NAME Pantry - Configuration management tool for chef-solo VERSION version 0.004 SYNOPSIS $ mkdir my-project $ cd my-project $ pantry init $ pantry create node foo.example.com $ pantry list nodes $ pantry apply node foo.example.com --recipe nginx $ pantry apply node foo.example.com --default nginx.port=80 $ pantry sync node foo.example.com DESCRIPTION "pantry" is a utility to make it easier to manage a collection of computers with the configuration management tool chef-solo USAGE Arguments to the "pantry" command line tool follow a regular structure: $ pantry VERB [[NOUN] [ARGUMENTS...]] See the following sections for details and examples by topic. Pantry setup and introspection init $ pantry init This initializes a pantry in the current directory. Currently, it just creates some directories for use storing cookbooks, node data, etc. list $ pantry list nodes Prints to STDOUT a list of nodes managed within the pantry. Managing nodes In this section, when a node NAME is required, the name is expected to be a valid DNS name or IP address. The name will be converted to lowercase for consistency. Also, whenever a command takes a single 'node NAME' target, you may give a single dash ('-') as the NAME and the command will be run against a list of nodes read from STDIN. You can combine this with the "pantry list" command to do batch operations. For example, to sync all nodes: $ pantry list nodes | pantry sync node - create $ pantry create node NAME Creates a node configuration file for the given "NAME". rename $ pantry rename node NAME DESTINATION Renames a node to a new name. The old node data file is renamed. The "NAME" must exist. delete $ pantry delete node NAME Deletes a node. The "NAME" must exist. Unless the "--force" or "-f" options are given, the user will be prompted to confirm deletion. show $ pantry show node NAME Prints to STDOUT the JSON data for the given "NAME". apply $ pantry apply node NAME --recipe nginx --default nginx.port=80 Applies recipes or attributes to the given "NAME". To apply a recipe to the node's "run_list", specify "--recipe RECIPE" or "-r RECIPE". May be specified multiple times to apply more than one recipe. To apply an attribute to the node, specify "--default KEY=VALUE" or "-d KEY=VALUE". If the "KEY" has components separated by periods ("."), they will be interpreted as subkeys of a multi-level hash. For example: $ pantry apply node NAME -d nginx.port=80 will be added to the node's data structure like this: { ... # other node data nginx => { port => 80 } } If the "VALUE" contains commas, the value will be split and serialized as an array data structure. For example: $ pantry apply node NAME -d nginx.port=80,8080 will be added to the node's data structure like this: { ... # other node data nginx => { port => [80, 8080] } } Both "KEY" and "VALUE" support periods and commas (respectively) to be escaped by a backslash. strip $ pantry strip node NAME --recipe nginx --default nginx.port Strips recipes or attributes from the given "NAME". To strip a recipe to the node's "run_list", specify "--recipe RECIPE" or "-r RECIPE". May be specified multiple times to strip more than one recipe. To strip an attribute from the node, specify "--default KEY" or "-d KEY". The "KEY" parameter is interpreted and may be escaped just like in "apply", above. sync $ pantry sync node NAME Copies cookbooks and configuration data to the "NAME" node and invokes "chef-solo" via "ssh" to start a configuration run. After configuration, the latest run-report for the node is updated in the 'reports' directory of the pantry. edit $ pantry edit node NAME Invokes the editor given by the environment variable "EDITOR" on the configuration file for the "name" node. The resulting file must be valid JSON in a form acceptable to Chef. Generally, you should use the "apply" or "strip" commands instead of editing the node file directly. Getting help commands $ pantry commands This gives a list of all pantry commands with a short description of each. help $ pantry help COMMAND This gives some detailed help for a command, including the options and arguments that may be used. AUTHENTICATION "pantry" relies on OpenSSH for secure communications with managed nodes, but does not manage keys itself. Instead, it expects the user to manage keys using standard OpenSSH configuration and tools. The user should specify SSH private keys to use in the ssh config file. One approach would be to use the "IdentityFile" with a host-name wildcard: IdentityFile ~/.ssh/identities/id_dsa_%h This would allow a directory of host-specific identities (which could all be symlinks to a master key). Another alternative might be to create a master key for each environment: IdentityFile ~/.ssh/id_dsa_dev IdentityFile ~/.ssh/id_dsa_test IdentityFile ~/.ssh/id_dsa_prod "pantry" also assumes that the user will unlock keys using "ssh-agent". For example, assuming that ssh-agent has not already been invoked by a graphical shell session, it can be started with a subshell of a terminal: $ ssh-agent $SHELL Then private keys can be unlocked in advance of running "pantry" using "ssh-add": $ ssh-add ~/.ssh/id_dsa_test $ pantry ... See the documentation for "ssh-add" for control over how long keys stay unlocked. ROADMAP In the future, I hope to extend pantry to support some or all of the following: * Chef role creation and application * environments * tagging nodes * searching nodes based on configuration * data bags * cookbook download from Opscode community repository * bootstrapping Chef over ssh If you are interested in contributing features or bug fixes, please let me know! SEE ALSO Inspiration for this tool came from similar chef-solo management tools. In addition to being implemented in different languages, each approaches the problem in slightly different ways, neither of which fit my priorities. Nevertheless, if you use chef-solo, you might consider them as well: * littlechef (Python) * pocketknife (Ruby) SUPPORT Bugs / Feature Requests Please report any bugs or feature requests through the issue tracker at . You will be notified automatically of any progress on your issue. Source Code This is open source software. The code repository is available for public review and contribution under the terms of the license. git clone https://github.com/dagolden/pantry.git AUTHOR David Golden COPYRIGHT AND LICENSE This software is Copyright (c) 2011 by David Golden. This is free software, licensed under: The Apache License, Version 2.0, January 2004