- Chef 개요
- CentOS에서 Chef 설치
- Cookbook
- Knife 사용법
- 참고 문헌
설정 자동화 툴(Server Configuration Management)인 Chef를 정리 합니다.
홈페이지 : http://www.opscode.com/chef/
다운로드 :
라이선스 : Apache 2.0
플랫폼 : Ruby
Chef 개요
Chef는 형상 관리 및 시스템 통합의 자동화 목적으로 사용되는 오픈소스 프레임워크 입니다.
Chef Architecture
{|cellspacing="0" cellpadding="2" border="1" width="100%" bgcolor="#FFFFFF" align="center"
|-
|width="25%" align="center" valign="middle" style="background-color:#eee;"|시스템
|width="75%" align="center" valign="middle" style="background-color:#eee;"|상세 |- |align="center" valign="middle" style="background-color:#eee;"|WorkStation |Chef client, 작업 컴퓨터 align="center" valign="middle" style="background-color:#eee;" 인프라 구성을 저장하는 장비 align="center" valign="middle" style="background-color:#eee;" Chef client를 이용하여 구성 되어야할 장비
|}주요 구성 요소
Modeling Your Infrastructure
:{|cellspacing="0" cellpadding="2" border="1" width="100%" bgcolor="#FFFFFF" align="center"
|-
|width="25%" align="center" valign="middle" style="background-color:#eee;"|구성요소
|width="75%" align="center" valign="middle" style="background-color:#eee;"|상세 |- |align="center" valign="middle" style="background-color:#eee;"|Nodes |
관리되는 서버 또는 시스템 단위, Recipe와 Role이 적용되는 서버
Run List : Node에서 실행될 recipe 목록으로 role을 포함 합니다.
Node Attributes : Node가 가지는 속석, key/value로 구성된 node와 role의 관계
default[:ems][:is_install](:is_install.md) = true|-
|align="center" valign="middle" style="background-color:#eee;"|Roles
|
Node가 가지는 역할 (예, Web Server, DB Server)
Run List
Role Attributes
|}Configuring Nodes
:{|cellspacing="0" cellpadding="2" border="1" width="100%" bgcolor="#FFFFFF" align="center"
|-
|width="25%" align="center" valign="middle" style="background-color:#eee;"|구성요소
|width="75%" align="center" valign="middle" style="background-color:#eee;"|상세 |- |align="center" valign="middle" style="background-color:#eee;"|Cookbooks |
분배하는 서비스 모듈 (예, Apache, MySQL)
Configuration 정보를 package, 분배, 공유하는 수단
recipe, resource definition, attribute, library, cookbook file, template file, metadata의 모음
Cookbook
Recipes -> Resource -> Providers
Attributes
Templates, Files, Libraries
Templates
vi ~.erb
'NAME':'<%= @attr %>'|-
|align="center" valign="middle" style="background-color:#eee;"|Recipes
|
순서대로 적용되어야 하는 리소스
DSL (Domain Specific Language) 사용, Ruby file align="center" valign="middle" style="background-color:#eee;" Metadata.rb
Cookbook에 대한 정보 입력, 의존성 입력 align="center" valign="middle" style="background-color:#eee;" Data container Resource Attributes : Resource 속성
Actions : 실행하고자 하는 활동 align="center" valign="middle" style="background-color:#eee;" Resource를 추상화하기 위한 이행 도구 align="center" valign="middle" style="background-color:#eee;" 인프라에 대한 임의의 데이터 조회
[[Solr]] / [[Lucene]], RabbitMQ 사용, Full Text Search 지원 align="center" valign="middle" style="background-color:#eee;" Chef Server에 저장되는 key/value 데이터
JSON 형태로 저장되는 Global Value (예, Node의 IP Address) align="center" valign="middle" style="background-color:#eee;" Production, Staging, Development, Testing 등 구조적으로 분리된 다른 공간을 관리하기 위한 매카니즘
|}Managing Chef
:{|cellspacing="0" cellpadding="2" border="1" width="100%" bgcolor="#FFFFFF" align="center"
|-
|width="25%" align="center" valign="middle" style="background-color:#eee;"|구성요소
|width="75%" align="center" valign="middle" style="background-color:#eee;"|상세 |- |align="center" valign="middle" style="background-color:#eee;"|Knife |
Chef Client가 설치된 Node에서 Chef Sever로의 CLI
REST API 지원 align="center" valign="middle" style="background-color:#eee;" Chef Server API로 Web UI 제공 align="center" valign="middle" style="background-color:#eee;" Chef Console
|}
파일:Chef Architecture.png사용 S/W
CentOS에서 Chef 설치
Chef Server와 Client의 hostname은 FQDN을 만족하여야 합니다.
hostname -fChef Server 0.10.6 설치
rpm -Uvh http://rbel.frameos.org/rbel6 #--- RBEL repository 설치
# yum remove ruby, yum remove ruby-libs #--- Ruby 관련 삭제
yum install rubygem-chef-server #--- Chef Server 설치
cd /usr/sbin
./setup-chef-server.sh #--- 이 파일이 없을 경우, Ruby 관련 삭제부터 다시 실행설치된 폴더 : /etc/chef
기동 종료
service chef-server start #--- start, stop, status사용 port
Chef Restful API Server : 4000
Chef Server 웹 UI : 4040
CouchDB : 5984
RabbitMQ : 5672,4369,47762
Chef Solr : 8983
방화벽에서 4040과 4000 port를 열어 주세요.
사용 폴더
/etc/chef/ : Chef 설치 폴더
/var/chef/ : Chef 관련 폴더
서비스 접속 : http://localhost:4040/, admin / chef321go
Admin type의 Knife 등록 (Chef Server에 Client가 등록됨)
Knife의 종류는 Admin과 일반 type이 있습니다.
Chef Server가 설치된 서버와 다른 서버에 설치가 가능 합니다.
cd ~
mkdir .chef
cd .chef
cp /etc/chef/validation.pem .
knife configure -i
# "Please enter a clientname for the new client: [root](root.md)" 에 대해서만 적당한 값을 등록 합니다.
Overwrite /root/.chef/knife.rb? (Y/N) y
Please enter the chef server URL: [http://www.ossbiz.co.kr:4000](http://www.ossbiz.co.kr:4000)
Please enter a clientname for the new client: [root](root.md) ossbiz
Please enter the existing admin clientname: [chef-webui](chef-webui.md)
Please enter the location of the existing admin client's private key: [/etc/chef/webui.pem](/etc/chef/webui.pem.md)
Please enter the validation clientname: [chef-validator](chef-validator.md)
Please enter the location of the validation key: [/etc/chef/validation.pem](/etc/chef/validation.pem.md)
Please enter the path to a chef repository (or leave blank):
Creating initial API user...
Created client[ossbiz](ossbiz.md)
Configuration file written to /root/.chef/knife.rb
# export EDITOR=vi
knife -hChef Client 0.10.6 설치 (Chef Server에 Client와 Node가 등록됨)
Hostname 설정
hostname client001.testdomain.com #--- 서버에 적용
또는
chef-client -N client001.testdomain.com #--- Chef Client에서만 사용Chef client 설치
rpm -Uvh http://rbel.frameos.org/rbel6 #--- RBEL repository 설치
yum install rubygem-chef
cd /etc/chef
knife configure client ./
#--- client.rb와 validation.pem 파일이 생성됨
vi client.rb
chef_server_url 'http://www.ossbiz.co.kr:4000'
#Chef Server에 있는 validation.pem 파일을 여기로 복사 합니다.
#cp /etc/chef/validation.pem .
chef-client #--- client.pem 파일이 생성 됩니다.
rm validation.pem #--- 보안상 Client에 있는 validataion.pem 파일을 삭제knife 명령으로 확인
knife node list
knife client listCher Server 초기화
yum remove rubygem-chef-* couchdb rabbitmq-server
rm -rf /var/lib/couchdb/ /var/lib/rabbitmq/등록된 서비스 (/etc/init.d/)
chef-client
chef-expander
chef-server
chef-server-webui
chef-solr
couchdb
rabbitmq-serverCookbook
HelloWorld Cookbook 생성
knife cookbook create HelloWorld #--- /var/chef/cookbooks/HelloWorld/ 폴더가 생성이 됩니다.
vi /var/chef/cookbooks/HelloWorld/attributes/HelloWorld.rb
default['message']('message'.md)="Hello world!!"
vi /var/chef/cookbooks/HelloWorld/recipes/default.rb
template "/tmp/HelloWorld.txt" do
source "HelloWorld.txt.erb"
variables :message => node['message']('message'.md)
action :create
end
vi /var/chef/cookbooks/HelloWorld/templates/default/HelloWorld.txt.erb
My Message is : <%= @message %>
cd /var/chef/cookbooks
knife cookbook upload -a -o . #--- 새로 만든 HelloWorld Cookbook을 업로드
knife cookbook listChef Client에 적용
여기서 "www.ossbiz.co.kr"는 node의 이름 입니다.
