2014-02-24 12:45:04 -05:00
|
|
|
---
|
2015-07-22 22:31:00 -04:00
|
|
|
description: |
|
|
|
|
The Chef Client Packer provisioner installs and configures software on machines
|
|
|
|
built by Packer using chef-client. Packer configures a Chef client to talk to a
|
|
|
|
remote Chef Server to provision the machine.
|
|
|
|
layout: docs
|
|
|
|
page_title: 'Chef-Client Provisioner'
|
|
|
|
...
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
# Chef Client Provisioner
|
|
|
|
|
|
|
|
Type: `chef-client`
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
The Chef Client Packer provisioner installs and configures software on machines
|
2015-08-20 19:26:18 -04:00
|
|
|
built by Packer using [chef-client](https://docs.chef.io/chef_client.html).
|
2015-07-22 22:31:00 -04:00
|
|
|
Packer configures a Chef client to talk to a remote Chef Server to provision the
|
|
|
|
machine.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
The provisioner will even install Chef onto your machine if it isn't already
|
2015-08-20 19:26:18 -04:00
|
|
|
installed, using the official Chef installers provided by Chef.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
## Basic Example
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
The example below is fully functional. It will install Chef onto the remote
|
|
|
|
machine and run Chef client.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
``` {.javascript}
|
2014-02-24 12:45:04 -05:00
|
|
|
{
|
|
|
|
"type": "chef-client",
|
2014-07-16 18:49:26 -04:00
|
|
|
"server_url": "https://mychefserver.com/"
|
2014-02-24 12:45:04 -05:00
|
|
|
}
|
2014-10-20 13:55:16 -04:00
|
|
|
```
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
Note: to properly clean up the Chef node and client the machine on which packer
|
|
|
|
is running must have knife on the path and configured globally, i.e,
|
|
|
|
\~/.chef/knife.rb must be present and configured for the target chef server
|
2014-09-03 23:38:01 -04:00
|
|
|
|
2014-02-24 12:45:04 -05:00
|
|
|
## Configuration Reference
|
|
|
|
|
|
|
|
The reference of available configuration options is listed below. No
|
2014-09-24 14:19:28 -04:00
|
|
|
configuration is actually required.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `chef_environment` (string) - The name of the chef\_environment sent to the
|
|
|
|
Chef server. By default this is empty and will not use an environment.
|
2014-05-21 13:34:12 -04:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `config_template` (string) - Path to a template that will be used for the
|
|
|
|
Chef configuration file. By default Packer only sets configuration it needs
|
|
|
|
to match the settings set in the provisioner configuration. If you need to
|
|
|
|
set configurations that the Packer provisioner doesn't support, then you
|
|
|
|
should use a custom configuration template. See the dedicated "Chef
|
|
|
|
Configuration" section below for more details.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-09-29 14:52:49 -04:00
|
|
|
- `encrypted_data_bag_secret_path` (string) - The path to the file containing
|
|
|
|
the secret for encrypted data bags. By default, this is empty, so no secret
|
|
|
|
will be available.
|
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `execute_command` (string) - The command used to execute Chef. This has
|
|
|
|
various [configuration template
|
|
|
|
variables](/docs/templates/configuration-templates.html) available. See
|
|
|
|
below for more information.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `install_command` (string) - The command used to install Chef. This has
|
|
|
|
various [configuration template
|
|
|
|
variables](/docs/templates/configuration-templates.html) available. See
|
|
|
|
below for more information.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `json` (object) - An arbitrary mapping of JSON that will be available as
|
|
|
|
node attributes while running Chef.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `node_name` (string) - The name of the node to register with the
|
|
|
|
Chef Server. This is optional and by default is packer-{{uuid}}.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `prevent_sudo` (boolean) - By default, the configured commands that are
|
|
|
|
executed to install and run Chef are executed with `sudo`. If this is true,
|
|
|
|
then the sudo will be omitted.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `run_list` (array of strings) - The [run
|
2015-09-01 12:20:52 -04:00
|
|
|
list](http://docs.chef.io/essentials_node_object_run_lists.html) for Chef.
