Chef 撰写和使用菜谱

你的第一个菜谱

必须了解的四个资源

• package: 使用正确的安装包管理器(yum、apt、pacman等等)来安装一个程序包
• service: 管理用package安装的服务
• cookbook_file:从菜谱中复制文件到节点的制定的目录。
• template:类似cookbook_file的资源，允许你复制文件到目标节点，而由于文件为嵌入式Ruby模板，所以你可以用变量来控制复制到节点的文件内容

每日消息(使用Chef开发包)

使用chef命令生成motd菜谱的初始目录结构

[root@node3 motd]# cd /opt/chef-data/chef-repo/cookbooks/

[root@node3 cookbooks]# chef generate cookbook motd

[root@node3 cookbooks]# cd motd/

[root@node3 motd]# cat .kitchen.yml
---
driver:
name: vagrant

provisioner:
name: chef_zero
# You may wish to disable always updating cookbooks in CI or other testing environments.
# For example:
# always_update_cookbooks: <%= !ENV['CI'] %>
always_update_cookbooks: true

verifier:
name: inspec

platforms:
- name: ubuntu-16.04
- name: centos-7

suites:
- name: default
run_list:
- recipe[motd::default]
verifier:
inspec_tests:
- test/integration/default
attributes:

运行kitchen list确保kitchen.yaml文件没有语法错误

[root@node3 motd]# kitchen list
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::UserError
>>>>>> Message: Vagrant 1.1.0 or higher is not installed. Please download a package from https://www.vagrantup.com/downloads.html.
>>>>>> ----------------------
>>>>>> Please see .kitchen/logs/kitchen.log for more details
>>>>>> Also try running `kitchen diagnose --all` for configuration

# 安装 vagrant
[root@node3 opt]# wget https://releases.hashicorp.com/vagrant/2.2.7/vagrant_2.2.7_x86_64.rpm
--2020-02-17 14:50:36--  https://releases.hashicorp.com/vagrant/2.2.7/vagrant_2.2.7_x86_64.rpm
Resolving releases.hashicorp.com (releases.hashicorp.com)... 151.101.229.183, 2a04:4e42:36::439
Connecting to releases.hashicorp.com (releases.hashicorp.com)|151.101.229.183|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 42576773 (41M) [application/x-redhat-package-manager]
Saving to: ‘vagrant_2.2.7_x86_64.rpm’

100%[=====================================================================================================================================================>] 42,576,773   513KB/s   in 81s    

2020-02-17 14:52:03 (513 KB/s) - ‘vagrant_2.2.7_x86_64.rpm’ saved [42576773/42576773]

[root@node3 opt]# ls
apache-cassandra-2.2.15             chef       chef-software     distribute-0.7.3.zip  setuptools-33.1.1.zip  vagrant_2.2.7_x86_64.rpm
apache-cassandra-3.11.5-bin.tar.gz  chef-data  chef-workstation  Python-3.7.2.tar.xz   setuptools-45.1.0.zip
You have new mail in /var/spool/mail/root
[root@node3 opt]# rpm -vih vagrant_2.2.7_x86_64.rpm 
Preparing...                          ################################# [100%]
Updating / installing...
   1:vagrant-1:2.2.7-1                ################################# [100%]

[root@node3 motd]# kitchen list
Instance             Driver   Provisioner  Verifier  Transport  Last Action    Last Error
default-ubuntu-1604  Vagrant  ChefZero     Inspec    Ssh        <Not Created>  <None>
default-centos-7     Vagrant  ChefZero     Inspec    Ssh        <Not Created>  <None>

使用chef generate file motd命令在菜谱中生成motd文件所需的目录结构。我们只需要文件名而不是路径

[root@node3 motd]# chef generate file motd
Recipe: code_generator::cookbook_file
  * directory[/opt/chef-data/chef-repo/cookbooks/motd/files/default] action create
    - create new directory /opt/chef-data/chef-repo/cookbooks/motd/files/default
    - restore selinux security context
  * template[/opt/chef-data/chef-repo/cookbooks/motd/files/default/motd] action create
    - create new file /opt/chef-data/chef-repo/cookbooks/motd/files/default/motd
    - update content in file /opt/chef-data/chef-repo/cookbooks/motd/files/default/motd from none to e3b0c4
    (diff output suppressed by config)
    - restore selinux security context

编写default.rb文件。

[root@node3 recipes]# pwd
/opt/chef-data/chef-repo/cookbooks/motd/recipes
[root@node3 recipes]# cat default.rb 
#
# Cookbook:: motd
# Recipe:: default
#
# Copyright:: 2020, The Authors, All Rights Reserved.
cookbook_file "/etc/motd" do
    source "motd"
    mode "0644"
end

