Information Technology Reference
In-Depth Information
chef-webui
devhost
We also need to associate a node with our client key, so run the following:
$
knife node create devhost --disable-editing
Now
devhost
shows up as a node as well. This is what happens when a node is boot-
strapped—a client key is generated and the node is registered with Chef Server. We are just
simulating this process in
chef-zero
by hand:
$
knife node list
devhost
We're going to create a new encrypted data bag for storing root passwords, which will be
managed by
chef-vault
. Create the directory
chef-playground/data_bags/passwords
to
store the
.json
file we will be creating next.
Linux/Mac OS X:
$
mkdir -p data_bags/passwords
Windows:
>
mkdir data_bags\passwords
Create the file shown in
Example 13-7
in
chef-playground/data_bags/api_keys/mysql.json
. It
stores the MySQL database root user password.
Example 13-7. chefdk/chef-playground/data_bags/passwords/mysql_root.json
{
"id"
:
"mysql_root"
,
"password"
:
"This is a very secure password"
}
chef-vault
installs a knife plugin to manage encrypted data bags. It exposes
chef-vault
commands via
knife vault
. Enter in the following command to create an encrypted data
bag item with a secret managed by
chef-vault
: