-
-
Save bknowles/1314695 to your computer and use it in GitHub Desktop.
Revisions
-
Eric G. Wolfe revised this gist
Oct 20, 2011 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -77,4 +77,7 @@ cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' cookbook_email ENV['COOKBOOK_EMAIL'] || '[email protected]' ``` Credits ======= This was partly adapted from Stephen Nelson-Smith's (@LordCope) book Test-Driven Infrastructure with Chef (http://shop.oreilly.com/product/0636920020042.do). -
Oct 20, 2011 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -77,4 +77,4 @@ cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' cookbook_email ENV['COOKBOOK_EMAIL'] || '[email protected]' ``` This was partly adapted from Stephen Nelson-Smith's (@LordCope) book Test-Driven Infrastructure with Chef (http://shop.oreilly.com/product/0636920020042.do). -
Oct 20, 2011 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -75,4 +75,6 @@ If you commit all your Community Cookbooks under corporate copyright rather than cookbook_license 'apachev2' cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' cookbook_email ENV['COOKBOOK_EMAIL'] || '[email protected]' ``` This was partly adapted from Stephen Nelson Smith's book Test-Driven Infrastructure with Chef (http://shop.oreilly.com/product/0636920020042.do). -
Oct 20, 2011 . 1 changed file with 4 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -46,18 +46,21 @@ Knife configuration This is the actual knife configuration file, which we can drop off in the chef-repo/.chef directory. I will explain the important parts, so you can modify this to fit your own needs easily. Note, once you drop this off in your chef-repo, your ~/.chef/knife.rb will no longer work. Set a local Ruby variable "user" equal to the OPSCODE_USER or the Unix ENV variable USER. ``` user = ENV['OPSCODE_USER'] || ENV['USER'] ``` Switching back and forth between different keys and user names occurs by changing, and exporting, the OPSCODE_USER and ORGNAME Bash environment variables. ``` client_key "#{ENV['HOME']}/.chef/#{user}.pem" validation_client_name "#{ENV['ORGNAME']}-validator" validation_key "#{ENV['HOME']}/.chef/#{ENV['ORGNAME']}-validator.pem" ``` I used an if/then/else block to switch the URL of my Chef server based on the "orgname". You could use a CHEF_SERVER environment variable in your ~/.bashrc if that would work better for you. Obviously you'll want to change the hardcoded 'corporate' string to match your Opscode platform orgname, and also edit the chef_server_url to point another Chef server. ``` if ENV['ORGNAME'] == 'corporate' chef_server_url "https://api.opscode.com/organizations/#{ENV['ORGNAME']}" @@ -67,6 +70,7 @@ end ``` If you commit all your Community Cookbooks under corporate copyright rather than individual developer names, then you might want to hardcode the company name and a generic development team e-mail address. This way, your developers don't have to set COOKBOOK_COPYRIGHT or COOKBOOK_EMAIL. The command 'knife cookbook create <cookbook name>' will fill in the company name as the cookbook maintainer, and copyright owner in that case. ``` cookbook_license 'apachev2' cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' -
Oct 20, 2011 . 1 changed file with 35 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ Overview ======== Here is an example shared configuration for knife. You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife configuration to interact with more than one Chef server, or the Opscode platform. By using Bash functions and environment variables we can change the chef server, which knife is configured to use, on the fly. @@ -38,4 +38,37 @@ Bash functions The knife-reset function simply sets my OPSCODE_USER variable equal to my internal Chef server username, and ORGNAME equal to "chef". It then exports the variables so my knife configuration gets reset back to my primary Chef server. My ginsu function sets my OPSCODE_USER variable equal to my Opscode platform username, and ORGNAME equal to my Opscode organization name. It then exports the variables and passes any parameters to the knife command. This way I can do a 'ginsu cookbook site share yumrepo "Package Management"' to upload my yumrepo cookbook to the Community Cookbook site. Knife configuration =================== This is the actual knife configuration file, which we can drop off in the chef-repo/.chef directory. I will explain the important parts, so you can modify this to fit your own needs easily. Note, once you drop this off in your chef-repo, your ~/.chef/knife.rb will no longer work. Set a local Ruby variable "user" equal to the OPSCODE_USER or the Unix ENV variable USER. ``` user = ENV['OPSCODE_USER'] || ENV['USER'] ``` Switching back and forth between different keys and user names occurs by changing, and exporting, the OPSCODE_USER and ORGNAME Bash environment variables. ``` client_key "#{ENV['HOME']}/.chef/#{user}.pem" validation_client_name "#{ENV['ORGNAME']}-validator" validation_key "#{ENV['HOME']}/.chef/#{ENV['ORGNAME']}-validator.pem" ``` I used an if/then/else block to switch the URL of my Chef server based on the "orgname". You could use a CHEF_SERVER environment variable