web-dev-qa-db-ja.com

chef-soloでユーザーアカウントを作成するにはどうすればよいですか?

質問

  1. Chef-soloでユーザーアカウントを作成するにはどうすればよいですか?
  2. 「ユーザー」レシピにclient.pemが必要なのはなぜですか?

環境

  • RubyはRuby 1.8.7 (2011-06-30 patchlevel 352) [i686-linux]です
  • chef-soloはChef: 0.10.8
  • 「ユーザー」レシピバージョンは2012-03-27(commit:f6e1d421f3513c92a0cfbf89c77f750e402ba545)にあります。
  • レシピのみ{"run_list":["recipe[users::sysadmins]"]}

説明

レシピ " sers "を使用してchef-soloでユーザーアカウントを作成します。しかし、このように続いて、エラーが発生しました。

FATAL: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!

ログ

vagrant@lucid32:/tmp/vagrant-chef-1$ Ruby --version
Ruby 1.8.7 (2011-06-30 patchlevel 352) [i686-linux]
vagrant@lucid32:/tmp/vagrant-chef-1$ chef-solo -v
Chef: 0.10.8
vagrant@lucid32:/tmp/vagrant-chef-1$ cat /tmp/vagrant-chef-1/solo.rb
file_cache_path "/tmp/vagrant-chef-1"
cookbook_path ["/tmp/vagrant-chef-1/chef-solo-1/cookbooks", "/tmp/vagrant-chef-1/cookbooks/cookbooks"]
role_path nil
log_level :debug
vagrant@lucid32:/tmp/vagrant-chef-1$ cat /tmp/vagrant-chef-1/dna.json
{"run_list":["recipe[users::sysadmins]"]}
vagrant@lucid32:/tmp/vagrant-chef-1$ Sudo chef-solo -c solo.rb -j dna.json
[Mon, 26 Mar 2012 17:54:48 -0700] INFO: *** Chef 0.10.8 ***
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Building node object for lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Extracting run list from JSON attributes provided on command line
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Setting the run_list to ["recipe[users::sysadmins]"] from JSON
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Applying attributes from json file
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Platform is ubuntu version 10.04
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Run List is [recipe[users::sysadmins]]
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Run List expands to [users::sysadmins]
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Starting Chef Run for lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Running start handlers
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Start handlers complete.
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: No chefignore file found at /tmp/vagrant-chef-1/chef-solo-1/cookbooks/chefignore no files will be ignored
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: No chefignore file found at /tmp/vagrant-chef-1/cookbooks/cookbooks/chefignore no files will be ignored
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading cookbook users's providers from /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loaded contents of /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb into a provider named users_manage defined in Chef::Provider::UsersManage
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading cookbook users's resources from /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/resources/manage.rb
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loaded contents of /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/resources/manage.rb into a resource named users_manage defined in Chef::Resource::UsersManage
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading Recipe users::sysadmins via include_recipe
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Found recipe sysadmins in cookbook users
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Loading from cookbook_path: /tmp/vagrant-chef-1/chef-solo-1/cookbooks, /tmp/vagrant-chef-1/cookbooks/cookbooks
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Converging node lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Processing users_manage[sysadmin] on lucid32
[Mon, 26 Mar 2012 17:54:49 -0700] INFO: Processing users_manage[sysadmin] action remove (users::sysadmins line 23)
[Mon, 26 Mar 2012 17:54:49 -0700] WARN: Failed to read the private key /etc/chef/client.pem: #<Errno::ENOENT: No such file or directory - /etc/chef/client.pem>
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: users_manage[sysadmin] (users::sysadmins line 23) has had an error
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: users_manage[sysadmin] (/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/recipes/sysadmins.rb:23:in `from_file') had an error:
users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
/opt/Ruby/bin//chef-solo:19:in `load'
/opt/Ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: Running exception handlers
[Mon, 26 Mar 2012 17:54:49 -0700] ERROR: Exception handlers complete
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Re-raising exception: Chef::Exceptions::PrivateKeyMissing - users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
  /tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
  /opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
  /opt/Ruby/bin//chef-solo:19:in `load'
  /opt/Ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] FATAL: Stacktrace dumped to /tmp/vagrant-chef-1/chef-stacktrace.out
[Mon, 26 Mar 2012 17:54:49 -0700] DEBUG: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:62:in `load_signing_key'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest/auth_credentials.rb:33:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:47:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/search/query.rb:34:in `initialize'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `new'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/mixin/language.rb:133:in `search'
/tmp/vagrant-chef-1/chef-solo-1/cookbooks/users/providers/manage.rb:27:in `class_from_file'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `instance_eval'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/provider.rb:104:in `action_remove'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `send'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource.rb:440:in `run_action'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:45:in `run_action'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `each'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:81:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:94:in `execute_each_resource'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/resource_collection.rb:92:in `execute_each_resource'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/runner.rb:76:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:312:in `converge'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:160:in `run'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:192:in `run_application'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `loop'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/solo.rb:183:in `run_application'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in `run'
/opt/Ruby/lib/Ruby/gems/1.8/gems/chef-0.10.8/bin/chef-solo:25
/opt/Ruby/bin//chef-solo:19:in `load'
/opt/Ruby/bin//chef-solo:19
[Mon, 26 Mar 2012 17:54:49 -0700] FATAL: Chef::Exceptions::PrivateKeyMissing: users_manage[sysadmin] (users::sysadmins line 23) had an error: Chef::Exceptions::PrivateKeyMissing: I cannot read /etc/chef/client.pem, which you told me to use to sign requests!
chefvagrant
17
niku

Opscodeの「ユーザー」クックブックは、ユーザー管理にサーバー中心の機能、つまりデータバッグと検索を使用することに依存しています。 ChefSoloで動作するように設計または意図されていません。

users_manageレシピで使用されるusers::sysadminsリソースは、usersデータバッグに対してChefSearchクエリを実行します。レシピが実行されると、サーバーへの接続が試行されます。そのため、Chefサーバーで認証するために/etc/chef/client.pemを探しています。どちらも持っていないので失敗します。

更新

データバッグアイテムの「検索のような」機能をChefSoloに追加するクックブックがあります。これは、「ユーザー」クックブックの使用に役立つ可能性があります。

「users」クックブック 現在 Chef Soloをチェックし、検出された場合は実行されないことに注意してください。これは、 FC0 に従って、foodcriticからリンティングチェックに合格するための最近の取り組みの一部です。バージョン ユーザークックブックの1.1.2 この変更は含まれていません( マスターブランチ]にisあります

14
jtimberman

最後に、chef-soloとdata_bagsでアカウントを作成することに成功しました。

が必要だ:

クックブック。

https://github.com/niku/vagrant_config_files/tree/minimum_set を参照してください

15
niku

このクックブック を使用することをお勧めします。より柔軟なユーザーリソースを提供します。例えば:

 user_account'hsolo 'do 
 comment'Han Solo' 
#ファイルのキー〜/ .ssh /許可されたキー
 ssh_keys ['3dc348d9af8027df7b9c ...'、 '2154d3734d609eb5c452 ...'] 
 end

ユーザーのsshキーとその他の設定は自動的に生成されます。

11
Anton Orel

ser resource を使用して、ローカルユーザーを作成できます。次に例を示します。

user "random" do
  comment "Random User"
  uid 1000
  gid "users"
  home "/home/random"
  Shell "/bin/zsh"
  password "$1$JJsvHslV$szsCjVEroftprNn4JHtDi."
end
7
Dror Bereznitsky