OpenLDAPのレシピを手動作成

GitにあるOpenLDAPのレシピはCentOSで未サポートのパッケージ（ldap-utils）を前提にしていたため、自分でレシピを作成する。

# knife cookbook create -o /root/cookbooks myopenldap
** Creating cookbook myopenldap in /root/cookbooks
** Creating README for cookbook: myopenldap
** Creating CHANGELOG for cookbook: myopenldap
** Creating metadata for cookbook: myopenldap

# cd myopenldap
# cat << EOF >> metadata.rb
>
> recipe "myopenldap::client", "installs and configures openldap-clients"
> recipe "myopenldap::server", "installs and configures openldap-servers"
> EOF

# cat << EOF >> recipes/client.rb
>
> package "openldap-clients" do
>   action :install
> end
> EOF

# cat << EOF >> recipes/server.rb
>
> package "openldap-servers" do
>   action :install
> end
>
> template "/etc/openldap/slapd.conf" do
>   source "slapd.conf.erb"
>   action :create
> end
>
> service "slapd" do
>   service_name "ldap"
>   action [:enable, :start]
> end
> EOF

# cp /etc/openldap/slapd.conf templates/default/slapd.conf.erb
# cd /root/cookbooks
# knife cookbook upload -o . myopenldap
Uploading myopenldap   [0.1.0]
Uploaded 1 cookbook.

# cd /root
# chef-client -o myopenldap::client,myopenldap::server
[2014-12-24T08:04:05-08:00] INFO: Forking chef instance to converge...
Starting Chef Client, version 12.0.3
[2014-12-24T08:04:05-08:00] INFO: *** Chef 12.0.3 ***
[2014-12-24T08:04:05-08:00] INFO: Chef-client pid: 35530
[2014-12-24T08:04:07-08:00] WARN: Run List override has been provided.
[2014-12-24T08:04:07-08:00] WARN: Original Run List: []
[2014-12-24T08:04:07-08:00] WARN: Overridden Run List: [recipe[myopenldap::server]]
[2014-12-24T08:04:07-08:00] INFO: Run List is [recipe[myopenldap::server]]
[2014-12-24T08:04:07-08:00] INFO: Run List expands to [myopenldap::server]
[2014-12-24T08:04:07-08:00] INFO: Starting Chef Run for goodjob
[2014-12-24T08:04:07-08:00] INFO: Running start handlers
[2014-12-24T08:04:07-08:00] INFO: Start handlers complete.
resolving cookbooks for run list: ["myopenldap::server"]
[2014-12-24T08:04:07-08:00] INFO: Loading cookbooks [myopenldap@0.1.0]
[2014-12-24T08:04:07-08:00] INFO: Skipping removal of obsoleted cookbooks from the cache
Synchronizing Cookbooks:
[2014-12-24T08:04:07-08:00] INFO: Storing updated cookbooks/myopenldap/recipes/server.rb in the cache.
  - myopenldap
Compiling Cookbooks...
Converging 5 resources
Recipe: myopenldap::server
  * yum_package[openldap-servers] action install[2014-12-24T08:04:07-08:00] INFO: Processing yum_package[openldap-servers] action install (myopenldap::server line 1)
 (up to date)
  * script[clear_bdb] action run[2014-12-24T08:04:12-08:00] INFO: Processing script[clear_bdb] action run (myopenldap::server line 5)
[2014-12-24T08:04:12-08:00] INFO: script[clear_bdb] ran successfully
    - execute "bash"  "/tmp/chef-script20141224-35530-1439doi"
  * execute[slapd-config-convert] action nothing[2014-12-24T08:04:12-08:00] INFO: Processing execute[slapd-config-convert] action nothing (myopenldap::server line 15)
 (skipped due to action :nothing)
  * template[/etc/openldap/slapd.conf] action create[2014-12-24T08:04:12-08:00] INFO: Processing template[/etc/openldap/slapd.conf] action create (myopenldap::server line 22)
 (up to date)
  * service[slapd] action enable[2014-12-24T08:04:12-08:00] INFO: Processing service[slapd] action enable (myopenldap::server line 32)
 (up to date)
  * service[slapd] action start[2014-12-24T08:04:12-08:00] INFO: Processing service[slapd] action start (myopenldap::server line 32)
[2014-12-24T08:04:12-08:00] INFO: service[slapd] started
    - start service service[slapd]
[2014-12-24T08:04:12-08:00] WARN: Skipping final node save because override_runlist was given
[2014-12-24T08:04:12-08:00] INFO: Chef Run complete in 5.431650406 seconds
[2014-12-24T08:04:12-08:00] INFO: Skipping removal of unused files from the cache
Running handlers:
[2014-12-24T08:04:12-08:00] INFO: Running report handlers
Running handlers complete
[2014-12-24T08:04:12-08:00] INFO: Report handlers complete
Chef Client finished, 2/5 resources updated in 6.938933079 seconds
[2014-12-24T08:04:12-08:00] INFO: Sending resource update report (run-id: dfde635e-7a7d-46dc-890c-c48462250c61)

# service slapd status
slapd (pid  9406) を実行中...

＜補足＞
# chef-client -o myopenldap::client,myopenldap::server

・myopenldap/recipes配下のclient.rb、server.rbを実行する。
・client.rbでは以下だけなので、yum install -y openldap-clientsと同義。
　package "openldap-clients" do
  　action :install
　end
・server.rbでは以下を実行。
①yum install -y openldap-serversと同義。
package "openldap-servers" do
  action :install
end

②slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d/を行い、service slapd startを実行。
execute "slapd-config-convert" do
  command "slaptest -f #{node['openldap']['dir']}/slapd.conf -F #{node['openldap']['dir']}/slapd.d/"
  user "ldap"
  action :nothing
  notifies :start, "service[slapd]", :immediately
end

③/etc/openldap/slapd.confについて、template/default/slapd.conf.erbを元に作成。オーナはldap;ldap、0640の権限で、service slapd stopしてslapd-config-convertを実行。
template "#{node['openldap']['dir']}/slapd.conf" do
  source "slapd.conf.erb"
  action :create
  mode 00640
  owner "ldap"
  group "ldap"
  notifies :stop, "service[slapd]", :immediately
  notifies :run, "execute[slapd-config-convert]"
end

④service slapdではenable、startを定義。
service "slapd" do
  action [:enable, :start]
end