Chef 简明教程
Chef - Resources
Chef 资源表示操作系统处于其所需状态的一部分。这是一份配置策略声明,描述了想要将当前配置升级到的节点的所需状态。它有助于使用 Chef 的 Ohai 机制了解目标机器的当前状态。它还有助于定义将目标机器置于该状态所需的步骤。资源被分组到食谱中,这些食谱描述了工作配置。
Chef resource represents a piece of the operating system at its desired state. It is a statement of configuration policy that describes the desired state of a node to which one wants to take the current configuration to using resource providers. It helps in knowing the current status of the target machine using the Ohai mechanism of Chef. It also helps in defining the steps required to perform to get the target machine to that state. The resources are grouped in recipes which describes the working configuration.
对于 Chef,chef::Platform 会针对每个节点映射提供程序和平台版本。在每次 Chef 客户端运行开始时,Chef 服务器会收集当前计算机状态的详细信息。稍后,Chef 服务器会使用这些值来识别正确的提供程序。
In case of Chef, chef::Platform maps the providers and platform versions of each node. At the beginning of every Chef-client run, Chef server collects the details of any machines current state. Later, Chef server uses those values to identify the correct provider.
Resource Syntax
type 'name' do
attribute 'value'
action :type_of_action
end在以上语法中,“type”是资源类型,“name”是我们将要使用的名称。在 “do”和 “end”块中,我们有该资源的属性以及我们需要针对该特定资源执行的操作。
In the above syntax, ‘type’ is the resource type and ‘name’ is the name that we are going to use. In the ‘do’ and ‘end’ block, we have the attribute of that resource and the action that we need to take for that particular resource.
我们在配方中使用的每个资源都具有一组特定操作,其在 “do”和 “end”块内定义。
Every resource that we use in the recipe has its own set of actions, which is defined inside the ‘do’ and ‘end’ block.
Example
type 'name' do
attribute 'value'
action :type_of_action
end所有资源共享一组通用功能、操作、属性、条件执行、通知和相关操作路径。
All resources share a common set of functionality, actions, properties, conditional execution, notification, and relevant path of action.
Actions |
The :nothing action can be used with any resource or custom resource. |
Properties |
The ignore_failure, provider, retries, retry_delay, and supports properties can be used with any resource or custom resources. |
Guards |
The not_if and only_if conditional executions can be used to put additional guards around certain resources, so that they are only run when the condition is met. |
Guard Interpreters |
Evaluates a string command using a script-based resource: bash, csh, perl, powershell_script, python, or ruby. |
Notifications |
The notifies and subscribes notifications can be used with any resource. |
Relative Paths |
The #{ENV['HOME']} relative path can be used with any resource. |
Windows File Security |
The template, file, remote_file, cookbook_file, directory, and remote_directory resources support the use of inheritance and access control lists (ACLs) within recipes. |
Run in Compile Phase |
Sometimes a resource needs to be run before every other resource or after all resources have been added to the resource collection. |
Available Resources
apt_package
使用 apt_package 资源来管理 Debian 和 Ubuntu 平台的软件包。
Use the apt_package resource to manage packages for the Debian and Ubuntu platforms.
Bash
使用 bash 资源来使用 Bash 解释器执行脚本。该资源还可以使用 execute 资源可用的任何操作和属性。使用该资源执行的命令(根据其本质)不是幂等的,因为这些命令通常针对其运行所在的环境是唯一的。使用 not_if 和 only_if 来保护该资源以确保幂等性。
Use the bash resource to execute scripts using the Bash interpreter. This resource may also use any of the actions and properties that are available to the execute resource. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
Batch
使用 batch 资源来使用 cmd.exe 解释器执行批处理脚本。 batch 资源创建并执行临时文件(类似于 script 资源的行为),而不是内联运行该命令。
Use the batch resource to execute a batch script using the cmd.exe interpreter. The batch resource creates and executes a temporary file (similar to how the script resource behaves), rather than running the command inline.
该资源继承了 execute 资源的操作(:run 和 :nothing)和属性(creates、cwd、environment、group、path、timeout 和 user)。使用该资源执行的命令(根据其本质)不是幂等的,因为这些命令通常针对其运行所在的环境是唯一的。使用 not_if 和 only_if 来保护该资源以确保幂等性。
This resource inherits actions (:run and :nothing) and properties (creates, cwd, environment, group, path, timeout, and user) from the execute resource. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
bff_package
使用 bff_package 资源来使用 installp 实用程序管理 AIX 平台的软件包。当从本地文件安装软件包时,必须使用 remote_file 或 cookbook_file resources 将其添加到节点中。
Use the bff_package resource to manage packages for the AIX platform using the installp utility. When a package is installed from a local file, it must be added to the node using the remote_file or cookbook_file resources.
chef_gem
使用 chef_gem 资源仅针对 Chef 客户端专用 Ruby 实例来安装 gem。当从本地文件安装 gem 时,必须使用 remote_file 或 cookbook_file 资源将其添加到节点中。
Use the chef_gem resource to install a gem only for the instance of Ruby that is dedicated to the Chef-Client. When a gem is installed from a local file, it must be added to the node using the remote_file or cookbook_file resources.
chef_gem 资源处理所有与 gem_package 资源相同的属性和选项,但不接受 gem_binary 属性,因为它始终使用 Chef 客户端在其下方运行的 CurrentGemEnvironment。除了执行类似于 gem_package 资源的操作外, chef_gem 资源还执行上述操作。
The chef_gem resource works with all of the same properties and options as the gem_package resource, but does not accept the gem_binary property because it always uses the CurrentGemEnvironment under which the Chef-Client is running. In addition to performing actions similar to the gem_package resource, the chef_gem resource does the above.
cookbook_file
使用` cookbook_file `资源将文件从`COOKBOOK_NAME/files/`的子目录传输到在运行`ChefClient`的主机上的指定路径。
Use the cookbook_file resource to transfer files from a sub-directory of COOKBOOK_NAME/files/ to a specified path located on a host that is running the ChefClient.
根据文件特殊性来选择文件,它允许根据主机名,主机平台(操作系统,发行版或相应版本)或平台版本来使用不同的源文件。位于`COOKBOOK_NAME/files/default`子目录中的文件可以在任何平台上使用。
The file is selected according to file specificity, which allows different source files to be used based on the hostname, host platform (operating system, distro, or as appropriate), or platform version. Files that are located in the COOKBOOK_NAME/files/default subdirectory may be used on any platform.
Cron
使用`cron`资源来管理基于时间作业调度的`cron`条目。如果未提供,则计划的属性将默认为`*。`cron`资源需要访问`crontab`程序,通常为`cron。
Use the cron resource to manage cron entries for time-based job scheduling. Properties for a schedule will default to * if not provided. The cron resource requires access to a crontab program, typically cron.
Csh
使用`csh`资源使用`csh`解释器执行脚本。此资源也可以使用`execute`资源可用的所有操作和属性。
Use the csh resource to execute scripts using the csh interpreter. This resource may also use any of the actions and properties that are available to the execute resource.
使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
Deploy
使用` deploy `资源来管理和控制部署。这是一个流行的资源,但也很复杂,具有最多的属性,多个提供程序,回调的复杂性,以及四个支持从配方中修改布局的属性。
Use the deploy resource to manage and control deployments. This is a popular resource, but is also complex, having the most properties, multiple providers, the added complexity of callbacks, plus four attributes that support layout modifications from within a recipe.
Directory
使用` directory `资源来管理目录,目录是由构成计算机上存储的所有信息的文件夹组成的层次结构。根目录是顶级目录,其余目录都在此目录下组织。
Use the directory resource to manage a directory, which is a hierarchy of folders that comprises all of the information stored on a computer. The root directory is the top-level, under which the rest of the directory is organized.
` directory `资源使用`name`属性来指定目录中位置的路径。通常,需要具有访问目录中该位置的权限。
The directory resource uses the name property to specify the path to a location in a directory. Typically, permission to access that location in the directory is required.
dpkg_package
使用` dpkg_package 资源来管理 dpkg 平台的软件包。当从本地文件安装软件包时,必须使用 remote_file 或 cookbook_file `资源将其添加到节点。
Use the dpkg_package resource to manage packages for the dpkg platform. When a package is installed from a local file, it must be added to the node using the remote_file or cookbook_file resources.
easy_install_package
使用` easy_install_package `资源来管理 Python 平台的软件包。
Use the easy_install_package resource to manage packages for the Python platform.
Env
使用` env `资源来管理 Microsoft Windows 中的环境键。在设置了环境键之后,必须重新启动 Microsoft Windows,然后任务计划程序才能使用环境键。
Use the env resource to manage environment keys in Microsoft Windows. After an environment key is set, Microsoft Windows must be restarted before the environment key is available to the Task Scheduler.
erl_call
使用` erl_call `资源来连接到分布式 Erlang 系统中位于的节点。使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Use the erl_call resource to connect to a node located within a distributed Erlang system. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
Execute
使用` execute 资源来执行单个命令。使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用 not_if 和 only_if `来保护此资源的幂等性。
Use the execute resource to execute a single command. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
freebsd_package
使用` freebsd_package `资源来管理 FreeBSD 平台的软件包。
Use the freebsd_package resource to manage packages for the FreeBSD platform.
gem_package
使用` gem_package 资源来管理仅包含在配方中的 gem 软件包。当从本地文件安装软件包时,必须使用 remote_file 或 cookbook_file `资源将其添加到节点。
Use the gem_package resource to manage gem packages that are only included in recipes. When a package is installed from a local file, it must be added to the node using the remote_file or cookbook_file resources.
Git
使用` git 资源来管理存在于`git`存储库中的源控制资源。要使用`git`资源中的所有功能,需要使用`git 1.6.5(或更高版本)。
Use the git resource to manage source control resources that exist in a git repository. git version 1.6.5 (or higher) is required to use all of the functionality in the git resource.
homebrew_package
使用` homebrew_package `资源来管理 Mac OS X 平台的软件包。
Use the homebrew_package resource to manage packages for the Mac OS X platform.
http_request
利用 http_request 资源发送带有任意消息的 HTTP 请求(GET、PUT、POST、DELETE、HEAD 或 OPTIONS)。通常,当需要自定义回调时,该资源非常有用。
Use the http_request resource to send an HTTP request (GET, PUT, POST, DELETE, HEAD, or OPTIONS) with an arbitrary message. This resource is often useful when custom callbacks are necessary.
ips_package
在 Solaris 11 平台上,使用 ips_package 资源来管理软件包(使用映像打包系统 (IPS))。
Use the ips_package resource to manage packages (using Image Packaging System (IPS)) on the Solaris 11 platform.
Ksh
使用 ksh 资源来使用 Korn shell (ksh) 解释器执行脚本。该资源还可以使用 execute 资源中提供的任何操作和属性。
Use the ksh resource to execute scripts using the Korn shell (ksh) interpreter. This resource may also use any of the actions and properties that are available to the execute resource.
使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
Log
使用 log 资源来创建日志条目。日志资源的行为与任何其他资源一样:在编译阶段内置到资源集中,然后在执行阶段运行。(要创建未内置到资源集中的日志条目,请使用 Chef::Log 而不是日志资源)
Use the log resource to create log entries. The log resource behaves like any other resource: built into the resource collection during the compile phase, and then run during the execution phase. (To create a log entry that is not built into the resource collection, use Chef::Log instead of the log resource)
macports_package
使用 macports_package 资源来管理 Mac OS X 平台的软件包。
Use the macports_package resource to manage packages for the Mac OS X platform.
