Chef

Using Chef for Automated Configuration Management

Abandoned

We’ve decided that Azure ARM + ESRI PowerShell DSC will be our automation tools of choice.

Introduction

Chef is a well known tool in the system admin field. ESRI has resources available to facilitate shops like ours in getting started. Chef provides ad hoc server maintenance task options, but more importantly facilitates codified configuration.

Chef can spin up Azure VMs.
Chef can install windows services.
Chef can install and configure most parts of the ArcGIS Enterprise stack.

Limitations

You can't walk too far off the path of the ESRI demo / script before you run into trouble. I have issues posted to a few places:

• https://github.com/Esri/arcgis-cookbook/issues/173

• https://community.esri.com/thread/214026-chef-cookbook-stops-when-installing-arcgis-server

  • solved

• Received a low-memory warning when installing on a VM with 4gb memory

  • ESRI recommends at least 8GB of RAM

Configuring ESRI

The ESRI GitHub has a wiki page outlining a large part of what we're looking for:
https://github.com/Esri/arcgis-cookbook/wiki/Automate-a-multi-machine-ArcGIS-Enterprise-deployment-on-Windows-using-Chef-Server

Configuring Azure

There are components of Chef that wrap Azure PowerShell module scripts.

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/chef-automation?toc=%2Fazure%2Fvirtual-machines%2Fwindows%2Ftoc.json

Trial run

VM Settings

Enable access on ports 80 (HTTP), 443 (HTTPS), 3389 (RDP), and 5985 (WinRM). See this

Workstation

Install ChefDK from PowerShell with this command, updated to current version:

PS > . { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -project chefdk -channel stable -version 3.3.23

This creates a Chef-specific PowerShell:

This also installs Git for Windows. Configure Git with your name and email

Install a code editor with syntax highlighting that supports JSON, Ruby. Suggesting Visual Studio Code.

Sample Node

A basic Windows Server VM, configured the same way as the Workstation. Probably done in our setup, but the tutorial suggests configuring the firewall with this PowerShell command:

Get-NetFirewallPortFilter | ?{$_.LocalPort -eq 5985 } | Get-NetFirewallRule | ?{ $_.Direction -eq "Inbound" -and $_.Profile -eq "Public" -and $_.Action -eq "Allow"} | Set-NetFirewallRule -RemoteAddress "Any"

Remote Management using winRM required the following PowerShell script run:

PS > Enable-PSRemoting -Force

Bootstrapping the managed node

Note that the ESRI cookbooks, at the time of writting, require a version of the chef client < 14.0.0. Also, the ChefDK terminal didn't handle storing a variable properly. Run this from the standard windows PowerShell:

!!! Timed out !!!
Try the local IP in this case, assuming the workstation is also an azure machine. Or just try this a second time.

You can specify a run list, defining recipes or roles to run. Those recipes/roles need to be uploaded to the chef server first.

PS > knife bootstrap ... --run-list 'recipe[learn_chef_iis]

Mounting file-share with installation media

This is done using our egis-azure::init recipe. But you can do it from PowerShell

egis-azure

The DevOps repo "Chef" contains an EGIS specific cookbook to get our Azure VMs ready (mounting a file share with install files), and a matching Role to install ArcGIS Enterprise on one node.

Initial installation instructions have been added to the README.md file

To do

• WinRM connection from TC desktop

• Configure keystore_file option

• Consider setting "post_install_script" to call Jon's python script to init content

• Consider VM image with chef-client pre-installed

  • Azure VM Chef Extension

• Similar research on AWS platform

Recipes that work

The following recipes succeed given the current configuration:

References

• https://www.chef.io

• https://learn.chef.io for training

• Setup a VM