Skip to main content

Config Verify


Chef Automate 4.10.1 released on 6th September 2023 includes improvements to the deployment and installation experience of Automate HA. Please read the blog to learn more about key improvements. Refer to the pre-requisites page (On-Premises, AWS) and plan your usage with your customer success manager or account manager.

High Availability (HA) is designed to avoid loss of service by reducing or managing failures and minimizing unscheduled downtime (when your system or network is not available for use or is unresponsive) that happens due to power outages or failure of a component. In this page, we will see how to reduce the possibility of errors and improve your overall CLI experience to deploy Automate HA. We will discuss the deployment of Automate HA by automatically checking verification tests in different Automate HA deployment workflows.


Before you start, take a quick tour of our prerequisite pages for On-Premises and AWS deployment.


Failures occurring during the deployment of Automate HA might result to clear up everything and the start the whole process once again. To avoid this, the verify CLI has been introduced. You can run the CLI either pre or post deployment. The pre deployment CLI command is as follows:

chef-automate verify --config config.toml

The above command will trigger the config.toml file with config, the one you want to deploy.

The post deployment CLI command is as follows:

chef-automate verify

The above command will run verify check post deployment.

Once the verify command is triggered, following checks will be triggered:

  • System Resources (All Nodes)
  • Software Version (All Nodes)
  • System User (All Nodes)
  • External OpenSearch Database
  • External PostgreSQL Database
  • S3/MinIO Backup Config (If Required)
  • NFS Backup Config (If Required)
  • FQDN with Load Balancer Reachability
  • Firewall Ports

You get a report irrespective of the fact that the everything passes of fails. If all the pointers in the report shows pass, it means everything is fine and you can move ahead with the Automate HA deployment.

Benefits of Running the verify Command


It is always good to know things early. Pre deployment verification will give the potential pointers of failure which may occur at the time of deployment. The pre deployment verification will ensure certain checks in the system. These checks will ensure that the failure of critical services of the end points of the system are taken care of. For example, in case of a certificate check, it will ensure that the validation of the check has already happened before the deployment process.


It’s always better to know the critical scenarios of a deployment process before running it. But in case of a post deployment verification sometimes it can be beneficial as the deployment will help you to identify the proper state of the command.


Once you run the verify command, it checks all the test cases defined. After it executes, you will see the full report of how many reports succeeded and how may failed. The report comes in a table structure with five columns, NO, IDENTIFIER, PARAMETER, STATUS, and MESSAGE. The MESSAGE column shows the pointers to resolve for the parameters which have failed.

An example of a checks performed are shown in the below image:

Config Verify Check

The above image shows the checks performed for Automate node. The checks in the above image are also performed on all the nodes in Automate HA, i.e., Chef Server, PostgreSQL, OpenSearch, and Chef Automate (the one showed above).

THe verify command checks all the nodes in Automate HA and with that it also provides the remediation steps for failures.

Edit this page on GitHub

Thank you for your feedback!


Search Results