我正在尝试使用厨师在独立计算机上部署openstack,https://github.com/stackforge/openstack-chef-repo中包含的烹饪书,请参考此处:http://docs.opscode.com/openstack_repository.html。具体来说,我正在尝试设置os-compute-single-controller角色。
我能够毫不费力地上传食谱。
但是,当我试图运行时,我偶然发现了这个错误:
Errno::ENOENT
-------------
No such file or directory - file not found '/etc/chef/openstack_data_bag_secret'
Cookbook Trace:
---------------
/var/chef/cache/cookbooks/openstack-common/libraries/passwords.rb:45:in `secret'
/var/chef/cache/cookbooks/openstack-common/libraries/passwords.rb:62:in `db_password'
/var/chef/cache/cookbooks/openstack-ops-database/recipes/openstack-db.rb:27:in `from_file'
Relevant File Content:
----------------------
/var/chef/cache/cookbooks/openstack-common/libraries/passwords.rb:
38: # That means nova_password will == "nova".
39: def secret bag_name, index
40: if node["openstack"]["developer_mode"]
41: return index
42: end
43: key_path = node["openstack"]["secret"]["key_path"]
44: ::Chef::Log.info "Loading encrypted databag #{bag_name}.#{index} using key at #{key_path}"
45>> secret = ::Chef::EncryptedDataBagItem.load_secret key_path
46: ::Chef::EncryptedDataBagItem.load(bag_name, index, secret)[index]
47: end
48:
49: # Ease-of-use/standardization routine that returns a service password
50: # for a named OpenStack service. Note that databases are named
51: # after the OpenStack project nickname, like "nova" or "glance"
52: def service_password service
53: bag = node["openstack"]["secret"]["service_passwords_data_bag"]
54: secret bag, service
我错过了什么吗?我不介意写一个配方来填充这个文件,但我不确定应该去做什么。我无法在这些烹饪书的文档中找到有关此文件的任何内容。
这是我为厨师客户指定的配置:
{"run_list":["recipe[apache2]", "role[os-compute-single-controller]"]}
编辑:
创建空文件会导致错误:invalid zero length secret in '/etc/chef/openstack_data_bag_secret'
This似乎是相关的,尽管来自不同的存储库。但为什么this recipe不在stackforge repository?
答案 0 :(得分:1)
正如您的日志所说,错误实际上是在课堂上提出的:“stackforge / cookbook-openstack-common”,由class.method ::Chef::EncryptedDataBagItem.load_secret提供。
Here's如何生成秘密文件(包含内容),并将其放在应有的位置。
请记住,您的秘密文件位置(路径)保留在your cookbook attribute file中。变量:
node["openstack"]["secret"]["key_path"]请注意,此变量与文件的实际位置保持同步。