我目前正在使用Vagrant和Chef-solo,它一直很好用。我想将流浪魔法延伸到厨师服务器。我已经将Vagrantfile中的配置程序从chef-solo切换到chef-client,并添加了必要的代码:
chef.chef_server_url = "https://chef.mydomain.com"
chef.validation_client_name = "chef-validator"
chef.validation_key_path = "/Users/inigo/.chef/chef-validator.pem"
我的问题是如何自动创建客户端,因此我不必发出knife命令来创建客户端和相应的client.pem密钥。然后我必须发出刀具命令来删除客户端。
我希望这是Vagrant可以做的事情,我只需要为Vagrantfile添加一些代码,然后“vagrant up”“vagrant destroy”命令将处理所有这些。不幸的是,我的谷歌搜索没有发现任何东西。我看过有关如何设置厨师服务器和流浪汉的帖子,但我对厨师客户感兴趣。也许是流浪汉或者berkshelf的插件?
还有一个问题..现在,当我生成client.pem密钥时,我将它放在共享目录中:/ vagrant,以便VM可以访问它。还有更好的方法吗?
谢谢!
以下是vagrant up:
$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
[default] Importing base box 'Berkshelf-CentOS-6.3-x86_64-minimal'...
[default] Matching MAC address for NAT networking...
[default] Setting the name of the VM...
[default] Clearing any previously set forwarded ports...
[Berkshelf] Uploading cookbooks to 'https://chef.mydomain.com:443/'
[Berkshelf] Using testcookbook (0.0.1)
[Berkshelf] Uploading testcookbook (0.0.1) to: 'https://chef.mydomain.com:443/'
[default] Creating shared folders metadata...
[default] Clearing any previously set network interfaces...
[default] Preparing network interfaces based on configuration...
[default] Forwarding ports...
[default] -- 22 => 2222 (adapter 1)
[default] Booting VM...
[default] Waiting for VM to boot. This can take a few minutes.
[default] VM booted and ready for use!
[default] Setting hostname...
[default] Configuring and enabling network interfaces...
[default] Mounting shared folders...
[default] -- /vagrant
[default] Installing Chef 11.6.0 Omnibus package...
[default] Running provisioner: chef_client...
Creating folder to hold client key...
Uploading chef client validation key...
Generating chef JSON and uploading...
Running chef-client...
[2013-08-15T15:42:28+00:00] INFO: Forking chef instance to converge...
[2013-08-15T15:42:28+00:00] INFO: *** Chef 11.6.0 ***
[2013-08-15T15:42:28+00:00] INFO: Client key /etc/chef/client.pem is not present - registering
====================================================================================
Chef encountered an error attempting to create the client "mytestcookbook-berkshelf"
====================================================================================
[2013-08-15T15:42:29+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2013-08-15T15:42:29+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
Chef never successfully completed! Any errors should be visible in the
output above. Please fix your recipes so that they properly complete.
以下是chef-stacktrace.out文件的内容在失败的vagrant up上的样子:
Generated at 2013-08-16 03:42:20 +0000
OpenSSL::PKey::RSAError: private key needed.
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/mixlib-authentication-1.3.0/lib/mixlib/authentication/signedheaderauth.rb:94:in `private_encrypt'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/mixlib-authentication-1.3.0/lib/mixlib/authentication/signedheaderauth.rb:94:in `sign'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest/auth_credentials.rb:51:in `signature_headers'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest.rb:322:in `authentication_headers'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest.rb:368:in `build_headers'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest.rb:166:in `raw_http_request'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest.rb:161:in `api_request'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/rest.rb:121:in `post'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/api_client/registration.rb:93:in `create'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/api_client/registration.rb:84:in `create_or_update'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/api_client/registration.rb:57:in `run'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/client.rb:376:in `register'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/client.rb:480:in `do_run'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/client.rb:199:in `block in run'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/client.rb:193:in `fork'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/client.rb:193:in `run'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/application.rb:183:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/application/client.rb:302:in `block in run_application'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/application/client.rb:294:in `loop'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/application/client.rb:294:in `run_application'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/lib/chef/application.rb:66:in `run'
/opt/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.6.0/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:23:in `load'
/usr/bin/chef-client:23:in `<main>'
好的衡量..这是当前的Vagrantfile减去所有注释行:
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.hostname = "testcookbook-berkshelf"
config.vm.box = "Berkshelf-CentOS-6.3-x86_64-minimal"
config.vm.box_url = "https://dl.dropbox.com/u/31081437/Berkshelf-CentOS-6.3-x86_64-minimal.box"
config.vm.network :private_network, ip: "33.33.33.10"
config.ssh.max_tries = 40
config.ssh.timeout = 120
config.berkshelf.enabled = true
config.omnibus.chef_version = :latest
config.vm.provision :chef_client do |chef|
chef.chef_server_url = "https://chef.mydomain.com"
chef.validation_client_name = "chef-validator"
chef.validation_key_path = "/Users/inigo/.chef/chef-validator.pem"
chef.run_list = [
"recipe[testcookbook::default]"
]
end
end
答案 0 :(得分:4)
你的例子中唯一错误的是chef.validation_key_path可能指向了错误的位置。
您必须将其设置为工作站中验证密钥的位置(可能类似"#{ENV['HOME']}/.chef/validation.pem"或类似内容)。
准备好后,当vagrant up时,它会将验证密钥文件复制到VM,并使用它在Chef服务器上自动创建client和node。
如果你不介意我的无耻插件,我写了一个名为Vagrant::Butcher的Vagrant插件,当你发出{{{}}时会自动删除node和client 1}}。