LoginSignup
18

More than 5 years have passed since last update.

入門CHEF SOLO

Posted at

======================

目的

入門Chef Solo - Infrastructure as CodeをベースにVagrant+chef-soloの使い方を取得する。

前提

ソフトウェア バージョン 備考
OS X 10.9.2
vagrant 1.6.0
chef 10.14.2
ruby 2.1.1
rvm 1.24.0

構成

詳細

セットアップ

Vagrant環境構築

$ vagrant init hashicorp/precise32
$ vagrant up

Vagrantfileを編集してスタティックIPの設定をする

config.vm.network "private_network", ip: "192.168.50.12"
$ vagrant reload

sshアクセスできるようにする

$ vagrant ssh-config --host melody >> ~/.ssh/config
$ ssh melody

Vagrantfileを編集してプロビジョニングの設定をする

config.vm.provision :shell, :path => "bootstrap.sh"

bootstrap.shを用意する

#!/usr/bin/env bash
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf > /dev/null
apt-get update
apt-get install -y curl
\curl -sSL https://get.rvm.io | bash -s stable
apt-get install -y git

プロビジョニング実行

$ vagrant provision

Hello Chef!

レポジトリ(キッチン)、クックブック、レシピ

$ ssh melody
$ cd /vagrant
$ git clone http://github.com/opscode/chef-repo.git
$ knife configure
WARNING: No knife configuration file found
Where should I put the config file? [/home/vagrant/.chef/knife.rb]
Please enter the chef server URL: [http://precise32:4000]
Please enter an existing username or clientname for the API: [vagrant]
Please enter the validation clientname: [chef-validator]
Please enter the location of the validation key: [/etc/chef/validation.pem]
Please enter the path to a chef repository (or leave blank):
*****

You must place your client key in:
  /home/vagrant/.chef/vagrant.pem
Before running commands with Knife!

*****

You must place your validation key in:
  /etc/chef/validation.pem
Before generating instance data with Knife!

*****
Configuration file written to /home/vagrant/.chef/knife.rb
$ cd chef-repo
$ knife cookbook create hello -o cookbooks
** Creating cookbook hello
** Creating README for cookbook: hello
** Creating CHANGELOG for cookbook: hello
** Creating metadata for cookbook: hello

レシピの編集

chef-repo/hello/recipes/default.rb

#
# Cookbook Name:: hello
# Recipe:: default
#
# Copyright 2014, YOUR_COMPANY_NAME
#
# All rights reserved - Do Not Redistribute
#
log "Hello, Chef!"

Chef Soloの実行

_chef-repo/localhost.json

// localhost.json
{
  "run_list" : [
    "recipe[hello]"
  ]
}

chef-repo/solo.rb

file_cache_path "/tmp/chef-solo"
cookbook_path ["/vagrant/chef-repo/cookbooks"]
$ sudo chef-solo -c solo.rb -j ./localhost.json
[2014-05-07T09:41:27+00:00] INFO: *** Chef 10.14.2 ***
[2014-05-07T09:41:27+00:00] INFO: Setting the run_list to ["recipe[hello]"] from JSON
[2014-05-07T09:41:27+00:00] INFO: Run List is [recipe[hello]]
[2014-05-07T09:41:27+00:00] INFO: Run List expands to [hello]
[2014-05-07T09:41:27+00:00] INFO: Starting Chef Run for precise32
[2014-05-07T09:41:27+00:00] INFO: Running start handlers
[2014-05-07T09:41:27+00:00] INFO: Start handlers complete.
[2014-05-07T09:41:27+00:00] INFO: Processing log[Hello, Chef!] action write (hello::default line 9)
[2014-05-07T09:41:27+00:00] INFO: Hello, Chef!
[2014-05-07T09:41:27+00:00] INFO: Chef Run complete in 0.049349 seconds
[2014-05-07T09:41:27+00:00] INFO: Running report handlers
[2014-05-07T09:41:27+00:00] INFO: Report handlers complete

