你的第一个菜谱
必须了解的四个资源
- package: 使用正确的安装包管理器(yum、apt、pacman等等)来安装一个程序包
- service: 管理用package安装的服务
- cookbook_file:从菜谱中复制文件到节点的制定的目录。
- template:类似cookbook_file的资源,允许你复制文件到目标节点,而由于文件为嵌入式Ruby模板,所以你可以用变量来控制复制到节点的文件内容
每日消息(使用Chef开发包)
使用chef命令生成motd菜谱的初始目录结构
[root@node3 motd]# cd /opt/chef-data/chef-repo/cookbooks/
[root@node3 cookbooks]# chef generate cookbook motd
[root@node3 cookbooks]# cd motd/
[root@node3 motd]# cat .kitchen.yml
---
driver:
name: vagrant
provisioner:
name: chef_zero
# You may wish to disable always updating cookbooks in CI or other testing environments.
# For example:
# always_update_cookbooks: <%= !ENV['CI'] %>
always_update_cookbooks: true
verifier:
name: inspec
platforms:
- name: ubuntu-16.04
- name: centos-7
suites:
- name: default
run_list:
- recipe[motd::default]
verifier:
inspec_tests:
- test/integration/default
attributes:
运行kitchen list确保kitchen.yaml文件没有语法错误
[root@node3 motd]# kitchen list >>>>>> ------Exception------- >>>>>> Class: Kitchen::UserError >>>>>> Message: Vagrant 1.1.0 or higher is not installed. Please download a package from https://www.vagrantup.com/downloads.html. >>>>>> ---------------------- >>>>>> Please see .kitchen/logs/kitchen.log for more details >>>>>> Also try running `kitchen diagnose --all` for configuration # 安装 vagrant [root@node3 opt]# wget https://releases.hashicorp.com/vagrant/2.2.7/vagrant_2.2.7_x86_64.rpm --2020-02-17 14:50:36-- https://releases.hashicorp.com/vagrant/2.2.7/vagrant_2.2.7_x86_64.rpm Resolving releases.hashicorp.com (releases.hashicorp.com)... 151.101.229.183, 2a04:4e42:36::439 Connecting to releases.hashicorp.com (releases.hashicorp.com)|151.101.229.183|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 42576773 (41M) [application/x-redhat-package-manager] Saving to: ‘vagrant_2.2.7_x86_64.rpm’ 100%[=====================================================================================================================================================>] 42,576,773 513KB/s in 81s 2020-02-17 14:52:03 (513 KB/s) - ‘vagrant_2.2.7_x86_64.rpm’ saved [42576773/42576773] [root@node3 opt]# ls apache-cassandra-2.2.15 chef chef-software distribute-0.7.3.zip setuptools-33.1.1.zip vagrant_2.2.7_x86_64.rpm apache-cassandra-3.11.5-bin.tar.gz chef-data chef-workstation Python-3.7.2.tar.xz setuptools-45.1.0.zip You have new mail in /var/spool/mail/root [root@node3 opt]# rpm -vih vagrant_2.2.7_x86_64.rpm Preparing... ################################# [100%] Updating / installing... 1:vagrant-1:2.2.7-1 ################################# [100%] [root@node3 motd]# kitchen list Instance Driver Provisioner Verifier Transport Last Action Last Error default-ubuntu-1604 Vagrant ChefZero Inspec Ssh <Not Created> <None> default-centos-7 Vagrant ChefZero Inspec Ssh <Not Created> <None>
使用chef generate file motd命令在菜谱中生成motd文件所需的目录结构。我们只需要文件名而不是路径
[root@node3 motd]# chef generate file motd Recipe: code_generator::cookbook_file * directory[/opt/chef-data/chef-repo/cookbooks/motd/files/default] action create - create new directory /opt/chef-data/chef-repo/cookbooks/motd/files/default - restore selinux security context * template[/opt/chef-data/chef-repo/cookbooks/motd/files/default/motd] action create - create new file /opt/chef-data/chef-repo/cookbooks/motd/files/default/motd - update content in file /opt/chef-data/chef-repo/cookbooks/motd/files/default/motd from none to e3b0c4 (diff output suppressed by config) - restore selinux security context
编写default.rb文件。
[root@node3 recipes]# pwd /opt/chef-data/chef-repo/cookbooks/motd/recipes [root@node3 recipes]# cat default.rb # # Cookbook:: motd # Recipe:: default # # Copyright:: 2020, The Authors, All Rights Reserved. cookbook_file "/etc/motd" do source "motd" mode "0644" end
Apache菜谱
定义前提工作
- 名字:取一个有意义的名字,且唯一。例子,mysql菜谱,只做mysql相关的事情
- 用途:菜谱的愿景和其元数据的description属性非常相似甚至相同,但这不是一个硬性需求。例子,在目标机器上安装配置MySQL.
- 成功标准:例子,做最少的事情,让MySQL运行并提供一种创建MySQL用户,数据库和数据库表
- 应用、服务: 每个菜谱应该管理一个应用和服务,例如,"MySQL"就可以作为一个很好的菜谱应该管理的应用或服务的单位。
- 所需步骤: 自动化的前提是明确手动做这些工作的步骤是什么。
一、apache菜谱清单:
二、生成菜谱结构
[root@node3 cookbooks]# cd /opt/chef-data/chef-repo/cookbooks/
[root@node3 cookbooks]# ls
chefignore first_cookbook motd starter
[root@node3 cookbooks]# knife cookbook site download learn_chef_httpd
tar -zxvf learn_chef_httpd-0.2.0.tar.gz -C /opt/chef-data/chef-repo/cookbooks/
# 主页内容
cat /opt/chef-data/chef-repo/cookbooks/learn_chef_httpd/templates/default/index.html.erb
# ruby安装Apache脚本
cat /opt/chef-data/chef-repo/cookbooks/learn_chef_httpd/recipes/default.rb
三、编辑README.md文件
[root@node3 apache]# cat README.md # apache cookbook 本菜谱安装及配置一个使用Apache HTTPD服务器的简单的网站 需求 ======== 仅仅支持CentOS或者提取使用+httpd+的RHEL版本 用法 ======== 将'apache'添加到你的节点的'run_list'(运行清单)中 测试 ======== 菜谱中提供了'.kitchen.yml'文件。请运行+kitchen converge+来验证此菜谱
四、更新Metadata.rb
[root@node3 apache]# cat metadata.rb name 'apache' maintainer 'Hogan' maintainer_email '[email protected]' license 'All Rights Reserved' description 'Installs/Configures apache' long_description 'Installs/Configures apache' version '0.1.0' chef_version '>= 12.14' if respond_to?(:chef_version) # The `issues_url` points to the location where issues for this cookbook are # tracked. A `View Issues` link will be displayed on this cookbook's page when # uploaded to a Supermarket. # # issues_url 'https://github.com/<insert_org_here>/apache/issues' # The `source_url` points to the development repository for this cookbook. A # `View Source` link will be displayed on this cookbook's page when uploaded to # a Supermarket. #
五、上传至chef-server
# 上传Apache的cookbook至Chef Server cd /opt/chef-data/chef-repo/cookbooks/ knife cookbook upload learn_chef_httpd
knife cookbook list
六、将cookbook加入到目标节点run_list中
[root@node3 cookbooks]# cd /opt/chef-data/chef-repo/cookbooks
[root@node3 cookbooks]# knife node run_list add node4 learn_chef_httpd
node4:
run_list: recipe[learn_chef_httpd]
七、执行run_list
1、远程执行
[root@node3 cookbooks]# knife ssh 192.168.56.14 'sudo chef-client' --manual-list --ssh-user root --ssh-password 'root@123'
192.168.56.14 Starting Chef Client, version 14.2.0
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 resolving cookbooks for run list: ["learn_chef_httpd"]
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 Synchronizing Cookbooks:
192.168.56.14 - learn_chef_httpd (0.2.0)
192.168.56.14 Installing Cookbook Gems:
192.168.56.14 Compiling Cookbooks...
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 Converging 4 resources
192.168.56.14 Recipe: learn_chef_httpd::default
192.168.56.14 * yum_package[httpd] action install
192.168.56.14 - install version 0:2.4.6-90.el7.centos.x86_64 of package httpd
192.168.56.14 * service[httpd] action enable
192.168.56.14 - enable service service[httpd]
192.168.56.14 * service[httpd] action start
192.168.56.14 - start service service[httpd]
192.168.56.14 * template[/var/www/html/index.html] action create (up to date)
192.168.56.14 * service[iptables] action stop (up to date)
192.168.56.14 [2020-02-17T17:27:51+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14
192.168.56.14 Running handlers:
192.168.56.14 Running handlers complete
192.168.56.14 Chef Client finished, 3/5 resources updated in 16 seconds
[
2、本地执行
登录client节点
chef-client