Creating users from data bags
When managing a set of servers, it's important to make sure that the right people (and only they) have access. You definitely don't want a shared account whose password is known by everyone. You don't want to hardcode any users into your recipes either, because you want to separate logic and data.
Chef helps you to manage users on your nodes using data bags for your users and let a recipe create and remove the users, accordingly.
Let's take a look at how you can do that.
Getting ready
Make sure the you have a cookbook named my_cookbook
and that the run_list
of your node includes my_cookbook
, as described in the Creating and using cookbooks section in Chapter 1, Chef Infrastructure.
Create Berksfile
in your Chef repository which includes my_cookbook
:
mma@laptop:~/chef-repo $ subl Berksfile
source 'https://supermarket.chef.io' cookbook 'my_cookbook', path: './cookbooks/my_cookbook'
Make sure that you have a public SSH key available for your user by following the instructions...