dev-lxc 3.2.0 → 3.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitattributes +1 -0
- data/.gitignore +17 -17
- data/CHANGELOG.md +352 -342
- data/Gemfile +4 -4
- data/LICENSE +201 -201
- data/README.md +235 -233
- data/Rakefile +1 -1
- data/bin/dl +9 -9
- data/dev-lxc.gemspec +26 -26
- data/docs/adhoc_clusters.md +17 -20
- data/docs/base_containers.md +44 -44
- data/docs/byobu_keybindings.md +22 -22
- data/docs/configuration.md +277 -235
- data/docs/dev-lxc_version_2.md +10 -10
- data/docs/manage_multiple_clusters.md +30 -30
- data/docs/mitmproxy.md +7 -7
- data/docs/usage.md +213 -213
- data/example-clusters/README.md +165 -35
- data/example-clusters/automate_dev-lxc.yml +98 -98
- data/example-clusters/chef-backend_dev-lxc.yml +81 -81
- data/example-clusters/conf-files/chef-server/elasticsearch-partial.rb +38 -0
- data/example-clusters/conf-files/chef-server/ldap-partial.rb +10 -0
- data/example-clusters/conf-files/chef-server/postgres-partial.rb +14 -0
- data/example-clusters/external_dev-lxc.yml +60 -0
- data/example-clusters/tier_dev-lxc.yml +88 -88
- data/lib/dev-lxc/cli.rb +542 -537
- data/lib/dev-lxc/cluster.rb +1310 -1215
- data/lib/dev-lxc/container.rb +128 -123
- data/lib/dev-lxc/server.rb +197 -197
- data/lib/dev-lxc/version.rb +3 -3
- data/lib/dev-lxc.rb +118 -118
- metadata +7 -2
data/example-clusters/README.md
CHANGED
@@ -1,35 +1,165 @@
|
|
1
|
-
The files in this directory are working examples of cluster dev-lxc.yml files. You can upload them to separate directories in your dev-lxc-platform instance, rename each file to `dev-lxc.yml` and run `dl up` to build each cluster.
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
Cluster build time: 19 minutes
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
1
|
+
The files in this directory are working examples of cluster dev-lxc.yml files. You can upload them to separate directories in your dev-lxc-platform instance, rename each file to `dev-lxc.yml` and run `dl up` to build each cluster.
|
2
|
+
|
3
|
+
## automate
|
4
|
+
|
5
|
+
Cluster build time: 19 minutes
|
6
|
+
|
7
|
+
Download the [automate_dev-lxc.yml](automate_dev-lxc.yml) file to the dev-lxc-platform filesystem.
|
8
|
+
|
9
|
+
The `automate` cluster needs the `delivery.license` file copied to an appropriate location on dev-lxc-platform's filesystem.
|
10
|
+
|
11
|
+
The following is an example of `dl status` for this cluster.
|
12
|
+
|
13
|
+
```
|
14
|
+
chef.lxc RUNNING 10.0.3.203
|
15
|
+
|_ snap0 2017:03:08 19:32:08 dev-lxc build: products installed
|
16
|
+
|_ snap1 2017:03:08 19:50:24 dev-lxc build: completed
|
17
|
+
|
18
|
+
compliance.lxc RUNNING 10.0.3.205
|
19
|
+
|_ snap0 2017:03:08 19:32:39 dev-lxc build: products installed
|
20
|
+
|_ snap1 2017:03:08 19:50:20 dev-lxc build: completed
|
21
|
+
|
22
|
+
supermarket.lxc RUNNING 10.0.3.206
|
23
|
+
|_ snap0 2017:03:08 19:33:15 dev-lxc build: products installed
|
24
|
+
|_ snap1 2017:03:08 19:50:18 dev-lxc build: completed
|
25
|
+
|
26
|
+
automate.lxc RUNNING 10.0.3.200
|
27
|
+
|_ snap0 2017:03:08 19:33:55 dev-lxc build: products installed
|
28
|
+
|_ snap1 2017:03:08 19:50:14 dev-lxc build: completed
|
29
|
+
|
30
|
+
runner-1.lxc RUNNING 10.0.3.87
|
31
|
+
|_ snap0 2017:03:08 19:50:02 dev-lxc build: completed
|
32
|
+
|
33
|
+
node-1.lxc RUNNING 10.0.3.90
|
34
|
+
|_ snap0 2017:03:08 19:34:16 dev-lxc build: products installed
|
35
|
+
|_ snap1 2017:03:08 19:50:01 dev-lxc build: completed
|
36
|
+
```
|
37
|
+
|
38
|
+
The following command was used to create the `automate_dev-lxc.yml` file.
|
39
|
+
|
40
|
+
```
|
41
|
+
dl init --chef --compliance --supermarket --automate --runners --nodes --product-versions reporting:none
|
42
|
+
```
|
43
|
+
|
44
|
+
## chef-backend
|
45
|
+
|
46
|
+
Cluster build time: 12 minutes
|
47
|
+
|
48
|
+
Download the [chef-backend_dev-lxc.yml](chef-backend_dev-lxc.yml) file to the dev-lxc-platform filesystem.
|
49
|
+
|
50
|
+
The following is an example of `dl status` for this cluster.
|
51
|
+
|
52
|
+
```
|
53
|
+
Chef Server FQDN: chef-ha.lxc
|
54
|
+
|
55
|
+
chef-backend1.lxc RUNNING 10.0.3.208
|
56
|
+
|_ snap0 2017:03:13 20:19:03 dev-lxc build: products installed
|
57
|
+
|_ snap1 2017:03:13 20:27:27 dev-lxc build: backend cluster configured but frontend not bootstrapped
|
58
|
+
|_ snap2 2017:03:13 20:33:41 dev-lxc build: completed
|
59
|
+
|
60
|
+
chef-backend2.lxc RUNNING 10.0.3.209
|
61
|
+
|_ snap0 2017:03:13 20:19:39 dev-lxc build: products installed
|
62
|
+
|_ snap1 2017:03:13 20:27:24 dev-lxc build: backend cluster configured but frontend not bootstrapped
|
63
|
+
|_ snap2 2017:03:13 20:33:30 dev-lxc build: completed
|
64
|
+
|
65
|
+
chef-backend3.lxc RUNNING 10.0.3.210
|
66
|
+
|_ snap0 2017:03:13 20:20:16 dev-lxc build: products installed
|
67
|
+
|_ snap1 2017:03:13 20:27:22 dev-lxc build: backend cluster configured but frontend not bootstrapped
|
68
|
+
|_ snap2 2017:03:13 20:33:26 dev-lxc build: completed
|
69
|
+
|
70
|
+
chef-frontend1.lxc RUNNING 10.0.3.211
|
71
|
+
|_ snap0 2017:03:13 20:21:32 dev-lxc build: products installed
|
72
|
+
|_ snap1 2017:03:13 20:33:23 dev-lxc build: completed
|
73
|
+
|
74
|
+
node-1-ha.lxc RUNNING 10.0.3.87
|
75
|
+
|_ snap0 2017:03:13 20:22:52 dev-lxc build: products installed
|
76
|
+
|_ snap1 2017:03:13 20:33:16 dev-lxc build: completed
|
77
|
+
```
|
78
|
+
|
79
|
+
The following command and described modifications were used to create the `chef-backend_dev-lxc.yml` file.
|
80
|
+
|
81
|
+
```
|
82
|
+
dl init --chef-backend --nodes
|
83
|
+
```
|
84
|
+
|
85
|
+
The nodes' `chef_server_url` hostname was changed to `chef-ha.lxc` and the node's hostname was changed to `node-1-ha.lxc`.
|
86
|
+
|
87
|
+
## tier
|
88
|
+
|
89
|
+
Cluster build time: 14 minutes
|
90
|
+
|
91
|
+
Download the [tier_dev-lxc.yml](tier_dev-lxc.yml) file to the dev-lxc-platform filesystem.
|
92
|
+
|
93
|
+
The following is an example of `dl status` for this cluster.
|
94
|
+
|
95
|
+
```
|
96
|
+
Chef Server FQDN: chef-tier.lxc
|
97
|
+
|
98
|
+
chef-be.lxc RUNNING 10.0.3.201
|
99
|
+
|_ snap0 2017:03:07 21:48:04 dev-lxc build: products installed
|
100
|
+
|_ snap1 2017:03:07 22:00:45 dev-lxc build: completed
|
101
|
+
|
102
|
+
chef-fe1.lxc RUNNING 10.0.3.202
|
103
|
+
|_ snap0 2017:03:07 21:49:16 dev-lxc build: products installed
|
104
|
+
|_ snap1 2017:03:07 22:00:42 dev-lxc build: completed
|
105
|
+
|
106
|
+
analytics.lxc RUNNING 10.0.3.204
|
107
|
+
|_ snap0 2017:03:07 21:49:34 dev-lxc build: products installed
|
108
|
+
|_ snap1 2017:03:07 22:00:38 dev-lxc build: completed
|
109
|
+
|
110
|
+
node-1-tier.lxc RUNNING 10.0.3.87
|
111
|
+
|_ snap0 2017:03:07 21:49:48 dev-lxc build: products installed
|
112
|
+
|_ snap1 2017:03:07 22:00:26 dev-lxc build: completed
|
113
|
+
```
|
114
|
+
|
115
|
+
The following command and described modifications were used to create the `tier_dev-lxc.yml` file.
|
116
|
+
|
117
|
+
```
|
118
|
+
dl init --chef-tier --analytics --nodes
|
119
|
+
```
|
120
|
+
|
121
|
+
The nodes' `chef_server_url` hostname was changed to `chef-tier.lxc` and the node's hostname was changed to `node-1-tier.lxc`.
|
122
|
+
|
123
|
+
## external
|
124
|
+
|
125
|
+
Cluster build time: 5 minutes
|
126
|
+
|
127
|
+
Download the [external_dev-lxc.yml](external_dev-lxc.yml) file to the dev-lxc-platform filesystem.
|
128
|
+
|
129
|
+
The `external` cluster needs the [postgres-partial.rb](conf-files/chef-server/postgres-partial.rb), [elasticsearch-partial.rb](conf-files/chef-server/elasticsearch-partial.rb) and [ldap-partial.rb](conf-files/chef-server/ldap-partial.rb) files copied to an appropriate location on dev-lxc-platform's filesystem.
|
130
|
+
|
131
|
+
Run the following commands as the dev-lxc-platform's root user to create new external postgres, elasticsearch and ldap servers for the `external` cluster.
|
132
|
+
|
133
|
+
```
|
134
|
+
docker rm my-postgres -f
|
135
|
+
docker rm my-elasticsearch -f
|
136
|
+
docker rm my-ldap -f
|
137
|
+
|
138
|
+
docker run --name my-postgres -d -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword postgres
|
139
|
+
docker run --name my-elasticsearch -d -p 9200:9200 -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" elasticsearch:2.3
|
140
|
+
docker run --name my-ldap -d -p 389:389 -e SLAPD_PASSWORD=mysecretpassword -e SLAPD_DOMAIN=ldap.example.org dinkel/openldap
|
141
|
+
```
|
142
|
+
|
143
|
+
The following is an example of `dl status` for this cluster.
|
144
|
+
|
145
|
+
```
|
146
|
+
chef-external.lxc RUNNING 10.0.3.233
|
147
|
+
|_ snap0 2017:03:14 19:51:33 dev-lxc build: products installed
|
148
|
+
|_ snap1 2017:03:14 19:55:23 dev-lxc build: completed
|
149
|
+
|
150
|
+
node-1-external.lxc RUNNING 10.0.3.87
|
151
|
+
|_ snap0 2017:03:14 19:52:08 dev-lxc build: products installed
|
152
|
+
|_ snap1 2017:03:14 19:55:11 dev-lxc build: completed
|
153
|
+
```
|
154
|
+
|
155
|
+
The following command and described modifications were used to create the `external_dev-lxc.yml` file.
|
156
|
+
|
157
|
+
```
|
158
|
+
dl init --chef --nodes --product-versions push-jobs-server:none reporting:none
|
159
|
+
```
|
160
|
+
|
161
|
+
The Chef server's hostname was changed to `chef-external.lxc` and its IP address was changed to `10.0.3.233`
|
162
|
+
|
163
|
+
Paths to the `postgres-partial.rb`, `elasticsearch-partial.rb` and `ldap-partial.rb` files were added to the Chef server's `chef-server.rb_partials` list.
