Knife bootstrap works and then fails with 401

Zippy_Zeppoli · August 8, 2012, 11:30pm

Hi List,
I already checked the chef common errors faq, and I winded up here, so here
goes.

I ran :

knife bootstrap 10.161.95.253 -x root

Everything worked:
Fetching: treetop-1.4.10.gem (100%).10.gem
10.161.95.253 Successfully installed treetop-1.4.10
…
There were some errors fetching some gems, but thats not the core issue:
ERROR: Error installing yajl-ruby:

And then:
Successfully installed chef-0.10.6
1 gem installed
[2012-08-08T19:40:24-04:00] INFO: *** Chef 0.10.6 ***
[2012-08-08T19:40:26-04:00] INFO: HTTP Request Returned 401 Unauthorized:
Failed to authenticate. Ensure that your client key is valid.
[2012-08-08T19:40:26-04:00] FATAL: Stacktrace dumped to
/var/chef/cache/chef-stacktrace.out
[2012-08-08T19:40:26-04:00] FATAL: Net::HTTPServerException: 401 “Unauthorized”

kaboom.

Why?

Thanks!

Zippy_Zeppoli · August 8, 2012, 11:47pm

I figure someone is going to ask this to troubleshoot:

Client:

ls /etc/chef/

client.pem client.rb first-boot.json validation.pem

Server:

ls /etc/chef

client.pem expander.rb server.rb solr.rb validation.pem webui.pem
webui.rb

On Wed, Aug 8, 2012 at 4:30 PM, Z zippyzeppoli@gmail.com wrote:

Hi List,
I already checked the chef common errors faq, and I winded up here, so here
goes.

I ran :

knife bootstrap 10.161.95.253 -x root

Everything worked:
Fetching: treetop-1.4.10.gem (100%).10.gem
10.161.95.253 Successfully installed treetop-1.4.10
…
There were some errors fetching some gems, but thats not the core issue:
ERROR: Error installing yajl-ruby:

And then:
Successfully installed chef-0.10.6
1 gem installed
[2012-08-08T19:40:24-04:00] INFO: *** Chef 0.10.6 ***
[2012-08-08T19:40:26-04:00] INFO: HTTP Request Returned 401 Unauthorized:
Failed to authenticate. Ensure that your client key is valid.
[2012-08-08T19:40:26-04:00] FATAL: Stacktrace dumped to
/var/chef/cache/chef-stacktrace.out
[2012-08-08T19:40:26-04:00] FATAL: Net::HTTPServerException: 401
"Unauthorized"

kaboom.

Why?

Thanks!

Kwasi_Gyasi_Agyei · August 9, 2012, 1:06am

Try removing the client from server

knife client delete your-client-name-here

One other thing which could work is removing all keys files client and
validation from both the server and client, regenerate new key files
and distribute new validation.pem to the client then execute
chef-client again.

On Thu Aug 9 01:47:08 2012, Zippy Zeppoli wrote:

I figure someone is going to ask this to troubleshoot:

Client:

ls /etc/chef/

client.pem client.rb first-boot.json validation.pem

Server:

ls /etc/chef

client.pem expander.rb server.rb solr.rb validation.pem
webui.pem webui.rb

On Wed, Aug 8, 2012 at 4:30 PM, Z <zippyzeppoli@gmail.com
mailto:zippyzeppoli@gmail.com> wrote:

Hi List,
I already checked the chef common errors faq, and I winded up
here, so here
goes.

I ran :
# knife bootstrap 10.161.95.253 -x root

Everything worked:
Fetching: treetop-1.4.10.gem (100%).10.gem
10.161.95.253 Successfully installed treetop-1.4.10
....
There were some errors fetching some gems, but thats not the core
issue:
 ERROR:  Error installing yajl-ruby:

And then:
 Successfully installed chef-0.10.6
 1 gem installed
 [2012-08-08T19:40:24-04:00] INFO: *** Chef 0.10.6 ***
 [2012-08-08T19:40:26-04:00] INFO: HTTP Request Returned 401
Unauthorized:
Failed to authenticate. Ensure that your client key is valid.
 [2012-08-08T19:40:26-04:00] FATAL: Stacktrace dumped to
/var/chef/cache/chef-stacktrace.out
[2012-08-08T19:40:26-04:00] FATAL: Net::HTTPServerException: 401
"Unauthorized"

kaboom.

Why?

Thanks!

Vladimir_Girnet · August 9, 2012, 6:21am

And verify time, if no in sync with server, same error may appear.

