From 31452c9b57f056270cba5816186ac7f4ec51cb89 Mon Sep 17 00:00:00 2001 From: Clement Buisson Date: Thu, 2 Mar 2017 14:20:55 -0800 Subject: [PATCH] - Enforce Chef Server 11 (instead of lastest Chef Server version) - Reduced image size (From 1.319GB to 1.025GB) --- Dockerfile | 12 +++++++----- README.md | 25 +++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9ecf597..20cfe61 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,12 +2,14 @@ FROM ubuntu:14.04 MAINTAINER Clement Buisson #This is a fork of base/chef-server -RUN apt-get update ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get install -yq wget curl -RUN wget --content-disposition "http://www.opscode.com/chef/download-server?p=ubuntu&pv=12.04&m=x86_64&v=latest&prerelease=false&nightlies=false" -RUN dpkg -i chef-server*.deb +RUN apt-get update && \ + apt-get install -yq --no-install-recommends wget curl && \ + wget --no-check-certificate --content-disposition "http://www.opscode.com/chef/download-server?p=ubuntu&pv=14.04&m=x86_64&v=11&prerelease=false&nightlies=false" && \ + dpkg -i chef-server*.deb && \ + rm chef-server*.deb && \ + apt-get remove -y wget && \ + rm -rf /var/lib/apt/lists/* RUN dpkg-divert --local --rename --add /sbin/initctl RUN ln -sf /bin/true /sbin/initctl diff --git a/README.md b/README.md index 5f7090d..9c547be 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,21 @@ # chef-server -chef-server is running Chef server 11 on an Ubuntu Trusty 14.04 LTS +chef-server is running Chef Server 11 in a Ubuntu Trusty 14.04 LTS container. +Image Size: 1.025 GB This is a fork of: [base/chef-server](https://registry.hub.docker.com/u/base/chef-server/). ## Environment Chef is running over HTTPS/443 by default. You can however change that to another port by updating the `CHEF_PORT` variable and the expose port `-p`. +You will need to use Chef 11.X in order to be able to use Knife. +Check Knife's version: +```bash +cbuisson@t530:~# knife -v +Chef: 11.16.4 +``` +*If you have Chef 12 installed on your Docker server, you will need to use* `knife ssl fetch` *in order to get the SSL certificates from the container. Don't forget to update `chef_server_url` with the container ID in knife.rb!* + ## Usage *With log output:* @@ -23,7 +32,19 @@ $ docker run --privileged -e CHEF_PORT=443 --name chef-server -d -p 443:443 cbui Once the Chef server is configured, you can download the Knife admin keys here: ``` -$ curl -Ok https://IP:CHEF_PORT/knife_admin_key.tar.gz +$ curl -Ok https://IP_HOST:CHEF_PORT/knife_admin_key.tar.gz ``` Then un-tar that archive and point your knife.rb to the `admin.pem` and `chef-validator.pem` files. + +*knife.rb* example: +```bash +log_level :info +log_location STDOUT +cache_type 'BasicFile' +node_name 'admin' +client_key '/home/cbuisson/.chef/admin.pem' +validation_client_name 'chef-validator' +validation_key '/home/cbuisson/.chef/chef-validator.pem' +chef_server_url 'https://IP_HOST:CHEF_PORT' +```