Module: Chef::Knife::Bootstrap::Bootstrapper

Included in:: AzureServerCreate, AzurermServerCreate, Chef::Knife::BootstrapAzure, Chef::Knife::BootstrapAzurerm

Defined in:: lib/chef/knife/bootstrap/bootstrapper.rb

Instance Method Summary collapse

Instance Method Details

#bootstrap_common_params(bootstrap, server) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 146

def bootstrap_common_params(bootstrap, server)
  bootstrap.config[:run_list] = locate_config_value(:run_list)
  bootstrap.config[:prerelease] = locate_config_value(:prerelease)
  bootstrap.config[:first_boot_attributes] = locate_config_value(:json_attributes) || {}
  bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
  bootstrap.config[:distro] = locate_config_value(:distro) || default_bootstrap_template
  # setting bootstrap_template value to template_file for backward
  bootstrap.config[:template_file] = locate_config_value(:template_file) || locate_config_value(:bootstrap_template)
  bootstrap.config[:node_ssl_verify_mode] = locate_config_value(:node_ssl_verify_mode)
  bootstrap.config[:node_verify_api_cert] = locate_config_value(:node_verify_api_cert)
  bootstrap.config[:bootstrap_no_proxy] = locate_config_value(:bootstrap_no_proxy)
  bootstrap.config[:bootstrap_url] = locate_config_value(:bootstrap_url)
  bootstrap.config[:bootstrap_vault_file] = locate_config_value(:bootstrap_vault_file)
  bootstrap.config[:bootstrap_vault_json] = locate_config_value(:bootstrap_vault_json)
  bootstrap.config[:bootstrap_vault_item] = locate_config_value(:bootstrap_vault_item)

  load_cloud_attributes_in_hints(server)
  bootstrap
end

#bootstrap_exec(server) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 84

def bootstrap_exec(server)
  fqdn = server.publicipaddress

  if is_image_windows?
    if locate_config_value(:bootstrap_protocol) == 'ssh'
      port = server.sshport
      print "#{ui.color("Waiting for sshd on #{fqdn}:#{port}", :magenta)}"

      print(".") until tcp_test_ssh(fqdn,port) {
        sleep @initial_sleep_delay ||= 10
        puts("done")
      }

    elsif locate_config_value(:bootstrap_protocol) == 'winrm'
      port = server.winrmport

      print "#{ui.color("Waiting for winrm on #{fqdn}:#{port}", :magenta)}"

      print(".") until tcp_test_winrm(fqdn,port) {
        sleep @initial_sleep_delay ||= 10
        puts("done")
      }
    end

    puts("\n")
    bootstrap_for_windows_node(server, fqdn, port).run
  else
    unless server && server.publicipaddress && server.sshport
      Chef::Log.fatal("server not created")
      exit 1
    end

    port = server.sshport

    print ui.color("Waiting for sshd on #{fqdn}:#{port}", :magenta)

    print(".") until tcp_test_ssh(fqdn,port) {
      sleep @initial_sleep_delay ||= 10
      puts("done")
    }

    puts("\n")
    bootstrap_for_node(server, fqdn, port).run
  end

  msg_server_summary(server)
end

#bootstrap_for_node(server, fqdn, port) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 205

def bootstrap_for_node(server, fqdn, port)
  bootstrap = Chef::Knife::Bootstrap.new
  bootstrap.name_args = [fqdn]
  bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
  bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
  bootstrap.config[:ssh_port] = port
  bootstrap.config[:identity_file] = locate_config_value(:identity_file)
  bootstrap.config[:chef_node_name] = locate_config_value(:chef_node_name) || server.name
  bootstrap.config[:use_sudo] = true unless locate_config_value(:ssh_user) == 'root'
  bootstrap.config[:use_sudo_password] = true if bootstrap.config[:use_sudo]
  bootstrap.config[:environment] = locate_config_value(:environment)
  # may be needed for vpc_mode
  bootstrap.config[:host_key_verify] = config[:host_key_verify]
  Chef::Config[:knife][:secret] = config[:encrypted_data_bag_secret] if config[:encrypted_data_bag_secret]
  Chef::Config[:knife][:secret_file] = config[:encrypted_data_bag_secret_file] if config[:encrypted_data_bag_secret_file]
  bootstrap.config[:secret] = locate_config_value(:encrypted_data_bag_secret)
  bootstrap.config[:secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
  bootstrap.config[:bootstrap_install_command] = locate_config_value(:bootstrap_install_command)
  bootstrap.config[:bootstrap_wget_options] = locate_config_value(:bootstrap_wget_options)
  bootstrap.config[:bootstrap_curl_options] = locate_config_value(:bootstrap_curl_options)
  bootstrap_common_params(bootstrap, server)
end

