Fatal编程技术网
  • ruby/
  • Ruby 如果缺少,克里特岛上的配方将失败

Ruby 如果缺少,克里特岛上的配方将失败

ruby vagrant chef-infra

Ruby 如果缺少,克里特岛上的配方将失败,ruby,vagrant,chef-infra,Ruby,Vagrant,Chef Infra,我遵循这个教程:,他们让我们自己制作食谱。下面的代码就是配方。问题在于代码块以cookbook_文件“id_rsa”开头,在“Add Github as known host”注释之前结束。通过将我的id_rsa和id_rsa.pub文件移动到rails stack/files/default/目录中,我能够通过cookbook_文件“id_rsa”块和cookbook_文件“id_rsa.pub”块,但现在当它在没有密码块的情况下尝试sudo_时,它会中断。令人惊讶的是,如果我在操作抛出的每个

我遵循这个教程:,他们让我们自己制作食谱。下面的代码就是配方。问题在于代码块以cookbook_文件“id_rsa”开头,在“Add Github as known host”注释之前结束。通过将我的id_rsa和id_rsa.pub文件移动到rails stack/files/default/目录中,我能够通过cookbook_文件“id_rsa”块和cookbook_文件“id_rsa.pub”块,但现在当它在没有密码块的情况下尝试sudo_时,它会中断。令人惊讶的是,如果我在操作抛出的每个错误后都设置vagrant:如果缺少块,则创建块,配置会一直到cookbooks\u文件“authorization keys”块,但它会被卡在那里;即使在配置之后,当我第一次遇到错误时。对正在发生的事情有什么想法吗?请尽可能描述,我对devops比较陌生,只知道流浪汉和厨师的一些细节。提前谢谢

execute "apt-get update" do
  command "apt-get update"
end

# OS Dendencies
%w(git ruby-dev build-essential libsqlite3-dev libssl-dev).each do |pkg|
  package pkg
end

# Deployer user, sudoer and with known RSA keys
user_account 'deployer' do
  create_group true
end
group "sudo" do
  action :modify
  members "deployer"
  append true
end
cookbook_file "id_rsa" do
  source "id_rsa"
  path "/home/deployer/.ssh/id_rsa"
  group "deployer"
  owner "deployer"
  mode 0600
  action :create_if_missing
end
cookbook_file "id_rsa.pub" do
  source "id_rsa.pub"
  path "/home/deployer/.ssh/id_rsa.pub"
  group "deployer"
  owner "deployer"
  mode 0644
  action :create_if_missing
end

# Allow sudo command without password for sudoers
cookbook_file "sudo_without_password" do
  source "sudo_without_password"
  path "/etc/sudoers.d/sudo_without_password"
  group "root"
  owner "root"
  mode 0440
  action :create_if_missing
end

# Authorize yourself to connect to server
cookbook_file "authorized_keys" do
  source "authorized_keys"
  path "/home/deployer/.ssh/authorized_keys"
  group "deployer"
  owner "deployer"
  mode 0600
  action :create
end

# Add Github as known host
ssh_known_hosts_entry 'github.com'

# Install Ruby Version
include_recipe 'ruby_build'

ruby_build_ruby '2.1.2'

link "/usr/bin/ruby" do
  to "/usr/local/ruby/2.1.2/bin/ruby"
end

gem_package 'bundler' do
  options '--no-ri --no-rdoc'
end

# Install Rails Application
include_recipe "runit"
application 'capistrano-first-steps' do
  owner 'deployer'
  group 'deployer'
  path '/var/www/capistrano-first-steps'
  repository 'git@github.com:gotealeaf/capistrano-first-steps.git'
  rails do
    bundler true
    database do
      adapter "sqlite3"
      database "db/production.sqlite3"
    end
  end
  unicorn do
    worker_processes 2
  end
end
****编辑*******

自从第一次写这个问题以来,我已经注释掉了sudo_而没有密码块,并且能够通过添加

ssh_keygen true
到用户帐户“部署者”块

我还将一个空的authorized_keys文件放在rails stack/files/default/中,这有助于cookbook_文件“authorized_keys”块无错误地运行

现在,当vagrant/chef试图提取示例回购时,我遇到了这个错误

==> default: [2014-12-04T22:44:18+00:00] ERROR: deploy_revision[capistrano-first-steps] (/tmp/vagrant-chef-3/chef-solo-2/cookbooks/application/providers/default.rb line 123) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
==> default: ---- Begin output of git ls-remote "git@github.com:gotealeaf/capistrano-first-steps.git" "HEAD" ----
==> default: STDOUT: 
==> default: STDERR: Warning: Permanently added the RSA host key for IP address '192.30.252.129' to the list of known hosts.
==> default: Permission denied (publickey).
==> default: fatal: Could not read from remote repository.
==> default: 
==> default: Please make sure you have the correct access rights
==> default: and the repository exists.
==> default: ---- End output of git ls-remote "git@github.com:gotealeaf/capistrano-first-steps.git" "HEAD" ----
==> default: Ran git ls-remote "git@github.com:gotealeaf/capistrano-first-steps.git" "HEAD" returned 128
==> default: [2014-12-04T22:44:18+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
您可能必须将
应用程序
资源指向将用于克隆repo的私钥


application 'capistrano-first-steps' do
  ...
  deploy_key lazy { File.read("/home/deployer/.ssh/id_rsa") }
  ...
end



更多信息--
答案很简单,我记得我和puppet有过类似的问题。出于某种原因,不确定为什么要使用


git@github.com:gotealeaf/capistrano-first-steps.git


与流浪汉/厨师/木偶相处不好。所以,我所做的是将上面的行更改为


https://github.com/gotealeaf/capistrano-first-steps



就这样,我的盒子配置工作正常,没有问题
 你能给我们一个错误消息来处理吗?@TejayCardon编辑已启动!:如上所示,DAdding deploy_键没有解决git问题。:/。还有什么我可以试试的吗?公钥在GitHub上有授权吗?您可以使用来管理密钥的生命周期。实际上,我刚刚解决了这个问题。我在使用puppet时遇到了类似的问题,该问题的解决方案也解决了我当前的chef问题。这并不是说puppet或chef不能很好地使用git协议。git协议使用SSH作为传输,因此需要适当的密钥管理。我相信你的问题仍然是你没有在git回购上授权你的公钥。如果您专门使用公共GitHub repo,HTTPS可以正常工作。如果您使用的其他git提供商没有在repo上实现公共HTTPS接口,或者如果repo是私有的,那么您运气不好,仍然需要修复密钥管理。哦,嗯……好的。我不知道。如果git提供商没有实现HTTPS和/或回购是私有的,那么最好的做法是什么?