Chef-client fails on newly added Windows nodes because it's looking for "<hostname>.ec2.internal"

stractenberg · August 15, 2016, 7:33pm

Hi everyone,

I’m using a PowerShell user-data script to add new EC2 instances to Chef. Everything installs and runs properly the FIRST time via the command:

C:\opscode\chef\bin\chef-client -E lfa-preprod -r recipe[sps_core_os] -L c:/chef/first-boot-log.log

or even with:

$h = hostname
C:\opscode\chef\bin\chef-client -E lfa-preprod -r recipe[sps_core_os] -L c:/chef/first-boot-log.log -N $h

but after that, it fails because the node thinks it’s name is “hostname.ec2.internal” but the server thinks it’s “hostname” (which is just WIN-1DORVBSAEU1 in this case). And NOTHING I can find references .ec2.internal. All of the following PowerShell commands to determine the hostname or FQDN NEVER result with .ec2.internal:

$myFQDN=(Get-WmiObject win32_computersystem).DNSHostName+"."+(Get-WmiObject win32_computersystem).Domain

System.Net.Dns::GetHostByName((hostname)).HostName

“$env:computername.$env:userdnsdomain”

“$env:computername”+"$env:userdnsdomain"

Here is the client run output:

================================================================================
Chef encountered an error attempting to load the node data for “WIN-1DORVBSAEU1.ec2.internal”

Authentication Error:

Failed to authenticate to the chef server (http 401).

Server Response:

Failed to authenticate as ‘WIN-1DORVBSAEU1.ec2.internal’. Ensure that your node_name and client key are correct.

Relevant Config Settings:

chef_server_url "https://l/organizations/"
node_name "WIN-1DORVBSAEU1.ec2.internal"
client_key “C:\chef\client.pem”

If these settings are correct, your client_key may be invalid, or
you may have a chef user with the same client name as this node.

Platform:

i386-mingw32

←[0m
Running handlers:
[2016-08-15T15:24:01-04:00] ERROR: Running exception handlers
Running handlers complete
[2016-08-15T15:24:01-04:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 09 seconds
[2016-08-15T15:24:01-04:00] FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out
[2016-08-15T15:24:01-04:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-08-15T15:24:01-04:00] FATAL: Net::HTTPServerException: 401 “Unauthorized”

Even stranger is that sometimes, it works. but the vast majority it fails. Yes, I could manually reset nodenames/keys and reregister but I need this process to be 100% automatic with zero manual intervention. Please help! Thanks.

nclemons · August 16, 2016, 12:36am

Your client.rb specifies hostname.ec2.internal.

Nathan Clemons
DevOps Engineer
Moxie Cloud Services (MCS)

O +1.425.467.5075
M +1.360.861.6291
E nclemons@gomoxie.com
W www.gomoxie.com http://www.gomoxie.com/

stractenberg · August 16, 2016, 11:56am

log_level :info
log_location STDOUT

chef_server_url "https://chef_server_fqdn/organizations/org"
validation_client_name "org-validator"
validation_key “c:/chef/org-validator.pem”

file_cache_path "c:/chef/cache"
file_backup_path "c:/chef/backup"
cache_options ({:path => “c:/chef/cache/checksums”, :skip_expires => true})

trusted_certs_dir “c:/chef/trusted_certs”

encrypted_data_bag_secret “C:/chef/encrypted_data_bag_secret”

Topic		Replies	Views
Chef powershell cookbook won't update the hostname Chef Infra (archive)	2	566	November 1, 2011
Updating hostname with powershell via chef not working Chef Infra (archive)	0	421	October 12, 2011
Adding Windows nodes to Chef 12 - case sensitivity/hostname duplicates Chef Infra (archive)	2	1176	May 2, 2016
Knife-ec2 instance creation and management Chef Infra (archive)	19	909	June 20, 2013
NODE_HOSTNAME tmp=/tmp: Command not found Chef Infra (archive)	1	586	April 28, 2016