top of page

Create and Manage a Virtual Machine on Azure ARM using Chef

Chef is not new to Azure and hence you will find lot of tutorials on you can use chef to interact with Azure. The issue is that most of these tutorials deal with the ASM (Azure Service Management ) portal and not ARM ( Azure Resource Management ) portal . Below is a step-by-step guide on how you can create a Windows Virtual Machine on Azure ARM portal using Chef and then upload a file to the machine using knife.

Chef basics – Chef is a configuration management tool. In Chef, you have three main components namely workstation, chef-server and the Chef-client.

Workstation – Is the developers machine from where you create policies and execute commands.

Chef-server – Is the management machine. All clients talk to this machine. It’s available as hosted solution and on-premise solution.

Chef-client – This is a small program or service which sits on the machines talking to the management node.

Below a high-level diagram of how this works -

So let’s begin

1. Prepare your workstation: First create a directory called C:\mychefworkspace. In that directory create a new directory called cookbooks.

2. Create a managed chef account. Go to and signup for new account. Create a new organization while you are being signed-up. Download the Started Kit from the Organizations Administrator page and place unzip it in.

3. Copy all files under chef-starter\chef-repo\.chef to your C:\ mychefworkspace directory.

4. Open the knife.rb file and modify the “cookbook_path” by removing the /../ from the path so it appears as shown next.

cookbook_path ["#{current_dir}/cookbooks"]

5. Create and application in Azure and give it the contributor role. Note down the client ID, Client key of the application. You will also need the subscription ID and the tenant ID.

6. Add the below lines to the knife.rb file.

knife[:azure_client_secret] = " XXXX-XXX-XXX-XXX "

knife[:azure_tenant_id] = "XXXX-XXX-XXX-XXX"

knife[:azure_subscription_id] = " XXXX-XXX-XXX-XXX "

knife[:azure_client_id] = " XXXX-XXX-XXX-XXX "

7. Ensure that Chef-dk is installed on your local machine by giving the chef -v command. If it is not installed, install it.

8. Install Knife-azure extension using the below command.

chef gem install knife-azure

9. Create a Cookbook by the running the below command from the C:\ mychefworkspace \cookbooks folder.

10. Modify the C:\chef\cookbooks\webserver\recipes\default.rb file and add the following lines.

powershell_script 'Install IIS' do

action :run

code 'add-windowsfeature Web-Server'


service 'w3svc' do

action [ :enable, :start ]


template 'c:\inetpub\wwwroot\Default.htm' do

source 'Default.htm.erb'

rights :read, 'Everyone'


11. Generate a template using the below command. This is the file we will be sending to the server.

chef generate template webserver Default.htm

12. The above step will generate a default.htm.erb file in the cookbooks\webserver\templates folder. Enter some random text in the default.htm.erb file say “This is a test deployment from Touchcore.

13. The cookbook is now ready to upload to the server. Give the below command to upload the cookbook.

knife cookbook upload webserver

14. Check if the cookbook has been uploaded to the from the Chef hosted account from the policy tab

15. Give the below command to create a new VM in azure and bootstrap and it upload the template to the 'c:\inetpub\wwwroot’ folder. This will also install a chef-client as a service and tell the client to ping the server for changes every one minute.

knife azurerm server create `

>> --azure-resource-group-name TouchCoreRgp `

>> --azure-vm-name mytestvm `

>> --azure-service-location 'westus' `

>> --azure-image-reference-publisher 'MicrosoftWindowsServer' `

>> --azure-image-reference-sku '2012-R2-Datacenter' `

>> --azure-image-reference-version 'latest' `

>> -x myuser -P Mypassword@123 `

>> --tcp-endpoints 80 `

>> --chef-daemon-interval 1 `

>> -r "recipe[webserver]"

16. Check the output of this command. You will get an IP and a DNS name. Put this IP or DNS name in browser and you should get to see the contents of the file you uploaded.


Featured Posts
Check back soon
Once posts are published, you’ll see them here.
Recent Posts
Search By Tags
No tags yet.
Follow Us
  • LinkedIn Social Icon
  • Facebook Basic Square

Tel: 91-907-501-8793, 91-982-141-8793

bottom of page