読者です 読者をやめる 読者になる 読者になる

こしごぇ(B)

旧:http://d.hatena.ne.jp/koshigoeb/

Chef 実践入門(2) Vagrant

Chef実践入門 ~コードによるインフラ構成の自動化 (WEB+DB PRESS plus)

Chef実践入門 ~コードによるインフラ構成の自動化 (WEB+DB PRESS plus)

続続・写経。

Vagrant Provision

Vagrantfile

diff --git a/Vagrantfile b/Vagrantfile
index 660dfe6..d169bd9 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -11,6 +11,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

   # Every Vagrant virtual environment requires a box to build off of.
   config.vm.box = "opscode-centos-6.5"
+  config.vm.box_url = 'http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box'

   config.vm.define :node01
   config.vm.define :node02
@@ -99,6 +100,28 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   #   # You may also specify custom JSON attributes:
   #   chef.json = { mysql_password: "foo" }
   # end
+  config.omnibus.chef_version = :latest
+  config.vm.provision :chef_solo do |chef|
+    chef.cookbooks_path = './cookbooks'
+    chef.json = {
+      nginx: {
+        env: 'ruby'
+      },
+      fluentd: {
+        installer: 'rpm'
+      },
+      mysql: {
+        server_root_password: 'rootpass'
+      }
+    }
+    chef.run_list = [
+      'recipe[yum-epel]',
+      'recipe[nginx]',
+      'recipe[mysql::server]',
+      'recipe[mysql::client]',
+      'recipe[td-agent]',
+    ]
+  end

   # Enable provisioning with chef server, specifying the chef server URL,
   # and the path to the validation key (relative to this Vagrantfile).

Berkshelf

source "https://supermarket.getchef.com"

cookbook 'yum-epel'
cookbook 'apache2'
cookbook 'mysql'
cookbook 'git'
cookbook 'nginx'
cookbook 'td-agent', git: 'https://github.com/treasure-data/chef-td-agent.git'

※ 写経した Vagrantfile の recipe が行方不明なので berks でごまかす。

$ rm -rf ./cookbooks
$ berks vendor ./cookbooks

vagrant-omnibus プラグイン

$ vagrant plugin install vagrant-omnibus

プロビジョニング実行

起動時

$ vagrant up --provision

随時

$ vagrant provision

Sahara

$ vagrant plugin install sahara

サンドボックスモード

sandbox モードが有効なときに仮想マシンに対して与えた変更は、commit コマンドでコミットしない限り rollback コマンドで巻き戻す事ができる。

$ vagrant sandbox on
[node02] Starting sandbox mode...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
[node01] Starting sandbox mode...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
$ vagrant sandbox status
[node02] Sandbox mode is on
[node01] Sandbox mode is on

ロールバック

$ vagrant ssh -c "sudo yum install flac -y" node01
$ vagrant ssh -c "sudo rpm -aq | grep flac" node01
flac-1.2.1-6.1.el6.x86_64
Connection to 127.0.0.1 closed.
$ vagrant sandbox rollback
[node02] Rolling back the virtual machine...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
[node01] Rolling back the virtual machine...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
$ vagrant ssh -c "sudo rpm -aq | grep flac" node01
Connection to 127.0.0.1 closed.

終了

$ vagrant sandbox off
[node02] Stopping sandbox mode...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
[node01] Stopping sandbox mode...
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

Packer で box 作成

$ brew tap homebrew/binary
$ brew install packer

CentOS の box

template.json

{
    "builders": [{
        "type": "virtualbox-iso",
        "guest_os_type": "RedHat_64",
        "iso_url": "http://ftp.iij.ad.jp/pub/linux/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-minimal.iso",
        "iso_checksum": "0d9dc37b5dd4befa1c440d2174e88a87",
        "iso_checksum_type": "md5",
        "ssh_username": "vagrant",
        "ssh_password": "vagrant",
        "ssh_wait_timeout": "3000s",
        "vm_name": "box",
        "http_directory": "./",
        "boot_wait": "30s",
        "boot_command": [
            "<esc><wait>",
            "linux ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks.cfg ",
            "<enter><wait>"
        ],
        "shutdown_command": "sudo /sbin/poweroff"
    }],
    "provisioners": [{
        "type": "shell",
        "scripts": [
            "base.sh"
        ]
    }],
    "post-processors": [{
        "type": "vagrant",
        "output": "./CentOS-6.5-x86_64-ja.box"
    }]
}

ks.cfg

install
cdrom
lang en_US.UTF-8
keyboard us
network --bootproto=dhcp
rootpw --iscrypted $1$damlkd,f$UC/u5pUts5QiU3ow.CSso/
firewall --enabled --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Asia/Tokyo
bootloader --location=mbr

text
skipx
zerombr

clearpart --all --initlabel
autopart

auth --useshadow --enablemd5
firstboot --disabled
reboot

%packages --nobase
@core
%end

%post
/usr/bin/yum -y install sudo
/usr/bin/yum -y upgrade
/usr/sbin/groupadd vagrant
/usr/sbin/useradd vagrant -g vagrant -G wheel
echo "vagrant" | passwd --stdin vagrant
echo "vagrant      ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
chmod 0440 /etc/sudoers.d/vagrant
%end

base.sh

/usr/sbin/setenforce 0
sudo sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
sudo sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config

cat <<EOF | sudo tee -a /etc/yum.repos.d/epel.repo
[epel]
name=epel
baseurl=http://download.fedoraproject.org/pub/epel/6/\$basearch
enabled=0
gpgcheck=0
EOF

sudo yum -y install gcc make automake autoconf libtool gcc-c++ kernel-headers-`uname -r` kernel-devel-`uname -r` zlib-devel openssl-devel readline-devel sqlite-devel perl wget nfs-utils bind-utils
sudo yum -y --enablerepo=epel install dkms

mkdir -pm 700 /home/vagrant/.ssh
wget --no-check-certificate 'https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub' -O /home/vagrant/.ssh/authorized_keys
chmod 0600 /home/vagrant/.ssh/authorized_keys
chown -R vagrant /home/vagrant/.ssh

cd /tmp
sudo mount -o loop /home/vagrant/VBoxGuestAdditions.iso /mnt
sudo sh /mnt/VBoxLinuxAdditions.run
sudo umount /mnt

sudo /etc/rc.d/init.d/vboxadd setup

curl -L https//www.opscode.com/chef/install.sh | sudo bash

ビルド

$ packer build template.json
...
==> Builds finished. The artifacts of successful builds are:
--> virtualbox-iso: 'virtualbox' provider box: ./CentOS-6.5-x86_64-ja.box

Vagrant に box を登録する

$ vagrant box add CentOS-6.5-x86_64-ja ./CentOS-6.5-x86_64-ja.box
==> box: Adding box 'CentOS-6.5-x86_64-ja' (v0) for provider:
    box: Downloading: file:///Users/koshigoe/Projects/chef-practice/CentOS-6.5-x86_64-ja.box
==> box: Successfully added box 'CentOS-6.5-x86_64-ja' (v0) for 'virtualbox'!
$ vagrant box list
CentOS-6.5-x86_64-ja (virtualbox, 0)
opscode-centos-6.5   (virtualbox, 0)

他の provider

など。