|
In previous question to the community/maillist I asked about how can
i store decrypt passwords. And a answer is - store it in `node.run_state` hash - this is because this is not persistent store and there is only during the launch of chef. This is very good idea of course. But I can't understand how can use it in real world. For example I upload mysql community cookbook to my chef server. For deploy mysql data base server. Mysql community cookbook has several default attributes of passwords which is randomly generated by openssl. But we can override them. How can I override them best practice ? README.md at this cookbook has: node['mysql']['server_root_password'] - Set the server's root password node['mysql']['server_repl_password'] - Set the replication user 'repl' password node['mysql']['server_debian_password'] - Set the debian-sys-maint user password "OK" said I, How can I setup them with node.run_state ? One way is to create application cookbook ( http://devopsanywhere.blogspot.ru/2012/11/how-to-write-reusable-chef-cookbooks.html) and in the recipe mode set vars: mysql_acme/recipes/default: ... # code to setup node.run_state['mysql']['server_root_password'] and others from data bags. i.e. retrive data bags from server, decrypt them etc. how can i do this, i has chef error, when set this var: undefined method `[]=' for nil:NilClass ? ... node['mysql']['server_root_password'] = node.run_state['mysql']['server_root_password'] ... # before run mysql::server we setup node attributes include_recipe "mysql::server" This is not good idea because I use node attribute that persistent to chef server and will be available after chef run to all nodes wia search. Despite the fact that I used node.run_state. I cannot understand how to use community cookbook with my own data bags? -- Best regards, CVision Lab System Administrator Vladmir Skubriev |
Archive powered by MHonArc 2.6.16.