chef - [chef] Re: Re: Re: RE: RE: Adding a feature in Chef Server UI

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Re: RE: RE: Adding a feature in Chef Server UI

From: "steve ." < >
To: " " < >
Subject: [chef] Re: Re: Re: RE: RE: Adding a feature in Chef Server UI
Date: Thu, 3 Apr 2014 10:02:52 -0700

We do this kind of thing today with Rundeck, which integrates with Chef via the chef-rundeck service. Other orchestration tools are available.

Rundeck: http://rundeck.org

Chef-Rundeck: http://github.com/oswaldlabs/chef-rundeck / "gem install chef-rundeck"

There's a community Rundeck cookbook available that looks pretty good, though we've been using an internally-written cookbook for a while.

On Wed, Apr 2, 2014 at 10:23 PM, Noah Kantrowitz < " target="_blank"> > wrote:

While I'm sure you mean well, I think you underestimate what you are suggesting. I don't want to turn you off from contributing to Chef, but I think this is probably not something you would want to tackle right out of the starting gate. If you are looking for good remote-execution systems that are well integrated with Chef, you can get a trial version of Enterprise Chef I think.

--Noah

On Apr 2, 2014, at 9:48 PM, Anju M R < "> > wrote:

> Hi,
>
> Thank you for the suggestions. Is there any way to get the source code of chef and build from it or contribute to chef. I want to add this functionality. If some body already have done this please help me with the implementation part.
>
> Thank you,
>
>
>
> On Mon, Mar 17, 2014 at 8:56 AM, Kevin Keane Subscription < "> > wrote:
> You could reduce the security issue by using SSH with a private key to a non-root account, preferably one with minimal permissions. Add an entry to your sudoers file, and then use sudo to run the command.
>
> You can further lock down the system with the SSH allowed_keys file; you can set it up that SSH will not get a terminal and can only execute the one command "sudo chef-client".
>
> > -----Original Message-----
> > From: Kadel-Garcia, Nico [mailto: "> ]
> > Sent: Sunday, March 16, 2014 6:59 PM
> > To: ">
> > Subject: [chef] RE: Adding a feature in Chef Server UI
> >
> > The chef server does not have the credentials to enforce that. You'd have to
> > execute something like a "knife ssh" command, with stored root passwords
> > or root ssh credentials. That's a *big* security issue.
> >
> > --
> > Nico Kadel-Garcia
> > Senior Systems Consultant
> > Email: ">
> > Cell Phone: +1.339.368.2428
> >
> > ________________________________________
> > From: "> < "> >
> > Sent: Sunday, March 16, 2014 9:32 PM
> > To: ">
> > Subject: [chef] Adding a feature in Chef Server UI
> >
> > Hi
> >
> > I'm trying to integrate an 'execute recipe' functionality to my chef server ui.
> > It has to do the function of 'chef-client' from the UI. Please help me to do so.
> >
> > Thanking you,
> > Anju
>
>
>
>
> --
> Regards,
>
> Anju M R
>

[chef] Re: RE: RE: Adding a feature in Chef Server UI, Anju M R, 04/02/2014
- [chef] Re: Re: RE: RE: Adding a feature in Chef Server UI, Noah Kantrowitz, 04/02/2014
  - [chef] Re: Re: Re: RE: RE: Adding a feature in Chef Server UI, steve ., 04/03/2014