[chef] Re: Best Practices for Retrieving Generated Passwords

[Adam Jacob < >]

On 12/3/12 8:12 AM, "Dane Elwell" 
<
 >
 wrote:
>Two questions:
>
>* (Likely Chef 101 but I've not seen how to do this yet) Is there a way
>I can store arbitrary data for the local node somewhere? For example, if
>I generate a username and password for a haproxy statistics page, where
>can I then retrieve these from? Use of an encrypted databag? This is
>probably me just not RTFM to be fair - links appreciated.

So is the flow you are looking for here:

* Configure a bunch of services on a server, auto-generating secure
passwords
* Store those passwords in your arbitrary database someplace
* Profit

Yes?

The node itself stores its attributes, so that would be the logical place
for the auto-generated dataŠ but do you really want to store them in plain
text?

>* How can I gather this username/password information in a more
>automated way? Is there an API of some kind that can be called to
>retrieve this information from the Chef server? Unfortunately the
>in-house system is developed by a separate team, so I don't have many
>options for integration beyond "here's an API, implement this". I'm more
>than happy to write glue code for this if necessary.

The Chef Server itself is a REST API, and you can absolutely use it here.
Answer my question above re: flow, and I'l reply again. :)

>I hope my requirements make sense, and I apologise again for being
>clueless. :)

No worries, dude - everyone starts somewhere. :)

Best,
Adam