パッケージをインストールする

chef-repo/cookbooks/recipes/default.rb

package "zsh" do
  action :install
end
$ sudo chef-solo -c solo.rb -j ./localhost.json
[2014-05-07T09:45:31+00:00] INFO: *** Chef 10.14.2 ***
[2014-05-07T09:45:31+00:00] INFO: Setting the run_list to ["recipe[hello]"] from JSON
[2014-05-07T09:45:31+00:00] INFO: Run List is [recipe[hello]]
[2014-05-07T09:45:31+00:00] INFO: Run List expands to [hello]
[2014-05-07T09:45:31+00:00] INFO: Starting Chef Run for precise32
[2014-05-07T09:45:31+00:00] INFO: Running start handlers
[2014-05-07T09:45:31+00:00] INFO: Start handlers complete.
[2014-05-07T09:45:31+00:00] INFO: Processing log[Hello, Chef!] action write (hello::default line 9)
[2014-05-07T09:45:31+00:00] INFO: Hello, Chef!
[2014-05-07T09:45:31+00:00] INFO: Processing package[zsh] action install (hello::default line 11)
[2014-05-07T09:45:41+00:00] INFO: Chef Run complete in 10.064104 seconds
[2014-05-07T09:45:41+00:00] INFO: Running report handlers
[2014-05-07T09:45:41+00:00] INFO: Report handlers complete

chef-repo/cookbooks/recipes/default.rbを書き換える

%w{zsh gcc make libreadline-dev}.each do |pkg|
  package pkg do
    action :install
  end
end
$ sudo chef-solo -c solo.rb -j ./localhost.json
[2014-05-07T09:56:55+00:00] INFO: *** Chef 10.14.2 ***
[2014-05-07T09:56:56+00:00] INFO: Setting the run_list to ["recipe[hello]"] from JSON
[2014-05-07T09:56:56+00:00] INFO: Run List is [recipe[hello]]
[2014-05-07T09:56:56+00:00] INFO: Run List expands to [hello]
[2014-05-07T09:56:56+00:00] INFO: Starting Chef Run for precise32
[2014-05-07T09:56:56+00:00] INFO: Running start handlers
[2014-05-07T09:56:56+00:00] INFO: Start handlers complete.
[2014-05-07T09:56:56+00:00] INFO: Processing log[Hello, Chef!] action write (hello::default line 9)
[2014-05-07T09:56:56+00:00] INFO: Hello, Chef!
[2014-05-07T09:56:56+00:00] INFO: Processing package[zsh] action install (hello::default line 12)
[2014-05-07T09:56:56+00:00] INFO: Processing package[gcc] action install (hello::default line 12)
[2014-05-07T09:56:56+00:00] INFO: Processing package[make] action install (hello::default line 12)
[2014-05-07T09:56:56+00:00] INFO: Processing package[libreadline-dev] action install (hello::default line 12)
[2014-05-07T09:56:56+00:00] INFO: Chef Run complete in 0.144641 seconds
[2014-05-07T09:56:56+00:00] INFO: Running report handlers
[2014-05-07T09:56:56+00:00] INFO: Report handlers complete

nginxをChef Soloで立ち上げる

レシピ

$ vagrant up
$ ssh melody
$ cd /vagrant/chef-repo/
$ knife cookbook create nginx -o cookbooks
WARNING: No knife configuration file found
** Creating cookbook nginx
** Creating README for cookbook: nginx
** Creating CHANGELOG for cookbook: nginx
** Creating metadata for cookbook: nginx

cookbooks/nginx/recipes/default.rbにレシピを書く

package "nginx" do
  action :install
end

service "nginx" do
  supports :status => true, :restart => true, :reload => true
  action [ :enable, :start ]
end

template "nginx.conf" do
  path "/etc/nginx/nginx.conf"
  source "nginx.conf.erb"
  owner "root"
  group "root"
  mode 0644
  notifies :reload, 'service[nginx]'
end

cookbooks/nginx/templates/default/nginx.conf.erbにテンプレートを配置する。

user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
  worker_connections 1024;
}

http {
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  server {
    listen <%= node['nginx']['port'] %>;
    server_name localhost;
    location / {
      root /usr/share/nginx/html;
      index index.html index.htm;
    }
  }
}

localhost.jsonを編集

{
  "nginx": {
    "port" : 80
  },
  "run_list" : [
    "nginx"
  ]
}

chef-solo実行

実行後にhttp://192.168.50.12にアクセスしてnginxが起動していることを確認する。

$ sudo chef-solo -c solo.rb -j ./localhost.json
[2014-05-09T02:25:26+00:00] INFO: *** Chef 10.14.2 ***
[2014-05-09T02:25:27+00:00] INFO: Setting the run_list to ["nginx"] from JSON
[2014-05-09T02:25:27+00:00] INFO: Run List is [recipe[nginx]]
[2014-05-09T02:25:27+00:00] INFO: Run List expands to [nginx]
[2014-05-09T02:25:27+00:00] INFO: Starting Chef Run for precise32
[2014-05-09T02:25:27+00:00] INFO: Running start handlers
[2014-05-09T02:25:27+00:00] INFO: Start handlers complete.
[2014-05-09T02:25:27+00:00] INFO: Processing package[nginx] action install (nginx::default line 9)
[2014-05-09T02:25:27+00:00] INFO: Processing service[nginx] action enable (nginx::default line 13)
[2014-05-09T02:25:27+00:00] INFO: Processing service[nginx] action start (nginx::default line 13)
[2014-05-09T02:25:27+00:00] INFO: Processing template[nginx.conf] action create (nginx::default line 18)
[2014-05-09T02:25:27+00:00] INFO: Chef Run complete in 0.5936 seconds
[2014-05-09T02:25:27+00:00] INFO: Running report handlers
[2014-05-09T02:25:27+00:00] INFO: Report handlers complete

リモートからchef-soloを実行する

knife-soloの導入

$ gem install knife-solo

Vagrantで最新のChefを使えるようにする。

プラグインを追加

$ vagrant plugin install vagrant-omnibus

Vagrantfileに以下を追加

config.omnibus.chef_version = :latest

再セットアップ

$ vagrant destroy
$ vagrant up

knife-soloの基本操作

# <host>にchef-soloをインストールする
$ knife solo prepare <host>
$ knife solo prepare <user>@<host>

# レシピ転送&リモート操作
$ knife solo cook <host>

# run_listを個別に指定
$ knife solo cook <host> -o hello::default,nginx::default

# <host>に転送したレシピ郡を削除して掃除する
$ knife solo clean <host>

# 新規Chefレポジトリを作る
$ knife solo init chef-repo

複数ホストへのknife soloの実行

$ echo user@node1 user@node2 user@node3 | xargs -n knife solo cook

レシピを使って実行する流れをおさらい

vagrant up

$ vagrant up

Chefレポジトリを作成

$ knife solo init chef-repo2
$ cd chef-repo2
$ git init
$ git add .
$ git commit -m 'first commit'

knife solo prepare

$ knife solo prepare melody
$ git add nodes/melody.json
$ git commit -m 'add node json file'

上記の操作はうまくいかない

しかし、最新のChefを適用する設定をVagrantにしているので以下の作業は実行できる。

クックブック作成&レシピ編集

$ knife cookbook create nginx -o site-cookbooks
** Creating cookbook nginx
** Creating README for cookbook: nginx
** Creating CHANGELOG for cookbook: nginx
** Creating metadata for cookbook: nginx

あとはレシピやJSONファイルを編集する。

site-cookbooks/nginx/recipes/default.rb

package "nginx" do
  action :install
end

service "nginx" do
  supports :status => true, :restart => true, :reload => true
  action [ :enable, :start ]
end

template "nginx.conf" do
  path "/etc/nginx/nginx.conf"
  source "nginx.conf.erb"
  owner "root"
  group "root"
  mode 0644
  notifies :reload, 'service[nginx]'
end

nodes/melody.json

{
  "nginx": {
    "port" : 80
  },
  "run_list" : [
    "nginx"
  ]
}

site-cookbooks/nginx/templates/default/nginx.conf.erb

user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
  worker_connections 1024;
}

http {
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  server {
    listen <%= node['nginx']['port'] %>;
    server_name localhost;
    location / {
      root /usr/share/nginx/html;
      index index.html index.htm;
    }
  }
}

Chef Solo実行

$ knife solo cook melody
Running Chef on melody...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
[2014-05-09T07:09:45+00:00] WARN:
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.

