chefとは
- 「Infrastructure as Code」を実現するためのツール。
- インフラ自動化のためのプラットフォーム
- 同様のツールとしてPuppetやAnsibleが挙げられるがそれらのツールの違いについてはここでは言及しない。
参照:https://docs.chef.io/chef_overview.html
概要
主要なコンポーネントとして下記の3つが存在する。
- Workstation
- Nodes
- Chef-Server
構成俯瞰
Workstation(Chef DK(DevelopmentKit))で各nodeの設定ファイルとなるcookbook等を作成しChef-Serverにアップロードする。アップロードされたcookbook等は対象となるNodesに同期される。同期に当たってはサーバー・クライアントモデルとなっていてNodesにインストールされたclientがserverへ変更要求を確認しにいく。
WorkstationとChef-Serverを別マシン(サーバー)に分けずに一緒の場所にする構成もある。
Workstation
Chef Development Kit(ChefDK)を使ってcookbookを作成したりchef-serverとやり取りをする。
nodesともやり取りをすることもある。ChefDKには2つの重要なコマンドラインツールがある。
- 「chef」→ chef-repo内のitemとやり取りをする。chef-repoはcookbookの入っているレポジトリのこと。
- 「knife」→ Chef-ServerやNodesとやり取りするためのインタフェース
Nodes
chefで運用される対象のこと。仮想マシンやクラウド(AWS,Azure,GCE,OpenStack)、ネットワークデバイス(スイッチやルーター)等。Nodesの主要コンポーネントは下記。
- 「chef-client」→ ノードで動作するagent。ノードを期待されている状態に収束(converge)させる。つまりchef-serverに登録されたcookbookをnodeに同期する。
- 「ohai」→ 実行環境の情報を取得し、chef-client上でそれらをプログラマブルに扱えるようにするためのツール。Puppetで言うところの"Facter"。Ansibleで言うところの"facts"。参照:http://www.intellilink.co.jp/article/column/devops04.html
Chef-Server
chef-serverは構成データのハブとして機能し、各ノードの設定ファイルとなるクックブックやポリシーをサーバ内で保持する。各nodeはchef-clientを使用してchef-serverに問い合わせをし、nodeの設定作業を実行する。server-clientモデルによって構成作業は分散処理される。
公式チュートリアルをやってみる。
awsのec2インスタンスを使ってworkstationでcookbookを作成しchef-serverにアップロードしてnodeにインストールしたchef-clientがnodeを収束(converge)させるまでを試してみる。
- EC2の準備
- Workstationのセットアップ
- Chef-Serverのセットアップ
- Cookbookのアップロード
- nodeのbootstrap
- nodeの設定をアップデートする
- clientが実行に失敗した場合
- 定期的にclientを実行する
1. EC2の準備
- chef-serverはちょっとパワーが必要なので2coreでメモリ4Gくらい。
- 各コンポーネントを名前解決できなければならないので/etc/hostsを設定する。
- コンソールで間違いをなくすためにhostnameを変更しておく。(参照)
- セキュリティグループは3コンポーネント共通でポート80、
chef-serverに設定を施してリブート(workstationとnodeは同様なので省略。HOSTNAMEは適宜読み替え」)
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=chef-server.localdomain
NOZEROCONF=yes
# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost6 localhost6.localdomain6
<Elastic IP> chef-server.localdomain chef-server
<Elastic IP> chef-node.localdomain chef-node
<Elastic IP> chef-workstation.localdomain chef-workstation
2. Workstationのセットアップ
下記URLからダウンロード
https://downloads.chef.io/chefdk
chef-workstation上で下記を実行
# wget https://packages.chef.io/files/stable/chefdk/1.1.16/el/7/chefdk-1.1.16-1.el7.x86_64.rpm
# rpm -ivh chefdk-1.1.16-1.el7.x86_64.rpm
# chef -v
Chef Development Kit Version: 1.1.16
chef-client version: 12.17.44
delivery version: master (83358fb62c0f711c70ad5a81030a6cae4017f103)
berks version: 5.2.0
kitchen version: 1.14.2
# knife -v
Chef: 12.17.44
3. Chef-Serverのセットアップ
下記からダウンロード
https://downloads.chef.io/chef-server
chef-server上で初期設定を実行。参考URL
# wget https://packages.chef.io/files/stable/chef-server/12.11.1/el/7/chef-server-core-12.11.1-1.el7.x86_64.rpm
# rpm -ivh chef-server-core-12.11.1-1.el7.x86_64.rpm
# chef-server-ctl reconfigure
# chef-server-ctl status
# mkdir /root/keys
# chef-server-ctl user-create admin Taro Satou hoge@hoge.com 'abc123' --filename /root/keys/admin.pem
# chef-server-ctl org-create test_org 'Test Org' --association_user admin --filename /root/keys/test_org.pem
# chef-server-ctl user-list
admin
pivotal
# chef-server-ctl org-list
test_org
chef-workstationで下記を実行
手始めにcookbookの雛形を作る。workstation上からknifeコマンドを使ってchef-server上にアップロード等をしていくことになる。
[root@chef-workstation ~]# mkdir chef-repo
[root@chef-workstation ~]# cd chef-repo
[root@chef-workstation chef-repo]# mkdir cookbooks
[root@chef-workstation chef-repo]# chef generate cookbook cookbooks/sample-cookbook
[root@chef-workstation chef-repo]# tree /root/chef-repo
/root/chef-repo
└── cookbooks
└── sample-cookbook
├── Berksfile
├── chefignore
├── metadata.rb
├── README.md
├── recipes
│ └── default.rb
├── spec
│ ├── spec_helper.rb
│ └── unit
│ └── recipes
│ └── default_spec.rb
└── test
└── smoke
└── default
└── default_test.rb
雛形を作ったがworkstationがどのchef-serverとやり取りをすればよいかは別途の設定ファイルが必要となる。下記の通り.chefディレクトリを作成しknife.rbを設定する。
admin.pemはchef-server上でadminを作成した時の鍵なのでworkstationに配布する。chef-serverはこの鍵でknifeからのリクエストを認証する。
[root@chef-workstation chef-repo]# pwd
/root/chef-repo
[root@chef-workstation chef-repo]# mkdir .chef
[root@chef-workstation chef-repo]# touch .chef/knife.rb
[root@chef-workstation chef-repo]# cat .chef/knife.rb
current_dir = File.dirname(__FILE__)
log_level :info
log_location STDOUT
node_name "admin"
client_key "#{current_dir}/admin.pem"
chef_server_url "https://chef-server.localdomain/organizations/test_org"
cookbook_path ["#{current_dir}/../cookbooks"]
[root@chef-workstation chef-repo]# knife ssl fetch
WARNING: Certificates from chef-server will be fetched and placed in your trusted_cert
directory (/root/chef-repo/.chef/trusted_certs).
Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.
Adding certificate for chef-server_localdomain in /root/chef-repo/.chef/trusted_certs/chef-server_localdomain.crt
[root@chef-workstation chef-repo]# knife ssl check
Connecting to host chef-server.localdomain:443
Successfully verified certificates from `chef-server.localdomain'
4. Cookbookのアップロード
手順3でchef-workstationとchef-serverの疎通が確認できた。次はchef-workstation上で編集したcookbookをchef-serverにアップロードする。
[root@chef-workstation chef-repo]# pwd
/root/chef-repo
[root@chef-workstation chef-repo]# tree .
.
└── cookbooks
└── sample-cookbook
├── Berksfile
├── chefignore
├── metadata.rb
├── README.md
├── recipes
│ └── default.rb
├── spec
│ ├── spec_helper.rb
│ └── unit
│ └── recipes
│ └── default_spec.rb
└── test
└── smoke
└── default
└── default_test.rb
[root@chef-workstation chef-repo]# knife cookbook upload sample-cookbook
Uploading sample-cookbook [0.1.0]
Uploaded 1 cookbook.
[root@chef-workstation chef-repo]# knife cookbook list
sample-cookbook 0.1.0
5. nodeのbootstrap
[root@chef-workstation chef-repo]# knife bootstrap chef-node --ssh-user ec2-user --sudo --node-name chef-node --run-list 'recipe[sample-cookbook]' -i ~/.ssh/chef-node.pem
Creating new client for chef-node
Creating new node for chef-node
Connecting to chef-node
chef-node -----> Installing Chef Omnibus (-v 12)
chef-node downloading https://omnitruck-direct.chef.io/chef/install.sh
chef-node to file /tmp/install.sh.2659/install.sh
chef-node trying wget...
chef-node el 6 x86_64
chef-node Getting information for chef stable 12 for el...
chef-node downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=12&p=el&pv=6&m=x86_64
chef-node to file /tmp/install.sh.2664/metadata.txt
chef-node trying wget...
chef-node sha1 bf54e7f486c2b0077db62bfa48adecd7110df332
chef-node sha256 d97c3a2279366816cfbdb22916d0952b9da1627a1653b42d3ef71022619473e4
chef-node url https://packages.chef.io/files/stable/chef/12.18.31/el/6/chef-12.18.31-1.el6.x86_64.rpm
chef-node version 12.18.31
chef-node downloaded metadata file looks valid...
chef-node downloading https://packages.chef.io/files/stable/chef/12.18.31/el/6/chef-12.18.31-1.el6.x86_64.rpm
chef-node to file /tmp/install.sh.2664/chef-12.18.31-1.el6.x86_64.rpm
chef-node trying wget...
chef-node Comparing checksum with sha256sum...
chef-node Installing chef 12
chef-node installing with rpm...
chef-node warning: /tmp/install.sh.2664/chef-12.18.31-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
chef-node Preparing... ################################# [100%]
chef-node Updating / installing...
chef-node 1:chef-12.18.31-1.el6 ################################# [100%]
chef-node Thank you for installing Chef!
chef-node Starting the first Chef Client run...
chef-node Starting Chef Client, version 12.18.31
chef-node resolving cookbooks for run list: ["sample-cookbook"]
chef-node Synchronizing Cookbooks:
chef-node - sample-cookbook (0.1.0)
chef-node Installing Cookbook Gems:
chef-node Compiling Cookbooks...
chef-node Converging 0 resources
chef-node
chef-node Running handlers:
chef-node Running handlers complete
chef-node Chef Client finished, 0/0 resources updated in 01 seconds
[root@chef-workstation chef-repo]# knife node list
chef-node
[root@chef-workstation chef-repo]# knife node show chef-node
Node Name: chef-node
Environment: _default
FQDN: chef-node.localdomain
IP: 52.199.96.52
Run List: recipe[sample-cookbook]
Roles:
Recipes: sample-cookbook, sample-cookbook::default
Platform: amazon 2016.09
Tags:
6.nodeの設定をアップデートする
今のままだとcookbookには何も書かれていないので更新する。
cookbookとmetadata.rbを編集
[root@chef-workstation chef-repo]# cat cookbooks/sample-cookbook/recipes/default.rb
#
# Cookbook:: sample-cookbook
# Recipe:: default
#
# Copyright:: 2017, The Authors, All Rights Reserved.
package 'httpd'
service 'httpd' do
action [:enable, :start]
end
file '/var/www/html/index.html' do
content '<html>
<body>
<h1>hello world chef.</h1>
</body>
</html>'
end
[root@chef-workstation chef-repo]# cat cookbooks/sample-cookbook/metadata.rb
name 'sample-cookbook'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'all_rights'
description 'Installs/Configures sample-cookbook'
long_description 'Installs/Configures sample-cookbook'
version '0.2.0'
uploadする
[root@chef-workstation chef-repo]# knife cookbook upload sample-cookbook
[root@chef-workstation chef-repo]# knife cookbook list
sample-cookbook 0.2.0
設定をnodeに反映させる
chef-clientはデーモン化されていないので、workstationからknife sshを使って実行する。
root@chef-workstation chef-repo]# knife ssh 'name:chef-node' -i ~/.ssh/secret.pem -x ec2-user 'sudo chef-client'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Starting Chef Client, version 12.18.31
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com resolving cookbooks for run list: ["sample-cookbook"]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Synchronizing Cookbooks:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - sample-cookbook (0.2.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Installing Cookbook Gems:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiling Cookbooks...
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Converging 3 resources
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: sample-cookbook::default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * yum_package[httpd] action install
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - install version 2.2.31-1.8.amzn1 of package httpd
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action enable
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - enable service service[httpd]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action start
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - start service service[httpd]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/var/www/html/index.html] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new file /var/www/html/index.html
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - update content in file /var/www/html/index.html from none to ad65ca
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --- /var/www/html/index.html 2017-02-05 02:29:44.930515697 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +++ /var/www/html/.chef-index20170205-3169-qal0ge.html 2017-02-05 02:29:44.930515697 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com @@ -1 +1,6 @@
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +<html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + <body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + <h1>hello world chef.</h1>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + </body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +</html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef Client finished, 4/4 resources updated in 04 seconds
結果を確認
[root@chef-workstation chef-repo]# curl chef-node
<html>
<body>
<h1>hello world chef.</h1>
</body>
</html>
7. clientが実行に失敗した場合
レシピを編集する。knife diffはchef-serverにアップされているcookbookとの差分を表示することができる。
レシピにはわざと実行が失敗するロジックを記述してみる。web_adminというユーザは未作成だ。
[root@chef-workstation chef-repo]# knife diff cookbooks/sample-cookbook
diff --knife cookbooks/sample-cookbook/metadata.rb cookbooks/sample-cookbook/metadata.rb
--- cookbooks/sample-cookbook/metadata.rb 2017-02-05 02:55:33.542073691 +0000
+++ cookbooks/sample-cookbook/metadata.rb 2017-02-05 02:55:33.542073691 +0000
@@ -4,7 +4,7 @@
license 'all_rights'
description 'Installs/Configures sample-cookbook'
long_description 'Installs/Configures sample-cookbook'
-version '0.2.0'
+version '0.3.0'
# The `issues_url` points to the location where issues for this cookbook are
# tracked. A `View Issues` link will be displayed on this cookbook's page when
diff --knife cookbooks/sample-cookbook/recipes/default.rb cookbooks/sample-cookbook/recipes/default.rb
--- cookbooks/sample-cookbook/recipes/default.rb 2017-02-05 02:55:33.562073493 +0000
+++ cookbooks/sample-cookbook/recipes/default.rb 2017-02-05 02:55:33.562073493 +0000
@@ -14,7 +14,11 @@
content '<html>
<body>
<h1>hello world chef.</h1>
+ <h2>add h2 element.</h2>
</body>
</html>'
+
+ owner 'web_admin'
+ group 'web_admin'
end
アップロードする
[root@chef-workstation chef-repo]# knife cookbook upload sample-cookbook
Uploading sample-cookbook [0.3.0]
Uploaded 1 cookbook.
[root@chef-workstation chef-repo]# knife cookbook list
sample-cookbook 0.3.0
dry-runしてみる
whyrunモードというらしい。
一応web_adminというユーザが存在しないことが警告されてdry-runは正常終了する
[root@chef-workstation chef-repo]# knife ssh 'name:chef-node' -i ~/.ssh/secret.pem -x ec2-user 'sudo chef-client -W'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Starting Chef Client, version 12.18.31
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com resolving cookbooks for run list: ["sample-cookbook"]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Synchronizing Cookbooks:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - sample-cookbook (0.3.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Installing Cookbook Gems:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiling Cookbooks...