knife node run_list add www.ossbiz.co.kr 'recipe[HelloWorld](HelloWorld.md)'
knife node show www.ossbiz.co.kr -r
chef-client
cat /tmp/HelloWorld.txtHelloWorld Cookbook 삭제
knife cookbook delete HelloWorld #--- Cookbook 이름으로 삭제
knife cookbook delete HelloWorld 0.0.1 #--- Cookbook 이름과 버전으로 삭제Knife 사용법
Usage: knife sub-command (options)
-s, --server-url URL Chef Server URL
-k, --key KEY API Client Key
--color Use colored output
-c, --config CONFIG The configuration file to use
--defaults Accept default values for all questions
-e, --editor EDITOR Set the editor to use for interactive commands
-E, --environment ENVIRONMENT Set the Chef environment
-F, --format FORMAT Which format to use for output
--no-color Don't use colors in the output
-n, --no-editor Do not open EDITOR, just accept the data as is
-u, --user USER API Client Username
--print-after Show the data after a destructive operation
-V, --verbose More verbose output. Use twice for max verbosity
-v, --version Show chef version
-y, --yes Say yes to all prompts for confirmation
-h, --help Show this message
Available subcommands: (for details, knife SUB-COMMAND --help)BOOTSTRAP COMMANDS
knife bootstrap FQDN (options)CLIENT COMMANDS
knife client bulk delete REGEX (options)
knife client show CLIENT (options)
knife client create CLIENT (options)
knife client edit CLIENT (options)
knife client delete CLIENT (options)
knife client reregister CLIENT (options)
knife client list (options)CONFIGURE COMMANDS
knife configure client DIRECTORY
knife configure (options)COOKBOOK COMMANDS
knife cookbook upload [COOKBOOKS...](COOKBOOKS....md) (options)
knife cookbook metadata from FILE (options)
knife cookbook create COOKBOOK (options)
knife cookbook show COOKBOOK [VERSION] [PART] [FILENAME](FILENAME.md) (options)
knife cookbook list (options)
knife cookbook download COOKBOOK [VERSION](VERSION.md) (options)
knife cookbook delete COOKBOOK VERSION (options)
knife cookbook metadata COOKBOOK (options)
knife cookbook test [COOKBOOKS...](COOKBOOKS....md) (options)
knife cookbook bulk delete REGEX (options)COOKBOOK SITE COMMANDS
knife cookbook site search QUERY (options)
knife cookbook site unshare COOKBOOK
knife cookbook site share COOKBOOK CATEGORY (options)
knife cookbook site download COOKBOOK [VERSION](VERSION.md) (options)
knife cookbook site show COOKBOOK [VERSION](VERSION.md) (options)
knife cookbook site list (options)
knife cookbook site install COOKBOOK [VERSION](VERSION.md) (options)DATA BAG COMMANDS
knife data bag list (options)
knife data bag delete BAG [ITEM](ITEM.md) (options)
knife data bag create BAG [ITEM](ITEM.md) (options)
knife data bag edit BAG ITEM (options)
knife data bag from file BAG FILE (options)
knife data bag show BAG [ITEM](ITEM.md) (options)ENVIRONMENT COMMANDS
knife environment from file FILE (options)
knife environment show ENVIRONMENT (options)
knife environment create ENVIRONMENT (options)
knife environment edit ENVIRONMENT (options)
knife environment list (options)
knife environment delete ENVIRONMENT (options)EXEC COMMANDS
knife exec [SCRIPT](SCRIPT.md) (options)HELP COMMANDS
knife help [list|TOPIC](list|TOPIC.md)INDEX COMMANDS
knife index rebuild (options)NODE COMMANDS
knife node bulk delete REGEX (options)
knife node edit NODE (options)
knife node show NODE (options)
knife node run_list remove [NODE] [ENTRY](ENTRY.md) (options)
knife node from file FILE (options)
knife node run_list add [NODE] [ENTRY](ENTRY.md) (options)
knife node create NODE (options)
knife node delete NODE (options)
knife node list (options)RECIPE COMMANDS
knife recipe list [PATTERN](PATTERN.md)ROLE COMMANDS
knife role show ROLE (options)
knife role bulk delete REGEX (options)
knife role list (options)
knife role delete ROLE (options)
knife role from file FILE [FILE..](FILE...md) (options)
knife role edit ROLE (options)
knife role create ROLE (options)SEARCH COMMANDS
knife search INDEX QUERY (options)SSH COMMANDS
knife ssh QUERY COMMAND (options)STATUS COMMANDS
knife status QUERY (options)TAG COMMANDS
knife tag create NODE TAG ...
knife tag delete NODE TAG ...
knife tag list NODE참고 문헌
-
http://www.joinc.co.kr/modules/moniwiki/wiki.php/Site/cloud/automation/chefInstall
http://naleejang.tistory.com/43
[[Category:Cloud|Category:Cloud]]
[[Category:DevOps|Category:DevOps]]
분류: BigData