To fix this issue add an entry like this to your configuration file:


  # Verify all HTTPS connections (recommended)
  ssl_verify_mode :verify_peer

  # OR, Verify only connections to chef-server
  verify_api_cert true


To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:


  knife ssl check -c /home/vagrant/chef-solo/solo.rb


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Starting Chef Client, version 11.12.4
Compiling Cookbooks...
Converging 3 resources
Recipe: nginx::default
  * package[nginx] action install
    - install version 1.1.19-1ubuntu0.6 of package nginx

  * service[nginx] action enable (up to date)
  * service[nginx] action start
    - start service service[nginx]

  * template[nginx.conf] action create
    - update content in file /etc/nginx/nginx.conf from 38154b to 034db2
        --- /etc/nginx/nginx.conf       2012-03-29 02:50:24.000000000 +0000
        +++ /tmp/chef-rendered-template20140509-5228-1cjnwyt    2014-05-09 07:09:52.363757261 +0000
        @@ -1,96 +1,23 @@
         user www-data;
        -worker_processes 4;
        +worker_processes 1;
        +error_log /var/log/nginx/error.log;
         pid /var/run/nginx.pid;

         events {
        -       worker_connections 768;
        -       # multi_accept on;
        +  worker_connections 1024;
         }

         http {
        +  include /etc/nginx/mime.types;
        +  default_type application/octet-stream;

        -       ##
        -       # Basic Settings
        -       ##
        -
        -       sendfile on;
        -       tcp_nopush on;
        -       tcp_nodelay on;
        -       keepalive_timeout 65;
        -       types_hash_max_size 2048;
        -       # server_tokens off;
        -
        -       # server_names_hash_bucket_size 64;
        -       # server_name_in_redirect off;
        -
        -       include /etc/nginx/mime.types;
        -       default_type application/octet-stream;
        -
        -       ##
        -       # Logging Settings
        -       ##
        -
        -       access_log /var/log/nginx/access.log;
        -       error_log /var/log/nginx/error.log;
        -
        -       ##
        -       # Gzip Settings
        -       ##
        -
        -       gzip on;
        -       gzip_disable "msie6";
        -
        -       # gzip_vary on;
        -       # gzip_proxied any;
        -       # gzip_comp_level 6;
        -       # gzip_buffers 16 8k;
        -       # gzip_http_version 1.1;
        -       # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
        -
        -       ##
        -       # nginx-naxsi config
        -       ##
        -       # Uncomment it if you installed nginx-naxsi
        -       ##
        -
        -       #include /etc/nginx/naxsi_core.rules;
        -
        -       ##
        -       # nginx-passenger config
        -       ##
        -       # Uncomment it if you installed nginx-passenger
        -       ##
        -
        -       #passenger_root /usr;
        -       #passenger_ruby /usr/bin/ruby;
        -
        -       ##
        -       # Virtual Host Configs
        -       ##
        -
        -       include /etc/nginx/conf.d/*.conf;
        -       include /etc/nginx/sites-enabled/*;
        +  server {
        +    listen 80;
        +    server_name localhost;
        +    location / {
        +      root /usr/share/nginx/html;
        +      index index.html index.htm;
        +    }
        +  }
         }
        -
        -
        -#mail {
        -#      # See sample authentication script at:
        -#      # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
        -#
        -#      # auth_http localhost/auth.php;
        -#      # pop3_capabilities "TOP" "USER";
        -#      # imap_capabilities "IMAP4rev1" "UIDPLUS";
        -#
        -#      server {
        -#              listen     localhost:110;
        -#              protocol   pop3;
        -#              proxy      on;
        -#      }
        -#
        -#      server {
        -#              listen     localhost:143;
        -#              protocol   imap;
        -#              proxy      on;
        -#      }
        -#}

  * service[nginx] action reload
    - reload service service[nginx]


Running handlers:
Running handlers complete

Chef Client finished, 4/5 resources updated in 7.225893057 seconds

実行の確認ができたら。

$ git add site-cookbooks/nginx
$ git commit -m 'Add nginx recipe'

td-agentのレシピを読む

インストール

$ gem install knife-github-cookbooks
$ knife solo init chef-repo3
$ cd chef-ropo3
$ knife cookbook github install treasure-data/chef-td-agent
$ knife cookbook github install opscode-cookbooks/apt
$ knife cookbook github install opscode-cookbooks/yum

定義ファイル作成

$ knife solo prepare melody

nodes/melody.json

{"run_list":["td-agent","apt","yum"]}

レシピ適用

$ knife solo cook melody
Running Chef on melody...
Checking Chef version...
Uploading the kitchen...
Generating solo config...
Running Chef...
[2014-05-09T06:10:44+00:00] WARN:
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.

