Chef Software provides a DevOps automation platform for Linux and Windows that enables the management of both physical and virtual server configurations. The Chef VM Extension is an extension that enables Chef on virtual machines.
The Chef VM Extension requires that the target virtual machine is connected to the internet in order to retrieve the Chef Client payload from the content delivery network (CDN).
Extension schema
The following JSON shows the schema for the Chef VM Extension. The extension requires at a minimum the Chef Server URL, the Validation Client Name and the Validation Key for the Chef Server; these values can be found in the knife.rb file in the starter-kit.zip that is downloaded when you install Chef Automate or a standalone Chef Server. Because the validation key should be treated as sensitive data, it should be configured under the protectedSettings element, meaning that it will only be decrypted on the target virtual machine.
Azure VM extensions can be deployed with Azure Resource Manager templates. Templates can be used to deploy one or more virtual machines, install the Chef Client, connect to the Chef Server and the perform the initial configuration on the server as defined by the Run-list
A sample Resource Manager template that includes the Chef VM Extension can be found in the Azure quickstart gallery.
The JSON configuration for a virtual machine extension can be nested inside the virtual machine resource, or placed at the root or top level of a Resource Manager JSON template. The placement of the JSON configuration affects the value of the resource name and type. For more information, see Set name and type for child resources.
Azure CLI deployment
The Azure CLI can be used to deploy the Chef VM Extension to an existing VM. Replace the validation_key with the contents of your validation key (this file as a .pem extension). Replace validation_client_name, chef_server_url and run_list with those values from the knife.rb file in your Starter Kit.
Data about the state of extension deployments can be retrieved from the Azure portal, and by using the Azure CLI. To see the deployment state of extensions for a given VM, run the following command using the Azure CLI.
az vm extension list --resource-group myResourceGroup --vm-name myExistingVM -o table
Extension execution output is logged to the following file:
You'll be able to deploy Desired State Configuration (DSC) extensions, implement those extensions to remediate noncompliant servers, and use custom script extension.