ライン

ポイント:*

ライン

 はじめに

CentOS 6.7

 引き続きChef関連です。どっちかというと、これを試したくて前のページ(chef-solo)はつくったのです。Chef zero。
chef-soloのサバクラっぽい使い方ができる、いいとこ取りみたいです。まずは動かしてみる…をやります。

 今回も VMware 以下にゲストを2台準備します。両方ともにCentOS 6.7を利用することにしました。
minimalに必要なものを適当に加えただけのベースより準備しています。

 chef-zeroを準備する

 今回初めて試すので、これまでの作り方などは忘れて進めます。

 Rubyを入れる手順をスキップして、chefdkで入れることにします。まずは、wgetが欲しいので入れておきました。

# yum install wget

 ということで、chef-soloでsshする元マシンには、手でmakeしたRUBYをインストールする必要があるのですが、wget gcc openssl-devel zlib-devel rcyncが必要になると分かってるので、事前導入をしておきます。コマンドは省略してもいいですよね…。

# cd /root
# wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chefdk-0.10.0-1.el6.x86_64.rpm
警告: chefdk-0.10.0-1.el6.x86_64.rpm: ヘッダ V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
準備中...                ########################################### [100%]
   1:chefdk                 ########################################### [100%]
Thank you for installing Chef Development Kit!
# chef -v
Chef Development Kit Version: 0.10.0
chef-client version: 12.5.1
berks version: 4.0.1
kitchen version: 1.4.2
# ruby -v
-bash: ruby: コマンドが見つかりません
# /opt/chefdk/embedded/bin/ruby -v
ruby 2.1.6p336 (2015-04-13 revision 50298) [x86_64-linux]
# /opt/chefdk/embedded/bin/gem -v
2.4.8

