Introduction

Puppet is a Ruby based Configuration Management System with client/server model,  licensed under GPLv2 .It has one Master server puppetmasterd  and all other machines are configured as puppet clients . We set configurations at the puppet server and then push them to all clients which are connected to the master. The client puppet correctly applies the corresponding configurations on the client machine regardless of their platform difference.

Puppet is a gift to the server administrators who need to manage a large number of systems with different flavor of Gnu/Linux, Mac, Solaris and other Unix Based systems.If we are managing systems via remote administration then it would be a headache to the administrator and if the systems are different then the complexity will increase. Some accidental configuration changes may cause inconsistent working of the server. If we are using the Puppet for the configuration management then it will be a one time implementation of these configuration changes only at puppet server, then we just apply them to different puppet clients without any delay.

Another power of the puppet is it uses a Declarative Language to define configuration settings at the puppet master server. This language includes all major high level language features like Functions, Conditional Statements, Inheritance and other OOPs concepts. This feature makes for more readable , reusable and consistent Puppet configurations settings, when we compared with other configuration management tools like Cfengine.

Working

Puppet master server stores all client configurations, and  each client will contact the server via port 8140 (by default). The connection between server and client is encrypted. The client will generate a self-signed key before it connects to server and will submit this self-signed key to the master server and get the verified key back. Here master server acts like a Certification Authority. After this process, the client will establish a encrypted session with the server and get the configuration settings, then compile and apply it on client system. When the client compiles the configurations from server it may rise error messages if  there are any syntax errors in the configuration definitions. We can verify this on the puppet server and client log file.

Here is the outline of puppet server and client Architecture

Puppet Architecture

Puppet Architecture

Installation

Before installing Puppet, we need to setup some dependencies. First we need ruby with common library files(xml,ssl,etc.) installed, and facter, which is another ruby project that gathers all system information. Facter will be installed in all puppet clients. The puppet server retrieves the client configuration settings and other system-specific details from facter.

You can use the ruby’s built-in library management tool rubygem(rake) (similar to CPAN for Perl) to solve the dependency problems with libraries.

Facter installation :-

Get latest version from www.reductivelabs.com

1 tar -zvf facter-<version>.tar.gz
2  
3 cd facter
4  
5 ruby install.rb
6  
7 facter --version

Puppet installation :-

If we are installing from the package manager, there will be two packages: puppetd as the client and puppet-master as the Puppet server. We need to install both to setup the client and server, and both can be installed from the source code.

Download latest package from the www.puppetlabs.com, then similar to facter installation:

1 tar -xzvf puppet-<latest version>;
2  
3 cd puppet-<latest-version>;
4  
5 ruby install.rb
6  
7 #Create user and group for puppet
8 groupadd puppet
9 useradd -g puppet puppet

This step will install the required packages for the Puppet client and server. If you have any dependency problems then it might be due to a version mismatch problem between ruby/puppet/facter, so select correct the versions.

By default, the configuration files are listed under /etc/puppet and all others are in the /var/lib/puppet  folder (including log files).

Currently Puppet support all major Unix like systems but not Windows.The latest versions of the Puppet has introduced support for the Windows operating system by developing Windows specificfacter tool.

How to configure Puppet server :-

After  successful installation of the Puppet master server and client, there is a set of daemons associate with this package as well as command line utilities to manage these daemons. They are:

1 puppetmasted       #Puppet Master Server
2  
3 puppetd            #puppet Client.
4  
5 puppetca           #Key management daemon
6  
7 #and Set of other Utility commands.

Puppet  work without creating configuration files explicitly; they are already pre-configured. But to start the interaction with clients we need to make some changes. First, we can check the structure of the puppet configuration file.

It’s a good practice maintaining an explicit puppet configuration file;the latest versions of puppet use single configuration file to manage every daemons. By default, configuration files are stored under /etc/puppet. We save  all the configuration details of major daemons at /etc/puppet/puppet.conf.The puppet.conf use a special type of configuration structure to include every daemon’s configuration details,described below:

01 #Cat /etc/puppet/puppet.conf
02  
03 [main]
04  
05 Here We specify a set of configuration details common to all daemons.
06  
07 [puppetmasterd]
08  
09 Here comes the Puppet master server configuration details.
10  
11 [puppetd]
12  
13 To include the Puppet client configurations.
14  
15 [puppetca]
16  
17 Configuration details of puppet key management tool.

To get all the parameters under each daemons and main section with its functional details, please refer this page

How to Connect Puppet Client with Puppet Server

To set up a client we  just have to install the puppet client version or every package in another system.Your master server is now capable to work as a puppet client also. At the master server we need to specify the set of configuration that will guide how to change the configurations at clients.

Puppet server and client use Hostname to communicate with each other and also used to generate ssh key and key verification etc.., so we need a stable hostname resolution system (DNS or Local settings) in our network to ensure the proper connection between clients and server.So select proper hostnames to your server and clients like:

puppet-server.com #For your Master Server

puppet-client1.com,puppet-client2.com,etc... #Your clients.

After the hostname allocation we need to start the server and client daemons.Use command line options now to know the more about the interactions between client and server.

To start the master server :-

1 puppetmasterd --no-daemonize --logdest console

Then Start the puppet Client, specify the server name

1 puppetd --server puppet-server.com --verbose --waitforcert 30

On the client side we will get the message regarding the creation of a self signed key and waiting for server verification.

1 Creating a new SSL key for puppet-client.com
2 Creating a new SSL certificate request for puppet-client.com
3 Certificate Request fingerprint (md5): 37:89:4E:86:C0:A7:5B:24:1A:E2:9B:85:83:90:0F:CE
4 Did not receive certificate

At the same time server side we will get the following message.

1 notice: Starting Puppet master version 2.6.0
2 notice: puppet-client.com has a waiting certificate request

To proceed further , at server side we need to verify this key from the puppet-client.com. For that we can use the key management tool puppetca.

1 puppetca --list  #To list the unverified requests.
2  
3 puppetca --sign puppet-client.com  # To complete the verification process.

Now If we are restarting the puppet client with following command, you can see the client will immediately apply the configurations. You can check this from the log file or from the console if you are running the client in none daemonize mode.

1 puppetd --server puppet-server.com

Note:- If we are specify these settings at puppet.conf then you can just type the commands without any parameters to start appropriate daemons.

The Configuration Management

Last and very powerful feature of the puppet is the way Puppet server define the Client configurations. For that Puppet use one declarative language which support most of the high level language constructs like OOPs. So lets try one simple configuration which change the permission of /etc/passwd file at all the clients connected with server to 640 and check Apache webserver installed or not , if not, puppet client will install it automatically.

These configuration specifications are defined under a file “/etc/puppet/manifests/site.pp” by default, we can split this file in to several files then include them at sites.pp.

Here is the sample site.pp file.

01 file { "password":
02 name => "/etc/passwd",
03  owner => "root",
04  group => "bin",
05  mode => 644,
06 }
07  
08 class apache {
09  
10 package {       httpd: ensure => installed  }
11  
12 service { "httpd":
13  
14 name => $operatingsystem ? {
15 debian  => "apache2",
16 redhat  => "httpd",
17 default => "apache",
18 CentOS  => "httpd",
19 },
20 ensure => running,
21 require => Package["httpd"],
22 }
23 }
24  
25 node 'puppet-client.com' {
26 include apache
27 }
28 #All other nodes they don't have definitions associated with them will use the following node definition.
29  
30 node default {
31 case $operatingsystem {
32 CentOS: {include apache }
33 default: {}
34 }
35 }

The above file is the Puppet client configuration specification written in puppet declarative language on puppet master server.

This language has a lot of constructs to define the resource and its properties.Using these constructs we manage the resources on client systems. The types of resources that puppet manages are listed bellow, plus we can add our own customized resources to mange.

Type of Resources that puppet can manage, by default:-

  • Files
  • Packages
  • Services
  • Corn Jobs
  • Users and Groups
  • To run Shell Commands
  • And User defined resource types

Each of the above resources has a set of attributes or properties and values. Using the puppet configuration language, we can set the corresponding property values. The resource can defined by providing three main parameters: Resource type name, then inside braces({}) title of the resource and set of property values. From the above example, take the resource of type Filewith title name “password” inside that we have set of property values like name,owner,groups etc… so if a client successfully connect to server,the client puppet will apply these setting on client machine. If we change this property values, after next interval we can see the client will successfully apply it.

In this way we can control the resource configurations. On our networks there should be  different types of systems (Redhat,Debian,etc..),and they have some changes in the structure of the files and other package names, so here we need to apply the configurations based on the type of clients.Puppet provide Conditional statements (if and case ) to check and apply configurations depending on client architecture. For that we need some system information from the client andfacter will provide these details. We can use that information in the puppet configuration specifications like a variable, for example: $operatingsystem (You can see all the details that facter will provide by just typing the command facter at command prompt.)

Similarly, we can specify the rules based on the client name, and using the OPPs constructs we can define the classes and reuse them with other client definitions. You can find some of them from  above example site.pp file.You can do a high level configuration design using puppet language. To learn more about the language constructs, please check the puppet online wiki or a nice book  which describe everything associated with Puppet by James Turnbull(Pulling Strings with Puppet.)

Posted by 사랑줍는거지
,

한동안 회사일로 Chef Server/Client (CentOS기반) 구축문서 마무리를 못했었는데, 일신상의 이유로 여유가 생겨 다시 이어서 작성하고자 OPScode의 Installation Wiki문서를 찾았다. 그런데... 또 바뀌었다..ㅡㅡ;; 
이전의 번거롭던 설치 과정이 다 필요 없어졌다. CentOS든 FrameOS든 VM어플라이언스 형태로 제공되기 시작한듯 하다. 여기에 FrameOS의 경우, RPM(yum)를 통해서도 설치를 지원한다. 희소식이긴 하나, 이전의 나의 삽질은 정말 삽질이 되버렸다. 물론 도움은 많이 되었고, Chef운용에도 여전히 참조될 정보들이긴 하나, 좀 허무하다~ ㅎㅎ;;

자세한 정보는 아래 링크주소와 스크랩 내용을 참조....
http://wiki.opscode.com/display/chef/Installation+on+RHEL+and+CentOS+5+with+RPMs

RPM Package Support Deprecated

RPM installation via ELFF has been deprecated, as the RPM based approach has proved difficult to maintain with the fast moving nature of the rubygems ecosystem. Please refer to Install Chef Server From Rubygems, or Install Chef Client with Rubygems for an Opscode supported approach.

Community RPM Package Support

Community members are actively working on third-party repositories for Chef on Redhat based distributions - some of which Opscode has used successfully with some customers.

These are not officially supported by Opscode for Opscode Platform customers, and we have not committed time to testing and ensuring the functionality of these packages with Chef. They may still be options community users want to consider, turning to the Open Source Community Help Resources for support.

Alternate RPM Repositories

Alternatives that leverage RVM

Pre-built, RPM based Virtual Appliances

Futures


The future solution to this problem will be full-stack installers delivered both as stand-alone installable binaries and native packages, but with the entire dependency chain included. That this is the right solution is starting to be pretty widely embraced - you can see the evidence in several past package maintainers for chef moving to a model exactly like this.

Opscode has an full-stack or 'fatty' installer in development. Further information and detail regarding the 'fatty' installer will be forthcoming as it progresses through product planning.

 








Posted by 사랑줍는거지
,

OPScode측의 설치 과정 간소화와 업데이트로 하기 내용이 틀린것은 아니지만, 비효율적이라 판단되어 폐기 합니다. 참고만 하고 권장하지는 않음....

신규로 작성된 글 참조 하길 바람.  
http://call518.tistory.com/122


Chef Server/Client 구조를 설치하고 히스토리 남긴다... 3초머리를 가진탓에 어디든 메모를 해둬야 찝찝하지 않다.
최근 Chef Server/Client를  설치 하는 도중 opscode의 설치 가이드 문서가 확~바꼈다...
설치 초기에는 RPM기반으로 설치를 지원했었는데, 가이드 문서를 참조해서 설치를 조금씩 진행중이었는데, 중간에, 애네들이 RPM이나 Repo를 관리하기 귀찮았는지, 아래와 같은 공지와 함께, rubygem으로만 설치를 지원하고, RPM위주의 기존 방식은 폐기한다고 하는것 같다. 뭐 어떻게든 이용하는데는 문제 없겠으나, 좀 아쉽다.
바뀐 문서의 개략적인 절차는 Chef-Solo를 먼저 설치해서, 이 Chef-Solo와 Bootstrap를 이용해 다시, Server나 Client를 설치 하는것 같다.

http://wiki.opscode.com/display/chef/Installation+on+RHEL+and+CentOS+5+with+RPMs

RPM Package Support Deprecated

RPM installation via ELFF has been deprecated, as the RPM based approach has proved difficult to maintain with the fast moving nature of the rubygems ecosystem. Please refer to Install Chef Server From Rubygems, or Install Chef Client with Rubygems for an Opscode supported approach.

 



본 설치문서는, 갱신된 아래 문서를 참조로 작성되었으니, 본 자료가 불충분하다면, 원본 가이드 문서를 참조 하길....


가이드 문서가 지원하는 플랫폼

Chef-Server

  • Ubuntu 8.10 through 10.04
  • Debian 5.0 (stable, testing, unstable)
  • CentOS 5.x (should work on RHEL 5.x, too)



Chef-Client
(문서는 공식적으로 CentOS 5.3을 기준으로 작성되었다. 진행해보면 약간의 버전차로 에러가 다소 발생한다.)

  • Ubuntu 8.04+
  • Debian 5.0+
  • CentOS 5.3+
  • Red Hat 5.3+
  • Fedora 10+
  • OpenBSD 4.6+
  • FreeBSD 7.1+
  • Gentoo 1.12.11.1+



* 설치 작업은 root권한으로 진행
* 대부분의 Source 저장이나 작업 위치는 /usr/local/src에서 진행
* IP

- Sercer : 192.168.100.102
- Client : 192.168.100.101 , hostname : foo.bar (/etc/hosts 에 eth0 아이피와 함께 반드시 등록)




[Chef-Server]

Server IP : 192.168.100.102

설치전 조건으로 hostname은 반드시 FQDN이어야 한다. 각자가 알아서 이부분은 처리한다. /etc/hosts파일을 이용해서 속임수를 쓰던지 어쩌던지....아무튼 아래와 같이 hostname -f 결과값이 에러 없이 처리 되면 된다.

# hostname -f

localhost.localdomain


 
초반부에 RPM지원은 안하는것으로 바꼈다고 했는데, 그래도 EPEL이나,  ELFF같은 기존의 Repo는 여전히 필요하다...(ㅡㅡ??) 설치 해주자. (ELFF은 Ruby 1.8.6 설치를 위해 필요)

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
# rpm -Uvh http://download.elff.bravenet.com/5/i386/elff-release-5-3.noarch.rpm


Ruby와 부가적으로 필요한 개발도구를 설치

# yum -y install ruby ruby-shadow ruby-ri ruby-rdoc gcc gcc-c++ ruby-devel ruby-static git



RubyGems 설치 (from Source)

# cd /usr/local/src

# wget http://production.cf.rubygems.org/rubygems/rubygems-1.3.7.tgz

# tar zxf rubygems-1.3.7.tgz

# cd rubygems-1.3.7

# ruby setup.rb --no-format-executable

RubyGems 1.3.7 installed


=== 1.3.7 / 2010-05-13


NOTE:


http://rubygems.org is now the default source for downloading gems.


You may have sources set via ~/.gemrc, so you should replace

http://gems.rubyforge.org with http://rubygems.org


http://gems.rubyforge.org will continue to work for the forseeable future.


New features:


* `gem` commands

  * `gem install` and `gem fetch` now report alternate platforms when a

    matching one couldn't be found.

  * `gem contents` --prefix is now the default as specified in --help.  Bug

    #27211 by Mamoru Tasaka.

  * `gem fetch` can fetch of old versions again.  Bug #27960 by Eric Hankins.

  * `gem query` and friends output now lists platforms.  Bug #27856 by Greg

    Hazel.

  * `gem server` now allows specification of multiple gem dirs for

    documentation.  Bug #27573 by Yuki Sonoda.

  * `gem unpack` can unpack gems again.  Bug #27872 by Timothy Jones.

  * `gem unpack` now unpacks remote gems.

  * --user-install is no longer the default.  If you really liked it, see

    Gem::ConfigFile to learn how to set it by default.  (This change was made

    in 1.3.6)

* RubyGems now has platform support for IronRuby.  Patch #27951 by Will Green.


Bug fixes:


* Require rubygems/custom_require if --disable-gem was set.  Bug #27700 by

  Roger Pack.

* RubyGems now protects against exceptions being raised by plugins.

* rubygems/builder now requires user_interaction.  Ruby Bug #1040 by Phillip

  Toland.

* Gem::Dependency support #version_requirements= with a warning.  Fix for old

  Rails versions.  Bug #27868 by Wei Jen Lu.

* Gem::PackageTask depends on the package dir like the other rake package

  tasks so dependencies can be hooked up correctly.



------------------------------------------------------------------------------


RubyGems installed the following executables:

/usr/bin/gem

rubygems는 눈깜짝하게 설치가 끝난다. 재대로 설치 되었으면 /usr/bin/gem 이 있어야 한다.


설치된 gem을 이용해, chef를 설치 한다.

# gem install chef

Building native extensions.  This could take a while...

Building native extensions.  This could take a while...

Successfully installed mixlib-config-1.1.2

Successfully installed mixlib-cli-1.2.0

Successfully installed mixlib-log-1.3.0

Successfully installed mixlib-authentication-1.1.4

Successfully installed yajl-ruby-0.8.2

Successfully installed systemu-2.2.0

Successfully installed ohai-0.6.2

Successfully installed mime-types-1.16

Successfully installed rest-client-1.6.1

Successfully installed bunny-0.6.0

Successfully installed json-1.4.6

Successfully installed erubis-2.7.0

Successfully installed extlib-0.9.15

Successfully installed moneta-0.6.0

Successfully installed highline-1.6.1

Successfully installed uuidtools-2.1.2

Successfully installed chef-0.9.16

17 gems installed

Installing ri documentation for mixlib-config-1.1.2...

Installing ri documentation for mixlib-cli-1.2.0...

Unrecognized directive 'short' in README.rdoc

Unrecognized directive 'long' in README.rdoc

Unrecognized directive 'description' in README.rdoc

Unrecognized directive 'default' in README.rdoc

Unrecognized directive 'required' in README.rdoc

Unrecognized directive 'on' in README.rdoc

Unrecognized directive 'boolean' in README.rdoc

Unrecognized directive 'show_options' in README.rdoc

Unrecognized directive 'exit' in README.rdoc

Unrecognized directive 'proc' in README.rdoc

Installing ri documentation for mixlib-log-1.3.0...

Installing ri documentation for mixlib-authentication-1.1.4...

Installing ri documentation for yajl-ruby-0.8.2...

Installing ri documentation for systemu-2.2.0...

Installing ri documentation for ohai-0.6.2...

Installing ri documentation for mime-types-1.16...

Installing ri documentation for rest-client-1.6.1...

Installing ri documentation for bunny-0.6.0...

Installing ri documentation for json-1.4.6...

Installing ri documentation for erubis-2.7.0...

Installing ri documentation for extlib-0.9.15...

Installing ri documentation for moneta-0.6.0...

Installing ri documentation for highline-1.6.1...

Installing ri documentation for uuidtools-2.1.2...

Installing ri documentation for chef-0.9.16...

Installing RDoc documentation for mixlib-config-1.1.2...

Installing RDoc documentation for mixlib-cli-1.2.0...

Unrecognized directive 'short' in README.rdoc

Unrecognized directive 'long' in README.rdoc

Unrecognized directive 'description' in README.rdoc

Unrecognized directive 'default' in README.rdoc

Unrecognized directive 'required' in README.rdoc

Unrecognized directive 'on' in README.rdoc

Unrecognized directive 'boolean' in README.rdoc

Unrecognized directive 'show_options' in README.rdoc

Unrecognized directive 'exit' in README.rdoc

Unrecognized directive 'proc' in README.rdoc

Installing RDoc documentation for mixlib-log-1.3.0...

Installing RDoc documentation for mixlib-authentication-1.1.4...

Installing RDoc documentation for yajl-ruby-0.8.2...

Installing RDoc documentation for systemu-2.2.0...

Installing RDoc documentation for ohai-0.6.2...

Installing RDoc documentation for mime-types-1.16...

Installing RDoc documentation for rest-client-1.6.1...

Installing RDoc documentation for bunny-0.6.0...

Installing RDoc documentation for json-1.4.6...

Installing RDoc documentation for erubis-2.7.0...

Installing RDoc documentation for extlib-0.9.15...

Installing RDoc documentation for moneta-0.6.0...

Installing RDoc documentation for highline-1.6.1...

Installing RDoc documentation for uuidtools-2.1.2...

Installing RDoc documentation for chef-0.9.16... 


설치 내역 확인

# gem list


*** LOCAL GEMS ***


bunny (0.6.0)

chef (0.9.16)

erubis (2.7.0)

extlib (0.9.15)

highline (1.6.1)

json (1.4.6)

mime-types (1.16)

mixlib-authentication (1.1.4)

mixlib-cli (1.2.0)

mixlib-config (1.1.2)

mixlib-log (1.3.0)

moneta (0.6.0)

ohai (0.6.2)

rest-client (1.6.1)

systemu (2.2.0)

uuidtools (2.1.2)

yajl-ruby (0.8.2) 


Ohai 설치

# gem install ohai

Successfully installed ohai-0.6.2

1 gem installed

Installing ri documentation for ohai-0.6.2...

Installing RDoc documentation for ohai-0.6.2... 

 
Ohai 테스트
(시스템 관련 정보 제공. 시간 많으신 분은 어떤 정보들이 있는지 확인해두는 것도 나중에 도움이 많이 된다.)

# ohai
(중략)
.
.
.

    "perl": {

      "archname": "x86_64-linux-thread-multi",

      "version": "5.8.8"

    },

    "ruby": {

      "gems_dir": "/usr/lib64/ruby/gems/1.8",

      "target_os": "linux",

      "platform": "x86_64-linux",

      "host_vendor": "redhat",

      "bin_dir": "/usr/bin",

      "target_vendor": "redhat",

      "target_cpu": "x86_64",

      "host_os": "linux-gnu",

      "version": "1.8.6",

      "host_cpu": "x86_64",

      "ruby_bin": "/usr/bin/ruby",

      "host": "x86_64-redhat-linux-gnu",

      "target": "x86_64-redhat-linux-gnu",

      "release_date": "2010-02-05"

    }

  } 

 
의존성 있는 gem 패키지 추가 설치
(가이드 문서에는 없음....)

# gem install abstract ParseTree rspec ruby2ruby ruby_parser RubyInline sexp_processor term-ansicolor thor ZenTest



Chef-Server 설치를 워힌 Chef-Solo 설정 (Chef-Solo's Default Configuration File Path : /etc/chef/solo.rg)

# mkdir -p /etc/chef
# vi /etc/chef/solo.rb

file_cache_path "/root/chef-solo"

cookbook_path "/root/chef-solo/cookbooks"


 
Chef-Solo 속성(JSON Attribute) 설정 (init 스타일 포함)
- File Path : /root/chef.json
- 가이드 문서상으로는 Chef-Server파트에서 WebUI 사용유무에 따라 2가지를 제시 하는데, 여기서는 WebUI가 지원되는 설정을 사용했음.
- (현재 webui가 작동하질 않는다. 역시,,, 한방에 거저먹는건 없다.... 이건 좀더 파악해봐야 겠다. 허나 webui는 편의 도구일뿐이고, Chef Server/Client를 사용한데는 문제가 없다.)

# vi /root/chef.json

{

  "chef": {

    "server_url": "http://localhost:4000",

    "webui_enabled": true,

    "init_style": "init"

  },

  "run_list": [ "recipe[chef::bootstrap_server]" ]

}

- init 스타일 정의

RHEL, CentOS, and related distros don't have a runit package. Use the "init" init style for these systems

가이드 문서 내용대로, "init"을 이용하면 되겠다.


Chef-Solo와 Bootstrap을 이용해, Chef-Server를 설치/설정

# chef-solo -c /etc/chef/solo.rb -j ~/chef.json -r http://s3.amazonaws.com/chef-solo/bootstrap-latest.tar.gz

설치에 시간이 다소 소요된다. 에러 없이 끝나기만 바랄뿐~~
(이부분에서 꽤나 삽질했다. 아직 원인은 못찾았는데, 한방에 성공하지 못하면 계속 실패한다;; 어딘가 찌꺼기가 남아 있는듯 한데....)


Chef-Server 설치가 성공적으로 끝났다면, 아래와 같은 것들로 구성된다.

  • Bootstrap the system as a Client (see section below for what this entails).
  • Install RabbitMQ if possible (see below).
  • Install CouchDB if possible (see below).
  • Install development libraries zlib and xml, for chef-solr.
  • Install the chef-serverchef-server-apichef-solr gems.
  • Optionally (if webui_enabled) install chef-server-webui gem.
  • Create the server configuration file, /etc/chef/server.rb.
  • Create some directories the server needs.
  • If init_style is "runit", set up chef-solr-indexerchef-solrchef-server (API) as runit services. If webui_enabled, it chef-server-webui will be added as a runit service as well. If "init", copy the init scripts for these services from the installed Chef gem for the current platform (Debian and Red Hat families supported). If "bsd", display a hint about startup commands. Otherwise, display a message about manual setup.



또, Chef-Server가 정상적으로 작동된다면, 아래와 같은 서비스 포트들이 운영되고 있을 것이다. 한번씩 확인 필수.
ServicePort
chef-server (api) 4000
chef-server-webui 4040
couchdb 5984
rabbitmq 5672,4369,47762
chef-solr 8983


Chef-Client 설정 (Cookbook을 제작하거나, node등의 관리 기능을 하는 관리용 Client라 생각하면 될듯..)
- File Path : /root/.chef

# mkdir -p /root/.chef
# cp /etc/chef/validation.pem /etc/chef/webui.pem ~/.chef
# chown -R $USER ~/.chef 



이제 knife라는 도구를 이용할 순서다. knife...ㅡㅡ;;; 한마디로, 요리를 준비하는데 필수 도구인 "칼"로 생각하면 될듯한다. cookbook이나 recipe들로 맛있는 요리를 하기 위해, 여러가지 사전작업이나 준비를 하는데 필요한 도구....


knife를 이용해, Chef-Server를 설정한다.
- Permission 맞추는 부분도 가이드 문서에는 없다. 이것때문에 한참을 해맸다...;;;
아래 과정을 거치면, Chef의 Cookbook이나 Node관리를 할 수 있는 root라는 이름의 Chef Client(Account)가 생성되고, Client Key가 /root/.chef/root.pem이라는 파일로 생성되어 있어야 한다.

# chmod 777 /etc/chef/certificates
# chown chef.chef /etc/chef/certificates/key.pem
# knife configure -i
Where should I put the config file? [~/.chef/knife.rb] 

Please enter the chef server URL: [http://localhost:4000] 

Please enter a clientname for the new client: [root] 

Please enter the existing admin clientname: [chef-webui] 

Please enter the location of the existing admin client's private key: [/etc/chef/webui.pem] /root/.chef/webui.pem

Please enter the validation clientname: [chef-validator] 

Please enter the location of the validation key: [/etc/chef/validation.pem] /root/.chef/validation.pem

Please enter the path to a chef repository (or leave blank):

WARN: Creating initial API user...

INFO: Created (or updated) client[root]

WARN: Configuration file written to /root/.chef/knife.rb



chef-repo 다운로드 및 Server 설정파일(/root/.chef/knife.rb) 확인
(cookbook 경로 정보도 추가함)

# git clone http://github.com/opscode/chef-repo.git /var/chef

(Chef-Server가 chef유저로 실행되므로, git로 다운로드한 repo 디렉토리 소유권을 chef로 변경한다.)
# chown chef:chef /var/chef

# echo "cookbook_path ['/var/chef/cookbooks']" >> /root/.chef/knife.rb
# cat /root/.chef/knife.rb 

log_level                :info

log_location             STDOUT

node_name                'root'

client_key               '/root/.chef/root.pem'

validation_client_name   'chef-validator'

validation_key           '/root/.chef/validation.pem'

chef_server_url          'http://localhost:4000'

cache_type               'BasicFile'

cache_options( :path => '/root/.chef/checksums' )
cookbook_path ['/var/chef/cookbooks']
 


knife를 이용한 작업이 정상인지 테스트 (이부분이 잘된다면 인증부분은 정상적으로 진행된 것임)
- 가이드 문서에 역시 없는 내용인데,.. 아마도 OS버전이 상이해서 그런지.. gem list 중에서 rest-client버전을 Downgrade해주어야 했다. 아래와 같이 진행....(필요한 버전은 1.3.1이며, 제거해야할 버전은 각자 알아서 확인..)

# gem install rest-client -v=1.3.1
# gem uninstall rest-client -v=1.6.1


[knife 테스트]

# knife client list

[

  "chef-validator",

  "chef-webui",

  "root"

]


# knife client show root

/usr/lib64/ruby/gems/1.8/gems/rest-client-1.6.1/lib/restclient/abstract_response.rb:50: warning: parenthesize argument(s) for future version

{

  "name": "root",

  "chef_type": "client",

  "json_class": "Chef::ApiClient",

  "public_key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBCgKCAQEA0Zu+th1IncW19rYvpbnYOxaE/YSvzbwoo4MDYSEMSbYtsXCldDQe\nw9PWqdrBFfo9ArhMqyLXvSgxsGbhQ3cZNUEnBNYJsTYwR7ZHAe1dYoyAxOCGFB8g\nLRT2JaCe7Sc0SqEouJ5pxjTvConYiEi2FxQDwQ1KwGz3tMDr7SbU4MyPf2RiRgEj\nrEAuejLMIXQbcg+o7mG6HBw89mCg45hADx4CvlEfjbVeePMIsFuRQgo9a+jl5atm\nUzsl0QahakOaOf/usRruZvmAlBJ8sAEo/xfbp3IiHKvY1x8AfdhOwVqvVhxcziXy\n6LHl+CVjGTJDeeq1upqa2X5RTC5nqWYJtwIDAQAB\n-----END RSA PUBLIC KEY-----\n",

  "_rev": "1-bc3e4e80d14fd973d4d9ecd7e68b851f",

  "admin": true

}


# knife node list

[


Client 목록에 이전 단계에서 만든 root라는 사용자가 있고 속성에 admin이 있으므로 관리자이다. 그리고 현재 Chef-Client로 등록된 Node가 없기 때문에, Node List에는 아무것도 없다.


이제, Client Node용 일반 Account(Client)를 만들고, Client용 Key-Set도 만들어 보자.

# mkdir /root/chef-key-set
# cp /etc/chef/validation.pem /root/chef-key-set/
# knife client create chef-users -n -f /root/chef-key-set/chef-users.pem

/usr/lib64/ruby/gems/1.8/gems/rest-client-1.6.1/lib/restclient/abstract_response.rb:50: warning: parenthesize argument(s) for future version

WARN: HTTP Request Returned 409 Conflict: Client already exists

INFO: Created (or updated) client[chef-users]

INFO: Created (or updated) client[chef-users

# knife client show chef-users

/usr/lib64/ruby/gems/1.8/gems/rest-client-1.6.1/lib/restclient/abstract_response.rb:50: warning: parenthesize argument(s) for future version

{

  "name": "chef-users",

  "chef_type": "client",

  "json_class": "Chef::ApiClient",

  "public_key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBCgKCAQEAoYHIoMUEbTEC/rfqulS/8WYsN5hc1u2zua0Dr909k+Thmh+kouFz\ngkzUab5yYYHv7Cm0Yhm1Q2ELfipADuTqUeNOfD9QCUZjfLjRocI1s4uUu4khWyNl\n+C5eRQqwNQ3fiKLNYh+bHhZoLBr4kUOm3lsApjS64ADrNltjt3uFYE8/37qAr5k6\nMHseQuTSgEnrWLAFJj2GPBKrmO7rlIh7fiLKWHCJvhBryNpbxxXRijn9AZV1klXV\ncLgvXM0ayyu5+sQ2cq2utmD3lSR9m+dt0LDs1Bhw8yNeM0SZCro6e5VULlu6rTeN\nnRKorrACXyErd6Kbns4AT6zDZIa26Xm49QIDAQAB\n-----END RSA PUBLIC KEY-----\n",

  "_rev": "2-de3808f869ce0fbb137773563f3062a0",

  "admin": false




[Chef-Client]

Client IP : 192.168.100.101
hostname : foo.bar (/etc/hosts 에 eth0 아이피와 함께 반드시 등록) 

이제 Chef-Client를 설치할 단계다. Client장비로 가서 아래 과정을 따르자. Chef-Server설치 과정에서 진행했던 부분이 대부분이고 훨씬 간단하므로, 심플하게 작성한다.

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
# rpm -Uvh http://download.elff.bravenet.com/5/i386/elff-release-5-3.noarch.rpm
# yum -y install ruby ruby-shadow ruby-ri ruby-rdoc gcc gcc-c++ ruby-devel ruby-static git

# cd /usr/local/src

# wget http://production.cf.rubygems.org/rubygems/rubygems-1.3.7.tgz

# tar zxf rubygems-1.3.7.tgz

# cd rubygems-1.3.7

# ruby setup.rb --no-format-executable
# gem install chef
# gem install ohai
# gem install rest-client -v=1.3.1
# gem uninstall rest-client -v=1.6.1 


Servre때와 마찬가지로 Chef-Solo를 이용해 Boostrap방식으로 Client가 설치 된다. 다만 Bootstracp가 Client역할이라는 점 이외에는....

# vi /root/chef.json

{

  "chef": {

    "server_url": "http://192.168.100.102:4000",

    "init_style": "init"

  },

  "run_list": [ "recipe[chef::bootstrap_client]" ]

}


# chef-solo -c /etc/chef/solo.rb -j ~/chef.json -r http://s3.amazonaws.com/chef-solo/bootstrap-latest.tar.gz

[Mon, 25 Apr 2011 04:01:24 +0900] WARN: *****************************************

[Mon, 25 Apr 2011 04:01:24 +0900] WARN: Can not find config file: /etc/chef/solo.rb, using defaults.

[Mon, 25 Apr 2011 04:01:24 +0900] WARN: No such file or directory - /etc/chef/solo.rb

[Mon, 25 Apr 2011 04:01:24 +0900] WARN: *****************************************

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting the run_list to ["recipe[chef::bootstrap_client]"] from JSON

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Starting Chef Run (Version 0.9.16)

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Creating directory[/var/log/chef] at /var/log/chef

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting owner to 0 for directory[/var/log/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting group to 0 for directory[/var/log/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting mode to 755 for directory[/var/log/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Creating directory[/srv/chef] at /srv/chef

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting owner to 0 for directory[/srv/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting group to 0 for directory[/srv/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting mode to 755 for directory[/srv/chef]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Writing updated content for template[/etc/chef/client.rb] to /etc/chef/client.rb

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Creating directory[/srv/chef/run] at /srv/chef/run

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting owner to 0 for directory[/srv/chef/run]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting group to 0 for directory[/srv/chef/run]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting mode to 755 for directory[/srv/chef/run]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Creating file[/etc/init.d/chef-client] at /etc/init.d/chef-client

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting mode to 755 for file[/etc/init.d/chef-client]

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Creating file[/etc/sysconfig/chef-client] at /etc/sysconfig/chef-client

[Mon, 25 Apr 2011 04:01:26 +0900] INFO: Setting mode to 644 for file[/etc/sysconfig/chef-client]

[Mon, 25 Apr 2011 04:01:27 +0900] INFO: service[chef-client]: enabled successfully

[Mon, 25 Apr 2011 04:01:27 +0900] INFO: Chef Run complete in 0.696633 seconds

[Mon, 25 Apr 2011 04:01:27 +0900] INFO: cleaning the checksum cache

[Mon, 25 Apr 2011 04:01:27 +0900] INFO: Running report handlers

[Mon, 25 Apr 2011 04:01:27 +0900] INFO: Report handlers complete



Chef-Server 설치 과정 마지막에 생성한 chef-users.pem 키를 Server로부터 복사해온다.

# mkdir /root/.chef
# mkdir /etc/chef
# scp root@192.168.100.102:/root/chef-key-set/chef-users.pem /root/.chef/
# scp root@192.168.100.102:/root/chef-key-set/validation.pem /root/.chef/


knife툴을 이용해 Chef-Clinet 설정

# knife configure

/usr/lib/ruby/gems/1.8/gems/rest-client-1.6.1/lib/restclient/abstract_response.rb:50: warning: parenthesize argument(s) for future version

No knife configuration file found

Where should I put the config file? [~/.chef/knife.rb] 

Please enter the chef server URL: [http://localhost:4000] http://192.168.100.102:4000

Please enter an existing username or clientname for the API: [root] chef-users 

Please enter the validation clientname: [chef-validator] 

Please enter the location of the validation key: [/etc/chef/validation.pem] /root/.chef/validation.pem

Please enter the path to a chef repository (or leave blank): 

WARN: *****

WARN: 

WARN: You must place your client key in:

WARN:   /root/.chef/chef-users.pem

WARN: Before running commands with Knife!

WARN: 

WARN: *****

WARN: 

WARN: You must place your validation key in:

WARN:   /root/.chef/validation.pem

WARN: Before generating instance data with Knife!

WARN: 

WARN: *****

WARN: Configuration file written to /root/.chef/knife.rb

# ll /root/.chef/chef-users.pem /root/.chef/validation.pem /root/.chef/knife.rb

-rw-r--r-- 1 root root 1675 Apr 25 02:35 /root/.chef/chef-users.pem

-rw-r--r-- 1 root root  393 Apr 25 04:20 /root/.chef/knife.rb

-rw------- 1 root root 1675 Apr 25 02:26 /root/.chef/validation.pem

안내문대로, /root/.chef/knife.rb, /root/.chef/chef-users.pem, /etc/chef/validation.pem 3개 파일이 준비되어야 한다. (앞 단계에서 scp로 복사해왔으니, 확인해둘 것)

/root/.chef/knife.rb 파일 내용

log_level                :info

log_location             STDOUT

node_name                'chef-users'

client_key               '/root/.chef/chef-users.pem'

validation_client_name   'chef-validator'

validation_key           '/root/.chef/validation.pem'

chef_server_url          'http://192.168.100.102:4000'

cache_type               'BasicFile'

cache_options( :path => '/root/.chef/checksums' )



이제까지 에러 없이 진행되었다면 아래와 같이, Server로의 접속 및 정보를 볼수 있을 것이다. 물론 Client의 Key는 일반유저 권한이므로, 제한적인 접근만 가능하다.

# knife node list

[


]

# knife client list

WARN: HTTP Request Returned 403 Forbidden: You are not allowed to take this action.

/usr/lib/ruby/1.8/net/http.rb:2097:in `error!': 403 "Forbidden" (Net::HTTPServerException)

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/rest.rb:234:in `api_request'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/rest.rb:285:in `retriable_rest_request'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/rest.rb:215:in `api_request'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/rest.rb:111:in `get_rest'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/api_client.rb:185:in `list'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/knife/client_list.rb:35:in `run'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/knife.rb:131:in `run'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/lib/chef/application/knife.rb:120:in `run'

from /usr/lib/ruby/gems/1.8/gems/chef-0.9.16/bin/knife:25

from /usr/bin/knife:19:in `load'

from /usr/bin/knife:19

==> 관리자 권한이 없기에 다른 Account(Client) 목록은 볼수 없다.

# knife client show chef-users

{

  "name": "chef-users",

  "chef_type": "client",

  "json_class": "Chef::ApiClient",

  "public_key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBCgKCAQEAtsoFCyYl9lMDLQ/V8O2Nw1lTbj4zNutsBT1l1w3Uf78XOg9m5KIm\nCiI+o/9FK+p7R8DY1GGIuRbfYt0fcSE9szBgmamauZxmY3zOJ5Z7WyzWdO8vrxyx\ny8AM+vIhA4LbIdDc6fi4u+fUwS4uPpc16y8jJXdT2VO6zEirFwYv5X90MY4njd/6\nCcSVh0rLI//67EiaEyiXBqjSkuAenlepz2zERgGLVRI9ZWpbfxmtWmoOrDfrazCt\npIasSLH2sZTOubqB31T/ryo982jy7t/GucvZOF4jao+quNVxH+s+KLOHjnjqjx1f\nwF1aSyYXg2Tw9tzVI9eNqCRq7+r8VZjRNQIDAQAB\n-----END RSA PUBLIC KEY-----\n",

  "_rev": "1-5d839e9a44f00e5f0ecf2b6e71fdc34b",

  "admin": false

}

==> 자기 정보는 볼수 있다. 




[Chef Server/Clinet TEST]

이제, Chef Server/Client 구조의 설치는 끝났다. 제대로 작동하는지 아주 심플한 예제로 테스트 해보자.

시나리오 : Cookbook중 테스트용 Recipe인 quick_start를 Server에 업로드 하고, Client에서 자동 적용.



[On Server]
opscode 사이트로부터 이미 제공되고 있는 Cookbook리스트를 한번 확인해보고 본 테스트에서 사용될 quick_start 레시피를 앞서 구축한 Server에 등록한다. 원래는 Chef Server관리용 서버가 따로 있다는 가정하에서 관리서버에서 cookbook을 다운로드 또는 직접 제작해서 Server로 올리게 되는데 본 문서에서는 관리서버(root Account)와 Chef-Server가 동일 장비로 구축된 것이다. 조금 혼란스러울지도 모른다. 이부분은 계속 접하다보면 감이 온다.)
(cookbook을 관리할 것이기때문에, Server에서 작업은 "root" client로 작업이 진행된다. 확인 해보고 싶으면, Server장비에 설치된 /root/.chef/knife.rb 파일내용의 user가 무엇인지 확인해보라)


Server에 등록된 cookbook확인. 지금은 아무 것도 없다...

# knife cookbook list

[


]


opscode 사이트에 등록된 cookbook 목록확인. 누구나 사용 및 수정 가능하다.

# knife cookbook site list

[

  "1password",

  "accounts",

  "ack-grep",

  "activemq",

  "ad",

  "ad-likewise",

  "ant",

  "apache2",

  "apcupsd",

  "apparmor",

  "application",

  "apt",

  "asterisk",

  "atftp",

  "aws",

  "awsclient",

  "backup-manager",

  "bazaar",

  "bluepill",

  "boost",

  "bootstrap",

  "build-essential",

  "bundler",

  "bundler_enterprise",

  "cakephp",

  "capistrano",

  "chef",

  "chef-client",

  "chromium",

  "cloudkick",

  "cobbler",

  "collectd",

  "collectd_plugins",

  "confluence",

  "couchdb",

  "cpan",

  "cron",

  "crontab",

  "crowd",

  "daemontools",

  "database",

  "denyhosts",

  "development_app",

  "diaspora",

  "django",

  "djbdns",

  "dmg",

  "dnsimple",

  "dotdeb",

  "downtime",

  "drbd",

  "dropbox",

  "drupal",

  "drush",

  "dynect",

  "dynomite",

  "eaccelerator",

  "ec2",

  "elasticsearch",

  "emacs",

  "emacs-starter-kit",

  "erlang",

  "fail2ban",

  "ganglia",

  "gearman",

  "gems",

  "getting-started",

  "git",

  "glassfish",

  "gnu_parallel",

  "god",

  "graphite",

  "graylog2",

  "gunicorn",

  "hadoop",

  "hadoop_cluster",

  "hadoop_for_hbase",

  "haproxy",

  "hbase",

  "heartbeat",

  "homebrew",

  "htop",

  "hudson",

  "id3lib",

  "iftop",

  "imagemagick",

  "instiki",

  "iptables",

  "ircd-ratbox",

  "iterm2",

  "java",

  "java_sun",

  "jetty",

  "jira",

  "jpackage",

  "keepalived",

  "kickstart",

  "latex",

  "leiningen",

  "libvirt",

  "loggly",

  "logrotate",

  "logwatch",

  "lvm",

  "magento",

  "man",

  "maradns",

  "maven",

  "memcached",

  "mercurial",

  "mongodb",

  "monit",

  "motd-tail",

  "mpd",

  "munin",

  "mysql",

  "mythtv",

  "nagios",

  "netatalk",

  "networking_basic",

  "nginx",

  "nodejs",

  "nscd",

  "ntp",

  "oh-my-zsh",

  "ohai",

  "openldap",

  "opennebula",

  "openssh",

  "openssl",

  "openvpn",

  "ossec",

  "packages",

  "pacman",

  "passenger",

  "passenger_apache2",

  "passenger_enterprise",

  "pdns",

  "pen",

  "percona",

  "perl",

  "php",

  "php-fpm",

  "postfix",

  "postgresql",

  "powerdns",

  "proftpd",

  "pxe_dust",

  "python",

  "quick_start",

  "rabbitmq",

  "rabbitmq_chef",

  "radiant",

  "rails",

  "rails_enterprise",

  "redis",

  "redis-package",

  "redis2",

  "redmine",

  "reprepro",

  "resolver",

  "riak",

  "rsync",

  "rsyslog",

  "ruby",

  "ruby_enterprise",

  "rubygems",

  "runit",

  "rush",

  "rvm",

  "s3cmd",

  "s3fs",

  "samba",

  "sbuild",

  "screen",

  "server_inventory",

  "shorewall",

  "skype5",

  "snmp",

  "snort",

  "solr",

  "sphinx",

  "sqlite",

  "ssh_known_hosts",

  "ssmtp",

  "stompserver",

  "stunnel",

  "subversion",

  "sudo",

  "sysctl",

  "teamspeak",

  "teamspeak3",

  "thrift",

  "timezone",

  "tmpreaper",

  "tmux",

  "tomcat",

  "tomcat6",

  "tomcat6apr",

  "trac",

  "transmission",

  "tunnelblick",

  "ubuntu",

  "ucspi-tcp",

  "unbound",

  "unicorn",

  "users",

  "varnish",

  "vim",

  "virtualbox",

  "vsftpd",

  "wordpress",

  "xen",

  "xfs",

  "xml",

  "xslt",

  "yum",

  "yumrepo",

  "zenoss",

  "zlib",

  "zookeeper",

  "zsh"



==> 중간즈음, 설치 하려는 quick_start가 있다. 이것을 다운로드 해서 다시 Chef-Server Cookbook에 등록할 것이다.



opscode 사이트로부터 quick_start cookbook 다운로드

# knife cookbook site vendor quick_start

INFO: Downloading quick_start from the cookbooks site at version 0.7.0

INFO: Cookbook saved: /root/chef-repo/cookbooks/quick_start.tar.gz

INFO: Checking out the master branch.

INFO: Checking the status of the vendor branch.

INFO: Creating vendor branch.

INFO: Removing pre-existing version.

INFO: Uncompressing quick_start version 0.7.0.

INFO: Adding changes.

INFO: Committing changes.

INFO: Creating tag chef-vendor-quick_start-0.7.0.

INFO: Checking out the master branch.

INFO: Merging changes from quick_start version 0.7.0.

Updating 9769e69..4492ea0

Fast-forward

 cookbooks/quick_start/attributes/quick_start.rb    |    1 +

 cookbooks/quick_start/metadata.json                |   74 ++++++++++++++++++++

 cookbooks/quick_start/metadata.rb                  |   19 +++++

 cookbooks/quick_start/recipes/default.rb           |   24 ++++++

 .../templates/default/deep_thought.txt.erb         |    1 +

 5 files changed, 119 insertions(+), 0 deletions(-)

 create mode 100644 cookbooks/quick_start/attributes/quick_start.rb

 create mode 100644 cookbooks/quick_start/metadata.json

 create mode 100644 cookbooks/quick_start/metadata.rb

 create mode 100644 cookbooks/quick_start/recipes/default.rb

 create mode 100644 cookbooks/quick_start/templates/default/deep_thought.txt.erb

INFO: Cookbook quick_start version 0.7.0 successfully vendored!



다운로드 cookbook 확인

# ll /var/chef/cookbooks/

total 16

drwxr-xr-x 3 root root  4096 Apr 25 03:33 .

drwxr-xr-x 9 root root  4096 Apr 25 03:29 ..

drwxr-xr-x 5  502 games 4096 Oct 29  2009 quick_start

-rw-r--r-- 1 root root  2930 Apr 25 03:29 README.md
 

# ll /var/chef/cookbooks/quick_start/

total 28

drwxr-xr-x 5  502 games 4096 Oct 29  2009 .

drwxr-xr-x 3 root root  4096 Apr 25 03:33 ..

drwxr-xr-x 2  502 games 4096 Apr 25 03:32 attributes

-rw-r--r-- 1  502 games 1024 Oct 29  2009 metadata.json

-rw-r--r-- 1  502 games  481 Oct 29  2009 metadata.rb

drwxr-xr-x 2  502 games 4096 Apr 25 03:32 recipes

drwxr-xr-x 3  502 games 4096 Oct 29  2009 templates

==> 정상적으로 다운로드되어 있다. Recipe를 수정가능하면 수정하시고, 몰라도 내용들은 한번씩 살펴보자.



# 편집이 끝났다면(할게 없을테니 그냥...) 구축한 Chef-Server에 등록(Upload) 한다.

# knife cookbook upload quick_start

INFO: Saving quick_start

INFO: Validating ruby files

INFO: Validating templates

INFO: Syntax OK

INFO: Generating Metadata

INFO: Uploading files

INFO: Upload complete!

# knife cookbook list

[

  "quick_start"

]

==> 구축한 Chef-Server에 quick_start cookbook이 등록되었다



[On Client]

Client에서는 해줄게 딱 하나다. Server로부터 정보를 전달 받을 Chef-Client 데몬만 뛰워 주면 된다. 이 과정에서 앞서 Client설치 때 위치시켰던 Key들이 사용되어, Chef-Server의 Node 목록에도 등록된다.

방법은 간단하다. 그냥 init 스크립트를 실행해주면 된다.
- 참고로 Chef-Client는 Server에서 정해준 역할이나, 패키지 설정등을 주기적으로 확인하는데, 이 주기(Second)는 init 스크립트(/etc/init.d/chef-client)를 열어보면 등록되어 있다. Default는 1800초(30분)이다. 즉, Server에서 특정 Client의 역할중 http의 mac client 값을 512에서 256으로 수정했다. 그럼 30분 안에 Client에 자동으로 반영된다.
(진행 편의상 임시로 10초 정도로 줄여 주고 테스트가 끝나면 원래대로 복원한다. 아니면 30분을 기다리던지.... 뭐 client로 가서 chef-client 명령을 직접 실행해도 되겠다..... 그러나 그럴거면 chef를 이용하는 의미가....)

client.pem 생성을 위한 validation.pem 파일 위치 정보 수정
==> /etc/chef/client.rb 내용중 아래 부분과 같이 수정한다. (굵게 표시한 부분처럼 정확힌 위치로 수정)

log_level          :info

log_location       STDOUT

ssl_verify_mode    :verify_none

chef_server_url    "http://192.168.100.102:4000"


validation_client_name "chef-validator"

validation_key           "/root/.chef/validation.pem"

client_key               "/etc/chef/client.pem"


file_backup_path   "/srv/chef/backup"

file_cache_path    "/srv/chef/cache"

pid_file           "/srv/chef/run/client.pid"



(Chef Clinet 실행)
# /etc/init.d/chef-client start

Starting chef-client:                                      [  OK  ] 


# cat /etc/init.d/chef-client

#!/bin/bash

# chef-client Startup script for the Chef client

#

# chkconfig: - 98 02

# description: Client component of the Chef systems integration framework.


### BEGIN INIT INFO

# Provides: chef-client

# Required-Start: $local_fs $network $remote_fs

# Required-Stop: $local_fs $network $remote_fs

# Should-Start: $named $time

# Should-Stop: $named $time

# Short-Description: Startup script for the Chef client

# Description: Client component of the Chef systems integration framework.

### END INIT INFO


# Source function library

. /etc/init.d/functions


exec="/usr/bin/chef-client"

prog="chef-client"


[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog


config=${CONFIG-/etc/chef/client.rb}

pidfile=${PIDFILE-/var/run/chef/client.pid}

lockfile=${LOCKFILE-/var/lock/subsys/$prog}

logfile=${LOGFILE-/var/log/chef/client.log}

interval=${INTERVAL-60}

splay=${SPLAY-20}

options=${OPTIONS-}


start() {

    [ -x $exec ] || exit 5

    [ -f $config ] || exit 6

    echo -n $"Starting $prog: "

    daemon chef-client -d -c "$config" -L "$logfile" -i "$interval" -s "$splay" -P "$pidfile" "$options"

    retval=$?

    echo

    [ $retval -eq 0 ] && touch $lockfile

    return $retval

}


stop() {

    echo -n $"Stopping $prog: "

    killproc -p $pidfile chef-client

    retval=$?

    echo

    [ $retval -eq 0 ] && rm -f $lockfile

    return $retval

}


restart () {

    stop

    start

}


reload() {

    restart

}


force_reload() {

    restart

}


rh_status() {

    # run checks to determine if the service is running or use generic status

    status -p $pidfile $prog

}


rh_status_q() {

    rh_status >/dev/null 2>&1

}


case "$1" in

    start)

        rh_status_q && exit 0

        $1
         ;;

    stop)

        rh_status_q || exit 0

        $1

        ;;

    restart)

        $1

        ;;

    reload)

        rh_status_q || exit 7

        $1

        ;;

    force-reload)

        force_reload

        ;;

    status)

        rh_status

        ;;

    condrestart|try-restart)

        rh_status_q || exit 0

        restart

        ;;

    *)

        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"

        exit 2

esac

exit $?

 


[On Server]

Server로 돌아와, Client Node가 등록되었는지 확인한다.

# knife node list

[

  "foo.bar",

  "localhost.localdomain"

]

# knife client list

[

  "chef-users",

  "chef-validator",

  "chef-webui",

  "foo.bar",

  "localhost.localdomain",

  "root"

node와 client 모두 정상적으로 등록되었다.

이제 목적인 quick_start를 client에서 작동되도록 해보자.

# knife node show foo.bar
(중략)
.
.
.

  "run_list": [


  ]

}

=> 현재 run_list가 아무것도 없다. (run_list는 각 노드가 수행해야할 역할이다. cookbook이 될수도 있고, cookbook들을 여러개 묶은 role이 될수도 있다.) 


앞서 Server에 등록한 quick_start를 foo.bar 클라이언트의 run_list로 할당해보자.

# knife node run_list add 'foo.bar' 'recipe[quick_start]'

{

  "run_list": [

    "recipe[quick_start]"

  ]

}

==> 아까와는 달리, foo.bar 노드의 run_list에 quick_start 레시피가 추가되었다. 



[On Client]







asfasfdasfff


Posted by 사랑줍는거지
,
오늘 바람좀 쐬고 오느라, 어제 했던 Chef-Solo정리를 이제서야... 졸리긴 한데, 그리 좋지 않은 기억력에 요즘은 건망증까지...(ㅡ.ㅡ);;, 아무튼, 설치 과정만이라도 까먹기 전에 얼른 메모 해둬야 겠다.


설치 테스트에 사용한 OS는 CentOS 5.4 x86_64이며, VMware ESXi 상의 VM을 하나 만들어서 진행했다. 



요구사항

- Chef 설치시 hostname은 반드시 FQDN이어야 한다. hostname -f 결과가 에러가 발생하면 안됨. FQDN 명심!
- ruby >= 1.8.6 (이라고 되어 있으나, 설치 해본 결과로는 1.8.7은 되야 문제가 없었다)

- rubygems >= 1.3.6 (역시, 1.3.7은 되야 문제가 없었다)
- 권한 문제에 신경쓰기 싫어 root 계정으로 진행했다. 


RPM ruby 제거 및 관련 의존성 패키지 설치

# yum -y groupremove "Ruby"
# yum -y install zlib*
# yum -y install openssl*


ruby 설치

# cd /usr/local/src

# wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7.tar.gz

# tar zxvf  ruby-1.8.7.tar.gz

# cd ruby-1.8.7

# ./configure

# make

# make install


# ruby --version

ruby 1.8.7 (2008-05-31 patchlevel 0) [x86_64-linux] 


rubygems 설치


# cd /usr/local/src

# wget http://production.cf.rubygems.org/rubygems/rubygems-1.3.7.tgz

# tar zxvf rubygems-1.3.7.tgz 

# cd rubygems-1.3.7

# ruby setup.rb

RubyGems 1.3.7 installed


=== 1.3.7 / 2010-05-13


NOTE:


http://rubygems.org is now the default source for downloading gems.


You may have sources set via ~/.gemrc, so you should replace

http://gems.rubyforge.org with http://rubygems.org


http://gems.rubyforge.org will continue to work for the forseeable future.


New features:


* `gem` commands

  * `gem install` and `gem fetch` now report alternate platforms when a

    matching one couldn't be found.

  * `gem contents` --prefix is now the default as specified in --help.  Bug

    #27211 by Mamoru Tasaka.

  * `gem fetch` can fetch of old versions again.  Bug #27960 by Eric Hankins.

  * `gem query` and friends output now lists platforms.  Bug #27856 by Greg

    Hazel.

  * `gem server` now allows specification of multiple gem dirs for

    documentation.  Bug #27573 by Yuki Sonoda.

  * `gem unpack` can unpack gems again.  Bug #27872 by Timothy Jones.

  * `gem unpack` now unpacks remote gems.

  * --user-install is no longer the default.  If you really liked it, see

    Gem::ConfigFile to learn how to set it by default.  (This change was made

    in 1.3.6)

* RubyGems now has platform support for IronRuby.  Patch #27951 by Will Green.


Bug fixes:


* Require rubygems/custom_require if --disable-gem was set.  Bug #27700 by

  Roger Pack.

* RubyGems now protects against exceptions being raised by plugins.

* rubygems/builder now requires user_interaction.  Ruby Bug #1040 by Phillip

  Toland.

* Gem::Dependency support #version_requirements= with a warning.  Fix for old

  Rails versions.  Bug #27868 by Wei Jen Lu.

* Gem::PackageTask depends on the package dir like the other rake package

  tasks so dependencies can be hooked up correctly.



------------------------------------------------------------------------------


RubyGems installed the following executables:

/usr/local/bin/gem 


gem 환경 변수 확인

# gem env

RubyGems Environment:

  - RUBYGEMS VERSION: 1.3.7

  - RUBY VERSION: 1.8.7 (2008-05-31 patchlevel 0) [x86_64-linux]

  - INSTALLATION DIRECTORY: /usr/local/lib/ruby/gems/1.8

  - RUBY EXECUTABLE: /usr/local/bin/ruby

  - EXECUTABLE DIRECTORY: /usr/local/bin

  - RUBYGEMS PLATFORMS:

    - ruby

    - x86_64-linux

  - GEM PATHS:

     - /usr/local/lib/ruby/gems/1.8

     - /root/.gem/ruby/1.8

  - GEM CONFIGURATION:

     - :update_sources => true

     - :verbose => true

     - :benchmark => false

     - :backtrace => false

     - :bulk_threshold => 1000

  - REMOTE SOURCES:

     - http://rubygems.org/


OPScode 소스 추가

# gem sources -a http://gems.opscode.com
http://gems.opscode.com added to sources


# gem env

RubyGems Environment:

  - RUBYGEMS VERSION: 1.3.7

  - RUBY VERSION: 1.8.7 (2008-05-31 patchlevel 0) [x86_64-linux]

  - INSTALLATION DIRECTORY: /usr/local/lib/ruby/gems/1.8

  - RUBY EXECUTABLE: /usr/local/bin/ruby

  - EXECUTABLE DIRECTORY: /usr/local/bin

  - RUBYGEMS PLATFORMS:

    - ruby

    - x86_64-linux

  - GEM PATHS:

     - /usr/local/lib/ruby/gems/1.8

     - /root/.gem/ruby/1.8

  - GEM CONFIGURATION:

     - :update_sources => true

     - :verbose => true

     - :benchmark => false

     - :backtrace => false

     - :bulk_threshold => 1000

     - :sources => ["http://rubygems.org/", "http://gems.opscode.com"]

  - REMOTE SOURCES:

     - http://rubygems.org/

     - http://gems.opscode.com 

(뒤에 나올 cookbook 소스가 OPScode를 통해 이용되어 관련성이 있는 것으로 보임. 아직 자세한 연관성은 미파악상태라 좀더 알아봐야 겠다.)

chef 설치

# gem install chef

Building native extensions.  This could take a while...

Successfully installed mixlib-config-1.1.2

Successfully installed mixlib-cli-1.2.0

Successfully installed mixlib-log-1.3.0

Successfully installed mixlib-authentication-1.1.4

Successfully installed json-1.4.6

Successfully installed extlib-0.9.15

Successfully installed systemu-1.2.0

Successfully installed ohai-0.5.8

Successfully installed mime-types-1.16

Successfully installed rest-client-1.6.1

Successfully installed bunny-0.6.0

Successfully installed abstract-1.0.0

Successfully installed erubis-2.6.6

Successfully installed moneta-0.6.0

Successfully installed highline-1.6.1

Successfully installed uuidtools-2.1.2

Successfully installed chef-0.9.14

17 gems installed

Installing ri documentation for mixlib-config-1.1.2...

Installing ri documentation for mixlib-cli-1.2.0...

Unrecognized directive 'short' in README.rdoc

Unrecognized directive 'long' in README.rdoc

Unrecognized directive 'description' in README.rdoc

Unrecognized directive 'default' in README.rdoc

Unrecognized directive 'required' in README.rdoc

Unrecognized directive 'on' in README.rdoc

Unrecognized directive 'boolean' in README.rdoc

Unrecognized directive 'show_options' in README.rdoc

Unrecognized directive 'exit' in README.rdoc

Unrecognized directive 'proc' in README.rdoc

Installing ri documentation for mixlib-log-1.3.0...

Installing ri documentation for mixlib-authentication-1.1.4...

Installing ri documentation for json-1.4.6...

Installing ri documentation for extlib-0.9.15...

Installing ri documentation for systemu-1.2.0...

Installing ri documentation for ohai-0.5.8...

Installing ri documentation for mime-types-1.16...

