Skip to content

Instantly share code, notes, and snippets.

@nellshamrell

nellshamrell/gist:6502904fa35cc9534ac9

Created June 12, 2015 19:02
Show Gist options
  • Save nellshamrell/6502904fa35cc9534ac9 to your computer and use it in GitHub Desktop.
Save nellshamrell/6502904fa35cc9534ac9 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up Supermarket Manually
Raw
gistfile1.txt
## Setting up a private Supermarket manually
### Provision a Supermarket server
Go ahead and spin up a new Ubuntu 14-04 server for your Supermarket install. (This will work with other Operating Systems as well, but these examples will for Ubuntu).
### SSH into your Private Supermarket Server
```bash
$ ssh root@your_private_supermarket_server_ip
```
### Installing Supermarket
First, update your installation of Ubuntu
```bash
(your private supermarket server) $ apt-get update
```
Then install the latest stable package for Chef
```bash
$ curl https://packagecloud.io/install/repositories/chef/stable/script.deb | bash
```
Then install Supermarket
```bash
(your private supermarket server) $ apt-get install supermarket
```
And reconfigure your Supermarket server
```bash
(your private supermarket server) $ supermarket-ctl reconfigure
```
### Setting up oc-id on your Chef Server
You will be using oc-id for authentication between your Chef Server and your Supermarket Server.
Please see the "oc-id setup on your Chef Server" of Irving Popovetsky's blog post [Setting Up Your Private Supermarket Server](https://www.chef.io/blog/2015/04/21/setting-up-your-private-supermarket-server/#oc-id_setup)
Make sure to STOP when you get to the "Running your Private Supermarket server in Test Kitchen" heading in that post, then come back here.
....
Back? Take a look at /etc/opscode/oc-id-applications/supermarket.json on your Chef server.
```bash
(your private chef server) $ cat /etc/opscode/oc-id-applications/supermarket.json
```
You should see output like this, you'll need these values in the next section.
```bash
{
"name": "supermarket",
"uid": "8367...a1",
"secret": "cb70..6b",
"redirect_uri": "https://your_supermarket_IP_address/auth/chef_oath2/callback"
}
```
### Setting up oc-id on your Supermarket Server
SSH back into your Supermarket Server, then open up /etc/supermarket/supermarket.rb and uncomment these lines:
/etc/supermarket/supermarket.rb
```bash
# default['supermarket']['chef_oauth2_app_id'] = nil
# default['supermarket']['chef_oauth2_secret'] = nil
# default['supermarket']['chef_oauth2_url'] = nil
# default['supermarket']['chef_oauth2_verify_ssl'] = true
```
And add this content:
/etc/supermarket/supermarket.rb
```bash
default['supermarket']['chef_oauth2_app_id'] = 'UID from Chef Server Output'
default['supermarket']['chef_oauth2_secret'] = 'Secret from Chef Server Output'
default['supermarket']['chef_oauth2_url'] = 'Chef Server URL'
default['supermarket']['chef_oauth2_verify_ssl'] = false
```
Save and close the file, then run:
```bash
(your private supermarket server) $ supermarket-ctl reconfigure
```
### Logging into your Supermarket server
Head to your Supermarket server in your browser, then click on the "Sign In" link in the upper right hand corner.
If you receive an error "DNS PROBE FINISHED NXDOMAIN" when you visit your Supermarket url in a browser, add an entry to your /etc/hosts with your Supermarket IP Address and your Supermarket Server Hostname, i.e. <code>0.0.0.0 hostname</code>. Then try signing in.
This will redirect to the sign in screen for your Chef server. Sign in with the username and password you created when you set up the Chef server.
This should redirect you to the Supermarket and have you signed in. If you are not signed in for some reason, click on the "Sign In" link one more time.
### Uploading a Cookbook to your private Supermarket
Make sure that you have something in your knife.rb file which indicates where your cookbooks "live" on your workstation. If you keep your cookbooks at /root/my_chef_repo/cookbooks, then you need a line similar to this in your knife.rb on your workstation:
```bash
knife[:cookbook_path] = ["/root/my_chef_repo/cookbooks"]
```
Next, you will need to obtain the RSA key you created when we created the user on your Chef Server. If I created a user with the username of "demo" on my server, I would find the RSA key in the home directory of my chef server.
```bash
(your private chef server) $ ls ~
(your private chef server) $ demo.pem
```
Either download this key to your local workstation via SCP, or copy and paste it into a new file on your workstation. Make sure to put this file in your .chef directory.
At this point, if you list the files in your .chef directory, I should see something similar to this:
```bash
(your workstation) $ ls .chef
(your workstation) $ demo.pem knife.rb trusted_certs
```
Now, add this line to your knife.rb (change the path to wherever you are keeping your .chef directory)
```bash
client_key '~/.chef/demo.pem
```
While you're here, also add this line to your knife.rb (use whatever your username is on your supermarket server).
```bash
node_name 'demo'
```
Please see the "Uploading your first cookbook to Supermarket" of Irving Popovetsky's blog post <a href="https://www.chef.io/blog/2015/04/21/setting-up-your-private-supermarket-server/">Setting Up Your Private Supermarket Server</a>.
NOTE: There is currently a bug with Chef Server 12 (and Chef Server 11 when ssl is enabled) which can prevent a user from uploading to a cookbook to Supermarket with knife supermarket. You will see SSL errors, even after following Irving's blog post above. In order to get around with this, you can disable verify ssl. However, this will be fixed with Chef 12.1.0, after which you can re-enable verify ssl and uploading should work as expected.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment