Vagrant and chef server


#1

Hi guys

We are using vagrant based virtualboxes to do our development on. The
configuration is pulled in via a chef server.

I was wondering how other people deal with the following two questions /
what best practice is:

  1. The validation.pem. I am relucatant to check the key into our git, is
    there a clever way to authenticate with the chef server without the need
    of every developer needing the client validation.pem on their local
    workstation? (I suppose not, but maybe I am missing something?)

  2. The fact that a chef server run adds a node and a client entry for
    every box a developer creates. Is there a way to not have this happen?
    As we want to use the central chef server to pull the config from,
    however we are not interested in inventory for them.

Thanks

Ralph


#2

Hey Ralph,

As a shameless plug, my solution is to use Chef
Zerohttps://github.com/jkeiser/chef-zero.
To make it more manageable I use the vagrant plugin I wrote,
vagrant-chef-zero http://github.com/andrewgross/vagrant-chef-zero.

Chef-Zero is an in memory Chef server that runs locally, so it is easy to
dispose of and recreate. Additionally, there is no authentication required
(vagrant-chef-zero even patches out the need to specify a key locally).
While this is clean and reproducible, you will need to have a copy of
cookbooks and node data to push up to Chef Zero.

Andrew

On Wed, Jul 17, 2013 at 9:41 AM, Ralph Schwaninger <ralph@bravenewtalent.com

wrote:

Hi guys

We are using vagrant based virtualboxes to do our development on. The
configuration is pulled in via a chef server.

I was wondering how other people deal with the following two questions /
what best practice is:

  1. The validation.pem. I am relucatant to check the key into our git, is
    there a clever way to authenticate with the chef server without the need of
    every developer needing the client validation.pem on their local
    workstation? (I suppose not, but maybe I am missing something?)

  2. The fact that a chef server run adds a node and a client entry for
    every box a developer creates. Is there a way to not have this happen? As
    we want to use the central chef server to pull the config from, however we
    are not interested in inventory for them.

Thanks

Ralph


#3

Very interesting approach. However how do you keep the cookbooks in sync
with what you have on your production chef server. Is that automated or
do you manually keep the files in sync?

Thanks Andrew

Ralph

On 17/07/13 15:21, Andrew Gross wrote:

Hey Ralph,

As a shameless plug, my solution is to use Chef Zero
https://github.com/jkeiser/chef-zero. To make it more manageable I
use the vagrant plugin I wrote, vagrant-chef-zero
http://github.com/andrewgross/vagrant-chef-zero.

Chef-Zero is an in memory Chef server that runs locally, so it is easy
to dispose of and recreate. Additionally, there is no authentication
required (vagrant-chef-zero even patches out the need to specify a key
locally). While this is clean and reproducible, you will need to have
a copy of cookbooks and node data to push up to Chef Zero.

Andrew

On Wed, Jul 17, 2013 at 9:41 AM, Ralph Schwaninger
<ralph@bravenewtalent.com mailto:ralph@bravenewtalent.com> wrote:

Hi guys

We are using vagrant based virtualboxes to do our development on.
The configuration is pulled in via a chef server.

I was wondering how other people deal with the following two
questions / what best practice is:

1) The validation.pem. I am relucatant to check the key into our
git, is there a clever way to authenticate with the chef server
without the need of every developer needing the client
validation.pem on their local workstation? (I suppose not, but
maybe I am missing something?)

2) The fact that a chef server run adds a node and a client entry
for every box a developer creates. Is there a way to not have this
happen? As we want to use the central chef server to pull the
config from, however we are not interested in inventory for them.

Thanks

Ralph

#4

At the moment I use Berkshelf to pull down dependencies locally from our
production Chef server, then during the Vagrant run I have Berkshelf upload
them to Chef Zero.

On Wed, Jul 17, 2013 at 10:48 AM, Ralph Schwaninger <
ralph@bravenewtalent.com> wrote:

Very interesting approach. However how do you keep the cookbooks in sync
with what you have on your production chef server. Is that automated or do
you manually keep the files in sync?

Thanks Andrew

Ralph

On 17/07/13 15:21, Andrew Gross wrote:

Hey Ralph,

As a shameless plug, my solution is to use Chef Zerohttps://github.com/jkeiser/chef-zero.
To make it more manageable I use the vagrant plugin I wrote,
vagrant-chef-zero http://github.com/andrewgross/vagrant-chef-zero.

Chef-Zero is an in memory Chef server that runs locally, so it is easy
to dispose of and recreate. Additionally, there is no authentication
required (vagrant-chef-zero even patches out the need to specify a key
locally). While this is clean and reproducible, you will need to have a
copy of cookbooks and node data to push up to Chef Zero.

Andrew

On Wed, Jul 17, 2013 at 9:41 AM, Ralph Schwaninger <
ralph@bravenewtalent.com> wrote:

Hi guys

We are using vagrant based virtualboxes to do our development on. The
configuration is pulled in via a chef server.

I was wondering how other people deal with the following two questions /
what best practice is:

  1. The validation.pem. I am relucatant to check the key into our git, is
    there a clever way to authenticate with the chef server without the need of
    every developer needing the client validation.pem on their local
    workstation? (I suppose not, but maybe I am missing something?)

  2. The fact that a chef server run adds a node and a client entry for
    every box a developer creates. Is there a way to not have this happen? As
    we want to use the central chef server to pull the config from, however we
    are not interested in inventory for them.

Thanks

Ralph


#5

Shameless plug here too… :slight_smile:

On the matter of not keeping inventory on the Chef server, I wrote Vagrant::Butcher [1] to automatically clean up node and client when you destroy the box.

[1] https://github.com/cassianoleal/vagrant-butcher


Cassiano Leal
http://cassianoleal.com
http://twitter.com/cassianoleal

On July 17, 2013 at 11:53:00, Andrew Gross (andrew@yipit.com) wrote:

At the moment I use Berkshelf to pull down dependencies locally from our production Chef server, then during the Vagrant run I have Berkshelf upload them to Chef Zero.

On Wed, Jul 17, 2013 at 10:48 AM, Ralph Schwaninger ralph@bravenewtalent.com wrote:
Very interesting approach. However how do you keep the cookbooks in sync with what you have on your production chef server. Is that automated or do you manually keep the files in sync?

Thanks Andrew

Ralph

On 17/07/13 15:21, Andrew Gross wrote:
Hey Ralph,

As a shameless plug, my solution is to use Chef Zero. To make it more manageable I use the vagrant plugin I wrote, vagrant-chef-zero.

Chef-Zero is an in memory Chef server that runs locally, so it is easy to dispose of and recreate. Additionally, there is no authentication required (vagrant-chef-zero even patches out the need to specify a key locally). While this is clean and reproducible, you will need to have a copy of cookbooks and node data to push up to Chef Zero.

Andrew

On Wed, Jul 17, 2013 at 9:41 AM, Ralph Schwaninger ralph@bravenewtalent.com wrote:
Hi guys

We are using vagrant based virtualboxes to do our development on. The configuration is pulled in via a chef server.

I was wondering how other people deal with the following two questions / what best practice is:

  1. The validation.pem. I am relucatant to check the key into our git, is there a clever way to authenticate with the chef server without the need of every developer needing the client validation.pem on their local workstation? (I suppose not, but maybe I am missing something?)

  2. The fact that a chef server run adds a node and a client entry for every box a developer creates. Is there a way to not have this happen? As we want to use the central chef server to pull the config from, however we are not interested in inventory for them.

Thanks

Ralph


#6

+1 on vagrant-butcher. Sexy and slick, works as advertised and leverage it everyday.

Best Regards,
JJ Asghar
e: jj.asghar@peopleadmin.com | c: 512.619.0722 | o: 512.977.5876

From: Cassiano Leal <cassianoleal@gmail.commailto:cassianoleal@gmail.com>
Reply-To: "chef@lists.opscode.commailto:chef@lists.opscode.com" <chef@lists.opscode.commailto:chef@lists.opscode.com>
Date: Wednesday, July 17, 2013 4:29 PM
To: "chef@lists.opscode.commailto:chef@lists.opscode.com" <chef@lists.opscode.commailto:chef@lists.opscode.com>
Subject: [chef] Re: Re: Re: Re: vagrant and chef server

Shameless plug here too… :slight_smile:

On the matter of not keeping inventory on the Chef server, I wrote Vagrant::Butcher [1] to automatically clean up node and client when you destroy the box.

[1] https://github.com/cassianoleal/vagrant-butcher


Cassiano Leal
http://cassianoleal.com
http://twitter.com/cassianoleal

On July 17, 2013 at 11:53:00, Andrew Gross (andrew@yipit.commailto:andrew@yipit.com) wrote:

At the moment I use Berkshelf to pull down dependencies locally from our production Chef server, then during the Vagrant run I have Berkshelf upload them to Chef Zero.

On Wed, Jul 17, 2013 at 10:48 AM, Ralph Schwaninger <ralph@bravenewtalent.commailto:ralph@bravenewtalent.com> wrote:
Very interesting approach. However how do you keep the cookbooks in sync with what you have on your production chef server. Is that automated or do you manually keep the files in sync?

Thanks Andrew

Ralph

On 17/07/13 15:21, Andrew Gross wrote:
Hey Ralph,

As a shameless plug, my solution is to use Chef Zerohttps://github.com/jkeiser/chef-zero. To make it more manageable I use the vagrant plugin I wrote, vagrant-chef-zerohttp://github.com/andrewgross/vagrant-chef-zero.

Chef-Zero is an in memory Chef server that runs locally, so it is easy to dispose of and recreate. Additionally, there is no authentication required (vagrant-chef-zero even patches out the need to specify a key locally). While this is clean and reproducible, you will need to have a copy of cookbooks and node data to push up to Chef Zero.

Andrew

On Wed, Jul 17, 2013 at 9:41 AM, Ralph Schwaninger <ralph@bravenewtalent.commailto:ralph@bravenewtalent.com> wrote:
Hi guys

We are using vagrant based virtualboxes to do our development on. The configuration is pulled in via a chef server.

I was wondering how other people deal with the following two questions / what best practice is:

  1. The validation.pem. I am relucatant to check the key into our git, is there a clever way to authenticate with the chef server without the need of every developer needing the client validation.pem on their local workstation? (I suppose not, but maybe I am missing something?)

  2. The fact that a chef server run adds a node and a client entry for every box a developer creates. Is there a way to not have this happen? As we want to use the central chef server to pull the config from, however we are not interested in inventory for them.

Thanks

Ralph