Monthly Archives: June 2012

Chef – Useful knife commands

Bootstrap

Bootstrap a chef-client system:
* This will login to 192.168.5.111 and login as jtran and run “chef-client” command with sudo and apply the recipe[ntp]
* you will be prompted for a password otherwise pass flag -P <PASSWORD>
$ knife bootstrap 192.168.5.111 -x jtran –sudo -r ‘recipe[ntp]’
Boostrap with a template file ( each OS needs their own bootstrap script )
$ knife bootstrap 192.168.5.111 -x jtran –sudo -r ‘recipe[ntp]’ –template-file ~/chef-repo/bootstrap/precise.rb
Bootstrap with proxy
$ knife bootstrap 192.168.5.111 –bootstrap-proxy http://proxyhost:3128 -x jtran –sudo  -r ‘recipe[ntp]’

Common Error:
Knife bootstrap: ERROR: TypeError: can’t convert false into String
This happens when knife can’t find the .chef directory in it’s current working directory, you should also be able to move to your ~/chef-repo directory to get around this error.

SSH

For help type:
knife ssh –help

-a = attribute that’s not FQDN ( example is ipaddress )
-x = username to login with
-P = password
-E = environment

This will ssh with the attribute: ipaddress ( default is to use hostname ) with user “root” and password “none” and execute for all system with role “webserver”
$ knife ssh -a ipaddress -x root -P none ‘role:webserver’ ‘uptime’

This is an example of a wildcard match for hosts in the chef-server database
$ knife ssh -a ipaddress -x root -P none ‘name:host1*’ ‘uptime’
‘name:host1*’  = query names that match host1*
‘uptime’ = command to run

The following would run chef client on all of your nodes
$ knife ssh ‘name:*’ ‘sudo chef-client’

The following would run chef client on all the nodes with the role “webapp”
$ knife ssh ‘role:webapp’ ‘sudo chef-client’

ssh to single node:
$ knife ssh ‘name:webserver01’ ‘sudo chef-client’

Run chef client on all nodes with role  “webapp” in environment “dev”
$ knife ssh -E dev ‘role:webapp’ ‘sudo chef-client’

Node Information

Get all the attributes of a node
$ knife node show nodename -a node

Get all the attributes of a certain attribute group
* example is you have attributes in your attributes/default.rb like default[:whynot][:zoidberg] = “woopwoop”
$ knife node show nodename -a whynot

Ruby – :Symbols and “Strings”

I’m no ruby expert.
Actually i only know enough to write a bit of chef recipes.
If you read enough chef recipes you’ll notice a syntax like the following occur often

default[:mario][:powerup] = "mushroom"

and sometimes you’ll see it as

default["luigi"]["powerup"] = "fireflower"

So what’s the difference?

SYMBOL

A symbol is immutable. This means you’re not reassigning values to it later. It stays as is, like a hillbilly in a trailer home.
:bowser

STRING

A string is mutable. This means you can keep changing the value of it on the fly. Like a gigolo in a bad economy.
“bowser”
 

All of this information was stolen from another extremely useful and thorough blog at: www.robertsosinski.com
He’s exponentially better at explaining this than i am.

Chef – Simple Cookbook Example

* this assumes your cookbook home is ~/chef-repo/cookbooks

$ knife create cookbook mytomcat
$ vi ~/chef-repo/cookbooks/mytomcat/recipes/default.rb

#
# Cookbook Name:: mytomcat
# Recipe:: default

#
# Copyright 2012, James Tran
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

 # This allows chef to create users and their passwords
gem_package "ruby-shadow" do
  action :install
end

# Create a unix group
group "webadmin" do
     gid 100001
end

# To create an encrypted password use the following:
# openssl passwd -1 "theplaintextpassword"

# Create a unix user
user "webadmin" do
     comment "Web Administrator"
     uid 10001
     gid "web"
     home "/home/webadmin"
     shell "/bin/bash"
     password "$1$2QYepl2p$.7ckFmevVtpBZpokJCuSd."
end

