Menu

Chef Supermarket

Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

View our collection of guides, documentation, and articles

Cookbooks
Advanced Options

Select Badges

Select Supported Platforms

Select Status

RSS

managed_automate (9) Versions 0.11.3

Installs and configures a Chef Automate 2 server

Policyfile
Berkshelf
Knife 
cookbook 'managed_automate', '= 0.11.3', :supermarket
cookbook 'managed_automate', '= 0.11.3'
knife supermarket install managed_automate
knife supermarket download managed_automate
README
Dependencies
Changelog
Quality 50%

managed_automate

Deploys and configures the Chef Automate 2 server in an airgapped, stateless model.

Recipes

default

Calls the install recipe.

install

Installs Chef Automate on a single air-gapped box in a new deployment. Download the chef-automate command before using this recipe (the airgap_bundle recipe does this) and copy it to the node['ma'][chef-automate] location. The AIB file may be a URL or file, similar to this:

node['ma']['install']['file'] = '/tmp/test/automate-20190813170406.aib'

The server will be tuned for passing Automate's preflight-check and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.

restore

Restores Chef Automate on a single air-gapped box in a new deployment from a previous backup. Download the chef-automate command before using this recipe (the airgap_bundle recipe does this) and copy it to the node['ma'][chef-automate] location. The AIB and restore files may be URLs or files, similar to this:

node['ma']['install']['file'] = '/tmp/test/automate-20190813170406.aib'
node['ma']['restore']['file'] = '/tmp/test/automate-backup-20190902064704.tgz'

The server will be tuned for passing Automate's preflight-check and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.

upgrade

Upgrades Chef Automate on a single air-gapped box from an existing deployment. Download the chef-automate command before using this recipe (the airgap_bundle recipe does this) and copy it to the node['ma'][chef-automate] location. The upgrade file may be a URL or file, similar to this:

node['ma']['upgrade']['url'] = 'file://localhost/tmp/test/automate-20190820163418.aib'

The server will be tuned for passing Automate's preflight-check and swap will be disabled and the heapsize for Elasticsearch will be set to 1/2 total memory. The license may be referred as a file, URL, or a string in an attribute.

airgap_bundle

This recipe requires internet access and is used to download the chef-automate CLI and create an airgap installation bundle (AIB file) from the "current" release channel. It copies the downloaded AIB file to a destination directory (the filename may be overridden with an attribute). It will check if new files are available and a full AIB download is currently almost 800 megabytes, so you may want to limit it to daily usage.

backup

Runs chef-automate backup via cron and copies tarballs of the backups to a destination directory. The default is 2:30am daily, but you may change the cron schedule via the following attributes. The automate-credentials.toml from the initial install or restored backup is included in the backup if available.

node['ma']['backup']['cron']['minute'] = '30'
node['ma']['backup']['cron']['hour'] = '2'
node['ma']['backup']['cron']['day'] = '*'

Testing with Test Kitchen

The included kitchen.yml provides testing scenarios for the following (the 14/15 prefixes indicate which Chef client version is used):

  • aib-download: creates an airgap bundle for installing Automate offline. It writes chef-automate and the .aib files to the shared test directory.
  • aib-filename: creates an airgap bundle for installing Automate offline with a given name set via the node['ma']['aib']['file'] attribute. It writes chef-automate and the .aib files to the shared test directory.
  • default: tests installing from a previously downloaded chef-automate and .aib file. Use the aib-download suite to create this if necessary to the shared test directory.
  • url: tests installing from a previously downloaded .aib and license via URLs.
  • upgrade: tests installing and upgrading an installation.
  • backup: install and configure backups.
  • restore: restore an installation from a backup .tgz and an installation .aib file.
  • full: performs both the airgap bundle creation, restore and scheduling of backups.

.kitchen.yml

The .kitchen.yml sets the VM to have the private IP 192.168.33.33. If you want to use the Automate web UI, you will need to get the self-signed certificate created with the installation

  1. Use knife ssl fetch https://192.168.33.33 to pull the default-centos-7.vagrantup.com.crt.
  2. Install the certificate on your workstation. Under MacOS I used the Keychain Access application and did File->Import Items and selected the certificate. I then set the permissions to allow everything and deleted it when I destroyed the Vagrant machine.
  3. Connect to https://192.168.33.33 which will redirect to default-centos-7.vagrantup.com or one of the other suites. This works with Chrome, not Firefox.
  4. If you're following the examples in https://automate.chef.io/docs/iam-v2-api-reference/ you can add 192.168.33.33 automate.example.com to your /etc/hosts.

