Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Pulled updated Rakefile from https://github.com/opscode/chef-repo. Al…

…so added a few missing directories.. and README files.
commit 03f13634b7ff447ec4091c46a64b1ebaf6719211 1 parent 1fa4d00
@galstrom21 galstrom21 authored
View
14 Rakefile
@@ -18,18 +18,8 @@
# limitations under the License.
#
-have_chef=false
-
-
require 'rubygems'
-
-begin
- require 'chef'
- have_chef=true
-rescue Exception
-end
-
-
+require 'chef'
require 'json'
# Load constants from rake config file.
@@ -50,7 +40,7 @@ end
# Load common, useful tasks from Chef.
# rake -T to see the tasks this loads.
-load 'chef/tasks/chef_repo.rake' if have_chef
+load 'chef/tasks/chef_repo.rake'
desc "Bundle a single cookbook for distribution"
task :bundle_cookbook => [ :metadata ]
View
19 certificates/README.md
@@ -0,0 +1,19 @@
+Creating SSL certificates is a common task done in web application infrastructures, so a rake task is provided to generate certificates. These certificates are stored here by the ssl_cert task.
+
+Configure the values used in the SSL certificate by modifying `config/rake.rb`.
+
+To generate a certificate set for a new monitoring server, for example:
+
+ rake ssl_cert FQDN=monitoring.example.com
+
+Once the certificates are generated, copy them into the cookbook(s) where you want to use them.
+
+ cp certificates/monitoring.example.com.* cookbooks/COOKBOOK/files/default
+
+In the recipe for that cookbook, create a `cookbook_file` resource to configure a resource that puts them in place on the destination server.
+
+ cookbook_file '/etc/apache2/ssl/monitoring.example.com.pem'
+ owner 'root'
+ group 'root'
+ mode 0600
+ end
View
54 cookbooks/README.md
@@ -0,0 +1,54 @@
+This directory contains the cookbooks used to configure systems in your infrastructure with Chef.
+
+Knife needs to be configured to know where the cookbooks are located with the `cookbook_path` setting. If this is not set, then several cookbook operations will fail to work properly.
+
+ cookbook_path ["./cookbooks"]
+
+This setting tells knife to look for the cookbooks directory in the present working directory. This means the knife cookbook subcommands need to be run in the `chef-repo` directory itself. To make sure that the cookbooks can be found elsewhere inside the repository, use an absolute path. This is a Ruby file, so something like the following can be used:
+
+ current_dir = File.dirname(__FILE__)
+ cookbook_path ["#{current_dir}/../cookbooks"]
+
+Which will set `current_dir` to the location of the knife.rb file itself (e.g. `~/chef-repo/.chef/knife.rb`).
+
+Configure knife to use your preferred copyright holder, email contact and license. Add the following lines to `.chef/knife.rb`.
+
+ cookbook_copyright "Example, Com."
+ cookbook_email "cookbooks@example.com"
+ cookbook_license "apachev2"
+
+Supported values for `cookbook_license` are "apachev2", "mit","gplv2","gplv3", or "none". These settings are used to prefill comments in the default recipe, and the corresponding values in the metadata.rb. You are free to change the the comments in those files.
+
+Create new cookbooks in this directory with Knife.
+
+ knife cookbook create COOKBOOK
+
+This will create all the cookbook directory components. You don't need to use them all, and can delete the ones you don't need. It also creates a README file, metadata.rb and default recipe.
+
+You can also download cookbooks directly from the Opscode Cookbook Site. There are two subcommands to help with this depending on what your preference is.
+
+The first and recommended method is to use a vendor branch if you're using Git. This is automatically handled with Knife.
+
+ knife cookbook site install COOKBOOK
+
+This will:
+
+* Download the cookbook tarball from cookbooks.opscode.com.
+* Ensure its on the git master branch.
+* Checks for an existing vendor branch, and creates if it doesn't.
+* Checks out the vendor branch (chef-vendor-COOKBOOK).
+* Removes the existing (old) version.
+* Untars the cookbook tarball it downloaded in the first step.
+* Adds the cookbook files to the git index and commits.
+* Creates a tag for the version downloaded.
+* Checks out the master branch again.
+* Merges the cookbook into master.
+* Repeats the above for all the cookbooks dependencies, downloading them from the community site
+
+The last step will ensure that any local changes or modifications you have made to the cookbook are preserved, so you can keep your changes through upstream updates.
+
+If you're not using Git, use the site download subcommand to download the tarball.
+
+ knife cookbook site download COOKBOOK
+
+This creates the COOKBOOK.tar.gz from in the current directory (e.g., `~/chef-repo`). We recommend following a workflow similar to the above for your version control tool.
View
63 data_bags/README.md
@@ -0,0 +1,63 @@
+Data Bags
+---------
+
+This directory contains directories of the various data bags you create for your infrastructure. Each subdirectory corresponds to a data bag on the Chef Server, and contains JSON files of the items that go in the bag.
+
+First, create a directory for the data bag.
+
+ mkdir data_bags/BAG
+
+Then create the JSON files for items that will go into that bag.
+
+ $EDITOR data_bags/BAG/ITEM.json
+
+The JSON for the ITEM must contain a key named "id" with a value equal to "ITEM". For example,
+
+ {
+ "id": "foo"
+ }
+
+Next, create the data bag on the Chef Server.
+
+ knife data bag create BAG
+
+Then upload the items in the data bag's directory to the Chef Server.
+
+ knife data bag from file BAG ITEM.json
+
+
+Encrypted Data Bags
+-------------------
+
+Added in Chef 0.10, encrypted data bags allow you to encrypt the contents of your data bags. The content of attributes will no longer be searchable. To use encrypted data bags, first you must have or create a secret key.
+
+ openssl rand -base64 512 > secret_key
+
+You may use this secret_key to add items to a data bag during a create.
+
+ knife data bag create --secret-file secret_key passwords mysql
+
+You may also use it when adding ITEMs from files,
+
+ knife data bag create passwords
+ knife data bag from file passwords data_bags/passwords/mysql.json --secret-file secret_key
+
+The JSON for the ITEM must contain a key named "id" with a value equal to "ITEM" and the contents will be encrypted when uploaded. For example,
+
+ {
+ "id": "mysql",
+ "password": "abc123"
+ }
+
+Without the secret_key, the contents are encrypted.
+
+ knife data bag show passwords mysql
+ id: mysql
+ password: 2I0XUUve1TXEojEyeGsjhw==
+
+Use the secret_key to view the contents.
+
+ knife data bag show passwords mysql --secret-file secret_key
+ id: mysql
+ password: abc123
+
View
5 environments/README.md
@@ -0,0 +1,5 @@
+Requires Chef 0.10.0+.
+
+This directory is for Ruby DSL and JSON files for environments. For more information see the Chef wiki page:
+
+http://wiki.opscode.com/display/chef/Environments
View
16 roles/README.md
@@ -0,0 +1,16 @@
+Create roles here, in either the Role Ruby DSL (.rb) or JSON (.json) files. To install roles on the server, use knife.
+
+For example, create `roles/base_example.rb`:
+
+ name "base_example"
+ description "Example base role applied to all nodes."
+ # List of recipes and roles to apply. Requires Chef 0.8, earlier versions use 'recipes()'.
+ #run_list()
+ # Attributes applied if the node doesn't have it set already.
+ #default_attributes()
+ # Attributes applied no matter what the node has set already.
+ #override_attributes()
+
+Then upload it to the Chef Server:
+
+ knife role from file roles/base_example.rb
Please sign in to comment.
Something went wrong with that request. Please try again.