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Converging 3 resources
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: sample-cookbook::default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * yum_package[httpd] action install (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action enable (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action start (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/var/www/html/index.html] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * cannot determine user id for 'web_admin', does the user exist on this system?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * Assuming user web_admin would have been created
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * cannot determine group id for 'web_admin', does the group exist on this system?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * Assuming group web_admin would have been created
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - Would update content in file /var/www/html/index.html from ad65ca to e3dbd9
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --- /var/www/html/index.html 2017-02-05 02:29:44.930515697 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +++ /tmp/.chef-index20170205-4085-n8v5bl.html 2017-02-05 02:56:44.073557881 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com @@ -1,6 +1,7 @@
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <h1>hello world chef.</h1>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + <h2>add h2 element.</h2>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com </body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com </html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:56:44+00:00] WARN: In why-run mode, so NOT performing node save.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef Client finished, 1/4 resources would have been updated
実際に実行してみる
エラー終了する。
[root@chef-workstation chef-repo]# knife ssh 'name:chef-node' -i ~/.ssh/secret.pem -x ec2-user 'sudo chef-client'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Starting Chef Client, version 12.18.31
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com resolving cookbooks for run list: ["sample-cookbook"]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Synchronizing Cookbooks:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - sample-cookbook (0.3.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Installing Cookbook Gems:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiling Cookbooks...
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Converging 3 resources
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: sample-cookbook::default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * yum_package[httpd] action install (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action enable (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action start (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/var/www/html/index.html] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * cannot determine user id for 'web_admin', does the user exist on this system?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com ================================================================================
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Error executing action `create` on resource 'file[/var/www/html/index.html]'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com ================================================================================
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef::Exceptions::UserIDNotFound
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --------------------------------
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com cannot determine user id for 'web_admin', does the user exist on this system?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Resource Declaration:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com ---------------------
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com # In /var/chef/cache/cookbooks/sample-cookbook/recipes/default.rb
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 13: file '/var/www/html/index.html' do
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 14: content '<html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 15: <body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 16: <h1>hello world chef.</h1>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 17: <h2>add h2 element.</h2>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 18: </body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 19: </html>'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 20:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 21: owner 'web_admin'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 22: group 'web_admin'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 23: end
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiled Resource:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com ------------------
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com # Declared in /var/chef/cache/cookbooks/sample-cookbook/recipes/default.rb:13:in `from_file'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com file("/var/www/html/index.html") do
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com action [:create]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com retries 0
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com retry_delay 2
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com default_guard_interpreter :default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com declared_type :file
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com cookbook_name "sample-cookbook"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com recipe_name "default"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com content "<html>\n <body>\n <h1>hello world chef.</h1>\n <h2>add h2 element.</h2>\n </body>\n</html>"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com owner "web_admin"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com group "web_admin"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com path "/var/www/html/index.html"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com end
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Platform:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com ---------
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com x86_64-linux
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] ERROR: Running exception handlers
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] ERROR: Exception handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef Client failed. 0 resources updated in 02 seconds
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] ERROR: file[/var/www/html/index.html] (sample-cookbook::default line 13) had an error: Chef::Exceptions::UserIDNotFound: cannot determine user id for 'web_admin', does the user exist on this system?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com [2017-02-05T02:59:30+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
index.htmlの内容だけが書き換わるということはなかった。
[root@chef-workstation chef-repo]# curl chef-node
<html>
<body>
<h1>hello world chef.</h1>
</body>
</html>
レシピを修正してnodeに反映
[root@chef-workstation chef-repo]# knife diff cookbooks/sample-cookbook
diff --knife cookbooks/sample-cookbook/metadata.rb cookbooks/sample-cookbook/metadata.rb
--- cookbooks/sample-cookbook/metadata.rb 2017-02-05 03:03:16.251818292 +0000
+++ cookbooks/sample-cookbook/metadata.rb 2017-02-05 03:03:16.251818292 +0000
@@ -4,7 +4,7 @@
license 'all_rights'
description 'Installs/Configures sample-cookbook'
long_description 'Installs/Configures sample-cookbook'
-version '0.3.0'
+version '0.3.1'
# The `issues_url` points to the location where issues for this cookbook are
# tracked. A `View Issues` link will be displayed on this cookbook's page when
diff --knife cookbooks/sample-cookbook/recipes/default.rb cookbooks/sample-cookbook/recipes/default.rb
--- cookbooks/sample-cookbook/recipes/default.rb 2017-02-05 03:03:16.275817903 +0000
+++ cookbooks/sample-cookbook/recipes/default.rb 2017-02-05 03:03:16.275817903 +0000
@@ -10,6 +10,14 @@
action [:enable, :start]
end
+group 'web_admin'
+
+user 'web_admin' do
+ group 'web_admin'
+ system true
+ shell '/bin/bash'
+end
+
file '/var/www/html/index.html' do
content '<html>
<body>
反映させる
[root@chef-workstation chef-repo]# knife ssh 'name:chef-node' -i ~/.ssh/secret.pem -x ec2-user 'sudo chef-client'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Starting Chef Client, version 12.18.31
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com resolving cookbooks for run list: ["sample-cookbook"]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Synchronizing Cookbooks:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - sample-cookbook (0.3.1)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Installing Cookbook Gems:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiling Cookbooks...