Installing ri documentation for rest-client-1.6.1...

Installing ri documentation for bunny-0.6.0...

Installing ri documentation for abstract-1.0.0...

Installing ri documentation for erubis-2.6.6...

Installing ri documentation for moneta-0.6.0...

Installing ri documentation for highline-1.6.1...

Installing ri documentation for uuidtools-2.1.2...

Installing ri documentation for chef-0.9.14...

Installing RDoc documentation for mixlib-config-1.1.2...

Installing RDoc documentation for mixlib-cli-1.2.0...

Unrecognized directive 'short' in README.rdoc

Unrecognized directive 'long' in README.rdoc

Unrecognized directive 'description' in README.rdoc

Unrecognized directive 'default' in README.rdoc

Unrecognized directive 'required' in README.rdoc

Unrecognized directive 'on' in README.rdoc

Unrecognized directive 'boolean' in README.rdoc

Unrecognized directive 'show_options' in README.rdoc

Unrecognized directive 'exit' in README.rdoc

Unrecognized directive 'proc' in README.rdoc

Installing RDoc documentation for mixlib-log-1.3.0...

Installing RDoc documentation for mixlib-authentication-1.1.4...

Installing RDoc documentation for json-1.4.6...

Installing RDoc documentation for extlib-0.9.15...

Installing RDoc documentation for systemu-1.2.0...

Installing RDoc documentation for ohai-0.5.8...

Installing RDoc documentation for mime-types-1.16...

Installing RDoc documentation for rest-client-1.6.1...

Installing RDoc documentation for bunny-0.6.0...

Installing RDoc documentation for abstract-1.0.0...

Installing RDoc documentation for erubis-2.6.6...

Installing RDoc documentation for moneta-0.6.0...

Installing RDoc documentation for highline-1.6.1...

Installing RDoc documentation for uuidtools-2.1.2...

Installing RDoc documentation for chef-0.9.14... 


cookboot 설치

(git가 필요해 EPEL을 통해 git를 설치 해준다.)

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

# yum -y install git

# mkdir /root/chef

# cd /root/chef

# git clone http://github.com/opscode/chef-repo.git

Cloning into chef-repo...

remote: Counting objects: 173, done.

remote: Compressing objects: 100% (106/106), done.

remote: Total 173 (delta 62), reused 138 (delta 40)

Receiving objects: 100% (173/173), 27.25 KiB, done.

Resolving deltas: 100% (62/62), done.


# ls -al

total 16

drwxr-xr-x   3 root root 4096 Mar 27 03:19 .

drwxr-x---  20 root root 4096 Mar 27 03:16 ..

drwxr-xr-x 130 root root 4096 Mar 27 03:19 chef-repo

# ls -al chef-repo
total 44

drwxr-xr-x 8 root root 4096 Mar 27 03:35 .

drwxr-xr-x 3 root root 4096 Mar 27 03:35 ..

drwxr-xr-x 2 root root 4096 Mar 27 03:35 certificates

drwxr-xr-x 2 root root 4096 Mar 27 03:35 config

drwxr-xr-x 2 root root 4096 Mar 27 03:35 cookbooks

drwxr-xr-x 2 root root 4096 Mar 27 03:35 data_bags

drwxr-xr-x 8 root root 4096 Mar 27 03:35 .git

-rw-r--r-- 1 root root   18 Mar 27 03:35 .gitignore

-rw-r--r-- 1 root root 2171 Mar 27 03:35 Rakefile

-rw-r--r-- 1 root root 3521 Mar 27 03:35 README.md

drwxr-xr-x 2 root root 4096 Mar 27 03:35 roles

# ls -al chef-repo/cookbooks

total 12

drwxr-xr-x 2 root root 4096 Mar 27 03:35 .

drwxr-xr-x 8 root root 4096 Mar 27 03:35 ..

-rw-r--r-- 1 root root 2930 Mar 27 03:35 README.md 

# cd chef-repo

# rm -rf cookbooks

# git clone git://github.com/opscode/cookbooks.git

# ls -al cookbooks/

total 552

drwxr-xr-x 130 root root  4096 Mar 27 03:44 .

drwxr-xr-x   8 root root  4096 Mar 27 03:44 ..

