Project

General

Profile

Actions
Copy link

Feature #18109

open

Working with many chef organization

Added by Pierre Deprey over 7 years ago. Updated almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
smart_proxy_chef
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Hello,

Actually, we can only use one organization with the following parameter in chef.yml:

:chef_server_url: https://<myurl>/organizations/<myorganization>

It may be great if chefserver organization match organization used in foreman.
I'm working with a fact which automatically set the good foreman organization (an ohai plugin push the chef organization).
The foreman host is automatically set with the good organization.

But smart proxy cannot access to the node on chef. this generate the error in proxy.log:

E, [2017-01-17T09:15:06.916063 ] ERROR -- : Could not find client with name <NAMEOFCLIENT>

Best Regards

Actions
Copy link
 #1

Updated by Marek Hulán over 7 years ago

I never tried it myself but it was supposed to work like this. Each chef organization meant to be communicating through separate smart proxy. The parameters that are used during chef-client bootstrap should be overridden per Foreman Organization, so e.g. validation.pem can be different (unless you use pivotal), or chef server url. I know it's not optimal but smart proxy is currently not aware of organizations. So to achieve fully multi-tenant setup, it's better to have smart proxy per organization. If we had smart proxy running in docker that would be quite easy.

Is this something that could be applied in your env?

Actions
Copy link
 #2

Updated by Pierre Deprey over 7 years ago

hello,

I'm working on your solution with docker.
I will reply when the process is finished and tested :)

Actions
Copy link
 #3

Updated by Marek Hulán over 7 years ago

Not sure if this could help, but there was some work done on core projects at https://github.com/shlomizadok/foreman-docker-compose

Actions
Copy link
 #4

Updated by Levi Smith almost 7 years ago

If anyone is still trying to work through this.

We made a smart proxy w/ chef plugin container specifically for doing multi-org connections.

GH: https://github.com/HearstAT/docker_foreman_smart_proxy_chef
(Note: going to add swam instructions soon)
DH: https://hub.docker.com/r/hearstat/chef-smart-proxy/
(Note: only dev tag at the moment, should have a versioned release after I finalize testing)

Let me know if the README doesn't cover something you're looking for.

-Levi

Actions
Copy link
 #5

Updated by Marek Hulán almost 7 years ago

Thanks Levi, this is great. I'm looking forward to test it in my dev setup.

Actions
Copy link

Also available in: Atom PDF