厨师powershell功能
Chef powershell function
我对 Chef 和 Powershell 还很陌生,所以我希望这是有道理的。我需要将服务器(Chef 节点)添加到域中,而 Powershell 似乎是可行的方法。我找到了一个函数,我稍微修改了一下,这样我就可以以幂等的方式做到这一点。
我的问题是我不确定如何将其放入厨师食谱中。
我环顾四周但运气不佳,我找到的大多数 Chef 示例都非常简单(安装 IIS 或 tomcat 类型)食谱。我在此处包括了我要尝试创建的 "recipe":
#
# set this up for reboot should we join domain successfully
#
windows_reboot 5 do
reason 'Reboot after joining AD'
action :nothing
end
#
# import mixin powershellout here
# also, make sure that Powershell cookbook is on active runlist for node
#
::Chef::Recipe.send(:include, Chef::Mixin::PowershellOut)
powershell_script "addToDomain" do
########################################################################################
# put the powershell script in here between the ruby heredoc string thingies
# ref: http://www.ruby-doc.org/docs/ruby-doc-bundle/Manual/man-1.4/syntax.html#here_doc
#
script =<<-'EOF'
$exitVal=0;
function addComputer { param([string]$username, [string]$password, [string]$domain)
try {
if ((gwmi win32_computersystem).partofdomain -eq $true) {
# arguably here, I would check if it is the RIGHT domain... next rev...
$oldDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$domainName = $oldDomain.name
if($domain -eq $oldDomain)
{
$message = \"The system is joined to the domain\";
$exitVal=2;
}
else
{
Remove-Computer -UnjoinDomainCredential (New-Object System.Management.Automation.PSCredential ($username, (ConvertTo-SecureString $password -AsPlainText -Force))) -Force -PassThru -verbose
$message = \"computer leaved domain\";
$exitVal=4;
}
}
else {
add-computer -domain $domain -credential (New-Object System.Management.Automation.PSCredential ($username, (ConvertTo-SecureString $password -AsPlainText -Force))) -passthru -verbose
$message = \"computer joined to domain\";
$exitVal=3;
}
}
catch
{
$message = \"Join Error - \";
$message += $_;
$exitVal=1;
}
write-host $message;
exit $exitVal;
}
# this next line uses ruby
addComputer #{node['ad']['user']} #{node['ad']['pwd']} #{node['ad']['domain']}
EOF
########################################################################################
#
#
result = powershell_out(script)
Chef::Log.debug("powershell exit #{result.exitstatus}")
Chef::Log.debug("powershell error #{result.stderr}")
Chef::Log.debug("powershell stdout #{result.stdout}")
# same as shell_out
if result.exitstatus == 2
Chef::Log.debug("Already part of domain: #{result.stdout}")
elsif result.exitstatus == 3 or result.exitstatus == 4
Chef::Log.debug("Joined domain: #{result.stdout}")
# reboot if joining or leaving domain
notifies :request, 'windows_reboot[5]', :delayed
else
Chef::Log.error("Domain join fail: #{result.stdout}")
# any other actions here? maybe flag the node?
end
end
在我看来,您的 Powershell 方法并不是实现此目的的最简单方法。有一些食谱可以为您做这件事——看看 window_ad cookbook,在我看来它会做您想做的事。请注意,您需要使用其中的 LWRP 部分,而不是默认配方。
我对 Chef 和 Powershell 还很陌生,所以我希望这是有道理的。我需要将服务器(Chef 节点)添加到域中,而 Powershell 似乎是可行的方法。我找到了一个函数,我稍微修改了一下,这样我就可以以幂等的方式做到这一点。
我的问题是我不确定如何将其放入厨师食谱中。
我环顾四周但运气不佳,我找到的大多数 Chef 示例都非常简单(安装 IIS 或 tomcat 类型)食谱。我在此处包括了我要尝试创建的 "recipe":
#
# set this up for reboot should we join domain successfully
#
windows_reboot 5 do
reason 'Reboot after joining AD'
action :nothing
end
#
# import mixin powershellout here
# also, make sure that Powershell cookbook is on active runlist for node
#
::Chef::Recipe.send(:include, Chef::Mixin::PowershellOut)
powershell_script "addToDomain" do
########################################################################################
# put the powershell script in here between the ruby heredoc string thingies
# ref: http://www.ruby-doc.org/docs/ruby-doc-bundle/Manual/man-1.4/syntax.html#here_doc
#
script =<<-'EOF'
$exitVal=0;
function addComputer { param([string]$username, [string]$password, [string]$domain)
try {
if ((gwmi win32_computersystem).partofdomain -eq $true) {
# arguably here, I would check if it is the RIGHT domain... next rev...
$oldDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$domainName = $oldDomain.name
if($domain -eq $oldDomain)
{
$message = \"The system is joined to the domain\";
$exitVal=2;
}
else
{
Remove-Computer -UnjoinDomainCredential (New-Object System.Management.Automation.PSCredential ($username, (ConvertTo-SecureString $password -AsPlainText -Force))) -Force -PassThru -verbose
$message = \"computer leaved domain\";
$exitVal=4;
}
}
else {
add-computer -domain $domain -credential (New-Object System.Management.Automation.PSCredential ($username, (ConvertTo-SecureString $password -AsPlainText -Force))) -passthru -verbose
$message = \"computer joined to domain\";
$exitVal=3;
}
}
catch
{
$message = \"Join Error - \";
$message += $_;
$exitVal=1;
}
write-host $message;
exit $exitVal;
}
# this next line uses ruby
addComputer #{node['ad']['user']} #{node['ad']['pwd']} #{node['ad']['domain']}
EOF
########################################################################################
#
#
result = powershell_out(script)
Chef::Log.debug("powershell exit #{result.exitstatus}")
Chef::Log.debug("powershell error #{result.stderr}")
Chef::Log.debug("powershell stdout #{result.stdout}")
# same as shell_out
if result.exitstatus == 2
Chef::Log.debug("Already part of domain: #{result.stdout}")
elsif result.exitstatus == 3 or result.exitstatus == 4
Chef::Log.debug("Joined domain: #{result.stdout}")
# reboot if joining or leaving domain
notifies :request, 'windows_reboot[5]', :delayed
else
Chef::Log.error("Domain join fail: #{result.stdout}")
# any other actions here? maybe flag the node?
end
end
在我看来,您的 Powershell 方法并不是实现此目的的最简单方法。有一些食谱可以为您做这件事——看看 window_ad cookbook,在我看来它会做您想做的事。请注意,您需要使用其中的 LWRP 部分,而不是默认配方。