Chef Automate LDAP integration not working


#1

We just installed ChefAutomate internally and are trying to configure it to use LDAP. We’ve had LDAP working on our Chef Server for a while and tried to just copy over the attributes that we have there but it’s not connecting. We’ve scoured the logs but aren’t finding anything that’s logged that seems helpful. When we try to login we get something similar to:

==> /var/log/delivery/delivery/current <==
2016-08-12_16:20:49.42546 09:20:49.421 [info] Failed to fetch deliv_user “AutomateEnterpriseName/MyADUser” : not found

So not sure if it’s a problem with the Chef user base not getting populate with our AD users, or if the connection should be hitting AD at that time.

For reference, here’s how we’ve got our server/delivery.rb set up. We did notice that the delivery attributes doesn’t have a “groupdn”. So maybe our base needs to change…

FOR CHEF SERVER

ldap[‘base_dn’] = 'basedn’
ldap[‘bind_dn’] = 'binddn’
ldap[‘bind_password’] = 'password’
ldap[‘group_dn’] = 'groupdn’
ldap[‘host’] = 'OURHOST’
ldap[‘login_attribute’] = 'sAMAccountName’
ldap[‘port’] = 636
ldap[‘ssl_enabled’] = true

FOR DELIVERY

delivery[‘ldap_hosts’] = [“OURHOST”]
delivery[‘ldap_port’] = 636
delivery[‘ldap_timeout’] = 5000
delivery[‘ldap_base_dn’] = 'basedn’
delivery[‘ldap_bind_dn’] = 'binddn’
delivery[‘ldap_bind_dn_password’] = 'password’
delivery[‘ldap_encryption’] = "start_tls"
delivery[‘ldap_attr_login’] = 'sAMAccountName’
delivery[‘ldap_attr_mail’] = 'mail’
delivery[‘ldap_attr_full_name’] = ‘fullName’


#2

We’re continuing to have this issues. Because the source for Automate is not available on GitHub, I cannot troubleshoot this issue much further w/ @cmartin

What should we expect to see in the Automate logs for LDAP?


#3

@cheffy


#4

Hi Martin,

Thank you for letting us know about your issue, let me help you a little bit with your LDAP configuration.

I can see in your config you have ldap_host set to an empty Array, I guess this might be the problem since we need to know the host to connect to for LDAP authentication. Although I am not sure how your Chef Server Config works without the a host since we have it marked as required: https://github.com/chef/chef-server/blob/master/omnibus/files/private-chef-cookbooks/private-chef/libraries/private_chef.rb#L523

Could you try to add a host and run delivery-ctl reconfigure and show me the logs?

Additionally if you could gather the file /var/opt/delivery/delivery/etc/sys.config after and before the modification would help me a lot! :slight_smile: (watch for passwords of things you can’t share)

Salim Afiune


#5

Yeah, I think my “Sample_Host_Name” got stripped when I was copy pasting. We do indeed have a host name for both the Chef Server and the Automate Server. I’ll do a reconfigure and get you some logs now.


#6

Editted the post above so all my variables now show up. Looks like I can’t use ‘<’ and ‘>’ to surround my words. :slight_smile:


#7

Here’s the log from my most recent reconfigure. Looks like it has an error around Elasticsearch, not sure if that’s a requirement for the LDAP??? Splitting into 2 since it’s too big


:/etc/delivery$ delivery-ctl reconfigure
rm: cannot remove ‘/opt/delivery/embedded/nodes/MYSERVER.RUSSELL.COM.json’: Permission denied
Could not remove cached node state!
MYUSER@MYSERVER:/etc/delivery$ sudo delivery-ctl reconfigure
Starting Chef Client, version 12.11.18
resolving cookbooks for run list: [“delivery”]
[2016-08-22T07:09:59-07:00] WARN: Cookbook ‘local-mode-cache’ is empty or entirely chefignored at /opt/delivery/embedded/cookbooks/local-mode-cache
[2016-08-22T07:09:59-07:00] WARN: Cookbook ‘local-mode-cache’ is empty or entirely chefignored at /opt/delivery/embedded/cookbooks/local-mode-cache
[2016-08-22T07:09:59-07:00] WARN: Cookbook ‘local-mode-cache’ is empty or entirely chefignored at /opt/delivery/embedded/cookbooks/local-mode-cache
[2016-08-22T07:09:59-07:00] WARN: Cookbook ‘local-mode-cache’ is empty or entirely chefignored at /opt/delivery/embedded/cookbooks/local-mode-cache
Synchronizing Cookbooks:

