読者です 読者をやめる 読者になる 読者になる

Vagrant+ChefでMySQL+Ryby2環境構築

1. 前提

VirtualBoxのインストール
 https://www.virtualbox.org/wiki/Downloads
Vagrantのインストール
 http://www.vagrantup.com/downloads.html
Vagrantのインストール確認

$ vagrant -v
Vagrant 1.4.3

RubyバージョンとGem確認

$ ruby -v
ruby 2.0.0p247 (2013-06-27 revision 41674) [universal.x86_64-darwin13]
$ gem list | grep chef
chef (11.8.2)
$ gem list | grep knife
knife-solo (0.4.1)
$ gem list | grep berks
berkshelf (2.0.13)
2. セットアップ
$ knife solo init sandbox-chef-cookbooks 
$ cd sandbox-chef-cookbooks 
$ berks init
3. site-cookbooksの作成

・iptablesの設定をするcookbookeを作成する

$ knife cookbook create site_simple_iptables -o site-cookbooks/

・設定

$ vim site-cookbooks/site_simple_iptables/recipes/default.rb

-- default.rb
# Reject packets other than those explicitly allowed
simple_iptables_policy "INPUT" do
  policy "DROP"
end

# The following rules define a "system" chain; chains
# are used as a convenient way of grouping rules together,
# for logical organization.

# Allow all traffic on the loopback device
simple_iptables_rule "system" do
  rule "--in-interface lo"
  jump "ACCEPT"
end

# Allow any established connections to continue, even
# if they would be in violation of other rules.
simple_iptables_rule "system" do
  rule "-m conntrack --ctstate ESTABLISHED,RELATED"
  jump "ACCEPT"
end

# Allow SSH
simple_iptables_rule "system" do
  rule "--proto tcp --dport 22"
  jump "ACCEPT"
end

# Allow HTTP, HTTPS
simple_iptables_rule "http" do
  rule [ "--proto tcp --dport 80",
         "--proto tcp --dport 443" ]
  jump "ACCEPT"
end

# Allow MySQL
simple_iptables_rule "mysql" do
  rule "--proto tcp --dport 3306"
  jump "ACCEPT"
end

# Allow Rails
simple_iptables_rule "mysql" do
  rule "--proto tcp --dport 3000"
  jump "ACCEPT"
end
4. Berksfile

サードパーティのcookbook(iptable + Ruby + MySQL)を使う設定を追加する

$ vim Berksfile

site :opscode
cookbook 'simple_iptables', git:"git://github.com/dcrosta/cookbook-simple-iptables.git"
cookbook 'site_simple_iptables', path: './site-cookbooks/site_simple_iptables'
cookbook 'ruby_build'
cookbook 'rbenv', github: "fnichol/chef-rbenv"
cookbook 'mysql'

・iptable設定のcookboosとサードパーティのcookbookをインストール

$ berks install --path cookbooks
5. Vagrantfile

mysqlパスワード、rubyバージョンの設定

    chef.json = {
        :mysql => {
            :server_root_password => 'rootpass',
            :server_debian_password => 'debpass',
            :server_repl_password => 'replpass'
        },
        :rbenv => {
            :user_installs => [{
                                   :user => "vagrant",
                                   :rubies => ["2.0.0-p353"],
                                   :global => "2.0.0-p353",
                                   :gems => {
                                       "2.0.0-p353" => [
                                           {:name => "bundler"}
                                       ]
                                   }
                               }]
        }
    }

vagrantの起動

$ vagrant up