation