cookbook 'managed-chef-server', '= 0.12.0'
The managed-chef-server cookbook has been deprecated
Author provided reason for deprecation:
The managed-chef-server cookbook has been deprecated and is no longer being maintained by its authors. Use of the managed-chef-server cookbook is no longer recommended.
You may find that the managed_chef_server cookbook is a suitable alternative.
managed-chef-server (5) Versions 0.12.0 Follow1
Installs and configures a Chef server
cookbook 'managed-chef-server', '= 0.12.0', :supermarket
knife supermarket install managed-chef-server
knife supermarket download managed-chef-server
managed-chef-server
Deploys and configures the Chef server in a relatively stateless model.
Recipes
default
Install or restore the Chef Server in a new deployment, wrapping the Chef-Server cookbook. It looks for the existence of a knife-ec-backup tarball to restore from, configured with the node['mcs']['restore']['file']
attribute. It then creates a managed Chef organization and an org-managing admin user through the appropriate [attributes](attributes/default.rb#23).
backup
Runs knife ec backup
via cron. The default is 2:30am daily, but you may change the cron schedule via the following attributes.
node['mcs']['backup']['cron']['minute'] = '30'
node['mcs']['backup']['cron']['hour'] = '2'
node['mcs']['backup']['cron']['day'] = '*'
cron
Installs the Chef server with the Chef client configured to run via cron. This may be set to use --local-mode
, for when the Chef client has no other Chef server to contact. See the example [policyfiles/cron.rb](policyfile/cron.rb) and [kitchen.yml](kitchen.yml) for reference.
data_bag_loader
The node['mcs']['data_bags']['dir']
is compared against the existing data bags and creates and/or updates them as necessary. If the node['mcs']['data_bags']['prune']
attribute is true
then the data bags and their items are deleted as necessary.
legacy_loader
Takes the node['mcs']['cookbooks']['dir']
, node['mcs']['environments']['dir']
and node['mcs']['roles']['dir']
directories and loads whatever content is found into the local Chef server. If you want to use the same directory for the roles and environments the recipe can distinguish between JSON files. The cookbooks are expected to be tarballs in a directory, they will all be attempted to load via their Berksfile
or with knife
. For legacy cookbooks with multiple dependencies it may take multiple runs to load everything.
policyfile_loader
Takes the node['mcs']['policyfile']['dir']
and parses any .lock.json
files to determine which policyfile archives to load into the local Chef server. Policies will be assigned to the group designated by the node['mcs']['policyfile']['group']
attribute for the Chef server (_default
is the default). If the policy itself sets the node['mcs']['policyfile']['group']
attribute, the policy will be assigned to that group.
Testing
There is a [kitchen.yml](kitchen.yml) that may be used for testing with Vagrant. The [kitchen.vagrant.yml](kitchen.vagrant.yml) may be symlinked as kitchen.local.yml and used with local caches to speed up testing. If you want to use Docker, [kitchen.dokken.yml](kitchen.dokken.yml) may be used but it does not persist changes between runs and is thus not significantly faster (it's slower than Vagrant with caching). The following Suites map to example [policyfiles](policyfiles) that may be repurposed as necessary:
default
Tests simple installation and creation of the managed Chef user and organization.
restore
Restores the Chef server from a backup with policyfiles. kitchen verify restore
ensures the policyfiles were restored properly.
cron
Checks the chef-client is in the crontab
backup
Checks the backup script is in the crontab and backup directories are available.
data_bags
Adds loading data bags from the included [test](test) directory. It restores from a previous data bag backup to ensure pruning and updating work.
policyfile
Adds loading policyfiles from the included [test](test) directory.
legacy
Adds loading cookbooks, environments and roles from the included [test](test) directory.
everything
Installs the Chef server, restores from a backup, attempts to load policyfiles (which are included in the restored backup) and adds backup via cron.
Attributes
The [default.rb](attributes/default.rb) attributes file documents available settings and tunings.
License and Authors
- Author: Matt Ray matt@chef.io
- Copyright 2018-2019, Chef Software, Inc
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Dependent cookbooks
chef-server ~> 5.5.2 |
chef-ingredient ~> 3.1.1 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
managed-chef-server CHANGELOG
This file is used to list changes made in each version of the managed-chef-server cookbook.
0.1.0
- Initial release.
- Installation and recovery of Chef server.
- Creation of managed organization and user for managing the server.
- Skeleton of tests.
0.2.0
- cookstyle cleanups
- example policyfiles for testing
- policyfile_loader recipe
0.3.0
- restore from backup works
- Chef 13.8.5 testing
0.3.1
- switch to config.rb from knife.rb
0.4.0
- refactor policyfiles for more straightforward testing
- backup scheduled via cron and attributes
- cron recipe for managing the chef-server with the chef-client under cron, with or without a policyfile archive
0.5.0
- legacy loader for cookbooks, environments, roles
- nginx as non-root (@chrisg-fastlane)
0.6.0
- legacy loader recipe supports Berkshelf
- fix some issues with the restore for the managed user
0.6.1
- legacy loader skip an empty cookbook list
0.6.2
- policyfile_loader now puts policyfiles in a _default policygroup as defined by an attribute.
0.7.0
- data_bag_loader recipe and tests
0.7.1
- [https://github.com/mattray/managed-chef-server-cookbook/issues/11](more retries built in with chef-server-ctl commands)
0.7.2
- [https://github.com/mattray/managed-chef-server-cookbook/issues/7](legacy_loader is now idempotent and validates .rb environments and roles)
0.8.0
- [https://github.com/mattray/managed-chef-server-cookbook/pull/17](added skipping the Chef Server pedant tests)
0.9.0
- Added support for policyfiles to set their policy group by setting the
['mcs']['policyfile']['group']
attribute
0.10.0
- Skip existing policies to speed up loading
- remove chefdk cookbook dependency in favor of directly using chef_ingredient
0.11.0
- Added private performance tuning recipe [_tuning.rb](recipes/_tuning.rb)
0.12.0
- lowered precedence of tuning attributes to default from overkill
- add the admin user to the org if it's missing, not just on a first create
- ensure the data bag directory exists when loading data bags
- [https://github.com/mattray/managed-chef-server-cookbook/pull/22](refactor to use rubyblocks instead of raw ruby in recipes, fixes race conditions)
BACKLOG
maintenance recipe
Maintaining the Chef server may involve periodically cleaning up stale nodes and unused policies. This is likely to use knife-tidy
and various chef
commands. Scheduling and implementation TBD.
- refactor into libraries to reduce Ruby in recipes
- refactor default recipe to split install and restores
- inspec for configuration checks inspec exec https://github.com/mattray/inspec-chef-server/tree/rhel --attrs=config.yml
Collaborator Number Metric
0.12.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.12.0 passed this metric
No Binaries Metric
0.12.0 passed this metric
Testing File Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.12.0 failed this metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.12.0 passed this metric
No Binaries Metric
0.12.0 passed this metric
Testing File Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.12.0 passed this metric
0.12.0 passed this metric
Testing File Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.12.0 failed this metric
0.12.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number