To fix this issue add an entry like this to your configuration file:


  # Verify all HTTPS connections (recommended)
  ssl_verify_mode :verify_peer

  # OR, Verify only connections to chef-server
  verify_api_cert true


To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:


  knife ssl check -c /home/vagrant/chef-solo/solo.rb


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Starting Chef Client, version 11.12.4
Compiling Cookbooks...
Converging 16 resources
Recipe: td-agent::default
  * group[td-agent] action create
    - create group[td-agent]

  * user[td-agent] action create
    - create user user[td-agent]

  * user[td-agent] action manage (up to date)
  * directory[/etc/td-agent/] action create
    - create new directory /etc/td-agent/
    - change mode from '' to '0755'
    - change owner from '' to 'td-agent'
    - change group from '' to 'td-agent'

  * apt_repository[treasure-data] action addRecipe: <Dynamically Defined Resource>
  * file[/var/lib/apt/periodic/update-success-stamp] action nothing (skipped due to action :nothing)
  * execute[apt-cache gencaches] action nothing (skipped due to action :nothing)
  * execute[apt-get update] action nothing (skipped due to action :nothing)
  * file[/etc/apt/sources.list.d/treasure-data.list] action create
    - create new file /etc/apt/sources.list.d/treasure-data.list
    - update content in file /etc/apt/sources.list.d/treasure-data.list from none to 481855
        --- /etc/apt/sources.list.d/treasure-data.list  2014-05-09 06:10:47.402088403 +0000
        +++ /tmp/.treasure-data.list20140509-12317-1jdnyl       2014-05-09 06:10:47.406088402 +0000
        @@ -1 +1,2 @@
        +deb     http://packages.treasure-data.com/precise/ precise contrib
    - change mode from '' to '0644'
    - change owner from '' to 'root'
    - change group from '' to 'root'

  * file[/var/lib/apt/periodic/update-success-stamp] action delete (up to date)
  * execute[apt-get update] action run
    - execute apt-get update -o Dir::Etc::sourcelist='sources.list.d/treasure-data.list' -o Dir::Etc::sourceparts='-' -o APT::Get::List-Cleanup='0'

  * execute[apt-cache gencaches] action run
    - execute apt-cache gencaches



Recipe: td-agent::default
  * template[/etc/td-agent/td-agent.conf] action create
    - create new file /etc/td-agent/td-agent.conf
    - update content in file /etc/td-agent/td-agent.conf from none to 9e0e68
        --- /etc/td-agent/td-agent.conf 2014-05-09 06:10:52.326088249 +0000
        +++ /tmp/chef-rendered-template20140509-12317-114rr9    2014-05-09 06:10:52.326088249 +0000
        @@ -1 +1,56 @@
        +####
        +## Output descriptions:
        +##
        +
        +# Treasure Data (http://www.treasure-data.com/) provides cloud based data
        +# analytics platform, which easily stores and processes data from td-agent.
        +# FREE plan is also provided.
        +# @see http://docs.fluentd.org/articles/http-to-td
        +#
        +# This section matches events whose tag is td.DATABASE.TABLE
        +<match td.*.*>
        +  type tdlog
        +  apikey
        +
        +  auto_create_table
        +  buffer_type file
        +  buffer_path /var/log/td-agent/buffer/td
        +</match>
        +
        +## match tag=debug.** and dump to console
        +<match debug.**>
        +  type stdout
        +</match>
        +
        +####
        +## Source descriptions:
        +##
        +
        +## built-in TCP input
        +## @see http://docs.fluentd.org/articles/in_forward
        +<source>
        +  type forward
        +  port 24224
        +</source>
        +
        +## built-in UNIX socket input
        +#<source>
        +#  type unix
        +#</source>
        +
        +# HTTP input
        +# POST http://localhost:8888/<tag>?json=<json>
        +# POST http://localhost:8888/td.myapp.login?json={"user"%3A"me"}
        +# @see http://docs.fluentd.org/articles/in_http
        +<source>
        +  type http
        +  port 8888
        +</source>
        +
        +## live debugging agent
        +<source>
        +  type debug_agent
        +  bind 127.0.0.1
        +  port 24230
        +</source>
    - change mode from '' to '0644'

