migration from Chef on aws to Chef on OpenStack
2015-02-27 00:01:28 GMT
I looked at the sudoer's cookbook but I didnt figure out how to use it
User_Alias FULLTIMERS = appsautm"
User_Alias ORAINST = orainst"
FULLTIMERS ALL =NOPASSWD: ALL
ORAINST ALL=(orainst) NOPASSWD: ALL
ORAINST ALL= NOPASSWD: /bin/su - orainst
Our users data bag on the web manager is out of sync with what we see from this command:
$ knife data bag show users
Whereas I see 75 users listed when I use the knife command, I only see 15 on the web manager. When I ran `knife download .` on my laptop, I am able to download all 75 user json files under the data_bags/users folder. We are currently running Chef server at API version 12.0.0 on a private subnet on AWS.
If I were to "edit" a users data bag item and close the file without making any change, the missing users data bag item would reappear on the web manager upon refresh. For example:
1. User "aaron" is currently missing from the users data bag on the web manager;
2. knife data bag edit users aaron
3. Simply close the text editor without making any change. The update will be committed on the Chef server;
4. Refresh the browser, and I can see user "aaron" on the web manager.
On my end I can fix the web console view by uploading the json files:$ knife data bag from file users /path/to/user.json
There are two likely suspects that may be the cause. One is that the web manager is somehow getting the users data bag from a corrupted cached version. The other is that the web manager display may be a little buggy.
To get past the issue I just described, I reuploaded all the missing users to our data bag. I verified all 75 users are present by doing a manual search on each user. I had to do that, because I found the default display behavior to be unreliable, as I had just alluded. When I went to the Data Bags section and selected the users data bag, I noticed that the browser only showed a fraction of the total users under the Items tab. When I scrolled down, I saw the page fetched more users but not all. Also the fetching only happens once consistently on Firefox, Chrome, and Safari. I was also able to replicate the behavior upon multiple browser refreshes.
Unfortunately I do not know enough about Chef servers to know how I'd even go about testing my hypothesis. Any insight on what could have caused the apparent mismatch between the web manager and knife output would be greatly appreciated. Thank you so much for your help.
"groups": ["vagrant", "wheel", "admin", "sensu", "chef", "adm", "cdrom", "sudo", "dip", "plugdev", "lpadamin"]
In my default.rb cookbook, I have these lines
users_manage "admin" do
After the user is created, it looks like this:
uid=1000(project) gid=1000(project) groups=1000(project),2302(admin)
How can I get the user to be member of all the groups mentioned in the json file?