chef - [chef] Re: Knifing multiple different chef servers

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Knifing multiple different chef servers

From: Bryan McLellan < >
To:
Subject: [chef] Re: Knifing multiple different chef servers
Date: Sat, 1 Oct 2011 08:55:37 -0400

On Thu, Sep 29, 2011 at 8:34 AM, Geoff Meakin Acid
< >
wrote:
> Only problem is "knife configure -i" which is the documented way to register
> yourself as a client of each chef server… this attempts to override whatever
> knife.rb file it finds.. not very helpful as I've already configured my
> various knife.rb files to look at different servers with different
> 'environment' attributes. I dont want to have all these manual steps of
> post-configuring knife.rb files, I want my knife.rb files committed to git
> so I can just run&go (™)

"knife configure -i" is really for a standard configuration and for
new users. It just uses the webui client, which is an admin, to create
another client. You can do this easily with:

sudo knife client create an_admin -u chef-webui -k /etc/chef/webui.pem
--admin -f .chef/an_admin.pem

You'll need to fix up the file permissions since you ran as sudo,
which you need to do so you can read the webui.pem file.

> For my solution, I created a bunch of different directories -
> chef-production / chef-staging / chef-dev etc., and in each of those had a
> .chef/knife.rb file configuring knife to the correct place.

I have a directory in which I keep all of my chef repositories. Each
of these has a separate .chef directory. For Opscode Hosted Chef
organizations, the directory is the same name as the organization and
my .chef/knife.rb looks like:

-----
config_dir = File.dirname(__FILE__)
cookbook_dir = File.join(config_dir, ".." ,"cookbooks")
organization =
File.basename(File.expand_path(File.join(File.dirname(__FILE__),
"..")))

log_level        :info
log_location     STDOUT
node_name        ENV['USER']
client_key       "#{config_dir}/#{ENV['USER']}.pem"
chef_server_url  "https://api.opscode.com/organizations/#{organization}";
cache_type       'BasicFile'
cache_options( :path => "#{config_dir}/checksums" )
cookbook_path [ cookbook_dir ]

validation_client_name "#{organization}-validator"
validation_key "#{config_dir}/#{organization}-validator.pem"
-----

I also have a couple directories for my local and testing chef servers
which contain pretty standard knife.rb configurations.

Bryan

[chef] Re: Knifing multiple different chef servers, Bryan McLellan, 10/01/2011