Chef CentOS v11: различия между версиями
Материал из noname.com.ua
Перейти к навигацииПерейти к поискуSirmax (обсуждение | вклад) |
Sirmax (обсуждение | вклад) |
||
| Строка 196: | Строка 196: | ||
==настройка knife== |
==настройка knife== |
||
| + | Для работы с 10-м шефом использовался "нож", в 11 он тоже присутствует |
||
| + | Подкладываю в ~/.chef файлы ключей: |
||
| ⚫ | |||
| + | <PRE> |
||
| − | + | cp /etc/chef-server/chef-validator.pem ~/.chef/ |
|
| ⚫ | |||
| + | </PRE> |
||
| ⚫ | |||
| − | Use knife configure -i to create an initial ~/.chef/knife.rb and new administrative API user for yourself. Use the FQDN of your newly installed Chef Server, with HTTPS. The validation key needs to be copied over from the Chef Server from /etc/chef-server/chef-validator.pem to ~/.chef to use it for automatically bootstrapping nodes with knife bootstrap. |
||
| − | 1 |
||
| + | <PRE>knife configure -i |
||
| − | |||
| + | Overwrite /root/.chef/knife.rb? (Y/N) |
||
| − | |||
| + | I have no idea what to do with |
||
| ⚫ | |||
| + | Just say Y or N, please. |
||
| + | Overwrite /root/.chef/knife.rb? (Y/N) Y |
||
| + | Please enter the chef server URL: [http://localhost:4000] https://localhost:443 |
||
| + | Please enter a name for the new user: [root] |
||
| + | Please enter the existing admin name: [admin] |
||
| + | Please enter the location of the existing admin's private key: [/etc/chef/admin.pem] ~/.chef/admin.pem |
||
| + | Please enter the validation clientname: [chef-validator] |
||
| + | Please enter the location of the validation key: [/etc/chef/validation.pem] ~/.chef/chef-validator.pem |
||
| + | Please enter the path to a chef repository (or leave blank): |
||
| + | Creating initial API user... |
||
| + | Please enter a password for the new user: |
||
| + | Created user[root] |
||
| + | Configuration file written to /root/.chef/knife.rb |
||
| + | </PRE> |
||
| + | <PRE> |
||
| + | [root@centos-chefserver .chef]# knife node list |
||
| + | </PRE> |
||
The .chef/knife.rb file should look something like this: |
The .chef/knife.rb file should look something like this: |
||
| − | |||
log_level :info |
log_level :info |
||
log_location STDOUT |
log_location STDOUT |
||
| − | node_name ' |
+ | node_name 'root' |
| − | client_key '/ |
+ | client_key '/root/.chef/root.pem' |
validation_client_name 'chef-validator' |
validation_client_name 'chef-validator' |
||
| − | validation_key '/ |
+ | validation_key '/root/.chef/chef-validator.pem' |
| − | chef_server_url 'https:// |
+ | chef_server_url 'https://localhost:443' |
| − | syntax_check_cache_path '/ |
+ | syntax_check_cache_path '/root/.chef/syntax_check_cache' |
| − | Your Chef Server is now ready to use. Test connectivity as your user with knife: |
||
| − | |||
| + | <PRE> |
||
% knife client list |
% knife client list |
||
chef-validator |
chef-validator |
||
chef-webui |
chef-webui |
||
| + | </PRE> |
||
| + | |||
| + | <PRE> |
||
% knife user list |
% knife user list |
||
admin |
admin |
||
| + | root |
||
| − | jtimberman |
||
| + | </PRE> |
||
| − | In previous versions of Open Source Chef Server, users were API clients. In Chef 11, users are separate entities on the Server. |
||
| + | ==chef-server-ctl== |
||
| − | The chef-server-ctl command is used on the Chef Server system for management. It has built-in help (-h) that will display the various sub-commands. |
||
Версия 23:28, 16 февраля 2013
Chef сервер под CentOS 6.3
Все очень призрачно...
За пару месяцев что я работаю с шефом произошли заметные изменения в процедуре установки. Точнее, новая процедура отличается от старой практически на 100%.
Я делаю установку внутри линукс-контейнера, потому я допускаю что есть отличия от установки на "нормальную" систему.
Скачать
Я брал здесь:
rpm -Uvh https://opscode-omnitruck-release.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.4-1.el6.x86_64.rpm
Но вообще-то узнать последнюю версию можно тут: http://www.opscode.com/chef/install/
Мне не очень нравится идея комбайна - эта РПМка тянет внутри себя кучу всего, включая Postgress, RabbitMQ и т.д.
