chef · smackmybitsup · Oct 22, 2020 · kagarmoe · Feb 16, 2021 · kagarmoe
@@ -0,0 +1,67 @@
+# Restore Backup from Standalone Chef Infra Server to Automate2 Server with Embedded Infra server
+
+- the Postgre DB in this sample is embedded, but with tweaks, it will work with an external PostgreSQL server. 
+- The examples here use an Automate2 server created in Vagrant. This is an excellent way to rehearse and validate without affecting production systems.
+
+> Before you begin this phase: read blog post on `knife-ec-backup` and `knife-tidy` by Irving Popovetsky 
+> <https://blog.chef.io/migrating-chef-server-knife-ec-backup-knife-tidy/>
+> This information contains multiple additional options to help guide you for your situation.
+
+## Prepare your A2 Server
+
+The Vagrantfile makes an Ubuntu 18.04 Automate2 server with the hostname *learn-chef.auto* and connects it to a private network with the ip address 192.168.33.199. Add this to your local hosts file to allow connecting using a browser.
+
+1. Stage your folder from the `knife-ec-backup`
+
+    copy the folder created from running `knife ec backup` into the `vagrantA2` folder, the Vagrantfile specifies to sync contents in this directory to `/opt/a2-testing`
+
+1. Stand up test Automate Server using Vagrant
+
+    open a new shell, `cd vagrantA2; vagrant up` go get a ☕ as this will take a couple minutes.
+    once vagrant finishes, log in using `vagrant ssh`
+
+1. Install workstation on the Vagrant A2 Server
+
+    `wget https://packages.chef.io/files/stable/chef-workstation/20.9.158/ubuntu/18.04/chef-workstation_20.9.158-1_amd64.deb`
+    `sudo dpkg -i chef-workstation_20.9.158-1_amd64.deb`
+
+1. Install development tools and libpq-dev
+
+    `sudo apt-get install -y gcc libpq-dev`
+
+1. Install the `chef-ec-backup` gem
+
+    `chef gem install knife-ec-backup`
+
+
+## Prepare Automate2 to restore
+
+1. Use `knife-tidy` to Clean up your Backup Files (optional)
+
+1. Dry Run and Restore
+
+    `sudo /opt/chef-workstation/bin/knife ec restore /opt/a2-testing/<ec-backup directory>  -s https://learn-chef.auto --sql-db automate-cs-oc-erchef -u pivotal --webui-key /hab/svc/automate-cs-oc-erchef/data/webui_priv.pem -V --dry-run`
+
+    remove the `--dry-run` argument to actually perform the restore. 
+
+
+## Validate your Automate2
+
+1. Put a copy of your .chef folder from your workstation onto the Vagrant A2 server
+
+    > ⚠️ PLEASE be CAREFUL: understand that at this point your `knife.rb` to points to your current **Chef Infra server**. ⚠️
+
+1. Edit your `knife.rb`
+    change the `chef_server_url` to point to *learn-chef.auto*
+
+1. Get your "fake" certs
+
+    `/opt/chef-workstation/bin/knife ssl fetch`
+
+1. Validate your System and adjust as needed
+
+    - count the cookbooks, envirionments, data_bags etc on the A2 server and compare against what you have in production.
+
+## Make the Plan for the Actual Restore
+
+Vagrant makes it easy to rehearse and try things out before doing the actual work.
