Skip to content

Commit 40a72b1

Browse files
author
Dave Parfitt
committed
queue monitor review cleanup
POODLE fix for rabbit mgmt console: From https://www.rabbitmq.com/mochiweb.html "For convenience, if you do not specify ssl_opts then rabbitmq-mochiweb will use the same options as the main RabbitMQ server does for AMQP over SSL, but with client certificate verification turned off. If you wish to use client certificate verification, specify ssl_opts explicitly."
1 parent 60fc159 commit 40a72b1

File tree

15 files changed

+1353
-427
lines changed

15 files changed

+1353
-427
lines changed

.travis.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
sudo: false
1+
udo: false
22
branches:
33
only:
44
- master
@@ -44,6 +44,8 @@ env:
4444
- COMPONENT=src/chef-mover
4545
- COMPONENT=src/oc_bifrost
4646
- COMPONENT=src/bookshelf
47+
services:
48+
- rabbitmq
4749
install:
4850
- luarocks install --local lpeg
4951
- luarocks install --local lua-cjson
@@ -53,7 +55,6 @@ install:
5355
- cpanm --notest --quiet --local-lib=$HOME/perl5 local::lib && eval $(perl -I ~/perl5/lib/perl5/ -Mlocal::lib)
5456
- cpanm --notest --quiet App::Sqitch
5557
- cd $COMPONENT && travis_retry make install
56-
5758
script:
5859
- USE_SYSTEM_GECODE=1 LIBRARY_PATH=$CHEFDK_GECODE_PATH/lib LD_LIBRARY_PATH=$CHEFDK_GECODE_PATH/lib CPLUS_INCLUDE_PATH=$CHEFDK_GECODE_PATH/include make travis
5960

omnibus/files/private-chef-cookbooks/private-chef/attributes/default.rb

Lines changed: 24 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -116,45 +116,54 @@
116116
default['private_chef']['rabbitmq']['consumer_id'] = 'hotsauce'
117117
default['private_chef']['rabbitmq']['env_path'] = "/opt/opscode/bin:/opt/opscode/embedded/bin:/usr/bin:/bin"
118118

119-
default['private_chef']['rabbitmq']['max_length'] = 100000
120-
default['private_chef']['rabbitmq']['max_length_enabled'] = true
119+
default['private_chef']['rabbitmq']['ssl_versions'] = "'tlsv1.2', 'tlsv1.1'"
120+
121+
####
122+
# RabbitMQ Management Plugin
123+
####
121124
default['private_chef']['rabbitmq']['management_user'] = "rabbitmgmt"
122125
default['private_chef']['rabbitmq']['management_password'] = "chefrocks"
123126
default['private_chef']['rabbitmq']['management_port'] = 15672
124127
default['private_chef']['rabbitmq']['management_enabled'] = true
125128

129+
# RabbitMQ max-length policy
130+
default['private_chef']['rabbitmq']['analytics_max_length'] = 10000
131+
default['private_chef']['rabbitmq']['queue_length_monitor_vhost'] = "/analytics"
132+
default['private_chef']['rabbitmq']['queue_length_monitor_queue'] = "alaska"
126133
default['private_chef']['rabbitmq']['queue_length_monitor_enabled'] = true
127-
default['private_chef']['rabbitmq']['queue_length_monitor_millis'] = 30000
128134

135+
####
136+
# RabbitMQ Queue Monitor
137+
####
138+
# how often to run the queue monitor
139+
default['private_chef']['rabbitmq']['queue_length_monitor_millis'] = 30000
129140
# if the queue monitor is busy and this timeout has been exceeded,
130141
# assume that rabbit is in a bad state and don't send messages to it
131142
# 5000 is the default of gen_server:call()
132-
default['private_chef']['rabbitmq']['rabbitmq_queue_length_timeout_millis'] = 5000
143+
default['private_chef']['rabbitmq']['queue_length_monitor_timeout_millis'] = 5000
133144

134145
# don't send messages to rabbitmq if it has reached it's configured max_length
135146
default['private_chef']['rabbitmq']['drop_on_full_capacity'] = true
136147

148+
# prevent erchef from starting if queue is at capacity
149+
default['private_chef']['rabbitmq']['prevent_startup_on_full_capacity'] = true
150+
137151
# rabbit_mgmt_service configuration for erchef. These are used to configure an opscoderl_httpc pool
138152
# of HTTP connecton workers.
139153
default['private_chef']['rabbitmq']['rabbit_mgmt_timeout'] = 30000
140154
default['private_chef']['rabbitmq']['rabbit_mgmt_http_init_count'] = 25
141155
default['private_chef']['rabbitmq']['rabbit_mgmt_http_max_count'] = 100
142-
default['private_chef']['rabbitmq']['rabbit_mgmt_http_cull_interval'] = "{1, min}"
143-
default['private_chef']['rabbitmq']['rabbit_mgmt_http_max_age'] = "{70, sec}"
144-
default['private_chef']['rabbitmq']['rabbit_mgmt_http_max_connection_duration'] = "{70,sec}"
156+
# cull interval specified in seconds
157+
default['private_chef']['rabbitmq']['rabbit_mgmt_http_cull_interval'] = 60
158+
# max age specified in seconds
159+
default['private_chef']['rabbitmq']['rabbit_mgmt_http_max_age'] = 70
160+
#max connection duration specified in seconds
161+
default['private_chef']['rabbitmq']['rabbit_mgmt_http_max_connection_duration'] = 70
145162

146163
# comma sep list of tuples, without surrounding []'s
147164
# rendered as a list in oc_erchef.config.erb, including basic_auth info
148165
default['private_chef']['rabbitmq']['rabbit_mgmt_ibrowse_options'] = "{connect_timeout, 10000}"
149166

150-
# rabbitmq management console SSL settings
151-
default['private_chef']['rabbitmq']['server_name'] = node['fqdn']
152-
default['private_chef']['rabbitmq']['ssl_country_name'] = "US"
153-
default['private_chef']['rabbitmq']['ssl_company_name'] = "YouCorp"
154-
default['private_chef']['rabbitmq']['ssl_organizational_unit_name'] = "Operations"
155-
default['private_chef']['rabbitmq']['ssl_key_length'] = 2048
156-
default['private_chef']['rabbitmq']['ssl_duration'] = 3650
157-
158167
####
159168
# External RabbitMQ
160169
####

omnibus/files/private-chef-cookbooks/private-chef/recipes/rabbitmq.rb

Lines changed: 28 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -75,26 +75,18 @@
7575
variables(rabbitmq.to_hash)
7676
end
7777

78-
#ssl_keyfile = File.join(rabbitmq_ca_dir, "rabbitmq.key")
79-
ssl_crtfile = File.join(rabbitmq_ca_dir, "rabbitmq.crt")
80-
81-
openssl_x509 ssl_crtfile do
82-
common_name node['private_chef']['rabbitmq']['server_name']
83-
org node['private_chef']['rabbitmq']['ssl_company_name']
84-
org_unit node['private_chef']['rabbitmq']['ssl_organizational_unit_name']
85-
country node['private_chef']['rabbitmq']['ssl_country_name']
86-
key_length node['private_chef']['rabbitmq']['ssl_key_length']
87-
expire node['private_chef']['rabbitmq']['ssl_duration']
88-
owner 'root'
89-
group 'root'
90-
mode '0644'
91-
end
78+
# reuse nginx certs for RabbitMQ Management Plugin
79+
nginx_dir = node['private_chef']['nginx']['dir']
80+
nginx_ca_dir = File.join(nginx_dir, 'ca')
81+
ssl_keyfile = File.join(nginx_ca_dir, "#{node['private_chef']['nginx']['server_name']}.key")
82+
ssl_crtfile = File.join(nginx_ca_dir, "#{node['private_chef']['nginx']['server_name']}.crt")
9283

9384
template "#{rabbitmq_etc_dir}/rabbitmq.config" do
9485
owner "root"
9586
group "root"
9687
mode "0755"
97-
variables( :rabbitmq_ca_dir => rabbitmq_ca_dir )
88+
variables( :ssl_keyfile => ssl_keyfile,
89+
:ssl_crtfile => ssl_crtfile)
9890
end
9991

10092
component_runit_service "rabbitmq"
@@ -104,15 +96,15 @@
10496
rmq_plugins = "/opt/opscode/embedded/bin/rabbitmq-plugins"
10597
opc_ctl = "/opt/opscode/bin/private-chef-ctl"
10698
opc_username = OmnibusHelper.new(node).ownership['owner']
107-
rmq_ctl_chpost = "/opt/opscode/embedded/bin/chpst -u #{opc_username} -U #{opc_username} #{rmq_ctl}"
108-
rmq_plugins_chpost = "/opt/opscode/embedded/bin/chpst -u #{opc_username} -U #{opc_username} #{rmq_plugins}"
99+
rmq_ctl_chpst = "/opt/opscode/embedded/bin/chpst -u #{opc_username} -U #{opc_username} #{rmq_ctl}"
100+
rmq_plugins_chpst = "/opt/opscode/embedded/bin/chpst -u #{opc_username} -U #{opc_username} #{rmq_plugins}"
109101

110102
execute "#{opc_ctl} start rabbitmq" do
111103
environment rabbitmq_env
112104
retries 20
113105
end
114106

115-
execute "#{rmq_ctl_chpost} wait #{rabbitmq_data_dir}/#{rabbitmq['nodename']}.pid" do
107+
execute "#{rmq_ctl_chpst} wait #{rabbitmq_data_dir}/#{rabbitmq['nodename']}.pid" do
116108
environment rabbitmq_env
117109
retries 10
118110
end
@@ -121,37 +113,37 @@
121113
execute "#{rmq_ctl} add_vhost #{vhost}" do
122114
environment (rabbitmq_env)
123115
user opc_username
124-
not_if "#{rmq_ctl_chpost} list_vhosts| grep #{vhost}", :environment => rabbitmq_env, :user => "root"
116+
not_if "#{rmq_ctl_chpst} list_vhosts| grep #{vhost}", :environment => rabbitmq_env, :user => "root"
125117
retries 20
126118
end
127119
end
128120
# create chef user for the queue
129121
execute "#{rmq_ctl} add_user #{rabbitmq['user']} #{rabbitmq['password']}" do
130122
environment (rabbitmq_env)
131-
not_if "#{rmq_ctl_chpost} list_users |grep #{rabbitmq['user']}", :environment => rabbitmq_env, :user => "root"
123+
not_if "#{rmq_ctl_chpst} list_users |grep #{rabbitmq['user']}", :environment => rabbitmq_env, :user => "root"
132124
user opc_username
133125
retries 10
134126
end
135127

136128
execute "#{rmq_ctl} add_user #{rabbitmq['jobs_user']} #{rabbitmq['jobs_password']}" do
137129
environment (rabbitmq_env)
138130
user opc_username
139-
not_if "#{rmq_ctl_chpost} list_users |grep #{rabbitmq['jobs_user']}", :environment => rabbitmq_env, :user => "root"
131+
not_if "#{rmq_ctl_chpst} list_users |grep #{rabbitmq['jobs_user']}", :environment => rabbitmq_env, :user => "root"
140132
retries 10
141133
end
142134

143135
execute "#{rmq_ctl} add_user #{rabbitmq['actions_user']} #{rabbitmq['actions_password']}" do
144136
environment (rabbitmq_env)
145137
user opc_username
146-
not_if "#{rmq_ctl_chpost} list_users |grep #{rabbitmq['actions_user']}", :environment => rabbitmq_env, :user => "root"
138+
not_if "#{rmq_ctl_chpst} list_users |grep #{rabbitmq['actions_user']}", :environment => rabbitmq_env, :user => "root"
147139
retries 10
148140
end
149141

150142

151143
execute "#{rmq_ctl} add_user #{rabbitmq['management_user']} #{rabbitmq['management_password']}" do
152144
environment (rabbitmq_env)
153145
user opc_username
154-
not_if "#{rmq_ctl_chpost} list_users |grep #{rabbitmq['management_user']}", :environment => rabbitmq_env, :user => "root"
146+
not_if "#{rmq_ctl_chpst} list_users |grep #{rabbitmq['management_user']}", :environment => rabbitmq_env, :user => "root"
155147
retries 10
156148
end
157149

@@ -163,78 +155,80 @@
163155
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['vhost']} #{rabbitmq['user']} \".*\" \".*\" \".*\"" do
164156
environment (rabbitmq_env)
165157
user opc_username
166-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['vhost']}", :environment => rabbitmq_env, :user => "root"
158+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['vhost']}", :environment => rabbitmq_env, :user => "root"
167159
retries 10
168160
end
169161

170162
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['reindexer_vhost']} #{rabbitmq['user']} \".*\" \".*\" \".*\"" do
171163
environment (rabbitmq_env)
172164
user opc_username
173-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['reindexer_vhost']}", :environment => rabbitmq_env, :user => "root"
165+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['reindexer_vhost']}", :environment => rabbitmq_env, :user => "root"
174166
retries 10
175167
end
176168

177169
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['jobs_vhost']} #{rabbitmq['jobs_user']} \".*\" \".*\" \".*\"" do
178170
environment (rabbitmq_env)
179171
user opc_username
180-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['jobs_user']}|grep #{rabbitmq['jobs_vhost']}", :environment => rabbitmq_env, :user => "root"
172+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['jobs_user']}|grep #{rabbitmq['jobs_vhost']}", :environment => rabbitmq_env, :user => "root"
181173
retries 10
182174
end
183175

184176
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['actions_vhost']} #{rabbitmq['user']} \".*\" \".*\" \".*\"" do
185177
environment (rabbitmq_env)
186178
user opc_username
187-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
179+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
188180
retries 10
189181
end
190182

191183
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['actions_vhost']} #{rabbitmq['actions_user']} \".*\" \".*\" \".*\"" do
192184
environment (rabbitmq_env)
193185
user opc_username
194-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['actions_user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
186+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['actions_user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
195187
retries 10
196188
end
197189

198190

199191
execute "#{rmq_ctl} set_permissions -p #{rabbitmq['actions_vhost']} #{rabbitmq['management_user']} \".*\" \".*\" \".*\"" do
200192
environment (rabbitmq_env)
201193
user opc_username
202-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['management_user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
194+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['management_user']}|grep #{rabbitmq['actions_vhost']}", :environment => rabbitmq_env, :user => "root"
203195
retries 10
204196
end
205197

206198
execute "#{rmq_ctl} set_permissions -p / #{rabbitmq['management_user']} \".*\" \".*\" \".*\"" do
207199
environment (rabbitmq_env)
208200
user opc_username
209-
not_if "#{rmq_ctl_chpost} list_user_permissions #{rabbitmq['management_user']}|grep \"/\\s\"", :environment => rabbitmq_env, :user => "root"
201+
not_if "#{rmq_ctl_chpst} list_user_permissions #{rabbitmq['management_user']}|grep \"/\\s\"", :environment => rabbitmq_env, :user => "root"
210202
retries 10
211203
end
212204

213205
execute "#{rmq_plugins} enable rabbitmq_management" do
214206
environment (rabbitmq_env)
215207
user opc_username
216208
not_if "#{rmq_plugins} list | grep rabbitmq_management | grep -v rabbit_management_agent | grep E"
209+
# management plugin needs a rabbit restart
210+
notifies :restart, 'runit_service[rabbitmq]', :delayed
217211
retries 10
218212
end
219213

220214
execute "#{rmq_ctl} set_user_tags #{rabbitmq['management_user']} administrator" do
221215
environment (rabbitmq_env)
222216
user opc_username
223-
not_if "#{rmq_ctl_chpost} list_users | grep rabbitmgmt | grep administrator", :environment => rabbitmq_env, :user => "root"
217+
not_if "#{rmq_ctl_chpst} list_users | grep rabbitmgmt | grep administrator", :environment => rabbitmq_env, :user => "root"
224218
retries 10
225219
end
226220

227-
execute "#{rmq_ctl} set_policy -p /analytics max_length '(erchef|alaska|notifier.notifications|notifier_config)' '{\"max-length\":#{rabbitmq['max_length']}}' --apply-to queues" do
221+
execute "#{rmq_ctl} set_policy -p /analytics max_length '(erchef|alaska|notifier.notifications|notifier_config)' '{\"max-length\":#{rabbitmq['analytics_max_length']}}' --apply-to queues" do
228222
environment (rabbitmq_env)
229223
user opc_username
230-
only_if do rabbitmq['max_length_enabled'] end
224+
only_if do rabbitmq['analytics_max_length'] > 0 end
231225
retries 10
232226
end
233227

234228
execute "#{rmq_ctl} clear_policy -p /analytics max_length" do
235229
environment (rabbitmq_env)
236230
user opc_username
237-
not_if do rabbitmq['max_length_enabled'] end
231+
not_if do rabbitmq['analytics_max_length'] > 0 end
238232
retries 10
239233
end
240234

omnibus/files/private-chef-cookbooks/private-chef/templates/default/oc_erchef.config.erb

