chef-partners/azure-chef-extension

Setup a air-gap environment on msdn2 azure account so internally publish extension can be tested on it.

Closed this issue · 1 comments

NAshwini commented

Setup a air-gap environment on msdn2 azure account so internally publish extension can be tested on it.

Reference links:
https://docs.chef.io/install_chef_air_gap/

NAshwini commented
  1. Able to solve issue of downloading chef-server package from azure storage blob by adding required security rules to network security group. Done chef-server installation on the node. But facing issue while accessing chef server url.
  2. Able to solve issue of while accessing chef server url. Working on chef-workstation setup, for that uploading of package on storage blob is done.
  3. Was able to boostrap the node after doing the setup but found that ist not working as airgap system as there to fro requirement of 443 port which bought the system to break airgap setup
  4. Able to resolve issue of fetching chef-server with 443 port
  5. Airgap setup:
    a) After digging some more and with help of @vasundhara resolved issue of knife ssl fetch .
    b) Currently I am facing issue while login az cli without interactive mode such as az login -u 'username' -p 'password' digging it (reference: https://stackoverflow.com/questions/45677361/azure-cli-initialization-saying-invalid-login).
    c) Even was facing issue while installing az cli in workstation in airgap system, as here we don't have just an installer which we can upload to storage blob hence looking into this too.
  6. Able to run azure-chef-extension commands properly but was facing issue while creating client due to ssl error. i.e [2020-08-13T05:42:00+00:00] ERROR: SSL Validation failure connecting to host: . where normal bootstrap was able to do successfully. Able to solve issue by adding --settings "{ 'bootstrap_options': { 'chef_server_url': 'https://chefserver.cloudapp.azure.com/organizations/ashmsysorg', 'chef_node_name': 'ashvm', 'node_ssl_verify_mode': 'none' }
  7. Made some inbound changes and did testing with windows 2019, ubuntu 18 and redhat8. Normal bootstrap is working as expected in this setup.