offline network installation of the chef-vault gem

[username-is-already-taken2]

Hi there

I'm using chef-vault and I love it, it does just what I need, the issue I'm struggling with is getting the gem installed in the first place. ( 👍 for getting it in the chef-client )

My two challenges are

• Getting the Gem installed (ideally at the compile stage) so its available for the converge stage.
• Getting chef_gem to not reinstall the gem on every client run.

Getting the Gem installed
If the machine has access to rubygems then installation is a breeze if not it hangs the chef run whilst waiting for a time out (10mins) and I've struggling to try and write a guard that could check if the gem has installed.

I tried using chef_gem to install but I couldn't seem to manipulate the sources url to pull the file from a http endpoint. So I went with using cookbook_file to stage the file locally but I run in to the problem where I can't use a notify within chef_gem to get the file locally on the machine before the converge stage?

Reinstall gem on each client run
I don't know if it’s because it’s an offline installation using a local gem file or the fact that the server has never been to rubygems but whenever I rerun the chef-client (v12.18.31) it reinstalls the gem again. (this installation seems to take 5mins)

I wondered if anyone else was using chef-vault in an offline network? if so how are you installing the gem successfully before your chef-vault recipes?

TIA

[kamaradclimber]

hello @username-is-already-taken2,

thanks for having taken time to describe your issue.

From what I read, there seems to have multiple issues there:

• your environment depends on rubygems but has not always access to it.
  Have you setup a rubygem proxy/cache (using nexus or artifactory for instance)? This could help to mitigate "internet access" issue.
• chef_gem hanging when rubygem is not accessible even though the gem is installed.
  The best course of action would probably be to file an issue in https://github.com/chef/chef repository. Don't forget to describe exactly how you write your chef_gem resource.
• reinstallation at each run. It might also be a bug in chef_gem resource, I would also file an issue on chef/chef with all possible information.

Also you might want to try chef-vault cookbook that install the gem for you (using one of the latest feature from chef-client, writing gem 'chef-vault' in metadata.rb)

Does that sound ok to you?

[username-is-already-taken2]

Thanks for coming back to me, I didn't get any further with trying to get it installed locally from the filesystem I couldn't workout a way to get the file on the filesystem to have it install at compile time ( before chef-vault attempts to install it because its not present)

in the end I've opted with hosting a rubygem proxy/cache, for anyone else in a similar position checkout @kamaradclimber suggestions, personally I've gone with gem in a box , it can proxy to rubygems if required, personally I just went with hosting the chef-vault gem and pointed my resource at it i.e.

chef_gem 'chef-vault' do
  clear_sources
  include_default_source false
  source 'http://host-running-gem-in-a-box'
  compile_time true
end  

Hope it helps

Best Regards

Gary