Last active
December 26, 2015 22:09
-
-
Save AlainODea/7220746 to your computer and use it in GitHub Desktop.
WIP: OmniOS Chef bootstrap to make it act like a SmartMachine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # "Make OmniOS act as a SmartMachine" Knife Bootstrap | |
| # Copy this file to: ~/.chef/bootstrap/joyent-smartmachine.erb | |
| # To use via Knife: knife bootstrap <hostname|ip> -d joyent-smartmachine [-r recipe1,recipe2,...] [-N nodename] | |
| bash -c ' | |
| cat > /etc/release <<'EOF' | |
| SmartOS x86_64 | |
| Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. | |
| Copyright 2010-2012 Joyent, Inc. All Rights Reserved. | |
| Use is subject to license terms. | |
| See `uname -v` for assembly date and time. | |
| EOF | |
| source /etc/profile | |
| pkg install gcc46 header linker lint object-file header-math | |
| <%= "export http_proxy=\"#{knife_config[:bootstrap_proxy]}\"" if knife_config[:bootstrap_proxy] -%> | |
| curl -s http://pkgsrc.joyent.com/packages/SmartOS/bootstrap/bootstrap-2013Q2-i386.tar.gz | | |
| gzcat | (cd /; sudo tar -xpf -) | |
| export PATH=/opt/local/gnu/bin:/opt/local/bin:/opt/local/sbin:/usr/bin:/usr/sbin:/opt/local/gcc47/bin/ | |
| if [ ! -f /opt/local/bin/chef-client ]; then | |
| pkgin -f -y update | |
| pkgin -f -y upgrade | |
| pkgin -y install gcc47 scmgit-base gmake ruby ruby193-yajl ruby193-nokogiri ruby193-readline pkg-config pkg_alternatives | |
| gem install -p ${http_proxy} --no-ri --no-rdoc ohai chef rb-readline | |
| fi | |
| mkdir -p /opt/local/etc/chef /var/chef | |
| # Copy in the Validation Key | |
| ( | |
| cat <<'EOP' | |
| <%= validation_key %> | |
| EOP | |
| ) > /tmp/validation.pem | |
| /usr/xpg4/bin/awk NF /tmp/validation.pem > /opt/local/etc/chef/validation.pem | |
| rm /tmp/validation.pem | |
| # Copy in Data Bag Secret | |
| <% if @chef_config[:encrypted_data_bag_secret] -%> | |
| ( | |
| cat <<'EOP' | |
| <%= encrypted_data_bag_secret %> | |
| EOP | |
| ) > /tmp/encrypted_data_bag_secret | |
| /usr/xpg4/bin/awk NF /tmp/encrypted_data_bag_secret > /opt/local/etc/chef/encrypted_data_bag_secret | |
| rm /tmp/encrypted_data_bag_secret | |
| <% end -%> | |
| # Copy in Client Configuration | |
| ( | |
| cat <<'EOP' | |
| validation_key "/opt/local/etc/chef/validation.pem" | |
| client_key "/opt/local/etc/chef/client.pem" | |
| <%= config_content %> | |
| EOP | |
| ) > /opt/local/etc/chef/client.rb | |
| # Copy in Initial Run List | |
| ( | |
| cat <<'EOP' | |
| <%= { "run_list" => @run_list }.to_json %> | |
| EOP | |
| ) > /opt/local/etc/chef/first-boot.json | |
| # Copy in the SMF XML | |
| ( | |
| cat <<'EOX' | |
| <?xml version="1.0"?> | |
| <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> | |
| <service_bundle type="manifest" name="export"> | |
| <service name="pkgsrc/chef-client" type="service" version="0"> | |
| <create_default_instance enabled="true"/> | |
| <single_instance/> | |
| <dependency name="fs-local" grouping="require_all" restart_on="none" type="service"> | |
| <service_fmri value="svc:/system/filesystem/local"/> | |
| </dependency> | |
| <dependency name="network" grouping="require_all" restart_on="restart" type="service"> | |
| <service_fmri value="svc:/milestone/network"/> | |
| </dependency> | |
| <dependency name="config-file" grouping="require_all" restart_on="refresh" type="path"> | |
| <service_fmri value="file://localhost/opt/local/etc/chef/client.rb"/> | |
| </dependency> | |
| <exec_method name="start" type="method" exec="/opt/local/bin/chef-client -c /opt/local/etc/chef/client.rb -d --logfile /var/log/chef-client.log" timeout_seconds="60"> | |
| <method_context working_directory="/var/chef"> | |
| <method_credential user="root" group="root"/> | |
| <method_environment> | |
| <envvar name="PATH" value="/usr/bin:/usr/sbin:/opt/local/gnu/bin:/opt/local/bin:/opt/local/sbin:/opt/local/gcc47/bin/"/> | |
| </method_environment> | |
| </method_context> | |
| </exec_method> | |
| <exec_method name="stop" type="method" exec=":kill" timeout_seconds="60"/> | |
| <template> | |
| <common_name> | |
| <loctext xml:lang="C">chef-client Chef client</loctext> | |
| </common_name> | |
| </template> | |
| </service> | |
| </service_bundle> | |
| EOX | |
| ) > /tmp/chef-client.xml | |
| # Process first run, if successfull enable the chef-client in daemon mode | |
| /opt/local/bin/chef-client --config /opt/local/etc/chef/client.rb -j /opt/local/etc/chef/first-boot.json \ | |
| <% if not bootstrap_environment.nil? %>-E <%= bootstrap_environment %><% end %> && /usr/sbin/svccfg import /tmp/chef-client.xml' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is extremely non-trivial. There are many layers of this that still don't work, particularly the providers like Package.