hashnao's Blog: chef

Showing posts with label chef. Show all posts

Friday, September 12, 2014

Managing several API keys of CopperEgg in Chef cookbook

I've got an idea about how to manage API key while installing CopperEgg agent via chef.

The official instruction to install CopperEgg agent via Chef says the User API key is to be input in attribute files. But I think it would be more general and easier to manage several API keys in a cookbook by inputting the key in a node object file, for example when we own several CopperEgg account, several API keys, and want to manage the API keys not to create several cookbooks.

This is the official instruction and it says to replace USER_API_KEY in attribute files with your user API key.

The API key is coded in the attribute file after replaced.

$ cat cookbooks/copperegg/attributes/default.rb > /tmp/default.rb.$$ ; cat /tmp/default.rb.$$ | sed -r -e 's/YOUR_USER_API_KEY/<user_api_key>/' > cookbooks/copperegg/attributes/default.rb

$ grep '\[:copperegg\]\[:apikey\]' cookbooks/copperegg/attributes/default.rb
default[:copperegg][:apikey] = '<user_api_key>'

But we will be able to manage several API keys by inputting the API key in a node object files.

$ cat nodes/<node>.json 
{
  "copperegg": {
    "apikey": "<user_api_key>"
  },
  "run_list" : [
     "recipe[copperegg]"
  ]
}

Please let me know if you have any better idea.

Tuesday, August 12, 2014

ChefDK is easier to install Berkshelf than via gem on Amazon Linux AMI

I ended up installing the latest berkshelf, 3.x via gem on Amazon Linux AMI because it is quite difficult to deal with the dependency issues. Instead, I decided to use Chef Development Kit because it contains Berkshelf and is easy to install without worrying about such issues.

Installing ChefDK followed by the official instruction

$ sudo yum install https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chefdk-0.2.0-2.el6.x86_64.rpm

Confirming the installation pathpath

$ ll `which chef`
lrwxrwxrwx 1 root root 20 Aug 11 10:38 /usr/bin/chef -> /opt/chefdk/bin/chef

Confirming Berkshelf installed

$ /opt/chefdk/embedded/bin/gem list | grep 'berkshelf'
berkshelf (3.1.3)
berkshelf-api (1.4.0)
berkshelf-api-client (1.2.0)

Verifying the main components of ChefDK

$ chef verify
Running verification for component 'berkshelf'
Running verification for component 'test-kitchen'
Running verification for component 'chef-client'
Running verification for component 'chef-dk'
..............
---------------------------------------------
Verification of component 'chef-dk' succeeded.
Verification of component 'berkshelf' succeeded.
Verification of component 'chef-client' succeeded.
Verification of component 'test-kitchen' succeeded.

Installing knife solo
Just make sure that you install knife solo because ChedDK does not contain it.

$ chef gem install knife-solo

The following is the output that I failed to install chef via gem.

Installing berkshelf without specifying the version
Failed to install because of the lack of the dependent libraries.

$ gem i berkshelf
Fetching: addressable-2.3.6.gem (100%)
Successfully installed addressable-2.3.6
Fetching: multipart-post-2.0.0.gem (100%)
Successfully installed multipart-post-2.0.0
Fetching: faraday-0.9.0.gem (100%)
Successfully installed faraday-0.9.0
Fetching: berkshelf-api-client-1.2.0.gem (100%)
Successfully installed berkshelf-api-client-1.2.0
Fetching: hashie-2.1.2.gem (100%)
Successfully installed hashie-2.1.2
Fetching: buff-extensions-1.0.0.gem (100%)
Successfully installed buff-extensions-1.0.0
Fetching: varia_model-0.4.0.gem (100%)
Successfully installed varia_model-0.4.0
Fetching: buff-config-1.0.1.gem (100%)
Successfully installed buff-config-1.0.1
Fetching: buff-ruby_engine-0.1.0.gem (100%)
Successfully installed buff-ruby_engine-0.1.0
Fetching: buff-shell_out-0.1.1.gem (100%)
Successfully installed buff-shell_out-0.1.1
Fetching: minitar-0.5.4.gem (100%)
Successfully installed minitar-0.5.4
Fetching: retryable-1.3.5.gem (100%)
Successfully installed retryable-1.3.5
Fetching: buff-ignore-1.1.1.gem (100%)
Successfully installed buff-ignore-1.1.1
Fetching: hitimes-1.2.2.gem (100%)
Building native extensions.  This could take a while...
ERROR:  Error installing berkshelf:
        ERROR: Failed to build gem native extension.

    /usr/bin/ruby2.0 extconf.rb
checking for clock_gettime() in -lrt... *** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
        --with-opt-dir
        --without-opt-dir
        --with-opt-include
        --without-opt-include=${opt-dir}/include
        --with-opt-lib
        --without-opt-lib=${opt-dir}/lib64
        --with-make-prog
        --without-make-prog
        --srcdir=.
        --curdir
        --ruby=/usr/bin/ruby2.0
        --with-rtlib
        --without-rtlib
/usr/share/ruby/2.0/mkmf.rb:434:in `try_do': The compiler failed to generate an executable file. (RuntimeError)
You have to install development tools first.
        from /usr/share/ruby/2.0/mkmf.rb:519:in `try_link0'
        from /usr/share/ruby/2.0/mkmf.rb:534:in `try_link'
        from /usr/share/ruby/2.0/mkmf.rb:720:in `try_func'
        from /usr/share/ruby/2.0/mkmf.rb:950:in `block in have_library'
        from /usr/share/ruby/2.0/mkmf.rb:895:in `block in checking_for'
        from /usr/share/ruby/2.0/mkmf.rb:340:in `block (2 levels) in postpone'
        from /usr/share/ruby/2.0/mkmf.rb:310:in `open'
        from /usr/share/ruby/2.0/mkmf.rb:340:in `block in postpone'
        from /usr/share/ruby/2.0/mkmf.rb:310:in `open'
        from /usr/share/ruby/2.0/mkmf.rb:336:in `postpone'
        from /usr/share/ruby/2.0/mkmf.rb:894:in `checking_for'
        from /usr/share/ruby/2.0/mkmf.rb:945:in `have_library'
        from extconf.rb:10:in `

'


Gem files will remain installed in /home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2 for inspection.
Results logged to /home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/gem_make.out

Installing hitimes via gem
Failed because the development tools should be installed before that.

$ gem i hitimes --verbose
HEAD https://rubygems.org/latest_specs.4.8.gz
302 Moved Temporarily
HEAD https://s3.amazonaws.com/production.s3.rubygems.org/latest_specs.4.8.gz
304 Not Modified
Installing gem hitimes-1.2.2
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/.travis.yml
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/CONTRIBUTING.md
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/HISTORY.md
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/LICENSE
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/Manifest.txt
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/README.md
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/Rakefile
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/examples/benchmarks.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/examples/stats.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/extconf.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_instant_clock_gettime.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_instant_osx.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_instant_windows.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_interval.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_interval.h
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_stats.c
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/hitimes_stats.h
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/java/src/hitimes/Hitimes.java
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/java/src/hitimes/HitimesInterval.java
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/java/src/hitimes/HitimesService.java
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/java/src/hitimes/HitimesStats.java
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/metric.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/mutexed_stats.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/paths.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/stats.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/timed_metric.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/timed_value_metric.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/value_metric.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/lib/hitimes/version.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/hitimes_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/interval_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/metric_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/mutex_stats_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/paths_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/spec_helper.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/stats_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/timed_metric_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/timed_value_metric_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/value_metric_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/spec/version_spec.rb
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/tasks/default.rake
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/tasks/extension.rake
/home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/tasks/this.rb
Building native extensions.  This could take a while...
/usr/bin/ruby2.0 extconf.rb
checking for clock_gettime() in -lrt... *** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
        --with-opt-dir
        --without-opt-dir
        --with-opt-include
        --without-opt-include=${opt-dir}/include
        --with-opt-lib
        --without-opt-lib=${opt-dir}/lib64
        --with-make-prog
        --without-make-prog
        --srcdir=.
        --curdir
        --ruby=/usr/bin/ruby2.0
        --with-rtlib
        --without-rtlib
/usr/share/ruby/2.0/mkmf.rb:434:in `try_do': The compiler failed to generate an executable file. (RuntimeError)
You have to install development tools first.
        from /usr/share/ruby/2.0/mkmf.rb:519:in `try_link0'
        from /usr/share/ruby/2.0/mkmf.rb:534:in `try_link'
        from /usr/share/ruby/2.0/mkmf.rb:720:in `try_func'
        from /usr/share/ruby/2.0/mkmf.rb:950:in `block in have_library'
        from /usr/share/ruby/2.0/mkmf.rb:895:in `block in checking_for'
        from /usr/share/ruby/2.0/mkmf.rb:340:in `block (2 levels) in postpone'
        from /usr/share/ruby/2.0/mkmf.rb:310:in `open'
        from /usr/share/ruby/2.0/mkmf.rb:340:in `block in postpone'
        from /usr/share/ruby/2.0/mkmf.rb:310:in `open'
        from /usr/share/ruby/2.0/mkmf.rb:336:in `postpone'
        from /usr/share/ruby/2.0/mkmf.rb:894:in `checking_for'
        from /usr/share/ruby/2.0/mkmf.rb:945:in `have_library'
        from extconf.rb:10:in `

