Reruning Chef on a current install

[pkdavidson]

Trying to convince a colleague of the benefit of Chef, one of his concerns is that re-running Chef could wipe out an existing Portal's setup. I took a snapshot of our Dev that has lots of data, maps, etc... and reran Chef.

Our Dev Portal is setup in https only mode which I'm thinking has led to the following failure of Chef to re-run? Our server is now "https://dev-allInOne.ourdomain.org:6443/arcgis" rather than the 6080 seen below.

Compiled Resource:

Declared in C:\chef\cookbooks\arcgis\recipes\server.rb:51:in `from_file'

arcgis_server("Create ArcGIS for Server Site") do action [:create_site] retries 5 retry_delay 30 default_guard_interpreter :default declared_type :arcgis_server cookbook_name :arcgis recipename "server" ** serverurl "http://dev-allInOne.ourdomain.org:6080/arcgis"** username "uname" password "pword" server_directories_root "C:\arcgisserver" config_store_connection_string "C:\arcgisserver/config-store" config_store_type "FILESYSTEM" end

[2016-04-07T15:55:50-06:00] INFO: Running queued delayed notifications before re-raising exception [2016-04-07T15:55:50-06:00] ERROR: Running exception handlers [2016-04-07T15:55:50-06:00] ERROR: Exception handlers complete [2016-04-07T15:55:50-06:00] FATAL: Stacktrace dumped to C:/chef/cache/chef-stacktrace.out

Is that correct? To rerun Chef do I need to adjust a recipe or set Portal back to the default of http ?

[pkdavidson]

I think I meant, set server back to http or https, right now both both portal and server on the all in one box are set to https only.

[pbobov]

It should be safe to rerun Chef with the same JSON file (run_list + attributes). Theoretically, Chef resources must be idempotent. That is if the system is already in the desired state - do nothing.

In reality ArcGIS Cookbook 2.2.0 is not 100% idempotent. It restarts windows services (to ensure that logon accounts username/password specified in the JSON file matches the actual logon). This will cause a short downtime. We are working on fixing that.

So far ArcGIS cookbook does not support changing primary server admin username or password. You will run into a problem like the one you postedif you try doing that. Chef must know PSA username and password after server site is created, even to check if the site is already created. (And to change PSA password Chef will need to know the current password).

[pbobov]

If you changed server to be HTTPS only you can set "server_url" to "https://dev-allInOne.ourdomain.org:6080/arcgis" in the "server" attributes.

Actually, the cookbook should use https in the server_url by default.

[pkdavidson]

Hmmm Pretty sure PSA is same as initial install. However, we have added some other admins

On 7 Apr 2016, at 6:16 PM, Pavel Bobov notifications@github.com<mailto:notifications@github.com> wrote:

It should be safe to rerun Chef with the same JSON file (run_list + attributes). Theoretically, Chef resources must be idempotent. That is if the system is already in the desired state - do nothing.

In reality ArcGIS Cookbook 2.2.0 is not 100% idempotent. It restarts windows services (to ensure that logon accounts username/password specified in the JSON file matches the actual logon). This will cause a short downtime. We are working on fixing that.

So far ArcGIS cookbook does not support changing primary server admin username or password. You will run into a problem like the one you postedif you try doing that. Chef must know PSA username and password after server site is created, even to check if the site is already created. (And to change PSA password Chef will need to know the current password).

You are receiving this because you authored the thread. Reply to this email directly or view it on GitHubhttps://github.com/Esri/arcgis-cookbook/issues/41#issuecomment-207146618

[pbobov]

Try to add "local_url" attribute to server section .. "server" : { ... "local_url" : "https://dev-allInOne.ourdomain.org:6443/arcgis" ... }

[pkdavidson]

Adding local_url appears to have taken care of the issue. Now I have proof that rerunning Chef does not affect Portal’s data. Of course, best to have backups.

As always, thanks!

[2016-04-07T19:12:49-06:00] INFO: Processing arcgis_portal[Federate Server] action federate_server (arcgis::federation line 26) [2016-04-07T19:12:49-06:00] INFO: URL https://myAllInOne.mydomain.com/portal/portaladmin is available. [2016-04-07T19:12:50-06:00] INFO: Chef Run complete in 1870.603221 seconds [2016-04-07T19:12:50-06:00] INFO: Skipping removal of unused files from the cache [2016-04-07T19:12:50-06:00] INFO: Running report handlers [2016-04-07T19:12:50-06:00] INFO: Report handlers complete