 ふむ、こういう感じなのだね。
確かに、ryby頑張っていれるよりもずっと楽ちん。

# /opt/chefdk/embedded/bin/gem list

*** LOCAL GEMS ***

activesupport (4.2.4, 3.2.22)
addressable (2.3.8)
app_conf (0.4.2)
appbundler (0.6.0)
archive (0.0.6)
aruba (0.10.0, 0.7.4)
ast (2.1.0)
astrolabe (1.3.1)
aws-sdk (2.1.35)
aws-sdk-core (2.1.35)
aws-sdk-resources (2.1.35)
aws-sdk-v1 (1.66.0)
axiom-types (0.1.1)
berkshelf (4.0.1)
berkshelf-api-client (2.0.0)
bigdecimal (1.2.4)
buff-config (1.0.1)
buff-extensions (1.0.0)
buff-ignore (1.1.1)
buff-ruby_engine (0.1.0)
buff-shell_out (0.2.0)
builder (3.2.2)
bundler (1.10.6)
cane (2.6.2)
celluloid (0.16.0)
celluloid-io (0.16.2)
CFPropertyList (2.3.2)
chef (12.5.1)
chef-config (12.5.1)
chef-dk (0.10.0)
chef-provisioning (1.5.0)
chef-provisioning-aws (1.6.1)
chef-provisioning-azure (0.4.0)
chef-provisioning-fog (0.15.0)
chef-provisioning-vagrant (0.10.0)
chef-vault (2.6.1)
chef-zero (4.3.2, 1.5.6)
cheffish (1.6.0)
chefspec (4.4.0)
childprocess (0.5.7)
cleanroom (1.0.0)
codeclimate-test-reporter (0.4.8)
coderay (1.1.0)
coercible (1.0.0)
concurrent-ruby (0.9.2)
contracts (0.12.0)
cookbook-omnifetch (0.2.2)
countloc (0.4.0)
crack (0.4.2)
cucumber (2.1.0, 1.3.20)
cucumber-core (1.3.0)
dep-selector-libgecode (1.0.2)
dep_selector (1.0.3)
descendants_tracker (0.0.4)
diff-lcs (1.2.5)
diffy (3.0.7)
docile (1.1.5)
docker-api (1.22.4)
domain_name (0.5.25)
equalizer (0.0.11)
erubis (2.7.0)
excon (0.45.4)
fakefs (0.6.7)
faraday (0.9.2)
fauxhai (2.3.0)
ffi (1.9.10)
ffi-yajl (2.2.2)
finstyle (1.5.0)
fission (0.5.0)
fog (1.35.0)
fog-aliyun (0.0.10)
fog-atmos (0.1.0)
fog-aws (0.7.6)
fog-brightbox (0.9.0)
fog-core (1.32.1)
fog-dynect (0.0.2)
fog-ecloud (0.3.0)
fog-google (0.1.1)
fog-json (1.0.2)
fog-local (0.2.1)
fog-powerdns (0.1.1)
fog-profitbricks (0.0.5)
fog-radosgw (0.0.4)
fog-riakcs (0.1.0)
fog-sakuracloud (1.3.3)
fog-serverlove (0.1.2)
fog-softlayer (1.0.2)
fog-storm_on_demand (0.1.1)
fog-terremark (0.1.0)
fog-vmfusion (0.1.0)
fog-voxel (0.1.0)
fog-xenserver (0.2.2)
fog-xml (0.1.2)
foodcritic (5.0.0)
formatador (0.2.5)
fuubar (1.3.3)
gherkin (2.12.2)
gherkin3 (3.1.2)
git (1.2.9.1)
grape (0.13.0)
grape-msgpack (0.1.2)
gssapi (1.2.0)
guard (2.13.0)
guard-compat (1.2.1)
guard-rspec (4.6.4)
gyoku (1.3.1)
hashdiff (0.2.3)
hashie (3.4.3, 2.1.2)
highline (1.7.8)
hitimes (1.2.3)
http (0.9.8)
http-cookie (1.0.2)
http-form_data (1.0.1)
http_parser.rb (0.6.0)
httpclient (2.7.0, 2.6.0.1)
i18n (0.7.0)
ice_nine (0.11.1)
inflecto (0.0.2)
inifile (2.0.2)
inspec (0.9.2)
io-console (0.4.3)
ipaddress (0.8.0)
jmespath (1.1.3)
json (1.8.3, 1.8.1)
kitchen-inspec (0.9.0)
kitchen-vagrant (0.19.0)
knife-spork (1.5.0)
knife-windows (1.1.1)
libyajl2 (1.2.0)
listen (3.0.4)
little-plugger (1.1.4)
logging (1.8.2)
lumberjack (1.0.9)
macaddr (1.7.1)
maruku (0.7.2)
metaclass (0.0.4)
method_source (0.8.2)
mime-types (2.6.2)
mini_portile (0.6.2, 0.6.0)
minitar (0.5.4)
minitest (5.8.2, 4.7.5)
mixlib-authentication (1.3.0)
mixlib-cli (1.5.0)
mixlib-config (2.2.1)
mixlib-install (0.7.0)
mixlib-log (1.6.0)
mixlib-shellout (2.2.3)
mocha (1.1.0)
molinillo (0.2.3)
moneta (0.6.0)
msgpack (0.5.12)
multi_json (1.11.2)
multi_test (0.1.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
nenv (0.2.0)
net-scp (1.2.1)
net-ssh (2.9.2)
net-ssh-gateway (1.2.0)
net-ssh-multi (1.2.1)
net-telnet (0.1.1)
netrc (0.11.0)
nio4r (1.1.1)
nokogiri (1.6.6.2, 1.6.3.1)
nori (2.6.0)
notiffany (0.0.8)
octokit (4.1.1, 3.8.0)
ohai (8.7.0)
paint (1.0.0)
parallel (1.6.1)
parser (2.2.3.0)
plist (3.1.0)
polyglot (0.3.5)
powerpack (0.1.1)
pry (0.10.3)
psych (2.0.5)
puma (1.6.3)
r-train (0.9.1)
rack (1.6.4, 1.5.5)
rack-accept (0.4.5)
rack-mount (0.8.3)
rainbow (2.0.0)
rake (10.4.2, 10.1.0, 0.9.6)
rb-fsevent (0.9.6)
rb-inotify (0.9.5)
rdoc (4.1.0)
reel (0.5.0)
retryable (2.0.3)
ridley (4.3.2)
rspec (3.3.0, 3.0.0)
rspec-core (3.3.2, 3.0.4)
rspec-expectations (3.3.1, 3.0.4)
rspec-its (1.2.0)
rspec-mocks (3.3.2, 3.0.4)
rspec-support (3.3.0, 3.0.4)
rspec_junit_formatter (0.2.3)
rubocop (0.34.2, 0.32.1, 0.31.0)
ruby-progressbar (1.7.5)
ruby-shadow (2.5.0)
ruby_gntp (0.3.4)
rubyntlm (0.4.0)
rubyzip (1.1.7)
rufus-lru (1.0.5)
safe_yaml (1.0.4)
sawyer (0.6.0)
semverse (1.2.1)
serverspec (2.24.2)
sfl (2.2)
shellany (0.0.1)
simplecov (0.10.0)
simplecov-html (0.10.0)
slop (3.6.0)
solve (2.0.1, 1.2.1)
specinfra (2.44.1)
spork (0.9.2)
stuartpreston-azure-sdk-for-ruby (0.7.1)
syslog-logger (1.6.8)
systemu (2.6.5)
test-kitchen (1.4.2)
test-unit (2.1.6.0)
thor (0.19.1)
thread_safe (0.3.5)
timers (4.0.4)
tomlrb (1.1.1)
treetop (1.6.3)
tzinfo (1.2.2)
ubuntu_ami (0.4.1)
unf (0.1.4)
unf_ext (0.0.7.1)
uuid (2.3.8)
uuidtools (2.1.5)
varia_model (0.4.1)
virtus (1.0.5)
webmock (1.22.3)
websocket_parser (1.0.0)
winrm (1.3.4)
winrm-s (0.3.1)
winrm-transport (1.0.2)
wmi-lite (1.0.0)
xml-simple (1.1.5)
yajl-ruby (1.2.1)
yard (0.8.7.6)

knife-zeroは入っていない。

# chef gem install knife-zero
Fetching: chef-config-12.7.2.gem (100%)
WARNING:  You don't have /root/.chefdk/gem/ruby/2.1.0/bin in your PATH,
          gem executables will not run.
Successfully installed chef-config-12.7.2
Fetching: chef-zero-4.5.0.gem (100%)
Successfully installed chef-zero-4.5.0
Fetching: rspec-support-3.4.1.gem (100%)
Successfully installed rspec-support-3.4.1
Fetching: rspec-core-3.4.2.gem (100%)
Successfully installed rspec-core-3.4.2
Fetching: rspec-expectations-3.4.0.gem (100%)
Successfully installed rspec-expectations-3.4.0
Fetching: rspec-mocks-3.4.1.gem (100%)
Successfully installed rspec-mocks-3.4.1
Fetching: mixlib-authentication-1.4.0.gem (100%)
Successfully installed mixlib-authentication-1.4.0
Fetching: proxifier-1.0.3.gem (100%)
Successfully installed proxifier-1.0.3
Fetching: rspec-3.4.0.gem (100%)
Successfully installed rspec-3.4.0
Fetching: chef-12.7.2.gem (100%)
Successfully installed chef-12.7.2
Fetching: knife-zero-1.13.1.gem (100%)
Successfully installed knife-zero-1.13.1
11 gems installed
# /opt/chefdk/embedded/bin/gem list knife

*** LOCAL GEMS ***

knife-spork (1.5.0)
knife-windows (1.1.1)
knife-zero (1.13.1)

