Cisco Cisco Intelligent Automation for Cloud 4.3.2 Installation Guide
23
Cisco Systems, Inc.
www.cisco.com
Configuring Chef for Cisco IAC Integration
Chef Labs software must be licensed and in place for use with Cisco Intelligent Automation for Cloud 4.3.2. Hosted or
Private Chef 12.0.x or higher is required (with appropriate patches). For Chef, the following services are included:
Private Chef 12.0.x or higher is required (with appropriate patches). For Chef, the following services are included:
Register Chef Cookbook
Register Chef Role
Update Chef Infrastructure Item
Activate Chef Resource
Due to Chef recently changing its naming convention for the chef agent installers, we have implemented our own naming
conventions for Cisco IAC 4.3.2 for the local repository. This is the template for those files:
conventions for Cisco IAC 4.3.2 for the local repository. This is the template for those files:
chef-{version}-{distro}-{arch}.rpm
chef-{version}-{distro}-{arch}.deb
chef-windows-{version}.msi
For example:
chef-12.0.x-el-5-x86_64.rpm
chef-12.0.x-el-6-x86_64.rpm
chef-12.0.x-ubuntu-x86_64.deb
chef-windows-12.0.x.msi
Note:
An active Internet connection to the Chef clients is required to properly install new roles.
Note:
When registering the Chef master in Cisco IAC 4.3.2, there is the option to configure a proxy server to enable
Internet access be used during role installation. If using the proxy settings, make sure to include both the Chef Master
and local repository (if applicable) in the proxy bypass. Additional information on proxies is included below.
and local repository (if applicable) in the proxy bypass. Additional information on proxies is included below.
Basic Chef Considerations
Be advised that when you create a Chef connection from System Setup, it creates two Process Orchestrator targets, a
main Web Service target (for future use) with a reference to a Terminal target (for SSH). You should update the terminal
target’s default maximum number of concurrent sessions to a number greater than one (preferably 100) to avoid
bottlenecks when running Chef on multiple nodes.
main Web Service target (for future use) with a reference to a Terminal target (for SSH). You should update the terminal
target’s default maximum number of concurrent sessions to a number greater than one (preferably 100) to avoid
bottlenecks when running Chef on multiple nodes.
Self-service ordering of servers includes the option to apply a single Chef role and environment. Although best practice
is to assign a single role to a server, this can be extended further to include multiple roles, or add roles/recipes later
through an add-on service. This is currently out of scope for this accelerator kit.
is to assign a single role to a server, this can be extended further to include multiple roles, or add roles/recipes later
through an add-on service. This is currently out of scope for this accelerator kit.
For Linux, Chef is configured via an SSH connection to the new node. A well-known root (or equivalent) user and
password is required. All Linux templates requiring configuration management should have the same root user and
password. This can be changed during or post-configuration. Sudo support will be added in a later release.
password is required. All Linux templates requiring configuration management should have the same root user and
password. This can be changed during or post-configuration. Sudo support will be added in a later release.
You need to set the two extended target properties of the Chef web target in Cisco Process Orchestrator:
Chef.Target.Bootstrap.Linux.User
Chef.Target.Bootstrap.Linux.Password