in your ~/.bashrc if that would work better for you. Obviously you'll want to change the hardcoded 'corporate' string to match your Opscode platform orgname, and also edit the chef_server_url to point another Chef server. ``` if ENV['ORGNAME'] == 'corporate' chef_server_url "https://api.opscode.com/organizations/#{ENV['ORGNAME']}" elsif ENV['ORGNAME'] == 'chef' chef_server_url 'http://chef.example.com:4000' end ``` If you commit all your Community Cookbooks under corporate copyright rather than individual developer names, then you might want to hardcode the company name and a generic development team e-mail address. This way, your developers don't have to set COOKBOOK_COPYRIGHT or COOKBOOK_EMAIL. The command 'knife cookbook create <cookbook name>' will fill in the company name as the cookbook maintainer, and copyright owner in that case. ``` cookbook_license 'apachev2' cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' cookbook_email ENV['COOKBOOK_EMAIL'] || '[email protected]' ``` -
Oct 20, 2011 . 1 changed file with 7 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,16 +1,16 @@ Overview ======== Here is an example shared configuration for knife. You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife config. By using Bash functions and environment variables we can change the chef server, which knife is configured to use, on the fly. NOTE: knife will probably ignore your ~/.chef/knife.rb once you begin using a shared knife.rb in your chef-repo directory. Preparation =========== So that we can interact with api.opscode.com, and an internal Open Source Chef server, you'll need to name your keys according to your Chef server username, Opscode username, and Opscode platform organization name. Assuming you already have a ~/.chef directory, we'll organize it like so. 1. Re-name your Open Source chef-server key according to your username on that system. 2. Re-name your Opscode API key according to your Opscode platform username, for example I would move my Opscode key to ~/.chef/atomic-penguin.pem to correspond to my own username. @@ -19,7 +19,7 @@ Preparation Environment in ~/.bashrc ====================== Somewhere near the end of my ~/.bashrc, I am going to set 4 environment variables which will later be referenced in my shared knife configuration. I am also going to use a couple of Bash functions to switch context between multiple servers. Environment variables --------------------- @@ -34,8 +34,8 @@ The variables are as follows. Bash functions -------------- I have two knife related Bash functions in my ~/.bashrc file. I use a function called "ginsu" to interact with the Opscode API. Then I use the "knife-reset" function to restore default behavior to interact with our internal Chef server. This is just an example, you could use the ginsu function as a template. This way you could have an "opscode-knife" function, or maybe "prod-knife", "dev-knife", or "preprod-knife" to correspond to different servers or environments. The knife-reset function simply sets my OPSCODE_USER variable equal to my internal Chef server username, and ORGNAME equal to "chef". It then exports the variables so my knife configuration gets reset back to my primary Chef server. My ginsu function sets my OPSCODE_USER variable equal to my Opscode platform username, and ORGNAME equal to my Opscode organization name. It then exports the variables and passes any parameters to the knife command. This way I can do a 'ginsu cookbook site share yumrepo "Package Management"' to upload my yumrepo cookbook to the Community Cookbook site. -
Oct 20, 2011 . 1 changed file with 29 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,17 +1,41 @@ Overview ======== Here is an example shared configuration for knife. You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife config. By using Bash functions and environment variables we can change the chef server, which knife is configured to use, on the fly. NOTE: knife will probably ignore your ~/.chef/knife.rb once you begin using a shared knife.rb in your chef-repo directory. Preparation =========== So that we can interact with api.opscode.com, and an internal Open Source Chef server, you'll need to name your keys according to your Chef server username, Opscode username, and Opscode platform organization name. Assuming you already have a ~/.chef directory, we'll organize it like so. 1. Re-name your Open Source chef-server key according to your username on that system. 2. Re-name your Opscode API key according to your Opscode platform username, for example I would move my Opscode key to ~/.chef/atomic-penguin.pem to correspond to my own username. 3. Re-name your Organization validation key so that it corresponds to your organization's name on the Opscode platform. For example, move your Opscode organization validation key to ~/.chef/companyname-validator.pem. Environment in ~/.bashrc ====================== Somewhere near the end of my ~/.bashrc, I am going to set 4 environment variables which will later be referenced in my shared knife configuration. I am also going to use a couple of Bash functions to switch context between multiple servers. Environment variables --------------------- The variables are as follows. 1. OPSCODE_USER - Set to your primary username. This should be either your internal chef-server username or Opscode platform username. 2. ORGNAME - Should be set to "chef" for an internal chef-server. Set this as your Opscode platform orgname, if using that as your primary Chef server. 3. COOKBOOK_COPYRIGHT - Set to your full name. 4. COOKBOOK_EMAIL - Set to your e-mail address. Bash functions -------------- I have two knife related Bash functions in my ~/.bashrc file. I use a function called "ginsu" to interact with the Opscode API. Then I use the "knife-reset" function to restore default behavior to interact with our internal Chef server. This is just an example, you could use the ginsu function as a template. This way you could have an "opscode-knife" function, or maybe "prod-knife", "dev-knife", or "preprod-knife" to correspond to different servers or environments. The knife-reset function simply sets my OPSCODE_USER variable equal to my internal Chef server username, and ORGNAME equal to "chef". It then exports the variables so my knife configuration gets reset back to my primary Chef server. My ginsu function sets my OPSCODE_USER variable equal to my Opscode platform username, and ORGNAME equal to my Opscode organization name. It then exports the variables and passes any parameters to the knife command. This way I can do a 'ginsu cookbook site share yumrepo "Package Management"' to upload my yumrepo cookbook to the Community Cookbook site. -
Oct 20, 2011 . 1 changed file with 12 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,4 +3,15 @@ Overview Here is an example shared configuration for knife. You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife config. By using Bash functions and environment variables we can change the chef server, which knife is configured to use, on the fly. NOTE: knife will probably ignore your ~/.chef/knife.rb once you begin using a shared knife.rb in your chef-repo directory. Preparation =========== So that we can interact with api.opscode.com, and an internal Open Source Chef server, you'll need to name your keys according to your Chef server username, and Opscode username. Assuming you already have a ~/.chef directory, we'll organize it like so. 1. Re-name your Open Source chef-server key according to your username on that system. 2. Re-name your Opscode API key according to your Opscode platform username, for example I would move my Opscode key to ~/.chef/atomic-penguin.pem to correspond to my username. 3. Re-name your Organization validation key so that it corresponds to your organization's name on the Opscode platform. For example, move your Organizational validation key to ~/.chef/orgname-validator.pem. -
Oct 20, 2011 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,6 @@ Overview ======== Here is an example shared configuration for knife. You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife config. By using Bash functions and environment variables, we can change the chef server which knife is configured to use, on the fly. -
Oct 20, 2011 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,7 +4,7 @@ COOKBOOK_EMAIL='[email protected]' export OPSCODE_USER ORGNAME COOKBOOK_COPYRIGHT COOKBOOK_EMAIL # reset knife variables to "corporate" after running "ginsu" function function knife-reset { OPSCODE_USER=corp-username ORGNAME=chef -
Oct 20, 2011 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,12 +4,14 @@ COOKBOOK_EMAIL='[email protected]' export OPSCODE_USER ORGNAME COOKBOOK_COPYRIGHT COOKBOOK_EMAIL # knife-reset variables to corporate after running "ginsu" function function knife-reset { OPSCODE_USER=corp-username ORGNAME=chef export OPSCODE_USER ORGNAME } # knife alias, "ginsu" for interacting with api.opscode.com function ginsu { OPSCODE_USER=opscode-username ORGNAME=corporate -
Oct 20, 2011 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,18 @@ OPSCODE_USER=corp-username ORGNAME=chef COOKBOOK_COPYRIGHT='Full Name Here' COOKBOOK_EMAIL='[email protected]' export OPSCODE_USER ORGNAME COOKBOOK_COPYRIGHT COOKBOOK_EMAIL function knife-reset { OPSCODE_USER=corp-username ORGNAME=chef export OPSCODE_USER ORGNAME } function ginsu { OPSCODE_USER=opscode-username ORGNAME=corporate export OPSCODE_USER ORGNAME knife "$@" } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,19 @@ current_dir = File.dirname(__FILE__) user = ENV['OPSCODE_USER'] || ENV['USER'] log_level :info log_location STDOUT node_name user client_key "#{ENV['HOME']}/.chef/#{user}.pem" validation_client_name "#{ENV['ORGNAME']}-validator" validation_key "#{ENV['HOME']}/.chef/#{ENV['ORGNAME']}-validator.pem" if ENV['ORGNAME'] == 'corporate' chef_server_url "https://api.opscode.com/organizations/#{ENV['ORGNAME']}" elsif ENV['ORGNAME'] == 'chef' chef_server_url 'http://chef.example.com:4000' end cache_type 'BasicFile' cache_options( :path => "#{ENV['HOME']}/.chef/checksums" ) cookbook_path ["#{current_dir}/../cookbooks", "#{current_dir}/../site-cookbooks"] cookbook_license 'apachev2' cookbook_copyright ENV['COOKBOOK_COPYRIGHT'] || 'Corporate, Inc.' cookbook_email ENV['COOKBOOK_EMAIL'] || '[email protected]'
Eric G. Wolfe
revised
this gist