Created
May 9, 2010 08:55
-
-
Save veszig/395037 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## chef-server "copy-paste howto" | |
| # on alpha.done.hu, a very basic 1024MB rackspace cloud server with a gentoo | |
| # image that has app-admin/chef preinstalled... | |
| # emerge --sync ; pushd /usr/local/chef-overlay ; git pull ; popd | |
| # emerge -DuvN world | |
| # install chef-server | |
| wget -q -O /etc/portage/package.keywords/chef-server \ | |
| http://gist.github.com/raw/332188/b655addb86d03be5ddfb838384476cae1cfaa06b/package.keywords.chef-server | |
| emerge chef-server | |
| # set up rabbitmq | |
| echo 127.0.0.1 alpha.done.hu alpha localhost localhost.localdomain > /etc/hosts | |
| /etc/init.d/rabbitmq start | |
| # sleep | |
| AMQP_PASS=$(dd if=/dev/urandom count=50 2>/dev/null | md5sum | awk '{print $1}') | |
| rabbitmqctl add_vhost /chef | |
| rabbitmqctl add_user chef ${AMQP_PASS} | |
| rabbitmqctl set_permissions -p /chef chef ".*" ".*" ".*" | |
| echo "amqp_pass '${AMQP_PASS}'" >> /etc/chef/server.rb | |
| echo "amqp_pass '${AMQP_PASS}'" >> /etc/chef/solr.rb | |
| #mkdir ~/private ; chmod 0700 ~/private ; echo ${AMQP_PASS} > ~/private/chef_amqp_pass | |
| # start the services | |
| /etc/init.d/chef-server start | |
| #rm /etc/chef/client.pem ; /etc/init.d/chef-client stop | |
| /etc/init.d/chef-client start | |
| # wait for chef-client to finish its run | |
| # simple knife config that uses the generated webui user | |
| mkdir -p /root/.chef/checksums | |
| cat > /root/.chef/knife.rb <<\EOF | |
| log_level :info | |
| log_location STDOUT | |
| node_name "chef-webui" | |
| client_key "/etc/chef/webui.pem" | |
| validation_client_name "chef-validator" | |
| validation_key "/etc/chef/validation.pem" | |
| chef_server_url "http://127.0.0.1:4000" | |
| cache_type "BasicFile" | |
| cache_options( :path => "/root/.chef/checksums" ) | |
| cookbook_path [ "./site-cookbooks", "./cookbooks" ] | |
| EOF | |
| # test 1 2 3 | |
| #knife client list | |
| # repo skeleton | |
| mkdir -p ~/chef-repo/{nodes,roles,site-cookbooks} | |
| cd ~/chef-repo | |
| git clone git://github.com/veszig/gentoo-cookbooks.git cookbooks | |
| cat > roles/gentoo_base.rb <<\EOF | |
| name "gentoo_base" | |
| description "Base role applied to all gentoo systems." | |
| run_list( | |
| "recipe[gentoo]", | |
| "recipe[gentoo::packages]", | |
| "recipe[ruby]", | |
| "recipe[hosts]", | |
| "recipe[logrotate]", | |
| "recipe[iptables::ulogd]", | |
| "recipe[iptables]", | |
| "recipe[nagios::nrpe]", | |
| "recipe[monit]", | |
| "recipe[chef::client]", | |
| "recipe[syslog-ng]", | |
| "recipe[vixie-cron]", | |
| "recipe[msmtp]", | |
| "recipe[sudo]", | |
| "recipe[openssh]", | |
| "recipe[openssh::known_hosts]", | |
| "recipe[openntpd]", | |
| "recipe[net-snmp]", | |
| "recipe[vim]", | |
| "recipe[bash-completion]", | |
| "recipe[users::root]", | |
| "recipe[users::veszig]" | |
| ) | |
| default_attributes( | |
| "chef_" => { | |
| "client" => { | |
| "server_url" => "https://alpha.done.hu:4443" | |
| } | |
| }, | |
| "gentoo" => { | |
| "emerge_options" => ["--binpkg-respect-use y", "--getbinpkg", "--verbose"], | |
| "accept_licenses" => "*", | |
| "elog_mailuri" => "[email protected] mx1.postmaster.hu", | |
| "rsync_mirror" => "rsync://rsync.gentoo.org/gentoo-portage", | |
| "distfile_mirrors" => %w(http://mirror.datapipe.net/gentoo http://gentoo.cites.uiuc.edu/pub/gentoo/ http://gentoo.osuosl.org/), | |
| "locales" => ["en_US ISO-8859-1", "en_US.UTF-8 UTF-8", "hu_HU ISO-8859-2", "hu_HU.UTF-8 UTF-8"], | |
| "portage_binhost" => "http://binhost.done.hu/i686/" | |
| }, | |
| "monit" => { | |
| "mailservers" => ["mx1.postmaster.hu", "mx2.postmaster.hu"], | |
| "alert_mail_to" => "[email protected]" | |
| }, | |
| "msmtp" => { | |
| "host" => "mail.postmaster.hu", | |
| "user" => "[email protected]", | |
| "password" => "redacted" | |
| }, | |
| "ntpd" => { | |
| "pool" => "pool.ntp.org" | |
| }, | |
| "password" => { | |
| "directory" => "/root/private" | |
| }, | |
| "snmpd" => { | |
| "monitoring_ips" => %w(127.0.0.1), | |
| "syscontact" => "Gabor VESZI <[email protected]>" | |
| }, | |
| "sshd" => { | |
| "allow_users" => %w(veszig) | |
| } | |
| ) | |
| # override_attributes() | |
| EOF | |
| cat > nodes/alpha.done.hu.rb <<\EOF | |
| name "alpha.done.hu" | |
| run_list( | |
| "role[gentoo_base]", | |
| "recipe[chef::server]", | |
| "recipe[chef::server_proxy]" | |
| ) | |
| chef( | |
| "server" => { | |
| "amqp_pass" => "redacted" | |
| } | |
| ) | |
| dns_aliases( | |
| "chef", | |
| "chef.done.hu" | |
| ) | |
| gentoo( | |
| "cflags" => "-O2 -pipe" | |
| ) | |
| EOF | |
| # some more specific cookbooks | |
| wget -P /tmp/ \ | |
| http://well.done.hu/chef-users-site-cookbook.tbz2 \ | |
| http://well.done.hu/chef-gentoo-site-cookbook.tbz2 | |
| tar xjf /tmp/chef-users-site-cookbook.tbz2 -C ~/chef-repo/site-cookbooks/ | |
| tar xjf /tmp/chef-gentoo-site-cookbook.tbz2 -C ~/chef-repo/site-cookbooks/ | |
| # go go go | |
| knife cookbook upload -a | |
| knife role from file roles/gentoo_base.rb | |
| knife node from file nodes/alpha.done.hu.rb | |
| # sit back and watch the show | |
| /etc/init.d/chef-client restart | |
| tail -f /var/log/chef/client.log |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment