Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

managed-chef-server (4) Versions 0.15.0

Installs and configures a Chef server

Berkshelf
Policyfile
Knife
cookbook 'managed-chef-server', '~> 0.15.0'
cookbook 'managed-chef-server', '~> 0.15.0', :supermarket
knife supermarket install managed-chef-server
knife supermarket download managed-chef-server
README
Dependencies
Changelog
Quality 63%

managed-chef-server

Deploys and configures the Chef server in a relatively stateless model. The included [policyfiles](policyfiles) provide examples of deployment options and the required attributes.

Recipes

default

Install or restore the Chef Server in a new deployment, wrapping the Chef-Server cookbook. It looks for the existence of a knife-ec-backup tarball to restore from, configured with the node['mcs']['restore']['file'] attribute. You will need to use the managed_organization recipe or provide your own organizations recipe to use the other recipes.

managed_organization

This creates a managed Chef organization and an org-managing admin user through the appropriate [attributes](attributes/default.rb#24).

backup

Runs knife ec backup via cron and puts the backups in the node['mcs']['backup']['dir']. The default is 2:30am daily, but you may change the cron schedule via the following attributes.

node['mcs']['backup']['cron']['minute'] = '30'
node['mcs']['backup']['cron']['hour'] = '2'
node['mcs']['backup']['cron']['day'] = '*'
node['mcs']['backup']['cron']['month'] = '*'
node['mcs']['backup']['cron']['weekday'] = '*'

cron

Schedules the Chef client to run on the Chef server via cron against a provided policyfile archive. This may be set to use --local-mode, for when the Chef client has no other Chef server to contact. See the example [policyfiles/cron.rb](policyfiles/cron.rb) and [kitchen.yml](kitchen.yml) for reference.

data_bag_loader

The node['mcs']['data_bags']['dir'] is compared against the existing data bags on the server and creates and/or updates them as necessary. If the node['mcs']['data_bags']['prune'] attribute is true then the data bags and their items are deleted if they exist on the server but do not have the requisite JSON files.

legacy_loader

Takes the node['mcs']['cookbooks']['dir'], node['mcs']['environments']['dir'] and node['mcs']['roles']['dir'] directories and loads whatever content is found into the Chef server organization. If you want to use the same directory for the roles and environments the recipe can distinguish between JSON files. The cookbooks are expected to be tarballs in a directory, they will all be attempted to load via their Berksfile or with knife. For legacy cookbooks with multiple dependencies it may take multiple runs to load everything.

policyfile_loader

Takes the node['mcs']['policyfile']['dir'] and parses any .lock.json files to determine which policyfile archives to load into the local Chef server. Policies will be assigned to the group designated by the node['mcs']['policyfile']['group'] attribute for the Chef server (_default is the default). If the policy itself sets the node['mcs']['policyfile']['group'] attribute, the policy will be assigned to that group.

Attributes

The [default.rb](attributes/default.rb) attributes file documents available settings and tunings.

Custom Resources

Custom resources are used to reduce the complexity of the included recipes.

managed_organization

The :create action will instantiate a Chef server organization with an internal administrator user. The name properties is the organization. The organization's full_name, email, and password are all optional properties.

managed_chef_server_backup

This resource schedules backups of the Chef server via cron-style properties (minute, hour, day, month, weekday). The backups are written to the directory and their filenames start with the prefix.

managed_chef_server_cron

This resource requires an archive property specifying the policyfile archive to deploy and use for running via cron.

managed_chef_server_restore

This resource requires a tarball property specifying the knife ec backup tarball to restore from.

cookbook_loader

This resource runs berks or knife against the directory property specifying the source for the cookbook tarballs to keep in sync with the server.

data_bag_loader

This resource works off of the directory property specifying the source for the data bags to keep in sync with the server.

managed_data_bag

This has :create, :prune, :item_create, and :item_prune for managing the data bags available on the server. This custom resource is called from the data_bag_loader resource.

environments_loader

All of the Ruby or JSON environment files in the directory will be loaded onto the Chef Server and updated if they change.

policyfile_loader

This resource looks for policyfile locks and archives in the directory specifying the source, only uploading them if they have been updated.

roles_loader

All of the Ruby or JSON role files in the directory will be loaded onto the Chef Server and updated if they change.

