Numeric Illustration

Using chef-provisioner with the Joyent Smart Data Center

Posted in Uncategorized by elevatorboy on December 4, 2015

Fog gained support for Joyent SDC in 2012


the chef-provisioning fog joyent driver is an official part of Chef-provisioning


BUT the SDC7 API now has a few changes that affect how you use it:

  1. set API to 7.0.0 or higher and use array of uuids
  2. need to use key signed requests, no more password auth only
  3. with 7.3.0 you can use array of hashes of network configs

Since I was making this an example, I setup a network using

Screen Shot 2015-11-25 at 1.30.03 PM

If you setup a network for testing this out, make sure you assign the nic_tag to an interface on some CNs

Screen Shot 2015-11-25 at 1.30.25 PM

Per the docs


the sdc-cloudapi code that parses the networking params

You can see

that if the API version is set to 7.3.0 then it will validate and use the array of hash format shown in the comments about the networking

So what is the chef-provisioner stuff setting?

the chef-provisioning-fog stuff uses the underlying fog stuff

but gives a good hint at settings to put in your knife.rb file


the actual fog joyent compute code

by default sets the API value to 6.5

So you need to bump :joyent_version in your knife.rb file to 7.0.0 at least since SDC is version 7++ now and pre 7 will be just going away.

If you want to use the array of hash format, set it to 7.3.0

Also, 6.5 allowed password auth, but 7.0 and up required key signed auth.  Fortunately 6.5 supported that as well and thus if you specify the right settings in your knife.rb file, it will do the right thing

driver 'fog:Joyent'
driver_options :compute_options => {
    :joyent_url => '',
    :joyent_username => 'myUserName',
    :joyent_password => 'myPassWord',
    :joyent_version => '7.3.0',
    :joyent_keyname => 'name of my key in sdc',
    # matching .pub must be in same dir
    :joyent_keyfile => '/path/to/my/key/keyfile' # the priv key
    :joyent_keyphrase => 'password for key file'

knife[:ssl_verify_peer] = false # I needed this for my home sdc for which I have self signed certs

Then the provisioner cookbook code can be something like:

machine 'testInstance' do
tag 'my_tag_is_cool',
    :bootstrap_options => {
        :package => 'dc_128', # small package for testing
        :image => '842e6fa6-6e9b-11e5-8402-1b490459e334', # happens to be a base-64 image
        :networks => [
                :ipv4_uuid => 'da0c6983-14cf-4fc6-a83e-329cb827f57c', # a uuid of one of my nets
                :primary => true
                :ipv4_uuid => '074384c0-0561-461f-9109-d3a399da38eb&quot' # a uuid of another one of my nets
        :key_name => 'name of my key in sdc'

OR to use the older but still SDC 7.0 syntax, set :joyent_version to ‘7.2.0’ and you can specify the networks parameter to the instance as just an array of uuids like

:networks => [ 'da0c6983-14cf-4fc6-a83e-329cb827f57c', '074384c0-0561-461f-9109-d3a399da38eb']
Tagged with: , , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: