search

chef-boneyard / chef-provisioning

A library for creating machines and infrastructures idempotently in Chef.
Apache License 2.0
524 stars 164 forks source link

support chef-zero support for chef-provisioning windows #430

Open hh opened 9 years ago

hh commented 9 years ago

When running chef-client -z ./myrecipe.rb against a windows machine uri.scheme is set to 'chefzero' when calling Socket.getaddrinfo(uri.host, uri.scheme, nil, :STREAM) and getaddriinfo throws #<SocketError: getaddrinfo: Servname not supported for ai_socktype>

I don't think it's likely, as I'm unaware of a way to easily port-forward over winrm.

I think test-kitchen just transfers cookbooks over to the node and runs chef locally, but if not maybe we could incorporate whatever they do for forwarding.

Thoughts on approaches?

If not where can we document that we don't support chef-zero + chef-provisioning for windows?

hh commented 9 years ago

Looks like we would raise Unable to converge locally via winrm. Local converge is currently only supported with SSH. You may only converge with winrm against a chef-server.[1] if we got past the Socket.getaddrinfo [1] https://github.com/chef/chef-provisioning/blob/master/lib/chef/provisioning/transport/winrm.rb#L103

tyler-ball commented 9 years ago

@hh yeah, the quick fix would be to have it raise the error 'unable to converge locally via winrm'. We can add a chefzero check like we do in https://github.com/chef/chef-provisioning/blob/6a9775a5e413f7e65242193b91ce474dfc1a9e7d/lib/chef/provisioning/convergence_strategy/precreate_chef_objects.rb#L199

robcoward commented 9 years ago

This is how I have had to handle test-kitchen/chef-zero runs of chef provisioning recipes involving windows instances:

        # When running in local mode (ie Test-kitchen) use the host's ip address instead of localhost
        # when provisioning new servers, so they can connect back to the chef-zero instance.
        if Chef::Config[:chef_server_url].include?('localhost')
            with_chef_server "http://%s:8889" % [ node['ipaddress'] ],
              :client_name => Chef::Config[:node_name],
              :signing_key_filename => Chef::Config[:client_key]
        end

and then in my .kitchen.yml file set the following to force the chef-zero instance to bind to all local interfaces, not just localhost:

provisioner:
  name: chef_zero
  chef_zero_host: 0.0.0.0

This of course assumes network connectivity between the provisioning node and the instance it is creating (which in our case is all in the same VPC with appropriate security groups defined to allow access).

Would it be appropriate to detect that chef-provisioning is launching a windows instance, and where the chef_server is not otherwise specified, automatically do something similar ?

hh commented 8 years ago

@robcoward nice approach, I'll take a look at that

michaeltlombardi commented 7 years ago

Has there been any word on this? I just ran into the (very helpful, thank you!) error message for this. I can set up a provisioning node and go from there but I was planning use chef-zero to throw up some infrastructure.

jjasghar commented 7 years ago

I'm interested in this now too. @tyler-ball expect me to be reaching out.