  • packagecloud (0.2.0)
  • runit (1.7.6)
  • enterprise (0.10.1)
  • delivery (0.3.76)
    Installing Cookbook Gems:
    Compiling Cookbooks…
    Recipe: delivery::omnibus
  • directory[/etc/delivery] action create (up to date)
    [2016-08-22T07:10:00-07:00] WARN: Cloning resource attributes for runit_service[postgresql] from prior resource (CHEF-3694)
    [2016-08-22T07:10:00-07:00] WARN: Previous runit_service[postgresql]: /opt/delivery/embedded/cookbooks/cache/cookbooks/enterprise/definitions/component_runit_service.rb:37:in block in from_file' [2016-08-22T07:10:00-07:00] WARN: Current runit_service[postgresql]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/postgresql.rb:155:infrom_file’
    [2016-08-22T07:10:00-07:00] WARN: Cloning resource attributes for runit_service[rabbitmq] from prior resource (CHEF-3694)
    [2016-08-22T07:10:00-07:00] WARN: Previous runit_service[rabbitmq]: /opt/delivery/embedded/cookbooks/cache/cookbooks/enterprise/definitions/component_runit_service.rb:37:in block in from_file' [2016-08-22T07:10:00-07:00] WARN: Current runit_service[rabbitmq]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/rabbitmq.rb:89:infrom_file’
    [2016-08-22T07:10:00-07:00] WARN: Cloning resource attributes for runit_service[logstash] from prior resource (CHEF-3694)
    [2016-08-22T07:10:00-07:00] WARN: Previous runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/enterprise/definitions/component_runit_service.rb:37:in block in from_file' [2016-08-22T07:10:00-07:00] WARN: Current runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/logstash.rb:37:infrom_file’
    [2016-08-22T07:10:00-07:00] WARN: Cloning resource attributes for runit_service[logstash] from prior resource (CHEF-3694)
    [2016-08-22T07:10:00-07:00] WARN: Previous runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/logstash.rb:37:in from_file' [2016-08-22T07:10:00-07:00] WARN: Current runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/elasticsearch_migrations.rb:2:infrom_file’
    [2016-08-22T07:10:00-07:00] WARN: Cloning resource attributes for runit_service[logstash] from prior resource (CHEF-3694)
    [2016-08-22T07:10:00-07:00] WARN: Previous runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/elasticsearch_migrations.rb:2:in from_file' [2016-08-22T07:10:00-07:00] WARN: Current runit_service[logstash]: /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/recipes/elasticsearch_migrations.rb:29:infrom_file’
    Converging 174 resources

  • directory[/etc/delivery] action nothing (skipped due to action :nothing)
    Recipe: delivery::logrotate

  • directory[/etc/delivery/logrotate.d] action create (up to date)

  • template[/etc/delivery/logrotate.conf] action create (up to date)

  • template[/etc/cron.hourly/delivery_logrotate] action create (up to date)
    Recipe: delivery::users

  • log[Creating user: delivery] action write

  • log[home: /opt/delivery/embedded] action write

  • log[path: /opt/delivery/bin:/opt/delivery/embedded/bin:/opt/delivery/bin:/opt/delivery/embedded/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] action write

  • user[delivery] action create (up to date)

  • group[delivery] action create (up to date)

  • directory[/opt/delivery/embedded] action create (up to date)

  • log[creating git user] action write

  • user[git] action create (up to date)

  • directory[/var/opt/delivery/home/git] action create (up to date)

  • directory[/var/opt/delivery/home/git/.ssh] action create (up to date)

  • file[/var/opt/delivery/home/git/.ssh/authorized_keys] action create (up to date)
    Recipe: delivery::omnibus

  • directory[/opt/delivery] action create (up to date)

  • directory[/var/log/delivery] action create (up to date)
    Recipe: enterprise::runit

  • component_runit_supervisor[delivery] action create

    • execute[initctl stop opscode-runsvdir] action run (skipped due to only_if)
    • file[/etc/init/opscode-runsvdir.conf] action delete (up to date)
    • template[/etc/init/delivery-runsvdir.conf] action create (up to date)
    • execute[initctl status delivery-runsvdir] action run
      • execute initctl status delivery-runsvdir
    • execute[initctl start delivery-runsvdir] action run (skipped due to only_if)

Recipe: delivery::postgresql

  • user[chef-pgsql] action create (up to date)
  • directory[/var/opt/delivery/postgresql] action create (up to date)
  • file[/var/opt/delivery/postgresql/.profile] action create (up to date)
  • service[procps] action nothing (skipped due to action :nothing)
  • template[/etc/sysctl.d/90-postgresql.conf] action create (up to date)
  • directory[/var/log/delivery/postgresql/9.2] action create (up to date)
  • directory[/var/opt/delivery/postgresql/9.2] action create (up to date)
  • directory[/var/opt/delivery/postgresql/9.2/data] action create (up to date)
  • execute[initialize_cluster_/var/opt/delivery/postgresql/9.2/data] action run (skipped due to not_if)
  • template[/var/opt/delivery/postgresql/9.2/data/postgresql.conf] action create (up to date)
  • template[/var/opt/delivery/postgresql/9.2/data/pg_hba.conf] action create (up to date)
  • file[/var/opt/delivery/postgresql/9.2/data/recovery.conf] action delete (up to date)
  • link[/var/opt/delivery/postgresql/9.2/data] action create (skipped due to not_if)
  • execute[restart_postgresql_log_service] action nothing (skipped due to action :nothing)
  • template[/var/log/delivery/postgresql/9.2/config] action create (up to date)
    Recipe:
  • service[postgresql] action nothing (skipped due to action :nothing)
    Recipe: delivery::postgresql
  • runit_service[postgresql] action enable
    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/postgresql] action create (up to date)
    • template[/opt/delivery/sv/postgresql/run] action create (up to date)
    • directory[/opt/delivery/sv/postgresql/log] action create (up to date)
    • directory[/opt/delivery/sv/postgresql/log/main] action create (up to date)
    • directory[/var/log/postgresql] action create (up to date)
    • template[/opt/delivery/sv/postgresql/log/config] action create (up to date)
    • link[/var/log/postgresql/config] action create (up to date)
    • template[/opt/delivery/sv/postgresql/log/run] action create (up to date)
    • directory[/opt/delivery/sv/postgresql/env] action create (up to date)
    • ruby_block[zap extra env files for postgresql service] action run (skipped due to only_if)
    • directory[/opt/delivery/sv/postgresql/control] action create (up to date)
    • template[/opt/delivery/sv/postgresql/control/t] action create (up to date)
    • link[/opt/delivery/init/postgresql] action create (up to date)
    • file[/opt/delivery/sv/postgresql/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/postgresql] action create (up to date)
    • ruby_block[wait for postgresql service socket] action run
      • execute the ruby block wait for postgresql service socket

Recipe:

  • service[postgresql] action nothing (skipped due to action :nothing)

  • service[postgresql] action nothing (skipped due to action :nothing)
    Recipe: delivery::postgresql

  • runit_service[postgresql] action start (up to date)
    Recipe: delivery::delivery_database

  • enterprise_pg_user[delivery] action create

    • execute[create_postgres_user_delivery] action run (skipped due to not_if)
      (up to date)
  • enterprise_pg_user[delivery_ro] action create

    • execute[create_postgres_user_delivery_ro] action run (skipped due to not_if)
      (up to date)
  • enterprise_pg_database[delivery] action create

    • execute[create_database_delivery] action run (skipped due to not_if)
      (up to date)
  • execute[add_uuid-ossp_extension] action run

    • execute psql --dbname delivery --single-transaction --set ON_ERROR_STOP=1 --command ‘CREATE EXTENSION IF NOT EXISTS “uuid-ossp”’
  • execute[delivery schema] action run

    • execute sqitch --engine pg --db-name delivery --top-dir /opt/delivery/embedded/service/delivery_schema deploy --verify
      Recipe: delivery::postgresql
  • execute[/opt/delivery/embedded/bin/psql -c “CREATE ROLE delivery_repl WITH REPLICATION PASSWORD ‘POSTGRESPASSWORD’ LOGIN” -d delivery chef-pgsql] action run (skipped due to not_if)

  • execute[/opt/delivery/embedded/bin/psql -c ’ CREATE OR REPLACE FUNCTION pg_stat_repl()
    RETURNS SETOF pg_catalog.pg_stat_replication
    AS $$BEGIN
    RETURN query(SELECT * FROM pg_catalog.pg_stat_replication);
    END$$ language plpgsql security definer
    ’ -d delivery chef-pgsql] action run

    • execute /opt/delivery/embedded/bin/psql -c ’ CREATE OR REPLACE FUNCTION pg_stat_repl()
      RETURNS SETOF pg_catalog.pg_stat_replication
      AS $$BEGIN
      RETURN query(SELECT * FROM pg_catalog.pg_stat_replication);
      END$$ language plpgsql security definer
      ’ -d delivery chef-pgsql
  • execute[/opt/delivery/embedded/bin/psql -c ‘CREATE OR REPLACE VIEW public.pg_stat_repl AS SELECT * FROM pg_stat_repl()’ -d delivery chef-pgsql] action run

    • execute /opt/delivery/embedded/bin/psql -c ‘CREATE OR REPLACE VIEW public.pg_stat_repl AS SELECT * FROM pg_stat_repl()’ -d delivery chef-pgsql
  • execute[/opt/delivery/embedded/bin/psql -c ‘GRANT SELECT on public.pg_stat_repl to delivery’ -d delivery chef-pgsql] action run

    • execute /opt/delivery/embedded/bin/psql -c ‘GRANT SELECT on public.pg_stat_repl to delivery’ -d delivery chef-pgsql
      Recipe: delivery::nginx
  • directory[/var/opt/delivery/nginx/ca] action create (up to date)

  • directory[/var/opt/delivery/nginx/etc] action create (up to date)

  • directory[/var/log/delivery/nginx] action create (up to date)

  • directory[/opt/delivery/embedded/nginx/html] action create (up to date)

  • directory[/var/opt/delivery/nginx/etc/addon.d] action create (up to date)

  • directory[/opt/delivery/embedded/nginx/logs] action create (up to date)

  • directory[/var/opt/delivery/nginx/etc/server.d] action create (up to date)

  • delivery_nginx_server[chefautomate…russell.com] action createGenerating RSA private key, 2048 bit long modulus
    …+++
    …+++
    e is 65537 (0x10001)

    • file[/var/opt/delivery/nginx/ca/chefautomate…russell.com.key] action create (skipped due to not_if)
    • file[/var/opt/delivery/nginx/ca/chefautomate…russell.com.crt] action create (skipped due to not_if)
    • template[/var/opt/delivery/nginx/etc/server.d/chefautomate…russell.com.conf] action create
      • update content in file /var/opt/delivery/nginx/etc/server.d/chefautomate…russell.com.conf from 91f938 to 056b29
        — /var/opt/delivery/nginx/etc/server.d/chefautomate…russell.com.conf 2016-08-12 08:54:48.247386790 -0700
        +++ /var/opt/delivery/nginx/etc/server.d/.chef-chefautomate…russell.com.conf20160822-3988-13ge199 2016-08-22 07:10:01.649021933 -0700
        @@ -16,8 +16,8 @@
        listen 127.0.0.1:8080;

        listen 443 ssl;

      • ssl_certificate /etc/ssl/certs/MYSERVER.cer;

      • ssl_certificate_key /etc/ssl/private/MYSERVER_.russell_com.key;

      • ssl_certificate /var/opt/delivery/nginx/ca/chefautomate…russell.com.crt;

      • ssl_certificate_key /var/opt/delivery/nginx/ca/chefautomate…russell.com.key;

        ssl_session_timeout 5m;

  • template[/var/opt/delivery/nginx/etc/addon.d/21-delivery_internal.conf] action create (up to date)

  • template[/var/opt/delivery/nginx/etc/addon.d/21-delivery_upstreams.conf] action create (up to date)

  • template[/var/opt/delivery/nginx/etc/nginx.conf] action create (up to date)

  • template[/opt/delivery/embedded/nginx/html/maint_503.html] action create (up to date)

  • template[/opt/delivery/embedded/nginx/html/maint_image.svg] action create (up to date)

  • execute[restart_nginx_log_service] action nothing (skipped due to action :nothing)

  • template[/var/log/delivery/nginx/config] action create (up to date)
    Recipe:

  • service[nginx] action nothing (skipped due to action :nothing)
    Recipe: delivery::nginx

  • runit_service[nginx] action enable

    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/nginx] action create (up to date)
    • template[/opt/delivery/sv/nginx/run] action create (up to date)
    • directory[/opt/delivery/sv/nginx/log] action create (up to date)
    • directory[/opt/delivery/sv/nginx/log/main] action create (up to date)
    • directory[/var/log/nginx] action create (up to date)
    • template[/opt/delivery/sv/nginx/log/config] action create (up to date)
    • link[/var/log/nginx/config] action create (up to date)
    • template[/opt/delivery/sv/nginx/log/run] action create (up to date)
    • directory[/opt/delivery/sv/nginx/env] action create (up to date)
    • ruby_block[zap extra env files for nginx service] action run (skipped due to only_if)
    • directory[/opt/delivery/sv/nginx/control] action create (up to date)
    • link[/opt/delivery/init/nginx] action create (up to date)
    • file[/opt/delivery/sv/nginx/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/nginx] action create (up to date)
    • ruby_block[wait for nginx service socket] action run
      • execute the ruby block wait for nginx service socket
  • file[/var/log/delivery/nginx/delivery.access.log] action create

    • change group from ‘root’ to ‘delivery’
  • file[/var/log/delivery/nginx/delivery.error.log] action create (up to date)

  • file[/var/log/delivery/nginx/current] action create (up to date)

  • template[/etc/delivery/logrotate.d/nginx] action create (up to date)
    Recipe: delivery::delivery_web

  • directory[/var/opt/delivery/delivery_web/etc] action create (up to date)

  • template[/var/opt/delivery/delivery_web/etc/webui_config.js] action create (up to date)

  • link[/opt/delivery/embedded/service/delivery_web/javascripts/app_config.js] action create (up to date)
    Recipe: delivery::ctl_commands

  • template[/opt/delivery/embedded/service/omnibus-ctl/data_ctl.rb] action create (up to date)

  • template[/opt/delivery/embedded/bin/backup-data-ctl] action create (up to date)

  • template[/opt/delivery/embedded/bin/restore-data-ctl] action create (up to date)

  • template[/opt/delivery/embedded/bin/delivery_backup] action create (up to date)
    Recipe: delivery::license_check

  • directory[/var/opt/delivery/license] action create (up to date)

  • ruby_block[verify license file exists] action run

    • execute the ruby block verify license file exists
  • file[/var/opt/delivery/license/delivery.license] action create (up to date)


#8

Recipe: delivery::delivery

  • directory[/var/opt/delivery/delivery] action create (up to date)

  • directory[/var/opt/delivery/delivery/etc] action create (up to date)

  • directory[/var/log/delivery/delivery] action create (up to date)

  • directory[/var/log/delivery/delivery/sasl] action create (up to date)

  • directory[/var/opt/delivery/delivery/git_repos] action create (up to date)

  • directory[/var/opt/delivery/delivery/git_workspace] action create (up to date)

  • directory[/opt/delivery/embedded/service/delivery] action create (up to date)

  • directory[/opt/delivery/embedded/service/delivery/log] action delete

    • delete existing directory /opt/delivery/embedded/service/delivery/log
  • link[/opt/delivery/embedded/service/delivery/log] action create

    • create symlink at /opt/delivery/embedded/service/delivery/log to /var/log/delivery/delivery
  • template[/var/opt/delivery/delivery/etc/erlang.cfg] action create (up to date)

  • template[/var/opt/delivery/delivery/etc/sys.config] action create (up to date)

  • template[/var/opt/delivery/delivery/etc/vm.args] action create (up to date)
    Recipe: delivery::delivery_git

  • directory[/var/opt/delivery/delivery/etc/ssh_git_server_keys] action create (up to date)

  • execute[create rsa passphrase-less key for SSH git] action run (up to date)

  • execute[create dsa passphrase-less key for SSH git] action run (up to date)

  • template[/var/opt/delivery/delivery/.gitconfig] action create (up to date)
    Recipe: delivery::delivery

  • link[/opt/delivery/embedded/service/delivery/releases/0.0.1/sys.config] action create (up to date)

  • link[/opt/delivery/embedded/service/delivery/releases/0.0.1/vm.args] action create (up to date)

  • execute[restart_delivery_log_service] action nothing (skipped due to action :nothing)

  • template[/var/log/delivery/delivery/config] action create (up to date)
    Recipe:

  • service[delivery] action nothing (skipped due to action :nothing)
    Recipe: delivery::delivery

  • runit_service[delivery] action enable

    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/delivery] action create (up to date)
    • template[/opt/delivery/sv/delivery/run] action create (up to date)
    • directory[/opt/delivery/sv/delivery/log] action create (up to date)
    • directory[/opt/delivery/sv/delivery/log/main] action create (up to date)
    • directory[/var/log/delivery] action create (up to date)
    • template[/opt/delivery/sv/delivery/log/config] action create (up to date)
    • link[/var/log/delivery/config] action create (up to date)
    • template[/opt/delivery/sv/delivery/log/run] action create (up to date)
    • directory[/opt/delivery/sv/delivery/env] action create (up to date)
    • ruby_block[zap extra env files for delivery service] action run (skipped due to only_if)
    • directory[/opt/delivery/sv/delivery/control] action create (up to date)
    • template[/opt/delivery/sv/delivery/control/t] action create (up to date)
    • link[/opt/delivery/init/delivery] action create (up to date)
    • file[/opt/delivery/sv/delivery/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/delivery] action create (up to date)
    • ruby_block[wait for delivery service socket] action run
      • execute the ruby block wait for delivery service socket
  • execute[/opt/delivery/bin/delivery-ctl start delivery] action run

