Setting properties in chef-client.rb

chef

I have a use-case where a chef recipe needs to use 'remote_file' to fetch a file on a virtual, and the fetch needs to be do through an HTTP proxy. This is not working because chef-client doesn't use the system proxy settings ... it gets its proxy settings from the /etc/chef/chef-client.rb

So how do I get proxy settings (or settings in general) into the chef-client.rb file on a client?

Ideally, I'd like it to happen at client bootstrap time, but I can't see how to do that short of hacking the code.

The other possibility is that I could create a recipe that updates the chef-client.rb file. But that strikes me as a bit dangerous. And it means that you need to run chef-client twice before it works, assuming that the missing proxy setting in the first run causes the run to ultimately fail.

Any ideas on how to fix this?


Fyi: The default config file is /etc/chef/client.rb, you would need to pass -c /etc/chef/chef-client.rb to use that file.

To set theChef configuration settings for http proxy, you can set the proxy to use with knife bootstrap with the command-line option --bootstrap-proxy URL. Or, you can add this in in your knife.rb. 

knife[:bootstrap_proxy] = "https://proxy.example.com"

Replace the "https://proxy.example.com" value with your proxy server URL.

This will add the http_proxy and https_proxy lines to the /etc/chef/client.rb file automatically. Alternatively, you can create a customized bootstrap template with these configuration values in the client config section. Something like this (modified from ubuntu10.04-gems.erb):

(
cat <<'EOP'
http_proxy "http://proxy.example.com" # replace with your URL
<%= config_content %>
EOP
) > /etc/chef/client.rb

Came across this question when I try to get a Chef solo run behind firewall work.

The same http_proxy settings for chef client client.rb can be used in solo.rb

So the chef solo run will be like this

solo.rb looks like below

cookbook_path File.expand_path("../cookbooks", __FILE__)
json_attribs File.expand_path("../node.json", __FILE__)

# HTTP for environment behind firewall
# http://docs.opscode.com/config.html
# solo.rb and client.rb can use the same http_proxy settings
http_proxy "http://proxy.company.com:3128"
# http_proxy_user "username"
# http_proxy_pass "password"

The chef run => chef-solo -c solo.rb -j node.json -l debug`

It works! ;-)

Related

Rejecting unlisted senders in Postfix
Wireshark - Filter for Inbound HTTP Requests on Port 80 Only
Grep and xargs: File name too long
Why has my auth.log file emptied - is this normal?
Robocopy falsely marks files as newer
openssl req sets wrong "not after" date (overflow bug?)
389 Directory Server Administrative Limit Exceeded error?
Internet explorer - SID S-1-5-5-0-348885
Nagios custom variables for object inheritance
Sizing requirements for 100 simultaneous VPN connections
I created an RSA key but SSH keeps asking the password
Is my ASA 5505 almost dead?