From 7c32594dce86fa2b626b509dc5afde7af203faaa Mon Sep 17 00:00:00 2001 From: Ian Maddaus Date: Fri, 10 Nov 2023 13:41:38 -0500 Subject: [PATCH] Add content from license-service Signed-off-by: Ian Maddaus --- .../license-service/docs-chef-io/config.toml | 2 + .../licensing/local_license_service/_index.md | 34 ++++ .../licensing/local_license_service/api.md | 156 ++++++++++++++++ .../local_license_service/backup_restore.md | 50 ++++++ .../local_license_service/install.md | 170 ++++++++++++++++++ .../local_license_service/reusable/README.md | 9 + .../local_license_service/reusable/index.md | 5 + _vendor/modules.txt | 1 + config/_default/module.toml | 13 ++ go.mod | 1 + go.sum | 2 + 11 files changed, 443 insertions(+) create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/config.toml create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/_index.md create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/api.md create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/backup_restore.md create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/install.md create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/README.md create mode 100644 _vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/index.md diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/config.toml b/_vendor/github.com/chef/license-service/docs-chef-io/config.toml new file mode 100644 index 0000000000..d186a7e7bb --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/config.toml @@ -0,0 +1,2 @@ +[params.license-service] +gh_path = "https://github.com/chef/license-service/tree/main/docs-chef-io/content/" diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/_index.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/_index.md new file mode 100644 index 0000000000..42121e5294 --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/_index.md @@ -0,0 +1,34 @@ ++++ +title = "Chef Local License Service Overview" +draft = false +gh_repo = "license-service" + +[menu] + [menu.overview] + title = "Overview" + identifier = "overview/licensing/local/overview" + parent = "overview/licensing/local" + weight = 1 ++++ + +Chef Local License Service provides license keys to commercially licensed Chef software in an online or air-gapped environment. +Local License Service doesn't grant licenses, it stores and shares the licenses that a customer has already obtained. +You load license key data on Local License Service and then specify the Local License Service URL or IP address to each instance of a Chef application, then the application automatically connects with Local License Service and retrieves a license key each time it runs. + +For large or isolated (airgapped) fleets, Chef Local License Service has several benefits: + +- End users don't need to know the license keys for the Chef products they're using, only the Local License Service URL. +- You can control network communications to the internet as Local License Service is designed to work in isolation with Chef products. +- You don't have to manage secrets on each node that a Chef application is installed on. +- The Local License Service URL changes less frequently than a license key. +- You can scale Chef Local License Service to match your workload. + +## How Chef Local License Service works + +After installing Local License Service and uploading licensing data, users can configure Chef applications to retrieve licenses from a Local License Service URL or IP address. +Chef applications cache license keys that they've received from Local License Service while they're running and must reconnect to Local License Service to retrieve a license key when they restart. +Local License Service can automatically synchronize commercial licenses from Chef's licensing server (assuming the service has internet connectivity). + +## Get Chef Local License Service + +Contact [Chef Support](https://community.progress.com/s/products/chef) to gain access to the deployment binaries for this service. diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/api.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/api.md new file mode 100644 index 0000000000..9208063bb1 --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/api.md @@ -0,0 +1,156 @@ ++++ +title = "Chef Local License Service API" +draft = false +gh_repo = "license-service" + +[menu] + [menu.overview] + title = "API" + identifier = "overview/licensing/local/API" + parent = "overview/licensing/local" ++++ + +This document describes the Chef Local License Service API endpoints that manage license data. + +## /v1/listLicenses + +The `/v1/listLicenses` endpoint has the following methods: `GET`. + +### GET + +The `GET` method lists all the licenses present within Chef Local License Service. + +#### Response codes + +| Response Code | Description | +|---------------|-------------| +| 200 | Success. | +| 400 | Error. | + +#### Examples + +```sh +curl --location --request GET 'http://:8000/v1/listLicenses' +``` + +## /v1/loadLicense + +The `/v1/loadLicense` endpoint has the following methods: `POST`. + +This endpoint isn't available in airgapped environments. + +### POST + +The `POST` method loads license data for a single license by passing in a license ID. + +#### Response codes + +| Response Code | Description | +|---------------|-------------| +| 200 | Success. | +| 400 | Error. | + +#### Examples + +```sh +curl --location --request POST 'http://:8000/v1/loadLicense' -d '{"LicenseId " : "" }' +``` + +## /v1/syncAllLicenses + +The `/v1/syncAllLicenses` endpoint has the following methods: `GET`. + +This endpoint isn't available in airgapped environments. + +### GET + +The `GET` method syncs licenses between Chef Local License Service and Chef's licensing server. + +#### Response codes + +| Response Code | Description | +|---------------|-------------| +| 200 | Success. | +| 400 | Error. | + +#### Examples + +```sh +curl --location --request GET 'http://:8000/v1/syncAllLicenses' +``` + +## /v1/uploadLicense + +The `/v1/uploadLicense` endpoint has the following methods: `POST`. + +### POST + +The `POST` method uploads license data. + +with a request body similar to: + +```json +{ + "id": "LICENSE_ID", + "version": "2", + "type": "LICENSE_TYPE", + "generator": "chef/license-(devel)", + "generatedOnDateUTC": "2023-03-28T10:50:58Z", + "refreshLastDateUTC": "2023-03-28T10:50:58Z", + "refreshNextDateUTC": "2033-03-28T10:50:58Z", + "customer": "FIRST LAST", + "customerId": "user@example.com", + "customerVersion": "1", + "bundle": "", + "evidence": { + "generated": "1680000658", + "key_sha256": "256_SHA_STRING", + "hash": "HASH_STRING" + }, + "services": null, + "features": [ + { + "name": "Inspec-Parallel", + "id": "c891f0fa-fa71-8b98-b694-7b5462595f35" + } + ], + "asset": null, + "entitlements": [ + { + "name": "APPLICATION", + "id": "APPLICATION_ID_STRING", + "measure": "node", + "limit": 1, + "grace": { + "limit": 0, + "duration": 0 + }, + "period": { + "start": "2023-03-28", + "end": "2033-03-28" + } + } + ] +} +``` + +#### Response codes + +| Response Code | Description | +|---------------|-------------| +| 200 | Success. | +| 400 | Error. | + +#### Examples + +Upload license data in a data file: + +```sh +curl --location --request POST 'http://:8000/v1/uploadLicense' --header 'Content-Type: application/json' -d @LICENSE_FILENAME.json +``` + +Upload license data as a string: + +```sh +curl --location --request POST 'http://:8000/v1/uploadLicense' --header 'Content-Type: application/json' -d "" +``` diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/backup_restore.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/backup_restore.md new file mode 100644 index 0000000000..489e49e164 --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/backup_restore.md @@ -0,0 +1,50 @@ ++++ +title = "Backup and Restore" +draft = false +gh_repo = "license-service" + +[menu] + [menu.overview] + title = "Backup and Restore" + identifier = "overview/licensing/local/Backup and Restore" + parent = "overview/licensing/local" + weight = 30 ++++ + +This document provides guidance for backing up and restoring license data. + +## Backup license data + +Use SCP to backup your license data to a remote server. + +```sh +scp :@: +scp :@: +``` + +Replace the following: + +- ``: the local file path matching the `db_path` parameter value found in `/hab/default.toml` +- ``: the local file path matching the `file_path` parameter value found in the `/hab/default.toml` +- ``: the username to log in to the remote server +- ``: the remote server password +- ``: the remote server URL or IP address +- ``: the directory the files will be copied to + +## Restore license data + +Use SCP to restore your license data from a remote server. + +```sh +scp :@: +scp :@: +``` + +Replace the following: + +- ``: the local file path matching the `db_path` parameter value found in `/hab/default.toml` +- ``: the local file path matching the `file_path` parameter value found in the `/hab/default.toml` +- ``: the username to log in to the remote server +- ``: the remote server password +- ``: the remote server URL or IP address +- ``: the directory the files are backed up to diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/install.