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Converging 5 resources
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: sample-cookbook::default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * yum_package[httpd] action install (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action enable (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action start (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * group[web_admin] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create group web_admin
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * linux_user[web_admin] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create user web_admin
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/var/www/html/index.html] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - update content in file /var/www/html/index.html from ad65ca to e3dbd9
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --- /var/www/html/index.html 2017-02-05 02:29:44.930515697 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +++ /var/www/html/.chef-index20170205-4798-jewh32.html 2017-02-05 03:05:49.548777469 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com @@ -1,6 +1,7 @@
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com <h1>hello world chef.</h1>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + <h2>add h2 element.</h2>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com </body>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com </html>
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change owner from 'root' to 'web_admin'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change group from 'root' to 'web_admin'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef Client finished, 3/6 resources updated in 02 seconds
確認
[root@chef-workstation chef-repo]# curl chef-node
<html>
<body>
<h1>hello world chef.</h1>
<h2>add h2 element.</h2>
</body>
</html>
8. 定期的にclientを実行する
chef-clientはknife bootstrapでnodeにインストールされているが、それ以上のconfigurationを実施したい場合はchef-clientのcookbookを利用することも選択肢の一つとなる。
chef-clientのcookbookをberksコマンドを利用して操作する
Berksfileを記述してchef-clientのcookbookを取得する
[root@chef-workstation chef-repo]# pwd
/root/chef-repo
[root@chef-workstation chef-repo]# cat Berksfile
source 'https://supermarket.chef.io'
cookbook 'chef-client'
[root@chef-workstation chef-repo]# berks install
Resolving cookbook dependencies...
Fetching cookbook index from https://supermarket.chef.io...
Installing chef-client (7.1.0)
Installing compat_resource (12.16.3)
Installing cron (3.0.0)
Installing logrotate (2.1.0)
Installing ohai (4.2.3)
Installing windows (2.1.1)
[root@chef-workstation chef-repo]# ll
total 12
-rw-r--r-- 1 root root 60 Feb 5 06:43 Berksfile
-rw------- 1 root root 305 Feb 5 06:46 Berksfile.lock
drwxr-xr-x 3 root root 4096 Jan 24 05:44 cookbooks
[root@chef-workstation chef-repo]# ls ~/.berkshelf/cookbooks/
chef-client-7.1.0 compat_resource-12.16.3 cron-3.0.0 logrotate-2.1.0 ohai-4.2.3 windows-2.1.1
chef-serverへアップロード。SSLまわりのことはここでは触れない。
[root@chef-workstation chef-repo]# berks upload --no-ssl-verify
Uploaded chef-client (7.1.0) to: 'https://chef-server.localdomain:443/organizations/test_org'
Uploaded compat_resource (12.16.3) to: 'https://chef-server.localdomain:443/organizations/test_org'
Uploaded cron (3.0.0) to: 'https://chef-server.localdomain:443/organizations/test_org'
Uploaded logrotate (2.1.0) to: 'https://chef-server.localdomain:443/organizations/test_org'
Uploaded ohai (4.2.3) to: 'https://chef-server.localdomain:443/organizations/test_org'
Uploaded windows (2.1.1) to: 'https://chef-server.localdomain:443/organizations/test_org'
[root@chef-workstation chef-repo]# knife cookbook list
chef-client 7.1.0
compat_resource 12.16.3
cron 3.0.0
logrotate 2.1.0
ohai 4.2.3
sample-cookbook 0.3.1
windows 2.1.1
roleを作成してchef-serverへアップロード
[root@chef-workstation chef-repo]# mkdir roles
[root@chef-workstation chef-repo]# touch roles/web.json
[root@chef-workstation chef-repo]# cat roles/web.json
{
"name": "web",
"description": "Web server role.",
"json_class": "Chef::Role",
"default_attributes": {
"chef_client": {
"interval": 300,
"splay": 60
}
},
"override_attributes": {
},
"chef_type": "role",
"run_list": ["recipe[chef-client::default]",
"recipe[chef-client::delete_validation]",
"recipe[sample-cookbook::default]"
],
"env_run_lists": {
}
}
[root@chef-workstation chef-repo]# knife role from file roles/web.json
Updated Role web
[root@chef-workstation chef-repo]# knife role list
web
[root@chef-workstation chef-repo]# knife role show web
chef_type: role
default_attributes:
chef_client:
interval: 300
splay: 60
description: Web server role.
env_run_lists:
json_class: Chef::Role
name: web
override_attributes:
run_list:
recipe[chef-client::default]
recipe[chef-client::delete_validation]
recipe[sample-cookbook::default]
[root@chef-workstation chef-repo]# knife node run_list set chef-node "role[web]"
chef-node:
run_list: role[web]
[root@chef-workstation chef-repo]# knife node show chef-node --run-list
chef-node:
run_list: role[web]
clientの設定を反映する
反映した
[root@chef-workstation chef-repo]# knife ssh 'role:web' 'sudo chef-client' -x ec2-user -i ~/.ssh/secret.pem
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Starting Chef Client, version 12.18.31
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com resolving cookbooks for run list: ["chef-client::default", "chef-client::delete_validation", "sample-cookbook::default"]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Synchronizing Cookbooks:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - cron (3.0.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - logrotate (2.1.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - ohai (4.2.3)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - chef-client (7.1.0)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - compat_resource (12.16.3)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - windows (2.1.1)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - sample-cookbook (0.3.1)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Installing Cookbook Gems:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Compiling Cookbooks...
