In this guide I will walk you through installing and configuring the new Chef Plugin for vRealize Orchestrator. This allows vRO to automate common tasks in Chef as well as integrate with cloud automation solutions like vRealize Automation. The plug-in includes out of the box workflows for the most common Chef tasks so there is no need for you to reinvent the wheel creating your own custom workflows anymore. Let’s get started.
Pre-Reqs:
Open the vRealize Orchestrator Control Center and login as root and what ever password you set when you first installed the appliance.
Browse to the plugin’s then click Manage plugin’s
Browse to the Chef plugin and click install
Accept the EULA and click install
Next, we need to restart the vRO server, click the Home link
Now click startup options
No login to the vRO client and change to RUN view then go to the plugins tab to verify that the Chef Plugin was installed
Now go back to the workflows tab and go to library folder, then CHEF then Configuration and run the Add Chef Host Workflow
You will need a user created on the Chef Server with Admin access and you will also need the Client PEM private Key
To verify everything is talking, run the Add New Roles workflow
Browse to the Chef Server we added earlier and enter a name for the new Role and click submit
Back on the Chef Server verify the new role was created
You’re all ready to control Chef from vRealize Orchestrator! Enjoy!
Pingback: How to integrate vRealize Automation 7 with Chef – VMtoCloud.com
Simply want to say your article is as surprising. The clearness on your put up is simply
spectacular and that i can assume you’re a professional on this
subject. Fine along with your permission let me to grasp your
RSS feed to keep up to date with coming near near post.
Thanks 1,000,000 and please keep up the gratifying work.
Error from Chef Server: “Invalid signature for user or client ‘chfadmin'” (Workflow:Add New Role / Add Role (item2)#1) – test
[2016-09-26 22:18:28.455] [E] Workflow execution stack:
Base off of step Browse to the Chef Server we added earlier and enter a name for the new Role and click submit
Is this
Wrong Pem
I do the same thing all the time! Glad you figured it out.
Hello Ryan,
I believe some steps you’re missing in this tutorial which is relevant to install chef-client on user VM. I follow all of your steps but getting only hostname entries in chef server when node added.
I logged to user VM and checked but chef client packages not installed.
Hi Ryan,
Thanks for sharing the great blog and in details description, appreciate your efforts for sharing the knowledge..
I have followed your steps and able to integrate chef with VRA but still my provisioned VMs doesn’t have the chef client installed.. also please share if there is any links for windows VM chef agent integration tutorials.
Hi Sunil,
Thank you for the kind words. Does the provisioned VM have access to the internet? The procedure is expecting to be able to pull binaries from Chef over the internet.
Can I install a plugin using API REST?
I would like to do it automatically.
were are running into a issue with the chef.guestaccount which seems will only work as root. Even with the password encrypted it shows up as plain text under the deployment properties. if I check the vm properties file it is encrypted. We are running a script to change the password after deployment. Unfortunately we have to wait until the Chef pieces are completed which leaves the box opne to hacking with the root account for a few minutes,. Is there anyway to get that password encrypted under the deployment properties?
Hi Ryan, this is an excellent post, thank you for sharing this. I do have a question for you sir, I am running into a problem when testing “Add New Role”, getting (Error from Chef Server: “Invalid signature for user or client ‘tkhan'” (Workflow:Add New Role / Add Role (item2)#1)). I found two .pem certs on my Chef server, the user cert (tkhan.pem) and the organization cert (/etc/opscode/cumulus-validator.pem). I’ve unregistered/registered my Chef server with both certs, yet Add New Role testing still fails. Any thoughts on how to rectify this? Thank you kindly.
Regards,
Tony
Issue fixed, I was keep trying the server certs. The correct cert was found under Chef Workstation under “/root/chef-repo/.chef/tkhan.pem”. Thanks again.
Hi Ryan My developers want vra to insert the org secret file onto the vm, I add the key to the field yet on the vm that is created the org secret key is not installed. The Developers are expecting a key file created. It seems like a simple process yet not seeing the file. Also they would like to us 2 separate keys one for production and a separate key for non prod. Looking at the process listed about wondering how to make that work as it looks like it would just overwrite. Thanks for any help provided
Have you already completed this? https://www.vmtocloud.com/how-to-integrate-vrealize-automation-7-with-chef/ when we provision the VM from vRA the workflow creates the secret key in the guest then registers with the Chef Server. Also we have a Chef and vRA slack group over at VMware code https://code.vmware.com/home may want to post this question there as well.
Comecei a fazer curso e a criar meu primeiro projeto. http://formulanegocioonline.download/blog
I have followed same and added chef plugin in vra 8.13 and then added chef host but after that when i tried to execute chef get roles worklfow i got ssl error
ERRORError in (Workflow:Chef Server Status / Get Status (item1)#54824) javax.net.ssl.SSLException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
please help me out for this
Did you upload the SSL cert from your Chef server into vRO?