|
164
|
+
|
165
|
+
The nodes' `chef_server_url` hostname was changed to `chef-external.lxc` and the node's hostname was changed to `node-1-external.lxc`.
|
@@ -1,98 +1,98 @@
|
|
1
|
-
# enable_build_snapshots automatically makes container snapshots at key times during the build process
|
2
|
-
# default value is `true`
|
3
|
-
#enable_build_snapshots: true
|
4
|
-
|
5
|
-
# base_container must be the name of an existing container
|
6
|
-
base_container: b-ubuntu-1404
|
7
|
-
|
8
|
-
# memory_per_server sets the maximum amount of user memory (including file cache) for each server.
|
9
|
-
# dev-lxc will set the `memory.limit_in_bytes` cgroup for each server to apply this limit.
|
10
|
-
# If no units are specified, the value is interpreted as bytes.
|
11
|
-
# You can use suffixes to represent larger units - k or K for kilobytes, m or M for megabytes, and g or G for gigabytes.
|
12
|
-
# The default behavior is that no limit is set.
|
13
|
-
#memory_per_server: 4G
|
14
|
-
|
15
|
-
# list any host directories you want mounted into the servers
|
16
|
-
#mounts:
|
17
|
-
# - /root/clusters root/clusters
|
18
|
-
|
19
|
-
# list any SSH public keys you want added to /home/dev-lxc/.ssh/authorized_keys
|
20
|
-
#ssh-keys:
|
21
|
-
# - /root/clusters/id_rsa.pub
|
22
|
-
|
23
|
-
# DHCP reserved (static) IPs must be selected from the IP range 10.0.3.150 - 254
|
24
|
-
|
25
|
-
chef-server:
|
26
|
-
users: # a user's password will be the same as its username
|
27
|
-
- mary-admin
|
28
|
-
- joe-user
|
29
|
-
orgs:
|
30
|
-
demo:
|
31
|
-
admins:
|
32
|
-
- mary-admin
|
33
|
-
non-admins:
|
34
|
-
- joe-user
|
35
|
-
servers:
|
36
|
-
chef.lxc:
|
37
|
-
ipaddress: 10.0.3.203
|
38
|
-
products:
|
39
|
-
chef-server:
|
40
|
-
channel: stable
|
41
|
-
version: latest
|
42
|
-
manage:
|
43
|
-
channel: stable
|
44
|
-
version: latest
|
45
|
-
push-jobs-server:
|
46
|
-
channel: stable
|
47
|
-
version: latest
|
48
|
-
|
49
|
-
compliance:
|
50
|
-
admin_user: admin # the password will be the same as the username
|
51
|
-
servers:
|
52
|
-
compliance.lxc:
|
53
|
-
ipaddress: 10.0.3.205
|
54
|
-
products:
|
55
|
-
compliance:
|
56
|
-
channel: stable
|
57
|
-
version: latest
|
58
|
-
|
59
|
-
supermarket:
|
60
|
-
servers:
|
61
|
-
supermarket.lxc:
|
62
|
-
ipaddress: 10.0.3.206
|
63
|
-
products:
|
64
|
-
supermarket:
|
65
|
-
channel: stable
|
66
|
-
version: latest
|
67
|
-
|
68
|
-
automate:
|
69
|
-
servers:
|
70
|
-
automate.lxc:
|
71
|
-
ipaddress: 10.0.3.200
|
72
|
-
products:
|
73
|
-
automate:
|
74
|
-
channel: stable
|
75
|
-
version: latest
|
76
|
-
license_path: ../delivery.license
|
77
|
-
chef_org: delivery
|
78
|
-
enterprise_name: demo-ent
|
79
|
-
|
80
|
-
runners:
|
81
|
-
servers:
|
82
|
-
runner-1.lxc:
|
83
|
-
products:
|
84
|
-
chefdk: # downloaded only
|
85
|
-
channel: stable
|
86
|
-
version: latest
|
87
|
-
|
88
|
-
nodes:
|
89
|
-
chef_server_url: https://chef.lxc/organizations/demo
|
90
|
-
validation_client_name: demo-validator
|
91
|
-
# comment out or remove the validation_key path to use chef-server keys generated by dev-lxc
|
92
|
-
validation_key: # /path/for/ORG-validator.pem
|
93
|
-
servers:
|
94
|
-
node-1.lxc:
|
95
|
-
products:
|
96
|
-
chef:
|
97
|
-
channel: stable
|
98
|
-
version: latest
|
1
|
+
# enable_build_snapshots automatically makes container snapshots at key times during the build process
|
2
|
+
# default value is `true`
|
3
|
+
#enable_build_snapshots: true
|
4
|
+
|
5
|
+
# base_container must be the name of an existing container
|
6
|
+
base_container: b-ubuntu-1404
|
7
|
+
|
8
|
+
# memory_per_server sets the maximum amount of user memory (including file cache) for each server.
|
9
|
+
# dev-lxc will set the `memory.limit_in_bytes` cgroup for each server to apply this limit.
|
10
|
+
# If no units are specified, the value is interpreted as bytes.
|
11
|
+
# You can use suffixes to represent larger units - k or K for kilobytes, m or M for megabytes, and g or G for gigabytes.
|
12
|
+
# The default behavior is that no limit is set.
|
13
|
+
#memory_per_server: 4G
|
14
|
+
|
15
|
+
# list any host directories you want mounted into the servers
|
16
|
+
#mounts:
|
17
|
+
# - /root/clusters root/clusters
|
18
|
+
|
19
|
+
# list any SSH public keys you want added to /home/dev-lxc/.ssh/authorized_keys
|
20
|
+
#ssh-keys:
|
21
|
+
# - /root/clusters/id_rsa.pub
|
22
|
+
|
23
|
+
# DHCP reserved (static) IPs must be selected from the IP range 10.0.3.150 - 254
|
24
|
+
|
25
|
+
chef-server:
|
26
|
+
users: # a user's password will be the same as its username
|
27
|
+
- mary-admin
|
28
|
+
- joe-user
|
29
|
+
orgs:
|
30
|
+
demo:
|
31
|
+
admins:
|
32
|
+
- mary-admin
|
33
|
+
non-admins:
|
34
|
+
- joe-user
|
35
|
+
servers:
|
36
|
+
chef.lxc:
|
37
|
+
ipaddress: 10.0.3.203
|
38
|
+
products:
|
39
|
+
chef-server:
|
40
|
+
channel: stable
|
41
|
+
version: latest
|
42
|
+
manage:
|
43
|
+
channel: stable
|
44
|
+
version: latest
|
45
|
+
push-jobs-server:
|
46
|
+
channel: stable
|
47
|
+
version: latest
|
48
|
+
|
49
|
+
compliance:
|
50
|
+
admin_user: admin # the password will be the same as the username
|
51
|
+
servers:
|
52
|
+
compliance.lxc:
|
53
|
+
ipaddress: 10.0.3.205
|
54
|
+
products:
|
55
|
+
compliance:
|
56
|
+
channel: stable
|
57
|
+
version: latest
|
58
|
+
|
59
|
+
supermarket:
|
60
|
+
servers:
|
61
|
+
supermarket.lxc:
|
62
|
+
ipaddress: 10.0.3.206
|
63
|
+
products:
|
64
|
+
supermarket:
|
65
|
+
channel: stable
|
66
|
+
version: latest
|
67
|
+
|
68
|
+
automate:
|
69
|
+
servers:
|
70
|
+
automate.lxc:
|
71
|
+
ipaddress: 10.0.3.200
|
72
|
+
products:
|
73
|
+
automate:
|
74
|
+
channel: stable
|
75
|
+
version: latest
|
76
|
+
license_path: ../delivery.license
|
77
|
+
chef_org: delivery
|
78
|
+
enterprise_name: demo-ent
|
79
|
+
|
80
|
+
runners:
|
81
|
+
servers:
|
82
|
+
runner-1.lxc:
|
83
|
+
products:
|
84
|
+
chefdk: # downloaded only
|
85
|
+
channel: stable
|
86
|
+
version: latest
|
87
|
+
|
88
|
+
nodes:
|
89
|
+
chef_server_url: https://chef.lxc/organizations/demo
|
90
|
+
validation_client_name: demo-validator
|
91
|
+
# comment out or remove the validation_key path to use chef-server keys generated by dev-lxc
|
92
|
+
validation_key: # /path/for/ORG-validator.pem
|
93
|
+
servers:
|
94
|
+
node-1.lxc:
|
95
|
+
products:
|
96
|
+
chef:
|
97
|
+
channel: stable
|
98
|
+
version: latest
|
@@ -1,81 +1,81 @@
|
|
1
|
-
# enable_build_snapshots automatically makes container snapshots at key times during the build process
|
2
|
-
# default value is `true`
|
3
|
-
#enable_build_snapshots: true
|
4
|
-
|
5
|
-
# base_container must be the name of an existing container
|
6
|
-
base_container: b-ubuntu-1404
|
7
|
-
|
8
|
-
# memory_per_server sets the maximum amount of user memory (including file cache) for each server.
|
9
|
-
# dev-lxc will set the `memory.limit_in_bytes` cgroup for each server to apply this limit.
|
10
|
-
# If no units are specified, the value is interpreted as bytes.
|
11
|
-
# You can use suffixes to represent larger units - k or K for kilobytes, m or M for megabytes, and g or G for gigabytes.
|
12
|
-
# The default behavior is that no limit is set.
|
13
|
-
#memory_per_server: 4G
|
14
|
-
|
15
|
-
# list any host directories you want mounted into the servers
|
16
|
-
#mounts:
|
17
|
-
# - /root/clusters root/clusters
|
18
|
-
|
19
|
-
# list any SSH public keys you want added to /home/dev-lxc/.ssh/authorized_keys
|
20
|
-
#ssh-keys:
|
21
|
-
# - /root/clusters/id_rsa.pub
|
22
|
-
|
23
|
-
# DHCP reserved (static) IPs must be selected from the IP range 10.0.3.150 - 254
|
24
|
-
|
25
|
-
chef-backend:
|
26
|
-
api_fqdn: chef-ha.lxc
|
27
|
-
users: # a user's password will be the same as its username
|
28
|
-
- mary-admin
|
29
|
-
- joe-user
|
30
|
-
orgs:
|
31
|
-
demo:
|
32
|
-
admins:
|
33
|
-
- mary-admin
|
34
|
-
non-admins:
|
35
|
-
- joe-user
|
36
|
-
servers:
|
37
|
-
chef-backend1.lxc:
|
38
|
-
ipaddress: 10.0.3.208
|
39
|
-
role: backend
|
40
|
-
leader: true
|
41
|
-
products:
|
42
|
-
chef-backend:
|
43
|
-
channel: stable
|
44
|
-
version: latest
|
45
|
-
chef-backend2.lxc:
|
46
|
-
ipaddress: 10.0.3.209
|
47
|
-
role: backend
|
48
|
-
products:
|
49
|
-
chef-backend:
|
50
|
-
channel: stable
|
51
|
-
version: latest
|
52
|
-
chef-backend3.lxc:
|
53
|
-
ipaddress: 10.0.3.210
|
54
|
-
role: backend
|
55
|
-
products:
|
56
|
-
chef-backend:
|
57
|
-
channel: stable
|
58
|
-
version: latest
|
59
|
-
chef-frontend1.lxc:
|
60
|
-
ipaddress: 10.0.3.211
|
61
|
-
role: frontend
|
62
|
-
bootstrap: true
|
63
|
-
products:
|
64
|
-
chef-server:
|
65
|
-
channel: stable
|
66
|
-
version: latest
|
67
|
-
manage:
|
68
|
-
channel: stable
|
69
|
-
version: latest
|
70
|
-
|
71
|
-
nodes:
|
72
|
-
chef_server_url: https://chef-ha.lxc/organizations/demo
|
73
|
-
validation_client_name: demo-validator
|
74
|
-
# comment out or remove the validation_key path to use chef-server keys generated by dev-lxc
|
75
|
-
validation_key: # /path/for/ORG-validator.pem
|
76
|
-
servers:
|
77
|
-
node-1-ha.lxc:
|
78
|
-
products:
|
79
|
-
chef:
|
80
|
-
channel: stable
|
81
|
-
version: latest
|
1
|
+
# enable_build_snapshots automatically makes container snapshots at key times during the build process
|
2
|
+
# default value is `true`
|
3
|
+
#enable_build_snapshots: true
|
4
|
+
|
5
|
+
# base_container must be the name of an existing container
|
6
|
+
base_container: b-ubuntu-1404
|
7
|
+
|
8
|
+
# memory_per_server sets the maximum amount of user memory (including file cache) for each server.
|
9
|
+
# dev-lxc will set the `memory.limit_in_bytes` cgroup for each server to apply this limit.
|
10
|
+
# If no units are specified, the value is interpreted as bytes.
|
11
|
+
# You can use suffixes to represent larger units - k or K for kilobytes, m or M for megabytes, and g or G for gigabytes.
|
12
|
+
# The default behavior is that no limit is set.
|
13
|
+
#memory_per_server: 4G
|
14
|
+
|
15
|
+
# list any host directories you want mounted into the servers
|
16
|
+
#mounts:
|
17
|
+
# - /root/clusters root/clusters
|
18
|
+
|
19
|
+
# list any SSH public keys you want added to /home/dev-lxc/.ssh/authorized_keys
|
20
|
+
#ssh-keys:
|
21
|
+
# - /root/clusters/id_rsa.pub
|
22
|
+
|
23
|
+
# DHCP reserved (static) IPs must be selected from the IP range 10.0.3.150 - 254
|
24
|
+
|
25
|
+
chef-backend:
|
26
|
+
api_fqdn: chef-ha.lxc
|
27
|
+
users: # a user's password will be the same as its username
|
28
|
+
- mary-admin
|
29
|
+
- joe-user
|
30
|
+
orgs:
|
31
|
+
demo:
|
32
|
+
admins:
|
33
|
+
- mary-admin
|
34
|
+
non-admins:
|
35
|
+
- joe-user
|
36
|
+
servers:
|
37
|
+
chef-backend1.lxc:
|
38
|
+
ipaddress: 10.0.3.208
|
39
|
+
role: backend
|
40
|
+
leader: true
|
41
|
+
products:
|
42
|
+
chef-backend:
|
43
|
+
channel: stable
|
44
|
+
version: latest
|
45
|
+
chef-backend2.lxc:
|
46
|
+
ipaddress: 10.0.3.209
|
47
|
+
role: backend
|
48
|
+
products:
|
49
|
+
chef-backend:
|
50
|
+
channel: stable
|
51
|
+
version: latest
|
52
|
+
chef-backend3.lxc:
|
53
|
+
ipaddress: 10.0.3.210
|
54
|
+
role: backend
|
55
|
+
products:
|
56
|
+
chef-backend:
|
57
|
+
channel: stable
|
58
|
+
version: latest
|
59
|
+
chef-frontend1.lxc:
|
60
|
+
ipaddress: 10.0.3.211
|
61
|
+
role: frontend
|
62
|
+
bootstrap: true
|
63
|
+
products:
|
64
|
+
chef-server:
|
65
|
+
channel: stable
|
66
|
+
version: latest
|
67
|
+
manage:
|
68
|
+
channel: stable
|
69
|
+
version: latest
|
70
|
+
|
71
|
+
nodes:
|
72
|
+
chef_server_url: https://chef-ha.lxc/organizations/demo
|
73
|
+
validation_client_name: demo-validator
|
74
|
+
# comment out or remove the validation_key path to use chef-server keys generated by dev-lxc
|
75
|
+
validation_key: # /path/for/ORG-validator.pem
|
76
|
+
servers:
|
77
|
+
node-1-ha.lxc:
|
78
|
+
products:
|
79
|
+
chef:
|
80
|
+
channel: stable
|
81
|
+
version: latest
|
@@ -0,0 +1,38 @@
|
|
1
|
+
|
2
|
+
# Chef Server doesn't work properly with elasticsearch 5.x but i'm keeping the following info here for reference anyway
|
3
|
+
# reference: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
|
4
|
+
# docker run --name my-elasticsearch -d -p 9200:9200 -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" -e "xpack.security.enabled=false docker.elastic.co/elasticsearch/elasticsearch:5.2.2
|
5
|
+
|
6
|
+
|
7
|
+
# Chef Server works with elasticsearch 2.3 so use the following docker command to create an elasticsearch instance
|
8
|
+
# reference: https://hub.docker.com/r/library/elasticsearch/
|
9
|
+
# docker run --name my-elasticsearch -d -p 9200:9200 -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" elasticsearch:2.3