 インストールされました。

 動かすための事前準備を始めます。利用するユーザ等からです。

# useradd -d /home/chefadmin -s /bin/bash -u 555 -m chefadmin -G wheel
# su chefadmin
$ cd

 レポジトリの準備開始。

$ chef generate repo chef-repo
Compiling Cookbooks...
Recipe: code_generator::repo
  * directory[/home/chefadmin/chef-repo] action create
    - create new directory /home/chefadmin/chef-repo
  * template[/home/chefadmin/chef-repo/LICENSE] action create_if_missing
    - create new file /home/chefadmin/chef-repo/LICENSE
    - update content in file /home/chefadmin/chef-repo/LICENSE from none to f750c0
    (diff output suppressed by config)
  * cookbook_file[/home/chefadmin/chef-repo/.chef-repo.txt] action create_if_missing
    - create new file /home/chefadmin/chef-repo/.chef-repo.txt
    - update content in file /home/chefadmin/chef-repo/.chef-repo.txt from none to 2bed28
    (diff output suppressed by config)
  * cookbook_file[/home/chefadmin/chef-repo/README.md] action create_if_missing
    - create new file /home/chefadmin/chef-repo/README.md
    - update content in file /home/chefadmin/chef-repo/README.md from none to 1b81aa
    (diff output suppressed by config)
  * cookbook_file[/home/chefadmin/chef-repo/chefignore] action create_if_missing
    - create new file /home/chefadmin/chef-repo/chefignore
    - update content in file /home/chefadmin/chef-repo/chefignore from none to 51b09a
    (diff output suppressed by config)
  * remote_directory[/home/chefadmin/chef-repo/cookbooks] action create_if_missing
    - create new directory /home/chefadmin/chef-repo/cookbooks
  Recipe: <Dynamically Defined Resource>
    * directory[/home/chefadmin/chef-repo/cookbooks/example] action create
      - create new directory /home/chefadmin/chef-repo/cookbooks/example
      - change mode from '' to '0775'
      - change owner from '' to 'chefadmin'
      - change group from '' to 'chefadmin'
    * cookbook_file[/home/chefadmin/chef-repo/cookbooks/example/metadata.rb] action create_if_missing
      - create new file /home/chefadmin/chef-repo/cookbooks/example/metadata.rb
      - update content in file /home/chefadmin/chef-repo/cookbooks/example/metadata.rb from none to f0778c
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * cookbook_file[/home/chefadmin/chef-repo/cookbooks/example/README.md] action create_if_missing
      - create new file /home/chefadmin/chef-repo/cookbooks/example/README.md
      - update content in file /home/chefadmin/chef-repo/cookbooks/example/README.md from none to d6634d
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * directory[/home/chefadmin/chef-repo/cookbooks/example/recipes] action create
      - create new directory /home/chefadmin/chef-repo/cookbooks/example/recipes
      - change mode from '' to '0775'
      - change owner from '' to 'chefadmin'
      - change group from '' to 'chefadmin'
    * cookbook_file[/home/chefadmin/chef-repo/cookbooks/example/recipes/default.rb] action create_if_missing
      - create new file /home/chefadmin/chef-repo/cookbooks/example/recipes/default.rb
      - update content in file /home/chefadmin/chef-repo/cookbooks/example/recipes/default.rb from none to fec476
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * directory[/home/chefadmin/chef-repo/cookbooks/example/attributes] action create
      - create new directory /home/chefadmin/chef-repo/cookbooks/example/attributes
      - change mode from '' to '0775'
      - change owner from '' to 'chefadmin'
      - change group from '' to 'chefadmin'
    * cookbook_file[/home/chefadmin/chef-repo/cookbooks/example/attributes/default.rb] action create_if_missing
      - create new file /home/chefadmin/chef-repo/cookbooks/example/attributes/default.rb
      - update content in file /home/chefadmin/chef-repo/cookbooks/example/attributes/default.rb from none to 16a397
      (diff output suppressed by config)
      - change mode from '' to '0644'

Recipe: code_generator::repo
  * remote_directory[/home/chefadmin/chef-repo/data_bags] action create_if_missing
    - create new directory /home/chefadmin/chef-repo/data_bags
  Recipe: <Dynamically Defined Resource>
    * cookbook_file[/home/chefadmin/chef-repo/data_bags/README.md] action create_if_missing
      - create new file /home/chefadmin/chef-repo/data_bags/README.md
      - update content in file /home/chefadmin/chef-repo/data_bags/README.md from none to 3167c5
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * directory[/home/chefadmin/chef-repo/data_bags/example] action create
      - create new directory /home/chefadmin/chef-repo/data_bags/example
      - change mode from '' to '0775'
      - change owner from '' to 'chefadmin'
      - change group from '' to 'chefadmin'
    * cookbook_file[/home/chefadmin/chef-repo/data_bags/example/example_item.json] action create_if_missing
      - create new file /home/chefadmin/chef-repo/data_bags/example/example_item.json
      - update content in file /home/chefadmin/chef-repo/data_bags/example/example_item.json from none to 1048ec
      (diff output suppressed by config)
      - change mode from '' to '0644'