drwxr-xr-x   5 root root  4096 Mar 27 03:44 activemq

drwxr-xr-x   3 root root  4096 Mar 27 03:44 ant

drwxr-xr-x   7 root root  4096 Mar 27 03:44 apache2

drwxr-xr-x   4 root root  4096 Mar 27 03:44 apparmor

drwxr-xr-x   5 root root  4096 Mar 27 03:44 application

drwxr-xr-x   6 root root  4096 Mar 27 03:44 apt

drwxr-xr-x   6 root root  4096 Mar 27 03:44 aws

drwxr-xr-x   6 root root  4096 Mar 27 03:44 bluepill

drwxr-xr-x   3 root root  4096 Mar 27 03:44 boost

drwxr-xr-x   3 root root  4096 Mar 27 03:44 build-essential

drwxr-xr-x   4 root root  4096 Mar 27 03:44 capistrano

drwxr-xr-x   5 root root  4096 Mar 27 03:44 chef

drwxr-xr-x   5 root root  4096 Mar 27 03:44 chef-client

drwxr-xr-x   7 root root  4096 Mar 27 03:44 cloudkick

-rw-r--r--   1 root root   408 Mar 27 03:44 CONTRIBUTING

drwxr-xr-x   6 root root  4096 Mar 27 03:44 couchdb

drwxr-xr-x   3 root root  4096 Mar 27 03:44 cron

drwxr-xr-x   7 root root  4096 Mar 27 03:44 daemontools

drwxr-xr-x   4 root root  4096 Mar 27 03:44 database

drwxr-xr-x   4 root root  4096 Mar 27 03:44 django

drwxr-xr-x   7 root root  4096 Mar 27 03:44 djbdns

drwxr-xr-x   6 root root  4096 Mar 27 03:44 dmg

drwxr-xr-x   3 root root  4096 Mar 27 03:44 drbd

drwxr-xr-x   6 root root  4096 Mar 27 03:44 dynect

drwxr-xr-x   5 root root  4096 Mar 27 03:44 dynomite

drwxr-xr-x   4 root root  4096 Mar 27 03:44 ec2

drwxr-xr-x   3 root root  4096 Mar 27 03:44 emacs

drwxr-xr-x   4 root root  4096 Mar 27 03:44 erlang

drwxr-xr-x   4 root root  4096 Mar 27 03:44 fail2ban

drwxr-xr-x   6 root root  4096 Mar 27 03:44 gems

drwxr-xr-x   4 root root  4096 Mar 27 03:44 git

drwxr-xr-x   8 root root  4096 Mar 27 03:44 .git

-rw-r--r--   1 root root    38 Mar 27 03:44 .gitignore

drwxr-xr-x   5 root root  4096 Mar 27 03:44 glassfish

drwxr-xr-x   4 root root  4096 Mar 27 03:44 gnu_parallel

drwxr-xr-x   5 root root  4096 Mar 27 03:44 god

drwxr-xr-x   7 root root  4096 Mar 27 03:44 gunicorn

drwxr-xr-x   4 root root  4096 Mar 27 03:44 hadoop

drwxr-xr-x   5 root root  4096 Mar 27 03:44 haproxy

drwxr-xr-x   3 root root  4096 Mar 27 03:44 heartbeat

drwxr-xr-x   3 root root  4096 Mar 27 03:44 imagemagick

drwxr-xr-x   4 root root  4096 Mar 27 03:44 instiki

drwxr-xr-x   6 root root  4096 Mar 27 03:44 iptables

drwxr-xr-x   5 root root  4096 Mar 27 03:44 java

drwxr-xr-x   3 root root  4096 Mar 27 03:44 java_sun

drwxr-xr-x   5 root root  4096 Mar 27 03:44 jetty

drwxr-xr-x   6 root root  4096 Mar 27 03:44 jira

drwxr-xr-x   5 root root  4096 Mar 27 03:44 jpackage

drwxr-xr-x   4 root root  4096 Mar 27 03:44 keepalived

drwxr-xr-x   5 root root  4096 Mar 27 03:44 kickstart

-rw-r--r--   1 root root 10850 Mar 27 03:44 LICENSE

drwxr-xr-x   5 root root  4096 Mar 27 03:44 logrotate

drwxr-xr-x   3 root root  4096 Mar 27 03:44 logwatch

drwxr-xr-x   3 root root  4096 Mar 27 03:44 lvm

drwxr-xr-x   3 root root  4096 Mar 27 03:44 man

drwxr-xr-x   5 root root  4096 Mar 27 03:44 maradns

drwxr-xr-x   3 root root  4096 Mar 27 03:44 maven

drwxr-xr-x   6 root root  4096 Mar 27 03:44 memcached

drwxr-xr-x   3 root root  4096 Mar 27 03:44 mercurial

drwxr-xr-x   7 root root  4096 Mar 27 03:44 munin

drwxr-xr-x   8 root root  4096 Mar 27 03:44 mysql

drwxr-xr-x   8 root root  4096 Mar 27 03:44 nagios

drwxr-xr-x   3 root root  4096 Mar 27 03:44 nanite

drwxr-xr-x   7 root root  4096 Mar 27 03:44 nginx

-rw-r--r--   1 root root   999 Mar 27 03:44 NOTICE

drwxr-xr-x   3 root root  4096 Mar 27 03:44 nscd

drwxr-xr-x   5 root root  4096 Mar 27 03:44 ntp

drwxr-xr-x   5 root root  4096 Mar 27 03:44 ohai

drwxr-xr-x   5 root root  4096 Mar 27 03:44 one-shot

drwxr-xr-x   6 root root  4096 Mar 27 03:44 openldap

drwxr-xr-x   4 root root  4096 Mar 27 03:44 openssh

drwxr-xr-x   4 root root  4096 Mar 27 03:44 openssl

drwxr-xr-x   5 root root  4096 Mar 27 03:44 openvpn

drwxr-xr-x   5 root root  4096 Mar 27 03:44 ossec

drwxr-xr-x   5 root root  4096 Mar 27 03:44 packages

drwxr-xr-x   5 root root  4096 Mar 27 03:44 pacman

drwxr-xr-x   5 root root  4096 Mar 27 03:44 passenger_apache2

drwxr-xr-x   5 root root  4096 Mar 27 03:44 passenger_enterprise

drwxr-xr-x   7 root root  4096 Mar 27 03:44 pdns

drwxr-xr-x   5 root root  4096 Mar 27 03:44 perl

drwxr-xr-x   7 root root  4096 Mar 27 03:44 php

drwxr-xr-x   5 root root  4096 Mar 27 03:44 postfix

drwxr-xr-x   5 root root  4096 Mar 27 03:44 postgresql

drwxr-xr-x   5 root root  4096 Mar 27 03:44 pxe_dust

drwxr-xr-x   6 root root  4096 Mar 27 03:44 python

drwxr-xr-x   5 root root  4096 Mar 27 03:44 quick_start

drwxr-xr-x   5 root root  4096 Mar 27 03:44 rabbitmq

drwxr-xr-x   3 root root  4096 Mar 27 03:44 rabbitmq_chef

drwxr-xr-x   6 root root  4096 Mar 27 03:44 radiant

drwxr-xr-x   5 root root  4096 Mar 27 03:44 rails

drwxr-xr-x   4 root root  4096 Mar 27 03:44 rails_enterprise

-rw-r--r--   1 root root  1227 Mar 27 03:44 Rakefile

-rw-r--r--   1 root root   659 Mar 27 03:44 README

drwxr-xr-x   5 root root  4096 Mar 27 03:44 redmine

drwxr-xr-x   4 root root  4096 Mar 27 03:44 reprepro

drwxr-xr-x   5 root root  4096 Mar 27 03:44 resolver

drwxr-xr-x   8 root root  4096 Mar 27 03:44 riak

drwxr-xr-x   3 root root  4096 Mar 27 03:44 rsync

drwxr-xr-x   6 root root  4096 Mar 27 03:44 rsyslog

drwxr-xr-x   4 root root  4096 Mar 27 03:44 ruby

drwxr-xr-x   5 root root  4096 Mar 27 03:44 ruby_enterprise

drwxr-xr-x   3 root root  4096 Mar 27 03:44 rubygems

drwxr-xr-x   7 root root  4096 Mar 27 03:44 runit

drwxr-xr-x   3 root root  4096 Mar 27 03:44 rush

drwxr-xr-x   7 root root  4096 Mar 27 03:44 samba

drwxr-xr-x   7 root root  4096 Mar 27 03:44 sbuild

drwxr-xr-x   3 root root  4096 Mar 27 03:44 screen

drwxr-xr-x   5 root root  4096 Mar 27 03:44 snort

drwxr-xr-x   7 root root  4096 Mar 27 03:44 solr

drwxr-xr-x   3 root root  4096 Mar 27 03:44 sqlite

drwxr-xr-x   4 root root  4096 Mar 27 03:44 ssh_known_hosts

drwxr-xr-x   4 root root  4096 Mar 27 03:44 stompserver

drwxr-xr-x   5 root root  4096 Mar 27 03:44 subversion

drwxr-xr-x   5 root root  4096 Mar 27 03:44 sudo

drwxr-xr-x   4 root root  4096 Mar 27 03:44 teamspeak

drwxr-xr-x   5 root root  4096 Mar 27 03:44 teamspeak3

drwxr-xr-x   3 root root  4096 Mar 27 03:44 thrift

drwxr-xr-x   3 root root  4096 Mar 27 03:44 tmux

drwxr-xr-x   5 root root  4096 Mar 27 03:44 tomcat

drwxr-xr-x   8 root root  4096 Mar 27 03:44 tomcat6

drwxr-xr-x   5 root root  4096 Mar 27 03:44 trac

drwxr-xr-x   8 root root  4096 Mar 27 03:44 transmission

drwxr-xr-x   5 root root  4096 Mar 27 03:44 ubuntu

drwxr-xr-x   4 root root  4096 Mar 27 03:44 ucspi-tcp

drwxr-xr-x   5 root root  4096 Mar 27 03:44 unicorn

drwxr-xr-x   4 root root  4096 Mar 27 03:44 users

drwxr-xr-x   5 root root  4096 Mar 27 03:44 varnish

drwxr-xr-x   4 root root  4096 Mar 27 03:44 vim

drwxr-xr-x   5 root root  4096 Mar 27 03:44 wordpress

drwxr-xr-x   3 root root  4096 Mar 27 03:44 xfs

drwxr-xr-x   3 root root  4096 Mar 27 03:44 xml

drwxr-xr-x   8 root root  4096 Mar 27 03:44 zenoss

drwxr-xr-x   3 root root  4096 Mar 27 03:44 zlib

drwxr-xr-x   3 root root  4096 Mar 27 03:44 zsh

 


chef-solo 설정 파일 작성

# cat /root/chef/solo.rb
cookbook_path "/root/chef/chef-repo/cookbooks"

(단순하다. 좀전에 git로 받아둔 cookbook의 경로를 등록해두면 된다. 단, 절대경로여야 함)


이제 Chef-Solo설치는 완료다.(빠진게 있었던가 ㅡㅡ?? 아무튼.... 잘안되면 지적질 댓글을....)
그럼, cookbook에 있는 테스트용 Recipe를 하나 시연 해보고 내용도 간략히 살펴보자.


실행할 Recipe는 "quick_start"라는 것으로, Chef를 통해 실행하게 되면, 실행된 노드의 /tmp디렉토리에 "If a tree falls in the forest..."라는 TEXT내용을 가진 deep_thought.txt 파일을 생성시킨다. 해보자. 진짜 되는지...

json 파일을 만든다. 이파일은 Chef를 통해, 수행할 작업(Recipe)을 정의 하는것 같다.

# cat /root/chef/node.json

{

        "run_list": [ "recipe[quick_start]" ]

(quick_start라는, 지금 수행해보려는 Recpie가 명시되어 있다.)

Recpit 수행

# chef-solo -c /root/chef/solo.rb -j /root/chef/node.json

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Setting the run_list to ["recipe[quick_start]"] from JSON

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Starting Chef Run (Version 0.9.14)

[Sun, 27 Mar 2011 03:46:09 +0900] WARN: Missing gem 'mysql'

[Sun, 27 Mar 2011 03:46:09 +0900] WARN: Missing gem 'right_aws'

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Writing updated content for template[/tmp/deep_thought.txt] to /tmp/deep_thought.txt

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Chef Run complete in 0.305653 seconds

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: cleaning the checksum cache

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Running report handlers

[Sun, 27 Mar 2011 03:46:09 +0900] INFO: Report handlers complete 


Recpie 수행 결과 확인

# ls -al /tmp/

total 96

drwxrwxrwt 15 root root 4096 Mar 27 03:46 .

drwxr-xr-x 23 root root 4096 Mar 27 02:27 ..

-rw-------  1 root root   54 Mar 27 03:46 deep_thought.txt

drwx------  3 root root 4096 Mar 27 02:28 gconfd-root

-rw-------  1 root root   66 Mar 27 02:28 .gdmSCQWSV

srw-rw-rw-  1 root root    0 Mar 27 02:28 .gdm_socket

drwxrwxrwt  2 root root 4096 Mar 27 02:28 .ICE-unix

drwx------  2 root root 4096 Mar 27 02:28 keyring-lh8Uxr

srwxr-xr-x  1 root root    0 Mar 27 02:28 mapping-root

drwx------  2 root root 4096 Mar 27 02:28 orbit-root

-rw-------  1 root root 1024 Oct 23  2009 .rnd

-rw-r--r--  1 root root    5 Mar 27 03:28 scim-bridge-0.3.0.lockfile-0@localhost:0.0

srwxr-xr-x  1 root root    0 Mar 27 02:28 scim-bridge-0.3.0.socket-0@localhost:0.0

srw-------  1 root root    0 Mar 27 02:28 scim-helper-manager-socket-root

srw-------  1 root root    0 Mar 27 02:28 scim-panel-socket:0-root

srw-------  1 root root    0 Mar 27 02:28 scim-socket-frontend-root

drwx------  2 root root 4096 Mar 27 02:28 ssh-wCRkwr3275

drwx------  2 root root 4096 Mar 27 02:28 virtual-root.BcUGAR

drwxr-xr-x  2 root root 4096 Oct 23  2009 vmware-config0

drwxr-xr-x  2 root root 4096 Oct 23  2009 vmware-config1

drwxr-xr-x  2 root root 4096 Dec 17  2009 vmware-config2

drwxr-xr-x  2 root root 4096 Jul  9  2010 vmware-config3

drwxrwxrwt  3 root root 4096 Oct 23  2009 VMwareDnD

drwx------  2 root root 4096 Mar 27 02:28 vmware-root

-r--r--r--  1 root root   11 Mar 27 02:28 .X0-lock

drwxrwxrwt  2 root root 4096 Mar 27 02:28 .X11-unix
 

# cat /tmp/deep_thought.txt 

Todays deep thought: If a tree falls in the forest...

=> 정상적으로 수행되었다.



[Recipe 분석]

수행했던 Recipe 디렉토리로 이동

# cd /root/chef/chef-repo/cookbooks/quick_start/

# ls -al

total 28

drwxr-xr-x   5 root root 4096 Mar 27 03:44 .

drwxr-xr-x 130 root root 4096 Mar 27 03:44 ..

drwxr-xr-x   2 root root 4096 Mar 27 03:44 attributes

-rw-r--r--   1 root root 1186 Mar 27 03:44 metadata.json

-rw-r--r--   1 root root  535 Mar 27 03:44 metadata.rb

drwxr-xr-x   2 root root 4096 Mar 27 03:44 recipes

drwxr-xr-x   3 root root 4096 Mar 27 03:44 templates 

(몇개의 파일과 디렉토리들이 있다.)

중요한 것은 recipes이고, 나머지는 이 recipes에 정의된 작업이 수행되는데 필요한 정보를 담고 있다. 
(template, recpites, attributes는 어떤 Recipe든지 default.rb 파일이 가장 기본이며, 먼저 읽혀지는듯 함)

# cat recipes/default.rb

template "/tmp/deep_thought.txt" do

  source "deep_thought.txt.erb"

  variables :deep_thought => node[:deep_thought]

  action :create

end 

# cat attributes/default.rb 

deep_thought "If a tree falls in the forest..."


# cat templates/default/deep_thought.txt.erb 

Todays deep thought: <%= @deep_thought %>

하나의 recipe단위 내에서 수행할 작업들을 template라는 이름으로 정의(하는듯 함...ㅡㅡ;).
여기서는 quick_start라는 Recipe를 수행하였고, 그 Recipe에는 보는 바와 같은 템플릿 하나가 등록되어 있다.
내용을 보면 대충 이해가 되리라 본다. action이 create이니 /tmp/deep_thought.txt를 생성한다는 것 같고, source는 templates/default/deep_thought.txt.erb파일을 가져다가 생성한다~ 뭐 그런... variables는 source파일을 바탕으로 생성하되, source파일 내의 deep_thought변수를  attributes/default.rb에서 정의된 값으로 바꾸어라는 그런... (이해가 안될지도 모른다. 내 설명이 엄청 저질ㅡㅡ;;이라 그런 것이니, 자책마시길...)

대충, 설치부터 간단한 샘플예제 수행까지 정상적이니 마무리 해야 겠다. 물론 더 난이도 높은 Recipe를 수행할때면,러가 뜨거나, Cookbook/Recipe에 대한 허접한 이해도로 인해, 엄청~ 삽질하겠지만, 뭐 첫술에 배부를수는 없지 않나~ 이것부터 차근차근 해두면, 곧 Chef Server/Client로 맘대로 요리(?)할 수 있지 않을까~~

To be Continue~~~~~~~~




 
Posted by 사랑줍는거지
,

* PDF 용량이 10메가 되고, 해외 서버라 그런지 로딩에 시간이 좀 걸립니다. 인내심을 가지세요~~

자동화의 의미부터 필요성, 종류, 그중에서 Chef에 대해서 이해하는데 많은 도움이 되는 문서입니다. 특히 저같은 초보한테는~

오늘 Chef-Solo 모드 테스트하고, Template 만들어 둔 상태이나, 히스토리는 한번더 확인 해보고 내일즘 기록해둘 예정.


(추가)
ruby와 rubygems 버전 맞추는게 좀 까다로움. 또 apache2배포시, NameVirtualhost 인자가 두개가 등록되는 바람에 service httpd start가 에러를 뱉어냄... 레시피 수정으로 해결...(레시피에는 80, 443 두개가 등록되어 있길래, 우선 443은 제거했음. 중요한것은 설치같은게 아니라 레시피를 얼마나 자유자재로 다룰수 있느냐 인것 같다...
어렵다...ㅡㅡ;;;
Posted by 사랑줍는거지
,
  VM을 가지고 노는데(?) 있어 중요한 요소가 자동화다.(사람마다 다르겠지만...)
자동화와 관련된 Open Source 몇가지를 알아보던중, 괜찮아 보인게 Chef다. Puppet이라고 비슷한 기능을 가진것 같은데, 아직 자세히 보진 못했다. Chef에 어느정도 적응하고 나면 Puppet도 해볼 생각이다. 어차피 둘다 해보긴 해봐야 할것 같기에...

 Chef 관련 정보를 찾다가 아줄 정리가 잘되어 있는 PDF문서도 발견했다. 아래 첨부파일은 한번쯤 보시길...



개략적인 운영방식은 아래와 같다.

  Chef는 기본적으로 Server/Client 구조다. (필요에 따라 Solo로 작동 시킬수도 있다.)
  Chef-Server에서 원하는 Package와 그에 적절한 Configuraton를 사전에 Recipe로 만들어 Cookbook에 등록해두고, Chef-Client에 적절한 수행을 가해주면, 원하는 패키지 설치/제거는 물론이고, 설정까지 자동으로 적용된다. Chef-Clinet는 동일한 기능을 가질수도 있고, 개별적인 기능들을 가지게하여, 하나의 '서버군'을 형성하게 할 수도 있다.(사실 난 아직 해보질 못했음...ㅡㅡ;;).

  또 Chef-Server 설정에 따라, 특정 Chef-Client가 관리자 실수나, 기타 장애로 설정값이 변경되거나, Chef로 관리되는 서비스에 문제가 발생됬다고 판단될 경우, Package와 Configuration을 자동 복원하고, 서비스를 다시 시작해준다. 매역적인 기능이다.

  서로 다른 여러 기능의 Chef-Clinet를 조합하여, 한의 부하 분산 서버군을 구성할 수도 있을 것 같다. 그것도 각각의 VM에 접속할 필요 없이. Chef-Server에서 몇번의 명령만으로... 관리 포인트도 하나로 집중시킬수도 있을 것 같고... 무식한 영어 실력으로 더듬더듬한 내용이지만, 대충 그런것 같다.

