If you upgrade your blueprint design server to version 6.2.1 or later, you might need to
modify references to the Chef validator key before you provision environments from existing
blueprints.
In version 6.2.1 of the blueprint design server, the method of providing the Chef validator
key changed. Instead of obtaining the key value from an external location during provisioning, the
blueprint design server itself provides the key value to the Chef server.If you used Chef in
versions of the blueprint designer before 6.2.1 and upgraded to version 6.2.1 or later, you might
need to modify your existing blueprints before you provision an environment from it. For example, if
you are using a different Chef server or stopped hosting the key value in an external location, you
must make the following changes before you provision.
-
Add a chef_validator_key parameter.
The parameter resembles the following
code:
chef_validator_key:
type: string
description: 'The Chef validator private key'
hidden: true
-
In the OS::Heat::SoftwareDeployment resource for each Chef role, replace
the CHEF_VALID_PEM_URL input value property with the
CHEF_VALIDATOR_KEY input value property.
The input property must reference the
chef_validator_key parameter and
resembles the following
code:
Chef_role:
type: OS::Heat::SoftwareDeployment
properties:
config: { get_resource: Chef_role_sw_config }
server: { get_resource: image }
input_values:
CHEF_VALIDATOR_KEY: { get_param: chef_validator_key }
-
In the OS::Heat::SoftwareConfig resource for the Chef roles, replace the
CHEF_VALID_PEM_URL input property with the
CHEF_VALIDATOR_KEY input property.
The input property must reference the
chef_validator_key parameter and
resembles the following
code:
Chef_role_sw_config:
type: OS::Heat::SoftwareConfig
properties:
group: chef
inputs:
- name: CHEF_VALIDATOR_KEY
type: String