Proxy
centos + chef + vagrant的“網路無法訪問”
我正在嘗試編寫一個 Vagrantfile 來在 CentOS 6.4 映像上安裝 nginx。
在我的 Vagrantfile 中,我有(ip 已編輯):
config.vm.provision :shell, :inline => "echo \"export http_proxy=http://10.0.0.1:3128\; export https_proxy=https://10.0.0.1:3128\" >> /etc/profile" config.vm.provision :shell, :inline => "echo \"export HTTP_PROXY=http://10.0.0.1:3128\; export HTTPS_PROXY=https://10.0.0.1:3128\" >> /etc/profile" config.vm.provision :shell, :inline => "echo \"proxy=http://10.0.0.1:3128\" >> /etc/yum.conf" config.vm.provision "chef_solo" do |chef| chef.add_recipe "nginx" chef.json = { "http_proxy" => "http://10.0.0.1:3128", "https_proxy" => "https://10.0.0.1:3128", "nginx" => { "install_method" => "package" } } end
當我執行它時,一切都很順利,直到它嘗試執行 yum 並嘗試安裝 GPG 文件,當我收到錯誤消息時:
Bringing machine 'default' up with 'virtualbox' provider... [default] Importing base box 'Base-CentOS-6.4'... Progress: 10% Progress: 20% Progress: 40% Progress: 60% Progress: 80% Progress: 90% [default] Matching MAC address for NAT networking... [default] Setting the name of the VM... [default] Clearing any previously set forwarded ports... [default] Creating shared folders metadata... [default] Clearing any previously set network interfaces... [default] Preparing network interfaces based on configuration... [default] Forwarding ports... [default] -- 22 => 2222 (adapter 1) [default] Booting VM... [default] Waiting for VM to boot. This can take a few minutes. [default] VM booted and ready for use! [default] Mounting shared folders... [default] -- /vagrant [default] -- /tmp/vagrant-chef-1/chef-solo-1/cookbooks [default] Running provisioner: shell... [default] Running: inline script [default] Running provisioner: shell... [default] Running: inline script [default] Running provisioner: shell... [default] Running: inline script [default] Running provisioner: chef_solo... Generating chef JSON and uploading... Running chef-solo... [2013-08-22T01:24:00+00:00] INFO: Forking chef instance to converge... [2013-08-22T01:24:00+00:00] INFO: *** Chef 11.6.0 *** [2013-08-22T01:24:00+00:00] INFO: Setting the run_list to ["recipe[nginx]"] from JSON [2013-08-22T01:24:00+00:00] INFO: Run List is [recipe[nginx]] [2013-08-22T01:24:00+00:00] INFO: Run List expands to [nginx] [2013-08-22T01:24:00+00:00] INFO: Starting Chef Run for localhost [2013-08-22T01:24:00+00:00] INFO: Running start handlers [2013-08-22T01:24:00+00:00] INFO: Start handlers complete. [2013-08-22T01:24:01+00:00] INFO: ohai plugins will be at: /etc/chef/ohai_plugins [2013-08-22T01:24:01+00:00] INFO: remote_directory[/etc/chef/ohai_plugins] created directory /etc/chef/ohai_plugins [2013-08-22T01:24:01+00:00] INFO: remote_directory[/etc/chef/ohai_plugins] mode changed to 755 [2013-08-22T01:24:01+00:00] INFO: cookbook_file[/etc/chef/ohai_plugins/README] created file /etc/chef/ohai_plugins/README [2013-08-22T01:24:01+00:00] INFO: cookbook_file[/etc/chef/ohai_plugins/README] updated file contents /etc/chef/ohai_plugins/README [2013-08-22T01:24:01+00:00] INFO: cookbook_file[/etc/chef/ohai_plugins/README] mode changed to 644 [2013-08-22T01:24:01+00:00] INFO: ohai[custom_plugins] reloaded [2013-08-22T01:24:01+00:00] WARN: Cloning resource attributes for service[nginx] from prior resource (CHEF-3694) [2013-08-22T01:24:01+00:00] WARN: Previous service[nginx]: /tmp/vagrant-chef-1/chef-solo-1/cookbooks/nginx/recipes/default.rb:44:in `from_file' [2013-08-22T01:24:01+00:00] WARN: Current service[nginx]: /tmp/vagrant-chef-1/chef-solo-1/cookbooks/nginx/recipes/default.rb:51:in `from_file' [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] created file /etc/chef/ohai_plugins/nginx.rb [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] updated file contents /etc/chef/ohai_plugins/nginx.rb [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] owner changed to 0 [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] group changed to 0 [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] mode changed to 755 [2013-08-22T01:24:01+00:00] INFO: template[/etc/chef/ohai_plugins/nginx.rb] sending reload action to ohai[reload_nginx] (immediate) [2013-08-22T01:24:01+00:00] INFO: ohai[reload_nginx] reloaded [2013-08-22T01:24:01+00:00] INFO: Adding RPM-GPG-KEY-EPEL-6 GPG key to /etc/pki/rpm-gpg/ [2013-08-22T01:24:12+00:00] INFO: remote_file[/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6] created file /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 ================================================================================ Error executing action `create` on resource 'remote_file[/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6]' ================================================================================ Errno::ENETUNREACH ------------------ Network is unreachable - connect(2) Resource Declaration: --------------------- # In /tmp/vagrant-chef-1/chef-solo-1/cookbooks/yum/providers/key.rb 61: remote_file "/etc/pki/rpm-gpg/#{new_resource.key}" do 62: source new_resource.url 63: mode "0644" 64: notifies :run, "execute[import-rpm-gpg-key-#{new_resource.key}]", :immediately 65: end 66: end Compiled Resource: ------------------ # Declared in /tmp/vagrant-chef-1/chef-solo-1/cookbooks/yum/providers/key.rb:61:in `block in class_from_file' remote_file("/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6") do provider Chef::Provider::RemoteFile action "create" retries 0 retry_delay 2 path "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6" backup 5 atomic_update true source ["http://mirror.aarnet.edu.au/pub/epel/RPM-GPG-KEY-EPEL-6"] use_etag true use_last_modified true cookbook_name :yum mode "0644" end [2013-08-22T01:25:20+00:00] INFO: Running queued delayed notifications before re-raising exception [2013-08-22T01:25:20+00:00] ERROR: Running exception handlers [2013-08-22T01:25:20+00:00] ERROR: Exception handlers complete [2013-08-22T01:25:20+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out [2013-08-22T01:25:20+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1) Chef never successfully completed! Any errors should be visible in the output above. Please fix your recipes so that they properly complete. [Finished in 126.4s with exit code 127]
並且堆棧跟踪具有(加上堆棧跟踪):
[root@localhost ~]# cat /var/chef/cache/chef-stacktrace.out Generated at 2013-08-22 01:25:20 +0000 Errno::ENETUNREACH: remote_file[/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6] (/tmp/vagrant-chef-1/chef-solo-1/cookbooks/yum/providers/key.rb line 61) had an error: Errno::ENETUNREACH: Network is unreachable - connect(2)
當我 ssh 進入盒子時,檢查代理並嘗試捲曲密鑰,我沒有問題。
[drew@mymachine dev-environment]$ vagrant ssh Last login: Thu Aug 22 01:25:36 2013 from 10.0.0.2 Welcome to your Vagrant-built virtual machine. [vagrant@localhost ~]$ echo -e "$http_proxy"" - ""$https_proxy""\n""$HTTP_PROXY"" - ""$HTTPS_PROXY" http://10.0.0.1:3128 - https://10.0.0.1:3128 http://10.0.0.1:3128 - https://10.0.0.1:3128 [vagrant@localhost ~]$ curl "http://mirror.aarnet.edu.au/pub/epel/RPM-GPG-KEY-EPEL-6" -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQINBEvSKUIBEADLGnUj24ZVKW7liFN/JA5CgtzlNnKs7sBg7fVbNWryiE3URbn1 JXvrdwHtkKyY96/ifZ1Ld3lE2gOF61bGZ2CWwJNee76Sp9Z+isP8RQXbG5jwj/4B ... XtfLk0W5Ab9pd7tKDR6QHI7rgHXfCopRnZ2VVQ== =V/6I -----END PGP PUBLIC KEY BLOCK----- [vagrant@localhost ~]$
我也可以愉快地在盒子裡使用 yum 沒有任何問題。
我在公司網路中的代理伺服器後面,所以我想也許廚師沒有註意代理設置。我的問題是以前有沒有其他人經歷過這種情況,或者對在代理後面執行廚師有任何見解,他們正在獲得無法訪問的網路?
我在想如果我不能修復它,只需在廚師執行之前下載並安裝密鑰,但我想知道這裡是否發生了其他事情。
我認為 chef-solo 不支持代理配置。 http://docs.opscode.com/config_rb_solo.html
您可以嘗試創建另一個半空的廚師食譜,它將在“vagrant up”環境中獲取您的 http_proxy 變數。
就像是:
ENV['http_proxy'] = "http://10.0.0.1:3128" ENV['https_proxy'] = "https://10.0.0.1:3128"
然後將該配方添加到您的 vagrant 文件執行的第一步中:
chef.add_recipe '[my_http_recipe]'
希望這可以幫助
您需要直接在 chef 對像上設置屬性:
config.vm.provision :chef_solo do |chef| chef.http_proxy = $http_proxy chef.https_proxy = $https_proxy chef.no_proxy = $no_proxy
此外,我建議使用vagrant-proxyconf外掛,而不是手動呼叫 shell 腳本來設置環境變數。請注意,這不會傳播到 chef_solo,不要從上面的程式碼片段中刪除配置。
配置如下:
$http_proxy = "http://10.10.1.1:4128/" $https_proxy = "http://10.10.1.1:4128/" $no_proxy = "localhost,127.0.0.1,.ag.hermle.de" Vagrant.configure("2") do |config| config.proxy.http = $http_proxy config.proxy.https = $https_proxy config.proxy.no_proxy = $no_proxy
更新:可能 vagrant-proxyconf 將來會支持廚師代理配置,請參閱https://github.com/tmatilai/vagrant-proxyconf/issues/19。