Wednesday, May 17, 2017

chef: bootstrap windows servers.

NonCloud Machines

Prerequisites

  1.  If the user is not administrator then grant it root access. Execute 

cmd> reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system /v EnableLUA /t REG_DWORD  /d 0 /f
cmd> shutdown -r

      2.   Allow winrm to execute commands remotely. Execute 

CALL winrm quickconfig -q
CALL winrm set winrm/config/winrs @{MaxMemoryPerShellMB="1024"}
CALL winrm set winrm/config @{MaxTimeoutms="1800000"}
CALL winrm set winrm/config/service @{AllowUnencrypted="true"}
CALL winrm set winrm/config/service/auth @{Basic="true"}
CALL netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
CALL netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow
CALL net stop winrm
CALL net start winrm

Bootstrap standalone machine



         cmd>  knife bootstrap windows winrm someserver.somedomain.com -x 'somedomain\someuser' -P somePass -E tron-v2_stage -r 'recipe[somecookbook]'


AWS machine

  1. Add below content to cloud formation "User Data": 

"UserData": { "Fn::Base64": { "Fn::Join": ["", [ "<script>","\n", "netsh advfirewall set allprofiles state off","\n", "REM Executing winrm commands","\n", "CALL winrm quickconfig -q","\n", "CALL winrm set winrm/config/winrs @{MaxMemoryPerShellMB=\"300\"}","\n", "CALL winrm set winrm/config @{MaxTimeoutms=\"1800000\"}","\n", "CALL winrm set winrm/config/service @{AllowUnencrypted=\"true\"}","\n", "CALL winrm set winrm/config/service/auth @{Basic=\"true\"}","\n", "CALL net stop winrm","\n", "CALL net start winrm","\n", "REM Chef 11 install","\n", "powershell curl -OutFile 'C:/chef-client.msi' https://opscode-omnibus-packages.s3.amazonaws.com/windows/2008r2/x86_64/chef-client-12.18.12-1.msi","\n", "msiexec.exe /passive /i C:\\chef-client.msi","\n", "set PATH=%PATH%;C:\\opscode\\chef\\embedded\\bin;C:\\opscode\\chef\\bin","\n", "powershell curl -OutFile 'C:/awscli.msi' https://s3.amazonaws.com/aws-cli/AWSCLI64.msi","\n", "msiexec.exe /passive /i C:\\awscli.msi","\n", "set PATH=%PATH%;C:\\Program Files\\Amazon\\AWSCLI\\","\n", "CALL aws s3 cp s3://somebucket//validator.pem C:\\chef\\validation.pem","\n", "CALL aws s3 cp s3://somebucket//client.rb C:\\chef\\client.rb","\n", "chef-client -S https://chefserver.domain.com/organizations/someorg -E some_env -r 'recipe[somecookbook]'","\n", "</script>","\n" ]] } }
Above has formatting issues, so use below for reference. 
Posted by at 1 comment:
Subscribe to: Posts (Atom)