Chef command

chef doc： https://docs.chef.io/

1. workstation

配置：

[root@c9t21622 .chef]# pwd
/home/tiaxia/chef-repo/.chef
[root@c9t21622 .chef]# vim knife.rb 
[root@c9t21622 .chef]# ll
total 16
-rw-r--r-- 1 root root 1676 May 13 06:35 chef-validator.pem
-rw-r--r-- 1 root root  498 May 10 09:09 knife.rb
-rw-r--r-- 1 root root 1680 May 10 09:14 rosyrays.pem
drwxr-xr-x 2 root root 4096 May 10 09:13 trusted_certs
[root@c9t21622 .chef]# vim knife.rb


log_level                :info
log_location             STDOUT
node_name                'rosyrays'
client_key               '/home/tiaxia/chef-repo/.chef/rosyrays.pem'
validation_client_name   'chef-validator'
validation_key           '/home/tiaxia/chef-repo/.chef/chef-validator.pem'
chef_server_url          'https://c4t12188.itcs.hpecorp.net/'
syntax_check_cache_path  '/home/tiaxia/chef-repo/.chef/syntax_check_cache'
cookbook_path [ '/home/tiaxia/chef-repo/cookbooks' ]
knife[:editor] = "vi"

a. 添加node

[root@c9t21622 .chef]# knife bootstrap --bootstrap-proxy web-proxy.cup.hp.com:8088 c4t22869.itcs.hpecorp.net -N c4t22869.itcs.hpecorp.net -x tiaxia -P ******* --sudo 
Doing old-style registration with the validation key at /home/tiaxia/chef-repo/.chef/chef-validator.pem...
Delete your validation key in order to use your user credentials instead


Connecting to c4t22869.itcs.hpecorp.net
c4t22869.itcs.hpecorp.net -----> Existing Chef installation detected
c4t22869.itcs.hpecorp.net Starting the first Chef Client run...
c4t22869.itcs.hpecorp.net Starting Chef Client, version 12.9.41
c4t22869.itcs.hpecorp.net Creating a new client identity for c4t22869.itcs.hpecorp.net using the validator key.
c4t22869.itcs.hpecorp.net resolving cookbooks for run list: []
c4t22869.itcs.hpecorp.net Synchronizing Cookbooks:
c4t22869.itcs.hpecorp.net Installing Cookbook Gems:
c4t22869.itcs.hpecorp.net Compiling Cookbooks...
c4t22869.itcs.hpecorp.net [2016-05-13T06:35:34+00:00] WARN: Node c4t22869.itcs.hpecorp.net has an empty run list.
c4t22869.itcs.hpecorp.net Converging 0 resources
c4t22869.itcs.hpecorp.net 
c4t22869.itcs.hpecorp.net Running handlers:
c4t22869.itcs.hpecorp.net Running handlers complete
c4t22869.itcs.hpecorp.net Chef Client finished, 0/0 resources updated in 07 seconds
[root@c9t21622 .chef]# knife node list | grep 869
c4t22869.itcs.hpecorp.net
[root@c9t21622 .chef]#

b. 删除node

[root@c9t21622 .chef]# knife role delete propel-authenticator-c9t21622
Do you really want to delete propel-authenticator-c9t21622? (Y/N) Y
Deleted role[propel-authenticator-c9t21622]

c.显示role

[root@c9t21622 .chef]# knife role list

propel-authenticator-c4t22869
propel-authenticator-c9t21622

d.显示特定的role

[root@c9t21622 .chef]# knife role show propel-authenticator-c4t22869
chef_type:           role
default_attributes:
description:         
env_run_lists:
json_class:          Chef::Role
name:                propel-authenticator-c4t22869
override_attributes:
run_list:            recipe[propel-authenticator]

d.编辑role

[root@c9t21622 .chef]# knife role edit propel-authenticator-c4t22869

e.download cookbook

[root@c9t21622 .chef]# knife cookbook download propel-authenticator
Which version do you want to download?
1. propel-authenticator 0.1.0
2. propel-authenticator 0.1.1


2
Downloading propel-authenticator cookbook version 0.1.1
Downloading resources
Downloading providers
Downloading recipes

f. uplaod cookbook

[root@c9t21622 tiaxia]# mv propel-authenticator-0.1.1 propel-authenticator
[root@c9t21622 tiaxia]# cd chef-repo/
[root@c9t21622 chef-repo]# knife cookbook upload propel-authenticator -o $PWD/..
Uploading propel-authenticator [0.1.1]
Uploaded 1 cookbook.
[root@c9t21622 chef-repo]# 

2. managed node

a.Makesure the encrypted data bag secret is on the system

#chef-client -o standard_server_setup::add_databag_secret

b. execute cookbook role

#chef-client -o role[propel-authenticator-c4t22869]

c. execute cookbook recipe

#chef-client -o propel-authenticator::propel-ui

3. chef server