diff --git a/config/_default/menu.toml b/config/_default/menu.toml index 5bff71630f..ae9a47e309 100644 --- a/config/_default/menu.toml +++ b/config/_default/menu.toml @@ -112,12 +112,12 @@ weight = 20 title = "Chef 360 Platform" identifier = "360" -[[360]] -title = "version 1.4" -parent = "360" -identifier = "360/1.4" -url = "/360/1.4/" -weight = 10 + [[360]] + title = "version 1.4" + parent = "360" + identifier = "360/1.4" + url = "/360/1.4/" + weight = 10 [[360]] title = "version 1.3" @@ -819,6 +819,76 @@ identifier = "chef_cloud" title = "Get started" identifier = "chef_cloud/360/get_started" parent = "chef_cloud/360" + weight = 30 + + [[cloud]] + title = "Install CLIs" + identifier = "chef_cloud/360/get_started/cli" + parent = "chef_cloud/360/get_started" + url = "/360/latest/get_started/install_cli" + weight = 40 + + [[cloud]] + title = "Node management settings" + identifier = "chef_cloud/360/get_started/node settings" + parent = "chef_cloud/360/get_started" + url = "/360/latest/get_started/node_management_settings/" + weight = 50 + + [[cloud]] + title = "Enroll nodes" + identifier = "chef_cloud/360/get_started/enroll_nodes" + parent = "chef_cloud/360/get_started" + url = "/360/latest/get_started/enroll_nodes/" + weight = 100 + + [[cloud]] + title = "Run Courier jobs" + identifier = "chef_cloud/360/get_started/jobs" + parent = "chef_cloud/360/get_started" + url = "/360/latest/get_started/jobs/" + weight = 110 + + [[cloud]] + title = "User guides" + identifier = "chef_cloud/360/user_guides" + parent = "chef_cloud/360" + weight = 40 + + [[cloud]] + title = "Create and use tokens with the Chef 360 Platform APIs" + identifier = "chef_cloud/360/user_guides/apis" + parent = "chef_cloud/360/user_guides" + url = "/360/latest/apis/" + weight = 10 + + [[cloud]] + title = "Chef 360 Platform system administration" + identifier = "chef_cloud/360/user_guides/system administration" + parent = "chef_cloud/360/user_guides" + url = "/360/latest/administration/" + weight = 20 + + [[cloud]] + title = "Chef Courier" + identifier = "chef_cloud/360/user_guides/courier" + parent = "chef_cloud/360/user_guides" + url = "/360/latest/courier/" + weight = 30 + + [[cloud]] + title = "Chef Node Management" + identifier = "chef_cloud/360/user_guides/node management" + parent = "chef_cloud/360/user_guides" + url = "/360/latest/node_management/" + weight = 40 + + [[cloud]] + title = "Update skills" + identifier = "chef_cloud/360/user_guides/update skills" + parent = "chef_cloud/360/user_guides" + url = "/360/latest/node_management/skills/skill_assembly/#update-a-skill-assembly" + weight = 50 [[cloud]] title = "Chef SaaS" diff --git a/content/360/saas/get_started/enroll_nodes.md b/content/360/saas/get_started/enroll_nodes.md deleted file mode 100644 index b62ed3c8f8..0000000000 --- a/content/360/saas/get_started/enroll_nodes.md +++ /dev/null @@ -1,291 +0,0 @@ -+++ -title = "Enroll nodes" - -[menu.cloud] -title = "Enroll nodes" -identifier = "chef_cloud/360/get_started/enroll_nodes" -parent = "chef_cloud/360/get_started" -weight = 100 -+++ - -When you enroll a node into a node cohort, Chef 360 Platform installs the Chef skills and skill settings that are defined for all nodes in that cohort. -These skills allow Chef 360 Platform to manage the node, execute Chef Courier jobs, and report back to Chef 360 Platform. - -Chef 360 Platform installs the following skills in the default skill assembly: - -- **Chef Infra Client interpreter skill**: Executes Chef Infra Client runs. -- **Courier Runner skill**: Interprets and executes Chef Courier jobs. -- **Gohai skill**: Reports node attribute data to Chef 360 Platform. -- **Inspec interpreter skill**: Executes Chef InSpec audits. -- **Node Management agent**: Manages and installs other skills on the node. -- **Restart interpreter skill**: Restarts nodes. -- **Shell interpreter skill**: Executes shell scripts. - -For more information, see the [Chef 360 skills](https://docs.chef.io/360/1.3/node_management/skills/) documentation. - -## Node enrollment methods - -This document demonstrates two different methods of node enrollment: - -- cookbook-based enrollment -- single-node enrollment - -For more information, see the [node enrollment documentation](https://docs.chef.io/360/1.3/node_management/enroll_nodes/). - -{{< note >}} - -Chef 360 Platform doesn't support node re-enrollment. - -{{< /note >}} - -## Role requirements - -To enroll nodes, use a profile with the [node-manager role](https://docs.chef.io/360/1.3/administration/system_roles/). - -## Before you begin - -- Review the [node requirements]({{< relref "/360/saas/system_requirements#node-requirements" >}}). - -## Single-node enrollment - -Single-node enrollment allows you to enroll nodes directly from the server side. With this method, you specify the connection and configuration details for each node and upload them to Chef 360 Platform. Chef 360 Platform then connects to each node, installs Chef Habitat, Chef Node Management, and any skills or agents associated with the node's cohort. - -### Enroll Linux nodes - -To enroll a Linux node, follow these steps: - -1. Create a JSON file that defines the node connection settings: - - {{% readfile file="content/360/saas/reusable_text/json/enroll-node-linux-rsa.json" highlight="json" %}} - - {{< note >}} - - Format SSH keys in a JSON payload as a single-line string. - To add a multiline key, replace new lines with the newline character `\n`. - - Use the following command to replace new lines in a PEM file: - - ```sh - awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' - ``` - - {{< /note >}} - - Replace the following: - - - `` with the ID of the cohort that the node will be enrolled with. - - `` with a public domain name or IP address. - - `` with the SSH username to authenticate with the node. - - `` with the SSH key used to authenticate with the node. - - `` with the SSH port. Default is `22`. - - {{< note >}} - - You can also authenticate with an SSH password instead of an RSA key. To do so, replace `key` with `password` in the SSH connection settings file. For example, `"password": ""`. - - {{< /note >}} - -1. Enroll the node using the `enrollment enroll-node` command: - - ```sh - chef-node-management-cli enrollment enroll-node --body-file --profile - ``` - - The response is similar to the following: - - ```json - { - "item": { - "id": "36c570b1-798a-4530-ada5-2661dfeb3fac", - "nodeId": "e4b1b524-4e77-4448-b1a9-01b80288c898" - } - } - ``` - -### Enroll Windows nodes - -To enroll a Windows node, follow these steps: - -1. Create a JSON file that defines the node connection settings: - - {{% readfile file="content/360/saas/reusable_text/json/enroll-node-windows.json" highlight="json" %}} - - Replace the following: - - - `` with the ID of the cohort that the node will be enrolled with. - - `` with the node's public domain name or IP address. - - `` with the Windows username to authenticate with the node. - - `` with the Windows password used to authenticate with the node. - -1. Enroll the node using the `enrollment enroll-node` command: - - ```sh - chef-node-management-cli enrollment enroll-node --body-file --profile - ``` - - The response is similar to the following: - - ```json - { - "item": { - "id": "36c570b1-798a-4530-ada5-2661dfeb3fac", - "nodeId": "e4b1b524-4e77-4448-b1a9-01b80288c898" - } - } - ``` - -## Cookbook-based enrollment - -With cookbook-based enrollment, you enroll nodes from the client side by uploading a [cookbook](/cookbooks/) with enrollment settings to Chef Infra Server and then Chef Infra Client enrolls the node with Chef 360 SaaS. - -### Enroll nodes with a cookbook - -The `chef-cookbook-enroll` cookbook uses the `node_management_enroll` custom resource and a [wrapper cookbook](https://www.chef.io/blog/writing-wrapper-cookbooks) to define enrollment settings. - -To configure the cookbooks and define enrollment settings, follow these steps: - -1. Download the [`chef360-node-enroll` cookbook](https://supermarket.chef.io/cookbooks/chef360-node-enroll). - -1. Upload the `chef360-node-enroll` cookbook, which includes the `node_management_enroll` resource, to your Chef Infra Server: - - ```bash - knife cookbook upload chef360-node-enroll --cookbook-path - ``` - - Replace `COOKBOOK_DIR_PATH` with the path to your cookbook directory. - -1. Create a wrapper cookbook and add the `chef360-node-enroll` cookbook as a dependency: - - ```sh - chef generate cookbook - ``` - - In the [`metadata.rb` file](/config_rb_metadata/) of your wrapper cookbook, add the following dependency to include the `chef-cookbook-enroll` cookbook: - - ```ruby - depends 'chef360-node-enroll', '~> 1.0.0' - ``` - -1. Copy of the Chef 360 SaaS public key and add it to your wrapper cookbook: - - ```plaintext - -----BEGIN CERTIFICATE----- - MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4 - GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbF - NpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwM - zE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzET - MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQY - JKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2Ec - WtiHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUh - hB5uzsTgHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL - 0gRgykmmKPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65 - TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rU - AVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCA - wEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O - BBYEFI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNv - AUKr+yAzv95ZURUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8 - dEe3jgr25sbwMpjjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw - 8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0 - 095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVE - TI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02 - JQZR7rkpeDMdmztcpHWD9f - -----END CERTIFICATE----- - ``` - - This public key expires on March 18, 2029. - -1. Generate an access key and secret key: - - ```bash - chef-platform-auth-cli user-account self create-token --body '{"expiration": "", "name": ""}' --profile - ``` - - Replace: - - - `` with a date and time in ISO 8601 format (for example, `2027-12-31T11:42:23-05:00`). - - `` with a meaningful token name for easy identification. - - `` with a profile that has the node-manager role assigned to it. - - The response includes an access key and secret key and is similar to the following: - - ```json - { - "item": { - "accessKey": "6QIUKP4WIXD4RVAF0BQ3", - "expiration": "2027-12-31T11:42:23-05:00", - "id": "bcba5b7a-fb0b-4a62-b442-7ba7bda5e05a", - "name": "CI-CD Token", - "role": { - "id": "5fcb0235-1e56-4ece-8857-404a5d39a290", - "name": "tenant-admin" - }, - "secretKey": "x6aCg1NckQoLsQnere26fmGgD0RiWOrf4RNXBhlg" - } - } - ``` - -1. Define the `node_management_enroll` resource in your wrapper cookbook's recipe: - - ```ruby - node_management_enroll 'Enroll Node' do - chef_platform_url '' - enroll_type '' - api_port '443' - access_key '' - secret_key '' - cohort_id '' - hab_builder_url '' - root_ca - working_dir_path '' - upgrade_skills - end - ``` - - Replace: - - - `` with the fully qualified domain name (FQDN) for your Chef 360 SaaS deployment. - - `` with either `full` or `partial` depending on the form of enrollment. Use `full` unless you must `partial`. - - `` with the access key for secure communication with Chef 360 SaaS. This should be stored using an [encrypted Chef data bag](/data_bags/) or [secrets manager](/infra_language/secrets/). - - `` with the secret key for secure communication with Chef 360 SaaS. This should be stored using an [encrypted Chef data bag](/data_bags/) or [secrets manager](/infra_language/secrets/). - - `` with a valid cohort UUID. The cohort defines all skills and settings installed on the node. - - `` with the URL of the Chef Habitat Builder used by your organization. Default value: `https://bldr.habitat.sh` - - `` if TLS is enabled, with the root CA public key. For example, `node['enroll']['root_ca']`. - - `` with a temporary working directory where all required builds are downloaded. Specify a valid path based on the OS. Default value: `/tmp`. - - `` with `true` or `false`. If `true`, Chef 360 SaaS checks for the latest skill versions and installs them if found. Default value: `false`. - -1. Push the wrapper cookbook or policy to the Chef Infra Server. - - 1. If you're using a role, [upload](/workstation/knife_cookbook/#upload) the wrapper cookbook to the Chef Infra Server: - - ```bash - knife cookbook upload --cookbook-path - ``` - - 1. If you're using a Policyfile, [create `Policyfile.lock.json` file](/workstation/ctl_chef/#chef-install) and [push](/workstation/ctl_chef/#chef-push) the Policyfile to Chef Infra Server: - - ```bash - chef install - chef push - ``` - -1. Include the wrapper cookbook in your node's run-list by adding it to a role or Policyfile. See the [run-list](/run_lists/) and [role](/roles/#manage-roles) documentation for more information. - - The next time Chef Infra Client runs, it executes the `node_management_enroll` resource and the node is enrolled with Chef 360 SaaS. - -## Check the node enrollment status - -{{< readfile file="content/360/saas/reusable_text/md/node_enrollment_status_node_id.md" >}} - -## Verify that the skills are installed - -- Verify that the skills are installed: - - ```sh - chef-node-management-cli management node find-one-node --nodeId --profile - ``` - - The response includes a list of the installed skills. - -## Next step - -- [Create a Courier job]({{< relref "jobs.md" >}}). diff --git a/content/360/saas/get_started/install_cli.md b/content/360/saas/get_started/install_cli.md deleted file mode 100644 index 19f5accbf4..0000000000 --- a/content/360/saas/get_started/install_cli.md +++ /dev/null @@ -1,165 +0,0 @@ -+++ -title = "Install CLIs and register your workstation" - -draft = false - -[menu.cloud] -title = "Install CLIs" -identifier = "chef_cloud/360/get_started/cli" -parent = "chef_cloud/360/get_started" -weight = 40 -+++ - -This page documents how to download and install the Chef 360 SaaS CLIs and register your workstation with your Chef 360 SaaS deployment. - -## Prerequisites - -- [Chef 360 SaaS is configured]({{< relref "set_up" >}}). -- `/usr/local/bin` is present in the PATH environment variable. - -## Install CLIs - -{{< readfile file="content/360/saas/reusable_text/md/clis_install_saas.md" >}} - -## Install and configure the bash-completion package - -{{< readfile file="content/360/saas/reusable_text/md/install_bash_completion.md" >}} - -## Verify profiles - -{{< readfile file="content/360/saas/reusable_text/md/clis_verify_profiles.md" >}} - -## Assign the Node Manager and Courier Operator roles - -The `node-manager` and `courier-operator` roles allow you to manage nodes, manage skills on nodes, and run Chef Courier jobs. - -Before you begin, ensure you have: - -- Your user ID. Use the `user-account identity get-self-user` subcommand to get your user ID. -- The name of a profile with the org-admin role. - -Follow this step to give your user account the `node-manager` and `courier-operator` roles: - -- Assign the `node-manager` role and `courier-operator` role using the `user-account user assign-role` subcommand: - - ```sh - chef-platform-auth-cli user-account user assign-role --body '{"name": "node-manager", "roleId": "6e7df273-928b-41ec-b6f6-e3f5138a6f9e"}' --userId --profile - ``` - - ```sh - chef-platform-auth-cli user-account user assign-role --body '{"name": "courier-operator", "roleId": "ac12c3a6-95f7-429d-b3fc-584ce1cf74de"}' --userId --profile - ``` - - Replace: - - - `` with your user ID. - - `` with your profile that has the org-admin role. - -## Create profiles for the Node Manager and Courier Operator roles - -Create a profile _for each role_ that you added to your user account in the previous step. - -To create a profile, follow these steps: - -1. Create a profile using the `register-device` subcommand that associates your workstation with a specific tenant, organization, and role: - - ```sh - chef-platform-auth-cli register-device --device-name --profile-name --url - ``` - - {{< note >}} - - If you've configured Chef 360 SaaS with a system-generated or custom certificate in the API/UI settings, use the following CLI arguments: - - - If you don't have the root certificate authority, use the `--insecure` flag. This flag skips certificate validation. - - If have the root certificate authority present, use the `--cafile ` flag. - - {{< /note >}} - - Replace: - - - `` with a name for the workstation. - - `` with a profile name for the role that this profile will use. For example, add the `courier-operator` profile name for the `courier-operator` role. - - `` with the tenant URL, for example `https://chef360.example.com:31000`. - - The CLI responds with an authorization code that includes a link to log into Chef 360 SaaS. - - ```sh - Device Id : ac:de:48:00:11:22-admin-chef-courier-cli - Device Name : - OAuth Code : - - Please log in and authorise the the device by using the link below: - https://chef360.example.com/platform/user-accounts/v1/identity/device/ac:de:48:00:11:22-admin-chef-courier-cli/authorise?oauthCode=&appType=chef-courier-cli&deviceName= - - Is the device authorised? (y or n) - ``` - - Paste the link into your browser and log in. - The CLI waits for the device registration process to finish in the browser. - -1. Open a browser, navigate to the link returned by the CLI, and log in if you haven't already. - -1. Select the organization and role you would like to link to this profile and select **Submit**. - - {{< figure src="/images/360/select-role.png" width="500px" alt="Chef 360 SaaS organization and role selection screen." >}} - -1. On the **Device Authorization** screen, Chef 360 SaaS shows your OAuth code and you can select an expiration date for your session. - - Chef 360 SaaS automatically refreshes your access token up to this expiration date. - - After entering this information, select **Authorize**. - - {{< figure src="/images/360/setting-expiry-token.png" alt="Chef 360 SaaS device authorization screen with OAuth token and expiration date." width="500px">}} - -1. Return to your terminal and enter `y` to continue. - - The CLI displays your device profile and your workstation is authorized to access Chef 360 SaaS services. - - ```sh - Is the device authorised? (y or n) - > y - Profile: - - [tenant-org-role] - DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli" - Url = "https://demo.chef360.io/" - OrgName = "Demo Organization" - RoleName = "org-admin" - AccessKey = "FIT3SXM...TCYK4V05Y" - SecretKey = "Cwaygh4FqE2sT...rX4wBu0hp9IE9YpzoGuX" - - Device registered successfully - ``` - -1. Optional: Test your connection by getting the role associated with your user account: - - ```sh - chef-platform-auth-cli user-account self get-role --profile - ``` - - Replace `` with the name of your profile. - -1. Optional: Set your new profile as the default profile. - - The Chef 360 SaaS CLIs use a default profile automatically in any command that accepts the `--profile` argument. - If you don't set a default profile, you will have to specify it in each command with `--profile `. - - Set a default profile: - - ```sh - chef-platform-auth-cli set-default-profile - ``` - - Replace `` with the name of the default profile. - -1. Repeat this procedure so that you have separate profiles for the Node Manager and Courier Operator roles. - -## More information - -- [Chef 360 Platform CLI reference documentation](https://docs.chef.io/360/1.3/reference/cli). -- [Chef 360 Platform roles documentation](https://docs.chef.io/360/1.3/administration/system_roles/) - -## Next step - -- [Review the node management settings]({{< relref "node_management_settings" >}}) diff --git a/content/360/saas/get_started/jobs.md b/content/360/saas/get_started/jobs.md deleted file mode 100644 index 4d4c0e8b07..0000000000 --- a/content/360/saas/get_started/jobs.md +++ /dev/null @@ -1,309 +0,0 @@ -+++ -title = "Run a Courier job on a node" - -[menu.cloud] -title = "Run Courier jobs" -identifier = "chef_cloud/360/get_started/jobs" -parent = "chef_cloud/360/get_started" -weight = 110 -+++ - -A Courier job specifies the actions to perform, the schedule for execution, and the target nodes where the actions will run. Jobs can execute multiple actions, across multiple nodes, and can run multiple times as defined by the schedule. - -## How jobs are executed on a node - -Chef 360 SaaS uses skills to execute Courier jobs. -For example, the Courier Runner is a skill that interprets jobs and executes them, the Shell interpreter is a skill that executes shell scripts included in a job, and the Node Management agent is a skill that manages nodes and other skills. - -In this example, the Courier Runner skill interprets the job definition and passes a shell command to the Shell interpreter. - -## Before you begin - -- You'll need at least one [enrolled node]({{< relref "enroll_nodes.md" >}}). - -## Define a job - -You define a job with a job template, which is a JSON, YAML, or TOML file that tells Chef Courier the name of the job, when the job should run, the nodes that the job should run on, and the actions that the job should take. - -This job template creates a job that's executed on one node, it runs immediately, and runs the `sleep 10` command using the Shell interpreter skill. - -1. Get