Apr 15, 2017

Working with multiple Chef Orgs and persisting Amazons EC2 access across multiple knife.rb files.


So, I've been doing something for so long, I didn't even realize it.

The way knife looks for configuration is by looking for .chef folder from your current location, and then recursively going down.

Setting up .chef folder

So, I've created my .chef folder in  ~/     (c:\chef on windows).

Next, you cd .chef and  git init it - no remote, just a local repo.
You can't have completely empty git repo, so touch a file and do an initial commit on master.
Now, make a branch (git checkout -b my_org_06) with some coherent naming convention.
Now, grab your starter kit or just make files by hand.
git add . ; git commit -m 'my keys before I accidentally re-downloaded the starter kit'
Done, Next

Setting up second .chef folder

When you need keys for another org or another chef server:
git checkout master
Now, make a branch (git checkout -b my_org_06) with some coherent naming convention.
Now, grab your starter kit or just make files by hand.
git add . ; git commit -m 'my keys before I accidentally re-downloaded the starter kit'

Setting up knife to work with AWS

simply add the following to knife.rb:
knife[:aws_access_key_id] = env['AWS_ACCESS_KEY']
knife[:aws_secret_access_key] = env['AWS_SECRET_KEY']

wait what? hold on...

Setting up AWS command line tools

add the following with your keys to your bash / zsh / emacs / etc.. 
export AWS_ACCESS_KEY='DFJKLWEISKDJFKLSDFJK'
export AWS_SECRET_KEY='ec/d8HwiDkwork802idvnwl9f/e9KEoos09kxlwd'
export AWS_CREDENTIAL_FILE='/Users/alexvinyar/supersecretlocation/alexv.pem'
export JAVA_HOME=$(/usr/libexec/java_home)

Now your knife ec2 and your ec2-* commands will work from anywhere.

Setting up project

On pretty rare occasions you may need to have .chef inside the repo for whatever reason.
simlink .chef into your cookbook or project, and now it's as if it was local.

ln -s ~/.chef .chef