Chef basics after installation: validation.pem and webui.pem

Chef Infra (archive)
1

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3 I´m
trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem and
webui.pem from /etc/chef…

I´m searched the hole hard disk without a positive match of validation and
web.pem.

I´m not very familiar with runit but searching the web I think server api
is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
… other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281) 1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation of
chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

2

You will need to open up some ports on the server, defaults I think
are 4040 and 4000 (but I'm not positive)

The webui.pem and validation.pem should be in /etc/chef on the chef
server. What do you have in there now?
-Jesse

On Mon, Jan 16, 2012 at 09:18, Till Brinkmann
till.brinkmann@9elements.com wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3 I´m
trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem and
webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation and
web.pem.

I´m not very familiar with runit but searching the web I think server api is
up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281) 1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation of
chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

3

Those key files should be created in /etc/chef when the servers start up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan
On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3 I´m
trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem and
webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation and
web.pem.

I´m not very familiar with runit but searching the web I think server api
is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281) 1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation of
chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

4

Re,

ls -la /etc/chef
total 20
drwx------ 2 chef root 4096 Jan 16 13:12 certificates
-rw-r----- 1 root root 2985 Jan 16 13:04 client.rb
lrwxrwxrwx 1 root root 17 Jan 16 13:12 expander.rb -> /etc/chef/solr.rb
-rw------- 1 chef root 927 Jan 16 13:12 server.rb
-rw-r--r-- 1 root root 74 Jan 16 13:05 solo.rb
-rw------- 1 chef root 404 Jan 16 13:12 solr.rb
lrwxrwxrwx 1 root root 19 Jan 16 13:12 webui.rb -> /etc/chef/server.rb

All Ports open nothing blocked

root@pcb01389-vm8:/etc/chef# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

@Bryan that could be the issu*

012-01-16_14:35:46.19881 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-16_14:35:46.20391 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20394 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20398 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-16_14:35:46.20400 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20403 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20405 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-16_14:35:46.20409 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20411 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20414 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-16_14:35:46.20416 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20420 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20423 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-16_14:35:46.20425 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20428 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20431 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-16_14:35:46.20434 from /usr/bin/chef-server:19:in `load'
2012-01-16_14:35:46.20436 from /usr/bin/chef-server:19

Thanks Till

Am 16. Januar 2012 15:35 schrieb Bryan McLellan btm@loftninjas.org:

Those key files should be created in /etc/chef when the servers start up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan
On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3
I´m trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem and
webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation
and web.pem.

I´m not very familiar with runit but searching the web I think server api
is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281) 1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation of
chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

5

any idea how to fix this problem ?

Am 16. Januar 2012 15:39 schrieb Till Brinkmann <
till.brinkmann@9elements.com>:

Re,

ls -la /etc/chef
total 20
drwx------ 2 chef root 4096 Jan 16 13:12 certificates
-rw-r----- 1 root root 2985 Jan 16 13:04 client.rb
lrwxrwxrwx 1 root root 17 Jan 16 13:12 expander.rb -> /etc/chef/solr.rb
-rw------- 1 chef root 927 Jan 16 13:12 server.rb
-rw-r--r-- 1 root root 74 Jan 16 13:05 solo.rb
-rw------- 1 chef root 404 Jan 16 13:12 solr.rb
lrwxrwxrwx 1 root root 19 Jan 16 13:12 webui.rb -> /etc/chef/server.rb

All Ports open nothing blocked

root@pcb01389-vm8:/etc/chef# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

@Bryan that could be the issu*

012-01-16_14:35:46.19881 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-16_14:35:46.20391 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20394 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20398 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-16_14:35:46.20400 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20403 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20405 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-16_14:35:46.20409 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20411 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20414 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-16_14:35:46.20416 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20420 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20423 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-16_14:35:46.20425 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20428 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20431 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-16_14:35:46.20434 from /usr/bin/chef-server:19:in `load'
2012-01-16_14:35:46.20436 from /usr/bin/chef-server:19

Thanks Till

Am 16. Januar 2012 15:35 schrieb Bryan McLellan btm@loftninjas.org:

Those key files should be created in /etc/chef when the servers start up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan
On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3
I´m trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem
and webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation
and web.pem.