  * package[td-agent] action upgrade
    - upgrade package td-agent from uninstalled to 1.1.19-1

  * service[td-agent] action enable (up to date)
  * service[td-agent] action start (up to date)
Recipe: apt::default
  * execute[apt-get-update] action run
    - execute apt-get update

  * execute[apt-get update] action nothing (skipped due to action :nothing)
  * execute[apt-get autoremove] action nothing (skipped due to action :nothing)
  * execute[apt-get autoclean] action nothing (skipped due to action :nothing)
  * package[update-notifier-common] action install
    - install version 0.119ubuntu8.6 of package update-notifier-common

  * execute[apt-get-update] action run
    - execute apt-get update

  * execute[apt-get-update-periodic] action run (skipped due to only_if)
  * directory[/var/cache/local] action create
    - create new directory /var/cache/local
    - change mode from '' to '0755'
    - change owner from '' to 'root'
    - change group from '' to 'root'

  * directory[/var/cache/local/preseeding] action create
    - create new directory /var/cache/local/preseeding
    - change mode from '' to '0755'
    - change owner from '' to 'root'
    - change group from '' to 'root'

Recipe: yum::default
  * yum_globalconfig[/etc/yum.conf] action createRecipe: <Dynamically Defined Resource>
  * template[/etc/yum.conf] action create
    - create new file /etc/yum.conf
    - update content in file /etc/yum.conf from none to 185984
        --- /etc/yum.conf       2014-05-09 06:12:01.243452995 +0000
        +++ /tmp/chef-rendered-template20140509-12317-17u9hsw   2014-05-09 06:12:01.251456156 +0000
        @@ -1 +1,15 @@
        +# This file was generated by Chef
        +# Do NOT modify this file by hand.
        +
        +[main]
        +cachedir=/var/cache/yum/$basearch/$releasever
        +debuglevel=2
        +distroverpkg=ubuntu-release
        +exactarch=1
        +gpgcheck=1
        +installonly_limit=3
        +keepcache=0
        +logfile=/var/log/yum.log
        +obsoletes=1
        +plugins=1
    - change mode from '' to '0644'



Recipe: td-agent::default
  * service[td-agent] action restart
    - restart service service[td-agent]


Running handlers:
Running handlers complete

Chef Client finished, 17/21 resources updated in 78.627232079 seconds

Vagrantからプロビジョニングできるようにする

Vagrantfileに追加

config.vm.provision "chef_solo" do |chef|
  chef.cookbooks_path = "./chef-repo/cookbooks"
  chef.add_recipe "hello"
end

実行

$ vagrant provision
==> default: Chef 11.12.4 Omnibus package is already installed.
==> default: Running provisioner: shell...
・・・
==> default: Running provisioner: chef_solo...
Generating chef JSON and uploading...
==> default: Running chef-solo...
・・・
==> default: [2014-05-16T02:46:57+00:00] INFO: *** Chef 11.12.4 ***
==> default: [2014-05-16T02:46:57+00:00] INFO: Chef-client pid: 13920
==> default: [2014-05-16T02:46:58+00:00] INFO: Setting the run_list to ["recipe[hello]"] from CLI options
==> default: [2014-05-16T02:46:58+00:00] INFO: Run List is [recipe[hello]]
==> default: [2014-05-16T02:46:58+00:00] INFO: Run List expands to [hello]
==> default: [2014-05-16T02:46:59+00:00] INFO: Starting Chef Run for precise32
==> default: [2014-05-16T02:46:59+00:00] INFO: Running start handlers
==> default: [2014-05-16T02:46:59+00:00] INFO: Start handlers complete.
==> default: [2014-05-16T02:46:59+00:00] INFO: Hello, Chef!
==> default: [2014-05-16T02:47:12+00:00] INFO: Chef Run complete in 13.984427685 seconds
==> default: [2014-05-16T02:47:12+00:00] INFO: Running report handlers
==> default: [2014-05-16T02:47:12+00:00] INFO: Report handlers complete

