I set up an organization called berks-api on my Chef 12 Enterprise server to act as my Berks API server, and setup berkshelf-api. I then ran berks-api with
$ berks-api -c ~/.berkshelf/api-server/config.json
…where my config.json file looks like
{
“endpoints”: [
{
“type”: “chef_server”,
“options”: {
“url”: “https://myserver.domain.com/organizations/berks-api”,
“client_name”: “jenkins”,
“client_key”: “/etc/berkshelf/api-server/jenkins.pem”,
“ssl_verify” : false
}
}
]
}
…and see the following on my terminal, so I know it’s working.
[2015-04-14T18:49:12.737950 #10033] INFO – : Cache manager starting…
I, [2015-04-14T18:49:12.738207 #10033] INFO – : Loading save from /root/.berkshelf/api-server/cerch
W, [2015-04-14T18:49:12.739368 #10033] WARN – : Endpoints in config have changed - invalidating cache
I, [2015-04-14T18:49:12.739465 #10033] INFO – : Cache contains 0 items
I, [2015-04-14T18:49:12.740341 #10033] INFO – : Cache Builder starting…
I, [2015-04-14T18:49:12.846975 #10033] INFO – : REST Gateway listening on 0.0.0.0:26200
I, [2015-04-14T18:49:12.887143 #10033] INFO – : Processing chef_server: https://myserver.domain.com/organizations/berks-api
I, [2015-04-14T18:49:12.963418 #10033] INFO – : Found 25 cookbooks from chef_server: https://myserver.domain.com/organizations/berks-api
I, [2015-04-14T18:49:12.964527 #10033] INFO – : Processing metadata for 25 cookbooks with 0 remaining on chef_server: https://myserver.domain.com/organizations/berks-api
I’m able to upload cookbooks to the berks-api server.
Now I want to use Berkshelf magic to get cookbooks from it.
My Berkshelf file looks like this
source "https://myserver.domain.com/organizations/berks-api:26200"
metadata
cookbook “linux_role”
When I do a berks install, I get
Fetching cookbook index from https://myserver.domain.com:26200…
/opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in connect': SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A (Faraday::SSLError) from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in
block in connect’
from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:91:in block in timeout' from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:101:in
call’
from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:101:in timeout' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in
connect’
from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:863:in do_start' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:852:in
start’
from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:1369:in request' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:1128:in
get’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:80:in perform_request' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:40:in
block in call’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:87:in with_net_http_connection' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:32:in
call’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/request/retry.rb:110:in call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/response.rb:8:in
call’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/response.rb:8:in call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/rack_builder.rb:139:in
build_response’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/connection.rb:377:in run_request' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/connection.rb:140:in
get’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-api-client-1.2.1/lib/berkshelf/api_client/connection.rb:62:in universe' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-3.2.3/lib/berkshelf/source.rb:22:in
build_universe’
from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-3.2.3/lib/berkshelf/installer.rb:21:in `block (2 levels) in build_universe’
Is there an SSL setup I’m missing? I just want to disable SSL on the organization, if possible?
Chris