Lines changed: 34 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -103,36 +103,47 @@
103103
{actions_vhost, <<"<%= @actions_vhost %>">>},
104104
{actions_exchange, <<"<%= @actions_exchange %>">>},
105105
{actions_fqdn, <<"<%= node['private_chef']['lb']['api_fqdn'] %>">>},
106-
{rabbitmq_management_user, <<"<%= @node['private_chef']['rabbitmq']['management_user'] %>">>},
107-
{rabbitmq_management_port, <%= @node['private_chef']['rabbitmq']['management_port'] %>},
108-
{rabbitmq_management_password, <<"<%= @node['private_chef']['rabbitmq']['management_password'] %>">>},
109-
{rabbitmq_queue_length_monitor_enabled, <%= @node['private_chef']['rabbitmq']['queue_length_monitor_enabled'] %>},
110-
{rabbitmq_queue_length_monitor_millis, <%= @node['private_chef']['rabbitmq']['queue_length_monitor_millis'] %> },
111-
{rabbitmq_drop_on_full_capacity, <%= @node['private_chef']['rabbitmq']['drop_on_full_capacity'] %> },
112-
% rabbitmq management http connection pool
113-
{rabbitmq_management_service,
114-
[{root_url, "https://<%= @actions_vip %>:<%= @node['private_chef']['rabbitmq']['management_port'] %>/api"},
115-
{timeout, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_timeout'] %>},
116-
{init_count, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_init_count'] %>},
117-
{max_count, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_count'] %>},
118-
{cull_interval, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_cull_interval'] %>},
119-
{max_age, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_age'] %>},
120-
{max_connection_duration, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_connection_duration'] %>},
121-
{ibrowse_options,
122-
[<%= @node['private_chef']['rabbitmq']['rabbit_mgmt_ibrowse_options'] %>,
123-
{basic_auth,
124-
{"<%= node['private_chef']['rabbitmq']['management_user'] %>",
125-
"<%= node['private_chef']['rabbitmq']['management_password'] %>"}}
126-
]}
127-
]},
128106
{max_request_size, <%= node['private_chef']['opscode-erchef']['max_request_size'] %>},
129107
{server_version, "<%= node['private_chef']['version'] %>"},
130108
{health_ping_timeout, 400},
131109
{health_ping_modules, [oc_chef_authz, chef_sql, chef_solr]},
132110
{base_resource_url, <%= @helper.erl_atom_or_string(node['private_chef']['opscode-erchef']['base_resource_url']) %>},
133111
{bulk_fetch_batch_size, <%= @bulk_fetch_batch_size %>},
134-
{strict_search_result_acls, <%= @strict_search_result_acls %>}
112+
{strict_search_result_acls, <%= @strict_search_result_acls %>},
113+
114+
{rabbitmq, [
115+
{management,
116+
[{user, <<"<%= @node['private_chef']['rabbitmq']['management_user'] %>">>},
117+
{port, <%= @node['private_chef']['rabbitmq']['management_port'] %>},
118+
{password, <<"<%= @node['private_chef']['rabbitmq']['management_password'] %>">>},
119+
% rabbitmq management http connection pool
120+
{rabbitmq_management_service,
121+
[{root_url, "https://<%= @actions_vip %>:<%= @node['private_chef']['rabbitmq']['management_port'] %>/api"},
122+
{timeout, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_timeout'] %>},
123+
{init_count, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_init_count'] %>},
124+
{max_count, <%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_count'] %>},
125+
{cull_interval, {<%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_cull_interval'] %>, sec}},
126+
{max_age, {<%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_age'] %>, sec}},
127+
{max_connection_duration, {<%= @node['private_chef']['rabbitmq']['rabbit_mgmt_http_max_connection_duration'] %>, sec}},
128+
{ibrowse_options,
129+
[<%= @node['private_chef']['rabbitmq']['rabbit_mgmt_ibrowse_options'] %>,
130+
{basic_auth,
131+
{"<%= node['private_chef']['rabbitmq']['management_user'] %>",
132+
"<%= node['private_chef']['rabbitmq']['management_password'] %>"}}]}
133+
]}]},
134+
{monitoring,
135+
[{queue_length_monitor_enabled, <%= @node['private_chef']['rabbitmq']['queue_length_monitor_enabled'] %>},
136+
{queue_length_monitor_vhost, "<%= @node['private_chef']['rabbitmq']['queue_length_monitor_vhost'] %>"},
137+
{queue_length_monitor_queue, "<%= @node['private_chef']['rabbitmq']['queue_length_monitor_queue'] %>"},
138+
{queue_length_monitor_millis, <%= @node['private_chef']['rabbitmq']['queue_length_monitor_millis'] %>},
139+
{queue_length_monitor_timeout_millis, <%= @node['private_chef']['rabbitmq']['queue_length_monitor_timeout_millis'] %>},
140+
{drop_on_full_capacity, <%= @node['private_chef']['rabbitmq']['drop_on_full_capacity'] %>},
141+
{prevent_startup_on_full_capacity, <%= @node['private_chef']['rabbitmq']['prevent_startup_on_full_capacity'] %>}
142+
]}
143+
]}
135144
]},
145+
146+
136147
{chef_authn, [
137148
{keyring, [{default, "/etc/opscode/webui_pub.pem"}]},
138149
<% unless node['private_chef']['opscode-erchef']['keygen_cache_workers'] == :auto -%>

0 commit comments

Comments
 (0)