Testing

There is a [kitchen.yml](kitchen.yml) that may be used for testing with Vagrant. The [kitchen.vagrant.yml](kitchen.vagrant.yml) may be symlinked as kitchen.local.yml and used with local caches to speed up testing. If you want to use Docker, [kitchen.dokken.yml](kitchen.dokken.yml) may be used but it does not persist changes between runs and is thus not significantly faster (it's slower than Vagrant with caching). The following Suites map to example [policyfiles](policyfiles) that may be repurposed as necessary, with variants for testing Chef 14 and 15 of each:

default

Tests simple installation and creation of the managed Chef user and organization.

restore

Restores the Chef server from a backup with policyfiles. kitchen verify restore ensures the policyfiles were restored properly.

cron

Checks the chef-client is in the crontab

backup

Checks the backup script is in the crontab and backup directories are available.

data_bags

Adds loading data bags from the included [test](test) directory. It restores from a previous data bag backup to ensure pruning and updating work.

policyfile

Adds loading policyfiles from the included [test](test) directory.

legacy

Adds loading cookbooks, environments and roles from the included [test](test) directory.

everything

Installs the Chef server, restores from a backup, attempts to load policyfiles (which are included in the restored backup) and adds backup via cron.

License and Authors

  • Author: Matt Ray matt@chef.io
  • Copyright 2018-2019, Chef Software, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

chef-ingredient ~> 3.1.1
chef-server ~> 5.5.2

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

managed-chef-server CHANGELOG

This file is used to list changes made in each version of the managed-chef-server cookbook.

0.1.0

  • Initial release.
  • Installation and recovery of Chef server.
  • Creation of managed organization and user for managing the server.
  • Skeleton of tests.

0.2.0

  • cookstyle cleanups
  • example policyfiles for testing
  • policyfile_loader recipe

0.3.0

  • restore from backup works
  • Chef 13.8.5 testing

0.3.1

  • switch to config.rb from knife.rb

0.4.0

  • refactor policyfiles for more straightforward testing
  • backup scheduled via cron and attributes
  • cron recipe for managing the chef-server with the chef-client under cron, with or without a policyfile archive

0.5.0

  • legacy loader for cookbooks, environments, roles
  • nginx as non-root (@chrisg-fastlane)

0.6.0

  • legacy loader recipe supports Berkshelf
  • fix some issues with the restore for the managed user

0.6.1

  • legacy loader skip an empty cookbook list

0.6.2

  • policyfile_loader now puts policyfiles in a _default policygroup as defined by an attribute.

0.7.0

  • data_bag_loader recipe and tests

0.7.1

0.7.2

0.8.0

0.9.0

  • Added support for policyfiles to set their policy group by setting the ['mcs']['policyfile']['group'] attribute

0.10.0

  • Skip existing policies to speed up loading
  • remove chefdk cookbook dependency in favor of directly using chef_ingredient

0.11.0

  • Added private performance tuning recipe [_tuning.rb](recipes/_tuning.rb)

0.12.0

0.13.0

  • minimum Chef version is now 14
  • added Chef 15 support for all CLIs
  • new kitchen test suites for testing Chef 14 and 15 versions

0.14.0

  • new _chefdk.rb private recipe for installing the ChefDK
  • refactor new Custom Resources
    • managed_organization :create
    • chef_server_backup :create
    • chef_server_cron :create
    • chef_server_restore :run
    • cookbooks_loader :load
    • data_bag_loader :load
    • data_bag :create, :prune, :item_create, :item_prune (all called by the data_bag_loader)
    • environments_loader :load
    • policyfile_loader :load
    • roles_loader :load
  • the following attributes were removed to simplify managing multiple organizations -default['mcs']['managed_user']['dir'] -default['mcs']['managed_user']['user_name'] -default['mcs']['managed_user']['first_name'] -default['mcs']['managed_user']['last_name']
  • the following attributes were added to expand cron coverage -default['mcs']['backup']['cron']['month'] = '' -default['mcs']['backup']['cron']['weekday'] = '' -default['mcs']['cron']['month'] = '' -default['mcs']['cron']['weekday'] = ''
  • all the loaders now support organizations

0.15.0

BACKLOG

maintenance recipe

Maintaining the Chef server may involve periodically cleaning up stale nodes and unused policies. This is likely to use knife-tidy and various chef commands. Scheduling and implementation TBD.

Collaborator Number Metric
            

0.15.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.15.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.15.0 passed this metric

No Binaries Metric
            

0.15.0 passed this metric

Publish Metric
            

0.15.0 passed this metric

Supported Platforms Metric
            

0.15.0 passed this metric

Testing File Metric
            

0.15.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.15.0 passed this metric