Aaron Baer – Connect the Dots

You could probably title it a few other things too but I’m no longer
taking suggestions…..

I wanted to be able to knife bootstrap some Guest VM’s running on a
server somewhere on the Internet. These systems are running on a KVM
Host in a private libvirtd network. This means that they are not
directly accessible from my Opscode cookbooks environment where I
issue knife commands.

Luckily, with some ssh tunneling and a couple of local configuration
settings no private network is inaccessible!

Knife can support ssh running on alternate ports with an entry in your
knife.rb file. Example – knife[:ssh_port] = ’22′. This gives us what
we need to get the job done.

First we add and entry to your .chef/knife.rb file:

knife[:ssh_port] = ’2222′

Then we open an ssh tunnel in a separate terminal session to the ip
address of the guest we wish to bootstrap using the -L option of ssh:

ssh -L 2222:192.168.122.34:22 mykvmhost.slyness.org

(You can test this tunnel. `ssh -p 2222 username@localhost` will log
into your Guest VM)

Now we need to modify /etc/hosts so that we can pass knife a FQDN
telling our local environment to resolve this name to localhost.

vi /etc/hosts

add and entry similar to:
127.0.0.1 myguestvm.slyness.org myguestvm

With those in place we can now bootstrap that remote system.

knife bootstrap myguestvm.slyness.org -N myguestvm -r
‘role[completelyradconfiguration]‘ -x username -P password –sudo

knife will ssh over your local ssh tunnel via port 2222 and connect to
the correct system, bootstrap chef-client onto the system and perform
your runlist.

rinse, repeat, devops

Posted via email from Aaron Baer

Posted via email from Aaron Baer