On Aug 9, 2012, at 4:06 AM, Kwasi Gyasi - Agyei wrote:

Try removing the client from server

knife client delete your-client-name-here

One other thing which could work is removing all keys files client and validation from both the server and client, regenerate new key files and distribute new validation.pem to the client then execute chef-client again.

On Thu Aug 9 01:47:08 2012, Zippy Zeppoli wrote:

I figure someone is going to ask this to troubleshoot:

Client:

ls /etc/chef/

client.pem client.rb first-boot.json validation.pem

Server:

ls /etc/chef

client.pem expander.rb server.rb solr.rb validation.pem
webui.pem webui.rb

On Wed, Aug 8, 2012 at 4:30 PM, Z <zippyzeppoli@gmail.com
mailto:zippyzeppoli@gmail.com> wrote:

Hi List,
I already checked the chef common errors faq, and I winded up
here, so here
goes.

I ran :

knife bootstrap 10.161.95.253 -x root

Everything worked:
Fetching: treetop-1.4.10.gem (100%).10.gem
10.161.95.253 Successfully installed treetop-1.4.10
…
There were some errors fetching some gems, but thats not the core
issue:
ERROR: Error installing yajl-ruby:

And then:
Successfully installed chef-0.10.6
1 gem installed
[2012-08-08T19:40:24-04:00] INFO: *** Chef 0.10.6 ***
[2012-08-08T19:40:26-04:00] INFO: HTTP Request Returned 401
Unauthorized:
Failed to authenticate. Ensure that your client key is valid.
[2012-08-08T19:40:26-04:00] FATAL: Stacktrace dumped to
/var/chef/cache/chef-stacktrace.out
[2012-08-08T19:40:26-04:00] FATAL: Net::HTTPServerException: 401
"Unauthorized"

kaboom.

Why?

Thanks!

–
Vladimir Girnet
Infrastructure Engineer
Tacit Knowledge
http://www.tacitknowledge.com

Kwasi_Gyasi_Agyei · August 9, 2012, 7:22am

In regards to time verification best would be to sync both your
services using ntp

run commands below if you not familiar with the process, may be
different on you distro but at-least you have any idea of what to do

ntpdate 0.us.pol.ntp.org

Setting hardware clock

hwclock --systohc

Turn on ntpd so that service keeps you machines in sync

#chkconfig ntpd on

#service ntpd start

On Thu Aug 9 08:21:02 2012, Vladimir Girnet wrote:

And verify time, if no in sync with server, same error may appear.

On Aug 9, 2012, at 4:06 AM, Kwasi Gyasi - Agyei wrote:

Try removing the client from server

knife client delete your-client-name-here

One other thing which could work is removing all keys files client
and validation from both the server and client, regenerate new key
files and distribute new validation.pem to the client then execute
chef-client again.

On Thu Aug 9 01:47:08 2012, Zippy Zeppoli wrote:

I figure someone is going to ask this to troubleshoot:

Client:

ls /etc/chef/

client.pem client.rb first-boot.json validation.pem

Server:

ls /etc/chef

client.pem expander.rb server.rb solr.rb validation.pem
webui.pem webui.rb

On Wed, Aug 8, 2012 at 4:30 PM, Z <zippyzeppoli@gmail.com
mailto:zippyzeppoli@gmail.com
mailto:zippyzeppoli@gmail.com> wrote:

Hi List,
I already checked the chef common errors faq, and I winded up
here, so here
goes.

I ran :

knife bootstrap 10.161.95.253 -x root

Everything worked:
Fetching: treetop-1.4.10.gem (100%).10.gem
10.161.95.253 Successfully installed treetop-1.4.10
…
There were some errors fetching some gems, but thats not the core
issue:
ERROR: Error installing yajl-ruby:

And then:
Successfully installed chef-0.10.6
1 gem installed
[2012-08-08T19:40:24-04:00] INFO: *** Chef 0.10.6 ***
[2012-08-08T19:40:26-04:00] INFO: HTTP Request Returned 401
Unauthorized:
Failed to authenticate. Ensure that your client key is valid.
[2012-08-08T19:40:26-04:00] FATAL: Stacktrace dumped to
/var/chef/cache/chef-stacktrace.out
[2012-08-08T19:40:26-04:00] FATAL: Net::HTTPServerException: 401
"Unauthorized"

kaboom.

Why?

Thanks!

–
Vladimir Girnet
Infrastructure Engineer
Tacit Knowledge
http://www.tacitknowledge.com