4

I'm new to chef, and I'm trying to interprete the documentation. I've added the opscode postgresql recipe to my chef-solo environment. postgresql seems to install and launch just fine, but unfortunately I can't log in to the server, rendering it pretty much unusable.

The documentation mentions this:

The following node attribute is stored on the Chef Server when using chef-client. Because chef-solo does not connect to a server or save the node object at all, to have the password persist across chef-solo runs, you must specify them in the json_attribs file used. For Example:

{
  "postgresql": {
    "password": {
      "postgres": "iloverandompasswordsbutthiswilldo"
    }
  },
  "run_list": ["recipe[postgresql::server]"]
}

However, I don't know what "the json_attribs" file is. The recipe itself doesn't contain such a file, and I tried googling, with no results. I also tried creating such a file and sticking it in random spots in my directory structure, but of course that didn't work.

And by "didn't work", I mean that I brought vagrant up, ssh'ed in, and tried "psql -U postgres -W" and then entering the password I'd created... but always get an authentication error. Note also that I understand that the value I provide for the password (e.g. in place of "iloverandompasswordsbutthiswilldo" in the example above) is supposed to be an MD5 hash of the password, not plaintext, so that's what I'd provided.

Dave Taubler
  • 1,081
  • 3
  • 12
  • 25

1 Answers1

7

Since you are using Vagrant you should propably add something like the following to your Vagrantfile into the config.vm.provision :chef_solo do |chef| section (where one or more chef.add_recipe calls exists too):

config.vm.provision :chef_solo do |chef|
  # other stuff... like: chef.add_recipe "postgresql::server"
  chef.json = {
    "postgresql" => {
      "password" => {
        "postgres" => "iloverandompasswordsbutthiswilldo"
      }
    }
  }
end

The chef.json hash is the place where all your node specific attributes go and which is handed over to chef-solo during the provision run by Vagrant, see Vagrant doc for more information.

cmur2
  • 2,614
  • 1
  • 20
  • 23
  • Thanks, cmur2. I suspect that this is the right idea; however there is some disconnect. The syntax provided in the example causes errors when parsing the Vagrantfile. I think chef.json needs flat key/value pairs such as postgres => "1fa668c934b96d1c43fa1bffe6d4eec5", which of course wouldn't actually set the value for the postgres password. – Dave Taubler Mar 09 '13 at 16:00
  • I also tried the following, which didn't work either: chef.json = { :postgresql => { :password => { :postgres => "1fa668c934b96d1c43fa1bffe6d4eec5" } } } I think at this point the best option is just to install postgresql straight into the box itself, rather than using chef. – Dave Taubler Mar 09 '13 at 17:04
  • One more comment; I think overall you're correct, that this is the right approach. The syntax needs to be like that in my second comment, but it should go into the Vagrantfile within the config.vm.provision :chef_solo do |chef| section. I actually grabbed the opscode mysql recipe, which had the same sort of node attribute requirements as the postgresql recipe, and adding them as described above actually worked. So something just seems wonky with the postgresql recipe. Anyway, thanks again! – Dave Taubler Mar 10 '13 at 04:36
  • Jepp you seem correct, another user has problems too with only the postgresql cookbook (I used it some time ago, there it worked...): http://stackoverflow.com/questions/15324385/setting-postgresql-password-with-vagrant-chef-solo – cmur2 Mar 10 '13 at 19:41
  • I had the same problem my mysql and this solution works as well – Jason Jul 24 '13 at 15:15
  • Another thing to note is that, at least on my version of Debian, their command-line statement they provide to generate the hashed password value is not correct. The output of openssl does not have any spaces in it, and therefore the sed command does nothing. It is intended to add "md5" to the beginning of the md5. If you find that you are having to type your md5 in as your password, try prepending your password with "md5" in your node.json. You should then be able to log in with your non-hashed password. – Shannon Oct 09 '13 at 23:21