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/install.md new file mode 100644 index 0000000000..b81697b17f --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/install.md @@ -0,0 +1,170 @@ ++++ +title = "Install the Chef Local License Service" +draft = false +gh_repo = "license-service" + +[menu] + [menu.overview] + title = "Install" + identifier = "overview/licensing/local/Install Airgap" + parent = "overview/licensing/local" + weight = 20 ++++ + +This document describes how to install the Chef Local License Service in an airgapped environment and load license data on it. + +## Prerequisites + +Before installing the Chef Local License Service: + +- Download the `local-license-service` Habitat package on an internet-connected workstation. Contact [Chef Support](https://community.progress.com/s/products/chef) to get access. + +Chef Local License Service requires: + +- A machine running Linux with kernel 2.6.32 or later on an x86-64 processor +- On your machine, open port 8000 for inbound traffic. + +### Airgapped environment + +If you're deploying Local License Service in an **airgapped environment**, download the license data from the Chef licensing server on an internet-connected workstation. + +```sh +curl --location 'https://services.chef.io/licensing/download?licenseId=&version=2' -o .json +``` + +Replace: + +- `` with your license ID. You can get this from [Chef Support](https://community.progress.com/s/products/chef). +- `` with a filename to save the data locally. + +## Deploy the service + +This procedure will start up the Chef Local License Service from a Chef Habitat package on a server in an airgapped environment. + +1. Unzip and untar the `chef-private-local-license-service` package. + + ```sh + tar -xvf chef-private-local-license-service-0.1.0-20230622141749.tar.gz + ``` + +1. From the directory where the `hab` directory is present, move the `hab` directory to root. + + ```sh + sudo mv hab / + ``` + +1. Create a shell script that runs this service and paste the following content. + + ```sh + cat< /etc/systemd/system/hab-sup.service + [Unit] + Description=Habitat Supervisor + [Service] + Environment=HAB_LICENSE=accept-no-persist + Type=simple + ExecStart=/usr/bin/hab sup run --strategy none + KillMode=process + LimitNOFILE=65535 + [Install] + WantedBy=default.target + EOT + systemctl daemon-reload + systemctl start hab-sup + systemctl enable hab-sup  + # wait for the sup to come up before proceeding. + until hab svc status > /dev/null 2>&1; do +   sleep 1 + done + ``` + +1. Grant permissions to the script. + + ```sh + chmod u+x FILENAME.sh + ``` + +1. Symlink the hab location. + + ```sh + sudo ln -sf /hab/bin/hab /usr/bin/hab + ``` + +1. Execute the shell script. + + ```sh + sudo ./FILENAME.sh + ``` + +1. Verify that the Chef Habitat Supervisor is running. + + ```sh + systemctl --type=service --state=running | grep hab-sup + ``` + + systemctl returns `hab-sup.service loaded active running Habitat Supervisor`. + +1. Create the Habitat user and group. + + ```sh + sudo groupadd hab + sudo useradd -g hab hab + ``` + +1. Load Local License Service package. + + ```sh + sudo hab svc load chef-private/local-license-service + ``` + +1. Verify the service is running. + + ```sh + sudo hab svc status + ``` + + This returns a status similar to: + + ```bash + package type desired state elapsed (s) pid group + chef-private/local-license-service/0.1.0/20230622141749 standalone up up 58 3047 local-license-service.default + ``` + +## Load license data + +You can load license data depending on whether your service is running in an airgapped environment or a non-airgapped environment. + +### Airgapped environment + +In an **airgapped environment**, use the `v1/uploadLicense` endpoint to load your licensing data. + +```sh +curl --location --request POST 'http://:8000/v1/uploadLicense' --header 'Content-Type: application/json' -d @.json +``` + +Replace: + +- `` with your Local Licensing Service IP address +- `` with the path and filename of your license data + +### Non-airgapped environment + +In a **non-airgapped environment**, use the `v1/loadLicense` endpoint to load your licensing data directly from the Chef's licensing server. + +```sh +curl --location 'http://:8000>/v1/loadLicense' --header 'Content-Type: application/json' --data '{"LicenseId": ""}' +``` + +Replace: + +- `` with your Local Licensing Service IP address +- `` with your license ID. + +## Verify license data + +To verify your licenses have loaded, use the `/v1/listLicenses` endpoint to list license data loaded on Local License Service. + +```sh +curl --location --request GET 'http://:8000/v1/listLicenses' +``` + +After you upload the license data, you can set your Local License Service IP address or URL in your Chef applications using the `CHEF_LICENSE_SERVER` environment setting or `--chef-license-server` CLI option. diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/README.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/README.md new file mode 100644 index 0000000000..3cd62e1350 --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/README.md @@ -0,0 +1,9 @@ + +# Directory for Reusable Content + + +Files in this directory are used in *more than one place* within the Chef docs. + +Store all files in subdirectories organized by file type. For example, all Markdown files should be in `content/reusable/md/` and all Ruby files are stored in `content/reusable/rb/`. + +Add these files to a Markdown page using the [`readfile` shortcode](https://docs.chef.io/style/reuse/#readfile-shortcode). diff --git a/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/index.md b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/index.md new file mode 100644 index 0000000000..41de90ae49 --- /dev/null +++ b/_vendor/github.com/chef/license-service/docs-chef-io/content/licensing/local_license_service/reusable/index.md @@ -0,0 +1,5 @@ ++++ +headless = true +## headless = true makes this directory a headless bundle. +## See https://gohugo.io/content-management/page-bundles/#headless-bundle ++++ diff --git a/_vendor/modules.txt b/_vendor/modules.txt index a068ff00c8..6c74d87614 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -13,6 +13,7 @@ # github.com/chef/effortless/docs-chef-io v0.0.0-20230711123605-c8beb79aba4f # github.com/chef/compliance-profiles/docs-chef-io v0.0.0-20231031143423-5ffd549d4a19 # github.com/chef/compliance-remediation-2022/docs-chef-io v0.0.0-20230809063034-95b117807a75 +# github.com/chef/license-service/docs-chef-io v0.0.0-20231109163703-41a47f861346 # github.com/cowboy/jquery-hashchange v0.0.0-20100902193700-0310f3847f90 # github.com/swiftype/swiftype-autocomplete-jquery v0.0.0-20190222215504-a90008d64b30 # github.com/swiftype/swiftype-search-jquery v1.1.0 diff --git a/config/_default/module.toml b/config/_default/module.toml index dd81be6a96..531169dc7d 100644 --- a/config/_default/module.toml +++ b/config/_default/module.toml @@ -319,6 +319,19 @@ source = "content" target = "content" +### +# Local License Service +### + +[[imports]] + disable = false + ignoreConfig = false + path = "github.com/chef/license-service/docs-chef-io" + +[[imports.mounts]] + source = "content/licensing/local_license_service" + target = "content/licensing/local_license_service" + ### ## Mount generated/genereted_content to content ### diff --git a/go.mod b/go.mod index 81cb00c259..87eea9c03a 100644 --- a/go.mod +++ b/go.mod @@ -10,6 +10,7 @@ require ( github.com/chef/compliance-remediation-2022/docs-chef-io v0.0.0-20230809063034-95b117807a75 // indirect github.com/chef/desktop-config/docs-chef-io v0.0.0-20230711052355-bad26ce3ac0b // indirect github.com/chef/effortless/docs-chef-io v0.0.0-20230711123605-c8beb79aba4f // indirect + github.com/chef/license-service/docs-chef-io v0.0.0-20231109163703-41a47f861346 // indirect github.com/chef/supermarket/docs-chef-io v0.0.0-20231004141257-7ada2c50bece // indirect github.com/cowboy/jquery-hashchange v0.0.0-20100902193700-0310f3847f90 // indirect github.com/habitat-sh/habitat/components/docs-chef-io v0.0.0-20230808222519-d0c20bbe8c45 // indirect diff --git a/go.sum b/go.sum index bd4481b95b..d0e7b89a4c 100644 --- a/go.sum +++ b/go.sum @@ -15,6 +15,8 @@ github.com/chef/desktop-config/docs-chef-io v0.0.0-20230711052355-bad26ce3ac0b h github.com/chef/desktop-config/docs-chef-io v0.0.0-20230711052355-bad26ce3ac0b/go.mod h1:90xAx6sIfgSL50M2KzeBmx7V7s7dlhQU3xpUkJO0qW0= github.com/chef/effortless/docs-chef-io v0.0.0-20230711123605-c8beb79aba4f h1:6+VjBykE1b9LGfJEBstSKLAGJySrhu6NY162gz+cnxo= github.com/chef/effortless/docs-chef-io v0.0.0-20230711123605-c8beb79aba4f/go.mod h1:Lfq+HjwAQwUJ41EPTO/8qbI1oJb2i415fR28d2Ig9kc= +github.com/chef/license-service/docs-chef-io v0.0.0-20231109163703-41a47f861346 h1:DB0UwtZ2I3utBAr+4TrA8+rPEgjO6hh+OdvcZDQHoh4= +github.com/chef/license-service/docs-chef-io v0.0.0-20231109163703-41a47f861346/go.mod h1:leNCF0KadV7zjm7YpVegNnbmWYUFXgaPKHP4tTDacos= github.com/chef/supermarket/docs-chef-io v0.0.0-20231004141257-7ada2c50bece h1:qCHZDu6a+UgOvMvLRsT9wAfi7P2+uKQm+H1kvpeZ7k4= github.com/chef/supermarket/docs-chef-io v0.0.0-20231004141257-7ada2c50bece/go.mod h1:L0DhIJHTKsPYhAr9TrhAIg3KXtrS9BJF0XNHfGDDGGg= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=