Update README

This commit is contained in:
Râu Cao 2023-01-05 17:14:46 +08:00
parent 2d50c7dfd6
commit 2eb0544ea9
Signed by: raucao
GPG Key ID: 15E65F399D084BA9

View File

@ -1,3 +1,16 @@
This repository contains all infrastructure automation code that we use to set
up and configure servers, virtual machines, and applications for Kosmos hosted
services.
Chef cookbooks are written in Ruby, and based on [Chef Infra
resources](https://docs.chef.io/resources/). Some cookbooks contain integration
test suites based on [Test Kitchen](https://docs.chef.io/workstation/kitchen/).
Note: Manual configuration of servers and applications is highly discouraged,
and can be overwritten or lost without notice!
## Setup
### Install Chef Workstation
* macOS, Windows, RHEL, Ubuntu: https://docs.chef.io/workstation/install_workstation/
@ -6,24 +19,28 @@
#### rbenv
If you use rbenv to manage Ruby versions on your system, install the
(rbenv-chef-workstation)[https://github.com/docwhat/rbenv-chef-workstation]
[rbenv-chef-workstation](https://github.com/docwhat/rbenv-chef-workstation)
plugin.
### Install gem dependencies
Clone this repository, `cd` into it, and run:
bundle install
### Bootstrap a new server
## Common tasks
knife zero bootstrap root@dev.kosmos.org --run-list "recipe[kosmos-base],..." -j '{"example_cookbook":{"memory_max":"256M"}}' --secret-file .chef/encrypted_data_bag_secret
### Bootstrap a new host server
knife zero bootstrap root@server-name.kosmos.org --run-list "role[base],role[kvm_host]" --secret-file .chef/encrypted_data_bag_secret
### Bootstrap a new VM
knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "recipe[kosmos-base]" --secret-file .chef/encrypted_data_bag_secret
knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "role[base],role[kvm_guest]" --secret-file .chef/encrypted_data_bag_secret
### Run Chef Zero
### Run Chef Zero on a host server
knife zero converge name:dev.kosmos.org
knife zero converge -p2222 name:server-name.kosmos.org
### Run Chef Zero on a VM
@ -33,7 +50,7 @@ plugin.
knife zero converge name:dev.kosmos.org --client-version 15.3.14
### Managing cookbooks
## Managing cookbooks
Cookbooks are managed via Berkshelf. Run `berks --help` for command help.
@ -45,7 +62,7 @@ Vendor installed cookbooks to the `cookbooks/` dir:
berks vendor cookbooks/ --delete
### "Expired" TLS certificates
## "Expired" TLS certificates
If you encounter expired TLS certificates during a Chef run (e.g. for remote
files), the issue is likely that the certificate has been issued by Let's