Abiquo Chef Integration requires an Opscode Chef server. Opscode Chef requires time synchronization between your servers and hypervisors. Abiquo Chef Integration supports Linux virtual machines only. Abiquo Chef Integration requires a DHCP server configured in the Abiquo platform to pass parameters to virtual machines. If you wish to use the Chef recipes in the Opscode community repository, then Abiquo recommends that you use Ubuntu virtual machines.
Opscode Chef is an infrastructure automation product that uses configuration recipes. The first stage of Abiquo Chef Integration allows you to deploy a virtual machine that will then configure itself using Chef recipes and roles.
An important aspect of the Abiquo Chef Integration is the concept of Chef entities, which are described in the following table.
Can log in to the GUI of the Chef Server
The Enterprise Admin will usually configure the Chef Server
A consumer (user) of the Chef API
Standard, Admin and Validator clients. The Abiquo Chef Integration
A machine that will configure itself from the runlist
The Abiquo chef-enabled virtual machine is a Chef node
The following diagram gives a basic overview of the Chef entities.
After you have configured the Abiquo Chef Integration, the basic process is as follows:
In addition, you can:
The following diagrams are a simplified outline of the Abiquo Chef Integration.
The following sections will guide you through the configuration of Abiquo Chef Integration.
On the Abiquo Server, edit the /opt/abiquo/config/abiquo.properties file and set the abiquo.server.api.location to the address where the API is running. It must be the public IP of the Abiquo API (or at least an address reachable from the deployed virtual machines, not localhost). For example, if the IP address of the Abiquo server is 18.104.22.168, add this IP address and the suffix /api/.
To use Chef features in Abiquo, your enterprise must have a Chef Server or an account with the Opscode Hosted Chef Server.
The Chef server must have a list of cookbooks and/or roles that will be available for the virtual machines.
The following templates show cookbooks and roles on Chef Community Server.
Go to Users view and select the enterprise. Click edit, then click on the Chef tab.
You will need:
Tick this checkbox to enable Chef
Enter the URL of the Chef Server
The validator client is used to create nodes. You must use the name of the validator client on the chef server
The validator certificate, which may be stored in a file called organization-validator or validation.pem
This must be a Chef admin client on the Chef server. The Abiquo Server will use it to work with the Chef Server
The admin client certificate, which may be stored in a file called adminclient.pem
Abiquo will use the admin client to work with the Chef Server.
Now the enterprise is ready to deploy virtual machines and automate software installation with Chef.
To deploy virtual machines with Chef, you must use templates with the Abiquo Chef Agent installed.
These templates will be available when Abiquo Remote Template Repository 2.0 is released.
Until this time, please see #Creating Your Own Chef-enabled Templates.
After you download a template with the Chef Agent, you must mark it as Chef-enabled in the appliance library.
Edit the template by clicking the configuration button. Mark the Chef Enabled checkbox. You should include Chef in the name and description of the virtual template and choose the "Chef" category.
The following table only describes the fields related to Chef.
The Name of the template should tell us that it is Chef enabled
The Description of the template should tell us that it is Chef enabled
Virtual template format
The template File Name should tell us that Chef is enabled
There is a separate category for Chef templates
Choose an appropriate icon for the Chef template. A small version of the Opscode Chef logowill be superimposed on the appliance library icon
Tick this checkbox to create a template that is shared with other enterprises in the datacenter. This template will be available to other enterprises, even those that are not Chef enabled.
Tick this checkbox to mark a Chef-enabled virtual template
Chef-enabled templates in the appliance library are marked with the Opscode Chef logoin the lower right corner.
To create your own Chef-enabled templates, Abiquo recommends that you use Boxgrinder. Most of the Chef recipes in the community repository are suitable for Ubuntu Linux, so this is a good starting point. In general, Abiquo Chef Integration should be compatible with any Linux distribution with a valid Chef client installation and standard ISC dhclient.
Run Boxgrinder in a virtual environment, for example VirtualBox, attaching the meta-appliance disk to a SCSI controller on a Fedora 64-bit Linux machine. Before you start, read the Boxgrinder documentation
Download sample appliance definitions
The definitions are found at https://github.com/abiquo/boxgrinder-appliances
These definitions generate the appliances for the Abiquo Chef Templates.
For example, check out the definitions using git
For example, create the oneiric template
The appliance generated will be found under the build directory. For example
In this case, the appliance name is abiquo-chef-template-ubuntu-oneiric-sda.qcow2
If you have problems, check the logs in the log folder. See also Troubleshooting Abiquo Chef VM Templates
The multidisk plugin will generate appliances in 5 different formats. This will save conversion time when you upload your appliances to a remote repository.
Check out the multidisk plugin using git:
To install the multidisk plugin, follow the installation instructions in the git repository.
Example: Do a checkout of the repo with the configs and build the CentOS 5 template
Drag and drop Chef-enabled templates to the virtual appliance in the usual way and save. If you do not see the Chef logo (as marked below with a red arrow), contact your system administrator.
Click the configuration button to edit the virtual machine.
Click the Chef tab to see the Roles available from the Chef Server of the user's enterprise. Use the slider button to move through the pages of roles.
Select the desired roles. You will see them in the lower pane.
To see Recipes (components of cookbooks), mark the Show individual components checkbox.
Now you will see both recipes and roles. You can select any combination of these, including recipes from roles you already selected. The selected components will be added to the lower pane to form the runlist in the order of selection. Use the slider button to move from page to page.
Set the run order by dragging and dropping the components.
When the virtual machine is deployed and booted, the Chef agent in the virtual machine will connect to the Abiquo API to get the information it needs to use the Chef Server as a valid client, and register the virtual machine as a managed node. Once this is done, it will download and install the selected recipes.
It is easy to change the recipes in a virtual machine, and this can be done live with the virtual machine running. Just select the virtual machine in Abiquo, edit it again, and check or uncheck recipes as desired.
When the recipes are saved, the chef agent on the virtual machine will automatically detect changes and update the recipes on the chef server. Here we deleted the openssl recipe and moved the apache role to the top of the list.
If the virtual machine is not deployed, then it does not exist yet and there is no node on the Chef Server for that virtual machine. So the component list will show all available roles and recipes, allowing the user to select the required ones.
If the virtual machine is deployed, then it exists (even if it is stopped) and the node for this machine also exists on the Chef Server. So the component list will show the available recipes with the recipes in the run list for that node selected. So the component list always reflects the real recipe state for the virtual machine.
If someone updates the node directly in the Chef Server management console, Abiquo will detect this change and always display the right information.