はじめに
Chef Severを用いたBoxのプロビジョニング(前篇)~Chefサーバーを構築するでは、Chefサーバーを構築しましたので、後編は、Chefクライアントの構築方法とプロビジョニング方法を解説します。
Chefクライアントの構築
Chefクライアントは、Chefサーバーが管理するクライアント(ノード)です。
以下の手順で構築します。
-
クライアントVMの起動
Base VMを指定して、ChefクライアントVMを起動します。
今回は、本ブログで以前作成したubuntu-12.10-server-i386.boxを使用しています。VMの初期設定
$ mkdir -p ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386 && cd ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386 $ vagrant init chef-client-ubuntu-12.10-server-i386 $ vi Vagrantfile
punio@PAPA ~ $ mkdir -p ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386 && cd ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386 punio@PAPA ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386 $ vagrant init chef-client-ubuntu-12.10-server-i386 A `Vagrantfile` has been placed in this directory. You are now ready to `vagrant up` your first virtual environment! Please read the comments in the Vagrantfile as well as documentation on `vagrantup.com` for more information on using Vagrant. punio@PAPA ~/mybox/vagrant/chef-client-ubuntu-12.10-server-i386
VMの初期設定以外の手順は、サーバーVMと同一ですので割愛します。
-
クライアントVMの設定
NTPサーバーの導入
サーバーVM同様に、NTPサーバーの導入設定および、タイムゾーンをJSTに変更します。
ubuntuには、NTPサーバーが導入されていますので、サーバーVMの設定を参照して構成を変更して下さい。vagrant@ubuntu-12:~$ sudo rm /etc/localtime vagrant@ubuntu-12:~$ sudo ln -s /usr/share/zoneinfo/Asia/Tokyo /etc/localtime vagrant@ubuntu-12:~$ service --status-all 2>&1 | grep '+' [ + ] ntp [ + ] ssh vagrant@ubuntu-12:~$ sudo service ntp stop * Stopping NTP server ntpd [ OK ] vagrant@ubuntu-12:~$ sudo vi /etc/ntp.conf vagrant@ubuntu-12:~$ sudo service ntp start * Starting NTP server ntpd [ OK ] vagrant@ubuntu-12:~$
FQDNの登録
ホスト名にclient-ubuntu-12.10-i386.vagrantup.comを指定します。$ sudo vi /etc/hostname $ sudo hostname `cat /etc/hostname`
hostsの登録
Chefサーバーの名前解決ができるように、hostsに追加します。
$ echo -e "`ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | sed 's/addr://'` `hostname` `hostname -s`" | sudo tee -a /etc/hosts $ echo -e "192.168.0.161 chef-server.vagrantup.com chef-server" | sudo tee -a /etc/hostsvagrant@ubuntu-12:~$ ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | sed 's/addr://' 192.168.0.162 vagrant@ubuntu-12:~$ echo -e "192.168.0.162 `hostname` `hostname -s`" | sudo tee -a /etc/hosts sudo: unable to resolve host client-ubuntu-12.10-i386.vagrantup.com 192.168.0.162 client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12 vagrant@ubuntu-12:~$ echo -e "192.168.0.161 chef-server.vagrantup.com chef-server" | sudo tee -a /etc/hosts 192.168.0.161 chef-server.vagrantup.com chef-server vagrant@client-ubuntu-12:~$ -
chef-clientのインストール
$ sudo apt-get -y install curl $ curl -L https://www.opscode.com/chef/install.sh | sudo bash
vagrant@client-ubuntu-12:~$ sudo apt-get -y install curl Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: libcurl3 The following NEW packages will be installed: curl libcurl3 0 upgraded, 2 newly installed, 0 to remove and 1 not upgraded. Need to get 400 kB of archives. After this operation, 964 kB of additional disk space will be used. Get:1 http://us.archive.ubuntu.com/ubuntu/ quantal-updates/main libcurl3 i386 7.27.0-1ubuntu1.4 [253 kB] Get:2 http://us.archive.ubuntu.com/ubuntu/ quantal-updates/main curl i386 7.27.0-1ubuntu1.4 [147 kB] Fetched 400 kB in 2s (160 kB/s) Selecting previously unselected package libcurl3:i386. (Reading database ... 58417 files and directories currently installed.) Unpacking libcurl3:i386 (from .../libcurl3_7.27.0-1ubuntu1.4_i386.deb) ... Selecting previously unselected package curl. Unpacking curl (from .../curl_7.27.0-1ubuntu1.4_i386.deb) ... Processing triggers for man-db ... Setting up libcurl3:i386 (7.27.0-1ubuntu1.4) ... Setting up curl (7.27.0-1ubuntu1.4) ... Processing triggers for libc-bin ... ldconfig deferred processing now taking place vagrant@client-ubuntu-12:~$
vagrant@client-ubuntu-12:~$ curl -L https://www.opscode.com/chef/install.sh | sudo bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 6790 100 6790 0 0 7062 0 --:--:-- --:--:-- --:--:-- 9225 Downloading Chef for ubuntu... Installing Chef Selecting previously unselected package chef. (Reading database ... 58449 files and directories currently installed.) Unpacking chef (from .../tmp.RXvhy8JH/chef__i386.deb) ... Setting up chef (11.8.0-1.ubuntu.12.04) ... Thank you for installing Chef! vagrant@client-ubuntu-12:~$ -
ノード設定ファイルの設定
Chefクライアントの認証鍵やサーバー設定情報を設定します。今回は、共有フォルダ/configにアクセスしています。
$ sudo mkdir -p /etc/chef $ sudo cp /config/client.rb /etc/chef $ sudo cp /config/validation.pem /etc/chef $ sudo chmod 0400 /etc/chef/client.rb /etc/chef/validation.pem
vagrant@client-ubuntu-12:~$ sudo mkdir -p /etc/chef vagrant@client-ubuntu-12:~$ sudo cp /config/client.rb /etc/chef vagrant@client-ubuntu-12:~$ sudo cp /config/validation.pem /etc/chef vagrant@client-ubuntu-12:~$ sudo chmod 0400 /etc/chef/client.rb /etc/chef/validation.pem vagrant@client-ubuntu-12:~$
-
WorkStation認証鍵の設定
WorkStation管理者のRSA公開鍵をSSHのauthorized_keysに追加します。今回は、共有フォルダ/configにアクセスしています。
$ cat /config/workstation_rsa_key.pub >> ~/.ssh/authorized_keys $ chmod 0600 ~/.ssh/authorized_keys $ chmod 0700 ~ ~/.ssh $ chown -R vagrant:vagrant ~
vagrant@client-ubuntu-12:~$ cat /config/workstation_rsa_key.pub >> ~/.ssh/authorized_keys vagrant@client-ubuntu-12:~$ chmod 0600 ~/.ssh/authorized_keys vagrant@client-ubuntu-12:~$ chmod 0700 ~ ~/.ssh vagrant@client-ubuntu-12:~$ chown -R vagrant:vagrant ~ vagrant@client-ubuntu-12:~$
-
ノード登録
ノード登録の準備ができましたので、ノード登録します。
$ sudo chef-client
vagrant@client-ubuntu-12:~$ sudo chef-client [2013-11-28T16:13:46+09:00] INFO: Forking chef instance to converge... Starting Chef Client, version 11.8.0 [2013-11-28T16:13:46+09:00] INFO: *** Chef 11.8.0 *** [2013-11-28T16:13:46+09:00] INFO: Chef-client pid: 2452 Creating a new client identity for client-ubuntu-12.10-i386.vagrantup.com using the validator key. [2013-11-28T16:13:47+09:00] INFO: Client key /etc/chef/client.pem is not present - registering [2013-11-28T16:13:47+09:00] INFO: HTTP Request Returned 404 Object Not Found: error [2013-11-28T16:13:47+09:00] INFO: Run List is [] [2013-11-28T16:13:47+09:00] INFO: Run List expands to [] [2013-11-28T16:13:47+09:00] INFO: Starting Chef Run for client-ubuntu-12.10-i386.vagrantup.com [2013-11-28T16:13:47+09:00] INFO: Running start handlers [2013-11-28T16:13:47+09:00] INFO: Start handlers complete. [2013-11-28T16:13:47+09:00] INFO: HTTP Request Returned 404 Object Not Found: resolving cookbooks for run list: [] [2013-11-28T16:13:47+09:00] INFO: Loading cookbooks [] Synchronizing Cookbooks: Compiling Cookbooks... [2013-11-28T16:13:47+09:00] WARN: Node client-ubuntu-12.10-i386.vagrantup.com has an empty run list. Converging 0 resources [2013-11-28T16:13:47+09:00] INFO: Chef Run complete in 0.290557519 seconds [2013-11-28T16:13:47+09:00] INFO: Running report handlers [2013-11-28T16:13:47+09:00] INFO: Report handlers complete Chef Client finished, 0 resources updated [vagrant@chef-server ~]$
-
ノード確認
Chefクライアントがノード登録されたかをWorkStation上で確認します。
$ knife node list
[vagrant@chef-server ~]$ knife node list client-ubuntu-12.10-i386.vagrantup.com [vagrant@chef-server ~]$
Chefクライアントのプロビジョニング
ここまでの作業で、Chefサーバー、クライアントともに構築が完了しましたので、プロビジョニングを行います。
以下の手順で構築します。なお、この作業はWorkStation上で行います。
-
Berkshelfのインストール
$ sudo su - # echo 'export PATH="/opt/chef/embedded/bin:$PATH"' >> ~/.bashrc # source ~/.bashrc # gem i berkshelf --no-ri --no-rdoc
[vagrant@chef-server ~]$ sudo su - [root@chef-server ~]# echo 'export PATH="/opt/chef/embedded/bin:$PATH"' >> ~/.bashrc [root@chef-server ~]# source .bashrc [root@chef-server ~]# gem i berkshelf --no-ri --no-rdoc Fetching: addressable-2.3.5.gem (100%) Fetching: buff-ruby_engine-0.1.0.gem (100%) Fetching: buff-shell_out-0.1.1.gem (100%) Fetching: chozo-0.6.1.gem (100%) Fetching: multipart-post-1.2.0.gem (100%) Fetching: faraday-0.8.8.gem (100%) Fetching: minitar-0.5.4.gem (100%) Fetching: retryable-1.3.3.gem (100%) Fetching: buff-extensions-0.5.0.gem (100%) Fetching: varia_model-0.2.0.gem (100%) Fetching: buff-config-0.4.0.gem (100%) Fetching: buff-ignore-1.1.1.gem (100%) Fetching: timers-1.1.0.gem (100%) Fetching: celluloid-0.14.1.gem (100%) Fetching: nio4r-0.5.0.gem (100%) Building native extensions. This could take a while... Fetching: celluloid-io-0.14.1.gem (100%) Fetching: net-http-persistent-2.9.gem (100%) Fetching: solve-0.8.1.gem (100%) Fetching: ffi-1.9.3.gem (100%) Building native extensions. This could take a while... Fetching: gssapi-1.0.3.gem (100%) Fetching: httpclient-2.3.4.1.gem (100%) Fetching: mini_portile-0.5.2.gem (100%) Fetching: nokogiri-1.6.0.gem (100%) Building native extensions. This could take a while... Fetching: rubyntlm-0.1.1.gem (100%)
-
chefリポジトリの作成
$ sudo yum -y install git $ cd $ git clone git://github.com/opscode/chef-repo.git
[vagrant@chef-server ~]$ sudo yum -y install git Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.nus.edu.sg * extras: mirrors.neusoft.edu.cn * updates: mirror.nus.edu.sg Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package git.x86_64 0:1.7.1-3.el6_4.1 will be installed --> Processing Dependency: perl-Git = 1.7.1-3.el6_4.1 for package: git-1.7.1-3.el6_4.1.x86_64 --> Processing Dependency: rsync for package: git-1.7.1-3.el6_4.1.x86_64 --> Processing Dependency: perl(Git) for package: git-1.7.1-3.el6_4.1.x86_64 --> Processing Dependency: perl(Error) for package: git-1.7.1-3.el6_4.1.x86_64 --> Running transaction check ---> Package perl-Error.noarch 1:0.17015-4.el6 will be installed ---> Package perl-Git.noarch 0:1.7.1-3.el6_4.1 will be installed ---> Package rsync.x86_64 0:3.0.6-9.el6_4.1 will be installed --> Finished Dependency Resolution
[vagrant@chef-server ~]$ cd [vagrant@chef-server ~]$ git clone git://github.com/opscode/chef-repo.git Initialized empty Git repository in /home/vagrant/chef-repo/.git/ remote: Counting objects: 223, done. remote: Compressing objects: 100% (139/139), done. remote: Total 223 (delta 80), reused 178 (delta 49) Receiving objects: 100% (223/223), 38.14 KiB, done. Resolving deltas: 100% (80/80), done. [vagrant@chef-server ~]$
-
Berkshelfの初期化
$ cd chef-repo $ berks init
[vagrant@chef-server ~]$ cd chef-repo/ [vagrant@chef-server chef-repo]$ berks init create Berksfile create Thorfile conflict .gitignore Overwrite /home/vagrant/chef-repo/.gitignore? (enter "h" for help) [Ynaqdh] y force .gitignore create Gemfile create Vagrantfile Successfully initialized [vagrant@chef-server chef-repo]$ -
~/.chef/knife.rbの編集
Cookbook検索パスおよび、ノード接続時のSSH接続設定を行います。
Cookbook検索パスの設定
cookbook_path [ '/home/vagrant/chef-repo/site-cookbooks', '/home/vagrant/chef-repo/cookbooks' ]
SSH接続設定
knife[:ssh_user] = vagrant knife[:use_sudo] = true knife[:identity_file] = /home/vagrant/.ssh/workstation_rsa_key
-
Cookbookのインストール
CPSCODEが公開しているchef-clientおよび、apache2Cookbookをインストールします。
$ echo "cookbook 'chef-client'" >> Berksfile $ berks install -p cookbooks $ echo "cookbook 'apache2'" >> Berksfile $ berks install -p cookbooks
[vagrant@chef-server chef-repo]$ echo "cookbook 'chef-client'" >> Berksfile [vagrant@chef-server chef-repo]$ berks install -p cookbooks Installing chef-client (3.1.0) from site: 'http://cookbooks.opscode.com/api/v1/cookbooks' Installing cron (1.2.8) from site: 'http://cookbooks.opscode.com/api/v1/cookbooks' Installing logrotate (1.4.0) from site: 'http://cookbooks.opscode.com/api/v1/cookbooks' [vagrant@chef-server chef-repo]$ echo "cookbook 'apache2'" >> Berksfile [vagrant@chef-server chef-repo]$ berks install -p cookbooks Using chef-client (3.1.0) Installing apache2 (1.8.4) from site: 'http://cookbooks.opscode.com/api/v1/cookbooks' Using cron (1.2.8) Using logrotate (1.4.0) [vagrant@chef-server chef-repo]$
-
Cookbookのアップロード
WorkStationにインストールされたすべてのCookbookをChefサーバーにアップロードします。
$ knife cookbook upload -a
[vagrant@chef-server chef-repo]$ knife cookbook upload -a Uploading apache2 [1.8.4] Uploading chef-client [3.1.0] Uploading cron [1.2.8] Uploading logrotate [1.4.0] Uploaded all cookbooks. [vagrant@chef-server chef-repo]$
-
ノード構築
apache2 Cookbookをノードに適用します。
$ knife bootstrap client-ubuntu-12.10-i386.vagrantup.com -r apache2
[vagrant@chef-server chef-repo]$ knife bootstrap client-ubuntu-12.10-i386.vagrantup.com -r apache2 Bootstrapping Chef on client-ubuntu-12.10-i386.vagrantup.com Failed to authenticate - trying password auth Enter your password: client-ubuntu-12.10-i386.vagrantup.com Starting Chef Client, version 11.8.0 client-ubuntu-12.10-i386.vagrantup.com resolving cookbooks for run list: ["apache2"] client-ubuntu-12.10-i386.vagrantup.com Synchronizing Cookbooks: client-ubuntu-12.10-i386.vagrantup.com - apache2 client-ubuntu-12.10-i386.vagrantup.com Compiling Cookbooks... client-ubuntu-12.10-i386.vagrantup.com [2013-11-28T16:54:18+09:00] WARN: Cloning resource attributes for service[apache2] from prior resource (CHEF-3694) client-ubuntu-12.10-i386.vagrantup.com [2013-11-28T16:54:18+09:00] WARN: Previous service[apache2]: /var/chef/cache/cookbooks/apache2/recipes/default.rb:24:in `from_file' client-ubuntu-12.10-i386.vagrantup.com [2013-11-28T16:54:18+09:00] WARN: Current service[apache2]: /var/chef/cache/cookbooks/apache2/recipes/default.rb:210:in `from_file' client-ubuntu-12.10-i386.vagrantup.com Converging 34 resources client-ubuntu-12.10-i386.vagrantup.com Recipe: apache2::default client-ubuntu-12.10-i386.vagrantup.com * package[apache2] action install client-ubuntu-12.10-i386.vagrantup.com - install version 2.2.22-6ubuntu2.3 of package apache2 client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12.10-i386.vagrantup.com * service[apache2] action enable client-ubuntu-12.10-i386.vagrantup.com - enable service service[apache2]
client-ubuntu-12.10-i386.vagrantup.com + BrowserMatch "^WebDrive" redirect-carefully client-ubuntu-12.10-i386.vagrantup.com + BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully client-ubuntu-12.10-i386.vagrantup.com + BrowserMatch "^gnome-vfs/1.0" redirect-carefully client-ubuntu-12.10-i386.vagrantup.com + BrowserMatch "^XML Spy" redirect-carefully client-ubuntu-12.10-i386.vagrantup.com + BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12.10-i386.vagrantup.com * execute[a2enmod setenvif] action run (skipped due to not_if) client-ubuntu-12.10-i386.vagrantup.com Recipe: apache2::default client-ubuntu-12.10-i386.vagrantup.com * execute[a2dissite default] action run client-ubuntu-12.10-i386.vagrantup.com - execute /usr/sbin/a2dissite default client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12.10-i386.vagrantup.com * service[apache2] action start (up to date) client-ubuntu-12.10-i386.vagrantup.com * service[apache2] action restart client-ubuntu-12.10-i386.vagrantup.com - restart service service[apache2] client-ubuntu-12.10-i386.vagrantup.com client-ubuntu-12.10-i386.vagrantup.com Chef Client finished, 18 resources updated
まとめ
ここまで、前編、後編(この記事)の2回に渡って、Chefサーバー、Chefクライアントの構築からクライアントのプロビジョニングまで解説しました。Chefサーバーを構築できれば、Chefクライアントの登録は比較的に簡単に行えますので、いろいろなChefクライアントを起動してプロビジョニングにチェレンジして下さい。また、Chefクライアントの構築は、定形作業になりますので、shell scriptをクライアントごとに作成し、Vagrantのshell provisioningで実行すると、より簡単にChefクライアントのセットアップができます。