You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
Thenode_management_enroll custom resource is designed to streamline the process of enrolling nodes into a Chef-360 platform. This resource automates the configuration and setup required to ensure nodes are properly registered and managed by the Chef platform's node management service.
Enrollment and Enrollment Levels
Enrollment is the process that enables Chef 360 to interact with and potentially manage your node. The enrollment status level determines the extent of management and control Chef 360 has over the node. This level indicates the type and degree of management capabilities available.
Thenode_management_enroll resource supports two levels of enrollment:
Full Enrollment: Chef 360 has both Node Management and Habitat installed on the node, running as a Habitat supervised service. This level allows Chef 360 to manage skill credentials, settings, installation, upgrades, and removal.
Partial Enrollment: Chef 360 has Node Management running on the node, but as a native service (not under the Habitat supervisor or package manager). This level allows for the detection of native skills and skill credential management but does not support skill installation, upgrades, or configuration. This is suitable for nodes that do not support Habitat but require a specific skill like Courier Runner.
Resource Parameters
Parameter
Description
Valid Value
Default Value
chef_platform_url
The fully qualified domain name (FQDN) URL for the Chef 360 platform.
A FQDN which must be accessible from the client node.
None
api_port
The API port configured in the Chef 360 platform.
A valid port number.
31000
access_key
Access key for secure communication with Chef 360. Store securely (e.g., Encrypted Chef data bags, Vault).
Valid token
None
secret_key
Secret key for secure communication with Chef 360. Store securely (e.g., Encrypted Chef data bags, Vault).
Valid token
None
cohort_id
A UUID representing a cohort. It provides all required skills and settings to the assigned node.
UUID
None
hab_builder_url
URL for the Chef Habitat builder in your organization.
Valid URL
https://bldr.habitat.sh
working_dir_path
Temporary working directory path where all required builds are downloaded. Specify a valid path based on the OS.
A valid directory with read and write permission.
/tmp
root_ca
Root certificate used for SSL/TLS communication. Only required for secure env
A valid root certificate
None
ssl_verify_mode
Defines the SSL verification mode. Useverify_none for self-signed certificates andverify_peer for legitimate certificates requiring verification.
:verify_none,:verify_peer
:verify_none
upgrade_skills
For partial enrollment. If true, checks for the latest skill version and installs it if found.
'true' or'false'
false
Obtainingroot_ca
Self-Signed Environment: Run the below command on the host where Chef 360 server is installed:
kubectl get secret --namespace<<namespace>> common-generated-certs -o jsonpath="{.data['ca\.crt']}" | base64 -d
Custom Certificate: Use the sameroot_ca that was used while configuring the Chef 360 API/UI section.
Chef 360 SaaS: Copy of the Chef 360 SaaS public key and add it to your wrapper cookbook: