-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chef Server Migration Page #6874
Merged
vinay033
merged 12 commits into
feature/infra_user_management
from
dt_document-on-knife-ec-backup
Apr 12, 2022
Merged
Changes from 2 commits
Commits
Show all changes
12 commits
Select commit
Hold shift + click to select a range
b3ae135
chefserver migation page created
dishanktiwari2501 2ceb3f8
chnges to the migration section
dishanktiwari2501 22907ae
fixes
dishanktiwari2501 35cb60b
updated the doc
dishanktiwari2501 5c19c64
updated the doc
dishanktiwari2501 31d173e
Merge branch 'main' into dt_document-on-knife-ec-backup
dishanktiwari2501 7225fe7
chefserver migation page created
dishanktiwari2501 71789f5
chnges to the migration section
dishanktiwari2501 a78a2a2
fixes
dishanktiwari2501 279af0b
updated the doc
dishanktiwari2501 7f9b53a
updated the doc
dishanktiwari2501 7c0cc94
Merge branch 'dt_document-on-knife-ec-backup' of github.com:chef/autoβ¦
dishanktiwari2501 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
159 changes: 159 additions & 0 deletions
159
components/docs-chef-io/content/automate/chef-server-migration.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,159 @@ | ||
+++ | ||
title = "Chef Sever Migration" | ||
|
||
draft = false | ||
|
||
gh_repo = "automate" | ||
[menu] | ||
[menu.automate] | ||
title = "Chef Sever Migration" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same here |
||
parent = "automate/infrastructure" | ||
identifier = "automate/infrastructure/chef-server-migration.md Chef Server Migration" | ||
weight = 40 | ||
+++ | ||
|
||
## Knife EC Backup | ||
|
||
*knife-ec-backup* is the command to take backup of Chef Server/Backend during Chef Server Migration. *knife-ec-backup* can backup and restore the data in a Chef Infra Server installation and preserves the data in an intermediate and editable text mode. It is similar to the `knife download` and `knife upload` commands and uses the same underlying libraries, but also includes workarounds for objects not yet supported by those tools and various Infra Server API deficiencies. | ||
|
||
### Prerequisites | ||
|
||
* Chef Infra Client 11.8 and above. | ||
|
||
### Installation | ||
|
||
#### Chef Infra Server (Recommended) | ||
|
||
This gem is installed with Chef Infra Server 12 and later and the sub-commands are available with embedded copy of `knife`. Refer to the command shown below: | ||
|
||
```cmd | ||
sudo /opt/opscode/bin/knife ec backup ~/chef-server-backup-directory | ||
``` | ||
|
||
If you need a newer version of `knife-ec-backup` you can install it using the embedded `gem` command as shown below: | ||
|
||
```cmd | ||
/opt/opscode/embedded/bin/gem install knife-ec-backup --no-doc | ||
``` | ||
|
||
#### Chef WorkStation Install (Unsupported) | ||
|
||
On systems other than the Chef Infra Server, installation of the `gem` is not tested or supported. However, if you attempt to do so you will need the PostgreSQL libraries installed. | ||
|
||
For example, on macOS: | ||
|
||
```cmd | ||
brew install libpq | ||
gem install knife-ec-backup -- --with-pg-config=/usr/local/Cellar/libpq/9.2/bin/pg_config | ||
``` | ||
|
||
The current location of `pg_config` can be determined with brew info `libpq`. | ||
|
||
### Run the `knife-ec-backup` Command | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The netlify preview does not show any content from this line |
||
|
||
The `knife-ec-backup` command can run remotely and locally. To run the command remotely, provide the PostgreSQL and expose the port to access the remote machine. | ||
|
||
The above process wonβt work for the **Manage EOL Migration** as you need the detailed database for it. | ||
|
||
For example: `/opt/opscode/bin/knife ec backup --server-url https://ec2-18-117-112-129.us-east-2.compute.amazonaws.com ./backup/ --with-user-sql --with-key-sql -c /etc/opscode/pivotal.rb` | ||
|
||
### Output of the Command | ||
|
||
The command takes the backup of the CS in the allotted folder. The folder structure is: Here is the folder structure: `drwxr-xr-x 5 root root 4096 Dec 28 14:26`. | ||
|
||
* drwxr-xr-x 6 ubuntu ubuntu 4096 Dec 28 15:54 .. | ||
* -rw-r--r-- 1 root root 10642 Dec 28 14:26 key_dump.json | ||
* -rw-r--r-- 1 root root 19423 Dec 28 14:26 key_table_dump.json | ||
* drwxr-xr-x 10 root root 4096 Dec 28 14:26 organizations | ||
* drwxr-xr-x 2 root root 4096 Dec 28 14:26 user_acls | ||
* drwxr-xr-x 2 root root 4096 Dec 28 14:26 users | ||
|
||
### Data Usage in EOL Migrations | ||
|
||
In this section, we will discuss about the the usage of data in EOL migration. Automate strictly needs to comress and upload the directory to achieve the following steps: | ||
|
||
* Get the list of all organizations. | ||
* Read through organizations folder. | ||
* Every folder is named for every organization and has information for the `org root@ec2-18-117-112-129:/home/ubuntu/backup# ls organizations/admin-org demoorg empty-org new_demoorg not-admin-org test-org test-org-new testo` | ||
* Read through `org.json` in each of the folder. It has details of the organization as shown below: | ||
|
||
```cmd | ||
{ | ||
"name": "demoorg", | ||
"full_name": "Edit Demo Org", | ||
"guid": "a7a8d58509e87644fe2d5d3cfe934149" | ||
} | ||
``` | ||
|
||
* Automate can add the organization details from the above mentioned files. | ||
|
||
* Get the list and details of all the users in a server. You can get it from the `key_dump.json` file. The list of details are as follows: | ||
|
||
* Username | ||
* First Name | ||
* Last Name | ||
* Middle Name | ||
* Ldap User Name | ||
* Hashed Password | ||
|
||
Refer to the code given below | ||
|
||
```script | ||
{ | ||
"id": "00000000000018192ac9b81d31e2130f", | ||
"authz_id": "d2ace138fbb7fba13ee42fc4f87259db", | ||
"username": "kallol", | ||
"email": "kallol.roy@progress.com", | ||
"pubkey_version": 0, | ||
"public_key": "this_is_not_a_key", | ||
"serialized_object": "{\"display_name\":\"Kallol Roy\",\"first_name\":\"Kallol\",\"last_name\":\"Roy\",\"middle_name\":\"\"}", | ||
"last_updated_by": "d2ace138fbb7fba13ee42fc4f87259db", | ||
"created_at": "2021-06-12 04:57:21 +0000", | ||
"updated_at": "2021-07-15 09:49:04 +0000", | ||
"external_authentication_uid": null, | ||
"recovery_authentication_enabled": false, | ||
"admin": false, | ||
"hashed_password": "$2a$12$YKLkbaY5M5kwSbj7/riTRuinRvPDOsKFL4hlObH2dccjFEZO3gx8e", | ||
"salt": "$2a$12$YKLkbaY5M5kwSbj7/riTRu", | ||
"hash_type": "bcrypt" | ||
} | ||
``` | ||
|
||
* Get all the members of an organization by following the steps below: | ||
* Getting list of users in an organization. | ||
* Read through organizations folder **C**. Every folder is an organization. | ||
* Read **members.json** in the code below: | ||
|
||
```json | ||
[{ | ||
"user": { | ||
"username": "kallol" | ||
} | ||
|
||
}, { | ||
"user": { | ||
"username": "new_user" | ||
} | ||
}, { | ||
"user": { | ||
"username": "test-new-user" | ||
} | ||
}] | ||
``` | ||
The above two maps can be used as an organization in Automate. | ||
|
||
* To get the admins of an organization, follow the steps below: | ||
* Read through organizations folder. | ||
* Every folder is an organization. | ||
* Read `groups/admins.json` as shown below: | ||
|
||
```json | ||
{ | ||
"name": "admins", | ||
"users": [ | ||
"kallol", | ||
"pivotal" | ||
] | ||
} | ||
``` |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can title it as