Context Navigation

Changes between Version 12 and Version 13 of ChefonDETER

Timestamp:: Jul 15, 2014 3:09:29 PM (10 years ago)
Author:: Geoff Lawler
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

ChefonDETER

-                      v12
+                      v13
 {{{
 users$ ssh server
 server$ # if you don't want to hammer NFS, copy deb to /tmp first.
 server$ sudo dpkg -i /share/chef/chef-server_11.0.12-1.ubuntu.12.04_amd64.deb
 server$ sudo chef-server-ctl reconfigure
 server$ sudo chef-server-ctl test
+[users:~]$ ssh server
+[server:~]$ # if you don't want to hammer NFS, copy deb to /tmp first.
+[server:~]$ sudo dpkg -i /share/chef/chef-server_11.0.12-1.ubuntu.12.04_amd64.deb
+[server:~]$ sudo chef-server-ctl reconfigure
+[server:~]$ sudo chef-server-ctl test
 }}}
 …
 Install Chef software:
 {{{
 users$ ssh workstation
 workstation$ sudo dpkg -i /share/chef/chef_11.10.4-1.ubuntu.12.04_amd64.deb
 workstation$ chef-client -v                # test - should show version.
+[users:~]$ ssh workstation
+[workstation:~]$ sudo dpkg -i /share/chef/chef_11.10.4-1.ubuntu.12.04_amd64.deb
+[workstation:~]$ chef-client -v                # test - should show version.
 }}}
 Install git and the chef-repo:
 {{{
 workstation$ sudo apt-get install -y git   # chef uses git.
 workstation$ sudo chmod g+w /local
 workstation$ cd /local
 workstation$ git clone /share/chef/chef-repo
 workstation$ cd chef-repo
+[workstation:~]$ sudo apt-get install -y git   # chef uses git.
+[workstation:~]$ sudo chmod g+w /local
+[workstation:/local]$ cd /local
+[workstation:/local]$ git clone /share/chef/chef-repo
+[workstation:/local/chef-repo]$ cd chef-repo
 }}}
 …
 {{{
+workstation$ cd /local/chef-repo
+workstation$ mkdir .chef
+workstation$ # copy keys!
+workstation$ ssh server sudo cat /etc/chef-server/admin.pem > .chef/admin.pem
+workstation$ ssh server sudo cat /etc/chef-server/chef-validator.pem  > .chef/chef-validator.pem
+workstation$ # use knife to configure the account/workstation
+workstation$ knife configure --initial
+[workstation:/local/chef-repo]$ mkdir .chef
+[workstation:/local/chef-repo]$ # copy keys!
+[workstation:/local/chef-repo]$ ssh server sudo cat /etc/chef-server/admin.pem > .chef/admin.pem
+[workstation:/local/chef-repo]$ ssh server sudo cat /etc/chef-server/chef-validator.pem  > .chef/chef-validator.pem
+[workstation:/local/chef-repo]$ # use knife to configure the account/workstation
+[workstation:/local/chef-repo]$ knife configure --initial
 }}}
 Answer the questions, substituting in your uid and server's control-net FQDN. A sample run is shown here:
 {{{
 workstation$ knife configure --initial
+[workstation:/local/chef-repo]$ knife configure --initial
 WARNING: No knife configuration file found
 Where should I put the config file? [/users/glawler/.chef/knife.rb] /local/chef-repo/.chef/knife.rb
 …
 Created user[glawler]
 Configuration file written to /local/chef-repo/.chef/knife.rb
 workstation$ # Validate server connection and user.
 workstation$ knife user list
+[workstation:/local/chef-repo]$ # Validate server connection and user.
+[workstation:/local/chef-repo]$ knife user list
 admin
 glawler
 workstation$
+[workstation:/local/chef-repo]$
 }}}
 …
 Push the local roles and recipes to the chef server.
 {{{
+workstation$ cd /local/chef-repo
+workstation$ knife cookbook upload hostsfile deter_node
+[workstation:/local/chef-repo]$ knife cookbook upload hostsfile deter_node
 Uploading hostsfile    [2.4.4]
 Uploading deter_node   [0.1.1]
 Uploaded 2 cookbooks.
 workstation$ knife role from file roles/deter_node.rb
+[workstation:/local/chef-repo]$ knife role from file roles/deter_node.rb
 Updated Role deter_node!
 workstation$ # Confirm things are OK.
 workstation$ knife cookbook list
+[workstation:/local/chef-repo]$ # Confirm things are OK.
+[workstation:/local/chef-repo]$ knife cookbook list
 deter_node   0.1.1
 hostsfile    2.4.4
 workstation$ knife role list
+[workstation:/local/chef-repo]$ knife role list
 deter_node
 workstation$
+[workstation:/local/chef-repo]$
 }}}
 Push testbed specific information to the chef server. The {{{deter_user}}} recipes look for this information to get testbed-specific instantiation information, like the name of the boss machine or which file systems to mount. Chef calls these collections of data, "data bags". We first create a named data bag, "testbed-defs" then populate it with the testbed-specific information.
+Push testbed specific information to the chef server. The {{{deter_user}}} recipes look for this information to get testbed-specific instantiation information, like the name of the boss machine or which file systems to mount. Chef calls these collections of data, "data bags". We first create a named data bag, "testbed-defs" then populate it with the testbed-specific information. There is currently only testbed information for Emulab-in-Emulab experiments, but a similar set of data would be created for each testbed instantiation. This data is stored in a git repo and pushed to a chef server. It can be edited via {{{knife}}} or a standard editor and updated in real time if need be.
 {{{
+workstation$ cd /local/chef-repo
+workstation$ knife data bag create testbed-defs
+workstation$ # We only have an emulab-in-emulab data bag defined right now.
+workstation$ knife data bag from file testbed-defs data_bags/testbed-defs/eine.json
+workstation$ knife data bag show testbed-defs eine
+[workstation:/local/chef-repo]$ knife data bag create testbed-defs
+[workstation:/local/chef-repo]$ # We only have an emulab-in-emulab data bag defined right now.
+[workstation:/local/chef-repo]$ knife data bag from file testbed-defs data_bags/testbed-defs/eine.json
+[workstation:/local/chef-repo]$ knife data bag show testbed-defs eine
 binary_store_path: binaries
 bossnode:          myboss.eine.deter.isi.deterlab.net
 …
 userdir:           /users
 usernode:          myops.eine.deter.isi.deterlab.net
 workstation$
+[workstation:/local/chef-repo]$
 }}}
 If you look at {{{cookbooks/deter_node/libraries/node_info.rb}}} you can see the recipe code that references this information.
 We are now going to use {{{knife}}} to bootstrap Chef unto a client machine. The usual Chef assumes internet connectivity and asks you to download a script and pipe it to {{{sudo}}} on the client. We will not be doing that.
+We are now going to use {{{knife}}} to bootstrap Chef unto a client machine. The usual Chef assumes internet connectivity and asks you to download a script and pipe it to {{{sudo}}} on the client. We will not be doing that. {{{knife}}} understands custom install scripts so we'll give it one that is specific for our Ubuntu 12.04, non-internet connected test node. Take a look at {{{users:/share/chef/ubuntu12.04-deb.erb}}} if you're interested. {{{knife}}} will look in .chef/bootstrap for "distro" specific install files. We create the erb file and pass its name to the knife bootstrap command via the {{{--distro}}} argument.
 {{{
+> cd /local/chef-repo
+> mkdir .chef/bootstrap
+> cp /share/chef/ubuntu12.04-deb.erb .chef/bootstrap
+[workstation:/local/chef-repo]$ mkdir .chef/bootstrap
+[workstation:/local/chef-repo]$ cp /share/chef/ubuntu12.04-deb.erb .chef/bootstrap
 }}}
 The bootstrap usually grabs the package file from the internet. We give {{{chef}}} a custom bootstrap script that looks for it at {{{users:8523}}}. This means something on {{{users}}} must be listening on port 8523 and understand how to serve files via HTTPS. We use python for this. On {{{users}}}, cd to /share/chef and run {{{python -m SimpleHTTPServer 8523}}}. This starts a simple HTTP server on port 8523. If you want to run on your local server instead edit the file {{{/local/chef-repo/.chef/bootstrap/ubuntu12.04-deb.erb}}}, set the {{{SERVER}}} variable to the control net FQDN/ip address of your server and run the python simple server there.
+The bootstrap usually grabs the platform specific package (deb, yum, gem, etc) file from the internet. We give {{{chef}}} a custom bootstrap script that looks for it at {{{users:8523}}}. This means something on {{{users}}} must be listening on port 8523 and understand how to serve files via HTTPS. We use python for this. On {{{users}}}, cd to /share/chef and run {{{python -m SimpleHTTPServer 8523}}}. This starts a simple HTTP server on port 8523. If you want to run on your local server instead edit the file {{{/local/chef-repo/.chef/bootstrap/ubuntu12.04-deb.erb}}}, set the {{{SERVER}}} variable to the control net FQDN/ip address of your server and run the python simple server there.
 Now run the bootstrap command to install and configure chef on the client. {{{$NODE}}} is the control net name of the client node, like {{{pc33.isi.deterlab.net}}} and {{{$USER}}} if your sudo-able user name, like {{{glawler}}} or {{{faber}}}.
 {{{
 > knife bootstrap $NODE -x $USER --sudo --distro ubuntu12.04-deb
+[workstation:/local/chef-repo]$ knife bootstrap pc33.isi.deterlab.net -x $USER --sudo --distro ubuntu12.04-deb
 }}}
 …
  * {{{mounts}}}: look in the appropriate "data bag" for the test bed type the client is running on and mount the file systems found there. See {{{/local/chef-repo/data_bags/testbed-defs/eine.json}}} for a sample emulab-in-emulab testbed-specific configuration. (These testbed specific data bags take the place of the compile time *.DEF files in the testbed source tree.)
 === Chef Client(s) ===
+=== Chef Client(s) Installation/Configuration ===
 These machines should be different than the server and workstation. There are three ways to install chef on a client. 1) simply use whatever package system exists for the client OS and install the chef software. 2) Use a chef workstation to push platform specific chef software to the client that installs and configures it. 3) Use the chef supplied script that reaches out to the internet and executes arbitrary commands on the machine as root. We will use method 2) to give a flavor of installing chef by force on unsuspecting nodes on DETER (as this is the most flexible and useful installation method in the DETER context).