Kyle's questions -server

Kyle

Asked: 2012-03-15 14:33:36 +0800 CST

Chef: encrypted data bags, protecting the encryption key

When you are using the encrypted data bag feature for Chef how do you go about deploying the key to many servers? If you put it into a recipe anyone who has access to any of the chef servers or clients can pull the key and potentially decrypt any of the databags.

How do you go about ensuring that the key is on the machines that need it, but also safe from anyone snooping around?

Kyle

Asked: 2012-03-13 10:16:38 +0800 CST

Why use chef-solo on a single instance?

I understand the advantages of using Chef and puppet in a multiserver environment. Its fantastic for enforcing and describing configuration across many servers.

But lets say you have a single server, what advantage does chef-solo give you over simply manually configuring the server? I love chef, but I can't think of a reason why taking the time to setup chef-solo is worth the hassle on a single or even 2 server architecture, but apparently people do it.

Chef: encrypted data bags, protecting the encryption key

Why use chef-solo on a single instance?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?