Apache菜谱

定义前提工作

• 名字：取一个有意义的名字，且唯一。例子，mysql菜谱，只做mysql相关的事情
• 用途：菜谱的愿景和其元数据的description属性非常相似甚至相同，但这不是一个硬性需求。例子，在目标机器上安装配置MySQL.
• 成功标准：例子，做最少的事情，让MySQL运行并提供一种创建MySQL用户，数据库和数据库表
• 应用、服务： 每个菜谱应该管理一个应用和服务，例如，"MySQL"就可以作为一个很好的菜谱应该管理的应用或服务的单位。
• 所需步骤： 自动化的前提是明确手动做这些工作的步骤是什么。

一、apache菜谱清单：

二、生成菜谱结构

[root@node3 cookbooks]# cd /opt/chef-data/chef-repo/cookbooks/

[root@node3 cookbooks]# ls
chefignore  first_cookbook  motd  starter
[root@node3 cookbooks]# knife cookbook site download learn_chef_httpd

tar -zxvf learn_chef_httpd-0.2.0.tar.gz -C /opt/chef-data/chef-repo/cookbooks/
# 主页内容
cat /opt/chef-data/chef-repo/cookbooks/learn_chef_httpd/templates/default/index.html.erb
# ruby安装Apache脚本
cat /opt/chef-data/chef-repo/cookbooks/learn_chef_httpd/recipes/default.rb

 

三、编辑README.md文件

[root@node3 apache]# cat README.md 
# apache cookbook

本菜谱安装及配置一个使用Apache HTTPD服务器的简单的网站

需求
========
仅仅支持CentOS或者提取使用+httpd+的RHEL版本

用法
========
将'apache'添加到你的节点的'run_list'(运行清单)中

测试
========
菜谱中提供了'.kitchen.yml'文件。请运行+kitchen converge+来验证此菜谱

四、更新Metadata.rb

[root@node3 apache]# cat metadata.rb 
name 'apache'
maintainer 'Hogan'
maintainer_email '[email protected]'
license 'All Rights Reserved'
description 'Installs/Configures apache'
long_description 'Installs/Configures apache'
version '0.1.0'
chef_version '>= 12.14' if respond_to?(:chef_version)

# The `issues_url` points to the location where issues for this cookbook are
# tracked.  A `View Issues` link will be displayed on this cookbook's page when
# uploaded to a Supermarket.
#
# issues_url 'https://github.com/<insert_org_here>/apache/issues'

# The `source_url` points to the development repository for this cookbook.  A
# `View Source` link will be displayed on this cookbook's page when uploaded to
# a Supermarket.
#

^{五、上传至chef-server}

# 上传Apache的cookbook至Chef Server
cd /opt/chef-data/chef-repo/cookbooks/
knife cookbook upload learn_chef_httpd 
knife cookbook list

 

 六、将cookbook加入到目标节点run_list中

[root@node3 cookbooks]# cd /opt/chef-data/chef-repo/cookbooks

[root@node3 cookbooks]# knife node run_list add node4 learn_chef_httpd
node4:
run_list: recipe[learn_chef_httpd]

 七、执行run_list

1、远程执行

[root@node3 cookbooks]# knife ssh 192.168.56.14 'sudo chef-client' --manual-list --ssh-user root --ssh-password 'root@123'
192.168.56.14 Starting Chef Client, version 14.2.0
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 resolving cookbooks for run list: ["learn_chef_httpd"]
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 Synchronizing Cookbooks:
192.168.56.14 - learn_chef_httpd (0.2.0)
192.168.56.14 Installing Cookbook Gems:
192.168.56.14 Compiling Cookbooks...
192.168.56.14 [2020-02-17T17:27:45+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14 Converging 4 resources
192.168.56.14 Recipe: learn_chef_httpd::default
192.168.56.14 * yum_package[httpd] action install
192.168.56.14 - install version 0:2.4.6-90.el7.centos.x86_64 of package httpd
192.168.56.14 * service[httpd] action enable
192.168.56.14 - enable service service[httpd]
192.168.56.14 * service[httpd] action start
192.168.56.14 - start service service[httpd]
192.168.56.14 * template[/var/www/html/index.html] action create (up to date)
192.168.56.14 * service[iptables] action stop (up to date)
192.168.56.14 [2020-02-17T17:27:51+08:00] WARN: Using deprecated positional arguments for sign(), please update to keyword arguments (from /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.2.0/lib/chef/http/authenticator.rb:114)
192.168.56.14
192.168.56.14 Running handlers:
192.168.56.14 Running handlers complete
192.168.56.14 Chef Client finished, 3/5 resources updated in 16 seconds
[

2、本地执行

登录client节点

chef-client