Stack Overflow
Stack Overflow

Questions tagged [databags]

A data bag is a global variable that is stored as JSON data and is accessible from a Chef Server. A data bag is indexed for searching and can be loaded by a recipe or accessed during a search. The contents of a data bag can vary, but they often include sensitive information (such as database passwords).

83 questions
21
votes
2 answers

Chef attributes versus data bags

I'm new to Chef, and after reading the documentation I'm still having trouble understanding when to use Attributes and when to use Data bags. What kind of data should be stored as attributes, and what kind of data should be stored in data bags…
MiniQuark
  • 46,633
  • 36
  • 147
  • 183
11
votes
2 answers

Where is my Chef data bag item?

I was trying to create a Chef data bag from within the chef-repo directory using the command: knife data bag create users deployer And i get the response: Created data_bag[users] Created data_bag_item[deployer] But I am not able to locate the data…
Steve Loo
  • 276
  • 1
  • 5
  • 12
5
votes
2 answers

Change ipaddress of a node on open source chef server

I have been experimenting with open source chef server. I configured a node on my server which had ip address 10.114.7.41. Now when I restarted the node machine and now the ip address of the machine has changed to 10.114.7.45. But the chef server…
Amar
  • 2,171
  • 1
  • 13
  • 16
3
votes
2 answers

Access a Chef data bag from an attributes file

Is there a way to access a Chef data bag from within the default.rb attributes file? My use case is I need to represent a collection of operating system environment variables as a hash of attributes which are ultimately passed through to a template.…
John Topley
  • 113,588
  • 46
  • 195
  • 237
3
votes
2 answers

EncryptedDataBagItem.load produces 'cannot convert nil into String'

I'm following the method described in this post for creating a DNS record for a new server as Chef provisions it. I've created an encrypted data bag item for my AWS credentials: $ knife data bag show passwords aws --secret-file…
MrTheWalrus
  • 9,670
  • 2
  • 42
  • 66
2
votes
1 answer

How to add node to list of clients that can access a data bag on a Chef Server?

I want/need one of my nodes to access a data bag on my chef server. The purpose is to get a decrypted ssh key so i can clone from a private repo. I've been trying many variations of knife vault update data_bag item -A 'name-of-node' But I do not…
WhyAyala
  • 647
  • 7
  • 29
2
votes
0 answers

Chef-vault - not creating vaults with create command, but creating simple data bags

I am trying to create a chef-vault to store some password using below command: knife vault create revrecsecrets revrecpass -A "revrec-validator,node1,node2,node3" -J data_bags/revrecpass.json -M client Where revrecpass.json contains: {…
kumarprd
  • 906
  • 2
  • 8
  • 21
2
votes
1 answer

Chef bad decrypt error even when secret is identical

So I created an encrypted data bag using knife on MacOS, specifying a secrets file. If I run knife data bag show bag key --secret /path/to/secret it decrypts fine and I see the correct result. Now, if I copy the secret file to windows, the decrypt…
user1832464
2
votes
2 answers

What is the correct way to add a default secret-file to knife.rb?

What is the correct format for adding a secret file in my knife.rb? I've read the docs and can't seem to get the formatting right, or perhaps it is not working. I have tried adding both: knife[:secret_file] = "/path/to/data_bag_secret" and…
Ben Liyanage
  • 4,993
  • 1
  • 21
  • 23
2
votes
1 answer

Opsworks with Chef 12 can't access deploy ssh_key

Per the OpsWorks documentation with Chef v11 or earlier you could access a deploy key by doing: include 'deploy' key = node[:deploy]['appshortname'][:scm][:ssh_key] However per OpsWorks with Chef 12 documentation: To migrate your recipe code that…
bdx
  • 3,316
  • 4
  • 32
  • 65
2
votes
2 answers

Encrypted chef data bag json file, how to decrypt and show contents?

There are encrypted data bags in json files with some values I need to change. I need to run something like... $ knife data bag from file show --secret-file path/to/secret DATABAGNAME --config path/to/knife.rb But this command gives the error: …
Johnny5
  • 463
  • 2
  • 5
  • 16
2
votes
1 answer

how to pass 2 data bag variables to template chef

I am trying to pass 2 data bags as variables into a template but it end in error message. Do anyone know how do i pass 2 databags to a template? Recipe db = data_bag_item('dbconnect', 'connection') dbkey = data_bag_item('database',…
gopisaba
  • 41
  • 1
  • 6
2
votes
0 answers

Chef + Vagrant + encrypted data bags + Windows

I'm trying to use Vagrant and Chef to test encrypted data bags. I've created an encrypted data bag using knife solo data bag create test test_service --data-bag-path ../../data_bags/ --secret-file ~/.chef/encrypted_data_bag_secret and verified the…
Garry Cyre
  • 41
  • 1
  • 2
2
votes
1 answer

Encrypt data bag from inside of ruby without relying on knife

At the moment to encrypt a data bag, I have to do : system "knife data bag from file TemporaryEncrypting \"#{enc_file_path}\" --secret-file #{Secret_Key_Path}" and that doesn't work because knife can't find a config file and I can't seem to get it…
Thermatix
  • 2,757
  • 21
  • 51
2
votes
1 answer

Chef - Data Bag Query

Is it possible to do the following when querying a data bag to set a node attribute? I have a series of data bag items that match my local node['fqdn'] attributes. Is it possible to dynamically insert this attribute into a data bag query string, the…
user2163145
  • 21
  • 1
  • 2
1
2 3 4 5 6