Manualshelf

Installation Guide

ManualsBrandsCisco ManualsCloud and Systems ManagementCisco Intelligent Automation for Cloud 4.1
21222324252627282930
2-8
Cisco Intelligent Automation for Cloud Installation Guide
OL-29971-02
Chapter 2 Installing and Configuring Optional Software
Configuring Chef for Cisco IAC Integration
Update Chef Infrastructure Item
Activate Chef Resource
Due to Chef recently changing its naming convention for the chef agent installers, we have implemented
our own naming conventions for Cisco IAC 4.1.1 for the local repository. This is the template for those
files:
chef-{version}-{distro}-{arch}.rpm
chef-{version}-{distro}-{arch}.deb
chef-windows-{version}.msi
For example:
chef-11.12.4-el-5-x86_64.rpm
chef-11.12.4-el-6-x86_64.rpm
chef-11.12.4-ubuntu-x86_64.deb
chef-windows-11.12.4.msi
Tip An active Internet connection to the Chef clients is required to properly install new roles.
Tip When registering the Chef master in Cisco IAC 4.1.1, there is the option to configure a proxy server to
enable Internet access be used during role installation. If using the proxy settings, make sure to include
both the Chef Master and local repository (if applicable) in the proxy bypass. Additional information on
proxies is included below.
Basic Chef Considerations
Be advised that when you create a Chef connection from System Setup, it creates two Process
Orchestrator targets, a main Web Service target (for future use) with a reference to a Terminal target (for
SSH). You should update the terminal target’s default maximum number of concurrent sessions to a
number greater than one (preferably 100) to avoid bottlenecks when running Chef on multiple nodes.
Self-service ordering of servers includes the option to apply a single Chef role and environment.
Although best practice is to assign a single role to a server, this can be extended further to include
multiple roles, or add roles/recipes later through an add-on service. This is currently out of scope for this
accelerator kit.
For Linux, Chef is configured via an SSH connection to the new node. A well-known root (or equivalent)
user and password is required. All Linux templates requiring configuration management should have the
same root user and password. This can be changed during or post-configuration. Sudo support will be
added in a later release.
You need to set the two extended target properties of the Chef web target in Cisco Process Orchestrator:
Chef.Target.Bootstrap.Linux.User
Chef.Target.Bootstrap.Linux.Password
Cisco IAC allows users to specify the Administrator user/password, so the above is not required for
Windows. The certificate authority for Chef requires that the server and client clocks be synchronized
with a common time source (for example, using the ntpd service).