|
|
|
|
By default this is empty, and will use the run list sent down by the
|
|
|
|
Chef Server.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `server_url` (string) - The URL to the Chef server. This is required.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `skip_clean_client` (boolean) - If true, Packer won't remove the client from
|
|
|
|
the Chef server after it is done running. By default, this is false.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `skip_clean_node` (boolean) - If true, Packer won't remove the node from the
|
|
|
|
Chef server after it is done running. By default, this is false.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `skip_install` (boolean) - If true, Chef will not automatically be installed
|
2015-08-20 19:26:18 -04:00
|
|
|
on the machine using the Chef omnibus installers.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `staging_directory` (string) - This is the directory where all the
|
|
|
|
configuration of Chef by Packer will be placed. By default this
|
|
|
|
is "/tmp/packer-chef-client". This directory doesn't need to exist but must
|
|
|
|
have proper permissions so that the SSH user that Packer uses is able to
|
|
|
|
create directories and write into this folder. If the permissions are not
|
|
|
|
correct, use a shell provisioner prior to this to configure it properly.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `client_key` (string) - Path to client key. If not set, this defaults to a
|
|
|
|
file named client.pem in `staging_directory`.
|
2015-04-09 02:19:52 -04:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `validation_client_name` (string) - Name of the validation client. If not
|
|
|
|
set, this won't be set in the configuration and the default that Chef uses
|
|
|
|
will be used.
|
2014-04-26 14:05:08 -04:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `validation_key_path` (string) - Path to the validation key for
|
|
|
|
communicating with the Chef Server. This will be uploaded to the
|
|
|
|
remote machine. If this is NOT set, then it is your responsibility via other
|
|
|
|
means (shell provisioner, etc.) to get a validation key to where Chef
|
|
|
|
expects it.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
## Chef Configuration
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
By default, Packer uses a simple Chef configuration file in order to set the
|
|
|
|
options specified for the provisioner. But Chef is a complex tool that supports
|
|
|
|
many configuration options. Packer allows you to specify a custom configuration
|
|
|
|
template if you'd like to set custom configurations.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
The default value for the configuration template is:
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
``` {.liquid}
|
2014-02-24 12:45:04 -05:00
|
|
|
log_level :info
|
|
|
|
log_location STDOUT
|
|
|
|
chef_server_url "{{.ServerUrl}}"
|
2015-06-25 16:03:24 -04:00
|
|
|
{{if ne .ValidationClientName ""}}
|
|
|
|
validation_client_name "{{.ValidationClientName}}"
|
|
|
|
{{else}}
|
2014-02-24 12:45:04 -05:00
|
|
|
validation_client_name "chef-validator"
|
2015-06-25 16:03:24 -04:00
|
|
|
{{end}}
|
2014-02-24 12:45:04 -05:00
|
|
|
{{if ne .ValidationKeyPath ""}}
|
|
|
|
validation_key "{{.ValidationKeyPath}}"
|
|
|
|
{{end}}
|
2015-06-25 16:03:24 -04:00
|
|
|
{{if ne .NodeName ""}}
|
2014-02-24 12:45:04 -05:00
|
|
|
node_name "{{.NodeName}}"
|
2015-06-25 16:03:24 -04:00
|
|
|
{{end}}
|
2014-02-24 12:45:04 -05:00
|
|
|
```
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
This template is a [configuration
|
|
|
|
template](/docs/templates/configuration-templates.html) and has a set of
|
|
|
|
variables available to use:
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-09-29 14:52:49 -04:00
|
|
|
- `EncryptedDataBagSecretPath` - The path to the encrypted data bag secret
|
2015-07-22 23:25:58 -04:00
|
|
|
- `NodeName` - The node name set in the configuration.
|
|
|
|
- `ServerUrl` - The URL of the Chef Server set in the configuration.
|
|
|
|
- `ValidationKeyPath` - Path to the validation key, if it is set.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
## Execute Command
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
By default, Packer uses the following command (broken across multiple lines for
|
|
|
|
readability) to execute Chef:
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
``` {.liquid}
|
2014-02-24 12:45:04 -05:00
|
|
|
{{if .Sudo}}sudo {{end}}chef-client \
|
|
|
|
--no-color \
|
|
|
|
-c {{.ConfigPath}} \
|
|
|
|
-j {{.JsonPath}}
|
|
|
|
```
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
This command can be customized using the `execute_command` configuration. As you
|
|
|
|
can see from the default value above, the value of this configuration can
|
|
|
|
contain various template variables, defined below:
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 23:25:58 -04:00
|
|
|
- `ConfigPath` - The path to the Chef configuration file. file.
|
|
|
|
- `JsonPath` - The path to the JSON attributes file for the node.
|
|
|
|
- `Sudo` - A boolean of whether to `sudo` the command or not, depending on the
|
|
|
|
value of the `prevent_sudo` configuration.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
|
|
|
## Install Command
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
By default, Packer uses the following command (broken across multiple lines for
|
|
|
|
readability) to install Chef. This command can be customized if you want to
|
|
|
|
install Chef in another way.
|
2014-02-24 12:45:04 -05:00
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
``` {.text}
|
2015-08-20 19:26:18 -04:00
|
|
|
curl -L https://www.chef.io/chef/install.sh | \
|
2014-02-24 12:45:04 -05:00
|
|
|
{{if .Sudo}}sudo{{end}} bash
|
|
|
|
```
|
|
|
|
|
|
|
|
This command can be customized using the `install_command` configuration.
|
2015-06-15 16:37:20 -04:00
|
|
|
|
|
|
|
## Folder Permissions
|
|
|
|
|
2015-07-22 22:31:00 -04:00
|
|
|
!> The `chef-client` provisioner will chmod the directory with your Chef keys
|
|
|
|
to 777. This is to ensure that Packer can upload and make use of that directory.
|
|
|
|
However, once the machine is created, you usually don't want to keep these
|
|
|
|
directories with those permissions. To change the permissions on the
|
|
|
|
directories, append a shell provisioner after Chef to modify them.
|
2015-08-31 22:54:18 -04:00
|
|
|
|
|
|
|
## Examples
|
|
|
|
|
|
|
|
### Chef Client Local Mode
|
|
|
|
|
2015-09-01 12:20:52 -04:00
|
|
|
The following example shows how to run the `chef-cilent` provisioner in local
|
|
|
|
mode, while passing a `run_list` using a variable.
|
2015-08-31 22:54:18 -04:00
|
|
|
|
|
|
|
**Local environment variables**
|
|
|
|
|
2015-09-01 12:20:52 -04:00
|
|
|
# Machines Chef directory
|
|
|
|
export PACKER_CHEF_DIR=/var/chef-packer
|
|
|
|
# Comma separated run_list
|
|
|
|
export PACKER_CHEF_RUN_LIST="recipe[apt],recipe[nginx]"
|
|
|
|
...
|
2015-08-31 22:54:18 -04:00
|
|
|
|
|
|
|
**Packer variables**
|
|
|
|
|
2015-09-01 12:20:52 -04:00
|
|
|
Set the necessary Packer variables using environment variables or provide a [var
|
|
|
|
file](/docs/templates/user-variables.html).
|
2015-08-31 22:54:18 -04:00
|
|
|
|
|
|
|
``` {.liquid}
|
|
|
|
"variables": {
|
|
|
|
"chef_dir": "{{env `PACKER_CHEF_DIR`}}",
|
|
|
|
"chef_run_list": "{{env `PACKER_CHEF_RUN_LIST`}}",
|
|
|
|
"chef_client_config_tpl": "{{env `PACKER_CHEF_CLIENT_CONFIG_TPL`}}",
|
|
|
|
"packer_chef_bootstrap_dir": "{{env `PACKER_CHEF_BOOTSTRAP_DIR`}}" ,
|
|
|
|
"packer_uid": "{{env `PACKER_UID`}}",
|
|
|
|
"packer_gid": "{{env `PACKER_GID`}}"
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
**Setup the** `chef-client` **provisioner**
|
|
|
|
|
2015-09-01 12:20:52 -04:00
|
|
|
Make sure we have the correct directories and permissions for the `chef-client`
|
|
|
|
provisioner. You will need to bootstrap the Chef run by providing the necessary
|
|
|
|
cookbooks using Berkshelf or some other means.
|
2015-08-31 22:54:18 -04:00
|
|
|
|
|
|
|
``` {.liquid}
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"source": "{{user `packer_chef_bootstrap_dir`}}",
|
|
|
|
"destination": "/tmp/bootstrap"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "shell",
|
|
|
|
"inline": [
|
|
|
|
"sudo mkdir -p {{user `chef_dir`}}",
|
|
|
|
"sudo mkdir -p /tmp/packer-chef-client",
|
|
|
|
"sudo chown {{user `packer_uid`}}.{{user `packer_gid`}} /tmp/packer-chef-client",
|
|
|
|
"sudo sh /tmp/bootstrap/bootstrap.sh"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "chef-client",
|
|
|
|
"server_url": "http://localhost:8889",
|
|
|
|
"config_template": "{{user `chef_client_config_tpl`}}/client.rb.tpl",
|
|
|
|
"skip_clean_node": true,
|
|
|
|
"skip_clean_client": true,
|
|
|
|
"run_list": "{{user `chef_run_list`}}"
|
|
|
|
}
|
|
|
|
```
|