I am new to chef. I have successfully configured chef workstation and server.
So by using this below command I am able to launch only one instance:
knife ec2 server create –image ami-cc5af9a5 -i ram.pem –flavor m1.small -x root –groups chef-client -Z us-east-1a -r “role[webserver]”
By this command I can bootstrap only one node:
knife ec2 server create –image ami-a4827dc9 -i NVirginia.pem –flavor t2.micro -x root –groups RC-Corporation -Z us-east-1a -r "role[learn_chef_httpd]"
I want to launch and Bootstrap 100+ instances, so how can I customize these commands?
knife-ec2 is aimed at relatively small scale interactive usage and is not intended for this. Look at tools like CloudFormation, SparkleFormation, and Terraform.
Related
It would appear that "knife ec2" does not honor the "--bootstrap-version" argument that works with "knife bootstrap".
For Instance, this does not work:
knife ec2 server create -I ami-932c5be9 -f t2.small -S chef -i /home/ted/chef_key --ssh-user ted --subnet subnet-4cd9d113 --json-attributes '{"policy_name": "web_server", "policy_group": "prod"}' -N teds_apache_server -g "sg-dec3f883" --tags Lifecycle="PROD",Installer="Ted",Application="Apache",--region us-east-1 --server-connect-attribute private_ip_address --bootstrap-template /home/ted/chef-repo/.chef/bootstrap/bootstrap_prd.erb --availability-zone us-east-1c --bootstrap-version 13.6.4
Afterwards this instance would deploy but would not have the chef-client version 13.6.4 installed. I would have to do a knife node delete, knife client delete and ssh to the instance and uninstall the chef-client package. After that I can run:
knife bootstrap chef#10.10.1.1 -i /home/ted/chef_key --sudo --ssh-user chef --json-attributes '{"policy_name": "web_server", "policy_group": "prod"}' -N teds_apache_server --bootstrap-template /home/ted/chef-repo/.chef/bootstrap/bootstrap_prd.erb --bootstrap-version 13.6.4
...this will install the latest version. Any ideas on how to get this to work with knife ec2?
You're using a custom bootstrap-template file which probably ignores the bootstrap version attribute chef_version. Check https://github.com/juliandunn/chef-bootstrap-templates for a collection of bootstrap templates and the use of the chef_version variable as suggestion for your own.
Chefs default build-in-template respects the version to build the latest_current_chef_version_string value, see lib/chef/knife/core/bootstrap_context.rb
I am able to run openwhisk in my local dev machine. I like to extend this to production environment. Is there any concept of openwhisk cluster?. I am not able to find good documentation on this. How auto-load balancing is achieved, etcc..
OpenWhisk is deployed via ansible and as such can be distributed across multiple VMs in a straightforward way.
Check the README on distributed deployments for further information and guidance.
Openwhisk will use ansible to deploy the openwhisk
I followed the follwoing way for my distributed setup
First ensure ssh passwrod less connectivity to all the servers
git clone https://github.com/apache/incubator-openwhisk.git
Add the remote_user and private_key_file values to the defaults section of
the ansible.cfg file. The remote_user value sets the default ssh user. The
private_key_file is required when using a private key that is not in the
default ~/.ssh folder
[defaults]
remote_user = ubuntu
private_key_file=/path/to/file.pem
Go to tools/ubuntu-setup run all.sh to install all the required softwares.
Now modify the inventory files(hosts) for your first node. this can become your bootstrapper VM
Check if you are able to ping the hosts : ansible all -i environments/distributed/hosts -m ping
if ping is fine run the next commad to generate the config files: ansible-playbook -i environments/distributed/hosts setup.yml
For installing the pre requisites: ansible-playbook -i environments/distributed prereq_build.yml
Deploy registry: ansible-playbook -i environments/distributed registry.yml
Go to openwhisk home run the following command to build the Openwhisk
./gradlew distDocker -PdockerHost=:4243 -PdockerRegistry=:5000
Once the build is successful run the following commands from the ansible folder
ansible-playbook -i environments/distributed/hosts couchdb.yml
ansible-playbook -i environments/distributed/hosts initdb.yml
ansible-playbook -i environments/distributed/hosts wipe.yml
ansible-playbook -i environments/distributed/hosts openwhisk.yml
ansible-playbook -i environments/distributed/hosts postdeploy.yml
Now edit the host file for other hosts and repeat the steps 7-8 and 12
this will create the setup in all the nodes. once done, you can use a node balancer to load balance on that. for sync between db instances i m using couchdb continuous replication
I am trying to learn Chef and started installing its components. I have three micro EC2 RHEL7.X instances running on AWS. In those, one EC2 configured as chef-server, second Ec2 as workstation perfectly. But, when i try to bootstrap third EC2 from work station, i always get the following ERROR.