I´m not very familiar with runit but searching the web I think server
api is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281)
1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation
of chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

6

I believe on an empty database, when started, the chef-server-api will
create the validation and webui pems and write them out to /etc/chef

https://github.com/opscode/chef/blob/master/chef-server-api/config/init.rb#L81-87

Maybe run chef-server-api non-interactively with debug output?

Cheers,

--AJ

On 17 January 2012 08:39, Till Brinkmann till.brinkmann@9elements.com wrote:

any idea how to fix this problem ?

Am 16. Januar 2012 15:39 schrieb Till Brinkmann
till.brinkmann@9elements.com:

Re,

ls -la /etc/chef
total 20
drwx------ 2 chef root 4096 Jan 16 13:12 certificates
-rw-r----- 1 root root 2985 Jan 16 13:04 client.rb
lrwxrwxrwx 1 root root 17 Jan 16 13:12 expander.rb -> /etc/chef/solr.rb
-rw------- 1 chef root 927 Jan 16 13:12 server.rb
-rw-r--r-- 1 root root 74 Jan 16 13:05 solo.rb
-rw------- 1 chef root 404 Jan 16 13:12 solr.rb
lrwxrwxrwx 1 root root 19 Jan 16 13:12 webui.rb -> /etc/chef/server.rb

All Ports open nothing blocked

root@pcb01389-vm8:/etc/chef# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

@Bryan that could be the issu

012-01-16_14:35:46.19881 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-16_14:35:46.20391 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20394 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20398 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-16_14:35:46.20400 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20403 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20405 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-16_14:35:46.20409 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20411 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20414 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-16_14:35:46.20416 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20420 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20423 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-16_14:35:46.20425 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20428 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20431 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-16_14:35:46.20434 from /usr/bin/chef-server:19:in `load'
2012-01-16_14:35:46.20436 from /usr/bin/chef-server:19

Thanks Till

Am 16. Januar 2012 15:35 schrieb Bryan McLellan btm@loftninjas.org:

Those key files should be created in /etc/chef when the servers start up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan

On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3
I´m trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem
and webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation
and web.pem.

I´m not very familiar with runit but searching the web I think server
api is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281)
1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279)
1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation
of chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

7

It looks like there is a stack trace in your logs. Can you get the full
error message?
On Jan 16, 2012 9:39 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Re,

ls -la /etc/chef
total 20
drwx------ 2 chef root 4096 Jan 16 13:12 certificates
-rw-r----- 1 root root 2985 Jan 16 13:04 client.rb
lrwxrwxrwx 1 root root 17 Jan 16 13:12 expander.rb -> /etc/chef/solr.rb
-rw------- 1 chef root 927 Jan 16 13:12 server.rb
-rw-r--r-- 1 root root 74 Jan 16 13:05 solo.rb
-rw------- 1 chef root 404 Jan 16 13:12 solr.rb
lrwxrwxrwx 1 root root 19 Jan 16 13:12 webui.rb -> /etc/chef/server.rb

All Ports open nothing blocked

root@pcb01389-vm8:/etc/chef# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

@Bryan that could be the issu*

012-01-16_14:35:46.19881 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-16_14:35:46.20391 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20394 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20398 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-16_14:35:46.20400 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20403 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20405 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-16_14:35:46.20409 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20411 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20414 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-16_14:35:46.20416 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20420 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20423 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-16_14:35:46.20425 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20428 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20431 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-16_14:35:46.20434 from /usr/bin/chef-server:19:in `load'
2012-01-16_14:35:46.20436 from /usr/bin/chef-server:19

Thanks Till

Am 16. Januar 2012 15:35 schrieb Bryan McLellan btm@loftninjas.org:

Those key files should be created in /etc/chef when the servers start up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan
On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3
I´m trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem
and webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation
and web.pem.

