-
-
Save thehar/1066490 to your computer and use it in GitHub Desktop.
Setup Chef Repo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # on laptop | |
| $ sudo gem install chef | |
| $ sudo gem install net-ssh net-ssh-multi highline fog | |
| $ mkdir ~/git | |
| $ cd ~/git | |
| $ git clone git://github.com/opscode/chef-repo.git my-chef-repo | |
| $ cd my-chef-repo | |
| $ rm -rf .git | |
| $ mkdir site-cookbooks | |
| $ echo "Directory for customized cookbooks" > site-cookbooks/README.md | |
| $ cat <<EOF >> .gitignore | |
| .chef | |
| client-config | |
| *~ | |
| .DS_Store | |
| metadata.json | |
| EOF | |
| $ git init | |
| $ git add . | |
| $ git commit -m "Setup chef-repo" | |
| $ git tag -a v0.1 -m "0.1 release" | |
| $ mkdir ~/git/my-chef-repo/.chef | |
| # create client key on chef server; scp client key down to laptop; remove client key from chef server | |
| % knife client create my-username -n -a -f /tmp/my-username.pem | |
| $ scp -i ~/.ec2/id_rsa-my-keypair ubuntu@chef.example.com:{.chef/validation.pem,/tmp/my-username.pem} ~/git/my-chef-repo/.chef/ | |
| % rm /tmp/my-username.pem | |
| $ cat <<EOF > ~/git/my-chef-repo/.chef/knife.rb | |
| current_dir = File.dirname(__FILE__) | |
| log_level :info | |
| log_location STDOUT | |
| cache_type 'BasicFile' | |
| cache_options( :path => "#{current_dir}/checksums" ) | |
| cookbook_path ["#{current_dir}/../cookbooks", "#{current_dir}/../site-cookbooks"] | |
| chef_server_url 'http://chef.example.com:4000' | |
| validation_client_name 'chef-validator' | |
| validation_key "#{current_dir}/validation.pem" | |
| node_name 'my-username' | |
| client_key "#{current_dir}/my-username.pem" | |
| # EC2 | |
| knife[:aws_access_key_id] = "Your AWS Access Key" | |
| knife[:aws_secret_access_key] = "Your AWS Secret Access Key" | |
| EOF | |
| $ chmod 600 ~/git/my-chef-repo/.chef/{knife.rb,my-username.pem} | |
| $ mkdir -p ~/.chef/my-chef-repo | |
| $ cat <<EOF > ~/.chef/my-chef-repo/shef.rb | |
| node_name 'my-username' | |
| client_key File.expand_path('~/.chef/my-chef-repo/my-username.pem') | |
| chef_server_url 'http://chef.example.com:4000' | |
| EOF | |
| $ ln -s ~/git/my-chef-repo/.chef/my-username.pem ~/.chef/my-chef-repo/ | |
| # Open ports 4000 (api) and 4040 (webui) in the firewall for the chef server. | |
| # Login to the chef server webui with the default admin credentials and then immediately change the default password. | |
| # url: http://chef.example.com:4040 | |
| # username: admin | |
| # password: p@ssw0rd1 | |
| $ cd ~/git/my-chef-repo | |
| $ git checkout -b develop master | |
| $ knife cookbook site vendor chef-client -d -B develop | |
| $ knife cookbook site vendor runit -d -B develop | |
| $ cat <<EOF > ~/git/my-chef-repo/roles/base.rb | |
| name "base" | |
| description "Base role applied to all nodes" | |
| override_attributes( | |
| "chef_client" => { | |
| "init_style" => "runit" | |
| } | |
| ) | |
| run_list( | |
| "recipe[chef-client::delete_validation]", | |
| "recipe[runit]", | |
| "recipe[chef-client]" | |
| ) | |
| EOF | |
| $ cd ~/git/my-chef-repo | |
| $ rake roles | |
| $ knife role list | |
| $ knife cookbook upload -a | |
| $ knife cookbook list | |
| $ cd ~/git/my-chef-repo | |
| $ knife ec2 server create "role[base]" -i ami-3e02f257 -G default -x ubuntu -f m1.small -I ~/.ec2/id_rsa-my-keypair -S my-keypair | |
| $ knife status --run-list | |
| $ cd ~/git/my-chef-repo | |
| $ git add roles/base.rb | |
| $ git commit -m "Create 'base' role for chef clients" | |
| $ git checkout master | |
| $ git merge --no-ff develop | |
| $ git tag -a v0.2 -m "0.2 release" | |
| $ git checkout develop |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment