Skip to content

Instantly share code, notes, and snippets.

@prein

prein/attributes.json

Last active Oct 2, 2017
Embed
What would you like to do?
recipe from my DC/OS cookbook installing rexray plugin in docker
"external_storage": {
"drivers": {
"rexrayefs": {
"docker_plugin": "rexray/efs",
"version": "latest",
"options": {
"credentials": {
"source": "data_bag",
"bag": "credentials",
"item": "aws_rexray_staging"
},
"security_groups": "sg-12345678",
"preempt": false
}
}
}
}
package 'expect-lite'
if node['dcos']['external_storage']
if node['dcos']['external_storage']['drivers']
node['dcos']['external_storage']['drivers'].each do |storage_driver,params|
credentials = {}
if params['options']['credentials']
# It supports credentials only from encrypted data bag
# specify the bag and item names with attributes
if params['options']['credentials']['source'] == 'data_bag'
credentials_data_bag_name = params['options']['credentials']['bag']
data_bag_item = params['options']['credentials']['item']
# Is the data bag in place with the creds in it?
if Chef::DataBag.list.key?(credentials_data_bag_name)
log 'found the data bag'
begin
Chef::EncryptedDataBagItem.load(credentials_data_bag_name, data_bag_item)
log 'using credentials from the data bag'
rescue Net::HTTPServerException => e
if e.response.code == '404'
log 'Data bag item not found.'
else
raise e
end
end
credentials = data_bag_item(credentials_data_bag_name, data_bag_item)
else
log 'data bag ' + credentials_data_bag_name + ' not found. not using credentials from the data bag'
log 'may work if you have configured the instance to use IAM role'
credentials['login'] = ''
credentials['secret'] = ''
end
end
end
script "install #{params['docker_plugin']} plugin" do
interpreter 'expect'
code <<-EOH
spawn docker plugin install --alias #{storage_driver} #{params['docker_plugin']}:#{params['version']} \
EFS_ACCESSKEY=#{credentials['login']} \
EFS_SECRETKEY=#{credentials['secret']} \
EFS_SECURITYGROUPS=#{params['options']['security_groups']} \
EFS_REGION=#{node['scalr']['cloud_location']} \
REXRAY_PREEMPT=#{params['options']['preempt']} \
EFS_TAG=dcos;
expect {
-regexp "Do you grant the above permissions?.*" {
send "y\r";
exp_continue
}
eof
}
EOH
not_if 'docker plugin ls --format "{{.Name}}"|grep rexrayefs'
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.