Hi,
I have RHEL environment and due to network security in place, our Redhat server can not communicate with internet.
when i try bootstraping node from workstation, it tries to download the chefclient package node from internet which is not allowed in our network.
Is there any way to download the client package on clients from any reporitory on LAN during bootstraping porcess, rather than the client trying to download it from internet.
Thank you.
Bootstrapping really just does a few things:
You can write a shell script that does the same thing, and invoke it with ssh.
Or if you are using kickstart, you can simply add all of these steps to your kickstart file.
In my own scenario, I have a ruby script that generates the kickstart file. In the %post section, I have this (obviously, my code still pulls chef from the Internet - you would have to change that part!):
ks_config_post="
%post --log=/root/ks-post2.log
mkdir -p /etc/chef
cat >/etc/chef/validation.pem <<ENDVALIDATION
#{validation_file}
ENDVALIDATION
cat >/etc/chef/encrypted_data_bag_secret <<ENDDATABAG
#{data_bag_key}
ENDDATABAG
cat >/etc/chef/client.rb <<ENDCHEF
#{client_rb}
ENDCHEF
chmod 600 /etc/chef/encrypted_data_bag_secret
yum install -y policycoreutils-python
echo 'Initial chef run’
echo “curl -L https://omnitruck.chef.io/install.sh | sudo bash” >/root/firstrun.chef
echo “/usr/bin/chef-client --once --no-fork --runlist=main -l info -L /root/chef-initial-run.log” >>/root/firstrun.chef
chmod +x /root/firstrun.chef
/root/firstrun.chef
%end
"
Kevin Keane
Whom the IT Pros Call
The NetTech
760-721-8339
http://www.4nettech.com
Our values: Privacy, Liberty, Justice
See https://www.4nettech.com/corp/the-nettech-values.html
You have a bunch of options, if you want to use knife bootsrap you can create your custom template following instructions here