複数のクックブックを実行できるようする

Vagrantfile

config.vm.provision "chef_solo" do |chef|
  chef.cookbooks_path = ["./chef-repo/cookbooks","./chef-repo2/site-cookbooks","./chef-repo3/cookbooks"]
  chef.add_recipe "hello"
  chef.add_recipe "nginx"
  chef.add_recipe "td-agent"
  chef.add_recipe "apt"
  chef.add_recipe "yum"

  chef.json = {
    nginx: {
      port: "80"
      }
    }
end

再実行

$ vagrant reload
$ vagrant provision

Vagrant+Chef Solo+AWS

vagrant入門参照
Ubuntoに設定をあわせる

Vagrantfile

VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.omnibus.chef_version = :latest

  #--- 以下を指定 --
  box_name = "dummy"
  box_url = "https://github.com/mitchellh/vagrant-aws/raw/master/dummy.box"
  ssh_username = "ubuntu"
  security_groups = ["web"]
  region = "ap-northeast-1"
  availability_zone = "ap-northeast-1a"
  ami = "ami-bddaa2bc"
  instance_type = "m1.medium"
  #--- ここまで --

  config.vm.box = box_name
  config.vm.box_url = box_url

  config.vm.provider :aws do |aws, override|
    aws.access_key_id = ENV['AWS_ACCESS_KEY_ID']
    aws.secret_access_key = ENV['AWS_SECRET_ACCESS_KEY']
    aws.keypair_name = ENV['AWS_KEYPAIR_NAME']
    override.ssh.username = ssh_username
    override.ssh.private_key_path = ENV['AWS_PRIVATE_KEY_PATH']

    #---- EC2-Classic固有の設定 ----#
    # リージョンを設定
    aws.region = region
    # AZを設定
    aws.availability_zone = availability_zone
    # セキュリティグループを設定
    aws.security_groups = security_groups
    #---- EC2-Classic固有の設定ここまで ----#

    # User-data
    aws.user_data = "#!/bin/sh\nsed -i 's/^.*requiretty/#Defaults requiretty/' /etc/sudoers\n"
    # タグを指定(任意)
    aws.tags = aws.tags = { "Name" => "test-classic-default-minimal", "env" => "dev"}
    # AMIを指定。起動したいリージョンにあるAMI
    aws.ami = ami
    # インスタンスタイプを設定
    aws.instance_type = instance_type
  end

  config.vm.provision "chef_solo" do |chef|
    chef.cookbooks_path = ["./chef-repo/cookbooks"]
    chef.add_recipe "hello"
    chef.add_recipe "nginx"