the ID of an enrolled node: - - ```sh - chef-node-management-cli management node find-all-nodes - ``` - -1. Create a JSON file with the following job definition: - - {{% readfile file="_vendor/github.com/chef/samples/courier-job-examples/create-job-simple.json" highlight="json" %}} - - Replace the node ID in the JSON file with the node identifier of an enrolled node. - -## Submit the job - -When you send the job to Chef 360 SaaS, the Courier Dispatcher sends the job definition to the Courier Runner on the specified node which determines when and how to run the job. -You can submit a job definition using a JSON, YAML, or TOML file. The default format is JSON. - -- Add the job run using the job template file: - - ```sh - chef-courier-cli scheduler jobs add-job --body-file --profile - ``` - - The default file format is JSON, you can also submit the job using YAML or TOML using the `--body-format` option. For example: - - ```sh - chef-courier-cli scheduler jobs add-job --body-file create-job-simple.yaml --body-format yaml - ``` - - The response is similar to the following: - - ```json - { - "item": { - "exceptionReasons": [], - "id": "61013744-bd6e-437c-a995-b6211318624e", - "nextExecutionTime": "2024-03-27T14:57:20.551342549Z" - } - } - ``` - - The output includes the job ID (`61013744-bd6e-437c-a995-b6211318624e` in the example response), which can be used to for tracking the job. - -## Get the job instance details - -A job instance is created every time the job executes. This job is set to run immediately, so only one job instance is created. - -- Get the details of the job instance using the job ID: - - ```sh - chef-courier-cli state instance list-all --job-id --profile - ``` - - The response is similar to the following: - - ```json - { - "items": [ - { - "actionSpec": { - "accessMode": "agent", - "steps": [ - { - "command": { - "linux": [ - "sleep 10" - ] - }, - "conditions": [], - "description": "", - "expectedInputs": {}, - "failureBehavior": { - "action": "retryThenFail", - "retryBackoffStrategy": { - "arguments": [ - 1, - 3, - 5 - ], - "delaySeconds": 0, - "type": "none" - } - }, - "inputs": {}, - "interpreter": { - "name": "chef-platform/shell-interpreter", - "skill": { - "maxVersion": "", - "minVersion": "1.0.0" - } - }, - "limits": { - "cores": 0, - "cpu": 1, - "timeoutSeconds": 0 - }, - "name": "sleep", - "outputFieldRules": {}, - "retryCount": 2 - } - ] - }, - "createdAt": "2024-07-12T01:10:20.064474Z", - "id": "befe88f3-ac3f-4bad-9e1a-6017332929ab", - "jobId": "448ecaf3-5e44-4e7b-9e98-62dfa8c69b1c", - "lastUpdatedBy": "00000000-0000-0000-0000-000000000000", - "status": "running", - "targetSpec": { - "executionType": "sequential", - "groups": [ - { - "batchSize": { - "type": "number", - "value": 1 - }, - "distributionMethod": "batching", - "filter": null, - "filterId": "00000000-0000-0000-0000-000000000000", - "listId": "00000000-0000-0000-0000-000000000000", - "nodeIdentifiers": [ - "1f4c680d-4dc6-4edf-83b6-ded81388f244", - "020ab866-9d3d-4ca7-919d-c21b4f9ef2a4", - "925f244c-65b4-4ab9-9ebd-4b17f8e2277b" - ], - "nodeListType": "nodes", - "successCriteria": [ - { - "numRuns": { - "type": "percent", - "value": 100 - }, - "status": "success" - } - ], - "timeoutSeconds": 60 - } - ] - }, - "updatedAt": "2024-07-12T01:10:20.064474Z" - } - ], - "pagination": { - "itemsPerPage": 10, - "nextLink": "", - "page": 1, - "pageItemCount": 1, - "previousLink": "", - "startIndex": 1, - "totalItems": 1, - "totalPages": 1 - } - } - ``` - - The response includes the job instance ID (`"id": "befe88f3-ac3f-4bad-9e1a-6017332929ab"`), which you can use to track the job instance. - -## Get job run details - -A job run is created for each target node in a job instance. - - - -- Request the details of each job run using the instance ID: - - ```sh - chef-courier-cli state instance list-instance-runs --instanceId --profile - ``` - - The response is similar to the following: - - ```json - { - "items": [ - { - "groupNumber": 0, - "lastUpdateTime": "2024-03-27T15:00:09.185273Z", - "nodeId": "03ba18c0-68b2-43ba-93fd-b6952443421e", - "receivedTime": "2024-03-27T14:58:57.226555Z", - "runId": "496f0d9a-f0be-4cb7-8cbb-2285b5c42045", - "status": "success" - }, - { - "groupNumber": 