Skip to main content

Automate HA Commands

Warning

Chef Automate 4.10.1 released on 6th September 2023 includes improvements to the deployment and installation experience of Automate HA. Please read the blog to learn more about key improvements. Refer to the pre-requisites page (On-Premises, AWS) and plan your usage with your customer success manager or account manager.s

This page includes commands that can be executed for the Chef Automate cluster part of the Chef Automate High Availability (HA) system. These commands aid you in assessing the health and status of the components part of the HA cluster. It is highly recommended to run these commands on a test cluster before using them in a production environment.

Automate HA Service Commands

  • Get the Automate HA cluster Information
chef-automate info
  • Post Deployment, run the smoke test cases on Automate HA cluster and run the command from the bastion node.
chef-automate test --full
  • Validate the cluster but skip “chef-automate diagnostic run” when performing the smoke tests
chef-automate test
  • Run the smoke test on specific cluster
chef-automate test automate
chef-automate test chef_server
chef-automate test opensearch
chef-automate test postgresql
  • To get the status of the cluster, run the command from the bastion node.
chef-automate status
  • To check the service status on Automate nodes.
chef-automate status --automate
chef-automate status --a2
  • To check the service status on Chef Infra Server nodes.
chef-automate status --chef_server
chef-automate status --cs
  • To check the service status on Postgres nodes.
chef-automate status --postgresql
chef-automate status -pg
  • To check the service status on Opensearch nodes.
chef-automate status --opensearch
chef-automate status --os
  • Patch a config to the Front end nodes (Automate)
    • create a config file automate.toml
chef-automate config patch automate.toml --automate

sorthands for –automate is –a2 and -a

  • Patch a config to the Front end nodes (Chef Server)
    • create a config file chefserver.toml
chef-automate config patch chefserver.toml --chef_server

sorthands for –chef_server is –cs and -c

  • Patch a config to the all Front end nodes (Chef Server + Automate)
    • Create a config file frontend.toml
chef-automate config patch frontend.toml --frontend

sorthands for –chef_server is –fe and -f

  • Patch a config to the Back end nodes (Open Search)
    • Create a config file opensearch.toml
chef-automate config patch opensearch.toml --opensearch

sorthands for –opensearch is –os and -o

  • Patch a config to the Back end nodes (Postgresql)
    • Create a config file postgresql.toml
chef-automate config patch postgresql.toml --postgresql

sorthands for –postgresql is –pg and -p

Note

  • Frontend patch will be applied to all nodes where are Postgresql and OpenSearch changes will be applied to only one node.
  • After patching, some services will go restart. So the health status will take up to 2 minutes to show healthy.

Warning

  • For certificate rotation, don’t use config patch. Instead, the cert-rotate command can be used. To learn more about certificate rotation, see Certificate Rotation.
  • While patching the same from the provision host, structures such as TLS from OpenSearch configuration toml file and SSL from PostgreQL configuration toml file will be ignored.
  • Collect the Gatherlogs for Automate HA cluster, and run the command from the bastion node.
    • Logs are collected at /var/tmp
chef-automate gather-logs
  • View the active Habitat gossiped toml config for any locally loaded service:
    • SSH to the backend opensearch nodes chef-automate ssh --hostname os
source /hab/sup/default/SystemdEnvironmentFile.sh
automate-backend-ctl show --svc=automate-ha-opensearch
  • SSH to the backend postgres nodes chef-automate ssh --hostname pg
source /hab/sup/default/SystemdEnvironmentFile.sh
automate-backend-ctl show --svc=automate-ha-postgresql
  • To Rotate the password for Postgres cluster, run the command from the bastion node
  cd /hab/a2_deploy_workspace/
  ./scripts/credentials set postgresql --no-auto
  • To Rotate the password for Opensearch cluster, run the command from the bastion node
  cd /hab/a2_deploy_workspace/
  ./scripts/credentials set opensearch --no-auto
Edit this page on GitHub

Thank you for your feedback!

×









Search Results