On 19.08.2013 17:24, Graham Christensen wrote:
Hello,
This is by design - if search were to return nodes which haven't run
the recipe yet, you could very easily imagine a situation where other
services start failing,
What services you mean (chef-server services or may be other bacula for
example)?
because it can't access a database server, or
What database it can't access chef-server ?
a load balancer is pointing at nodes which don't even have the service
running yet.
I don't know about load balancers. Because I install chef server by
trivial instruction on the opscode site.
And in the course of its operation I changed on it the DNS settings.
Because they changed in our new environment.
Probably because of it search ceased to work normally?
Or I don't understand you ((
There may be a way to force the issue and search for nodes who don't
have the recipe run yet,
How? How I can do this search please hep me with a command.
Only I don't understand why it can do it is required to me (run search
command)
however usually when I hear of people wanting
to do this, they are looking for immediate configuration to be
performed,
At the beginning I thought exactly so. But now i understand that i am
not right.
instead of assuming eventual infrastructure consistency.
Where i can read about this in docs of chef ?
This means running the server's chef-client, running it on the client,
and then re-running it on the server.
I can not understand what the client and server has in mind.
I have backup server which is do search for client's which is has recipe
cbacula::client (he's name is backup)
I have a server which is client of backup server named zeus
I have a chef-server. But on the chef-server i can't run chef-client
because of errors:
srvadm@chef-server:~$ sudo chef-client
[sudo] password for srvadm:
[Mon, 19 Aug 2013 17:55:38 +0400] INFO: *** Chef 10.18.2 ***
[Mon, 19 Aug 2013 17:55:38 +0400] INFO: [inet6] no default interface,
picking the first ipaddress
[Mon, 19 Aug 2013 17:55:39 +0400] INFO: HTTP Request Returned 401
Unauthorized: Failed to authenticate. Ensure that your client key is valid.
================================================================================
Chef encountered an error attempting to load the node data for
"chef-server.example.lab"
Authentication Error:
Failed to authenticate to the chef server (http 401).
Server Response:
Failed to authenticate. Ensure that your client key is valid.
Relevant Config Settings:
chef_server_url "http://chef-server.example.lab:4000"
node_name "chef-server.example.lab"
client_key "/etc/chef/client.pem"
If these settings are correct, your client_key may be invalid.
[Mon, 19 Aug 2013 17:55:39 +0400] FATAL: Stacktrace dumped to
/var/cache/chef/chef-stacktrace.out
[Mon, 19 Aug 2013 17:55:39 +0400] FATAL: Net::HTTPServerException: 401
"Unauthorized"
I don't know about how can run chef-client on the chef-server by default
install. My be it shouldn't work by default. Or This is my problem
because of misspelled configuration.
I rerun chef-client on all of this servers and this don't help me with a
knife search.
At the backup server i check this via shef -z command:
shef -z
loading configuration: /etc/chef/client.rb
Session type: client
Loading.[2013-08-19T18:01:21+04:00] INFO: [inet6] no default interface,
picking the first ipaddress
..[2013-08-19T18:01:22+04:00] INFO: Run List is [role[backup_server],
recipe[cbacula::client]]
[2013-08-19T18:01:22+04:00] INFO: Run List expands to
[cbacula::database, cbacula::director, cbacula::storage,
cbacula::webacula, cbacula::client]
[2013-08-19T18:01:22+04:00] INFO: HTTP Request Returned 404 Not Found:
No routes match the request: /reports/nodes/backup.example.lab/runs
.[2013-08-19T18:01:22+04:00] INFO: Loading cookbooks [apt, aws,
build-essential, cbacula, database, mysql, openssl, postgresql, xfs]
[2013-08-19T18:01:22+04:00] INFO: Storing updated
cookbooks/cbacula/recipes/director.rb in the cache.
[2013-08-19T18:01:22+04:00] INFO: Storing updated
cookbooks/cbacula/recipes/webacula.rb in the cache.
[2013-08-19T18:01:23+04:00] INFO: Storing updated
cookbooks/cbacula/recipes/database.rb in the cache.
.[2013-08-19T18:01:23+04:00] INFO: Storing updated
cookbooks/cbacula/metadata.rb in the cache.
done.
This is shef, the Chef shell.
Chef Version: 10.18.2
Configuration Management System Software - Chef Infra | Chef
http://wiki.opscode.com/display/chef/Home
run help' for help,
exit' or ^D to quit.
Ohai2u srvadm@backup.example.lab!
chef > var = search(:node, 'recipes:cbacula::client')
=> [node[backup.example.lab]]
chef >
If you can see i it also return only one client.
Often this is accomplished by
having chef-client be scheduled every 5 minutes or every hour.
Chef-server receives data from chef-clients after they will be started
at the end of running process.
This is not work in my variant. Search was not work.
You meant that I must start it on clients every hour?
I think this is optional.
Consider it pessimistic view:
Either it:
- assumes the chef-client will prepare the node for service very
soon, and potentially causes failures in your infrastructure
If I understand you - i am too think that this no good idea - to run
chef-client by cron (for example)
- it makes no assumption about the state of the node, and simply
recognizes that it simply isn't ready for service yet
Does this make sense?
Partly yes - but the question remains for me open
Thank you for participate.
--
Best regards,
CVisionLab System Administrator
Vladmir Skubriev