Comment créer un compte utilisateur par chef-solo?

Question

  1. comment créer un compte utilisateur par chef-solo?
  2. pourquoi la recette "utilisateurs" a-t-elle besoin d'un client?pem?

Environnement

  • ruby ruby 1.8.7 (2011-06-30 patchlevel 352) [i686-linux]
  • chef-solo est Chef: 0.10.8
  • la version de la recette "utilisateurs" est en tête à 2012-03-27 (commit:f6e1d421f3513c92a0cfbf89c77f750e402ba545).
  • recette que {"run_list":["recipe[users::sysadmins]"]}

Description

je créerais un compte utilisateur par chef-solo avec la recette"utilisateurs". Mais il y a eu erreur, comme ceci.

FATAL: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!

Journal

vagrant@lucid32:/tmp/vagrant-chef-1$ ruby --version
ruby 1.8.7 (2011-06-30 patchlevel 352) [i686-linux]
vagrant@lucid32:/tmp/vagrant-chef-1$ chef-solo -v
Chef: 0.10.8
vagrant@lucid32:/tmp/vagrant-chef-1$ cat /tmp/vagrant-chef-1/solo.rb
file_cache_path "/tmp/vagrant-chef-1"
cookbook_path ["/tmp/vagrant-chef-1/chef-solo-1/cookbooks", "/tmp/vagrant-chef-1/cookbooks/cookbooks"]
role_path nil
log_level :debug
vagrant@lucid32:/tmp/vagrant-chef-1$ cat /tmp/vagrant-chef-1/dna.json
{"run_list":["recipe[users::sysadmins]"]}
vagrant@lucid32:/tmp/vagrant-chef-1$ sudo chef-solo -c solo.rb -j dna.json
[Mon, 26 Mar 2012 17:54:48 -0700] INFO: *** Chef 0.10.8 ***
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Building node object for lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Extracting run list from JSON attributes provided on command line
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Setting the run_list to ["recipe[users::sysadmins]"] from JSON
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Applying attributes from json file
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Platform is ubuntu version 10.04
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Run List is [recipe[users::sysadmins]]
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Run List expands to [users::sysadmins]
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Starting Chef Run for lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Running start handlers
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Start handlers complete.
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: No chefignore file found at /tmp/vagrant-chef-1/chef-solo-1/cookbooks/chefignore no files will be ignored
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: No chefignore file found at /tmp/vagrant-chef-1/cookbooks/cookbooks/chefignore no files will be ignored
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading cookbook users's providers from /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loaded contents of /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb into a provider named users_manage defined in Chef::Provider::UsersManage
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading cookbook users's resources from /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/resources/manage.rb
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loaded contents of /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/resources/manage.rb into a resource named users_manage defined in Chef::Resource::UsersManage
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading Recipe users::sysadmins via include_recipe
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Found recipe sysadmins in cookbook users
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading from cookbook_path: /tmp/vagrant-chef-1/chef-solo-1/cookbooks, /tmp/vagrant-chef-1/cookbooks/cookbooks
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Converging node lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Processing users_manage[sysadmin] on lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Processing users_manage[sysadmin] action remove (users::sysadmins line 23)
[Mon, 26 Mar 2012 17:54:49 -0700] WARN: Failed to read the private key /etc/chef/client.pem: #<Errno::ENOENT: No such file or directory - /etc/chef/client.pem>
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: users_manage[sysadmin] (users::sysadmins line 23) has had an error
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: users_manage[sysadmin] (/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/recipes/sysadmins.rb:23:in `from_file') had an error:
users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
/opt/ruby/bin//chef-solo:19:in `load'
/opt/ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: Running exception handlers
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: Exception handlers complete
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Re-raising exception: Chef::Exceptions::PrivateKeyMissing - users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
  /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
  /opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
  /opt/ruby/bin//chef-solo:19:in `load'
  /opt/ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] FATAL: Stacktrace dumped to /tmp/vagrant-chef-1/chef-stacktrace.out
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
/opt/ruby/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
/opt/ruby/bin//chef-solo:19:in `load'
/opt/ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] FATAL: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
17
demandé sur niku 2012-03-27 05:12:41

4 réponses

le livre de recettes "users" D'Opscode s'appuie sur l'utilisation de fonctionnalités centrées sur le serveur pour la gestion des utilisateurs, à savoir les sacs de données et la recherche. Il n'est pas conçu ou destiné à travailler avec Chef Solo.

users_manage ressource utilisée dans le users::sysadmins recipe exécute une requête de recherche de Chef contre le users sac de données. Quand la recette tourne, elle tente de se connecter à un serveur, c'est pourquoi elle recherche /etc/chef/client.pem - pour s'authentifier avec un serveur Chef. Puisque vous n'avez ni, il échouer.

mise à Jour

il y a maintenant un livre de recettes qui ajoute la fonctionnalité de "recherche-like" pour les articles de sac de données à Chef Solo qui peut être d'intérêt pour l'utilisation des "utilisateurs" Livre de recettes.

notez que le cookbook des "utilisateurs"actuellement vérifie pour Chef Solo et ne courra pas s'il est détecté. Ceci fait partie d'un effort récemment passé pour passer le contrôle de linting de foodcritic, par FC003. Version 1.1.2 du livre de recettes des utilisateurs ne comprend pas ce changement ( dans le branche master)

14
répondu jtimberman 2012-08-08 05:43:31

finalement j'ai réussi à créer un compte avec chef-solo et data_bags.

Il a besoin:

des livres de cuisine.

voir https://github.com/niku/vagrant_config_files/tree/minimum_set

15
répondu niku 2013-04-20 13:46:36

Il serait préférable d'utiliser 

user_account 'hsolo' do
  comment   'Han Solo'
  # keys for file ~/.ssh/authorized keys
  ssh_keys  ['3dc348d9af8027df7b9c...', '2154d3734d609eb5c452...']
end

les clés SSH de L'Utilisateur et les autres préfets seront gérés automatiquement.

10
répondu Anton Orel 2012-07-29 07:30:47

Vous pouvez utiliser le les ressources de l'utilisateur créer un utilisateur local, par exemple:

user "random" do
  comment "Random User"
  uid 1000
  gid "users"
  home "/home/random"
  shell "/bin/zsh"
  password "$JJsvHslV$szsCjVEroftprNn4JHtDi."
end
7
répondu Dror Bereznitsky 2012-03-29 16:26:43