Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Abiquo 2.6


Skip to end of metadata
Go to start of metadata

Chef Integration

Chef Integration Prerequisites

Abiquo Chef Integration requires an Opscode Chef server. Opscode Chef requires time synchronization between your servers and hypervisors. Abiquo Chef Integration supports Linux virtual machines only. Abiquo Chef Integration requires a DHCP server configured in the Abiquo platform to pass parameters to virtual machines. If you wish to use the Chef recipes in the Opscode community repository, then Abiquo recommends that you use Ubuntu virtual machines.

Chef Integration Architecture

Opscode Chef is an infrastructure automation product that uses configuration recipes. The first stage of Abiquo Chef Integration allows you to deploy a virtual machine that will then configure itself using Chef recipes and roles.

Chef Entities

An important aspect of the Abiquo Chef Integration is the concept of Chef entities, which are described in the following table.

Chef Entity

Definition

Description

User

Can log in to the GUI of the Chef Server

The Enterprise Admin will usually configure the Chef Server

Client

A consumer (user) of the Chef API

Standard, Admin and Validator clients. The Abiquo Chef Integration
uses a validator client to create nodes and an admin client to synchronize the runlists

Node

A machine that will configure itself from the runlist

The Abiquo chef-enabled virtual machine is a Chef node

The following diagram gives a basic overview of the Chef entities.

Abiquo Chef Integration Process in an Abiquo Datacenter

After you have configured the Abiquo Chef Integration, the basic process is as follows:

  1. Select Chef roles and recipes for your virtual machine
    • The Abiquo Chef Module will create the runlist on the Chef Server for you
  2. Deploy the virtual machine
    • When the virtual machine first boots, it will send a request to the DHCP Server
      • The DHCP server provides the Abiquo API URI and a one-time Abiquo API authentication token
    • The virtual machine will use the URL and token to download from the Abiquo API:
      • All the information it needs to register itself as a Chef node, such as Chef Server address and validation certificate
    • The virtual machine will try to register itself as a node in the Chef Server using the information downloaded from the API
    • The virtual machine will be a registered Chef node, and it will get its runlist and configure itself from the runlist

In addition, you can:

  1. Update Chef roles and recipes as required
    • The Abiquo Chef Module will synchronize the runlist on the Chef Server automatically
    • The Chef node will periodically request the updated runlist from the Chef Server

The following diagrams are a simplified outline of the Abiquo Chef Integration.

Abiquo Datacenter

 

Configure Abiquo Chef Integration

The following sections will guide you through the configuration of Abiquo Chef Integration.

Abiquo Properties Configuration

On the Abiquo Server, edit the /opt/abiquo/config/abiquo.properties file and set the abiquo.server.api.location to the address where the API is running. It must be the public IP of the Abiquo API (or at least an address reachable from the deployed virtual machines, not localhost). For example, if the IP address of the Abiquo server is 80.169.25.32, add this IP address and the suffix /api/.

Abiquo Configuration Properties
abiquo.server.api.location=http://80.169.25.32/api/  

Enterprise Configuration

To use Chef features in Abiquo, your enterprise must have a Chef Server or an account with the Opscode Hosted Chef Server.

The Chef server must have a list of cookbooks and/or roles that will be available for the virtual machines.

The following templates show cookbooks and roles on Chef Community Server.


Enable Chef for an Abiquo Enterprise

Go to Users view and select the enterprise. Click edit, then click on the Chef tab.

Enter the Chef Details

You will need:

  1. The URL of the Chef Server API
  2. The validator client name and certificate. The validator certificate will be used to register the nodes (virtual machines) for working with Chef.
  3. The admin client name and certificate. Abiquo requires an admin client so that when a virtual machine is deployed, it can change and update recipes.

Field

Explanation

Enable Chef

Tick this checkbox to enable Chef

Server URL

Enter the URL of the Chef Server

Validator Client

The validator client is used to create nodes. You must use the name of the validator client on the chef server

Validator Certificate

The validator certificate, which may be stored in a file called organization-validator or validation.pem

Admin Client

This must be a Chef admin client on the Chef server. The Abiquo Server will use it to work with the Chef Server

Admin Certificate

The admin client certificate, which may be stored in a file called adminclient.pem

Abiquo will use the admin client to work with the Chef Server.

Now the enterprise is ready to deploy virtual machines and automate software installation with Chef.

Chef-enabled Virtual Machine Templates

To deploy virtual machines with Chef, you must use templates with the Abiquo Chef Agent installed.

Download Chef-enabled Templates

These templates will be available when Abiquo Remote Template Repository 2.0 is released.
Until this time, please see #Creating Your Own Chef-enabled Templates.

Configure Chef-enabled Templates

After you download a template with the Chef Agent, you must mark it as Chef-enabled in the appliance library.

Edit the template by clicking the configuration button. Mark the Chef Enabled checkbox. You should include Chef in the name and description of the virtual template and choose the "Chef" category.

The following table only describes the fields related to Chef.

Field

Explanation

Name

The Name of the template should tell us that it is Chef enabled

Description

The Description of the template should tell us that it is Chef enabled

Type

Virtual template format

File Name

The template File Name should tell us that Chef is enabled

Category

There is a separate category for Chef templates

Icon

Choose an appropriate icon for the Chef template. A small version of the Opscode Chef logo will be superimposed on the appliance library icon

Shared Template

Tick this checkbox to create a template that is shared with other enterprises in the datacenter. This template will be available to other enterprises, even those that are not Chef enabled.

Chef Enabled

Tick this checkbox to mark a Chef-enabled virtual template

Check Chef-enabled Templates in the Appliance Library

Chef-enabled templates in the appliance library are marked with the Opscode Chef logo in the lower right corner.

Generating Your Own Chef-enabled Templates

To create your own Chef-enabled templates, Abiquo recommends that you use Boxgrinder. Most of the Chef recipes in the community repository are suitable for Ubuntu Linux, so this is a good starting point. In general, Abiquo Chef Integration should be compatible with any Linux distribution with a valid Chef client installation and standard ISC dhclient.

Using Boxgrinder to Generate Chef-enabled Templates

Run Boxgrinder in a virtual environment, for example VirtualBox, attaching the meta-appliance disk to a SCSI controller on a Fedora 64-bit Linux machine. Before you start, read the Boxgrinder documentation

  1. Download the Boxgrinder meta-appliance from the Boxgrinder website
    The meta-appliance is a virtual machine disk. Follow the Boxgrinder tutorial on the Boxgrinder website to deploy it in a hypervisor.
  2. Log in to the Boxgrinder meta-appliance virtual machine (default login root and password boxgrinder)
  3. Download sample appliance definitions
    The definitions are found at  https://github.com/abiquo/boxgrinder-appliances
    These definitions generate the appliances for the Abiquo Chef Templates.
    For example, check out the definitions using git

    $ git clone http://github.com/rubiojr/boxgrinder-appliances
    
  4. Build the appliance
    Run boxgrinder-build from the boxgrinder-appliances directory.
    To create the Ubuntu Chef VM Template, you must load the boxgrinder-ubuntu-plugin when you run Boxgrinder.

For example, create the oneiric template

root@ubuntu:~/boxgrinder-appliances/abiquo-chef-template-ubuntu# boxgrinder-build -l boxgrinder-ubuntu-plugin oneiric.appl

The appliance generated will be found under the build directory. For example

root@ubuntu:~/boxgrinder-appliances/abiquo-chef-template-ubuntu/build/appliances/x86_64/ubuntu/oneiric/abiquo-chef-template-ubuntu-oneiric/1.0/ubuntu-plugin/
 

In this case, the appliance name is abiquo-chef-template-ubuntu-oneiric-sda.qcow2

If you have problems, check the logs in the log folder. See also Troubleshooting Abiquo Chef VM Templates

Generating Appliances in Multiple Disk Formats

The multidisk plugin will generate appliances in 5 different formats. This will save conversion time when you upload your appliances to a remote repository.

Check out the multidisk plugin using git:

$ git clone http://github.com/rubiojr/multidisk-boxgrinder-plugin

To install the multidisk plugin, follow the installation instructions in the git repository.

gem install multidisk-boxgrinder-plugin

Example: Do a checkout of the repo with the configs and build the CentOS 5 template

boxgrinder-build -p multidisk -l multidisk-boxgrinder-plugin centos5-rbel-abiquo-chef-template/centos5-rbel-abiquo-chef-template.appl

Create a Chef Virtual Appliance

Drag and drop Chef-enabled templates to the virtual appliance in the usual way and save. If you do not see the Chef logo (as marked below with a red arrow), contact your system administrator.

Edit the Chef Virtual Machine

 

Click the configuration button to edit the virtual machine.

Click the Chef tab to see the Roles available from the Chef Server of the user's enterprise. Use the slider button to move through the pages of roles.

Select the desired roles. You will see them in the lower pane.

To see Recipes (components of cookbooks), mark the Show individual components checkbox.

Now you will see both recipes and roles. You can select any combination of these, including recipes from roles you already selected. The selected components will be added to the lower pane to form the runlist in the order of selection. Use the slider button to move from page to page.

Set the run order by dragging and dropping the components.

Chef Virtual Machine Deployment

When the virtual machine is deployed and booted, the Chef agent in the virtual machine will connect to the Abiquo API to get the information it needs to use the Chef Server as a valid client, and register the virtual machine as a managed node. Once this is done, it will download and install the selected recipes.

Live Recipe Updates

It is easy to change the recipes in a virtual machine, and this can be done live with the virtual machine running. Just select the virtual machine in Abiquo, edit it again, and check or uncheck recipes as desired.

When the recipes are saved, the chef agent on the virtual machine will automatically detect changes and update the recipes on the chef server. Here we deleted the openssl recipe and moved the apache role to the top of the list.

Component List

If the virtual machine is not deployed, then it does not exist yet and there is no node on the Chef Server for that virtual machine. So the component list will show all available roles and recipes, allowing the user to select the required ones.

If the virtual machine is deployed, then it exists (even if it is stopped) and the node for this machine also exists on the Chef Server. So the component list will show the available recipes with the recipes in the run list for that node selected. So the component list always reflects the real recipe state for the virtual machine.

If someone updates the node directly in the Chef Server management console, Abiquo will detect this change and always display the right information.

  • No labels