cookbook 'managed_automate', '= 0.11.2'
managed_automate (9) Versions 0.11.2 Follow0
Installs and configures a Chef Automate 2 server
cookbook 'managed_automate', '= 0.11.2', :supermarket
knife supermarket install managed_automate
knife supermarket download managed_automate
managed_automate
Deploys and configures the Chef Automate 2 server in an airgapped, stateless model.
Recipes
default
Calls the install recipe.
install
Installs Chef Automate on a single air-gapped box in a new deployment. Download the chef-automate
command before using this recipe (the airgap_bundle
recipe does this) and copy it to the node['ma'][chef-automate]
location. The AIB file may be a URL or file, similar to this:
node['ma']['install']['file'] = '/tmp/test/automate-20190813170406.aib'
The server will be tuned for passing Automate's preflight-check
and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.
restore
Restores Chef Automate on a single air-gapped box in a new deployment from a previous backup. Download the chef-automate
command before using this recipe (the airgap_bundle
recipe does this) and copy it to the node['ma'][chef-automate]
location. The AIB and restore files may be URLs or files, similar to this:
node['ma']['install']['file'] = '/tmp/test/automate-20190813170406.aib'
node['ma']['restore']['file'] = '/tmp/test/automate-backup-20190902064704.tgz'
The server will be tuned for passing Automate's preflight-check
and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.
upgrade
Upgrades Chef Automate on a single air-gapped box from an existing deployment. Download the chef-automate
command before using this recipe (the airgap_bundle
recipe does this) and copy it to the node['ma'][chef-automate]
location. The upgrade file may be a URL or file, similar to this:
node['ma']['upgrade']['url'] = 'file://localhost/tmp/test/automate-20190820163418.aib'
The server will be tuned for passing Automate's preflight-check
and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.
airgap_bundle
This recipe requires internet access and is used to download the chef-automate
CLI and create an airgap installation bundle (AIB file) from the "current" release channel. It copies the downloaded AIB file to a destination directory (the filename may be overridden with an attribute). It will check if new files are available and a full AIB download is currently almost 800 megabytes, so you may want to limit it to daily usage.
backup
Runs chef-automate backup
via cron and copies tarballs of the backups to a destination directory. The default is 2:30am daily, but you may change the cron schedule via the following attributes. The automate-credentials.toml
from the initial install or restored backup is included in the backup if available.
node['ma']['backup']['cron']['minute'] = '30'
node['ma']['backup']['cron']['hour'] = '2'
node['ma']['backup']['cron']['day'] = '*'
Testing with Test Kitchen
The included kitchen.yml
provides testing scenarios for the following (the 14/15 prefixes indicate which Chef client version is used):
-
aib-download
: creates an airgap bundle for installing Automate offline. It writeschef-automate
and the.aib
files to the sharedtest
directory. -
aib-filename
: creates an airgap bundle for installing Automate offline with a given name set via thenode['ma']['aib']['file']
attribute. It writeschef-automate
and the.aib
files to the sharedtest
directory. -
default
: tests installing from a previously downloadedchef-automate
and.aib
file. Use theaib-download
suite to create this if necessary to the sharedtest
directory. -
url
: tests installing from a previously downloaded.aib
and license via URLs. -
upgrade
: tests installing and upgrading an installation. -
backup
: install and configure backups. -
restore
: restore an installation from a backup .tgz and an installation.aib
file. -
full
: performs both the airgap bundle creation, restore and scheduling of backups.
.kitchen.yml
The .kitchen.yml
sets the VM to have the private IP 192.168.33.33
. If you want to use the Automate web UI, you will need to get the self-signed certificate created with the installation
- Use
knife ssl fetch https://192.168.33.33
to pull thedefault-centos-7.vagrantup.com.crt
. - Install the certificate on your workstation. Under MacOS I used the Keychain Access application and did File->Import Items and selected the certificate. I then set the permissions to allow everything and deleted it when I destroyed the Vagrant machine.
- Connect to https://192.168.33.33 which will redirect to
default-centos-7.vagrantup.com
or one of the other suites. This works with Chrome, not Firefox. - If you're following the examples in https://automate.chef.io/docs/iam-v2-api-reference/ you can add
192.168.33.33 automate.example.com
to your/etc/hosts
.
You will probably need to update the license, directories and AIB files used for your testing. To use a license key, store it in your policyfiles/default.rb
similar to this:
override['ma']['license']['string'] = 'thisisnotareallicence_dHlwZSI6ImNvbW1lcmNpYWwiLCJnZW5lcmF0b3IiOiJjaGVmL2xpY2Vuc2UtMi4wLjAiLCJrZXlfc2hhMjU2IjoiZTBkZjI4YzhiYzY4MTUwZWRiZmVmOThjZDZiN2RjNDM5YzFmODBjN2U3ZWY3NDc4OTNhNjg5M2EyZjdiNjBmNyIsImdlbmVyYXRpb25fZGF0ZSI6eyJzZWNvbmRzIjoxNTM0MzQ0MjkwfSwiY3VzdG9tZXIiOiJXZXN0cGFjQVUgLSBBdXRvbWF0ZSAtIE5ldyAtIDMwMDAgTm9kZXMiLCJjdXN0b21lcl9pZCI6Ijg4OEU4NUU3LTY2MUEtNEZGQS04MjlFLTNCRTIyREQyNEU4RCIsImN1c3RvbWVyX2lkX3ZlcnNpb24iOiIxIiwiZW50aXRsZW1lbnRzIjpbeyJuYW1lIjoiQ2hlZiBBdXRvbWF0ZSIsIm1lYXN1cmUiOiJub2RlcyIsInN0YXJ0Ijp7InNlY29uZHMiOjE1MzQyOTEyMDB9LCJlbmQiOnsic2Vjb25kcyI6MTU2NDYxNzU5OX19XX0.AMNR0uiRQgLsfi-W4dBQ5K6EH1HUSK_AFPSIXzzkEn1gAiLjgGwfB3L7oxxrihgV8w8U8Vsxeal_CGg5GI99le3FAYYt5wdCG-8VZNScVcyL8xCIdPUyl0ZV-NLjyhLzf5JKrl9E1dTBzMrh__OsNx34TgRLZ-xNKNekUAy9sVdyHryf'```
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
managed-automate2 CHANGELOG
This file is used to list changes made in each version of the managed-automate2 cookbook.
0.1.0
- Initial release.
- airgap_bundle downloads aib file
- default recipe installs automate
0.2.0
- default recipe configures to pass preflight check
0.3.0
- default recipe applies license
0.4.0
- relax Chef version to 13 from 14, adding sysctl cookbook
0.5.0
- aib as a URL or a file in the default recipe
- license as a URL or a string in the default recipe
0.6.0
- Original AIB filename is now preserved in addition to generic name.
- Add support for backup recipe and restoring from a backup file.
0.7.0
- refactored install/restore/upgrade logic to manage upgrades
0.7.1
- code cleanup and updated tests
0.8.0
- added Elasticsearch tuning via the private
_elasticsearch.rb
recipe
0.9.0
- move to Chef 14/15 and add testing support
- remove sysctl cookbook dependency
0.10.0
- change cookbook name from 'managed-automate2' to 'managed_automate'
- refactor attributes from 'ma2' to 'ma' namespace
- refactor to Custom Resources
- fix broken backups and restore
- much more testing of upgrades
- more resilient to nils
- [https://github.com/mattray/managed-automate2-cookbook/issues/9](airgap_bundle safe for multiple runs)
0.10.1
- catch failures on defined paths with no files
0.10.2
- changed automate_backup resource with following
- used backup_directory variable instead of fcp for creating backup script and cron
- fixed file resource issue
0.11.0
- refactor default recipe into separate install, upgrade, and restore recipes
- move upgrade action from automate_airgap_install into new automate_airgap_upgrade custom resource
- fix broken backup and restore resources
- API tests to ensure working restores
0.11.1
- [https://github.com/mattray/managed_automate-cookbook/issues/18](include the automate-credentials.toml in the backups)
0.11.2
- Cookstyle automated cleanups
BACKLOG
- [https://github.com/mattray/managed-automate2-cookbook/issues/8](wait for completion of upgrade before proceeding)
- replace attributes with inputs for InSpec 4 tests (ChefDK 4)
- download Automate by version here are all the versions: https://packages.chef.io/manifests/current/automate/versions.json And you can get a specific version's manifest by replacing latest in the first link with the build number e.g. https://packages.chef.io/manifests/current/automate/20191015190829.json Process for creating a bundle: • download that file to manifest.json • run chef-automate airgap bundle create -m manifest.json • that outputs a file and prints the instructions
Collaborator Number Metric
0.11.2 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.11.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.11.2 passed this metric
No Binaries Metric
0.11.2 passed this metric
Testing File Metric
0.11.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.11.2 passed this metric
0.11.2 failed this metric
0.11.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.11.2 passed this metric
No Binaries Metric
0.11.2 passed this metric
Testing File Metric
0.11.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.11.2 passed this metric
0.11.2 passed this metric
0.11.2 passed this metric
Testing File Metric
0.11.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.11.2 passed this metric
0.11.2 failed this metric
0.11.2 passed this metric