Управляется все через новый механизм initctl
Немного забегая вперед, вот мой вывод:
initctl list rc stop/waiting lxc-sysinit stop/waiting tty (/dev/tty3) start/running, process 452 tty (/dev/tty2) start/running, process 450 tty (/dev/tty1) start/running, process 448 tty (console) start/running, process 10 tty (/dev/tty4) start/running, process 454 opscode-runsvdir start/running, process 699 plymouth-shutdown stop/waiting control-alt-delete stop/waiting rcS-emergency stop/waiting kexec-disable stop/waiting quit-plymouth stop/waiting rcS stop/waiting prefdm stop/waiting init-system-dbus stop/waiting splash-manager stop/waiting start-ttys stop/waiting rcS-sulogin stop/waiting serial stop/waiting
Конфигурация
Запускаю:
chef-server-ctl reconfigure
У меня на стадии запуска RabbitMQ произошло зависание. Я ре-стартовал контейнер и запустил заново конфигурацию - все прошло успешно. (Рестартовать контейнер это БЫСТРО и удобно - гарантировано убьются все процессы которые хотя бы в теории могут взаимодействовать с chef-server)
После завершения длительного процесса у меня запущен весь комплекс сервисов:
root 699 0.0 0.0 4136 444 ? Ss 13:47 0:00 runsvdir -P /opt/chef-server/service log: .................................................................................................................................... root 700 0.0 0.0 3984 248 ? Ss 13:47 0:00 \_ runsv rabbitmq root 701 0.0 0.0 4128 460 ? S 13:47 0:00 | \_ svlogd -tt /var/log/chef-server/rabbitmq 496 702 3.1 1.1 1170300 45668 ? Ssl 13:47 2:42 | \_ /opt/chef-server/embedded/lib/erlang/erts-5.9.2/bin/beam.smp -W w -K true -A30 -P 1048576 -- -root /opt/chef-server/embedded/lib/erlang -progname erl -- -home /var/op 496 812 0.0 0.0 4100 248 ? Ss 13:47 0:00 | \_ /opt/chef-server/embedded/lib/erlang/lib/os_mon-2.2.10/priv/bin/cpu_sup 496 813 0.0 0.0 10844 272 ? Ss 13:47 0:00 | \_ inet_gethost 4 496 814 0.0 0.0 12948 476 ? S 13:47 0:00 | \_ inet_gethost 4 root 1034 0.0 0.0 3984 284 ? Ss 13:48 0:00 \_ runsv postgresql root 1035 0.0 0.0 4128 476 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/postgresql 495 1036 0.0 0.8 1088948 35616 ? Ss 13:48 0:00 | \_ /opt/chef-server/embedded/bin/postgres -D /var/opt/chef-server/postgresql/data 495 1059 0.0 0.2 1089444 9284 ? Ss 13:48 0:00 | \_ postgres: checkpointer process 495 1060 0.0 0.1 1089444 6864 ? Ss 13:48 0:00 | \_ postgres: writer process 495 1061 0.0 0.0 1089444 436 ? Ss 13:48 0:00 | \_ postgres: wal writer process 495 1062 0.0 0.0 1090360 1380 ? Ss 13:48 0:00 | \_ postgres: autovacuum launcher process 495 1063 0.0 0.0 26448 656 ? Ss 13:48 0:00 | \_ postgres: stats collector process 495 1954 0.0 0.1 1093524 7872 ? Ss 14:10 0:02 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(42952) idle 495 1955 0.0 0.0 1092728 3852 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(53639) idle 495 1956 0.0 0.0 1092760 3992 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(43920) idle 495 1957 0.0 0.0 1092760 4016 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(39234) idle 495 1958 0.0 0.0 1092760 3868 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(39844) idle 495 1959 0.0 0.0 1092760 3844 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(54279) idle 495 1960 0.0 0.1 1092760 5580 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(39423) idle 495 1961 0.0 0.1 1092760 5612 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(50890) idle 495 1962 0.0 0.1 1092760 5596 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(41556) idle 495 1963 0.0 0.1 1092760 5800 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(52568) idle 495 1964 0.0 0.1 1092760 5604 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(49338) idle 495 1965 0.0 0.1 1092764 5632 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(53116) idle 495 1966 0.0 0.1 1092764 5824 