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Converging 14 resources
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: chef-client::init_service
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * directory[/var/run/chef] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new directory /var/run/chef
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change owner from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change group from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * directory[/var/cache/chef] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new directory /var/cache/chef
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change owner from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change group from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * directory[/var/lib/chef] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new directory /var/lib/chef
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change owner from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change group from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * directory[/var/log/chef] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new directory /var/log/chef
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change mode from '' to '0755'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change owner from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change group from '' to 'root'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * directory[/etc/chef] action create (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * template[/etc/init.d/chef-client] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new file /etc/init.d/chef-client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - update content in file /etc/init.d/chef-client from none to f352ec
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --- /etc/init.d/chef-client 2017-02-05 07:31:21.488291588 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +++ /etc/init.d/.chef-chef-client20170205-3398-1vk27nc 2017-02-05 07:31:21.488291588 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com @@ -1 +1,110 @@
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +#!/bin/bash
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +#
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# chef-client Startup script for the Chef client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +#
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# chkconfig: - 98 02
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# description: Client component of the Chef systems integration framework.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +### BEGIN INIT INFO
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Provides: chef-client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Required-Start: $local_fs $network $remote_fs
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Required-Stop: $local_fs $network $remote_fs
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Should-Start: $named $time
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Should-Stop: $named $time
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Short-Description: Startup script for the Chef client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Description: Client component of the Chef systems integration framework.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +### END INIT INFO
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Source function library
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +. /etc/init.d/functions
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +exec="/usr/bin/chef-client"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +prog="chef-client"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +config=${CONFIG-/etc/chef/client.rb}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +pidfile=${PIDFILE-/var/run/chef/client.pid}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +lockfile=${LOCKFILE-/var/lock/subsys/$prog}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +interval=${INTERVAL-1800}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +splay=${SPLAY-20}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +options=${OPTIONS-}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +start() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + [ -x $exec ] || exit 5
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + [ -f $config ] || exit 6
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo -n $"Starting $prog: "
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + daemon $exec -d -c "$config" -P "$pidfile" -i "$interval" -s "$splay" "$options"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + retval=$?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + [ $retval -eq 0 ] && touch $lockfile
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + return $retval
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +stop() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo -n $"Stopping $prog: "
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + killproc -p $pidfile $exec
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + retval=$?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + [ $retval -eq 0 ] && rm -f $lockfile
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + return $retval
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +restart () {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + stop
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + start
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +reload() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo -n $"Reloading $prog: "
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + killproc -p $pidfile $exec -HUP
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + retval=$?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + return $retval
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +force_reload() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + restart