#bootstrap_for_windows_node(server, fqdn, port) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 166

def bootstrap_for_windows_node(server, fqdn, port)
  if locate_config_value(:bootstrap_protocol) == 'winrm'

    load_winrm_deps
    if not Chef::Platform.windows?
      require 'gssapi'
    end

    bootstrap = Chef::Knife::BootstrapWindowsWinrm.new

    bootstrap.config[:winrm_user] = locate_config_value(:winrm_user) || 'Administrator'
    bootstrap.config[:winrm_password] = locate_config_value(:winrm_password)
    bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
    bootstrap.config[:winrm_authentication_protocol] = locate_config_value(:winrm_authentication_protocol)
    bootstrap.config[:winrm_port] = port
    bootstrap.config[:auth_timeout] = locate_config_value(:auth_timeout)
    # Todo: we should skip cert generate in case when winrm_ssl_verify_mode=verify_none
    bootstrap.config[:winrm_ssl_verify_mode] = locate_config_value(:winrm_ssl_verify_mode)
  elsif locate_config_value(:bootstrap_protocol) == 'ssh'
    bootstrap = Chef::Knife::BootstrapWindowsSsh.new
    bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
    bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
    bootstrap.config[:forward_agent] = locate_config_value(:forward_agent)
    bootstrap.config[:ssh_port] = port
    bootstrap.config[:identity_file] = locate_config_value(:identity_file)
    bootstrap.config[:host_key_verify] = locate_config_value(:host_key_verify)
  else
    ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
    exit 1
  end
  bootstrap.name_args = [fqdn]
  bootstrap.config[:chef_node_name] = config[:chef_node_name] || server.name
  bootstrap.config[:encrypted_data_bag_secret] = locate_config_value(:encrypted_data_bag_secret)
  bootstrap.config[:encrypted_data_bag_secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
  bootstrap.config[:msi_url] = locate_config_value(:msi_url)
  bootstrap.config[:install_as_service] = locate_config_value(:install_as_service)
  bootstrap_common_params(bootstrap, server)
end

#create_node_and_client_pem ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 320

def create_node_and_client_pem
  client_builder = Chef::Knife::Bootstrap::ClientBuilder.new(
    chef_config: Chef::Config,
    knife_config: config,
    ui: ui,
  )
  client_builder.run
  client_builder.client_path
end

#default_bootstrap_template ⇒ `Object`



31
32
33

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 31

def default_bootstrap_template
  is_image_windows? ? 'windows-chef-client-msi' : 'chef-full'
end

#default_hint_options ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 255

def default_hint_options
  [
    'vm_name',
    'public_fqdn',
    'platform'
  ]
end

#get_chef_extension_name ⇒ `Object`



228
229
230

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 228

def get_chef_extension_name
  is_image_windows? ? "ChefClient" : "LinuxChefClient"
end

#get_chef_extension_private_params ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 330

def get_chef_extension_private_params
  pri_config = Hash.new

  # validator less bootstrap support for bootstrap protocol cloud-api
  if Chef::Config[:validation_key] && File.exist?(File.expand_path(Chef::Config[:validation_key]))
    pri_config[:validation_key] = File.read(File.expand_path(Chef::Config[:validation_key]))
  else
    if Chef::VERSION.split('.').first.to_i == 11
      ui.error('Unable to find validation key. Please verify your configuration file for validation_key config value.')
      exit 1
    end
    if config[:server_count].to_i > 1
      node_name = config[:chef_node_name]
      0.upto (config[:server_count].to_i-1) do |count|
        config[:chef_node_name] = node_name + count.to_s
        key_path = create_node_and_client_pem
        pri_config[("client_pem" + count.to_s).to_sym] = File.read(key_path)
      end
      config[:chef_node_name] = node_name
    else
      key_path = create_node_and_client_pem
      if File.exist?(key_path)
        pri_config[:client_pem] = File.read(key_path)
      else
        ui.error('Unable to find client.pem at given path #{key_path}')
        exit 1
      end
    end
  end

  # SSL cert bootstrap support
  if locate_config_value(:cert_path)
    if File.exist?(File.expand_path(locate_config_value(:cert_path)))
      pri_config[:chef_server_crt] = File.read(File.expand_path(locate_config_value(:cert_path)))
    else
      ui.error('Specified SSL certificate does not exist.')
      exit 1
    end
  end

  # encrypted_data_bag_secret key for encrypting/decrypting the data bags
  pri_config[:encrypted_data_bag_secret] = load_correct_secret

  pri_config
end

#get_chef_extension_public_params ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 275

def get_chef_extension_public_params
  pub_config = Hash.new
  if(locate_config_value(:azure_extension_client_config))
    pub_config[:client_rb] = File.read(File.expand_path(locate_config_value(:azure_extension_client_config)))
  else
    pub_config[:client_rb] = "chef_server_url \t #{Chef::Config[:chef_server_url].to_json}\nvalidation_client_name\t#{Chef::Config[:validation_client_name].to_json}"
  end

  pub_config[:runlist] = locate_config_value(:run_list).empty? ? "" : locate_config_value(:run_list).join(",").to_json
  pub_config[:custom_json_attr] = locate_config_value(:json_attributes) || {}
  pub_config[:extendedLogs] = locate_config_value(:extended_logs) ? "true" : "false"
  pub_config[:hints] = ohai_hints if @service.instance_of?(Azure::ResourceManagement::ARMInterface) && !locate_config_value(:ohai_hints).nil?
  pub_config[:chef_daemon_interval] = locate_config_value(:chef_daemon_interval) if locate_config_value(:chef_daemon_interval)
  pub_config[:daemon] = locate_config_value(:daemon) if locate_config_value(:daemon)

  # bootstrap attributes
  pub_config[:bootstrap_options] = {}
  pub_config[:bootstrap_options][:environment] = locate_config_value(:environment) if locate_config_value(:environment)
  pub_config[:bootstrap_options][:chef_node_name] = locate_config_value(:chef_node_name) if locate_config_value(:chef_node_name)
  pub_config[:bootstrap_options][:chef_server_url] = Chef::Config[:chef_server_url] if Chef::Config[:chef_server_url]
  pub_config[:bootstrap_options][:validation_client_name] = Chef::Config[:validation_client_name] if Chef::Config[:validation_client_name]
  pub_config[:bootstrap_options][:node_verify_api_cert] = locate_config_value(:node_verify_api_cert) ? "true" : "false" if config.key?(:node_verify_api_cert)
  pub_config[:bootstrap_options][:bootstrap_version] = locate_config_value(:bootstrap_version) if locate_config_value(:bootstrap_version)
  pub_config[:bootstrap_options][:node_ssl_verify_mode] = locate_config_value(:node_ssl_verify_mode) if locate_config_value(:node_ssl_verify_mode)
  pub_config[:bootstrap_options][:bootstrap_proxy] = locate_config_value(:bootstrap_proxy) if locate_config_value(:bootstrap_proxy)
  pub_config
end

#get_chef_extension_publisher ⇒ `Object`



232
233
234

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 232

def get_chef_extension_publisher
  "Chef.Bootstrap.WindowsAzure"
end

#get_chef_extension_version(chef_extension_name = nil) ⇒ `Object`

get latest version

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 237

def get_chef_extension_version(chef_extension_name = nil)
  if locate_config_value(:azure_chef_extension_version)
    Chef::Config[:knife][:azure_chef_extension_version]
  else
    chef_extension_name = chef_extension_name.nil? ? get_chef_extension_name : chef_extension_name
    if @service.instance_of? Azure::ResourceManagement::ARMInterface
      service.get_latest_chef_extension_version({
        :azure_service_location => locate_config_value(:azure_service_location),
        :chef_extension_publisher => get_chef_extension_publisher,
        :chef_extension => chef_extension_name
      })
    elsif @service.instance_of? Azure::ServiceManagement::ASMInterface
      extensions = service.get_extension(chef_extension_name, get_chef_extension_publisher)
      extensions.css("Version").max.text.split(".").first + ".*"
    end
  end
end

#load_cloud_attributes_in_hints(server) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 132

def load_cloud_attributes_in_hints(server)
  # Modify global configuration state to ensure hint gets set by knife-bootstrap
  # Query azure and load necessary attributes.
  cloud_attributes = {}
  cloud_attributes["public_ip"] = server.publicipaddress
  cloud_attributes["vm_name"] = server.name
  cloud_attributes["public_fqdn"] = server.hostedservicename.to_s + ".cloudapp.net"
  cloud_attributes["public_ssh_port"] = server.sshport if server.sshport
  cloud_attributes["public_winrm_port"] = server.winrmport if server.winrmport

  Chef::Config[:knife][:hints] ||= {}
  Chef::Config[:knife][:hints]["azure"] ||= cloud_attributes
end

#load_correct_secret ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 303

def load_correct_secret
  knife_secret_file = Chef::Config[:knife][:encrypted_data_bag_secret_file]
  knife_secret = Chef::Config[:knife][:encrypted_data_bag_secret]
  cli_secret_file = config[:encrypted_data_bag_secret_file]
  cli_secret = config[:encrypted_data_bag_secret]

  #The value set in knife.rb gets set in config object too
  #That's why setting cli objects to nil if the values are specified in knife.rb
  cli_secret_file = nil if cli_secret_file == knife_secret_file
  cli_secret = nil if cli_secret == knife_secret

  cli_secret_file = Chef::EncryptedDataBagItem.load_secret(cli_secret_file) if cli_secret_file != nil
  knife_secret_file = Chef::EncryptedDataBagItem.load_secret(knife_secret_file) if knife_secret_file != nil

  cli_secret_file || cli_secret || knife_secret_file || knife_secret
end

#load_winrm_deps ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 25

def load_winrm_deps
  require 'winrm'
  require 'chef/knife/winrm'
  require 'chef/knife/bootstrap_windows_winrm'
end

#ohai_hints ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 263

def ohai_hints
  hint_values = locate_config_value(:ohai_hints)

  if hint_values.casecmp('default').zero?
    hints = default_hint_options
  else
    hints = hint_values.split(',')
  end

  hints
end

#tcp_test_ssh(fqdn, sshport) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 35

def tcp_test_ssh(fqdn, sshport)
  tcp_socket = TCPSocket.new(fqdn, sshport)
  readable = IO.select([tcp_socket], nil, nil, 5)
  if readable
    Chef::Log.debug("sshd accepting connections on #{fqdn}, banner is #{tcp_socket.gets}")
    yield
    true
  else
    false
  end
  rescue SocketError
    sleep 2
    false
  rescue Errno::ETIMEDOUT
    false
  rescue Errno::EPERM
    false
  rescue Errno::ECONNREFUSED
    sleep 2
    false
  rescue Errno::EHOSTUNREACH
    sleep 2
    false
  ensure
    tcp_socket && tcp_socket.close
end

#tcp_test_winrm(ip_addr, port) ⇒ `Object`

# File 'lib/chef/knife/bootstrap/bootstrapper.rb', line 62

def tcp_test_winrm(ip_addr, port)
  hostname = ip_addr
  socket = TCPSocket.new(hostname, port)
  return true
  rescue SocketError
    sleep 2
    false
  rescue Errno::ETIMEDOUT
    false
  rescue Errno::EPERM
    false
  rescue Errno::ECONNREFUSED
    sleep 2
    false
  rescue Errno::EHOSTUNREACH
    sleep 2
    false
  rescue Errno::ENETUNREACH
    sleep 2
    false
end

Module: Chef::Knife::Bootstrap::Bootstrapper

Instance Method Summary collapse

Instance Method Details

#bootstrap_common_params(bootstrap, server) ⇒ Object

#bootstrap_exec(server) ⇒ Object

#bootstrap_for_node(server, fqdn, port) ⇒ Object

#bootstrap_for_windows_node(server, fqdn, port) ⇒ Object

#create_node_and_client_pem ⇒ Object

#default_bootstrap_template ⇒ Object

#default_hint_options ⇒ Object

#get_chef_extension_name ⇒ Object

#get_chef_extension_private_params ⇒ Object

#get_chef_extension_public_params ⇒ Object

#get_chef_extension_publisher ⇒ Object

#get_chef_extension_version(chef_extension_name = nil) ⇒ Object

#load_cloud_attributes_in_hints(server) ⇒ Object

#load_correct_secret ⇒ Object

#load_winrm_deps ⇒ Object

#ohai_hints ⇒ Object

#tcp_test_ssh(fqdn, sshport) ⇒ Object

#tcp_test_winrm(ip_addr, port) ⇒ Object

#bootstrap_common_params(bootstrap, server) ⇒ `Object`

#bootstrap_exec(server) ⇒ `Object`

#bootstrap_for_node(server, fqdn, port) ⇒ `Object`

#bootstrap_for_windows_node(server, fqdn, port) ⇒ `Object`

#create_node_and_client_pem ⇒ `Object`

#default_bootstrap_template ⇒ `Object`

#default_hint_options ⇒ `Object`

#get_chef_extension_name ⇒ `Object`

#get_chef_extension_private_params ⇒ `Object`

#get_chef_extension_public_params ⇒ `Object`

#get_chef_extension_publisher ⇒ `Object`

#get_chef_extension_version(chef_extension_name = nil) ⇒ `Object`

#load_cloud_attributes_in_hints(server) ⇒ `Object`

#load_correct_secret ⇒ `Object`

#load_winrm_deps ⇒ `Object`

#ohai_hints ⇒ `Object`

#tcp_test_ssh(fqdn, sshport) ⇒ `Object`

#tcp_test_winrm(ip_addr, port) ⇒ `Object`