'

ERROR:  Error installing hitimes:
        ERROR: Failed to build gem native extension.

    Building has failed. See above output for more information on the failure.

Gem files will remain installed in /home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2 for inspection.
Results logged to /home/ec2-user/.gem/ruby/2.0/gems/hitimes-1.2.2/ext/hitimes/c/gem_make.out

Installing "Development libraries" and "Development tools"
Succeeded without any fail.

$ sudo yum -y groupinstall "Development Libraries" "Development tools"
$ rpm -qa |grep ruby
ruby20-2.0.0.451-1.14.amzn1.x86_64
rubygem20-json-1.7.7-101.27.amzn1.x86_64
ruby20-libs-2.0.0.451-1.14.amzn1.x86_64
rubygem20-psych-2.0.0-1.14.amzn1.x86_64
rubygems20-2.0.14-1.14.amzn1.noarch
rubygem20-rdoc-4.0.1-2.18.amzn1.noarch
ruby20-devel-2.0.0.451-1.14.amzn1.x86_64
ruby20-irb-2.0.0.451-1.14.amzn1.noarch
ruby-2.0-0.3.amzn1.noarch
rubygem20-bigdecimal-1.2.0-1.14.amzn1.x86_64

Installing hitimes with gem again
Succeeded.

$ gem i hitimes --verbose
HEAD https://rubygems.org/latest_specs.4.8.gz
302 Moved Temporarily
HEAD https://s3.amazonaws.com/production.s3.rubygems.org/latest_specs.4.8.gz
304 Not Modified
Installing gem hitimes-1.2.2
...
Successfully installed hitimes-1.2.2
Parsing documentation for hitimes-1.2.2
Parsing sources...
100% [14/14]  lib/hitimes/version.rb                                           
Installing ri documentation for hitimes-1.2.2
Done installing documentation for hitimes after 0 seconds
1 gem installed

Installing berkshel via gem
Failed because libgecode failed to be compiled.

$ gem i berkshelf --verbose
...
virtual memory exhausted: Cannot allocate memory
make[1]: *** [gecode/int/extensional.o] Error 1
make[1]: *** Waiting for unfinished jobs....
fvirtual memory exhausted: Cannot allocate memory
make[1]: *** [gecode/int/rel.o] Error 1


make[1]: Leaving directory `/home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2/ext/libgecode3/vendor/gecode-3.7.3'
make: *** [compilelib] Error 2
extconf.rb:98:in `block in run': Failed to build gecode library. (GecodeBuild::BuildError)
        from extconf.rb:97:in `chdir'
        from extconf.rb:97:in `run'
        from extconf.rb:104:in `

'

ERROR:  Error installing berkshelf:
        ERROR: Failed to build gem native extension.

    Building has failed. See above output for more information on the failure.

Gem files will remain installed in /home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2 for inspection.
Results logged to /home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2/ext/libgecode3/gem_make.out

Installing libgecode with gem
Failed to complie libgecode.

