1 ===============================
2 APPC Chef Adapter Documentation
3 ===============================
5 This wiki provides documentation regarding the design, capabilities and usage of the Chef Extension for APPC.
7 The Chef Extension for APPC allows management of VNFs that support Chef through the following two additions:
9 1. An APPC Chef Adapter
10 2. Chef Directed Graph (DG)
12 Details of each of these two aspects are listed below:
14 1. **Chef Directed Graph (DG)**:
16 +------------+--------+
18 +============+========+
20 +------------+--------+
22 +------------+--------+
24 +------------+--------+
26 The inputs that the Chef DG expects are listed below:
28 Table 1: Input Parameters to the Chef Directed Graph
30 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
31 | Variable Name | Description | Type | Comments |
32 +=====================+===========================================================+============+===========================================+
33 | chef-server-address | The FQDN of the chef server | Mandatory | Should be provided by APPC. |
34 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
35 | chef-organization | The chef organization name | Mandatory | Should be provided by APPC. |
36 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
37 | chef-username | The username of the chef organization | Mandatory | Should be provided by APPC. |
38 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
39 | Environment | A JSON dictionary representing a Chef Environmentobject. | Optional | To be provided in template by VNF owner. |
40 | | If the VNF action requires loading or modifying Chef | | |
41 | | environment attributes associated with the VNF, all the | | |
42 | | relevant information must be provided in this JSON | | |
43 | | dictionary in a structure that conforms to a Chef | | |
44 | | Environment Object. | | |
45 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
46 | Node | A JSON dictionary representing a Chef Node Object. The | Mandatory | To be provided in template by VNF owner. |
47 | | Node JSON dictionary must include the run list to be | | |
48 | | triggered for the desired VNF action by the push job. | | |
49 | | It should also include any attributes that need to be | | |
50 | | configured on the Node Object as part of the VNF action. | | |
51 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
52 | NodeList | Array of FQDNs that correspond to the endpoints (VMs) of | Mandatory | To be provided in template. |
53 | | a VNF registered with the Chef Server that need to | | |
54 | | trigger a chef-client run as part of the desired | | |
56 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
57 | CallbackCapable | This field indicates if the chef-client run invoked by | Optional | To be provided in template by VNF owner. |
58 | | push job corresponding to the VNF action is capable of | | |
59 | | posting results on a callback URL. | | |
60 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
61 | RequestId | A unique string associated with the original request | Optional | To be provided by APPC. |
62 | | by ONAP. This key-value pair will be provided by ONAP in | | |
63 | | the environment of the push job request and must be | | |
64 | | returned as part of the POST message. | | |
65 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
66 | CallbackUrl | Currently not used. | Optional | |
67 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
68 | retryTimes | The retry times to query the result of chef push job. | Mandatory | To be provided in template by VNF owner. |
69 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
70 | retryInterval | The estimate duration to finish the push job. Measure | Mandatory | To be provided in template by VNF owner. |
71 | | by milliseconds. | | |
72 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
73 | GetOutputFlag | Flag which indicates whether ONAP should retrieve output | Mandatory | To be provided in template by VNF owner. |
74 | | generated in a chef-client run from Node object | | |
75 | | attribute node[‘PushJobOutput’] for this VNF action | | |
76 | | (e.g in Audit). | | |
77 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
78 | PushJobFlag | Flag which indicates whether ONAP should trigger | Mandatory | To be provided in template by VNF owner. |
79 | | the push job. | | |
80 +---------------------+-----------------------------------------------------------+------------+-------------------------------------------+
83 Table 2: Output Variables set by chef DG
85 +-----------------------+-----------------------------------------------------------------+
86 | Variable Name | Description |
87 +=======================+=================================================================+
88 | output.status.code | Result of the request : 400 if SUCCESS , 200 if FAILURE. |
89 +-----------------------+-----------------------------------------------------------------+
90 | output.status.message | If Cookbook finished, set to corresponding message. |
91 | | If abnormal error, reported in message. |
92 +-----------------------+-----------------------------------------------------------------+
93 | output.status.results | A JSON dictionary with results corresponding to PushJobOutput. |
94 +-----------------------+-----------------------------------------------------------------+
102 2. **APPC Chef Adapter**:
106 - To connect to the chef server, APPC should load the chef server credentials.
108 - The Chef server uses role-based access control to restrict access to objects—nodes, environments, roles, data bags, cookbooks, and so on. So we need load the user's private key to authenticate the permission.
110 APPC needs to pre-load the SSL certificate and user private key.
112 The file structure is shown below:
116 *chefServerSSL.jks* file saves all the SSL certificates of chef server. In the chef server, please check the chef server setting file at */etc/opscode/chef-server.rb*. The *chef-server.rb* declares where is the SSL certificate. Find the SSL crt file and use keytool to import certificate to the key store. The password of the *chefServerSSL.jks* is "*adminadmin*"
118 The user private key file should be saved under */opt/appc/bvc/chef/{{CHEF SERVER FQDN}}/{{ORGANIZATION NAME}}* director and the file name should be *{{username}}.pem*. Please make sure this user have enough permission on the chef server.
120 .. |image0| image:: images/image0.png
121 .. |image1| image:: images/image1.png
Code Review / appc / deployment.git / blob