I used the bellow commands to install the client from workstation.
knife bootstrap -.-.-.- -x root -P password --node-name client ==> i do not have any password set for the client EC2 instance
Also tried
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo -i ./some.pem --run-list webserver
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo --identity-file ./some.pem --run-list webserver
Got Error
ERROR: Net::SSH::AuthenticationFailed: Authentication failed for user ec2-user#-.-.-.-#-.-.-.-
But never get this working. I know there are some AWS existing utilities around Chef but i want to use only with normal EC2 instances.
Any help on how can i do this in this scenario.
I created the SSL key for workstation and then added that key in client's “/home/ec2-user/.ssh/authorized_keys" and then ran the below command from workstation which got worked
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo --identity-file /home/ec2-user/keyworkstation --node-name client
I'm trying to create an AWS server in the region "Canada(Central)", which, according to the Amazon documentation (http://docs.aws.amazon.com/general/latest/gr/rande.html), is called ca-central-1.
The command I'm running is:
knife ec2 server create -I ami-70299b14 -f t2.nano -S my-key -i ~/.ssh/my-key.pem -ssh-user ubuntu --region ca-central-1 -Z ca-central-1a
And the error I get is:
ERROR: ArgumentError: Unknown region: "ca-central-1"
The ami I'm using is one that I've used to launch a server in the region using the online EC2 Management Console.
I created an IAM user and kay pairs in this region and have given the user all permissions on ec2 resources, and I've also created an inbound rule for ssh in the region. Is there something else I'm missing?
Unfortunately fog-aws only added this region very recently so there isn't yet support for it in knife ec2. Will hopefully be in the next ChefDK release in a few weeks. For now you can just create VMs either from the aws command line tool or the web UI, and then use knife bootstrap on them.
1: your knife.rb as
knife[:aws_access_key_id] = "AWS_ACCESS_KEY"
knife[:aws_secret_access_key] = "AWS_SECRET"
knife[:ssh_key_name] = 'my-key'
knife[:image] = 'ami-21414f36'
knife[:flavor] = 't2.micro'
knife[:region] = 'ca-central-1'
knife[:availability_zone] = 'ca-central-1a'
knife[:ebs_size] = 30
knife[:editor] = 'nano'
2: Generate Key Pair for Canada (Center)
3: Run the knife ec2 server create command.
knife ec2 server create -I ami-70299b14 -f t2.nano -ssh-user ubuntu --region ca-central-1 -Z ca-central-1a
That's worked for me
Try this command:
knife ec2 server create -N node_name -I ami-21414f36 -f t2.micro -x '.\key_ca' -P 'ec2#123' --ssh-key key --region ca-central-1 --availability-zone 'ca-central-1a' --ebs-size 30 --security-group-ids sg-75cbd50d --bootstrap-protocol winrm --winrm-transport ssl --winrm-ssl-verify-mode verify_none
I'm having some kind of authentication issue when trying to launch server instances in EC2 with the knife command.
I'm using a command like:
knife ec2 server create --availability-zone us-east-1d --node-name ES-test --flavor t1.micro --image ami-fd20ad94 --identity-file something-dev.pem --ssh-user ubuntu -r 'recipe[something-elasticsearch::default]'
And there are 2 points of failure. The first comes relatively early on.
Waiting for instance...........................
Subnet ID: subnet-61dfa849
Private IP Address: 10.0.0.43
done
Bootstrapping Chef on 10.0.0.43
Failed to authenticate ubuntu - trying password auth
Enter your password:
I should be able to authenticate as Ubuntu with no password here. In fact, if I allow the provisioning to continue and try to ssh to the generated instance with something like:
ssh -i something-dev.pem ubuntu#10.0.0.43
...it will work. So why is the knife command itself failing to authenticate?
I had the same problem as above and tried the ssh-add as suggested by Rico above. Although I still got the prompt for a password, hitting enter on a blank password then allowed the process to continue.
Failing that, the -V verbose output option may give you more insight.
I found this to work well for me.
bundle exec knife ec2 server create -r "role[websphere]" -I ami-cb94868e --flavor m1.small -G default --ssh-user ubuntu -N server01 -S whatever --identity-file .chef/whatever.pem
Also consider that when you download the .pem from AWS, you need to chmod 400 whatever.pem