When you bootstrap a node using
knife bootstrap Chef assumes that you’ll have access to the internet. It uses this to download the client package and some metadata, but you don’t have to be connected to the internet to bootstrap a node.
This is especially handy in cases where you have a firewalled setup that won’t let you get packages from the internet.
There’s two ways to solve this. The first is to take advantage of the
For distro’s that use
$ knife bootstrap chefnode -N MyNewNode --bootstrap-install-command "curl http://your-internal-server/chef.deb -o /tmp/chef.deb && dpkg -i /tmp/chef.deb
For distro’s that use
$ knife bootstrap chefnode -N MyNewNode --bootstrap-install-command "yum install -y http://your-internal-server/chef.rpm"
This method is a good choice for one-offs, or a very small number of machines, but if you have anymore than that then the better option is to make a bootstrap template.
Making your own bootstrap template
Bootstrap templates are simply
erb files that Chef uses to determine how to bootstrap a node. You can override the default one with the
You can make your own template and place it in
~/chef-repo/.chef/bootstrap (you may have to make the
The easiest way to do make your own template, is to start with the default Chef template and modify it to contain the bootstrap commands you need, similar to the above.
Once you’ve created and saved your own template, you can now change your command to (assuming you made a
$ knife bootstrap chefnode -N MyNewNode --bootstrap-template debian
You may have noticed that these two methods are functionally the same, pass the command in and it gets interpolated into the template, make a template and put your command in, same result. The reason I recommend you use templates for more than a few nodes is because you can keep your bootstrap files in version control, though it takes a few more steps.
Version controlling your bootstrap files
knife will look in a few places for a
.chef/bootstrap directory, we have to keep our bootstrap files there somehow. The problem is we shouldn’t commit
.chef directories to version control since the directory contains keys. Instead what you can do is make a
~/chef-repo/bootstrap folder that contains your files and instead of creating the directory as we did above, instead we’d symlink it.
$ ln -s ../bootstrap .chef/bootstrap
Now you can add your
~/chef-repo/bootstrap directory to your next commit without exposing keys or having to keep track of a bunch of bootstrap commands.
What do you think? Leave a comment. Click here if you would like to see more like this: https://ThaiWood.IO/DevTo
Top comments (0)