Chef server is ignoring /etc/chef-server/chef-server.rb?


#1

I’m pretty new to Chef, so maybe I’m missing something obvious. I’m setting up
Chef to manage an MPI cluster on a set of nodes running Ubuntu Linux 12.04. I
followed the instructions for setting up the open source Chef Server version
11.0.11, and it seems like everything is fine; I’ve got my head node and worker
nodes all working as expected.

However, I’d like to stop Chef’s embedded nginx from listening to port 80 on
the Chef server so that I can run a different service on that port. According
to http://docs.opscode.com/config_rb_chef_server.html , I should be able to
create a file at /etc/chef-server/chef-server.rb containing
"nginx[‘non_ssl_port’] = nil" and then run "sudo chef-server-ctl reconfigure"
to do so, right?

I’ve done so, but it didn’t seem to have any effect. nginx is still listening
on port 80, and the output from chef-server-ctl didn’t look like it was parsing
chef-server.rb or changing anything in the nginx config at all. I’ve tried
restarting the Chef server and setting miscellaneous other values in there,
too, but it seems like nothing has any effect.

Am I missing something? Is there a way to tell where Chef thinks it’s loading
its server config from?

Thanks,
P. J. Reed


#2

Hey P.J.,

I looked into this and chef-server.rb isn’t being ignored. It looks like
either we have a bug or our docs are wrong. Instead of setting
nginx[‘non_ssl_port’] = nil, set it to nginx[‘non_ssl_port’] = false and
then run chef-server-ctl reconfigure. nil currently causes the defaults
to be left in place (or put back into place if they had been removed).
I’ll follow up and either get a bug filed or the docs updated, but this
should move you forward.

And just to give you more information than you likely need, chef
configures itself with chef (it uses chef-solo). The cookbooks that do
this are installed by the omnibus installer to
/opt/chef-server/embedded/cookbooks/chef-server. You can always look
there and read them to see the default values that will be applied.

You can view the omnibus-chef-server repo and see how everything that
creates the installer package is put together:
https://github.com/opscode/omnibus-chef-server. This conforms to omnibus
packaging conventions, so the above mentioned cookbooks are in
files/chef-server-cookbooks/chef-server in that repo.

Since we’re talking about nginx here, the cookbooks will render the
nginx config to /var/opt/chef-server/nginx/etc/ so you can always look
there to see what nginx config chef is using.

It’s still recommended that you make changes by modifying
/etc/chef-server/chef-server.rb. Sorry for our mistake and the confusion
it caused you.

Let me know if that doesn’t solve your issue. As I said, I’ll follow up
to make sure either the docs are updated or that we fix a bug that
causes nil not to work (I suspect it’s our docs that are wrong, however).

Thanks,

Mark Mzyk
Chef Software Engineer

preed@swri.org mailto:preed@swri.org
March 6, 2014 at 5:48 PM
I’m pretty new to Chef, so maybe I’m missing something obvious. I’m
setting up
Chef to manage an MPI cluster on a set of nodes running Ubuntu Linux
12.04. I
followed the instructions for setting up the open source Chef Server
version
11.0.11, and it seems like everything is fine; I’ve got my head node
and worker
nodes all working as expected.

However, I’d like to stop Chef’s embedded nginx from listening to port
80 on
the Chef server so that I can run a different service on that port.
According
to http://docs.opscode.com/config_rb_chef_server.html , I should be
able to
create a file at /etc/chef-server/chef-server.rb containing
"nginx[‘non_ssl_port’] = nil" and then run "sudo chef-server-ctl
reconfigure"
to do so, right?

I’ve done so, but it didn’t seem to have any effect. nginx is still
listening
on port 80, and the output from chef-server-ctl didn’t look like it
was parsing
chef-server.rb or changing anything in the nginx config at all. I’ve tried
restarting the Chef server and setting miscellaneous other values in
there,
too, but it seems like nothing has any effect.

Am I missing something? Is there a way to tell where Chef thinks it’s
loading
its server config from?

Thanks,
P. J. Reed


#3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aha, that worked. Setting it to false did exactly what I wanted.
Thank you!

P. J.

On Fri, 7 Mar 2014 16:47:59 -0500
Mark Mzyk mmzyk@programmersparadox.com wrote:

Hey P.J.,

I looked into this and chef-server.rb isn’t being ignored. It looks
like either we have a bug or our docs are wrong. Instead of setting
nginx[‘non_ssl_port’] = nil, set it to nginx[‘non_ssl_port’] = false
and then run chef-server-ctl reconfigure. nil currently causes the
defaults to be left in place (or put back into place if they had been
removed). I’ll follow up and either get a bug filed or the docs
updated, but this should move you forward.

And just to give you more information than you likely need, chef
configures itself with chef (it uses chef-solo). The cookbooks that
do this are installed by the omnibus installer to
/opt/chef-server/embedded/cookbooks/chef-server. You can always look
there and read them to see the default values that will be applied.

You can view the omnibus-chef-server repo and see how everything that
creates the installer package is put together:
https://github.com/opscode/omnibus-chef-server. This conforms to
omnibus packaging conventions, so the above mentioned cookbooks are
in files/chef-server-cookbooks/chef-server in that repo.

Since we’re talking about nginx here, the cookbooks will render the
nginx config to /var/opt/chef-server/nginx/etc/ so you can always
look there to see what nginx config chef is using.

It’s still recommended that you make changes by modifying
/etc/chef-server/chef-server.rb. Sorry for our mistake and the
confusion it caused you.

Let me know if that doesn’t solve your issue. As I said, I’ll follow
up to make sure either the docs are updated or that we fix a bug that
causes nil not to work (I suspect it’s our docs that are wrong,
however).

Thanks,

Mark Mzyk
Chef Software Engineer

preed@swri.org mailto:preed@swri.org
March 6, 2014 at 5:48 PM
I’m pretty new to Chef, so maybe I’m missing something obvious. I’m
setting up
Chef to manage an MPI cluster on a set of nodes running Ubuntu
Linux 12.04. I
followed the instructions for setting up the open source Chef
Server version
11.0.11, and it seems like everything is fine; I’ve got my head
node and worker
nodes all working as expected.

However, I’d like to stop Chef’s embedded nginx from listening to
port 80 on
the Chef server so that I can run a different service on that port.
According
to http://docs.opscode.com/config_rb_chef_server.html , I should be
able to
create a file at /etc/chef-server/chef-server.rb containing
"nginx[‘non_ssl_port’] = nil" and then run "sudo chef-server-ctl
reconfigure"
to do so, right?

I’ve done so, but it didn’t seem to have any effect. nginx is still
listening
on port 80, and the output from chef-server-ctl didn’t look like it
was parsing
chef-server.rb or changing anything in the nginx config at all.
I’ve tried restarting the Chef server and setting miscellaneous
other values in there,
too, but it seems like nothing has any effect.

Am I missing something? Is there a way to tell where Chef thinks
it’s loading
its server config from?

Thanks,
P. J. Reed
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEAREIAAYFAlMaQB0ACgkQBhzuKzQK4Bbw4gCg24mj5+i7I+2+A29vC5QhzZcq
S6EAn3Iy8mVPeDcu5qGBSs4QG0s/V963
=3dmJ
-----END PGP SIGNATURE-----