$ gem i dep-selector-libgecode
...
virtual memory exhausted: Cannot allocate memory
make[1]: *** [gecode/int/element.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory `/home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2/ext/libgecode3/vendor/gecode-3.7.3'
make: *** [compilelib] Error 2
extconf.rb:98:in `block in run': Failed to build gecode library. (GecodeBuild::BuildError)
        from extconf.rb:97:in `chdir'
        from extconf.rb:97:in `run'
        from extconf.rb:104:in `

Gem files will remain installed in /home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2 for inspection.
Results logged to /home/ec2-user/.gem/ruby/2.0/gems/dep-selector-libgecode-1.0.2/ext/libgecode3/gem_make.out

ChefDK is quite helpful to resolve dependency issues.

Thursday, August 7, 2014

Installing cookbook on chef node

Installing chef on chef node

$ knife solo prepare chef-node01
Bootstrapping Chef...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 16519  100 16519    0     0  14721      0  0:00:01  0:00:01 --:--:-- 14722
Downloading Chef 11.14.2 for el...
downloading https://www.opscode.com/chef/metadata?v=11.14.2&prerelease=false&nightlies=false&p=el&pv=6&m=x86_64
  to file /tmp/install.sh.17808/metadata.txt
trying wget...
url     https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.14.2-1.el6.x86_64.rpm
md5     ffeffb67c310e6f76bb5d90ee7e30a3f
sha256  840946bc5f7931346131c0c77f2f5bfd1328245189fc6c8173b01eb040ffb58b
downloaded metadata file looks valid...
downloading https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.14.2-1.el6.x86_64.rpm
  to file /tmp/install.sh.17808/chef-11.14.2-1.el6.x86_64.rpm
trying wget...
Comparing checksum with sha256sum...
Installing Chef 11.14.2
installing with rpm...
warning: /tmp/install.sh.17808/chef-11.14.2-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:chef-11.14.2-1.el6               ################################# [100%]
Thank you for installing Chef!
Generating node config './nodes/chef-node01.json'...

Creating node object file

nodes/chef-node01.json


{
  "run_list":[
     "recipe[hello]"
  ]
}

Uploading chef-repo and running chef-solo on chef node

$ knife solo cook chef-node01
Running Chef on chef-node01...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
[2014-08-06T02:59:42+00:00] WARN: 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.

To fix this issue add an entry like this to your configuration file:

```
  # Verify all HTTPS connections (recommended)
  ssl_verify_mode :verify_peer

  # OR, Verify only connections to chef-server
  verify_api_cert true
```

To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:

```
  knife ssl check -c /home/ec2-user/chef-solo/solo.rb
```

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Starting Chef Client, version 11.14.2
Compiling Cookbooks...
Converging 1 resources
Recipe: hello::default
  * log[Hello, Chef!] action write
  

Running handlers:
Running handlers complete
Chef Client finished, 1/1 resources updated in 1.310583027 seconds

I added the following entry to configure SSL for the chef-client.

~/chec-repo/.chef/knife.rb

ssl_verify_mode :verify_peer

The warning message has not output any more.

$ knife solo cook chef-node01
Running Chef on chef-node01...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
Starting Chef Client, version 11.14.2
Compiling Cookbooks...
Converging 1 resources
Recipe: hello::default
  * log[Hello, Chef!] action write
  

Running handlers:
Running handlers complete
Chef Client finished, 1/1 resources updated in 1.310583027 seconds

Creating a cookbook to install dstat

$ knife cookbook create dstat -o site-cookbooks
** Creating cookbook dstat
** Creating README for cookbook: dstat
** Creating CHANGELOG for cookbook: dstat
** Creating metadata for cookbook: dstat

Creating a recipe to install dstat

site-cookbooks/dstat/recipes/default.rb

package "dstat" do

  action :install

end

Adding run_list on object node file

nodes/chef-node01.json


{ 

  "run_list" : [

    "recipe[hello]", 

    "recipe[dstat]"

  ]

}

Running cookbook on chef node and specifying a recipe to run

$ knife solo cook chef-node01 -o dstat
Running Chef on chef-node01...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
Starting Chef Client, version 11.14.2
[2014-08-08T06:42:27+00:00] WARN: Run List override has been provided.
[2014-08-08T06:42:27+00:00] WARN: Original Run List: [recipe[hello], recipe[dstat]]
[2014-08-08T06:42:27+00:00] WARN: Overridden Run List: [recipe[dstat]]
Compiling Cookbooks...
Converging 1 resources
Recipe: dstat::default
  * package[dstat] action install
    - install version 0.7.0-1.5.amzn1 of package dstat

Running handlers:
Running handlers complete
Chef Client finished, 1/1 resources updated in 3.30466706 seconds

Done. dstat is installed.

