Binary data in an encrypted data bag?


#1

Hey folks,

I’m running into sporadic issues with a binary file that we currently have
generated at every chef run (.mylogin.cnf). The file appears to be salted,
because it changes every time it’s re-generated with the same credentials.

My problem is that sometimes the resulting file works perfectly for my use
(with the Mysql2 gem), and sometimes it segfaults the Ruby process. It
works all the time for the mysql console, though.

I’d like to try the workaround of saving a good known version of the file
in an encrypted data bag. The file is binary, however.

Has anyone had success saving binary data to data bags? Should I
encode/decode it myself (e.g. base64), or is there some way to store binary
data in data bags that I don’t see in the data bag documentation?

Thanks in advance!

Mat

Note: I’ve asked the maintainers of
mysql2https://github.com/brianmario/mysql2/issues/494about those
segfaults.

I’m the founder of Rock Solid Ops https://www.rocksolidops.com, a web
operations and development consultancy.

I’m also the organizer of DevOpsMtl http://www.devopsmtl.com, a monthly
event to discuss the challenges, tools and the culture surrounding the
DevOps movement.

My main fields of expertise are web development with Ruby on Rails, DevOps
and a bit of mobile development. If you need help scaling, monitoring,
securing or managing your web infrastructure (Rails or not), get in touch!

Connect with me and read testimonials on my
LinkedInhttp://ca.linkedin.com/in/mathieumartin/,
follow me on twitter @webmat http://twitter.com/webmat, or check out my
blog at programblings.comhttp://www.programblings.com?utm_source=email+signature
.


#2

From your bug report, it looks like it’s either a bug in ruby or the mysql2 gem. But I also see that you’re on ruby 1.8. I’d recommend upgrading to ruby 1.9 at least, which you’ll get as part of the chef omnibus installer if you go that route: http://www.getchef.com/chef/install/


Daniel DeLeo

On Thursday, March 6, 2014 at 9:08 AM, Mathieu Martin wrote:

Hey folks,

I’m running into sporadic issues with a binary file that we currently have generated at every chef run (.mylogin.cnf). The file appears to be salted, because it changes every time it’s re-generated with the same credentials.

My problem is that sometimes the resulting file works perfectly for my use (with the Mysql2 gem), and sometimes it segfaults the Ruby process. It works all the time for the mysql console, though.

I’d like to try the workaround of saving a good known version of the file in an encrypted data bag. The file is binary, however.

Has anyone had success saving binary data to data bags? Should I encode/decode it myself (e.g. base64), or is there some way to store binary data in data bags that I don’t see in the data bag documentation?

Thanks in advance!

Mat

Note: I’ve asked the maintainers of mysql2 (https://github.com/brianmario/mysql2/issues/494) about those segfaults.

I’m the founder of Rock Solid Ops (https://www.rocksolidops.com), a web operations and development consultancy.

I’m also the organizer of DevOpsMtl (http://www.devopsmtl.com), a monthly event to discuss the challenges, tools and the culture surrounding the DevOps movement.

My main fields of expertise are web development with Ruby on Rails, DevOps and a bit of mobile development. If you need help scaling, monitoring, securing or managing your web infrastructure (Rails or not), get in touch!

Connect with me and read testimonials on my LinkedIn (http://ca.linkedin.com/in/mathieumartin/), follow me on twitter @webmat (http://twitter.com/webmat), or check out my blog at programblings.com (http://www.programblings.com?utm_source=email+signature).


#3

Haha yes, I know our Ruby is way out of date. We have more pressing issues
at the moment, but this is definitely on our radar.

What about saving binary data to a data bag? Has anybody been doing this?

Thanks,

Mat

On Thu, Mar 6, 2014 at 12:13 PM, Daniel DeLeo dan@kallistec.com wrote:

From your bug report, it looks like it’s either a bug in ruby or the
mysql2 gem. But I also see that you’re on ruby 1.8. I’d recommend upgrading
to ruby 1.9 at least, which you’ll get as part of the chef omnibus
installer if you go that route: http://www.getchef.com/chef/install/


Daniel DeLeo

On Thursday, March 6, 2014 at 9:08 AM, Mathieu Martin wrote:

Hey folks,

I’m running into sporadic issues with a binary file that we currently
have generated at every chef run (.mylogin.cnf). The file appears to be
salted, because it changes every time it’s re-generated with the same
credentials.

My problem is that sometimes the resulting file works perfectly for my
use (with the Mysql2 gem), and sometimes it segfaults the Ruby process. It
works all the time for the mysql console, though.

I’d like to try the workaround of saving a good known version of the
file in an encrypted data bag. The file is binary, however.

Has anyone had success saving binary data to data bags? Should I
encode/decode it myself (e.g. base64), or is there some way to store binary
data in data bags that I don’t see in the data bag documentation?

Thanks in advance!

Mat

Note: I’ve asked the maintainers of mysql2 (
https://github.com/brianmario/mysql2/issues/494) about those segfaults.

I’m the founder of Rock Solid Ops (https://www.rocksolidops.com), a web
operations and development consultancy.

I’m also the organizer of DevOpsMtl (http://www.devopsmtl.com), a
monthly event to discuss the challenges, tools and the culture surrounding
the DevOps movement.

My main fields of expertise are web development with Ruby on Rails,
DevOps and a bit of mobile development. If you need help scaling,
monitoring, securing or managing your web infrastructure (Rails or not),
get in touch!

Connect with me and read testimonials on my LinkedIn (
http://ca.linkedin.com/in/mathieumartin/), follow me on twitter @webmat (
http://twitter.com/webmat), or check out my blog at programblings.com (
http://www.programblings.com?utm_source=email+signature).

I’m the founder of Rock Solid Ops https://www.rocksolidops.com, a web
operations and development consultancy.

I’m also the organizer of DevOpsMtl http://www.devopsmtl.com, a monthly
event to discuss the challenges, tools and the culture surrounding the
DevOps movement.

My main fields of expertise are web development with Ruby on Rails, DevOps
and a bit of mobile development. If you need help scaling, monitoring,
securing or managing your web infrastructure (Rails or not), get in touch!

Connect with me and read testimonials on my
LinkedInhttp://ca.linkedin.com/in/mathieumartin/,
follow me on twitter @webmat http://twitter.com/webmat, or check out my
blog at programblings.comhttp://www.programblings.com?utm_source=email+signature
.