In the past I’ve used Windows Server 2008R2 and 2012 for testing Chef cookbooks for Windows. I’ve always got it working but it was slow. These VM images are typically around 20GB in size so it took time to spin them up and get them going. Creating, converging and verifying a simple cookbook with Kitchen on 2008R2 would take 10 minutes on average. This worked but could be painful at times.
That’s where Nano Server comes in. It’s small, faster and more secure. I used Matt Wrock’s post Creating a Docker container Host on Windows Nano Server with Chef as my guide but wanted to use the Hyper-V driver with Kitchen instead of Vagrant and use Pester for my verifier instead of InSpec. I can confirm it works! The Kitchen.yml file is largely the same as for 2008R2 but there are two key differences.
No more MSIs
Nano cut many features from Windows Server to reduce operating size and the surface area for security issues. Kitchen traditionally uses an MSI to install Chef on the VM but Nano removed support for MSI installers and replaced it with APPX installers. So instead you must specify the install_msi_url as a appx package instead of msi in the provisioner section.
provisioner:
name: chef_zero
install_msi_url: https://s3-us-west-2.amazonaws.com/nano-chef-client/chef-12.14.60.appx
This appx was provided by Matt Wrock in the post referenced above which also describes this change for Nano. Chef doesn’t provide APPX installers today but Matt confirmed via Twitter that is in the works and coming “in a week or so” as of 3/24/17.
Elevated Transport
Traditionally I have always set the Transport to use an elevated session to avoid access denied errors but this caused an error with Nano so I disabled it and Kitchen was able to converge/verify without issue.
transport:
name: winrm
username: administrator
password: admin777!
elevated: false
Optional Nano Packages
In my first attempt to use Nano with Chef/Kitchen I used the basic Nano VHD provided on the TechNet Evaluation Center and received the following error during the converge step:
================================================================================
Error executing action `run` on resource ‘dsc_resource[Data_Folder]’
================================================================================Chef::Exceptions::JSON::ParseError
———————————-
input must be a string or IOResource Declaration:
———————
# In C:/Users/ADMINI~1/AppData/Local/Temp/kitchen/cache/cookbooks/acme_win_web/r25: dsc_resource ‘Data_Folder’ do
26: resource :file
27: property :destinationpath, ‘C:\Data’
28: property :type, ‘Directory’
29: end
The problem was Nano didn’t recognize the DSC command because the DSC package isn’t installed on the basic Nano VHD. Instead I used the Nano Server Image Builder to create a custom image which included the DSC package:
https://blogs.technet.microsoft.com/nanoserver/2016/10/15/introducing-the-nano-server-image-builder/
Nano is game changing addition to the Windows Server family and its only going to get better.
If this post was helpful and/or you have further questions please leave a comment below.
Happy testing!