@@ -0,0 +1 @@
+{"dependencies":[["ffi",["~> 1.0"]],["virtualbox",["= 0.8.6"]]],"checksum":"5c3e0773332cab45602d3eab6020f28543fdc642499ff388cb3c6934a0239297","vagrant_version":"2.2.9"}
@@ -0,0 +1 @@
+1.5:c87b0710-3453-438d-96d1-2717fafe3297
@@ -0,0 +1 @@
+1603318297
@@ -0,0 +1 @@
+{"name":"bento/ubuntu-18.04","version":"202010.14.0","provider":"virtualbox","directory":"boxes/bento-VAGRANTSLASH-ubuntu-18.04/202010.14.0/virtualbox"}
@@ -0,0 +1 @@
+1000
@@ -0,0 +1 @@
+c87b0710-3453-438d-96d1-2717fafe3297
@@ -0,0 +1 @@
+2b4227aed8ea4238ab7545145b39df76
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA01YDg+hExjDAjPePOHWjfGAPa5KExtxU9q7MxFeCL4CR3hEi
+ZMXpEOATioJ6PIFGMHlQGOaDpgdW5G3vGgcqQHwSRfim8Loa6qDeyUDLftX5uXX4
+G/wdHLtpxfF+XJVh8Ae96akm4+BqK4tjuiAxoOZUAmGklzORyhQr8Zkh+TSbI1pA
+Zz7YfIHLQUosqEzb7WmWNDMYHyGbiQRFcNKkxupxZWKF7p5F6mkRzMy0Pge+zjLc
+QRK60bzc6LqGaNNWT5UF5bQrjLuBrYPItZimK0dhH/XJjqlf6zYKy5DRC4QG2RcT
+pZ3TXKMkxK1JcH6hY74iZc6/BiGXEQh7c4UDbQIDAQABAoIBAQDHm5o+YId02l9D
+xh9UKGh99Q0bgYw/d6QYSwnE+RJRY5JiuLRPkk6MTdinHo3tz/xHlI1+t1ro2k3L
++7m2T8YsmgN4a17iSCVcLw298KFD7z6rWS064Wlt1eYVu/6p275hRC6wH8BHw5ME
+BefvyLCXVHVMuoUG+wJcZ6kJzKU2Bi0PvC96PQvakI35p+PTGme5sixlNPCbDPIV
+9Qjq3172tiSnFqZLht5K4kDVcVP1UJs2RS2neXW077IiJiwZpGhmrLWcZYM3k1hR
+/qQ1009h1wJiJLRpCrCtC/v1sPu+VHqapuffqg2AWOCs1lAnvAsGnoMn13D68GTc
+iQBchHvRAoGBAPyY+rc9MGoNrdLKgkgnPkga8C8peB4hu8iad7f8wrtUE7PTMumB
+axWrstZnXYVAa7dsc2xxEp1nfsZYdAvb1kOIPFFzDPJgZ5qm+Al+0NDZ8ZpPItEX
+eLDwNJPdA3LmgmCYLCOiDQbtXpZuWOGsdHT5DoY9L29pnLWOvVtTXm8bAoGBANYu
+wQJhRiwIHKyKNf7T8ZlpyJFYLaTPmdA08Tyb6Z/O1C3TUWK/05R8tkhmbzo2WVez
+qosjdmyYdRSN5FInaeIuAbBCCZrjFQYN6Wc4iT8v2+vd6coBkxKznuo2NjbbtE7U
+E4oqbuoA1a6ONyuKnmszxiaHkTrKa3BaL5xwQ5gXAoGBALvzKDpH8Uo4O2po/F+r
+s4/7W1P8S0BAYXV2WjYwgMTaXn6jW3KbtY4+X6dg6hlIQd4NeCTsTamJZK85Cb/5
+J4jASgFg1fVS/kP4kP6fuchtInRrBcEG8erWEIklHnfURJaTI+Svo3nQDV1pZgEl
+TNHsr3368Ny5fL0rJIJbmhyZAoGAO79rJCjSlHHm3dLoYR/qo6s4wiLhCLrI46YB
+LbEoqOXflrD+YRe2BBQOHYBFwu1qWubJymqoHH8jGgrDCI/qH6hJ3Etvtn9mW/wB
+gkPpNXE6Xj/XefyadHsa96cL1J3RXLQYh1BzBGAbO8h8Z28R5kHZIuJqhwX0lrDx
+2ygOEx0CgYAQuYcTE3UOTi0wtTqf117cjpFq0EVEdsheA9hqnqAf3YKsrjoFk2B6
+XzJ3uxQfD/T93esmw0dl+xBNZDo1T9zAD0u1Pn13lPbiqbggTYFQ89gNDDUCNF1M
+gjI8nauraBGDPMoyaTSmk98Gavm4GVafiVCOoC2+Tb5KW629u+0aLA==
+-----END RSA PRIVATE KEY-----
@@ -0,0 +1 @@
+{"virtualbox":{"/opt/a2-testing":{"create":true,"guestpath":"/opt/a2-testing","hostpath":"/home/cprey/forChef/knife-ec-backup/a2example/vagrantA2","disabled":false,"__vagrantfile":true}}}
@@ -0,0 +1 @@
+/home/cprey/forChef/knife-ec-backup/a2example/vagrantA2
@@ -0,0 +1,9 @@
+# This file loads the proper rgloader/loader.rb file that comes packaged
+# with Vagrant so that encoded files can properly run with Vagrant.
+
+if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]
+  require File.expand_path(
+    "rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"])
+else
+  raise "Encoded files can't be read outside of the Vagrant installer."
-  raise "Encoded files can't be read outside of the Vagrant installer."
+  raise "The Vagrant installer can't read outside encrypted files"
-  raise "Encoded files can't be read outside of the Vagrant installer."
+  raise "The Vagrant installer can't read outside encrypted files"
+end
@@ -0,0 +1,48 @@
+$tokenscript = <<-SCRIPT
+cat > data-collector-token.toml <<EOF
+[auth_n.v1.sys.service]
+a1_data_collector_token = "KGN0YhXlXhQwhFxTnXLTPhfObKs="
+EOF
+./chef-automate config patch data-collector-token.toml
+SCRIPT
+
+$mlsascript = <<-SCRIPT
+  if [ "$RESPONSE" == "YES" ]
+  then
+    ARGS='--accept-terms-and-mlsa'
+  else
+    echo 'You must say YES to continue'
+    exit 1
+  fi
+  sudo ./chef-automate deploy --product automate --product chef-server $ARGS
+SCRIPT
+
+class MLSA
+    def to_s
+        print "I agree to the Terms of Service and the Master License and Services Agreement (YES/NO): \n"
+        STDIN.gets.chomp
+    end
+end
+
+Vagrant.configure(2) do |config|
+  config.vm.provider "virtualbox" do |v|
+    v.memory = 4096
+    v.cpus = 4
+  end
+
+  config.vm.box = "bento/ubuntu-18.04"
+  config.vm.synced_folder ".", "/opt/a2-testing", create: true
+  config.vm.hostname = 'learn-chef.auto'
+  config.vm.network :private_network, ip: "192.168.33.199"
+  config.vm.provision "shell", inline: "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y unzip"
+  config.vm.provision "shell", inline: "sysctl -w vm.max_map_count=262144"
+  config.vm.provision "shell", inline: "sysctl -w vm.dirty_expire_centisecs=20000"
+  config.vm.provision "shell", inline: "echo 192.168.33.199 learn-chef.automate | sudo tee -a /etc/hosts"
+  config.vm.provision "shell", inline: "curl -s https://packages.chef.io/files/current/automate/latest/chef-automate_linux_amd64.zip | gunzip - > chef-automate && chmod +x chef-automate"
+  config.vm.provision "shell", env: {"RESPONSE" => MLSA.new}, inline: $mlsascript
+  config.vm.provision "shell", inline: $tokenscript
+  config.vm.provision "shell", inline: "apt-get clean"
+  config.vm.provision "shell", inline: "echo 'Server is up. Create a hosts file and log in at https://learn-chef.auto/'"
+  config.vm.provision "shell", inline: "echo 'credentials are in the automate-credentials.toml file. log in using vagrant ssh'"
+
+end
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"dependencies":[["ffi",["~> 1.0"]],["virtualbox",["= 0.8.6"]]],"checksum":"5c3e0773332cab45602d3eab6020f28543fdc642499ff388cb3c6934a0239297","vagrant_version":"2.2.9"}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"name":"bento/ubuntu-18.04","version":"202010.14.0","provider":"virtualbox","directory":"boxes/bento-VAGRANTSLASH-ubuntu-18.04/202010.14.0/virtualbox"}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"virtualbox":{"/opt/a2-testing":{"create":true,"guestpath":"/opt/a2-testing","hostpath":"/home/cprey/forChef/knife-ec-backup/a2example/vagrantA2","disabled":false,"__vagrantfile":true}}}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		/home/cprey/forChef/knife-ec-backup/a2example/vagrantA2