Jessica - thank you so much!
The learning curve has felt very steep, these types of exchanges have helped me out a ton.
The final thread/step in this process is getting around having to specify my password when running knife.
So when I do something like:
C:\chef>knife ssh “role:” "sudo chef-client"
WARNING: Failed to connect to node – Net::SSH::AuthenticationFailed: @
But when I do this:
C:\chef>knife ssh “role:” “sudo chef-client” -P
knife sudo password:
Enter your password:
[Thu, 22 Sep 2011 10:23:14 -0400] INFO: *** Chef 0.10.4 ***
[Thu, 22 Sep 2011 10:23:15 -0400] INFO: HTTP Request Returned 401 Unauthorized: Failed to authenticate. Ensure that your client key is valid.
[Thu, 22 Sep 2011 10:23:15 -0400] FATAL: Stacktrace dumped to /var/cache/chef/chef-stacktrace.out
[Thu, 22 Sep 2011 10:23:15 -0400] FATAL: Net::HTTPServerException: 401 “Unauthorized”
Isn’t the authorization handled via the pem files or do I need to set up ssh keys as well?
As I can see you have successfully run a knife ssh command by suppling the right password. You mus provide knife ssh with either a password or pem key path (-i option). Here you can see that knife ssh has sshed into the node and tried to run chef-client there but it failed. The reason is probably that you haven’t configured chef-client there. Make sure you have the right chef configuration directory with client.rb and validation/client key on the remote machine.
On Wed, Sep 21, 2011 at 4:41 PM, Jessica Bourne firstname.lastname@example.org wrote:
I completely agree, we’ve been working on separating instructions based on OS as well as type of install (client vs workstation). This should make it clearer what is needed to run both. Client has chef-client configured so they can run recipes, and workstations have knife configured so they can manage the nodes. It isn’t necessary to run both on a node unless you want to run recipes on it and manage other nodes from it. The directions currently explain how to set the node up with both, but it may not be needed depending on what you want to do with your install.
The instructions on the Installation on Windows page will guide you through almost everything you need for a workstation, except for SSH and bootstrapping new nodes from it. I’d recommend installing the gems on the knife page, you will definitely need at least the net-ssh packages to use SSH. Afterwards you can confirm you can SSH, and then follow the knife windows bootstrap guide to bootstrap new nodes with knife if needed. The gems really should be included on the Installation on Windows page to make this clearer.
The knife windows bootstrap page is separate because not everyone who installs Windows will need to bootstrap new Windows nodes. This page can be used on Mac or Linux as well, to bootstrap new Windows nodes from that workstation instead. If you do decide to bootstrap new nodes from this machine you will need 1.9.X, but otherwise you can use Ruby 1.8.7 without issues. It really just depends on how you’d like to have your nodes managed.
If you have a Mac or Linux machine available, you could always just try setting it up as the workstation instead and then using the knife-windows bootstrap plugin to bootstrap new nodes as clients from it as there is a bit more documentation on those OSes right now. If you did it this way no configuration should be needed on the Windows machine except for SSH or WinRM access, and the bootstrap plugin would install ruby, gems, and chef-client. It would not configure knife though, so you’d need to manage the nodes from the Linux/Mac workstation in this type of setup.
If you’re still getting errors after installing those gems on Windows, feel free to update this thread with some more information on the errors you are getting.
On Wed, Sep 21, 2011 at 10:15 AM, Maven User email@example.com wrote:
By the way - this page:
Suggests ruby 1.8.7, but then this one:
On Wed, Sep 21, 2011 at 9:44 AM, Maven User firstname.lastname@example.org wrote:
Cool - I’d love to help out in any way to document this process (it’s been pretty painful).
FWIW - it’d be HUGELY helpful if all instructions for each platform were organized by platform.
Right now, there are “how to setup chef on windows”, a “knife-windows” and then finally a generalized “knife” pages. All of which have little bits needed to get things working successfully on windows (something I still haven’t managed).
Just so I’m clear - I can jump right to the link below to set up knife on windows? Then I have to go to the generalized Knife page and also install those gems?
On Tue, Sep 20, 2011 at 6:35 PM, Jessica Bourne email@example.com wrote:
We’ve actually been working on updating our installation instructions, including the documentation on Windows. They won’t be completed for a few more weeks, but I’ll be sure to review this thread once they are in draft so we can be sure your concerns are addressed.
The gems listed on the knife doc are necessary, some of them are what enable you to ssh from that node. If you’re still getting errors after installing the gems on the knife page, feel free to respond to this thread with the command you are using and the error you are getting, as well as the Windows version. Without specific errors it can be difficult to figure out why knife ssh is failing on that node.
Knife-windows is used to bootstrap new windows nodes, more information on it can be found on this wiki page: http://wiki.opscode.com/display/chef/Knife+Windows+Bootstrap
On Tue, Sep 20, 2011 at 11:18 AM, Maven User firstname.lastname@example.org wrote:
It gets even more confusing.
So it starts there but talks about knife-windows (is that absolutely necessary?) then if you click into the standard “knife” documentation, there’s a big blue box that states “Knife requires some extra gems!” - are those required if you don’t plan on doing any cloud work? I’ve noticed on windows, I can’t do “knife ssh” without errors but I’m done flailing and don’t want to just run off and start installing gems.
On Tue, Sep 20, 2011 at 1:19 PM, Maven User email@example.com wrote:
On Tue, Sep 20, 2011 at 12:28 PM, Daniel DeLeo firstname.lastname@example.org wrote:
On Monday, September 19, 2011 at 10:37 AM, Maven User wrote:
Thanks again for all the tips up until this point - the documentation for knife usage on windows is really confusing.
It just skips from running the client install/setup to running knife commands - nothing about the “knife configure -i” step.
I’m also not sure if this is expected behavior but the windows guide talks about C:\chef.chef yet knife creates a lot of things in ~/.chef (in windows).
Do things need to be replicated between these two areas or did I make a mistake?
What documentation are you using?