Bootstraping windows node using machine resource


#1

Hi people,

I wrote this recipe to apply another recipe on a specific node:

require ‘chef/provisioning/ssh_driver’

with_chef_server “https://domain.local.com/organizations/exemple

machine ‘node1’ do
action [:ready, :setup, :converge]
machine_options :transport_options => {
‘is_windows’ => true,
‘host’ => ‘ipadress’,
‘port’ => 5985,
‘username’ => ‘username’,
‘password’ => ‘password’
}
recipe 'test::default’
converge true
end

first of all how to apply it on the remote machine? and do i need to change the metadata.rb to declare test cookbook dependency?

thanks!


#2

i tried this command chef-client -z cluster.rb after uploading the cookbook to the server but it doesn’t seem to connect to the server!

INFO: HTTP Request Returned 404 Object Not Found: error

================================================================================
Error executing action `ready` on resource 'machine[node1]'
================================================================================

RuntimeError

ERROR: machine[node1] (@recipe_file::~/chef-repo/cookbooks/provisionning/recipes/cluster.rb line 8) had an error: RuntimeError: Driver not specified for machine node1


#3

You need to add a with_driver 'ssh' statement to the provisioning recipe, or use the driver attribute on the machine resource.

You’ll also probably need to add credentials to the with_chef_server statement, as described here https://github.com/chef/chef-provisioning#pointing-boxes-at-chef-servers.


#4

I modified the recipe :
require ‘chef/provisioning/ssh_driver’

with_chef_server “https://domain.local.com/organizations/exemple”,
:client_name => Chef::Config[:node_name],
:signing_key_filename => Chef::Config[:client_key]

with_driver ‘ssh’

machine “ssh” do
action [:ready, :setup, :converge]

machine_options :transport_options => {
‘is_windows’ => true,
‘host’ => ‘10.200.24.160’,
‘port’ => 5985,
‘username’ => ‘username’,
‘password’ => ‘password’
}
recipe 'test::default’
converge true

end

And i got this error now:

machine[ssh] (@recipe_files::~/chef-repo/cookbooks/provisionning/recipes/cluster.rb line 9) had an error: RuntimeError: Machine Options for ssh are invalid cannot create machine.


#5

If it’s a windows node, I would think you need the winrm driver.

Nathan Clemons
DevOps Engineer
Moxie Cloud Services (MCS)

O +1.425.467.5075
M +1.360.861.6291
E nclemons@gomoxie.com
W www.gomoxie.comhttp://www.gomoxie.com/


#6

Looking at the chef-provisioning-ssh code, I think you have encountered a bug: validation is failing when the port is specified. As long as you’re using the default 5985 port, you can work around this by omitting the port.

fyi, I know it shows this in the example, but you may not want to specify all of the actions explicitly as this seems to trigger unnecessary additional processing. It should be sufficient to specify action :converge or omit the action entirely. You also only need converge true if you want to force a converge every time you run the provisioning recipe (rather than only if something has changed).


#7

Ok well it seems better without precising the port but now it looks like it doesn’t install chef-client :

ERROR: machine[exploitatos] (@recipe_files::/~/chef-repo/cookbooks/provisionning/recipes/cluster.rb line 9) had an error: RuntimeError: Error: command ‘powershell.exe -ExecutionPolicy Unrestricted -NoProfile "& ““C:\chef\install.ps1"””’ exited with code 1.


#8

Do you have any idea please wheere the problem comes from?

thanks!


#9

The error means that it is trying to run the bootstrap script C:\chef\install.ps1 using powershell and it is failing. I would hazard a guess that there is some additional setup needed on your target Windows box to allow unattended execution, but I’m afraid I don’t use Windows,


#10

Okay here is my winrm config, my node is under windows 7 :
Config
MaxEnvelopeSizekb = 500
MaxTimeoutms = 60000
MaxBatchItems = 32000
MaxProviderRequests = 4294967295
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = true
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts = *
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = true
Auth
Basic = true
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
AllowRemoteAccess = true
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 7200000
MaxConcurrentUsers = 10
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 25
MaxMemoryPerShellMB = 1024
MaxShellsPerUser = 30
Obviously there is a problem with winrm because it fails to apply powershell script to install ?
knife bootstrap windows winrm works


#11

I think your winrm configuration is fine. The fact that the powershell command returns with an exit code of 1 indicates that it is at least being called. The real question is what’s the real error message.Not sure why thats not showing up. I’ve never used the ssh driver but I’d try running with debug logging and see if that provides a better error.


#12

This is the error message detailed (sorry it’s in french but it looks like it doesn’t recognize the downloadstring in install.ps1)
Exception lors de l’appel de «DownloadString» avec «1» argument(s): «
Impossible de se connecter au serveur distant»
Au caractère C:\chef\install.ps1:24 : 22
+ Try { $response = ($c = Make-WebClient).DownloadString($url) }
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:slight_smile: [], MethodInvocationException
+ FullyQualifiedErrorId : WebException

              Impossible d’appeler une méthode dans une expression Null.
              Au caractère C:\chef\install.ps1:27 : 3
              +   $md = ConvertFrom-StringData $response.Replace("`t", "=")
              +   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  + CategoryInfo          : InvalidOperation : (:) [], RuntimeException
                  + FullyQualifiedErrorId : InvokeMethodOnNull

Exception lors de l’appel de «DownloadFile» avec «2» argument(s): «Le chemin
d’accès n’a pas une forme conforme.»
Au caractère C:\chef\install.ps1:42 : 6
+ ($c = Make-WebClient).DownloadFile($url, $dst)
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:slight_smile: [], MethodInvocationException
+ FullyQualifiedErrorId : ArgumentException
msiexec was not successful. Received exit code 1619
Au caractère C:\chef\install.ps1:55 : 28
+ if ($p.ExitCode -ne 0) { throw "msiexec was not successful. Received exit
code …
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (msiexec was not… exit code
1619:String) [], RuntimeException
+ FullyQualifiedErrorId : msiexec was not successful. Received exit code 1
619

Again knife bootstrap windows winrm works fine. Do you see where the problem might come from?

thanks!


#13

Yeah it looks like its unable to reach the metadata_url. This should be https://www.chef.io/chef/metadata?p=windows&m=x86_64&pv=2008r2. Try connecting to the node and see if you can access that url (or any url) from the node to isolate if there are network issues preventing your node from reaching the external web.


#14

Well very strange because i checked my node connection and it’s fine, i tried this on powershell using this:

$web = New-Object Net.WebClient
$web | Get-Member
$web.DownloadString(“http://www.google.com”)

and it seems to be ok.