Export/Import clients from one chef server to another

Hello. I’m preparing to upgrade from Chef Server 10 to 11 on a newly built server and I’m looking for a way to export/import my node and client records so that all of the machines do not need to be re-keyed. The problem I’m running into is that I can’t seem to find a way to explicitly set the public key of a client. I tried knife client edit and it looks like it would work, but it actually doesn’t change the key. I’ve also tried in shef by using the API to pull down a client object, update the client.public_key and then save it back, and that doesn’t work either.

Lastly, I found a knife plugin called “client from file” (https://gist.github.com/mhalligan/3101750) which uses a similar technique to my shef experiment, but still no luck.

Can anyone tell me how to set the public key of a client? Alternately is there some existing process for how to migrate node/client objects from one server to another that I’m just overlooking?

My next step is to go spelunking in the postgres DB and see if I can just jigger the public key in there. Will that work? Is there a better way?

We used GitHub - mdxp/knife-backup: knife plugin to help backup and restore a chef server. and it worked great. The only thing we didn’t copy over was the chef-validator and chef-webui client keys.

Joe

On Feb 19, 2014, at 2:21 PM, Chris Sibbitt csibbitt@thinkingphones.com wrote:

Hello. I’m preparing to upgrade from Chef Server 10 to 11 on a newly built server and I’m looking for a way to export/import my node and client records so that all of the machines do not need to be re-keyed. The problem I’m running into is that I can’t seem to find a way to explicitly set the public key of a client. I tried knife client edit and it looks like it would work, but it actually doesn’t change the key. I’ve also tried in shef by using the API to pull down a client object, update the client.public_key and then save it back, and that doesn’t work either.

Lastly, I found a knife plugin called “client from file” (https://gist.github.com/mhalligan/3101750) which uses a similar technique to my shef experiment, but still no luck.

Can anyone tell me how to set the public key of a client? Alternately is there some existing process for how to migrate node/client objects from one server to another that I’m just overlooking?

My next step is to go spelunking in the postgres DB and see if I can just jigger the public key in there. Will that work? Is there a better way?

I had the same issue a few weeks ago and someone pointed me to this link
which worked great.

JOHN HASTY
Software as a Service - DevOps
Software Group

Phone: 1-512-804-9968 IBM
E-mail: jahasty@us.ibm.com
2407 S Congress Ave Ste E-350
Austin, TX 78704
United States

From: Chris Sibbitt csibbitt@thinkingphones.com
To: "chef@lists.opscode.com" chef@lists.opscode.com,
Date: 02/19/2014 04:21 PM
Subject: [chef] Export/Import clients from one chef server to another

Hello. I’m preparing to upgrade from Chef Server 10 to 11 on a newly built
server and I’m looking for a way to export/import my node and client
records so that all of the machines do not need to be re-keyed. The problem
I’m running into is that I can’t seem to find a way to explicitly set the
public key of a client. I tried knife client edit and it looks like it
would work, but it actually doesn’t change the key. I’ve also tried in shef
by using the API to pull down a client object, update the client.public_key
and then save it back, and that doesn’t work either.

Lastly, I found a knife plugin called “client from file” (
https://gist.github.com/mhalligan/3101750) which uses a similar technique
to my shef experiment, but still no luck.

Can anyone tell me how to set the public key of a client? Alternately is
there some existing process for how to migrate node/client objects from one
server to another that I’m just overlooking?

My next step is to go spelunking in the postgres DB and see if I can just
jigger the public key in there. Will that work? Is there a better way?

Ohai,

I used a quick workaround for the missing chef-validator file backup : I
created a secondary validator account with knife client subcommand and used
it for bootstraping nodes. This new dedicated account is backuped by the
plugin and can be used by Chef admins.

On Wed, Feb 19, 2014 at 11:27 PM, Joe Nuspl nuspl@nvwls.com wrote:

We used GitHub - mdxp/knife-backup: knife plugin to help backup and restore a chef server. and it worked great. The
only thing we didn’t copy over was the chef-validator and chef-webui client
keys.

Joe

On Feb 19, 2014, at 2:21 PM, Chris Sibbitt csibbitt@thinkingphones.com
wrote:

Hello. I’m preparing to upgrade from Chef Server 10 to 11 on a newly built
server and I’m looking for a way to export/import my node and client
records so that all of the machines do not need to be re-keyed. The problem
I’m running into is that I can’t seem to find a way to explicitly set the
public key of a client. I tried knife client edit and it looks like it
would work, but it actually doesn’t change the key. I’ve also tried in shef
by using the API to pull down a client object, update the client.public_key
and then save it back, and that doesn’t work either.

Lastly, I found a knife plugin called “client from file” (
https://gist.github.com/mhalligan/3101750) which uses a similar technique
to my shef experiment, but still no luck.

Can anyone tell me how to set the public key of a client? Alternately is
there some existing process for how to migrate node/client objects from one
server to another that I’m just overlooking?

My next step is to go spelunking in the postgres DB and see if I can just
jigger the public key in there. Will that work? Is there a better way?

--
Barthélemy Vessemont - bvessemont@gmail.com
Ingénieur en informatique diplômé de l'UTC (Compiègne)