Clever Geek Handbook

Terraform: Providing a Chef

I'm using this config to provide my guest with a chef and vagrant client:

  config.vm.provision "chef_client" do |chef|
    chef.add_recipe 'living-development'
    chef.chef_server_url = 'https://api.chef.io/organizations/my-organization'
    chef.validation_key_path = 'cert.pem'
    chef.validation_client_name = 'validation'
    chef.version = '12.19.36'
  end

This configuration works great with chef and tramps. However, I need to provide my car using terraformite. I am not quite clear on how to install the above "vagrant+chef"

with "terraform+chef"

.

So far I had to do this:

# Create a new Web Droplet in the nyc2 region
resource "digitalocean_droplet" "web" {
  image  = "ubuntu-14-04-x64"
  name   = "web-1"
  region = "fra1"
  size   = "512mb"
  ssh_keys = ["${digitalocean_ssh_key.default.id}"]
  volume_ids = ["${digitalocean_volume.foobar.id}"]
  provisioner "chef" {
    server_url = "https://api.chef.io/organizations/my-organization"
    user_name = "living"
    user_key = "./living.pem"
    node_name = "living"
    run_list = [ "cookbook::living-development" ]
    version = "12.19.36"
  }
}

Execution prints this out:

digitalocean_droplet.web (chef): Connecting to remote host via SSH...
digitalocean_droplet.web (chef):   Host: 139.59.148.167
digitalocean_droplet.web (chef):   User: root
digitalocean_droplet.web (chef):   Password: false
digitalocean_droplet.web (chef):   Private key: false
digitalocean_droplet.web (chef):   SSH Agent: false
digitalocean_droplet.web: Still creating... (1m0s elapsed)
digitalocean_droplet.web (chef): Connecting to remote host via SSH...
digitalocean_droplet.web (chef):   Host: 139.59.148.167
digitalocean_droplet.web (chef):   User: root
digitalocean_droplet.web (chef):   Password: false
digitalocean_droplet.web (chef):   Private key: false
digitalocean_droplet.web (chef):   SSH Agent: false
digitalocean_droplet.web (chef): Connecting to remote host via SSH...
digitalocean_droplet.web (chef):   Host: 139.59.148.167
digitalocean_droplet.web (chef):   User: root
digitalocean_droplet.web (chef):   Password: false
digitalocean_droplet.web (chef):   Private key: false
digitalocean_droplet.web (chef):   SSH Agent: false
digitalocean_droplet.web (chef): Connecting to remote host via SSH...
digitalocean_droplet.web (chef):   Host: 139.59.148.167
digitalocean_droplet.web (chef):   User: root
digitalocean_droplet.web (chef):   Password: false
digitalocean_droplet.web (chef):   Private key: false
digitalocean_droplet.web (chef):   SSH Agent: false
digitalocean_droplet.web: Still creating... (1m10s elapsed)
digitalocean_droplet.web (chef): Connecting to remote host via SSH...
...

I do not know what it means...

What kind of chef is he trying to get?

Am I doing wrong?

+3


source to share


1 answer


Your problem is the chef is trying to connect to your DigitalOcean Droplet using SSH root credentials. root logins for SSH are disabled by default on ubuntu and you don't want to change this as best practice is believed to not allow it.

As such, you need to configure the chef assistant to use the correct SSH credentials to connect to your drip. To do this, you need the following in your Provider definition:



provisioner "chef" {
 connection {
  type = "ssh"
  user = "your-ssh-user"
  key = $file("/path/to/.pem.key")
 }
}

Just set the correct values ​​for the attributes user

and key

connection

within the chef preparation module, and that should allow the chef to connect to your droplet as you expect.

+6


source






More articles:


All Articles