Chef bootstrap error


#1

Description
Chef encountered an error attempting to create the client “rh36”

ChefDK Version
Chef Development Kit Version: 2.4.17
chef-client version: 13.6.4
delivery version: master (73ebb72a6c42b3d2ff5370c476be800fee7e5427)
berks version: 6.3.1
kitchen version: 1.19.2
inspec version: 1.45.13

Platform Version
CentOS7
Linux rh36 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Replication Case
knife bootstrap rh36 --ssh-user lijun --sudo --identity-file ~/.ssh/id_rsa --node-name rh36 --run-list ‘recipe[learn_chef_httpd]’

Stacktrace
[root@rh36 chef]# cat /var/chef/cache/chef-stacktrace.out
Generated at 2018-04-13 01:06:17 -0400
Net::HTTPServerException: 401 “Unauthorized”
/opt/chef/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in error!’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/http.rb:152:inrequest’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/http.rb:131:in post’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/api_client/registration.rb:96:increate’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/api_client/registration.rb:87:in create_or_update’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/api_client/registration.rb:58:inrun’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/client.rb:669:in register’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/client.rb:267:inrun’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:292:in block in fork_chef_client’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:280:infork’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:280:in fork_chef_client’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:245:inblock in run_chef_client’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/local_mode.rb:44:in with_server_connectivity’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:233:inrun_chef_client’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application/client.rb:469:in sleep_then_run_chef_client’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application/client.rb:458:inblock in interval_run_chef_client’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application/client.rb:457:in loop’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application/client.rb:457:ininterval_run_chef_client’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application/client.rb:441:in run_application’ /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/lib/chef/application.rb:59:inrun’
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/bin/chef-client:26:in <top (required)>’ /bin/chef-client:59:inload’
/bin/chef-client:59:in `


####### Bootstrap outputs #########

lijun@rh66:~/learn-chef/.chef$ knife bootstrap rh36 --ssh-user lijun --sudo --identity-file ~/.ssh/id_rsa --node-name rh36 --run-list ‘recipe[learn_chef_httpd]’
Doing old-style registration with the validation key at /home/lijun/learn-chef/.chef/learnchef-validator.pem…
Delete your validation key in order to use your user credentials instead

Connecting to rh36
rh36 knife sudo password:
Enter your password:
rh36
rh36 -----> Installing Chef Omnibus (-v 13)
rh36 downloading https://omnitruck-direct.chef.io/chef/install.sh
rh36 to file /tmp/install.sh.1643/install.sh
rh36 trying wget…
rh36 el 7 x86_64
rh36 Getting information for chef stable 13 for el…
rh36 downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=13&p=el&pv=7&m=x86_64
rh36 to file /tmp/install.sh.1648/metadata.txt
rh36 trying wget…
rh36 sha1 f69e475eb3bcdeefe761462f05cbf7c7281270ae
rh36 sha256 39227d13e5ca2ae023627ad63c56a073b7fecf1a68030915b11ce55e9692c214
rh36 url https://packages.chef.io/files/stable/chef/13.8.5/el/7/chef-13.8.5-1.el7.x86_64.rpm
rh36 version 13.8.5
rh36 downloaded metadata file looks valid…
rh36 downloading https://packages.chef.io/files/stable/chef/13.8.5/el/7/chef-13.8.5-1.el7.x86_64.rpm
rh36 to file /tmp/install.sh.1648/chef-13.8.5-1.el7.x86_64.rpm
rh36 trying wget…
rh36 Comparing checksum with sha256sum…
rh36 Installing chef 13
rh36 installing with rpm…
rh36 warning: /tmp/install.sh.1648/chef-13.8.5-1.el7.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
rh36 Preparing… ################################# [100%]
rh36 Updating / installing…
rh36 1:chef-13.8.5-1.el7 ################################# [100%]
rh36 Thank you for installing Chef!
rh36 Starting the first Chef Client run…
rh36 Starting Chef Client, version 13.8.5
rh36 Creating a new client identity for rh36 using the validator key.
rh36
rh36 ================================================================================
rh36 Chef encountered an error attempting to create the client “rh36”
rh36 ================================================================================
rh36
rh36 Authentication Error:
rh36 ---------------------
rh36 Failed to authenticate to the chef server (http 401).
rh36
rh36 Server Response:
rh36 ----------------
rh36 Failed to authenticate as ‘learnchef’. Ensure that your node_name and client key are correct.
rh36
rh36 Relevant Config Settings:
rh36 -------------------------
rh36 chef_server_url “https://rh56/organizations/learnchef
rh36 validation_client_name “learnchef”
rh36 validation_key “/etc/chef/validation.pem”
rh36
rh36 If these settings are correct, your validation_key may be invalid.
rh36
rh36 System Info:
rh36 ------------
rh36 chef_version=13.8.5
rh36 ruby=ruby 2.4.3p205 (2017-12-14 revision 61247) [x86_64-linux]
rh36 program_name=chef-client worker: ppid=1643;start=22:36:29;
rh36 executable=/opt/chef/bin/chef-client
rh36
rh36
rh36 Running handlers:
rh36 [2018-04-12T22:36:31-04:00] ERROR: Running exception handlers
rh36 Running handlers complete
rh36 [2018-04-12T22:36:31-04:00] ERROR: Exception handlers complete
rh36 Chef Client failed. 0 resources updated in 01 seconds
rh36 [2018-04-12T22:36:31-04:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
rh36 [2018-04-12T22:36:31-04:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
rh36 [2018-04-12T22:36:31-04:00] ERROR: 401 “Unauthorized”
rh36 [2018-04-12T22:36:31-04:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)


#2

Environments:

Hostname: rh56
role: Chef server

Hostname: rh66
role: Chef workstation

Hostname: rh36
role: Linux server (CentOS 7)

Knife.rb on rh66:
lijun@rh66:~/learn-chef/.chef$ cat knife.rb
current_dir = File.dirname(FILE)
log_level :info
log_location STDOUT
node_name “lijun”
client_key “#{current_dir}/lijun.pem”
validation_client_name ‘learnchef’
validation_key “#{current_dir}/learnchef-validator.pem”
chef_server_url “https://rh56/organizations/learnchef
cache_type ‘BasicFile’
cache_options( :path => “#{ENV[‘HOME’]}/.chef/checksums” )
cookbook_path ["#{current_dir}/…/cookbooks"]

lijun@rh66:~/learn-chef/.chef$ knife ssl check
Connecting to host rh56:443
Successfully verified certificates from `rh56’

lijun@rh66:~/learn-chef/.chef$ knife bootstrap rh36 --ssh-user lijun --sudo --identity-file ~/.ssh/id_rsa --node-name rh36 --run-list ‘recipe[learn_chef_httpd]’

This command successfully downloaded and installed Chef, but got authentication error when creating a new client identity for rh36 using validation key.

Please share any ideas to fix this issue. Thanks.


#3

Hi @hello1900,

I would unregister the rh36 from the chef-server with following commands issued from your chef workstation (rh66):

  • knife client delete rh36
  • knife node delete rh36

Also I would delete everything under /etc/chef/ from your rh36 node.

After these steps I would try your bootsrap command again