Chefでのdata_bagsの使い方
tomcatのwebアプリケーションマネージャのユーザ設定でChefのdata_bagsを使ったので、メモします。
作業
data_bagsにパスを通す
solo.rbcookbook_path [ '/home/namihira/chef/chef-repo/cookbooks' ] data_bag_path "/home/namihira/chef/chef-repo/data_bags"
tomcatのdata_bagsを用意する
tomcatのcookbook(opscode-cookbooks/tomcat · GitHub)を見るとManaging Tomcat Users The recipe tomcat::users included in this cookbook is used for managing Tomcat users. The recipe adds users and roles to the tomcat-users.xml conf file. Users are defined by creating a tomcat_users data bag and placing Encrypted Data Bag Items in that data bag. Each encrypted data bag item requires an 'id', 'password', and a 'roles' field. { "id": "reset", "password": "supersecret", "roles": [ "manager", "admin" ] } If you are a Chef Solo user the data bag items are not required to be encrypted and should not be.
のように書いているので、「tomcat_users」というdata_bagを作成し、その中にデータを定義します。
[namihira@xx.xx.xx.xx]~/chef/chef-repo% cat data_bags/tomcat_users/default.json { "id":"namihira", "password": "namihira", "roles": [ "manager", "admin" ] }
run_listにtomcatのusersレシピを追加する
solo.json{ "run_list": [ "recipe[apache2]", "recipe[java]", "recipe[tomcat]", "recipe[tomcat::users]" ] }
実行してみる
上記のrun_listを実行すると、[namihira@xx.xx.xx.xx]~/chef/chef-repo% sudo chef-solo -j solo.json -c solo.rb
「tomcat-users.xml.erb」のテンプレートに値が入り、tomca-users.xmlが作成されます。
[namihira@xx.xx.xx.xx]~/chef/chef-repo% cat /etc/tomcat6/tomcat-users.xml <?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <tomcat-users> <role rolename="manager" /> <role rolename="admin" /> <user username="namihira" password="namihira" roles="manager, admin" /> </tomcat-users>