Chef 360 Platform requirements

Review the following requirements for Chef 360 Platform Server, nodes, and skills.

Chef 360 Platform Server requirements

Hardware

Chef 360 Platform has the following minimum hardware requirements:

• 16 GB of RAM
• 4 vCPUs
• 80 GB of disk space

For production environments, run a benchmark test to determine your system’s requirements. The benchmark test should include the number of nodes you plan to enroll, the job frequency, output size, job duration, and check-in frequency.

Ports

Open the following ports if you are using default ports.

Ports for inbound connections:

Port	Description
30000	Chef 360 Platform Console
31000	API Gateway
31050	RabbitMQ
31101	Mailpit (Optional)
22	SSH
5985–5986	WinRM

Ports for outbound connections:

Port	Description
443	For non-air gapped installations

FQDN

Chef 360 Platform Server requires a fully qualified domain name (FQDN) that’s properly registered in the Domain Name System (DNS) to ensure seamless operation and connectivity among all nodes within the infrastructure.

Node requirements

Nodes can be enrolled using two different methods, with a Chef Infra cookbook or with single-node enrollment from Chef 360 Platform. See the node requirements for those methods in the following sections.

Ports

Open the following default ports for outbound connections.

Port	Description
443	HTTPS
31050	RabbitMQ AMQP/AMQP-TLS
31000	Nginx Reverse Proxy NodePort
22	SSH (optional)
80	HTTP (optional)

Cookbook-based enrollment

Nodes enrolled with Chef 360 Platform using a Chef Infra cookbook have the following requirements:

• Nodes must have Chef Infra Client installed.
• Nodes have a public DNS or public IP address.
• Nodes can’t have localhost (127.0.0.1) as an IP address.
• Nodes can’t have a CIDR address in the same range as the Chef 360 Platform services. The default CIDR range for Chef 360 Platform services is 10.244.0.0/16 or 10.96.0.0/12.
• You must have sudo privileges on the node.

Single-node enrollment

Nodes enrolled using single-node enrollment have the following requirements.

Connection requirements

• Nodes must be accessible with SSH or WinRM.
• Nodes must have a public DNS name or public IP address.
• A node’s IP address can’t be 127.0.0.1 (localhost).
• A node’s CIDR address must not overlap with the Chef 360 Platform services’ CIDR range. The default CIDR ranges for Chef 360 Platform services are 10.244.0.0/16 and 10.96.0.0/12.
• The node’s ports for RabbitMQ and the nginx API gateway must be open to Chef 360 Platform. Additionally, Chef 360 Platform must allow inbound connections to these ports from the node.
• For nodes running Windows Server 2012 or 2016, download and manually install curl. After installation, ensure the curl executable is added to the system’s PATH environment variable.

SSH connection requirements

• Port 22 must be open.
• The user must have sudo privileges.
• The user must authenticate using an ed25519 or RSA (2048-bit) key without a passphrase.

WinRM connection requirements

• Ports 5985 (HTTP) and 5986 (HTTPS) must be open.

• Configure WinRM by running the following commands:

  winrm quickconfig   # Select 'Yes' when prompted
  winrm set winrm/config/service/Auth '@{Basic="true"}'
  winrm set winrm/config/service '@{AllowUnencrypted="true"}'
  netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow
  netsh advfirewall firewall add rule name="WinRM-HTTPS" dir=in localport=5986 protocol=TCP action=allow
  

Skill requirements

Chef 360 Platform skills are supported on the following platforms.

OS	Architecture	Version
Linux	x86_64	Kernel 2.6.32 or later
Windows	x86_64	Windows Server 2012 and later

Skills have the following dependencies:

• The Chef Infra Client interpreter requires that Chef Infra Client is installed on the node.
• The InSpec interpreter requires that Chef InSpec is installed on the node.