I´m not very familiar with runit but searching the web I think server
api is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281)
1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279) 1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation
of chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

8

Stacktrace from /etc/sv/chef-server/log/main/current

2012-01-17_06:51:20.27096 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-17_06:51:20.27115 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-17_06:51:20.27120 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-17_06:51:20.27124 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-17_06:51:20.27128 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-17_06:51:20.27132 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-17_06:51:20.27137 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-17_06:51:20.27141 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-17_06:51:20.27145 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-17_06:51:20.27150 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-17_06:51:20.27155 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-17_06:51:20.27161 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-17_06:51:20.27166 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-17_06:51:20.27169 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-17_06:51:20.27174 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-17_06:51:20.27178 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-17_06:51:20.27182 from /usr/bin/chef-server:19:in `load'
2012-01-17_06:51:20.27189 from /usr/bin/chef-server:19

Hope that could help to find the problem.

Thanks Till

Am 16. Januar 2012 21:07 schrieb Bryan McLellan btm@loftninjas.org:

It looks like there is a stack trace in your logs. Can you get the full
error message?
On Jan 16, 2012 9:39 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Re,

ls -la /etc/chef
total 20
drwx------ 2 chef root 4096 Jan 16 13:12 certificates
-rw-r----- 1 root root 2985 Jan 16 13:04 client.rb
lrwxrwxrwx 1 root root 17 Jan 16 13:12 expander.rb -> /etc/chef/solr.rb
-rw------- 1 chef root 927 Jan 16 13:12 server.rb
-rw-r--r-- 1 root root 74 Jan 16 13:05 solo.rb
-rw------- 1 chef root 404 Jan 16 13:12 solr.rb
lrwxrwxrwx 1 root root 19 Jan 16 13:12 webui.rb -> /etc/chef/server.rb

All Ports open nothing blocked

root@pcb01389-vm8:/etc/chef# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

@Bryan that could be the issu*

012-01-16_14:35:46.19881 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)
2012-01-16_14:35:46.20391 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20394 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20398 from
/usr/lib/ruby/1.8/rubygems/spec_fetcher.rb:4
2012-01-16_14:35:46.20400 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20403 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20405 from
/usr/lib/ruby/vendor_ruby/chef/provider/package/rubygems.rb:32
2012-01-16_14:35:46.20409 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20411 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20414 from
/usr/lib/ruby/vendor_ruby/chef/providers.rb:59
2012-01-16_14:35:46.20416 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20420 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20423 from /usr/lib/ruby/vendor_ruby/chef.rb:25
2012-01-16_14:35:46.20425 from
/usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in
gem_original_require' 2012-01-16_14:35:46.20428 from /usr/local/lib/site_ruby/1.8/rubygems/custom_require.rb:36:in require'
2012-01-16_14:35:46.20431 from
/usr/lib/ruby/gems/1.8/gems/chef-server-api-0.10.8/bin/chef-server:38
2012-01-16_14:35:46.20434 from /usr/bin/chef-server:19:in `load'
2012-01-16_14:35:46.20436 from /usr/bin/chef-server:19

Thanks Till

Am 16. Januar 2012 15:35 schrieb Bryan McLellan btm@loftninjas.org:

Those key files should be created in /etc/chef when the servers start
up.

Look at the logs created by runit in the in the
/etc/ac/SERVICE/log/main/current files as well.

Bryan
On Jan 16, 2012 9:18 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Hi chef-list,
after I successful finished the bootstrap installation on debian 6.0.3
I´m trying to configure the command line client.

First step on chef-wiki is to provide the certificates validation.pem
and webui.pem from /etc/chef......

I´m searched the hole hard disk without a positive match of validation
and web.pem.

I´m not very familiar with runit but searching the web I think server
api is up and running.

#>sv s /etc/sv/chef-server
run: /etc/sv/chef-server: (pid 7138) 0s; run: log: (pid 1275) 1702s
.. other chef components
run: /etc/sv/chef-server-webui/: (pid 7155) 1s; run: log: (pid 1281)
1707s
run: /etc/sv/chef-expander/: (pid 1280) 1710s; run: log: (pid 1279)
1710s
run: /etc/sv/chef-solr/: (pid 1278) 1713s; run: log: (pid 1277) 1713s

Q: Why does server-api does not create validation.pem and webui.pem ?

May corresponding to that I´m not sure but does after the installation
of chef the system have to provide open ports for webaccess ?

Nmap scan from admin workstation to chef server

nmap 10.111.91.119

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2012-01-16 15:13 CET
Nmap scan report for 10.111.91.119
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Thanks for helping me to understand chef :-/
Till

9

On Tue, Jan 17, 2012 at 2:04 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

2012-01-17_06:51:20.27096 /usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)

What version of Rubygems is installed on the system? Do you have
Rubygems installed via apt? Run "dpkg -l rubygems*"

http://tickets.opscode.com/browse/CHEF-2138 might be related.

Bryan

10

Re,
so I followed the wiki and installed the gems by download
rubygems-1.8.10.tgz and installed by ruby.

#>ruby setup.rb --no-format-executable
#>gem install chef --no-ri --no-rdoc

dpkg -l rubygems
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
ii rubygems 1.3.7-3 package
management framework for Ruby libraries/applications

Thanks a lot for helping me :-/
Greetings from Germany

Am 17. Januar 2012 16:22 schrieb Bryan McLellan btm@loftninjas.org:

On Tue, Jan 17, 2012 at 2:04 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

2012-01-17_06:51:20.27096
/usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)

What version of Rubygems is installed on the system? Do you have
Rubygems installed via apt? Run "dpkg -l rubygems*"

http://tickets.opscode.com/browse/CHEF-2138 might be related.

Bryan

11

It looks like you have Rubygems installed both from source and as a
package. You may want to remove the package with 'apt-get remove rubygems
rubygems1.8' and then follow the instructions for installing from source
again. I think the two are likely mixed together.

Bryan
On Jan 18, 2012 3:16 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Re,
so I followed the wiki and installed the gems by download
rubygems-1.8.10.tgz and installed by ruby.

#>ruby setup.rb --no-format-executable
#>gem install chef --no-ri --no-rdoc

dpkg -l rubygems
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
ii rubygems 1.3.7-3 package
management framework for Ruby libraries/applications

Thanks a lot for helping me :-/
Greetings from Germany

Am 17. Januar 2012 16:22 schrieb Bryan McLellan btm@loftninjas.org:

On Tue, Jan 17, 2012 at 2:04 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

2012-01-17_06:51:20.27096
/usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)

What version of Rubygems is installed on the system? Do you have
Rubygems installed via apt? Run "dpkg -l rubygems*"

http://tickets.opscode.com/browse/CHEF-2138 might be related.

Bryan

12

wow !
that weird, after remove that package and reinstalled it system now up and
running.

I will get in touch with that because I repeat installation six or seven
times step by step from opscode wiki.

May I could find a bug :slight_smile:

Thanks a lot

*close

Am 18. Januar 2012 14:14 schrieb Bryan McLellan btm@loftninjas.org:

It looks like you have Rubygems installed both from source and as a
package. You may want to remove the package with 'apt-get remove rubygems
rubygems1.8' and then follow the instructions for installing from source
again. I think the two are likely mixed together.

Bryan
On Jan 18, 2012 3:16 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Re,
so I followed the wiki and installed the gems by download
rubygems-1.8.10.tgz and installed by ruby.

#>ruby setup.rb --no-format-executable
#>gem install chef --no-ri --no-rdoc

dpkg -l rubygems
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
ii rubygems 1.3.7-3 package
management framework for Ruby libraries/applications

Thanks a lot for helping me :-/
Greetings from Germany

Am 17. Januar 2012 16:22 schrieb Bryan McLellan btm@loftninjas.org:

On Tue, Jan 17, 2012 at 2:04 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

2012-01-17_06:51:20.27096
/usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)

What version of Rubygems is installed on the system? Do you have
Rubygems installed via apt? Run "dpkg -l rubygems*"

http://tickets.opscode.com/browse/CHEF-2138 might be related.

Bryan

13

Bryan you are totally right rubygems1.8 is an dependency for chef and
ruby......

May it is a good idea to mention that in the opscode wiki...
so no ruby developer like me may not so sophisticated with gems and ruby
itself :-/

Anyway is there an address or employee to get in contact with for opscode
wiki ?

Thanks Till

Am 18. Januar 2012 15:32 schrieb Till Brinkmann <
till.brinkmann@9elements.com>:

wow !
that weird, after remove that package and reinstalled it system now up and
running.