그리고, Chef에서는 Cookbook/Recipe가  굉장히 중요한 요소 같다. 아니 Chef의 전부인듯........
각자가 원하는 Recipe를 만들수도 있지만, 아마도 내가 만들고자 하는 Recipe와 90%이상은 유사한 Recipe가 이미 오픈되어 공유되고 있다. 실제로 Cookbook을 한번 다운로드 받아 봤더니 아래와 같이...........엄청..........ㅜㅡ;; 보시다 시피 어지간한 세트는 다 이미 마련되있다. 세부 설정은 해당 recipe의 Configuration을 아주 약간 변형함으로서 내가 원하는 형태로 배포/설정 할수 있다. (그리고 OPSCode라는 곳에서는 더 많은 레시피를 제공받을 수 있는 것 같다. 이부분은 좀더 확인해 봐야 함....)

Chef Cookbook에 포함되어 있는 Recipe (git clone git://github.com/opscode/cookbooks.git)

[root@localhost chef-repo]# ll

total 44

drwxr-xr-x   8 root root 4096 Mar 25 13:10 .

drwxr-xr-x   3 root root 4096 Mar 25 13:14 ..

drwxr-xr-x   2 root root 4096 Mar 25 13:10 certificates

drwxr-xr-x   2 root root 4096 Mar 25 13:10 config

drwxr-xr-x 129 root root 4096 Mar 25 13:11 cookbooks

drwxr-xr-x   2 root root 4096 Mar 25 13:10 data_bags

drwxr-xr-x   8 root root 4096 Mar 25 13:10 .git

-rw-r--r--   1 root root   18 Mar 25 13:10 .gitignore

-rw-r--r--   1 root root 2171 Mar 25 13:10 Rakefile

-rw-r--r--   1 root root 3521 Mar 25 13:10 README.md

drwxr-xr-x   2 root root 4096 Mar 25 13:10 roles

[root@localhost chef-repo]# 

[root@localhost chef-repo]# 

[root@localhost chef-repo]# ll cookbooks/

total 548

drwxr-xr-x 129 root root  4096 Mar 25 13:11 .

drwxr-xr-x   8 root root  4096 Mar 25 13:10 ..

drwxr-xr-x   5 root root  4096 Mar 25 13:11 activemq

drwxr-xr-x   3 root root  4096 Mar 25 13:11 ant

drwxr-xr-x   7 root root  4096 Mar 25 13:11 apache2

drwxr-xr-x   4 root root  4096 Mar 25 13:11 apparmor

drwxr-xr-x   5 root root  4096 Mar 25 13:11 application

drwxr-xr-x   6 root root  4096 Mar 25 13:11 apt

drwxr-xr-x   6 root root  4096 Mar 25 13:11 aws

drwxr-xr-x   6 root root  4096 Mar 25 13:11 bluepill

drwxr-xr-x   3 root root  4096 Mar 25 13:11 boost

drwxr-xr-x   3 root root  4096 Mar 25 13:11 build-essential

drwxr-xr-x   4 root root  4096 Mar 25 13:11 capistrano

drwxr-xr-x   5 root root  4096 Mar 25 13:11 chef

drwxr-xr-x   5 root root  4096 Mar 25 13:11 chef-client

drwxr-xr-x   7 root root  4096 Mar 25 13:11 cloudkick

-rw-r--r--   1 root root   408 Mar 25 13:11 CONTRIBUTING

drwxr-xr-x   6 root root  4096 Mar 25 13:11 couchdb

drwxr-xr-x   3 root root  4096 Mar 25 13:11 cron

drwxr-xr-x   7 root root  4096 Mar 25 13:11 daemontools

drwxr-xr-x   4 root root  4096 Mar 25 13:11 database

drwxr-xr-x   4 root root  4096 Mar 25 13:11 django

drwxr-xr-x   7 root root  4096 Mar 25 13:11 djbdns

drwxr-xr-x   6 root root  4096 Mar 25 13:11 dmg

drwxr-xr-x   3 root root  4096 Mar 25 13:11 drbd

drwxr-xr-x   6 root root  4096 Mar 25 13:11 dynect

drwxr-xr-x   5 root root  4096 Mar 25 13:11 dynomite

drwxr-xr-x   4 root root  4096 Mar 25 13:11 ec2

drwxr-xr-x   3 root root  4096 Mar 25 13:11 emacs

drwxr-xr-x   4 root root  4096 Mar 25 13:11 erlang

drwxr-xr-x   4 root root  4096 Mar 25 13:11 fail2ban

drwxr-xr-x   6 root root  4096 Mar 25 13:11 gems

drwxr-xr-x   4 root root  4096 Mar 25 13:11 git

drwxr-xr-x   8 root root  4096 Mar 25 13:11 .git

-rw-r--r--   1 root root    38 Mar 25 13:11 .gitignore

drwxr-xr-x   5 root root  4096 Mar 25 13:11 glassfish

drwxr-xr-x   4 root root  4096 Mar 25 13:11 gnu_parallel

drwxr-xr-x   5 root root  4096 Mar 25 13:11 god

drwxr-xr-x   7 root root  4096 Mar 25 13:11 gunicorn

drwxr-xr-x   4 root root  4096 Mar 25 13:11 hadoop

drwxr-xr-x   5 root root  4096 Mar 25 13:11 haproxy

drwxr-xr-x   3 root root  4096 Mar 25 13:11 heartbeat

drwxr-xr-x   3 root root  4096 Mar 25 13:11 imagemagick

drwxr-xr-x   4 root root  4096 Mar 25 13:11 instiki

drwxr-xr-x   6 root root  4096 Mar 25 13:11 iptables

drwxr-xr-x   6 root root  4096 Mar 25 13:11 java

drwxr-xr-x   3 root root  4096 Mar 25 13:11 java_sun

drwxr-xr-x   5 root root  4096 Mar 25 13:11 jetty

drwxr-xr-x   6 root root  4096 Mar 25 13:11 jira

drwxr-xr-x   5 root root  4096 Mar 25 13:11 jpackage

drwxr-xr-x   4 root root  4096 Mar 25 13:11 keepalived

drwxr-xr-x   5 root root  4096 Mar 25 13:11 kickstart

-rw-r--r--   1 root root 10850 Mar 25 13:11 LICENSE

drwxr-xr-x   5 root root  4096 Mar 25 13:11 logrotate

drwxr-xr-x   3 root root  4096 Mar 25 13:11 logwatch

drwxr-xr-x   3 root root  4096 Mar 25 13:11 lvm

drwxr-xr-x   3 root root  4096 Mar 25 13:11 man

drwxr-xr-x   5 root root  4096 Mar 25 13:11 maradns

drwxr-xr-x   3 root root  4096 Mar 25 13:11 maven

drwxr-xr-x   6 root root  4096 Mar 25 13:11 memcached

drwxr-xr-x   3 root root  4096 Mar 25 13:11 mercurial

drwxr-xr-x   7 root root  4096 Mar 25 13:11 munin

drwxr-xr-x   8 root root  4096 Mar 25 13:11 mysql

drwxr-xr-x   8 root root  4096 Mar 25 13:11 nagios

drwxr-xr-x   3 root root  4096 Mar 25 13:11 nanite

drwxr-xr-x   7 root root  4096 Mar 25 13:11 nginx

-rw-r--r--   1 root root   999 Mar 25 13:11 NOTICE

drwxr-xr-x   3 root root  4096 Mar 25 13:11 nscd

drwxr-xr-x   5 root root  4096 Mar 25 13:11 ntp

drwxr-xr-x   5 root root  4096 Mar 25 13:11 ohai

drwxr-xr-x   5 root root  4096 Mar 25 13:11 one-shot

drwxr-xr-x   6 root root  4096 Mar 25 13:11 openldap

drwxr-xr-x   4 root root  4096 Mar 25 13:11 openssh

drwxr-xr-x   4 root root  4096 Mar 25 13:11 openssl

drwxr-xr-x   5 root root  4096 Mar 25 13:11 openvpn

drwxr-xr-x   5 root root  4096 Mar 25 13:11 ossec

drwxr-xr-x   5 root root  4096 Mar 25 13:11 packages

drwxr-xr-x   5 root root  4096 Mar 25 13:11 pacman

drwxr-xr-x   5 root root  4096 Mar 25 13:11 passenger_apache2

drwxr-xr-x   5 root root  4096 Mar 25 13:11 passenger_enterprise

drwxr-xr-x   5 root root  4096 Mar 25 13:11 perl

drwxr-xr-x   7 root root  4096 Mar 25 13:11 php

drwxr-xr-x   5 root root  4096 Mar 25 13:11 postfix

drwxr-xr-x   5 root root  4096 Mar 25 13:11 postgresql

drwxr-xr-x   5 root root  4096 Mar 25 13:11 pxe_dust

drwxr-xr-x   6 root root  4096 Mar 25 13:11 python

drwxr-xr-x   5 root root  4096 Mar 25 13:11 quick_start

drwxr-xr-x   5 root root  4096 Mar 25 13:11 rabbitmq

drwxr-xr-x   3 root root  4096 Mar 25 13:11 rabbitmq_chef

drwxr-xr-x   6 root root  4096 Mar 25 13:11 radiant

drwxr-xr-x   5 root root  4096 Mar 25 13:11 rails

drwxr-xr-x   4 root root  4096 Mar 25 13:11 rails_enterprise

-rw-r--r--   1 root root  1227 Mar 25 13:11 Rakefile

-rw-r--r--   1 root root   659 Mar 25 13:11 README

drwxr-xr-x   5 root root  4096 Mar 25 13:11 redmine

drwxr-xr-x   4 root root  4096 Mar 25 13:11 reprepro

drwxr-xr-x   5 root root  4096 Mar 25 13:11 resolver

drwxr-xr-x   8 root root  4096 Mar 25 13:11 riak

drwxr-xr-x   3 root root  4096 Mar 25 13:11 rsync

drwxr-xr-x   6 root root  4096 Mar 25 13:11 rsyslog

drwxr-xr-x   4 root root  4096 Mar 25 13:11 ruby

drwxr-xr-x   5 root root  4096 Mar 25 13:11 ruby_enterprise

drwxr-xr-x   3 root root  4096 Mar 25 13:11 rubygems

drwxr-xr-x   7 root root  4096 Mar 25 13:11 runit

drwxr-xr-x   3 root root  4096 Mar 25 13:11 rush

drwxr-xr-x   7 root root  4096 Mar 25 13:11 samba

drwxr-xr-x   7 root root  4096 Mar 25 13:11 sbuild

drwxr-xr-x   3 root root  4096 Mar 25 13:11 screen

drwxr-xr-x   5 root root  4096 Mar 25 13:11 snort

drwxr-xr-x   7 root root  4096 Mar 25 13:11 solr

drwxr-xr-x   3 root root  4096 Mar 25 13:11 sqlite

drwxr-xr-x   4 root root  4096 Mar 25 13:11 ssh_known_hosts

drwxr-xr-x   4 root root  4096 Mar 25 13:11 stompserver

drwxr-xr-x   5 root root  4096 Mar 25 13:11 subversion

drwxr-xr-x   5 root root  4096 Mar 25 13:11 sudo

drwxr-xr-x   4 root root  4096 Mar 25 13:11 teamspeak

drwxr-xr-x   5 root root  4096 Mar 25 13:11 teamspeak3

drwxr-xr-x   3 root root  4096 Mar 25 13:11 thrift

drwxr-xr-x   3 root root  4096 Mar 25 13:11 tmux

drwxr-xr-x   5 root root  4096 Mar 25 13:11 tomcat

drwxr-xr-x   8 root root  4096 Mar 25 13:11 tomcat6

drwxr-xr-x   5 root root  4096 Mar 25 13:11 trac

drwxr-xr-x   8 root root  4096 Mar 25 13:11 transmission

drwxr-xr-x   5 root root  4096 Mar 25 13:11 ubuntu

drwxr-xr-x   4 root root  4096 Mar 25 13:11 ucspi-tcp

drwxr-xr-x   5 root root  4096 Mar 25 13:11 unicorn

drwxr-xr-x   4 root root  4096 Mar 25 13:11 users

drwxr-xr-x   5 root root  4096 Mar 25 13:11 varnish

drwxr-xr-x   4 root root  4096 Mar 25 13:11 vim

drwxr-xr-x   5 root root  4096 Mar 25 13:11 wordpress

drwxr-xr-x   3 root root  4096 Mar 25 13:11 xfs

drwxr-xr-x   3 root root  4096 Mar 25 13:11 xml

drwxr-xr-x   8 root root  4096 Mar 25 13:11 zenoss

drwxr-xr-x   3 root root  4096 Mar 25 13:11 zlib

drwxr-xr-x   3 root root  4096 Mar 25 13:11 zsh

[root@localhost chef-repo]# 

 
   
이제 슬슬 간단한 것 부터 한번 실제로 해봐야 겠다..........
Posted by 사랑줍는거지
,