Installation¶
To install goiardi from source:
Install go. (http://golang.org/doc/install.html) Goiardi now requires go 1.7+ (because of the use of contexts). Goiardi should generally be able to be built with the latest version of Go, and this is generally recommended. Usually it will also build with the previous minor release, and may build with older versions as well, but this shouldn’t be relied on. Immediately after a minor release, of course, caution may be warranted.
Make sure your
$GOROOT
and$PATH
are set up correctly per the Go installation instructions.Download goairdi and its dependencies
go get -t -u github.com/ctdk/goiardi
Run tests, if desired. Several goiardi subdirectories have go tests, and chef-pedant can and should be used for testing goiardi as well.
Install the goiardi binaries.
go install github.com/ctdk/goiardi
Run goiardi.
goiardi <options>
Or, you can look at the goiardi releases page on github at https://github.com/ctdk/goiardi/releases and see if there are precompiled binaries available for your platform, or check out the packages at https://packagecloud.io/ct/goiardi and see if there’s one for your platform there.
Another option is running goiardi in Docker. There’s a Dockerfile in the root of the goiardi git repository that’s suitable for running the local version of goiardi, but a goiardi repository on Docker Hub at https://hub.docker.com/r/ctdk/goiardi/ is also under development (the source repository for those docker images is at https://github.com/ctdk/goiardi-docker). Running goiardi under docker has always worked fine, but now that configuration options can be set with environment variables it’s certainly easier to do so than before.
Configuration¶
You can get a list of command-line options with the -h
flag.
Additionally, many of goiardi’s options that can be set with flags can also be set with environment variables. Where this is the case, the option’s description will be followed by an environment variable name (like $GOIARDI_HANDY_OPTION
).
Goiardi can also take a config file, run like goiardi -c /path/to/conf-file
. See etc/goiardi.conf-sample
for an example documented configuration file. Options in the configuration file share the same name as the long command line arguments (so, for example, --ipaddress=127.0.0.1
on the command line would be ipaddress = "127.0.0.1"
in the config file.
Currently available command line and config file options:
-v, --version Print version info.
-V, --verbose Show verbose debug information. Repeat for more
verbosity.
-c, --config= Specify a config file to use. [$GOIARDI_CONFIG]
-I, --ipaddress= Listen on a specific IP address.
[$GOIARDI_IPADDRESS]
-H, --hostname= Hostname to use for this server. Defaults to
hostname reported by the kernel.
[$GOIARDI_HOSTNAME]
-P, --port= Port to listen on. If port is set to 443, SSL
will be activated. (default: 4545) [$GOIARDI_PORT]
-Z, --proxy-hostname= Hostname to report to clients if this goiardi
server is behind a proxy using a different
hostname. See also --proxy-port. Can be used with
--proxy-port or alone, or not at all.
[$GOIARDI_PROXY_HOSTNAME]
-W, --proxy-port= Port to report to clients if this goiardi server
is behind a proxy using a different port than the
port goiardi is listening on. Can be used with
--proxy-hostname or alone, or not at all.
[$GOIARDI_PROXY_PORT]
-i, --index-file= File to save search index data to.
[$GOIARDI_INDEX_FILE]
-D, --data-file= File to save data store data to.
[$GOIARDI_DATA_FILE]
-F, --freeze-interval= Interval in seconds to freeze in-memory data
structures to disk if there have been any changes
(requires -i/--index-file and -D/--data-file
options to be set). (Default 10 seconds.)
[$GOIARDI_FREEZE_INTERVAL]
-L, --log-file= Log to file X [$GOIARDI_LOG_FILE]
-s, --syslog Log to syslog rather than a log file.
Incompatible with -L/--log-file. [$GOIARDI_SYSLOG]
-g, --log-level= Specify logging verbosity. Performs the same
function as -V, but works like the 'log-level'
option in the configuration file. Acceptable
values are 'debug', 'info', 'warning', 'error',
'critical', and 'fatal'. [$GOIARDI_LOG_LEVEL]
--time-slew= Time difference allowed between the server's
clock and the time in the X-OPS-TIMESTAMP header.
Formatted like 5m, 150s, etc. Defaults to 15m.
[$GOIARDI_TIME_SLEW]
--conf-root= Root directory for configs and certificates.
Default: the directory the config file is in, or
the current directory if no config file is set.
[$GOIARDI_CONF_ROOT]
-A, --use-auth Use authentication. Default: false. (NB: At a
future time, the default behavior will change to
authentication being enabled.) [$GOIARDI_USE_AUTH]
--use-ssl Use SSL for connections. If --port is set to 433,
this will automatically be turned on. If it is
set to 80, it will automatically be turned off.
Default: off. Requires --ssl-cert and --ssl-key.
[$GOIARDI_USE_SSL]
--ssl-cert= SSL certificate file. If a relative path, will be
set relative to --conf-root. [$GOIARDI_SSL_CERT]
--ssl-key= SSL key file. If a relative path, will be set
relative to --conf-root. [$GOIARDI_SSL_KEY]
--https-urls Use 'https://' in URLs to server resources if
goiardi is not using SSL for its connections.
Useful when goiardi is sitting behind a reverse
proxy that uses SSL, but is communicating with
the proxy over HTTP. [$GOIARDI_HTTPS_URLS]
--disable-webui If enabled, disables connections and logins to
goiardi over the webui interface.
[$GOIARDI_DISABLE_WEBUI]
--use-mysql Use a MySQL database for data storage. Configure
database options in the config file.
[$GOIARDI_USE_MYSQL]
--use-postgresql Use a PostgreSQL database for data storage.
Configure database options in the config file.
[$GOIARDI_USE_POSTGRESQL]
--local-filestore-dir= Directory to save uploaded files in. Optional
when running in in-memory mode, *mandatory*
(unless using S3 uploads) for SQL mode.
[$GOIARDI_LOCAL_FILESTORE_DIR]
--log-events Log changes to chef objects. [$GOIARDI_LOG_EVENTS]
-K, --log-event-keep= Number of events to keep in the event log. If
set, the event log will be checked periodically
and pruned to this number of entries.
[$GOIARDI_LOG_EVENT_KEEP]
--skip-log-extended If set, do not save a JSON encoded blob of the
object being logged when logging an event.
[$GOIARDI_SKIP_LOG_EXTENDED]
-x, --export= Export all server data to the given file, exiting
afterwards. Should be used with caution. Cannot
be used at the same time as -m/--import.
-m, --import= Import data from the given file, exiting
afterwards. Cannot be used at the same time as
-x/--export.
-Q, --obj-max-size= Maximum object size in bytes for the file store.
Default 10485760 bytes (10MB).
[$GOIARDI_OBJ_MAX_SIZE]
-j, --json-req-max-size= Maximum size for a JSON request from the client.
Per chef-pedant, default is 1000000.
[$GOIARDI_JSON_REQ_MAX_SIZE]
--use-unsafe-mem-store Use the faster, but less safe, old method of
storing data in the in-memory data store with
pointers, rather than encoding the data with gob
and giving a new copy of the object to each
requestor. If this is enabled goiardi will run
faster in in-memory mode, but one goroutine could
change an object while it's being used by
another. Has no effect when using an SQL backend.
(DEPRECATED - will be removed in a future
release.)
--db-pool-size= Number of idle db connections to maintain. Only
useful when using one of the SQL backends.
Default is 0 - no idle connections retained
[$GOIARDI_DB_POOL_SIZE]
--max-connections= Maximum number of connections allowed for the
database. Only useful when using one of the SQL
backends. Default is 0 - unlimited.
[$GOIARDI_MAX_CONN]
--use-serf If set, have goidari use serf to send and receive
events and queries from a serf cluster. Required
for shovey. [$GOIARDI_USE_SERF]
--serf-event-announce Announce log events and joining the serf cluster
over serf, as serf events. Requires --use-serf.
[$GOIARDI_SERF_EVENT_ANNOUNCE]
--serf-addr= IP address and port to use for RPC communication
with a serf agent. Defaults to 127.0.0.1:7373.
[$GOIARDI_SERF_ADDR]
--use-shovey Enable using shovey for sending jobs to nodes.
Requires --use-serf. [$GOIARDI_USE_SHOVEY]
--sign-priv-key= Path to RSA private key used to sign shovey
requests. [$GOIARDI_SIGN_PRIV_KEY]
--dot-search If set, searches will use . to separate elements
instead of _. [$GOIARDI_DOT_SEARCH]
--convert-search If set, convert _ syntax searches to . syntax.
Only useful if --dot-search is set.
[$GOIARDI_CONVERT_SEARCH]
--pg-search Use the new Postgres based search engine instead
of the default ersatz Solr. Requires
--use-postgresql, automatically turns on
--dot-search. --convert-search is recommended,
but not required. [$GOIARDI_PG_SEARCH]
--use-statsd Whether or not to collect statistics about
goiardi and send them to statsd.
[$GOIARDI_USE_STATSD]
--statsd-addr= IP address and port of statsd instance to connect
to. (default 'localhost:8125')
[$GOIARDI_STATSD_ADDR]
--statsd-type= statsd format, can be either 'standard' or
'datadog' (default 'standard')
[$GOIARDI_STATSD_TYPE]
--statsd-instance= Statsd instance name to use for this server.
Defaults to the server's hostname, with '.'
replaced by '_'. [$GOIARDI_STATSD_INSTANCE]
--use-s3-upload Store cookbook files in S3 rather than locally in
memory or on disk. This or --local-filestore-dir
must be set in SQL mode. Cannot be used with
in-memory mode. [$GOIARDI_USE_S3_UPLOAD]
--aws-region= AWS region to use S3 uploads.
[$GOIARDI_AWS_REGION]
--s3-bucket= The name of the S3 bucket storing the files.
[$GOIARDI_S3_BUCKET]
--aws-disable-ssl Set to disable SSL for the endpoint. Mostly
useful just for testing.
[$GOIARDI_AWS_DISABLE_SSL]
--s3-endpoint= Set a different endpoint than the default
s3.amazonaws.com. Mostly useful for testing with
a fake S3 service, or if using an S3-compatible
service. [$GOIARDI_S3_ENDPOINT]
--s3-file-period= Length of time, in minutes, to allow files to be
saved to or retrieved from S3 by the client.
Defaults to 15 minutes. [$GOIARDI_S3_FILE_PERIOD]
--use-external-secrets Use an external service to store secrets
(currently user/client public keys). Currently
only vault is supported.
[$GOIARDI_USE_EXTERNAL_SECRETS]
--vault-addr= Specify address of vault server (i.e.
https://127.0.0.1:8200). Defaults to the value of
VAULT_ADDR.
--vault-shovey-key= Specify a path in vault holding shovey's private
key. The key must be put in vault as
'privateKey=<contents>'.
[$GOIARDI_VAULT_SHOVEY_KEY]
-T, --index-val-trim= Trim values indexed for chef search to this many
characters (keys are untouched). If not set or
set <= 0, trimming is disabled. This behavior
will change with the next major release.
[$GOIARDI_INDEX_VAL_TRIM]
-y, --pprof-whitelist= Address to allow to access /debug/pprof (in
addition to localhost). Specify multiple times to
allow more addresses. [$GOIARDI_PPROF_WHITELIST]
--purge-reports-after= Time to purge old reports after, given in golang
duration format (e.g. "720h"). Default is not to
purge them at all. [$GOIARDI_PURGE_REPORTS_AFTER]
--purge-status-after= Time to purge old node statuses after, given in
golang duration format (e.g. "720h"). Default is
not to purge them at all.
[$GOIARDI_PURGE_STATUS_AFTER]
--purge-sandboxes-after= Time to purge old reports after, given in golang
duration format (e.g. "720h"). Default is to
purge them after one week. Set this to '0s' to
disable sandbox purging.
[$GOIARDI_PURGE_SANDBOXES_AFTER]
MySQL connection options (requires --use-mysql):
--mysql-username= MySQL username [$GOIARDI_MYSQL_USERNAME]
--mysql-password= MySQL password [$GOIARDI_MYSQL_PASSWORD]
--mysql-protocol= MySQL protocol (tcp or unix)
[$GOIARDI_MYSQL_PROTOCOL]
--mysql-address= MySQL IP address, hostname, or path to a socket
[$GOIARDI_MYSQL_ADDRESS]
--mysql-port= MySQL TCP port [$GOIARDI_MYSQL_PORT]
--mysql-dbname= MySQL database name [$GOIARDI_MYSQL_DBNAME]
--mysql-extra-params= Extra configuration parameters for MySQL. Specify
them like '--mysql-extra-params=foo:bar'.
Multiple extra parameters can be specified by
supplying the --mysql-extra-params flag multiple
times. If using an environment variable, split up
multiple parameters with #, like so:
GOIARDI_MYSQL_EXTRA_PARAMS='foo:bar#baz:bug'.
[$GOIARDI_MYSQL_EXTRA_PARAMS]
PostgreSQL connection options (requires --use-postgresql):
--postgresql-username= PostgreSQL user name
[$GOIARDI_POSTGRESQL_USERNAME]
--postgresql-password= PostgreSQL password [$GOIARDI_POSTGRESQL_PASSWORD]
--postgresql-host= PostgreSQL IP host, hostname, or path to a socket
[$GOIARDI_POSTGRESQL_HOST]
--postgresql-port= PostgreSQL TCP port [$GOIARDI_POSTGRESQL_PORT]
--postgresql-dbname= PostgreSQL database name
[$GOIARDI_POSTGRESQL_DBNAME]
--postgresql-ssl-mode= PostgreSQL SSL mode ('enable' or 'disable')
[$GOIARDI_POSTGRESQL_SSL_MODE]
NB: If goiardi has been compiled with the novault
build tag, the help output will be missing --use-external-secrets
, --vault-addr
, and --vault-shovey-key
.
Options specified on the command line override options in the config file. Options specified via the command line override options in the config file, but are themselves overridden by command line flags.
For more documentation on Chef, see http://docs.chef.io.
Binaries and Packages¶
There are other options for installing goiardi, in case you don’t want to build it from scratch. Binaries for several platforms are provided with each release, and there are .debs available as well at https://packagecloud.io/ct/goiardi. At the moment packages are being built for Debian wheezy and later, Ubuntu 14.04 and later current and upcoming releases, raspbian (which is under the Debian versions) for various Raspberry Pi computers, and CentOS 6 and 7. Packages for other platforms may happen down the road. As of this writing, debs for goiardi 0.11.2 can be found in Debian stretch (a.k.a stable). More current versions of goiardi can be found in Debian’s testing
and unstable
branches as well as in Ubuntu’s universe
repository since “Zesty Zapus”.
NB: wheezy is currently (as of this writing) supported by the Debian LTS project. Sometime after that ends, which is scheduled for May 31st, 2018, it’ll be dropped from the packagecloud.io builds and the supporting files removed from the repository.
There is also a homebrew tap that includes goiardi now, for folks running Mac OS X and using homebrew.