Mdadm
使用 mdadm 资源来使用 mdadm 实用程序在 Linux 环境中管理 RAID 设备。mdadm 提供程序将创建和汇编阵列,但不会创建用于在重启后保留阵列的配置文件。
Use the mdadm resource to manage RAID devices in a Linux environment using the mdadm utility. The mdadm provider will create and assemble an array, but it will not create the config file that is used to persist the array upon reboot.
如果需要配置文件,则必须通过指定带有正确阵列布局的模板,然后使用 mount 提供程序来创建文件系统表 (fstab) 条目。
If the config file is required, it must be done by specifying a template with the correct array layout, and then by using the mount provider to create a file systems table (fstab) entry.
Ohai
使用 ohai 资源来重新加载节点上的 Ohai 配置。这使得改变系统属性的配方(例如,添加用户的配方)能够在 chef-client 运行期间引用这些属性。
Use the ohai resource to reload the Ohai configuration on a node. This allows recipes that change system attributes (like a recipe that adds a user) to refer to those attributes later on during the chef-client run.
Package
使用 package 资源来管理软件包。当软件包是从本地文件(例如使用 RubyGems、dpkg 或 RPM Package Manager)安装时,必须使用 remote_file 或 cookbook_file 资源将文件添加到节点。
Use the package resource to manage packages. When the package is installed from a local file (such as with RubyGems, dpkg, or RPM Package Manager), the file must be added to the node using the remote_file or cookbook_file resources.
pacman_package
使用 pacman_package 资源来使用 pacman 在 Arch Linux 平台上管理软件包。
Use the pacman_package resource to manage packages (using pacman) on the Arch Linux platform.
powershell_script
使用 powershell_script 资源来使用 Windows PowerShell 解释器执行脚本,就像使用脚本和基于脚本来源(bash、csh、perl、python 和 ruby)一样。powershell_script 具体用于 Microsoft Windows 平台和 Windows PowerShell 解释器。
Use the powershell_script resource to execute a script using the Windows PowerShell interpreter, much like how the script and script-based resources—bash, csh, perl, python, and ruby—are used. The powershell_script is specific to the Microsoft Windows platform and the Windows PowerShell interpreter.
Python
使用 python 资源来使用 Python 解释器执行脚本。该资源还可以使用 execute 资源中提供的任何操作和属性。
Use the python resource to execute scripts using the Python interpreter. This resource may also use any of the actions and properties that are available to the execute resource.
使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
Reboot
使用 reboot 资源来重启节点,这是在某些平台上某些安装的必要步骤。该资源支持在 Microsoft Windows、Mac OS X 和 Linux 平台上使用。
Use the reboot resource to reboot a node, a necessary step with some installations on certain platforms. This resource is supported for use on the Microsoft Windows, Mac OS X, and Linux platforms.
registry_key
使用 registry_key 资源来在 Microsoft Windows 中创建和删除注册表项。
Use the registry_key resource to create and delete registry keys in Microsoft Windows.
remote_directory
使用 remote_directory 资源来增量地将目录从配方传输到节点。从配方中复制的目录应位于 COOKBOOK_NAME/files/default/REMOTE_DIRECTORY 下。
Use the remote_directory resource to incrementally transfer a directory from a cookbook to a node. The directory that is copied from the cookbook should be located under COOKBOOK_NAME/files/default/REMOTE_DIRECTORY.
remote_directory 资源将遵守文件规范性。
The remote_directory resource will obey file specificity.
remote_file
使用 remote_file 资源通过文件指定性从远程位置传输文件。此资源类似于 file 资源。
Use the remote_file resource to transfer a file from a remote location using file specificity. This resource is similar to the file resource.
Route
使用 route 资源管理 Linux 环境中的系统路由表。
Use the route resource to manage the system routing table in a Linux environment.
rpm_package
使用 rpm_package 资源管理 RPM 包管理器平台的包。
Use the rpm_package resource to manage packages for the RPM Package Manager platform.
Ruby
使用 ruby 资源使用 Ruby 解释器执行脚本。此资源还可使用 execute 资源中的任何操作和属性。
Use the ruby resource to execute scripts using the Ruby interpreter. This resource may also use any of the actions and properties that are available to the execute resource.
使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
ruby_block
使用 ruby_block 资源在 Chef-Client 运行期间执行 Ruby 代码。ruby_block 资源中的 Ruby 代码在收敛期间与其他资源一起进行评估,而 ruby_block 资源之外的 Ruby 代码在编译食谱时在其他资源之前进行评估。
Use the ruby_block resource to execute Ruby code during a Chef-Client run. Ruby code in the ruby_block resource is evaluated with other resources during convergence, whereas Ruby code outside of a ruby_block resource is evaluated before other resources, as the recipe is compiled.
Script
使用 script 资源使用指定的解释器(如 Bash、csh、Perl、Python 或 Ruby)执行脚本。此资源还可使用 execute 资源中的任何操作和属性。
Use the script resource to execute scripts using a specified interpreter, such as Bash, csh, Perl, Python, or Ruby. This resource may also use any of the actions and properties that are available to the execute resource.
使用此资源执行的命令(本质上)不是幂等的,因为它们通常是其运行环境中唯一的命令。使用`not_if`和`only_if`来保护此资源的幂等性。
Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence.
smart_os_package
使用 smartos_package 资源管理 SmartOS 平台的包。
Use the smartos_package resource to manage packages for the SmartOS platform.
solaris_package
solaris_package 资源用于管理 Solaris 平台的包。
The solaris_package resource is used to manage packages for the Solaris platform.
Subversion
使用 subversion 资源管理存在于 Subversion 存储库中的源代码控制资源。
Use the subversion resource to manage source control resources that exist in a Subversion repository.
Template
使用 template 资源通过将文件从 COOKBOOK_NAME/templates/ 的子目录传输到正在运行 Chef-Client 的主机上的指定路径,使用嵌入式 Ruby (ERB) 模板管理文件的内容。此资源包含来自 file 资源的操作和属性。由 template 资源管理的模板文件遵循与 remote_file 和 file 资源相同的 file 规范性规则。
Use the template resource to manage the contents of a file using an Embedded Ruby (ERB) template by transferring files from a sub-directory of COOKBOOK_NAME/templates/ to a specified path located on a host that is running the Chef-Client. This resource includes actions and properties from the file resource. Template files managed by the template resource follow the same file specificity rules as the remote_file and file resources.
User
使用 user 资源来添加用户、更新现有用户、删除用户以及锁定/解锁用户密码。
Use the user resource to add users, update existing users, remove users, and to lock/unlock user passwords.
windows_package
使用 windows_package 资源管理 Microsoft Windows 平台的 Microsoft 安装程序包 (MSI) 包。
Use the windows_package resource to manage Microsoft Installer Package (MSI) packages for the Microsoft Windows platform.
windows_service
使用 windows_service 资源管理 Microsoft Windows 平台上的服务。
Use the windows_service resource to manage a service on the Microsoft Windows platform.
yum_package
使用 yum_package 资源使用 Yum 为 Red Hat 和 CentOS 平台安装、升级和删除包。yum_package 资源能够解析包提供的数据,就像从命令行运行 Yum 时一样。这允许多种选项来安装包,如最小版本、虚拟提供和库名称。
Use the yum_package resource to install, upgrade, and remove packages with Yum for the Red Hat and CentOS platforms. The yum_package resource is able to resolve provides data for packages much like Yum can do when it is run from the command line. This allows a variety of options for installing packages, like minimum versions, virtual provides, and library names.