Install CLIs and register your workstation
This page documents how to download and install the Chef 360 Platform CLIs and register your workstation with your Chef 360 Platform deployment.
Prerequisites
- Chef 360 Platform Server is installed and running.
/usr/local/bin
is present in the PATH environment variable.
Install CLIs
Download and install the CLIs from your Chef 360 Platform Admin Console:
In the Chef 360 Platform Admin Console, select Application from the top navigation menu, select Dashboard, then select Download CLIs.
From the download page, follow the instructions to download and install each CLI tool.
After the CLIs are installed, run each CLI with the
--help
flag to verify that it’s installed:chef-courier-cli --help
chef-platform-auth-cli --help
chef-node-management-cli --help
Install and configure the bash-completion package
Each Chef 360 Platform CLI has a completion bash
subcommand. You must install the bash-completion package to run these subcommands.
To install and configure the bash-completion package, follow these steps:
Install the bash-completion package.
To install the bash-completion package on Linux systems, use the APT or Yum package manager:
sudo apt-get install bash-completion
or
sudo yum install bash-completion
To install the bash-completion package on macOS, use Homebrew:
brew install bash-completion
Configure your Bash shell.
To load the bash-completion package in every shell session by default, you must enable it in the
.bash_profile
or.bashrc
file.To enable it on Linux systems, add the following lines to the
.bash_profile
or.bashrc
file:if [ -f /etc/bash_completion ] && ! shopt -oq posix; then . /etc/bash_completion fi
To enable it on macOS, add the following lines to the
.bash_profile
or.bashrc
file:if [ -f $(brew --prefix)/etc/bash_completion ]; then . $(brew --prefix)/etc/bash_completion fi
or
if [[ -r "$(brew --prefix)/etc/profile.d/bash_completion.sh" ]]; then . "$(brew --prefix)/etc/profile.d/bash_completion.sh" fi
Register your workstation
Before you can use the Chef 360 Platform CLIs, you must register your workstation with Chef 360 Platform.
Create a profile using the
register-device
subcommand that associates your workstation with a specific tenant, organization, and role:chef-platform-auth-cli register-device --device-name <WORKSTATION_NAME> --profile-name <PROFILE_NAME> --url <TENANT_URL> --insecure
Replace:
<WORKSTATION_NAME>
with a name for the workstation<PROFILE_NAME>
with a profile name<TENANT_URL>
with the tenant URL, for examplehttps://chef360.example.com:31000
The CLI responds with an authorization code that includes a link to log into Chef 360 Platform.
Device Id : ac:de:48:00:11:22-admin-chef-courier-cli Device Name : <DEVICE_NAME> OAuth Code : <AUTHORIZATION_CODE> Please log in and authorise the the device by using the link below: https://chef360.example.com/platform/user-accounts/v1/identity/device/ac:de:48:00:11:22-admin-chef-courier-cli/authorise?oauthCode=<AUTHORIZATION_CODE>&appType=chef-courier-cli&deviceName=<WORKSTATION> Is the device authorised? (y or n)
Paste the link into your browser and log in. The CLI waits for the device registration process to finish in the browser.
Open a browser, navigate to the link returned by the CLI, and log in if you haven’t already.
Select the organization and role you would like to link to this profile and select Submit.
On the Device Authorization screen, Chef 360 Platform shows your OAuth code and you can select an expiration date for your session.
Chef 360 Platform automatically refreshes your access token up to this expiration date.
After entering this information, select Authorize.
Return to your terminal and enter
y
to continue.The CLI displays your device profile and your workstation is authorized to access Chef 360 Platform services.
Is the device authorised? (y or n) > y Profile: [tenant-org-role] DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli" Url = "https://demo.chef360.io/" OrgName = "Demo Organization" RoleName = "org-admin" AccessKey = "FIT3SXM...TCYK4V05Y" SecretKey = "Cwaygh4FqE2sT...rX4wBu0hp9IE9YpzoGuX" Device registered successfully
Test your connection by getting the role associated with your user account:
chef-platform-auth-cli user-account self get-role --profile <PROFILE_NAME>
Replace
<PROFILE_NAME>
with the name of your profile.Optional: Set your new profile as the default profile.
The Chef 360 Platform CLIs use a default profile automatically in any command that accepts the
--profile
argument. If you don’t set a default profile, you will have to specify it in each command with--profile <PROFILE_NAME>
.Set a default profile:
chef-platform-auth-cli set-default-profile <PROFILE_NAME>
Replace
<PROFILE_NAME>
with the name of the default profile.
Verify profiles
Use these commands to verify your profiles and credentials.
