cookbook 'cloudpassage', '~> 4.0.4'
cloudpassage
(25) Versions
4.0.4
-
Follow8
Installs/Configures CloudPassage Halo
cookbook 'cloudpassage', '~> 4.0.4', :supermarket
knife supermarket install cloudpassage
knife supermarket download cloudpassage
cloudpassage Cookbook
Version: 4.0.4
Author: CloudPassage
Feedback: toolbox@cloudpassage.com
Scope
This cookbook installs and upgrades CloudPassage Halo on Windows, Debian-based
(Debian, Ubuntu) and RHEL-based (RHEL, CentOS, Oracle) operating systems.
This cookbook supports installation by resource, which is the preferred method.
Optionally, you can also use the default recipe, but you'll need to provide configuration
information via attributes or data bag.
Requirements and dependencies
Tested and Supported Platforms
- Ubuntu 14.04, 16.04
- CentOS 6.7, 7.1
- Debian 8
- RHEL 7.3
- Amazon Linux 2015.09, 2016.09, 2017.03
- Windows Server 2012R2
Chef versions used in testing
- 14.3
- 14.2
- 14.1
- 14.0
- 13.9
- 13.8
- 13.7
- 13.6
- 13.5
- 13.4
- 13.3
- 13.1
- 13.0
- 12.22
- 12.21
- 12.19
- 12.18
- 12.17
- 12.16
- 12.15
- 12.14
Recipe cloudpassage::default usage:
The following attributes are configurable via the attributes/default.rb file:
default['cloudpassage']['agent_key'] # Key used for agent registration
default['cloudpassage']['grid_url'] # Normally https://grid.cloudpassage.com/grid
default['cloudpassage']['linux_agent_version'] # Force a specific version of the Halo agent.
default['cloudpassage']['azure_id'] # Used to build server label as azureid_hostname. If server_label field is defined, that will take precendence.
default['cloudpassage']['proxy_host']
default['cloudpassage']['proxy_port']
default['cloudpassage']['proxy_user']
default['cloudpassage']['proxy_password']
default['cloudpassage']['read_only'] # Start the agent in read-only mode
default['cloudpassage']['server_tag'] # Used for server group association
default['cloudpassage']['server_label'] # Manually-defined label for server.
default['cloudpassage']['dns'] # Disable agent DNS lookup
default['cloudpassage']['windows_installer_protocol'] # Used in building the Windows package install string
default['cloudpassage']['windows_installer_port'] # Port component of windows installer url
default['cloudpassage']['windows_installer_host'] # Host portion of Windows installer URL
default['cloudpassage']['windows_installer_path'] # Path to Windows installer
default['cloudpassage']['windows_installer_file_name'] # Name of Windows installer executable
default['cloudpassage']['apt_repo_url'] # Apt repo URL for CloudPassage Halo
default['cloudpassage']['apt_repo_distribution']
default['cloudpassage']['apt_repo_components']
default['cloudpassage']['yum_repo_url'] # Apt repo URL for CloudPassage Halo
default['cloudpassage']['apt_key_url']
default['cloudpassage']['yum_key_url']
The default recipe is very versatile, and under most circumstances you will not
need to configure much more than the agent_key
and server_tag
node
attributes. But if you want to go nuts with it, the functionality is there.
The following configuration options, if delivered in an encrypted data bag, will
override the defaults in the attributes file:
agent_key
proxy_user
proxy_password
Agent Upgrade
The Linux halo version of the agent will be updated to the latest by default. If the version of the halo agent is not the latest on your node, bootstrapping the node again will update its agent version to the latest.
The Windows halo version does not update automatically, the specific windows agent version must be specified in attributes/default.rb file.
Edit the following parameter's value (For Example):
```
default['cloudpassage']['windows_installer_file_name'] = 'cphalo-4.1.3-win64.exe'
## Resource cloudpassage_agent usage:
The cloudpassage::default recipe calls the cloudpassage_agent resource with
action :install. You can call this resource directly from another recipe
as simply as:
cloudpassage_agent 'halo' do
agent_key AGENT_KEY_GOES_HERE
server_tag SERVER_TAG_GOES_HERE
action :install
end
The reconfigure action forces reconfiguration of the agent:
cloudpassage_agent 'halo' do
agent_key AGENT_KEY_GOES_HERE
server_tag SERVER_TAG_GOES_HERE
action :reconfigure
end
The remove action uninstalls the agent:
cloudpassage_agent 'halo' do
action :remove
end
Don't forget to add ```depends 'cloudpassage'``` to your metadata.rb file if
you're including the resource in another cookbook.
As with the recipe, you can accept almost all the defaults and rock and roll.
You don't even have to define the ```server_tag```, but you'll spend a lot of
time manually organizing your hosts in the CloudPassage Halo portal if you
don't.
For your reading pleasure, here is an exhaustive list of properties for the
cloudpassage_halo resource:
| What it is | What it does |
|-----------------------------|-----------------------------------------------------------------------------------------|
| agent_key | You MUST define this. The default value will not register. |
| grid_url | Only override this if you're running on your own grid. |
| linux_agent_version | This forces a specific version of the Linux agent. |
| azure_id | This is a user-defined string that is combined with the hostname to serve as a label |
| proxy_host | Tells the agent to use a proxy |
| proxy_port | Defines the port for the proxy |
| proxy_user | Define a username for proxy use |
| proxy_password | Define a password for proxy use |
| read_only | Set to ```true``` to run the agent in audit mode |
| server_tag | This determines group placement on agent activation |
| server_label | This is a user-defined string that supersedes the hostname when rendered in the portal. |
| dns | Set this to ```false``` to disable DNS resolution by the agent. |
| windows_installer_protocol | Used for assembling the URL for the Windows installer. |
| windows_installer_port | Used for assembling the URL for the Windows installer. |
| windows_installer_host | Used for assembling the URL for the Windows installer. |
| windows_installer_path | Used for assembling the URL for the Windows installer. |
| windows_installer_file_name | Used for assembling the URL for the Windows installer. |
| apt_repo_url | Only change this if you're running your own repository. |
| apt_repo_distribution | Only change this if you're running your own repository. |
| apt_repo_components | Only change this if you're running your own repository. |
| yum_repo_url | Only change this if you're running your own repository. |
| apt_key_url | Only change this if you're running your own repository. |
| yum_key_url | Only change this if you're running your own repository. |
Note: If the repo URL is configured as an empty string, the recipe will not
attempt to add the appropriate CloudPassage repository on the node.
Dependent cookbooks
compat_resource >= 12.14.3 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
CHANGELOG for cloudpassage
0.1.0:
- Initial release of cloudpassage_linux
0.2.0:
- Added support for proxy in Halo startup options
- Changed to using platform_family instead of platform and lists of OSes for determining which pkg mgr to use
- Added logic to print platform and platform version, as a reference by which to create logic to set server tag based on OS/ver
- Moved repo and repo key variables to attributes, to make it easier for those who run private mirrors.
0.3.0:
- Consolidating down into one recipe for all platforms (now just referred to as 'cloudpassage')
0.3.1:
- Corrected metadata.rb, populated README.md, corrected version in README.md
2.0.0:
- Re-work of entire cookbook. Provides cloudpassage_agent resource for installing agent.
2.1.0:
- Added compat_resource to enable chef-client 12.5.1 compatibility.
2.2.0:
Added linux_agent_version property to force specific version of Halo agent
Documentation improvements
Force failure on absence of agent key
Added rake task ec2 for style, spec, and ec2 checks (thanks @rgindes)
2.2.1:
- Corrected deprecated code ahead of Chef 13
2.2.2:
- Pinned deps in Rakefile
2.2.3:
- Pinned test-kitchen dependency
2.3.0:
- Added security group identifier to kitchen-ec2
2.3.1:
- Corrected variable name for security_group_ids
2.4.0:
- Allow use of user_data variable in ec2 testing
2.4.1:
- Pinning more vars in Gemfile
2.4.2:
- Corrected versions in metadata.rb
2.5.0:
Support Amazon Linux 2015.09 (improve override for svc manager), include in kitchen-ec2 config. (203)
Increased concurrency (207)
Added linux agent version to kitchen_ec2 config (208)
Override retryable_tries in kitchen-ec2 config to accommodate occasionally slow Windows provisioning
2.6.0:
Agent does not restart every time LWRP is run, only if calling :reconfigure
Added :reconfigure and :remove actions
3.0.0:
Added reconfigure and remove actions to the LWRP
Update default agent version to 3.7.8
Update Solorunner to ServerRunner
Update Yum dependency to be >= 3.8.0
Added ChefDK testcases up through version 17.17
3.0.1:
- Restricted compat_resource version to be >=12.14.3
3.0.2:
- Restricted nio4r to be ~>1.2.1. latest nio4r only supports ruby 2.2.2+
3.0.3:
Update Linux agent version to 3.9.5
Update Windows agent version to 3.9.7
3.0.4:
- Set up Dockerfile to test windows and linux instances with the latest agents
3.0.5:
- Update Windows and Linux repo/key urls to production.packages
3.0.6:
- Update Windows and Linux repo/key to resources/agent.rb
3.0.7
Update Windows and Linux Version to 4.0.0
Support Amazon linux
3.0.8
Update Windows/Linux Version to 4.0.1
4.0.1 agent has silent service enabled.
4.0.0
BREAKING CHANGE
Chef-client 12.9+ is now required
Ruby 2.3.3+ is now required
apt and yum cookbooks not necessary
Chef DK version >= 1.4.3
Rspec version >= 3.5
4.0.1
- Added S3 travis daily deployment integration testing
4.0.2
- Update Agent version to 4.1.1 (Linux) and 4.1.0 (Windows)
4.0.3
- Update Agent version to 4.1.6 (Linux) and 4.1.3 (Windows)
- Update vulnerable Gem rubocop to 0.39.0
- Update Deprecated Use of property_name inside of actions
4.0.4
- Remove s3.rb
- Update default agent for installation and testing to 4.2.4-1
- Remove EOL OSes Debian 7 and Ubuntu 12.04 from testing matrix
- Expand testing matrix in .travis.yml
- Re-structure testing
- Windows testing disabled until Busser is fixed
Collaborator Number Metric
4.0.4 passed this metric
Contributing File Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
4.0.4 failed this metric
FC092: Custom resources should not define actions: cloudpassage/resources/agent.rb:1
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:11
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:14
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
4.0.4 failed this metric
Failure: Cookbook should not contain binaries. Found:
cloudpassage/ci_cloudpassage_chef_cookbook.pem.enc
Testing File Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
4.0.4 passed this metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
4.0.4 failed this metric
FC092: Custom resources should not define actions: cloudpassage/resources/agent.rb:1
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:11
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:14
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
4.0.4 failed this metric
Failure: Cookbook should not contain binaries. Found:
cloudpassage/ci_cloudpassage_chef_cookbook.pem.enc
Testing File Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
4.0.4 failed this metric
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:11
FC117: Do not use kind_of in custom resource properties: cloudpassage/resources/agent.rb:14
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
4.0.4 failed this metric
Failure: Cookbook should not contain binaries. Found:
cloudpassage/ci_cloudpassage_chef_cookbook.pem.enc
Testing File Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
4.0.4 failed this metric
4.0.4 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number