Table of Contents
Installing Opscode Chef Server via omnibus packaging
As prepackaged chef-server is not available for PLD Linux, let's try to build the omnibus package ourself.
Suggestion is to run this in a Vagrant box, that you can discard later as the gems are installed outside rpm package manager.
Pre-requisites
You need more space to build and install:
# lvextend --size=3G /dev/sys/rootfs # xfs_growfs /
Install packages:
# poldek -u --noask ruby-bundler git-core ruby-devel glibc-devel libffi-devel libstdc++-devel patch bzip2 lsb-release rpm-build ncurses-devel
Building
Checkout omnibus-chef-server:
$ git clone https://github.com/opscode/omnibus-chef-server.git $ cd omnibus-chef-server
Bugfixes
Make bugfixes:
- libiconv
sed -i -e 's,a1f25d7ab6930826822323b373b8298bff02fed1,4f2ee0a9d563acbeea14af3d8d84e2d2e0e53fb4,' Gemfile.lock
or rather:# cd /usr/share/ruby/gems/1.9/bundler/gems/omnibus-software-dc156b4a2c40 # curl https://github.com/opscode/omnibus-software/commit/4f2ee0a9d563acbeea14af3d8d84e2d2e0e53fb4.patch | patch -p1 patching file config/patches/libiconv/libiconv-1.14_srclib_stdio.in.h-remove-gets-declarations.patch patching file config/software/libiconv.rb Hunk #1 succeeded at 32 with fuzz 1 (offset -10 lines).
- makeself
$ wget -O package-scripts/chef-server/makeselfinst https://raw.github.com/opscode/omnibus-chef/master/package-scripts/chef/makeselfinst
- patch omnibus gem with omnibus-pld.patch
- cacerts fails with checksum, like here, modify
~/.bundler/ruby/*/omnibus-software-*/config/software/cacerts.rb
Install bundle binstubs:
$ bundle install --binstubs
Make cachedir so could run as non-root:
$ sudo install -o $USER -d /var/cache/omnibus /opt/chef-server
Create a platform-specific package using the build project command:
$ bin/omnibus build project chef-server
You may later preserve cache dirs to be shared with OS, add the mappings to your Vagrantfile
config.vm.synced_folder "cache/omnibus", "/var/cache/omnibus"
Install
Currently the fpm produced .rpm does not package directories, so you should install rpm skipping directory deps:
# (umask 2; rpm -Uhv --define '_check_dirname_deps 0' chef-server-11.0.8+20130618223354.git.14.1853585-1.pld.3.0.x86_64.rpm)
You need to use shadow instead of pwdutils as gpasswd
doesn't have -M
option:
---- Begin output of gpasswd -M chef_server chef_server ---- STDOUT: STDERR: gpasswd: invalid option -- 'M' Try `gpasswd --help' or `gpasswd --usage' for more information. ---- End output of gpasswd -M chef_server chef_server ----
Alternatively you can find the recipe and change append
to true
in group resource.
If using vserver without initstyle=plain
, you need to make init q
silent:
# init q init: /dev/initctl: No such file or directory # touch /dev/initctl # init q
also, postgresql needs shared memory, so configure it fstab:
- /etc/vservers/NAME/fstab
none /dev/shm tmpfs mode=1777,nosuid,nodev,noexec 0 0
and also:
mkdir -p /etc/vservers/chef-server/sysctl/{0,1} echo kernel.shmall > /etc/vservers/chef-server/sysctl/0/setting echo 600000000 > /etc/vservers/chef-server/sysctl/0/value echo kernel.shmmax > /etc/vservers/chef-server/sysctl/1/setting echo 600000000 > /etc/vservers/chef-server/sysctl/1/value
After that, follow onscreen instructions:
# sudo chef-server-ctl reconfigure
Meanwhile when the progress stops, it is expecting init to start /opt/chef-server/embedded/bin/runsvdir-start
, but without init, nothing processes /etc/inittab
, so start it manually or use initstyle=plain
.
When using container like vserver, ensure following devices are present:
crw-rw---- 1 root console 5, 1 Jan 9 15:09 /dev/console crw-rw-rw- 1 root root 1, 3 Jul 20 2013 /dev/null crw-rw-rw- 1 root root 1, 5 Dec 25 17:35 /dev/zero
Configure
To change https certificate, have look into /var/opt/chef-server/nginx/ca