|
10
|
+
|
11
|
+
|
12
|
+
# reference: https://github.com/chef/chef-server/blob/master/PRIOR_RELEASE_NOTES.md#elasticsearch-search-indexing
|
13
|
+
# These settings ensure that we use remote elasticsearch
|
14
|
+
# instead of local solr for search. This also
|
15
|
+
# set search_queue_mode to 'batch' to remove the indexing
|
16
|
+
# dependency on rabbitmq, which is not supported in this HA configuration.
|
17
|
+
opscode_solr4['external'] = true
|
18
|
+
opscode_solr4['external_url'] = 'http://10.0.3.1:9200'
|
19
|
+
opscode_erchef['search_provider'] = 'elasticsearch'
|
20
|
+
opscode_erchef['search_queue_mode'] = 'batch'
|
21
|
+
|
22
|
+
# RabbitMQ settings
|
23
|
+
|
24
|
+
# Disable rabbit backend. Note that this makes
|
25
|
+
# this incompatible with reporting and analytics unless you're bringing in
|
26
|
+
# an external rabbitmq.
|
27
|
+
rabbitmq['enable'] = false
|
28
|
+
rabbitmq['management_enabled'] = false
|
29
|
+
rabbitmq['queue_length_monitor_enabled'] = false
|
30
|
+
|
31
|
+
# Opscode Expander
|
32
|
+
#
|
33
|
+
# opscode-expander isn't used when the search_queue_mode is batch. It
|
34
|
+
# also doesn't support the elasticsearch backend.
|
35
|
+
opscode_expander['enable'] = false
|
36
|
+
|
37
|
+
# Prevent startup failures due to missing rabbit host
|
38
|
+
dark_launch['actions'] = false
|
@@ -0,0 +1,10 @@
|
|
1
|
+
|
2
|
+
# reference: https://hub.docker.com/r/dinkel/openldap/
|
3
|
+
# docker run --name my-ldap -d -p 389:389 -e SLAPD_PASSWORD=mysecretpassword -e SLAPD_DOMAIN=ldap.example.org dinkel/openldap
|
4
|
+
|
5
|
+
# reference: https://docs.chef.io/server_ldap.html
|
6
|
+
ldap['base_dn'] = 'DC=ldap,DC=example,DC=org'
|
7
|
+
ldap['bind_dn'] = 'CN=admin,DC=ldap,DC=example,DC=org'
|
8
|
+
ldap['bind_password'] = 'mysecretpassword'
|
9
|
+
ldap['host'] = '10.0.3.1'
|
10
|
+
ldap['login_attribute'] = 'cn'
|
@@ -0,0 +1,14 @@
|
|
1
|
+
|
2
|
+
# reference: https://hub.docker.com/_/postgres/
|
3
|
+
# docker run --name my-postgres -d -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword postgres
|
4
|
+
|
5
|
+
# reference:
|
6
|
+
# https://docs.chef.io/server_components.html#external-postgresql
|
7
|
+
# https://github.com/chef/chef-server/blob/master/PRIOR_RELEASE_NOTES.md#chef-server-5
|
8
|
+
# Specify that postgresql is an external database, and provide the
|
9
|
+
# VIP of this cluster. This prevents the chef-server instance
|
10
|
+
# from creating it's own local postgresql instance.
|
11
|
+
postgresql['external'] = true
|
12
|
+
postgresql['vip'] = '10.0.3.1'
|
13
|
+
postgresql['db_superuser'] = 'postgres'
|
14
|
+
postgresql['db_superuser_password'] = 'mysecretpassword'
|