Running as root on CentOS 6
[root@private-chef ~]# cat .chef/knife.rb
log_level :info
log_location STDOUT
# Run as pivotal user
node_name 'pivotal'
client_key '/etc/opscode/pivotal.pem'
chef_server_url 'https://api.opscode.piab/organizations/ponyville'
chef_server_root 'https://api.opscode.piab/'
Let's use the chef-client from the RPM, which gives us a sane ruby
[root@private-chef ~]# /opt/chef/bin/chef-client --version
Chef: 11.4.4
First install the knife-essentials gem
[root@private-chef ~]# /opt/chef/embedded/bin/gem install knife-essentials
ERROR: While executing gem ... (Gem::DependencyError)
Unable to resolve dependencies: chef-zero requires moneta (< 0.7.0)
Too old, let's grab a newer chef-client RPM
[root@private-chef ~]# rpm -Uvh /tmp/cache/chef-11.10.4-1.el6.x86_64.rpm
warning: /tmp/cache/chef-11.10.4-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Preparing... ########################################### [100%]
1:chef ########################################### [100%]
Thank you for installing Chef!
Try installing knife-essentials again
[root@private-chef ~]# /opt/chef/embedded/bin/gem install knife-essentials
Fetching: knife-essentials-1.5.5.gem (100%)
Successfully installed knife-essentials-1.5.5
1 gem installed
Installing ri documentation for knife-essentials-1.5.5...
Installing RDoc documentation for knife-essentials-1.5.5...
For now, fetch knife-ec-backup from github because it's newer/better than the version in rubygems.org
[root@private-chef ~]# git clone https://github.com/opscode/knife-ec-backup.git
Initialized empty Git repository in /root/knife-ec-backup/.git/
remote: Reusing existing pack: 652, done.
remote: Total 652 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (652/652), 95.34 KiB, done.
Resolving deltas: 100% (246/246), done.
[root@private-chef ~]# cd knife-ec-backup/
[root@private-chef knife-ec-backup]# /opt/chef/embedded/bin/gem build knife-ec-backup.gemspec
WARNING: description and summary are identical
Successfully built RubyGem
Name: knife-ec-backup
Version: 1.1.8
File: knife-ec-backup-1.1.8.gem
[root@private-chef knife-ec-backup]# /opt/chef/embedded/bin/gem install knife-ec-backup-1.1.8.gem
Successfully installed knife-ec-backup-1.1.8
1 gem installed
Installing ri documentation for knife-ec-backup-1.1.8...
Installing RDoc documentation for knife-ec-backup-1.1.8...
[root@private-chef knife-ec-backup]# cd
Create your backup destination dir first
[root@private-chef ~]# mkdir myECbackup
Now run a backup
[root@private-chef ~]# /opt/chef/bin/knife ec backup myECbackup --webui-key /etc/opscode/webui_priv.pem
Detected Enterprise Chef Server version: 11.1.1
Grabbing users ...
Grabbing organization ponyville ...
Created /acls
Created /acls/groups
Created /acls/groups/billing-admins.json
Created /groups
Created /groups/billing-admins.json
Created /groups/admins.json
Created /clients
Created /clients/ponyville-validator.json
Created /containers
Created /containers/containers.json
Created /containers/clients.json
Created /containers/cookbooks.json
Created /containers/data.json
Created /containers/environments.json
Created /containers/nodes.json
Created /containers/groups.json
Created /containers/sandboxes.json
Created /containers/roles.json
Created /cookbooks
Created /data_bags
Created /environments
Created /environments/_default.json
Created /nodes
Created /roles
Created /acls/groups/a5969552a3e911e388b508002773304a.json
Created /acls/groups/a669535ca3e911e388b508002773304a.json
Created /acls/groups/a7290f4ea3e911e388b508002773304a.json
Created /acls/groups/a7e8fe58a3e911e388b508002773304a.json
Created /acls/groups/a8a90248a3e911e388b508002773304a.json
Created /acls/groups/a96e3c3ea3e911e388b508002773304a.json
Created /acls/groups/admins.json
Created /acls/groups/clients.json
Created /acls/groups/users.json
Created /acls/clients
Created /acls/clients/ponyville-validator.json
Created /acls/containers
Created /acls/containers/containers.json
Created /acls/containers/sandboxes.json
Created /acls/containers/groups.json
Created /acls/containers/clients.json
Created /acls/containers/environments.json
Created /acls/containers/cookbooks.json
Created /acls/containers/data.json
Created /acls/containers/roles.json
Created /acls/containers/nodes.json
Created /acls/cookbooks
Created /acls/data_bags
Created /acls/environments
Created /acls/environments/_default.json
Created /acls/nodes
Created /acls/roles
Created /acls/organization.json
Created /groups/a5969552a3e911e388b508002773304a.json
Created /groups/a669535ca3e911e388b508002773304a.json
Created /groups/a7290f4ea3e911e388b508002773304a.json
Created /groups/a7e8fe58a3e911e388b508002773304a.json
Created /groups/a8a90248a3e911e388b508002773304a.json
Created /groups/a96e3c3ea3e911e388b508002773304a.json
Created /groups/clients.json
Created /groups/users.json
Grabbing organization wonderbolts ...
Created /acls
Created /acls/groups
Created /acls/groups/billing-admins.json
Created /groups
Created /groups/billing-admins.json
Created /groups/admins.json
Created /clients
Created /clients/wonderbolts-validator.json
Created /containers
Created /containers/clients.json
Created /containers/data.json
Created /containers/containers.json
Created /containers/groups.json
Created /containers/cookbooks.json
Created /containers/roles.json
Created /containers/sandboxes.json
Created /containers/environments.json
Created /containers/nodes.json
Created /cookbooks
Created /data_bags
Created /environments
Created /environments/_default.json
Created /nodes
Created /roles
Created /acls/groups/aa324e6ca3e911e388b508002773304a.json
Created /acls/groups/aaf01b5ea3e911e388b508002773304a.json
Created /acls/groups/abbcc258a3e911e388b508002773304a.json
Created /acls/groups/ac84f598a3e911e388b508002773304a.json
Created /acls/groups/admins.json
Created /acls/groups/clients.json
Created /acls/groups/users.json
Created /acls/clients
Created /acls/clients/wonderbolts-validator.json
Created /acls/containers
Created /acls/containers/clients.json
Created /acls/containers/environments.json
Created /acls/containers/sandboxes.json
Created /acls/containers/groups.json
Created /acls/containers/nodes.json
Created /acls/containers/data.json
Created /acls/containers/cookbooks.json
Created /acls/containers/containers.json
Created /acls/containers/roles.json
Created /acls/cookbooks
Created /acls/data_bags
Created /acls/environments
Created /acls/environments/_default.json
Created /acls/nodes
Created /acls/roles
Created /acls/organization.json
Created /groups/aa324e6ca3e911e388b508002773304a.json
Created /groups/aaf01b5ea3e911e388b508002773304a.json
Created /groups/abbcc258a3e911e388b508002773304a.json
Created /groups/ac84f598a3e911e388b508002773304a.json
Created /groups/clients.json
Created /groups/users.json
The newer version exports users with their private keys, so you can perform a complete restore
[root@private-chef ~]# ls -la myECbackup/
organizations/ user_acls/ users/
[root@private-chef ~]# ls -la myECbackup/users/
applejack.json pinkiepie.json rapidfire.json spitfire.json
fleetfoot.json pivotal.json rarity.json twilightsparkle.json
fluttershy.json rainbowdash.json soarin.json
[root@private-chef ~]# cat myECbackup/users/soarin.json
{
"first_name": "soarin",
"last_name": "soarin",
"middle_name": "soarin",
"display_name": "soarin",
"email": "[email protected]",
"username": "soarin",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR2Yg8zEOiKBbHSx/zce\nZXnsayt2HTIVrttKZpnOxsmoLOvWhkOIKTGQwhGWbyQ8niP+PVGf7GHaEgDOo1+l\n9qIbW1uKlSBjF9Ge8VfH/CSbTsEzXABQ5OlXrB224b6rN6vx/tpYGOsfWObfHtoO\nZD8KOIjxTsiBFGQX7y6+2fg8gnp8jhSufohEfn5EP/q7/I32UUPoMcqZwk3Qygyp\nQZsYot6xIZQm6YnKy7G9DiCn2SyRb1WoCHnVm4J+Pk7qN2qelyINz6A2Be9bUavN\nka0dE5WF3+6DVvPx6CoVFO9fXBV3t6eQUE8KtCpbFVwAS7qeGi7HUzrzVXkqEhWu\nUQIDAQAB\n-----END PUBLIC KEY-----\n"
Instead of above, I did the following in recipe to install EC.
gem_package "knife-ec-backup" do
gem_binary("/opt/opscode/embedded/bin/gem")
version("2.0.0.beta.2")
options("--prerelease")
end
It works to install it as expected. Keiser also says don't use knife-essentials.