$ rpm -q dstat
dstat-0.7.0-1.5.amzn1.noarch

Installing Chef solo, knife solo and confirming chef-solo runs with knife solo

Very begging of installing and setting up chef to use knife solo mainly for me.

Updating the latest packages and git

$ sudo yum -y update git

Installing Chef

$ curl -L https://www.opscode.com/chef/install.sh | sudo bash

Installing knife-solo

$ sudo /opt/chef/embedded/bin/gem install knife-solo --no-ri --no-rdoc
$ knife -v
Chef: 11.14.2

Confirming the path in which knife is installed

$ ll `which knife`
lrwxrwxrwx 1 root root 19 Aug  5 04:32 /usr/bin/knife -> /opt/chef/bin/knife

Configuring knife

$ knife configure \
-y \
--defaults \
-r /home/ec2-user/chef-repo
WARNING: No knife configuration file found
*****

You must place your client key in:
  /home/ec2-user/.chef/ec2-user.pem
Before running commands with Knife!

*****

You must place your validation key in:
  /etc/chef-server/chef-validator.pem
Before generating instance data with Knife!

*****

Place the secret key file at /home/ec2-user/.chef/ec2-user.pem.
Initializing repository

$ knife solo init chef-repo
Creating kitchen...
Creating knife.rb in kitchen...
Creating cupboards...

Uninstalling Chef (if needed)

$ yum -y remove `rpm -q chef`

Creating cookbook

$ knife cookbook create hello -o site-cookbooks

Creating recipes

site-cookbooks/recipe/hello/default.rb

log "Hello, Chef!"

Creating node object file to execute recipe
This is just to confirm that knife solo runs at localhost.

node/localhost.json

{
  "run_list" : [
     "recipe[hello]"
  ]
}

Running chef-solo on remote host (Here, at localhost)

$ knife solo cook localhost
Running Chef on localhost...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
[2014-08-08T06:21:43+00:00] WARN: 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.

To fix this issue add an entry like this to your configuration file:

```
  # Verify all HTTPS connections (recommended)
  ssl_verify_mode :verify_peer

  # OR, Verify only connections to chef-server
  verify_api_cert true
```

To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:

```
  knife ssl check -c /home/ec2-user/chef-solo/solo.rb
```

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Starting Chef Client, version 11.14.2
Compiling Cookbooks...
Converging 1 resources
Recipe: hello::default
  * log[Hello, Chef!] action write
  

Running handlers:
Running handlers complete
Chef Client finished, 1/1 resources updated in 1.430750102 seconds

If the SSL warning message appears, it is possible to disable by adding an entry on solo.rb. The detail is show at official HP, knife ssl check.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.

To fix this issue add an entry like this to your configuration file:

```
  # Verify all HTTPS connections (recommended)
  ssl_verify_mode :verify_peer

  # OR, Verify only connections to chef-server
  verify_api_cert true
```

To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:

```
  knife ssl check -c /home/ec2-user/chef-solo/solo.rb
```

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

~/chef-repo/.chef/knife.rb

ssl_verify_mode :verify_peer

Next is to install chef and cookbook on a remote host with knife solo and install a package.

My bookshelf on Goodreads

Naoya's bookshelf: read

Building a Home Security System with BeagleBone

by Bill Pretty

Getting Started with Phalcon

by Stephan A Miller

I had known nothing about the Phalcon PHP framework before reading "Getting Started with Phalcon", but I learned the basic step by step with the following chapters: * Chapter 1: Installing Phalcon * Chapter 2: Setting Up a Phalcon Projec...

Mastering Zabbix

by Andrea Dalle Vacche

Mastering Zabbix is quite helpful for the beginners or the intermediate those who need to manage and monitor IT infrastructure especially for mission critical environment or with hundreds of nodes because it covers database-sizing, capac...

hashnao's Blog

ページ