0, - "lastUpdateTime": "2024-03-27T14:58:48.582415Z", - "nodeId": "2768a3b5-f5a6-45ae-a8b6-42d531c6416a", - "receivedTime": "2024-03-27T14:57:51.753876Z", - "runId": "306d3a00-d483-4aa2-bb09-1cd8c91c15e8", - "status": "success" - }, - { - "groupNumber": 1, - "lastUpdateTime": "2024-03-27T14:58:51.090507Z", - "nodeId": "a8b1f470-fedc-45e8-ba0a-b26dd551c1d0", - "receivedTime": "2024-03-27T14:57:49.229442Z", - "runId": "376226b9-f916-42a1-8620-a4636598c5e5", - "status": "success" - }, - { - "groupNumber": 1, - "lastUpdateTime": "2024-03-27T14:59:58.186538Z", - "nodeId": "acb38595-64af-4532-8589-2aeb2ad876fc", - "receivedTime": "2024-03-27T14:58:55.934629Z", - "runId": "22d7d6a9-33b5-4565-8575-2f2ee24a06a1", - "status": "success" - }, - { - "groupNumber": 1, - "lastUpdateTime": "2024-03-27T15:01:05.766027Z", - "nodeId": "e4b1b524-4e77-4448-b1a9-01b80288c898", - "receivedTime": "2024-03-27T15:00:03.220273Z", - "runId": "56960929-ca32-463a-bc6e-c0a6cca4f89d", - "status": "success" - } - ], - "totalItems": 5 - } - ``` - - Each job run has a run ID. You can use the job run IDs to get information about each step of a job run. - - In this example, the run IDs are: - - - `"496f0d9a-f0be-4cb7-8cbb-2285b5c42045"` - - `"306d3a00-d483-4aa2-bb09-1cd8c91c15e8"` - - `"376226b9-f916-42a1-8620-a4636598c5e5"` - - `"22d7d6a9-33b5-4565-8575-2f2ee24a06a1"` - - `"56960929-ca32-463a-bc6e-c0a6cca4f89d"` - - - -## Get the job run step details for a run - -- Use the job run ID to get a list of steps executed during a job run: - - ```sh - chef-courier-cli state run list-steps --runId --profile - ``` - - ```json - { - "items": [ - { - "inputs": "", - "interpreterPath": "/hab/pkgs/chef-platform/shell-interpreter/0.1.3/20240318113204/bin/shell-interpreter", - "interpreterVersion": "", - "numAttempts": 1, - "outputs": "", - "reason": "", - "status": "success", - "stepNumber": 1 - } - ], - "totalItems": 1 - } - ``` - -## Debug Chef Courier jobs - -You can also review the job step details by connecting to a node with SSH and checking the Courier Runner logs. - -For a Linux node: - -```sh -cd /hab/svc/courier-runner/logs -tail -f courier-log -``` - -For a Windows node: - -```powershell -cd C:\hab\svc\courier-runner\logs -gc .\courier-log -Wait -``` - -## More information - -To define and run jobs, see the following documentation: - -- [Create a Courier job](https://docs.chef.io/360/1.3/courier/jobs/). -- [Create a Courier job template](https://docs.chef.io/360/1.3/courier/jobs/template/). diff --git a/content/360/saas/get_started/node_management_settings.md b/content/360/saas/get_started/node_management_settings.md deleted file mode 100644 index 4f5f268ab7..0000000000 --- a/content/360/saas/get_started/node_management_settings.md +++ /dev/null @@ -1,159 +0,0 @@ -+++ -title = "Node management settings" - -[menu.cloud] -title = "Node management settings" -identifier = "chef_cloud/360/get_started/node settings" -parent = "chef_cloud/360/get_started" -weight = 50 -+++ - -When you first deploy Chef 360 Platform or you create a new organization with the default skill assembly and default node management settings, -Chef 360 Platform adds the default node cohort to your organization with those default settings. - -## Cohort - -The default node cohort is called `sample-node-cohort`. -All nodes enrolled in this cohort get the default Node Management agent settings, skill assembly, and skill override settings that are described on this page. - -To get a list of cohorts in an organization, use the following command: - -```sh -chef-node-management-cli management cohort find-all-cohorts --profile -``` - -## Node Management agent - -The Node Management agent is a special skill that manages the node and installs and manages the skills defined in the skill assembly. - -{{< readfile file="/360/saas/reusable_text/md/node_management_agent_default_settings.md" >}} - -### Optional: Modify Node Management agent settings - -You can modify the Node Management agent settings. -For example, you can configure it to fetch skills from your own deployment of Habitat Builder. - -{{< accordion-list data-allow-all-closed="true" >}} -{{< accordion-item accordion-title="Optional: Modify Node Management agent settings" >}} - -If you want to modify the Node Management agent settings, follow these steps: - -1. Create a JSON file with the following settings: - - ```json - { - "settings": [ - { - "name": "authToken", - "value": "" - }, - { - "name": "bldrUrl", - "value": "" - }, - { - "name": "bldrChannel", - "value": "" - }, - { - "name": "logLevel", - "value": "" - }, - { - "name": "nodeCheckinInterval", - "value": "" - }, - { - "name": "updateSkillMetadataInterval", - "value": "" - } - ], - "skillName": "node-management-agent" - } - ``` - - Replace: - - - `` with the Chef Habitat Builder URL. Use `https://bldr.habitat.sh` for Chef's Habitat Builder or the URL of your own Habitat Builder deployment. - - `` with the release channel from which to install skills. For example, `stable`. - - `` with the interval (in seconds) at which check-in occurs. Values start at `3600` (1 hour). - - The check-in interval splay is automatically set to a value between zero and half the check-in interval time. - - - `` with the interval (in seconds) at which skill definitions are updated. Values start at `3600` (1 hour). - - The update skill interval splay is automatically set to a value between zero and half the check-in interval time. - - - ``: The logging level of the agent. For example, `debug`. - - Supported log levels: - - `debug` - : Reports detailed information that can aid in identifying issues or debugging a workload. This includes the info, warn, and error logs. - - `info` - : Reports general information about the system's operations. - - `warn` - : Reports potential failures, but the operation can continue functioning for the time being. - - `error` - : Reports errors that prevent the execution of an operation. - -1. Get the override settings ID with the `find-all-settings` command: - - ```sh - chef-node-management-cli management setting find-all-settings --profile - ``` - -1. Update the Node Management agent settings with the `update-skillSettings` command: - - ```sh - chef-node-management-cli management setting update-skillSettings \ - --skillName node-management-agent \ - --body-file \ - --settingId \ - --profile - ``` - -{{< /accordion-item>}} -{{< /accordion-list >}} - -## Skill assembly - -A skill assembly defines the skills and skill versions installed on all nodes in a cohort. - -{{< readfile file="/360/saas/reusable_text/md/skill_assembly_default.md" >}} - -`sample-skill-assembly` includes the latest versions of all skills: - -{{< accordion-list data-allow-all-closed="true" >}} -{{< accordion-item accordion-title="Default skill assembly" >}} -{{% readfile file="_vendor/github.com/chef/samples/cohorts/skill-assembly.json" highlight="json" %}} -{{< /accordion-item>}} -{{< /accordion-list >}} - -## Skill override settings - -Each skill has global default settings that define how the skill works and apply to all nodes unless overridden by the override settings. -Override settings override global default settings and apply to all nodes enrolled in a cohort. - -By default, Chef 360 Platform adds the following override settings for the Courier Runner and Gohai skills to the `sample-node-cohort` cohort: - -{{< accordion-list data-allow-all-closed="true" >}} -{{< accordion-item accordion-title="Default override settings" >}} -{{% readfile file="_vendor/github.com/chef/samples/cohorts/node-override-setting.json" highlight="json" %}} -{{< /accordion-item>}} -{{< /accordion-list >}} - -## More information - -- [Node Management agent](https://docs.chef.io/360/1.3/node_management/skills/node_agent/) -- [Chef skills](https://docs.chef.io/360/1.3/node_management/skills/) -- [Skill assembly](https://docs.chef.io/360/1.3/node_management/skills/skill_assembly/) -- [Skill override settings](https://docs.chef.io/360/1.3/node_management/skills/override_settings/) -- [Managing node cohorts](https://docs.chef.io/360/1.3/node_management/node_cohort/) - -## Next step - -- [Enroll nodes with Chef 360 Platform]({{< relref "enroll_nodes" >}}) diff --git a/content/360/saas/get_started/set_up.md b/content/360/saas/get_started/set_up.md index 68cda42a01..27e3564e2c 100644 --- a/content/360/saas/get_started/set_up.md +++ b/content/360/saas/get_started/set_up.md @@ -59,4 +59,4 @@ If your login failed because you forgot your password or you missed the five min ## Next step -- [Install Chef 360 CLIs]({{< relref "install_cli" >}}) +- [Install Chef 360 CLIs](https://docs.chef.io/360/latest/get_started/install_cli)