Recipe: code_generator::repo
  * remote_directory[/home/chefadmin/chef-repo/roles] action create_if_missing
    - create new directory /home/chefadmin/chef-repo/roles
  Recipe: <Dynamically Defined Resource>
    * cookbook_file[/home/chefadmin/chef-repo/roles/example.json] action create_if_missing
      - create new file /home/chefadmin/chef-repo/roles/example.json
      - update content in file /home/chefadmin/chef-repo/roles/example.json from none to 297ea8
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * cookbook_file[/home/chefadmin/chef-repo/roles/README.md] action create_if_missing
      - create new file /home/chefadmin/chef-repo/roles/README.md
      - update content in file /home/chefadmin/chef-repo/roles/README.md from none to 7a28c9
      (diff output suppressed by config)
      - change mode from '' to '0644'

Recipe: code_generator::repo
  * remote_directory[/home/chefadmin/chef-repo/environments] action create_if_missing
    - create new directory /home/chefadmin/chef-repo/environments
  Recipe: <Dynamically Defined Resource>
    * cookbook_file[/home/chefadmin/chef-repo/environments/example.json] action create_if_missing
      - create new file /home/chefadmin/chef-repo/environments/example.json
      - update content in file /home/chefadmin/chef-repo/environments/example.json from none to 59a963
      (diff output suppressed by config)
      - change mode from '' to '0644'
    * cookbook_file[/home/chefadmin/chef-repo/environments/README.md] action create_if_missing
      - create new file /home/chefadmin/chef-repo/environments/README.md
      - update content in file /home/chefadmin/chef-repo/environments/README.md from none to c9ccdf
      (diff output suppressed by config)
      - change mode from '' to '0644'

Recipe: code_generator::repo
  * cookbook_file[/home/chefadmin/chef-repo/cookbooks/README.md] action create_if_missing
    - create new file /home/chefadmin/chef-repo/cookbooks/README.md
    - update content in file /home/chefadmin/chef-repo/cookbooks/README.md from none to 86e9ef
    (diff output suppressed by config)

 knife.rbを準備します。

$ cd /home/chefadmin/chef-repo
$ mkdir .chef
$ vi .chef/knife.rb
---
local_mode true
---

 次は、リモート先に接続できるように、/etc/hostsに記述を追加。IP直でも、DNS登録でもいいのですが、ここは簡単に済ませました。

192.168.1.25 test2target

 のようにしました。

リモート先に接続するためのアカウント等の準備

 ここで、sshでパスワードなしでログインして、sudoでもパスワードなしでrootに上がる必要があります。
これを実現するための準備をします。

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/chefadmin/.ssh/id_rsa):
Created directory '/home/chefadmin/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/chefadmin/.ssh/id_rsa.
Your public key has been saved in /home/chefadmin/.ssh/id_rsa.pub.
The key fingerprint is:
69:7f:bc:dc:2f:96:d8:03:e8:9e:ee:4f:eb:86:ad:bc chefadmin@chefbase
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|         .       |
|        S  .     |
|       . ....    |
|         ..o++ . |
|         .o=++*  |
|         +E**..+.|
+-----------------+

この後は、リモート側で必要な事前作業です。※記載は以前のものを流用です※

 リモート側の事前作業

スクリプトにしておけば良さそう

 前の作業でできた公開鍵を設置するための作業。
ユーザの準備とsudoの設定、および鍵の準備です。
#コピペしやすいように、以下太字などにするとか、プロンプト表示を割愛してます。

useradd -d /home/chefadmin -s /bin/bash -u 555 -m chefadmin -G wheel
mkdir -p /home/chefadmin/.ssh
chown chefadmin:chefadmin /home/chefadmin/.ssh
echo "ssh-rsa ~ chefadmin@chefbase" >> /home/chefadmin/.ssh/authorized_keys
chmod 600  /home/chefadmin/.ssh/authorized_keys
chown chefadmin:chefadmin  /home/chefadmin/.ssh/authorized_keys
echo '%wheel  ALL=(ALL)       NOPASSWD: ALL' >> /etc/sudoers

 こんな感じで完了。wheelグループのみが sudoでパスワードなしでrootになれるようにしていますが、chefadminに限定しても良いでしょう。
元サーバから、ssh testtargetでログインできることと、sudo -iでrootになれたことを確認しておきましょう。

# uname -n
test2target
# id
uid=0(root) gid=0(root) 所属グループ=0(root)

これでリモートの準備は終わりです。

 リモート連動を確認する

knife zero bootstrap

 あれ?knife zeroコマンドが動かない。

$ knife zero bootstrap test2target
FATAL: Cannot find subcommand for: 'zero bootstrap test2target'
Available subcommands: (for details, knife SUB-COMMAND --help)
※一度再起動※
...
# knife zero bootstrap test2target
/opt/chefdk/embedded/lib/ruby/site_ruby/2.1.0/rubygems/specification.rb:2112:in `raise_if_conflicts':
 Unable to activate knife-zero-1.13.1, because chef-12.5.1 conflicts with chef (~> 12.6) (Gem::ConflictError)

む?
楽しくないな。
https://github.com/higanworks/knife-zero/blob/master/CHANGELOG.md
https://github.com/higanworks/knife-zero/issues/84 辺りを見て修正。

# chef gem uninstall knife-zero
Successfully uninstalled knife-zero-1.13.1
# chef gem install knife-zero -v "1.10.2"
Fetching: knife-zero-1.10.2.gem (100%)
WARNING:  You don't have /root/.chefdk/gem/ruby/2.1.0/bin in your PATH,
          gem executables will not run.
Successfully installed knife-zero-1.10.2
1 gem installed
$ sudo knife zero bootstrap test2target -x chefadmin -i /home/chefadmin/.ssh/
id_rsa       id_rsa.pub   known_hosts
[chefadmin@chefzero root]$ sudo knife zero bootstrap test2target -x chefadmin -i /home/chefadmin/.ssh/id_rsa
WARNING: No knife configuration file found
WARN: No cookbooks directory found at or above current directory.  Assuming /root.
Doing old-style registration with the validation key at ...
Delete your validation key in order to use your user credentials instead

Connecting to test2target
test2target -----> Installing Chef Omnibus (-v 12)
test2target downloading https://www.opscode.com/chef/install.sh
test2target   to file /tmp/install.sh.1741/install.sh
test2target trying curl...
test2target Getting information for chef stable 12 for el...
test2target downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=12&p=el&pv=6&m=x86_64
test2target   to file /tmp/install.sh.1752/metadata.txt
test2target trying curl...
test2target url https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-12.7.2-1.el6.x86_64.rpm
test2target md5 8c3ba2e797fc852fc557b0e7157556cc
test2target sha256      6af0eb1c7706fc6a36f74ae9f590135e37e6206f2fe7d5a1760c1e2da1b36068
test2target version     12.7.2downloaded metadata file looks valid...
test2target downloading https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-12.7.2-1.el6.x86_64.rpm
test2target   to file /tmp/install.sh.1752/chef-12.7.2-1.el6.x86_64.rpm
test2target trying curl...
test2target Comparing checksum with sha256sum...
test2target Installing chef 12
test2target installing with rpm...
test2target 警告: /tmp/install.sh.1752/chef-12.7.2-1.el6.x86_64.rpm: ヘッダ V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
test2target エラー: can't create transaction lock on /var/lib/rpm/.rpm.lock (許可がありません)
test2target Installation failed
test2target Version: 12
test2target
test2target Please file a Bug Report at https://github.com/chef/omnitruck/issues/new
test2target Alternatively, feel free to open a Support Ticket at https://www.chef.io/support/tickets
test2target More Chef support resources can be found at https://www.chef.io/support
test2target
test2target Please include as many details about the problem as possible i.e., how to reproduce
test2target the problem (if possible), type of the Operating System and its version, etc.,
test2target and any other relevant details that might help us with troubleshooting.
test2target
test2target mkdir: ディレクトリ `/etc/chef' を作成できません: 許可がありません
test2target sh: line 179: /etc/chef/validation.pem: そのようなファイルやディレクトリはありません
test2target chmod: cannot access `/etc/chef/validation.pem': そのようなファイルやディレクトリはありません
test2target sh: line 214: /etc/chef/client.rb: そのようなファイルやディレクトリはありません
test2target sh: line 222: /etc/chef/first-boot.json: そのようなファイルやディレクトリはありません
test2target Starting the first Chef Client run...
test2target sh: line 228: chef-client: コマンドが見つかりません
$ sudo knife zero bootstrap test2target -x chefadmin -i /home/chefadmin/.ssh/id_rsa --sudo
WARNING: No knife configuration file found
WARN: No cookbooks directory found at or above current directory.  Assuming /root.
Doing old-style registration with the validation key at ...
Delete your validation key in order to use your user credentials instead

Connecting to test2target
test2target -----> Installing Chef Omnibus (-v 12)
test2target downloading https://www.opscode.com/chef/install.sh
test2target   to file /tmp/install.sh.1808/install.sh
test2target trying curl...
test2target Getting information for chef stable 12 for el...
test2target downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=12&p=el&pv=6&m=x86_64
test2target   to file /tmp/install.sh.1813/metadata.txt
test2target trying curl...
test2target url https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-12.7.2-1.el6.x86_64.rpm
test2target md5 8c3ba2e797fc852fc557b0e7157556cc
test2target sha256      6af0eb1c7706fc6a36f74ae9f590135e37e6206f2fe7d5a1760c1e2da1b36068
test2target version     12.7.2downloaded metadata file looks valid...
test2target downloading https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-12.7.2-1.el6.x86_64.rpm
test2target   to file /tmp/install.sh.1813/chef-12.7.2-1.el6.x86_64.rpm
test2target trying curl...
test2target Comparing checksum with sha256sum...
test2target Installing chef 12
test2target installing with rpm...
test2target 警告: /tmp/install.sh.1813/chef-12.7.2-1.el6.x86_64.rpm: ヘッダ V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
test2target 準備中...                ########################################### [100%]
test2target    1:chef                   ########################################### [100%]
test2target Thank you for installing Chef!
test2target Starting the first Chef Client run...
test2target Starting Chef Client, version 12.7.2
test2target Creating a new client identity for test2target using the validator key.
test2target resolving cookbooks for run list: []
test2target Synchronizing Cookbooks:
test2target Compiling Cookbooks...
test2target [2016-02-13T15:22:27+09:00] WARN: Node test2target has an empty run list.
test2target Converging 0 resources
test2target
test2target Running handlers:
test2target Running handlers complete
test2target Chef Client finished, 0/0 resources updated in 02 seconds

…ということみたいだ。
いちいちchefadminになって作業する方がおかしいってことだよね?

# knife zero bootstrap test2target --node-name test2target -x chefadmin -i /home/chefadmin/.ssh/id_rsa --sudo
Doing old-style registration with the validation key at ...
Delete your validation key in order to use your user credentials instead

Connecting to test2target
test2target -----> Existing Chef installation detected
test2target Starting the first Chef Client run...
test2target Starting Chef Client, version 12.7.2
test2target resolving cookbooks for run list: []
test2target Synchronizing Cookbooks:
test2target Compiling Cookbooks...
test2target [2016-02-13T15:37:54+09:00] WARN: Node test2target has an empty run list.
test2target Converging 0 resources
test2target
test2target Running handlers:
test2target Running handlers complete
test2target Chef Client finished, 0/0 resources updated in 01 seconds

これは長いな。.chef/knife.rbを加えます。

local_mode true
knife[:use_sudo]        = true
knife[:ssh_user]        = "chefadmin"
knife[:identity_file]   = '/home/chefadmin/.ssh/id_rsa'

これで短くいけるはず。

# knife zero bootstrap test2target
Doing old-style registration with the validation key at ...
Delete your validation key in order to use your user credentials instead

Connecting to test2target
test2target -----> Existing Chef installation detected
test2target Starting the first Chef Client run...
test2target Starting Chef Client, version 12.7.2
test2target resolving cookbooks for run list: []
test2target Synchronizing Cookbooks:
test2target Compiling Cookbooks...
test2target [2016-02-13T16:05:40+09:00] WARN: Node test2target has an empty run list.
test2target Converging 0 resources
test2target
test2target Running handlers:
test2target Running handlers complete
test2target Chef Client finished, 0/0 resources updated in 01 seconds