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(52913) idle 495 1967 0.0 0.1 1092764 5612 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(44135) idle 495 1968 0.0 0.1 1092764 5660 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(40645) idle 495 1969 0.0 0.1 1092764 5664 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(58461) idle 495 1970 0.0 0.1 1092764 5672 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(50257) idle 495 1971 0.0 0.1 1092764 5632 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(43469) idle 495 1972 0.0 0.1 1092764 5640 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(57781) idle 495 1973 0.0 0.1 1092764 5668 ? Ss 14:10 0:01 | \_ postgres: opscode_chef opscode_chef 127.0.0.1(53964) idle root 1134 0.0 0.0 3984 284 ? Ss 13:48 0:00 \_ runsv chef-solr root 1135 0.0 0.0 4128 480 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/chef-solr 496 1136 0.3 2.3 2274872 94148 ? Ssl 13:48 0:17 | \_ java -Xmx989M -Xms989M -XX:NewSize=98M -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8086 -Dcom.sun.mana root 1160 0.0 0.0 3984 284 ? Ss 13:48 0:00 \_ runsv chef-expander root 1161 0.0 0.0 4128 488 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/chef-expander 496 1162 0.0 0.3 108756 15880 ? Ssl 13:48 0:01 | \_ ruby /opt/chef-server/embedded/service/chef-expander/bin/chef-expander -n 2 -c /var/opt/chef-server/chef-expander/etc/expander.rb 496 1201 0.7 0.5 178892 24040 ? Sl 13:48 0:40 | \_ chef-expander worker #1 (vnodes 0-511) 496 1204 0.7 0.5 179948 23732 ? Sl 13:48 0:39 | \_ chef-expander worker #2 (vnodes 512-1023) root 1224 0.0 0.0 3984 284 ? Ss 13:48 0:00 \_ runsv bookshelf root 1225 0.0 0.0 4128 476 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/bookshelf 496 1226 0.2 0.1 260896 7008 ? Ssl 13:48 0:12 | \_ /opt/chef-server/embedded/service/bookshelf/erts-5.9.2/bin/beam.smp -- -root /opt/chef-server/embedded/service/bookshelf -progname bookshelf -- -home /var/opt/chef-se root 1270 0.0 0.0 3984 248 ? Ss 13:48 0:00 \_ runsv erchef root 1271 0.0 0.0 4128 480 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/erchef 496 1578 2.1 0.7 608268 29580 ? Ssl 13:49 1:48 | \_ /opt/chef-server/embedded/service/erchef/erts-5.9.2/bin/beam.smp -K true -A 5 -- -root /opt/chef-server/embedded/service/erchef -progname erchef -- -home /var/opt/che 496 1604 0.0 0.0 10844 528 ? Ss 13:49 0:00 | \_ inet_gethost 4 496 1605 0.0 0.0 12948 636 ? S 13:49 0:00 | \_ inet_gethost 4 root 1389 0.0 0.0 3984 316 ? Ss 13:48 0:00 \_ runsv chef-server-webui root 1390 0.0 0.0 4128 536 ? S 13:48 0:00 | \_ svlogd -tt /var/log/chef-server/chef-server-webui 496 1391 0.0 0.5 87148 20540 ? Ssl 13:48 0:01 | \_ unicorn master -E chefserver -c /var/opt/chef-server/chef-server-webui/etc/unicorn.rb /opt/chef-server/embedded/service/chef-server-webui/config.ru 496 1430 0.1 2.6 773356 108440 ? Sl 13:48 0:10 | \_ unicorn worker[0] -E chefserver -c /var/opt/chef-server/chef-server-webui/etc/unicorn.rb /opt/chef-server/embedded/service/chef-server-webui/config.ru 496 1432 0.1 1.3 146388 55952 ? Sl 13:48 0:05 | \_ unicorn worker[1] -E chefserver -c /var/opt/chef-server/chef-server-webui/etc/unicorn.rb /opt/chef-server/embedded/service/chef-server-webui/config.ru root 1556 0.0 0.0 3984 312 ? Ss 13:49 0:00 \_ runsv nginx root 1557 0.0 0.0 4128 312 ? S 13:49 0:00 \_ svlogd -tt /var/log/chef-server/nginx root 1558 0.0 0.0 78072 2836 ? Ss 13:49 0:00 \_ nginx: master process /opt/chef-server/embedded/sbin/nginx -c /var/opt/chef-server/nginx/etc/nginx.conf 496 1574 0.0 0.1 82500 6824 ? S 13:49 0:00 \_ nginx: worker process 496 1575 0.0 0.1 82216 5556 ? S 13:49 0:01 \_ nginx: worker process 496 1576 0.0 0.0 78244 1332 ? S 13:49 0:00 \_ nginx: cache manager process 496 719 0.0 0.0 10876 252 ? S 13:47 0:00 /opt/chef-server/embedded/lib/erlang/erts-5.9.2/bin/epmd -daemon
Базовое тестирование
chef-server-ctl test
Достаточно длительный процесс (по крайне мере на ограниченных ресурсах контейнера)
У меня возникли некоторые проблемы (пока я не выявил сказалось ли это на работоспособности сервера)
Search API endpoint
/search/environment
GET
when searching for a single environment by name
should have more than just the target of our environment search on the system
should return status code 200 and a single environment
POST
targeted toward many environments with body of {"possibly_nested"=>["default_attributes", "top", "middle", "bottom"], "the_name"=>["name"], "not_found"=>["foo", "bar", "baz", "totally_not_a_real_field"], "empty"=>[]}
should succeed, and return multiple environments (FAILED - 1)
/search/node
GET
when searching for a single node by name
should have more than just the target of our node search on the system
should return status code 200 and a single node
POST
Failures:
1) Search API endpoint /search/environment POST targeted toward many environments with body of {"possibly_nested"=>["default_attributes", "top", "middle", "bottom"], "the_name"=>["name"], "not_found"=>["foo", "bar", "baz", "totally_not_a_real_field"], "empty"=>[]} should succeed, and return multiple environments
Failure/Error: r.should look_like search_success_response
'total' should match '6', but we got '7' instead.
# ./lib/pedant/rspec/search_util.rb:99:in `block (2 levels) in performing_a_search'
# ./lib/pedant/rspec/search_util.rb:670:in `with_search_polling'
# ./lib/pedant/rspec/search_util.rb:86:in `block in performing_a_search'
Finished in 5 minutes 43.13 seconds
70 examples, 1 failure
Failed examples:
rspec ./lib/pedant/rspec/search_util.rb:85 # Search API endpoint /search/environment POST targeted toward many environments with body of {"possibly_nested"=>["default_attributes", "top", "middle", "bottom"], "the_name"=>["name"], "not_found"=>["foo", "bar", "baz", "totally_not_a_real_field"], "empty"=>[]} should succeed, and return multiple environments
Если я понимаю правильно - ответ содержит 7 результатов вместо ожидаемых 6 но в json ниже я не могу найти ни 6 ни 7 атрибутов. Тут есть неясность.
{
"possibly_nested"=>
[
"default_attributes",
"top",
"middle",
"bottom"
],
"the_name"=>
[
"name"
],
"not_found"=>
[
"foo",
"bar",
"baz",
"totally_not_a_real_field"
],
"empty"=>
[
]
}
настройка knife
Для работы с 10-м шефом использовался "нож", в 11 он тоже присутствует
Подкладываю в ~/.chef файлы ключей:
cp /etc/chef-server/chef-validator.pem ~/.chef/ cp /etc/chef-server/admin.pem ~/.chef/
Запускаем knife configure -i
knife configure -i Overwrite /root/.chef/knife.rb? (Y/N) I have no idea what to do with Just say Y or N, please. Overwrite /root/.chef/knife.rb? (Y/N) Y Please enter the chef server URL: [http://localhost:4000] https://localhost:443 Please enter a name for the new user: [root] Please enter the existing admin name: [admin] Please enter the location of the existing admin's private key: [/etc/chef/admin.pem] ~/.chef/admin.pem Please enter the validation clientname: [chef-validator] Please enter the location of the validation key: [/etc/chef/validation.pem] ~/.chef/chef-validator.pem Please enter the path to a chef repository (or leave blank): Creating initial API user... Please enter a password for the new user: Created user[root] Configuration file written to /root/.chef/knife.rb
[root@centos-chefserver .chef]# knife node list
The .chef/knife.rb file should look something like this:
log_level :info
log_location STDOUT
node_name 'root'
client_key '/root/.chef/root.pem'
validation_client_name 'chef-validator'
validation_key '/root/.chef/chef-validator.pem'
chef_server_url 'https://localhost:443'
syntax_check_cache_path '/root/.chef/syntax_check_cache'
% knife client list chef-validator chef-webui
% knife user list admin root
