...
Provision a Chef Server using http://manage.chef.io
For the command knife bootstrap <ip address> -V -i <pem file> --sudo -N <node-name> -r "recipe[lcookbook]"
When it comes to provisioning a Node, create and run an EC2 instance, then you need to allow root login as well as he ec2-user, to do this take these steps
sudo -s (to become root) vi /root/.ssh/authorized_keysDelete the lines at the begining of the file until you get to the words
ssh-rsa.vi /etc/ssh/sshd_configSet the variable
PermitRootLogintoPermitRootLogin without-password- service sshd restart
- Now run knife bootstrap
For the command knife bootstrap <ip address> -V -x <user> -P <password> --sudo -N <node-name> -r "recipe[cookbook]"
- Copy the QACHEFESS-setup-new-user.sh to the node and run it as sudo (update lines 4 - 8 with the user and password details as required)
- Now run knife bootstrap
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
#!/bin/bash
# Add user 'chef', password 'chef'
useradd chef
echo chef | passwd chef --stdin
# Config sudo access.
echo "chef ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
sed -i 's/Defaults.*requiretty/#Defaults requiretty/g' /etc/sudoers
# Allow password access via ssh
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
service sshd restart
# Flush & Disable iptables
# Could not see iptables enabled by default on Centos 7. Need to confirm
iptables -F
service iptables stop
chkconfig iptables off
# Disable SELinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# Set the MOTD
curl https://s3.amazonaws.com/uploads.hipchat.com/7557/343581/8r8bE9vCpEW87E8/getawesome.txt > /etc/motd
# And we are done
echo '######## All Done! ######'
|