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +rh_status() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + # run checks to determine if the service is running or use generic status
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + status -p $pidfile $prog
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +rh_status_q() {
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status >/dev/null 2>&1
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +}
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +case "$1" in
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + start)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status_q && exit 0
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + $1
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + stop)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status_q || exit 0
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + $1
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + restart)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + $1
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + reload)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status_q || exit 7
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + $1
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + force-reload)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + force_reload
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + status)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + condrestart|try-restart)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + rh_status_q || exit 0
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + restart
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + ;;
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + *)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com + exit 2
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +esac
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +exit $?
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change mode from '' to '0755'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * template[/etc/sysconfig/chef-client] action create
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - create new file /etc/sysconfig/chef-client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - update content in file /etc/sysconfig/chef-client from none to 6a32a6
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com --- /etc/sysconfig/chef-client 2017-02-05 07:31:21.504291855 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +++ /etc/sysconfig/.chef-chef-client20170205-3398-906dt5 2017-02-05 07:31:21.504291855 +0000
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com @@ -1 +1,15 @@
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Configuration file for the chef-client service
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +CONFIG=/etc/chef/client.rb
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +PIDFILE=/var/run/chef/client.pid
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +#LOCKFILE=/var/lock/subsys/chef-client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Sleep interval between runs.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# This value is in seconds.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +INTERVAL=300
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Maximum amount of random delay before starting a run. Prevents every client
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# from contacting the server at the exact same time.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# This value is in seconds.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +SPLAY=60
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +# Any additional chef-client options.
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com +OPTIONS=""
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - change mode from '' to '0644'
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[chef-client] action enable
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - enable service service[chef-client]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[chef-client] action start
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - start service service[chef-client]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: chef-client::delete_validation
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/etc/chef/validation.pem] action delete (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: sample-cookbook::default
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * yum_package[httpd] action install (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action enable (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[httpd] action start (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * group[web_admin] action create (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * linux_user[web_admin] action create (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * file[/var/www/html/index.html] action create (up to date)
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Recipe: chef-client::init_service
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com * service[chef-client] action restart
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com - restart service service[chef-client]
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers:
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Running handlers complete
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com Chef Client finished, 9/17 resources updated in 05 seconds
chef-clientがservice化されていることを確認
[root@chef-workstation chef-repo]# knife ssh 'role:web' 'sudo service chef-client status' -x ec2-user -i ~/.ssh/secret.pem
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com chef-client (pid 3847) is running...
[root@chef-workstation chef-repo]# knife ssh 'role:web' 'pgrep -lf chef' -x ec2-user -i ~/.ssh/secret.pem
ec2-52-199-96-52.ap-northeast-1.compute.amazonaws.com 3847 /opt/chef/embedded/bin/ruby --disable-gems /usr/bin/chef-client -d -c /etc/chef/client.rb -P /var/run/chef/client.pid -i 300 -s 60
[root@chef-workstation chef-repo]# knife status
4 minutes ago, chef-node, amazon 2016.09.
いぢょ。