I installed chef-server and ran the reconfigure command. But when I try to create the admin with the following command -
chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename FILE_NAME
I get this error -
ERROR: Error connecting to https://127.0.0.1/users/, retry 1/5
.
.
.
ERROR: Errno::ECONNRESET: Error connecting to https://127.0.0.1/users/ - Connection reset by peer - SSL_connect
May be try http in localhost
Hi ,
Can you paste here the knife.rb file and hostname of your chef-server machineā¦I think its trying to connect local host rather than your chef-server IP.
Hi,
Iāve just installed chef following the chef rally tutorials. So I havenāt explored knife yet. Iāve done a standalone installation. After facing this error, I edited the /etc/opscode/chef-server.rb file (which was originally empty) and added the followingā¦
server_name = "chef(DOT)controller(DOT)com"
lb[āvipā]=server_name
#api_fqdn = server_name
notification_email = āNO-REPLY-CHEF@example(DOT)comā
#######################
## nginx configuration #
########################
nginx[āurlā] = "https://#{server_name}"
nginx[āserver_nameā] = server_name
nginx[āssl_portā]=443
After this the IP address in the error changed to Error connecting to https://chef(DOT)controller(DOT)com/users/ - Connection reset by peer - SSL_connect
My hostname is chef(DOT)controller(DOT)com
I also modified the url in /etc/opscode/pivotal.rb hoping to fix the issue but it didnāt work either.
node_name "pivotal"
chef_server_url "https://chef(DOT)controller(DOT)com:443"
chef_server_root "https://chef(DOT)controller(DOT)com:443"
no_proxy "chef(DOT)controller(DOT)com"
client_key key.path
ssl_verify_mode :verify_none
Hi,
I would double check to make sure you have a resolvable hostname and FQDN (via the hostname and hostname -f commands, respectively).
I suspect that the issue is here:
lb[āvipā]=server_name
This setting is meant for specifying a virtual IP address. Unless you have a specific reason not to, itās a safe bet that you should get rid of this and let Chef server default to listening on localhost. If youāre setting this to use "āchef(DOT)controller(DOT)comā and itās not working, I suspect that this goes back to the resolvability / fqdn issue.
In addition to confirming the output of hostname -f, it would be helpful to see the output for these commands:
chef-server-ctl statuschef-server-ctl tail nginx
Also, just to confirm - make sure youāre running chef-server-ctl reconfigure after applying any changes.
Hi,
Thanks for your response.
I checked my hostname as you asked and got this response - chef(dot)controller(dot)com
So I guess hostname is not an issue.
After that I ran chef-server-ctl status which gave this output:
run: bookshelf: (pid 985) 41s; run: log: (pid 984) 41s
run: nginx: (pid 3056) 2s; run: log: (pid 986) 41s
run: oc_bifrost: (pid 1007) 41s; run: log: (pid 1006) 41s
run: oc_id: (pid 1046) 41s; run: log: (pid 1008) 41s
run: opscode-erchef: (pid 998) 41s; run: log: (pid 997) 41s
run: opscode-expander: (pid 1005) 41s; run: log: (pid 1004) 41s
run: opscode-solr4: (pid 991) 41s; run: log: (pid 990) 41s
run: postgresql: (pid 1000) 41s; run: log: (pid 999) 41s
run: rabbitmq: (pid 982) 41s; run: log: (pid 981) 41s
run: redis_lb: (pid 994) 41s; run: log: (pid 993) 41s
BUTā¦running this chef-server-ctl tail nginx returned an error.
==> /var/log/opscode/nginx/error.log <==
2017/07/26 21:00:19 [emerg] 3108#0: still could not bind()
2017/07/26 21:00:21 [emerg] 3111#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
==> /var/log/opscode/nginx/rewrite-port-80.log <==
127.0.0.1 - - [22/Jul/2017:14:00:57 +0530] āGET / HTTP/1.1ā 301 191 ā-ā "curl/7.29.0"
127.0.0.1 - - [22/Jul/2017:14:01:07 +0530] āGET / HTTP/1.1ā 301 191 ā-ā ācurl/7.29.0ā
==> /var/log/opscode/nginx/current <==
2017-07-26_15:30:21.52031 nginx: [emerg] still could not bind()
2017-07-26_15:30:21.67545 nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
So I ran netstat -tulpn | grep :80 and saw that httpd was listening on the port.
tcp6 0 0 :::80 :::* LISTEN 958/httpd
I stopped httpd and ran chef-server-ctl tail nginx to see if it worked but I got the same error as above. So I executed chef-server-ctl reconfigure hoping to fix it but it didnāt work.
I again ran netstat -tulpn | grep :80 to check what was occupying port 80 and got this result.
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3995/nginx: master
Now Iām really confused as to how nginx can listen on the same port and log that it failed to bind.
Thereās definitely some additional tweaking involved if you want to run Chef server alongside other stuff, particularly another web server. The first thing Iād do is get rid of the extra stuff youāve added to chef-server.rb and pivotal.rb, and then do another chef-server-ctl reconfigure, just to get you back to a mostly default setup.
Assuming that you do want to run Chef server alongside Apache in the long run, what youād need to do is change the ports that nginx uses:
nginx['non_ssl_port'] = 7001
nginx['ssl_port'] = 7002
7001 and 7002 are just example ports here. Whatever you select, be sure to check it against the ports that Chef uses.
1 Like
Thanks for all the help! I finally got it working.
This is how I did it.
I restored my VM to a cleaner state. Then stopped apache service, set my hostname and then ran the user create cmd. Worked like a charm!
Glad to hear itās working! Marking this as solved.