From 6f0a7f685d0e6d0510671efc304a38c45f00d67c Mon Sep 17 00:00:00 2001 From: Josh Bronson Date: Wed, 6 Aug 2014 15:52:53 -0500 Subject: [PATCH] feature: custom metlife stuff - templatized client.rb.erb - removed ec2 hints from bootstrap script - configurable http/https proxy for Chef - no longer pulling down gpg key for chef opscode apt repo. doesn't seem to be needed and breaks the bootstrap Change-Id: I492cb039f7d82df099748607d30308aa9e4e803c --- config/client.rb.erb | 76 +++++++++++++++++++ .../knife/bootstrap/ubuntu12.04-ironfan.erb | 14 ++-- lib/chef/knife/cluster_show.rb | 8 ++ lib/ironfan/broker/computer.rb | 6 +- lib/ironfan/dsl/cloud.rb | 2 + 5 files changed, 97 insertions(+), 9 deletions(-) create mode 100644 config/client.rb.erb diff --git a/config/client.rb.erb b/config/client.rb.erb new file mode 100644 index 00000000..d9001689 --- /dev/null +++ b/config/client.rb.erb @@ -0,0 +1,76 @@ +require "ohai" +require "json" + +# +# Load configuration +# + +def merge_safely hsh + hsh.merge!( yield ) rescue Mash.new +end + +def create_file_if_empty(filename, str) + unless File.exists?(filename) + puts "Populating #{filename}" ; + File.open(filename, "w", 0600){|f| f.puts(str) } + end +end + +def present?(config, key) + not config[key].to_s.empty? +end + +# Start with a set of defaults +chef_config = Mash.new + +merge_safely(chef_config) do + { + 'chef_server' => '<%= @chef_config[:chef_server_url] %>', + 'organization' => '<%= @chef_config[:organization] %>', + 'client_key' => "<%= @client_key %>", + 'node_name' => '<%= @server.full_name %>', + 'realm_name' => '<%= @server.realm_name %>', + 'cluster_name' => '<%= @server.cluster_name %>', + 'facet_name' => '<%= @server.facet_name %>', + 'facet_index' => '<%= @server.name %>', + } +end + +# +# Configure chef run +# + +log_level :info +log_location STDOUT +node_name chef_config["node_name"] if chef_config["node_name"] +chef_server_url chef_config["chef_server"] if chef_config["chef_server"] +validation_client_name chef_config["validation_client_name"] if chef_config["validation_client_name"] +validation_key "/etc/chef/validation.pem" +client_key "/etc/chef/client.pem" +node_attrs_file "/etc/chef/first-boot.json" + +<%- if @server.selected_cloud.chef_http_proxy %> +http_proxy '<%= @server.selected_cloud.chef_http_proxy %>' +<%- end %> + +<%- if @server.selected_cloud.chef_http_proxy %> +https_proxy '<%= @server.selected_cloud.chef_https_proxy %>' +<%- end %> + + +# If the client file is missing, write the validation key out so chef-client can register +unless File.exists?(client_key) + if present?(chef_config, "client_key") then create_file_if_empty(client_key, chef_config["client_key"]) + elsif present?(chef_config, "validation_key") then create_file_if_empty(validation_key, chef_config["validation_key"]) + else warn "Yikes -- I have no client key or validation key!!" + end +end + +reduced_chef_config = chef_config.reject{|k,v| k.to_s =~ /(_key|run_list)$/ } +unless File.exists?(node_attrs_file) + create_file_if_empty(node_attrs_file, JSON.pretty_generate(reduced_chef_config)) +end +json_attribs node_attrs_file + +Chef::Log.debug(JSON.generate(chef_config)) +Chef::Log.info("=> chef client #{node_name} on #{chef_server_url} in cluster +#{chef_config["cluster_name"]}+") diff --git a/lib/chef/knife/bootstrap/ubuntu12.04-ironfan.erb b/lib/chef/knife/bootstrap/ubuntu12.04-ironfan.erb index 2aa55f18..8011c175 100644 --- a/lib/chef/knife/bootstrap/ubuntu12.04-ironfan.erb +++ b/lib/chef/knife/bootstrap/ubuntu12.04-ironfan.erb @@ -17,9 +17,12 @@ set -e echo "deb http://apt.opscode.com/ `lsb_release -cs`-0.10 main" | sudo tee /etc/apt/sources.list.d/opscode.list # Make sure that opscode chef is on the apt repo list. -sudo mkdir -p /etc/apt/trusted.gpg.d -gpg --keyserver keys.gnupg.net --recv-keys 83EF826A -gpg --export packages@opscode.com | sudo tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null + +# This key no longer seems to exist? Removing it doesn't seem to hurt +# anything. -- Josh +# sudo mkdir -p /etc/apt/trusted.gpg.d +# gpg --keyserver keys.gnupg.net --recv-keys 83EF826A +# gpg --export packages@opscode.com | sudo tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null date > /etc/box_build_time @@ -102,11 +105,6 @@ cat <<'EOP' EOP ) > /etc/chef/first-boot.json -# Ensure that EC2 images are recognized even inside VPC -mkdir -p /etc/chef/ohai/hints/ -touch /etc/chef/ohai/hints/ec2.json - - echo -e "`date` \n\n**** \n**** Adding chef client nonce script:\n****\n" cat > /etc/init.d/chef-client-nonce <<'EOP' diff --git a/lib/chef/knife/cluster_show.rb b/lib/chef/knife/cluster_show.rb index 9954e1d7..3836cf94 100644 --- a/lib/chef/knife/cluster_show.rb +++ b/lib/chef/knife/cluster_show.rb @@ -59,6 +59,14 @@ def _run def dump_computer(computer) header = "Computer #{computer.name} (#{computer.class})" + + #puts "--------------------------------------------------------------------------------" + #puts "client script" + #puts "--------------------------------------------------------------------------------" + #puts computer.chef_client_script_content + #puts "--------------------------------------------------------------------------------" + #puts "" + with_verbosity 1 do Chef::Log.info(header) diff --git a/lib/ironfan/broker/computer.rb b/lib/ironfan/broker/computer.rb index c409bea0..1ab3447d 100644 --- a/lib/ironfan/broker/computer.rb +++ b/lib/ironfan/broker/computer.rb @@ -146,7 +146,11 @@ def chef_client_script_content return @chef_client_script_content if @chef_client_script_content return unless cloud.chef_client_script script_filename = File.expand_path("../../../config/#{cloud.chef_client_script}", File.dirname(File.realdirpath(__FILE__))) - @chef_client_script_content = Ironfan.safely{ File.read(script_filename) } + @chef_config = Chef::Config + @client_key = File.read(Chef::Config[:client_key]).gsub("\n", "\\n") + @chef_client_script_content = Ironfan.safely do + Erubis::Eruby.new(File.read(script_filename)).evaluate(self) + end end # diff --git a/lib/ironfan/dsl/cloud.rb b/lib/ironfan/dsl/cloud.rb index 62d69191..e136b6ed 100644 --- a/lib/ironfan/dsl/cloud.rb +++ b/lib/ironfan/dsl/cloud.rb @@ -3,6 +3,8 @@ class Dsl class Cloud < Ironfan::Dsl magic :default_cloud, :boolean, :default => false + magic :chef_http_proxy, String + magic :chef_https_proxy, String # Factory out to subclasses def self.receive(obj, &block)