    • execute /opt/delivery/bin/delivery-ctl start delivery
  • execute[chown -R delivery /opt/delivery/sv/delivery/supervise] action run

    • execute chown -R delivery /opt/delivery/sv/delivery/supervise
      Recipe: delivery::rabbitmq
  • directory[/var/opt/delivery/rabbitmq] action create (up to date)

  • directory[/var/opt/delivery/rabbitmq/etc] action create (up to date)

  • directory[/var/opt/delivery/rabbitmq/db] action create (up to date)

  • directory[/var/log/delivery/rabbitmq] action create (up to date)

  • link[/var/opt/delivery/rabbitmq/db] action create (skipped due to not_if)

  • link[/opt/delivery/embedded/bin/rabbitmqctl] action create (up to date)

  • link[/opt/delivery/embedded/bin/rabbitmq-defaults] action create (up to date)

  • link[/opt/delivery/embedded/bin/rabbitmq-env] action create (up to date)

  • link[/opt/delivery/embedded/bin/rabbitmq-plugins] action create (up to date)

  • link[/opt/delivery/embedded/bin/rabbitmq-server] action create (up to date)

  • template[/opt/delivery/embedded/service/rabbitmq/sbin/rabbitmq-defaults] action create (up to date)

  • template[/var/opt/delivery/rabbitmq/etc/rabbitmq.conf] action create (up to date)

  • template[/var/opt/delivery/rabbitmq/etc/rabbitmq.config] action create (up to date)

  • execute[restart_rabbitmq_log_service] action nothing (skipped due to action :nothing)

  • template[/var/log/delivery/rabbitmq/config] action create (up to date)
    Recipe:

  • service[rabbitmq] action nothing (skipped due to action :nothing)
    Recipe: delivery::rabbitmq

  • runit_service[rabbitmq] action enable

    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/rabbitmq] action create (up to date)
    • template[/opt/delivery/sv/rabbitmq/run] action create (up to date)
    • directory[/opt/delivery/sv/rabbitmq/log] action create (up to date)
    • directory[/opt/delivery/sv/rabbitmq/log/main] action create (up to date)
    • directory[/var/log/rabbitmq] action create (up to date)
    • template[/opt/delivery/sv/rabbitmq/log/config] action create (up to date)
    • link[/var/log/rabbitmq/config] action create (up to date)
    • template[/opt/delivery/sv/rabbitmq/log/run] action create (up to date)
    • directory[/opt/delivery/sv/rabbitmq/env] action create (up to date)
    • ruby_block[zap extra env files for rabbitmq service] action run (skipped due to only_if)
    • template[/opt/delivery/sv/rabbitmq/finish] action create (up to date)
    • directory[/opt/delivery/sv/rabbitmq/control] action create (up to date)
    • link[/opt/delivery/init/rabbitmq] action create (up to date)
    • file[/opt/delivery/sv/rabbitmq/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/rabbitmq] action create (up to date)
    • ruby_block[wait for rabbitmq service socket] action run
      • execute the ruby block wait for rabbitmq service socket

Recipe:

  • service[rabbitmq] action nothing (skipped due to action :nothing)
  • service[rabbitmq] action nothing (skipped due to action :nothing)
    Recipe: delivery::rabbitmq
  • runit_service[rabbitmq] action start (up to date)
  • execute[wait for rabbitmq initial start] action run
    • execute /opt/delivery/embedded/bin/rabbitmqctl wait /var/opt/delivery/rabbitmq/db/rabbit@localhost.pid
  • file[/var/opt/delivery/rabbitmq/etc/clean_slate] action create (up to date)
  • bash[Reset RabbitMQ] action nothing (skipped due to action :nothing)
  • execute[wait for rabbitmq after reset] action nothing (skipped due to action :nothing)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl add_vhost /insights] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl add_user insights chefrocks] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl set_permissions -p /insights insights “." ".” “.*”] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl add_user rabbitmgmt chefrocks] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl set_permissions -p /insights rabbitmgmt “." ".” “.*”] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl set_permissions -p / rabbitmgmt “." ".” “.*”] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmq-plugins enable rabbitmq_management] action run (skipped due to not_if)
  • execute[/opt/delivery/embedded/bin/rabbitmqctl set_user_tags rabbitmgmt administrator] action run (skipped due to not_if)
    Recipe: delivery::elasticsearch
  • delivery_elasticsearch_cluster[insights] action create
    • Refreshing Delivery Elasticsearch Cluster ‘insights’ indexes
    • http_request[refresh the insights index fields] action get[2016-08-22T07:10:12-07:00] ERROR: http_request[refresh the insights index fields] (/opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/resources/elasticsearch_cluster.rb line 56) had an error: Net::HTTPServerException: 404 “Not Found”; ignore_failure is set, continuing

      ================================================================================
      Error executing action get on resource ‘http_request[refresh the insights index fields]’

      Net::HTTPServerException

      404 “Not Found”

      Resource Declaration:

      In /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/resources/elasticsearch_cluster.rb

      56: http_request ‘refresh the insights index fields’ do
      57: url request_url(’/insights-/_mapping/field/?ignore_unavailable=false&allow_no_indices=false&include_defaults=true’)
      58: action :get
      59: only_if { index_exists?(’.kibana’) }
      60: ignore_failure true # This command fails if there is no data in the index
      61: # (which would happen during the first run)
      62: end
      63:

      Compiled Resource:

      Declared in /opt/delivery/embedded/cookbooks/cache/cookbooks/delivery/resources/elasticsearch_cluster.rb:56:in `block (2 levels) in class_from_file’

      http_request(“refresh the insights index fields”) do
      action [:get]
      ignore_failure true
      retries 0
      retry_delay 2
      default_guard_interpreter :default
      message "refresh the insights index fields"
      url "http://localhost:9200/insights-/_mapping/field/?ignore_unavailable=false&allow_no_indices=false&include_defaults=true"
      headers {“Accept-Encoding”=>“gzip;q=1.0,deflate;q=0.6,identity;q=0.3”}
      declared_type :http_request
      cookbook_name "delivery"
      elasticsearch_url "http://localhost:9200"
      elasticsearch_client #<Net::HTTP localhost:9200 open=false>
      only_if { #code block }
      end

      Platform:

      x86_64-linux

    • http_request[create kibana index] action put (skipped due to not_if)

    • http_request[create insights search index] action nothing (skipped due to action :nothing)

    • http_request[set default search index] action nothing (skipped due to action :nothing)

Recipe: delivery::logstash

  • directory[/opt/delivery/embedded/logstash] action create (up to date)
  • directory[/var/log/delivery/logstash] action create (up to date)
  • execute[chown -R delivery /opt/delivery/embedded/logstash] action run
    • execute chown -R delivery /opt/delivery/embedded/logstash
  • http_request[delete insights template] action delete
  • http_request[delete node-state template] action delete
  • execute[restart_logstash_log_service] action nothing (skipped due to action :nothing)
  • template[/var/log/delivery/logstash/config] action create (up to date)
    Recipe:
  • service[logstash] action nothing (skipped due to action :nothing)
    Recipe: delivery::logstash
  • runit_service[logstash] action enable
    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/logstash] action create (up to date)
    • template[/opt/delivery/sv/logstash/run] action create (up to date)
    • directory[/opt/delivery/sv/logstash/log] action create (up to date)
    • directory[/opt/delivery/sv/logstash/log/main] action create (up to date)
    • directory[/var/log/logstash] action create (up to date)
    • template[/opt/delivery/sv/logstash/log/config] action create (up to date)
    • link[/var/log/logstash/config] action create (up to date)
    • template[/opt/delivery/sv/logstash/log/run] action create (up to date)
    • directory[/opt/delivery/sv/logstash/env] action create (up to date)
    • ruby_block[zap extra env files for logstash service] action run (skipped due to only_if)
    • directory[/opt/delivery/sv/logstash/control] action create (up to date)
    • link[/opt/delivery/init/logstash] action create (up to date)
    • file[/opt/delivery/sv/logstash/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/logstash] action create (up to date)
    • ruby_block[wait for logstash service socket] action run
      • execute the ruby block wait for logstash service socket

Recipe:

  • service[logstash] action nothing (skipped due to action :nothing)
  • service[logstash] action nothing (skipped due to action :nothing)
    Recipe: delivery::logstash
  • runit_service[logstash] action nothing (skipped due to action :nothing)
    Recipe: delivery::kibana
  • directory[/var/log/delivery/kibana] action create (up to date)
  • directory[/opt/delivery/embedded/kibana] action create (up to date)
  • directory[/var/opt/delivery/kibana/] action create (up to date)
  • execute[chown -R delivery /opt/delivery/embedded/kibana] action run
    • execute chown -R delivery /opt/delivery/embedded/kibana
  • template[/var/opt/delivery/kibana//kibana.conf] action create (up to date)
  • execute[restart_kibana_log_service] action nothing (skipped due to action :nothing)
  • template[/var/log/delivery/kibana/config] action create (up to date)
    Recipe:
  • service[kibana] action nothing (skipped due to action :nothing)
    Recipe: delivery::kibana
  • runit_service[kibana] action enable
    • ruby_block[restart_service] action nothing (skipped due to action :nothing)
    • ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/sv/kibana] action create (up to date)
    • template[/opt/delivery/sv/kibana/run] action create (up to date)
    • directory[/opt/delivery/sv/kibana/log] action create (up to date)
    • directory[/opt/delivery/sv/kibana/log/main] action create (up to date)
    • directory[/var/log/kibana] action create (up to date)
    • template[/opt/delivery/sv/kibana/log/config] action create (up to date)
    • link[/var/log/kibana/config] action create (up to date)
    • template[/opt/delivery/sv/kibana/log/run] action create (up to date)
    • directory[/opt/delivery/sv/kibana/env] action create (up to date)
    • ruby_block[zap extra env files for kibana service] action run (skipped due to only_if)
    • directory[/opt/delivery/sv/kibana/control] action create (up to date)
    • link[/opt/delivery/init/kibana] action create (up to date)
    • file[/opt/delivery/sv/kibana/down] action nothing (skipped due to action :nothing)
    • directory[/opt/delivery/service] action create (up to date)
    • link[/opt/delivery/service/kibana] action create (up to date)
    • ruby_block[wait for kibana service socket] action run
      • execute the ruby block wait for kibana service socket

Recipe:

  • service[logstash] action nothing (skipped due to action :nothing)
  • service[logstash] action nothing (skipped due to action :nothing)
    Recipe: delivery::elasticsearch_migrations
  • runit_service[logstash] action stop (up to date)
  • http_request[create .automate index] action post (skipped due to only_if)
  • delivery_elasticsearch_migration[migrate node-state index] action migrate (skipped due to only_if)
    Recipe:
  • service[logstash] action nothing (skipped due to action :nothing)
  • service[logstash] action nothing (skipped due to action :nothing)
    Recipe: delivery::elasticsearch_migrations
  • runit_service[logstash] action start (up to date)
    Recipe: delivery::insights_web
  • directory[/opt/delivery/embedded/service/insights_web/assets/config] action create (up to date)
  • template[/opt/delivery/embedded/service/insights_web/assets/config/config.json] action create (up to date)
    Recipe: delivery::auth
  • execute[create /etc/delivery/oidc_signing_key.pem] action run (up to date)
  • file[/etc/delivery/oidc_signing_key.pem] action create (up to date)
    Recipe:
  • service[lsyncd] action nothing (skipped due to action :nothing)
    Recipe: delivery::lsyncd
  • runit_service[lsyncd] action disable
    • ruby_block[disable lsyncd] action run (skipped due to only_if)
      (up to date)
  • directory[/opt/delivery/sv/lsyncd] action delete (up to date)
  • directory[/var/opt/delivery/lsyncd] action delete (up to date)
    Recipe: delivery::omnibus
  • file[/etc/delivery/delivery-running.json] action create (up to date)
    Recipe: delivery::backup_cronjob
  • template[/etc/cron.d/delivery_backup] action delete (up to date)
    Recipe:
  • service[nginx] action restart
    • restart service service[nginx]
      Recipe: delivery::elasticsearch_migrations
  • runit_service[logstash] action restart (up to date)

Running handlers:
Running handlers complete

Deprecated features used!
An attempt was made to change sysvinit_id from “SV” to nil by calling sysvinit_id(nil). In Chef 12, this does a get rather than a set. In Chef 13, this will change to set the value to nil. at 1 location:
- /opt/delivery/embedded/cookbooks/cache/cookbooks/enterprise/recipes/runit.rb:31:in `block in from_file’

Chef Client finished, 38/303 resources updated in 18 seconds