From 2eb0544ea9c840691b448bee2c00218334fd4170 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A2u=20Cao?= Date: Thu, 5 Jan 2023 17:14:46 +0800 Subject: [PATCH] Update README --- README.md | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 31772d0..fc844d2 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,16 @@ +This repository contains all infrastructure automation code that we use to set +up and configure servers, virtual machines, and applications for Kosmos hosted +services. + +Chef cookbooks are written in Ruby, and based on [Chef Infra +resources](https://docs.chef.io/resources/). Some cookbooks contain integration +test suites based on [Test Kitchen](https://docs.chef.io/workstation/kitchen/). + +Note: Manual configuration of servers and applications is highly discouraged, +and can be overwritten or lost without notice! + +## Setup + ### Install Chef Workstation * macOS, Windows, RHEL, Ubuntu: https://docs.chef.io/workstation/install_workstation/ @@ -6,24 +19,28 @@ #### rbenv If you use rbenv to manage Ruby versions on your system, install the -(rbenv-chef-workstation)[https://github.com/docwhat/rbenv-chef-workstation] +[rbenv-chef-workstation](https://github.com/docwhat/rbenv-chef-workstation) plugin. ### Install gem dependencies +Clone this repository, `cd` into it, and run: + bundle install -### Bootstrap a new server +## Common tasks - knife zero bootstrap root@dev.kosmos.org --run-list "recipe[kosmos-base],..." -j '{"example_cookbook":{"memory_max":"256M"}}' --secret-file .chef/encrypted_data_bag_secret +### Bootstrap a new host server + + knife zero bootstrap root@server-name.kosmos.org --run-list "role[base],role[kvm_host]" --secret-file .chef/encrypted_data_bag_secret ### Bootstrap a new VM - knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "recipe[kosmos-base]" --secret-file .chef/encrypted_data_bag_secret + knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "role[base],role[kvm_guest]" --secret-file .chef/encrypted_data_bag_secret -### Run Chef Zero +### Run Chef Zero on a host server - knife zero converge name:dev.kosmos.org + knife zero converge -p2222 name:server-name.kosmos.org ### Run Chef Zero on a VM @@ -33,7 +50,7 @@ plugin. knife zero converge name:dev.kosmos.org --client-version 15.3.14 -### Managing cookbooks +## Managing cookbooks Cookbooks are managed via Berkshelf. Run `berks --help` for command help. @@ -45,7 +62,7 @@ Vendor installed cookbooks to the `cookbooks/` dir: berks vendor cookbooks/ --delete -### "Expired" TLS certificates +## "Expired" TLS certificates If you encounter expired TLS certificates during a Chef run (e.g. for remote files), the issue is likely that the certificate has been issued by Let's