Getting 404 on chef show-policy

Chef Infra (archive)
1

Hi,

I’m now playing around with Policyfiles. I managed to push a policy to our Chef Server and use it from a chef-client like this:

% cat first-policy.json
{ "policy_name": "my-server", "policy_group": "production" }
% sudo chef-client -j ./first-policy.json # This runs fine

But I just noticed that chef show-policy gives me 404.

% chef show-policy my-server production
Error: No policyfile lock named 'my-server' found in policy_group 'production' at https://chef.<our domain>
Reason: (Net::HTTPServerException) HTTP 404 Not Found: <!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />
  <title>Chef - 404 Not Found</title>
  <link media="all" rel="stylesheet" type="text/css" href="/css/all.css" />
  <!--[if lt IE 7]><link rel="stylesheet" type="text/css" href="/css/lt7.css" /><![endif]-->
</head>
<body>
  <div class="header-block">
    <div id="header">
      <strong class="logo"><a href="https://www.chef.io">Chef</a></strong>
    </div>
  </div>
  <div id="wrapper">
    <div id="main">
      <div class="mybox">
        <div id="content">
          <h1>404 - Not Found</h1>
          <p>Sorry, I can't find what you are looking for.</p>
        </div>
      </div>
    </div>
  </div>
  <div class="footer-block">
    <div id="footer">
      <div class="mybox">
      </div>
      <div class="footer-bottom">
        <span>&copy; 2010&thinsp;&ndash;&thinsp;2017 Chef Software, Inc. All Rights Reserved</span>
      </div>
    </div>
  </div>
</body>
</html>

My config.rb looks like this.

log_level                :info
log_location             STDOUT
node_name                'maoe'
client_key               '/home/maoe/.chef/maoe.pem'
chef_server_url          'https://chef.<our domain>'
syntax_check_cache_path "#{ENV['HOME']}/.chef/syntaxcache"
cookbook_path %w(
  /path/to/my/chef-repo/
)
ssl_verify_mode :verify_peer
use_policyfile true
policy_document_native_api false
versioned_cookbooks true

client.rb on the machine chef-client runs has the following settings:

use_policyfile true
policy_document_native_api false
versioned_cookbooks true
deployment_group 'my-server-production'

Does anyone see what’s wrong?

I’m using Chef DK 1.3.43 with Chef Server 12.15.7

Chef Development Kit Version: 1.3.43
chef-client version: 12.19.36
delivery version: master (dd319aa632c2f550c92a2172b9d1226478fea997)
berks version: 5.6.4
kitchen version: 1.16.0

% cat /opt/opscode/version-manifest.txt | grep chef-server
chef-server 12.15.7
2

This isn't related but you should use the default setting of policy_document_native_api true--your server is new enough to support it and things will work better. With policy_document_native_api false policies are stored as data bags and there's other ugly workarounds used for other features. IIRC commands like chef show-policy don't actually support policy_document_native_api false anyway.

In addition to that, though, you have some issue with the nginx configuration--it should not be returning the html 404 page. chef-server-ctl reconfigure might clear it up, but otherwise you'll have to dig in to the nginx logs to get some more insight into what's going on.

3

Thanks for the input.

Actually if I set policy_documet_native_api true, I get 404 even for chef push. I recently did chef-server-ctl reconfigure though. I’ll dig into the nginx logs.