You will probably need to update the license, directories and AIB files used for your testing. To use a license key, store it in your policyfiles/default.rb similar to this:

override['ma']['license']['string'] = 'thisisnotareallicence_dHlwZSI6ImNvbW1lcmNpYWwiLCJnZW5lcmF0b3IiOiJjaGVmL2xpY2Vuc2UtMi4wLjAiLCJrZXlfc2hhMjU2IjoiZTBkZjI4YzhiYzY4MTUwZWRiZmVmOThjZDZiN2RjNDM5YzFmODBjN2U3ZWY3NDc4OTNhNjg5M2EyZjdiNjBmNyIsImdlbmVyYXRpb25fZGF0ZSI6eyJzZWNvbmRzIjoxNTM0MzQ0MjkwfSwiY3VzdG9tZXIiOiJXZXN0cGFjQVUgLSBBdXRvbWF0ZSAtIE5ldyAtIDMwMDAgTm9kZXMiLCJjdXN0b21lcl9pZCI6Ijg4OEU4NUU3LTY2MUEtNEZGQS04MjlFLTNCRTIyREQyNEU4RCIsImN1c3RvbWVyX2lkX3ZlcnNpb24iOiIxIiwiZW50aXRsZW1lbnRzIjpbeyJuYW1lIjoiQ2hlZiBBdXRvbWF0ZSIsIm1lYXN1cmUiOiJub2RlcyIsInN0YXJ0Ijp7InNlY29uZHMiOjE1MzQyOTEyMDB9LCJlbmQiOnsic2Vjb25kcyI6MTU2NDYxNzU5OX19XX0.AMNR0uiRQgLsfi-W4dBQ5K6EH1HUSK_AFPSIXzzkEn1gAiLjgGwfB3L7oxxrihgV8w8U8Vsxeal_CGg5GI99le3FAYYt5wdCG-8VZNScVcyL8xCIdPUyl0ZV-NLjyhLzf5JKrl9E1dTBzMrh__OsNx34TgRLZ-xNKNekUAy9sVdyHryf'```

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

managed-automate2 CHANGELOG

This file is used to list changes made in each version of the managed-automate2 cookbook.

0.1.0

  • Initial release.
  • airgap_bundle downloads aib file
  • default recipe installs automate

0.2.0

  • default recipe configures to pass preflight check

0.3.0

  • default recipe applies license

0.4.0

  • relax Chef version to 13 from 14, adding sysctl cookbook

0.5.0

  • aib as a URL or a file in the default recipe
  • license as a URL or a string in the default recipe

0.6.0

  • Original AIB filename is now preserved in addition to generic name.
  • Add support for backup recipe and restoring from a backup file.

0.7.0

  • refactored install/restore/upgrade logic to manage upgrades

0.7.1

  • code cleanup and updated tests

0.8.0

  • added Elasticsearch tuning via the private _elasticsearch.rb recipe

0.9.0

  • move to Chef 14/15 and add testing support
  • remove sysctl cookbook dependency

0.10.0

0.10.1

  • catch failures on defined paths with no files

0.10.2

  • changed automate_backup resource with following
    • used backup_directory variable instead of fcp for creating backup script and cron
    • fixed file resource issue

0.11.0

  • refactor default recipe into separate install, upgrade, and restore recipes
  • move upgrade action from automate_airgap_install into new automate_airgap_upgrade custom resource
  • fix broken backup and restore resources
  • API tests to ensure working restores

0.11.1

0.11.2

  • Cookstyle automated cleanups

0.11.3

BACKLOG

Collaborator Number Metric 
            
0.11.3 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric 
            
0.11.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric 
            
0.11.3 passed this metric

No Binaries Metric 
            
0.11.3 passed this metric

Testing File Metric 
            
0.11.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric 
            
0.11.3 passed this metric

Matt Ray Matt Ray

Details

View Source View Issues

Updated November 13, 2019 Created on

Supported Platforms

  • centos >= 0.0.0
  • redhat >= 0.0.0

License

Apache-2.0

Required Chef Infra Client

(>= 14)

Download Cookbook