# Create a directory
directory "/opt/apps/" do
     owner "webadmin"
     group "web"
     mode "0755"
     action :create
     recursive true
end

# Run a bash shell -  download and extract tomcat
bash "install_tomcat" do
     user "root"
     cwd "/opt/apps"
     code <<-EOH
       wget http://mirrors.ibiblio.org/apache/tomcat/tomcat-7/v7.0.27/bin/apache-tomcat-7.0.27.tar.gz
       tar -xzf apache-tomcat-7.0.27.tar.gz
       chown -R webadmin:webadmin /opt/apps
     EOH
     not_if "test -d /opt/apps/apache-tomcat-7.0.27"
end

Chef-Solo – How to run a cookbook

*requires: base installation of debian or ubuntu

Install Ruby and Chef

Ubuntu:

$ apt-get install ruby1.9.1 rubygems1.9.1 chef git -y

Debian:

$ echo "gem: --bindir=/usr/bin --no-ri --no-rdoc" >> /etc/gemrc
$ apt-get install ruby1.9.1 rubygems1.8 git-core -y >> gem install chef
$ echo "PATH=\$PATH:$GEMDIR" >> ~/.bashrc

Create your cookbook directory and copy cookbooks into it

$ mkdir -p /root/chef-solo/cookbooks && cd /root/chef-solo/cookbooks
$ git clone https://github.com/opscode-cookbooks/ntp.git

Create “solo.rb”

$ cat>solo.rb<<EOF
file_cache_path "/root/chef-solo"
cookbook_path "/root/chef-solo/cookbooks"
EOF

Create “solo.json”

$ cat>solo.json<<EOF
{
  "run_list": [ "recipe[ntp::default]" ]
}
EOF

Run Chef Solo

$ chef-solo -c solo.rb -j solo.json
Example output:
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: *** Chef 10.12.0 ***
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Setting the run_list to ["recipe[ntp::default]"] from JSON
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Run List is 
]
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Run List expands to [ntp::default]
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Starting Chef Run for ubuntu01.home
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Running start handlers
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Start handlers complete.
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Processing package[ntpdate] action install (ntp::default line 24)
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Processing template[/etc/default/ntpdate] action create (ntp::default line 28)
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: template[/etc/default/ntpdate] backed up to /var/chef/backup/etc/default/ntpdate.chef-20120623030358
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: template[/etc/default/ntpdate] mode changed to 644
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: template[/etc/default/ntpdate] updated content
[Sat, 23 Jun 2012 03:03:58 +0000] INFO: Processing package[ntp] action install (ntp::default line 35)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: package[ntp] installed version 1:4.2.6.p3+dfsg-1ubuntu3.1
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: Processing directory[/var/log/ntpstats/] action create (ntp::default line 57)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: Processing service[ntp] action enable (ntp::default line 64)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: Processing service[ntp] action start (ntp::default line 64)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: Processing template[/etc/ntp.conf] action create (ntp::default line 69)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: template[/etc/ntp.conf] backed up to /var/chef/backup/etc/ntp.conf.chef-20120623030409
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: template[/etc/ntp.conf] mode changed to 644
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: template[/etc/ntp.conf] updated content
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: template[/etc/ntp.conf] sending restart action to service[ntp] (delayed)
[Sat, 23 Jun 2012 03:04:09 +0000] INFO: Processing service[ntp] action restart (ntp::default line 64)
[Sat, 23 Jun 2012 03:04:11 +0000] INFO: service[ntp] restarted
[Sat, 23 Jun 2012 03:04:11 +0000] INFO: Chef Run complete in 12.81987 seconds
[Sat, 23 Jun 2012 03:04:11 +0000] INFO: Running report handlers
[Sat, 23 Jun 2012 03:04:11 +0000] INFO: Report handlers complete