Chef client conflicts

ameir · February 9, 2016, 3:53pm

Hello,

We run two different Chef Server instances (11.x and 12.x). When running against the 11.x instance, when there’s a node conflict, the conflict is logged in the output, but the new node takes over the client and the node. When running against the 12.x instance, conflicts are logged in the output, and the Chef run fails:

[2016-02-08T19:37:27+00:00] INFO: *** Chef 12.5.1 ***
[2016-02-08T19:37:27+00:00] INFO: Chef-client pid: 13162
[2016-02-08T19:37:29+00:00] INFO: Client key /etc/chef/client.pem is not present - registering
[2016-02-08T19:37:29+00:00] INFO: HTTP Request Returned 409 Conflict: Client already exists
[2016-02-08T19:37:29+00:00] INFO: HTTP Request Returned 400 Bad Request: error
[2016-02-08T19:37:29+00:00] ERROR: Running exception handlers
[2016-02-08T19:37:29+00:00] ERROR: Exception handlers complete
[2016-02-08T19:37:29+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2016-02-08T19:37:29+00:00] ERROR: 400 "Bad Request"
[2016-02-08T19:37:29+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Is it possible to change this behavior to “last writer wins” like before? Our bootstrap process triggers on host boot, and deletes its own node and client on a shutdown or reboot. Unfortunately, in the cloud, not all hosts die cleanly, so some zombie nodes are left behind. This wasn’t a huge concern before, but these failed bootstraps against 12.x require manual intervention, which doesn’t work at scale.

Any tips would be appreciated.

Thanks,
Ameir

kdoonan · February 9, 2016, 5:03pm

Hi Ameir,

I’m not sure if it’s possible (it may be), but wouldn’t it be better to use a unique node name for nodes instead (that way you avoid conflicts)? Generally, we’ve used stuff like the instance id (in AWS) as part of the node name since it’s always unique.

Cheers
Kieran

ameir · February 11, 2016, 2:01am

Hi Kieran,

Thanks for your response. I’d be open to using the instance ID, although the hostname is preferable for obvious reasons. How do you enforce the instance ID? Do you query the metadata service and generate a client.rb with that node name populated?

Thanks!
-Ameir

kdoonan · February 11, 2016, 9:11am

That’s what we’ve always done, we use the metadata to either set node_name in client.rb or run chef-client for the first time with the -N option (e.g. chef-client -N i-123456).

Topic		Replies	Views
[SOLVED] Obtaining the Chef::Client instance in a running recipe Chef Infra (archive)	4	529	February 7, 2018
Delete duplicate Nodes Chef Infra (archive)	2	608	May 3, 2018
Changes to run_list (sometimes) won't stick! Chef Infra (archive)	5	1242	November 4, 2015
Rebuilding ephemeral chef servers Chef Infra (archive)	3	413	August 28, 2014
Is it possible to have a node to be handled by 2 Chef Server of different Version? Chef Infra (archive)	1	565	February 25, 2016

Chef client conflicts

Related Topics