I will get in touch with that because I repeat installation six or seven
times step by step from opscode wiki.

May I could find a bug :slight_smile:

Thanks a lot

*close

Am 18. Januar 2012 14:14 schrieb Bryan McLellan btm@loftninjas.org:

It looks like you have Rubygems installed both from source and as a

package. You may want to remove the package with 'apt-get remove rubygems
rubygems1.8' and then follow the instructions for installing from source
again. I think the two are likely mixed together.

Bryan
On Jan 18, 2012 3:16 AM, "Till Brinkmann" till.brinkmann@9elements.com
wrote:

Re,
so I followed the wiki and installed the gems by download
rubygems-1.8.10.tgz and installed by ruby.

#>ruby setup.rb --no-format-executable
#>gem install chef --no-ri --no-rdoc

dpkg -l rubygems
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
ii rubygems 1.3.7-3 package
management framework for Ruby libraries/applications

Thanks a lot for helping me :-/
Greetings from Germany

Am 17. Januar 2012 16:22 schrieb Bryan McLellan btm@loftninjas.org:

On Tue, Jan 17, 2012 at 2:04 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

2012-01-17_06:51:20.27096
/usr/lib/ruby/1.8/rubygems/remote_fetcher.rb:14:
uninitialized constant Gem::UserInteraction (NameError)

What version of Rubygems is installed on the system? Do you have
Rubygems installed via apt? Run "dpkg -l rubygems*"

http://tickets.opscode.com/browse/CHEF-2138 might be related.

Bryan

14

On Wed, Jan 18, 2012 at 10:05 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

Anyway is there an address or employee to get in contact with for opscode
wiki ?

Opscode employees, including myself, read the mailing list. I'm sure
one of the folks who garden and nurture the wiki on a regular basis
will consider if there is better language that could be added, all
things considered.

That said, it is a public wiki. Everyone else in the community can participate.

Bryan

15

Hi,

On Wed, Jan 18, 2012 at 7:05 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

Anyway is there an address or employee to get in contact with for opscode
wiki ?

As Bryan mentioned, most of us follow the list. This morning we had
some discussion about improving the situation regarding the version of
Rubygems we install and how we reference the required version
throughout the documentation. Hopefully, you'll see some edits to the
wiki soon that reflect this discussion.

Cheers,

Steven

16

Re,
I don´t want to be unfriendly yes you are right I could do some changes on
my on :-/
Thanks for your support.

Greeting Til

Am 18. Januar 2012 20:10 schrieb Steven Danna steve@opscode.com:

Hi,

On Wed, Jan 18, 2012 at 7:05 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

Anyway is there an address or employee to get in contact with for opscode
wiki ?

As Bryan mentioned, most of us follow the list. This morning we had
some discussion about improving the situation regarding the version of
Rubygems we install and how we reference the required version
throughout the documentation. Hopefully, you'll see some edits to the
wiki soon that reflect this discussion.

Cheers,

Steven

17

Thanks Til.

In this particular instance, we're having to re-think how we approach the
requirements/details for rubygems installation - particularly incorporating
the upcoming Omnibus release... so we will be making a number of changes in
the near future once the details are put together.

If you have something that you believe would be directly helpful in the
meantime, as a public wiki, you can make it yourself - or you can send it
to either Steven or I for review and incorporation.

  • Tom

On Wed, Jan 18, 2012 at 10:50 PM, Till Brinkmann <
till.brinkmann@9elements.com> wrote:

Re,
I don´t want to be unfriendly yes you are right I could do some changes on
my on :-/
Thanks for your support.

Greeting Til

Am 18. Januar 2012 20:10 schrieb Steven Danna steve@opscode.com:

Hi,

On Wed, Jan 18, 2012 at 7:05 AM, Till Brinkmann
till.brinkmann@9elements.com wrote:

Anyway is there an address or employee to get in contact with for
opscode
wiki ?

As Bryan mentioned, most of us follow the list. This morning we had
some discussion about improving the situation regarding the version of
Rubygems we install and how we reference the required version
throughout the documentation. Hopefully, you'll see some edits to the
wiki soon that reflect this discussion.

Cheers,

Steven