List all your profiles with the
list-profile-names
subcommand. For example:chef-platform-auth-cli list-profile-names
The response is similar to the following:
List of available profile names: 1. tenant1 2. default
You can use
list-profile-names
subcommand with any of the Chef 360 Platform CLIs to get a list of your profiles.Get details of your default profile using the
get-default-profile
subcommand:chef-platform-auth-cli get-default-profile
The response is similar to the following:
Default profile: [default] DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli" Url = "http://tenant-1.dev-360.example.com" OrgName = "Test OU1" RoleName = "org-admin" AccessKey = "FIT3SXM...YK4V05Y" SecretKey = "Cwaygh4FqE2s...p9IE9YpzoGuX" Cafile = "" Insecure = true
You can use
get-default-profile
subcommand with any of the Chef 360 Platform CLIs to get your default profile.Use
cat
to get the details of all profiles:sudo cat ~/.chef-platform/credentials
The response is similar to the following:
[default] DeviceId = "ac:de:48:00:11:22-user-chef-courier-cli" Url = "http://tenant-1.dev-360.example.com" AccessKey = "FIT3SXM...CYK4V05Y" SecretKey = "Cwaygh4Fq...IE9YpzoGuX" TenantId = "13ba9f46-a0c9-4c9e-9a9f-6141f8910c55" OrgName = "Test OU1" OrgId = "2a0ec5e4-3601-45f9-80d3-efb9fe1fa1e1" UserId = "3888996e-a8e6-4730-91a1-8447959e2755" RoleName = "org-admin" RoleId = "ff808dde-da38-41d2-bd2c-3202fcbb9166" AccessToken = "" RefreshToken = "" ExpiresAt = 0 [tenant1] DeviceId = "ac:de:48:00:11:22-user-chef-courier-cli" Url = "http://tenant-1.dev-360.example.com" AccessKey = "FIT3SX...V05Y" SecretKey = "Cwaygh4Fq...YpzoGuX" TenantId = "13ba9f46-a0c9-4c9e-9a9f-6141f8910c55" OrgName = "Test OU1" OrgId = "2a0ec5e4-3601-45f9-80d3-efb9fe1fa1e1" UserId = "3888996e-a8e6-4730-91a1-8447959e2755" RoleName = "org-admin" RoleId = "ff808dde-da38-41d2-bd2c-3202fcbb9166" AccessToken = "" RefreshToken = "" ExpiresAt = 0
Assign the Node Manager and Courier Operator roles
The node-manager
and courier-operator
roles allow you to manage nodes, manage skills on nodes, and run Chef Courier jobs.
Follow these steps to give your user account the node-manager
and courier-operator
roles:
Assign the
node-manager
role andcourier-operator
role using theuser-account user assign-role
subcommand:chef-platform-auth-cli user-account user assign-role --body '{"name": "node-manager", "roleId": "6e7df273-928b-41ec-b6f6-e3f5138a6f9e"}' --userId <USER_ID> --profile <ORG_ADMIN_PROFILE_NAME>
chef-platform-auth-cli user-account user assign-role --body '{"name": "courier-operator", "roleId": "ac12c3a6-95f7-429d-b3fc-584ce1cf74de"}' --userId <USER_ID> --profile <ORG_ADMIN_PROFILE_NAME>
Replace:
<USER_ID>
with your user ID<ORG_ADMIN_PROFILE_NAME>
with your profile that has the org-admin role
Create profiles for the Node Manager and Courier Operator roles
Create a profile for each role that you added to your user account in the previous step.
To create a profile, follow these steps:
Create a profile using the
register-device
subcommand that associates your workstation with a specific tenant, organization, and role:chef-platform-auth-cli register-device --device-name <WORKSTATION_NAME> --profile-name <PROFILE_NAME> --url <TENANT_URL> --insecure
Replace:
<WORKSTATION_NAME>
with a name for the workstation.<PROFILE_NAME>
with a profile name for the role that this profile will use. For example, add thecourier-operator
profile name for thecourier-operator
role.<TENANT_URL>
with the tenant URL, for examplehttps://chef360.example.com:31000
.
The CLI responds with an authorization code that includes a link to log into Chef 360 Platform.
Device Id : ac:de:48:00:11:22-admin-chef-courier-cli Device Name : <DEVICE_NAME> OAuth Code : <AUTHORIZATION_CODE> Please log in and authorise the the device by using the link below: https://chef360.example.com/platform/user-accounts/v1/identity/device/ac:de:48:00:11:22-admin-chef-courier-cli/authorise?oauthCode=<AUTHORIZATION_CODE>&appType=chef-courier-cli&deviceName=<WORKSTATION> Is the device authorised? (y or n)
Paste the link into your browser and log in. The CLI waits for the device registration process to finish in the browser.
Open a browser, navigate to the link returned by the CLI, and log in if you haven’t already.
Select the organization and role you would like to link to this profile and select Submit.
On the Device Authorization screen, Chef 360 Platform shows your OAuth code and you can select an expiration date for your session.
Chef 360 Platform automatically refreshes your access token up to this expiration date.
After entering this information, select Authorize.
Return to your terminal and enter
y
to continue.The CLI displays your device profile and your workstation is authorized to access Chef 360 Platform services.
Is the device authorised? (y or n) > y Profile: [tenant-org-role] DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli" Url = "https://demo.chef360.io/" OrgName = "Demo Organization" RoleName = "org-admin" AccessKey = "FIT3SXM...TCYK4V05Y" SecretKey = "Cwaygh4FqE2sT...rX4wBu0hp9IE9YpzoGuX" Device registered successfully
Optional: Test your connection by getting the role associated with your user account:
chef-platform-auth-cli user-account self get-role --profile <PROFILE_NAME>
Replace
<PROFILE_NAME>
with the name of your profile.Optional: Set your new profile as the default profile.
The Chef 360 Platform CLIs use a default profile automatically in any command that accepts the
--profile
argument. If you don’t set a default profile, you will have to specify it in each command with--profile <PROFILE_NAME>
.Set a default profile:
chef-platform-auth-cli set-default-profile <PROFILE_NAME>
Replace
<PROFILE_NAME>
with the name of the default profile.Repeat this procedure so that you have separate profiles for the Node Manager and Courier Operator roles.