はい、いけました。validation keyを消せよっていうのは具体的に何のファイルなのかは不明。...って何?
とりあえず急がないので、課題として残して先へ進むことに。

nodesのディレクトリが作成されました。

# ll
合計 32
-rw-rw-r-- 1 chefadmin chefadmin   70  2月 13 09:47 2016 LICENSE
-rw-rw-r-- 1 chefadmin chefadmin 1546  2月 13 09:47 2016 README.md
-rw-rw-r-- 1 chefadmin chefadmin 1029  2月 13 09:47 2016 chefignore
drwxrwxr-x 3 chefadmin chefadmin 4096  2月 13 09:47 2016 cookbooks
drwxrwxr-x 3 chefadmin chefadmin 4096  2月 13 09:47 2016 data_bags
drwxrwxr-x 2 chefadmin chefadmin 4096  2月 13 09:47 2016 environments
drwxr-xr-x 2 root      root      4096  2月 13 15:32 2016 nodes
drwxrwxr-x 2 chefadmin chefadmin 4096  2月 13 09:47 2016 roles
# ll nodes/
合計 40
-rw-r--r-- 1 root root 37889  2月 13 15:37 2016 test2target.json
# knife node list -z
test2target

…ということで、testという cookbookを準備します。

$ knife cookbook create test -o site-cookbooks
** Creating cookbook test in /home/chefadmin/chef-repo/site-cookbooks
** Creating README for cookbook: test
** Creating CHANGELOG for cookbook: test
** Creating metadata for cookbook: test

 これは同じでOK。

$ cd /home/chefadmin/chef-repo/site-cookbooks/test/recipes
$ vi default.rb 

 お試しは以下を書きました。

#
# Cookbook Name:: test
# Recipe:: default
#
# Copyright 2016, fkimura
#
# All rights reserved - Do Not Redistribute
#
package "httpd" do
  action :install
end

service "httpd" do
  action :start
end

では、準備が終わりましたので、実行しましょう。

# knife node run_list add -z test2target 'recipe[test]'
test2target:
  run_list: recipe[test]
# knife zero converge 'name:test2target' --attribute name --why-run
test2target Starting Chef Client, version 12.7.2
test2target resolving cookbooks for run list: ["test"]
test2target Synchronizing Cookbooks:
test2target   - test (0.1.0)
test2target Compiling Cookbooks...
test2target Converging 2 resources
test2target Recipe: test::default
test2target   * yum_package[httpd] action install
test2target     - Would install version 2.2.15-47.el6.centos.3 of package httpd
test2target   * service[httpd] action start
test2target     * service[httpd]: No custom command for start specified and unable to locate the init.d script!
test2target     * Assuming service would be disabled. The init script is not presently installed.
test2target     - Would start service service[httpd]
test2target [2016-02-13T16:51:53+09:00] WARN: In why-run mode, so NOT performing node save.
test2target
test2target Running handlers:
test2target Running handlers complete
test2target Chef Client finished, 2/2 resources would have been updated
# knife zero converge 'name:test2target' --attribute name
test2target Starting Chef Client, version 12.7.2
test2target resolving cookbooks for run list: ["test"]
test2target Synchronizing Cookbooks:
test2target   - test (0.1.0)
test2target Compiling Cookbooks...
test2target Converging 2 resources
test2target Recipe: test::default
test2target   * yum_package[httpd] action install
test2target     - install version 2.2.15-47.el6.centos.3 of package httpd
test2target   * service[httpd] action start
test2target     - start service service[httpd]
test2target
test2target Running handlers:
test2target Running handlers complete
test2target Chef Client finished, 2/2 resources updated in 09 seconds

無事リモートで操作が行えました。
リモート側を見てみましょう。

# ps axu|grep httpd|grep -v grep
root      5440  0.0  0.1 177344  3824 ?        Ss   16:52   0:00 /usr/sbin/httpd
apache    5443  0.0  0.1 177344  2484 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5444  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5445  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5446  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5447  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5448  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5449  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd
apache    5450  0.0  0.1 177344  2468 ?        S    16:52   0:00 /usr/sbin/httpd

 導入されて、起動もできていました。今回、リモート側には rsyncも入れていません。
なんとなくは流れは分かった気はするものの、ふわっとした気持ちのままです。
しかしながら、同様の使い方で利用できそうだということは確認できましたので、その辺りはスッキリです。


【改訂履歴】作成:2016/02/13


【参照ページ】

chef-zero導入
Knife-SoloからKnife-Zeroへの移行 #getchef - クリエーションライン株式会社
knife zeroでMySQLサーバ5.6をインストールする - Qiita
chef-zeroで行こう! - Qiita

 
Copyright © 1996,1997-2006,2007- by F.Kimura,