Two windows-restart tests would timeout and fail due to the cancellation
thread firing before the cancel object was created. This change syncronizes
the start of the threads to prevent this from occurring.
- Add guest os type to change the default Chef-Solo and Chef-Client provisioner behavior. Paths, commands etc.
- Change Chef installation download location to chef.io domain
- Add encrypted data bag secret configuration
Provisioners often needs to perform command line operations on guests that may have different syntax and shells. The GuestCommands type abstracts these away so provisioners can avoid littering branching logic all over the place.
* It is possible to set remote salt tree through `remote_state_tree` argument.
* It is possible to set remote pillar root through `remote_pillar_roots` argument.
* Directories `remote_state_tree` and `remote_pillar_roots` are emptied before use.
When puppet is executed in masterless mode it didn't remove
staging directory, this can be a problem because it leaves all
the modules and manifests in the built image.
This is specially problematic when building docker images as they
can be left in the layers unless an specific cleanup is done after
running puppet.
This change adds a flag `clean_staging_directory` to puppet
masterless provisioner so it takes care of this cleanup.
Since the chef-client provisioner is cleaning the node and client at the chef-server from the provisioned node
it needs to have a flexible configuration
This is replacing the used knife flags: -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'
and puts their values into a generated knife.rb
Additionally the knife.rb may include the optional ssl_verify_mode attribute to enable the verify mode verify_none
Background:
When deleting node and client to a self-hosted chef-server using self signed cerfiticates the usage of
knife node delete <node-name> -y -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'
will lead into a ssl verification failure.
The error output of the knife call is somthing like:
2015/06/24 12:29:17 ui: docker: WARNING: No knife configuration file found
docker: WARNING: No knife configuration file found
2015/06/24 12:29:17 ui: docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:
certificate verify failed
docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
2015/06/24 12:29:17 ui: docker: ERROR: Could not establish a secure connection to the server.
docker: ERROR: Could not establish a secure connection to the server.
2015/06/24 12:29:17 ui: docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
2015/06/24 12:29:17 ui: docker: If your Chef Server uses a self-signed certificate, you can use
docker: If your Chef Server uses a self-signed certificate, you can use
2015/06/24 12:29:17 ui: docker: 'knife ssl fetch' to make knife trust the server's certificates.
docker: 'knife ssl fetch' to make knife trust the server's certificates.
2015/06/24 12:29:17 ui: docker:
docker:
2015/06/24 12:29:17 ui: docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
2015/06/24 12:29:17 packer-builder-docker: 2015/06/24 12:29:17 Executed command exit status: 100
when file used with download direction we don't need
to check source on builder because it on machine.
Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
Fixes the following vet reports:
provisioner/salt-masterless/provisioner.go:119: arg cmd for printf verb %s of wrong type: *github.com/mitchellh/packer/packer.RemoteCmd
provisioner/salt-masterless/provisioner.go:121: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:142: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:157: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:172: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:216: arg err for printf verb %d of wrong type: error
Fixes the following vet report:
provisioner/puppet-masterless/provisioner.go:196: missing argument for Errorf(%d): format reads arg 1, have only 0 args
This changes the SaltStack bootstrap URL to use the HTTPS link from the commercial site. Alternatives are the HTTPS link to the raw file on GitHub, but this, whilst more transparent, might break down the line.
Setting environment variables for the ansible-playbook invocation.
ANSIBLE_FORCE_COLOR will ensure output is colorized. PYTHONUNBUFFERED will stream output as Ansible runs, vs getting a big dump of output at the end.