Install the Chef Local License Service
This document describes how to install the Chef Local License Service in an airgapped environment and load license data on it.
Prerequisites
Before installing the Chef Local License Service:
- Download the
local-license-serviceHabitat package on an internet-connected workstation. Contact Chef Support to get access.
Chef Local License Service requires:
- A machine running Linux with kernel 2.6.32 or later on an x86-64 processor
- On your machine, open port 8000 for inbound traffic.
Airgapped environment
If you’re deploying Local License Service in an airgapped environment, download the license data from the Chef licensing server on an internet-connected workstation.
curl --location 'https://services.chef.io/licensing/download?licenseId=<LICENSE_ID>&version=2' -o <LICENSE_DATA_FILENAME>.json
Replace:
<LICENSE_ID>with your license ID. You can get this from Chef Support.<LICENSE_DATA_FILENAME>with a filename to save the data locally.
Deploy the service
This procedure will start up the Chef Local License Service from a Chef Habitat package on a server in an airgapped environment.
Unzip and untar the
chef-private-local-license-servicepackage.tar -xvf chef-private-local-license-service-0.1.0-20230622141749.tar.gzFrom the directory where the
habdirectory is present, move thehabdirectory to root.sudo mv hab /Create a shell script that runs this service and paste the following content.
cat<<EOT > /etc/systemd/system/hab-sup.service [Unit] Description=Habitat Supervisor [Service] Environment=HAB_LICENSE=accept-no-persist Type=simple ExecStart=/usr/bin/hab sup run --strategy none KillMode=process LimitNOFILE=65535 [Install] WantedBy=default.target EOT systemctl daemon-reload systemctl start hab-sup systemctl enable hab-sup # wait for the sup to come up before proceeding. until hab svc status > /dev/null 2>&1; do sleep 1 doneGrant permissions to the script.
chmod u+x FILENAME.shSymlink the hab location.
sudo ln -sf /hab/bin/hab /usr/bin/habExecute the shell script.
sudo ./FILENAME.shVerify that the Chef Habitat Supervisor is running.
systemctl --type=service --state=running | grep hab-supsystemctl returns
hab-sup.service loaded active running Habitat Supervisor.Create the Habitat user and group.
sudo groupadd hab sudo useradd -g hab habLoad Local License Service package.
sudo hab svc load chef-private/local-license-serviceVerify the service is running.
sudo hab svc statusThis returns a status similar to:
package type desired state elapsed (s) pid group chef-private/local-license-service/0.1.0/20230622141749 standalone up up 58 3047 local-license-service.default
Load license data
You can load license data depending on whether your service is running in an airgapped environment or a non-airgapped environment.
Airgapped environment
In an airgapped environment, use the v1/uploadLicense endpoint to load your licensing data.
curl --location --request POST 'http://<IP_ADDRESS>:8000/v1/uploadLicense' --header 'Content-Type: application/json' -d @<LICENSE_DATA_FILENAME>.json
Replace:
<IP_ADDRESS>with your Local Licensing Service IP address<LICENSE_DATA_FILENAME>with the path and filename of your license data
Non-airgapped environment
In a non-airgapped environment, use the v1/loadLicense endpoint to load your licensing data directly from the Chef’s licensing server.
curl --location 'http://<IP_ADDRESS>:8000>/v1/loadLicense' --header 'Content-Type: application/json' --data '{"LicenseId": "<LICENSE_ID>"}'
Replace:
<IP_ADDRESS>with your Local Licensing Service IP address<LICENSE_ID>with your license ID.
Verify license data
To verify your licenses have loaded, use the /v1/listLicenses endpoint to list license data loaded on Local License Service.
curl --location --request GET 'http://<IP_ADDRESS>:8000/v1/listLicenses'
After you upload the license data, you can set your Local License Service IP address or URL in your Chef applications using the CHEF_LICENSE_SERVER environment setting or --chef-license-server CLI option.