    chef.json = {
      nginx: {
        port: "80"
        }
      }
  end
end

実行

$ vagrant destroy
$ vagrant up --provider=aws
Bringing machine 'default' up with 'aws' provider...
[fog][WARNING] Unable to load the 'unf' gem. Your AWS strings may not be properly encoded.
==> default: HandleBoxUrl middleware is deprecated. Use HandleBox instead.
==> default: This is a bug with the provider. Please contact the creator
==> default: of the provider you use to fix this.
==> default: Warning! The AWS provider doesn't support any of the Vagrant
==> default: high-level network configurations (`config.vm.network`). They
==> default: will be silently ignored.
==> default: Launching an instance with the following settings...
==> default:  -- Type: m1.medium
==> default:  -- AMI: ami-bddaa2bc
==> default:  -- Region: ap-northeast-1
==> default:  -- Availability Zone: ap-northeast-1a
==> default:  -- Keypair: k2works
==> default:  -- User Data: yes
==> default:  -- Security Groups: ["web"]
==> default:  -- User Data: #!/bin/sh
==> default: sed -i 's/^.*requiretty/#Defaults requiretty/' /etc/sudoers
==> default:  -- Block Device Mapping: []
==> default:  -- Terminate On Shutdown: false
==> default:  -- Monitoring: false
==> default:  -- EBS optimized: false
==> default: Waiting for instance to become "ready"...
==> default: Waiting for SSH to become available...
==> default: Machine is booted and ready for use!
==> default: Rsyncing folder: /Users/k2works/projects/github/chef_solo_introduction/ => /vagrant
==> default: Rsyncing folder: /Users/k2works/projects/github/chef_solo_introduction/chef-repo/cookbooks/ => /tmp/vagrant-chef-3/chef-solo-1/cookbooks
==> default: Installing Chef 11.12.4 Omnibus package...
==> default: Downloading Chef 11.12.4 for ubuntu...
==> default: downloading https://www.getchef.com/chef/metadata?v=11.12.4&prerelease=false&nightlies=false&p=ubuntu&pv=14.04&m=x86_64
==> default:   to file /tmp/install.sh.1417/metadata.txt
==> default: trying wget...
==> default: url        https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/13.04/x86_64/chef_11.12.4-1_amd64.deb
==> default: md5        1a1318c64d42278501a90a698b50ef3e
==> default: sha256     1ab6016c5ba33af4da372e3b65e7e036895639ebc3d2a9672f50b367cf490577
==> default: downloaded metadata file looks valid...
==> default: downloading https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/13.04/x86_64/chef_11.12.4-1_amd64.deb
==> default:   to file /tmp/install.sh.1417/chef_11.12.4-1_amd64.deb
==> default: trying wget...
==> default: Comparing checksum with sha256sum...
==> default: Installing Chef 11.12.4
==> default: installing with dpkg...
==> default: Selecting previously unselected package chef.
==> default: (Reading database ... 51050 files and directories currently installed.)
==> default: Preparing to unpack .../chef_11.12.4-1_amd64.deb ...
==> default: Unpacking chef (11.12.4-1) ...
==> default: Setting up chef (11.12.4-1) ...
==> default: Thank you for installing Chef!
==> default: Running provisioner: chef_solo...
Generating chef JSON and uploading...
==> default: Running chef-solo...
==> default: stdin: is not a tty
==> default: [2014-05-16T06:42:40+00:00] INFO: Forking chef instance to converge...
==> default: [2014-05-16T06:42:40+00:00] WARN:
==> default: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
==> default: SSL validation of HTTPS requests is disabled. HTTPS connections are still
==> default: encrypted, but chef is not able to detect forged replies or man in the middle
==> default: attacks.
==> default:
==> default: To fix this issue add an entry like this to your configuration file:
==> default:
==> default:
==> default:   # Verify all HTTPS connections (recommended)
==> default:   ssl_verify_mode :verify_peer
==> default:
==> default:   # OR, Verify only connections to chef-server
==> default:   verify_api_cert true
==> default:
==> default:
==> default: To check your SSL configuration, or troubleshoot errors, you can use the
==> default: `knife ssl check` command like so:
==> default:
==> default:
==> default:   knife ssl check -c /tmp/vagrant-chef-3/solo.rb
==> default:
==> default:
==> default: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
==> default: [2014-05-16T06:42:40+00:00] INFO: *** Chef 11.12.4 ***
==> default: [2014-05-16T06:42:40+00:00] INFO: Chef-client pid: 1594
==> default: [2014-05-16T06:42:44+00:00] INFO: Setting the run_list to ["recipe[hello]", "recipe[nginx]"] from CLI options
==> default: [2014-05-16T06:42:44+00:00] INFO: Run List is [recipe[hello], recipe[nginx]]
==> default: [2014-05-16T06:42:44+00:00] INFO: Run List expands to [hello, nginx]
==> default: [2014-05-16T06:42:44+00:00] INFO: Starting Chef Run for ip-10-133-171-136.ap-northeast-1.compute.internal
==> default: [2014-05-16T06:42:44+00:00] INFO: Running start handlers
==> default: [2014-05-16T06:42:44+00:00] INFO: Start handlers complete.
==> default: [2014-05-16T06:42:44+00:00] INFO: Hello, Chef!
==> default: [2014-05-16T06:43:36+00:00] INFO: template[nginx.conf] backed up to /var/chef/backup/etc/nginx/nginx.conf.chef-20140516064336.727870
==> default: [2014-05-16T06:43:36+00:00] INFO: template[nginx.conf] updated file contents /etc/nginx/nginx.conf
==> default: [2014-05-16T06:43:36+00:00] INFO: template[nginx.conf] sending reload action to service[nginx] (delayed)
==> default: [2014-05-16T06:43:36+00:00] INFO: service[nginx] reloaded
==> default: [2014-05-16T06:43:36+00:00] INFO: Chef Run complete in 52.432361912 seconds
==> default: [2014-05-16T06:43:36+00:00] INFO: Running report handlers
==> default: [2014-05-16T06:43:36+00:00] INFO: Report handlers complete

実行完了後AWSインスタンスのPublic DNSアドレスをブラウザで確認する。

参照

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
18