Our infrastructure has win 2012 /2008 Servers i have bootstrapped all the 2012Servers and got registered to chefserver when im trying to register 2008 Server it shows error
Waiting for remote response before bootstrap.ERROR: Connection refused connecting to 10.0.158.72:5985.
ERROR: Network Error: Connection refused - Connection refused - connect(2) for “10.0.158.72” port 5985 (10.0.158.72:5985)
Check your knife configuration and network settings WinRM Autorization Error :: for few Servers i get this error
Just as @nic_chef has suggested - Is port 5985 open & listening? I am assuming you have already run basic trouble shooting like ping <ip address> to verify the machine is accessible from the Chef server & ChefDK Workstation. Also from the ChefDK Machine telnet <ip address>? If not, then we need to very that the node is setup for WINRM!
To verify that the client is LISTENING on the port you can type netstat -an | find "5985" from CMD. Output on your node/client? You should have an output as follows (You will see I am listening on both IPv4 & IPv6):
If the client machine doesn’t have port 5985 open, you can run the WINRM quick config as detailed here. But the quick (and maybe not the ‘Best practice’ method) way to get going is to type from CMD winrm qc and respond yes to all prompts. You should end up with an output of something similar to this:
WinRM has been updated for remote management.
WinRM service type changed to delayed auto start.
WinRM service started.
Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this
machine.
Then you can rerun the netstat -an | find "5985" to see if you are now listening on port 5985 (Maybe a quick reboot might also help here).
If telnet fails, but netstat gives you a port 5985 LISTENING output, then I would check your firewall.
yes sir the port is opened on the node i used telnet and ping to check the status … i came to know that WINRM will be disabled for win 2008 servers …is there any possibility to write a recipe to configure winRM through automation?
You can’t bootstrap until you have this enabled in windows using the normal knife bootstrap command as far as I am aware on windows anyway. What you are suggesting is a cookbook that requires the machine to be bootstrapped (requiring WINRM to be enabled) so that you can run a cookbook to enable WINRM. Unfortunately this would be a circular dependency.
OK, there are some possible avenues you could look at:
Active Directory Group Policy
Have a read through this article which will explain the process. I assume you are familiar with working in a windows domain and will take the correct precautions when implementing this.
Chef-Solo
You could write a cookbook that does exactly what you have suggested - But this will need to be run in chef-solo and will much more time to get right than the group policy method.
powershell_script ‘enable_winrm_if_needed’ do
code <<-EOH
# Query the winrm service
$service = winrm
$servicestatus = Get-Service $service
# Here is where the fun/logic begins
if ($servicestatus.status -ne 'Running')
{
# run winrm quickconfig to get us up and going
winrm quickconfig -quiet
# Change the startup type so that it runs at every boot
Set-Service winrm -StartupType 'Automatic'
# Actually start the service
Start-Service wrinm
# Lets be nice and let the end user know that this has done SOMETHING
Write-Host "WINRM configured, startup type changed and service started"
}
else
{
# Just letting the end user know that NOTHING has happened
Write-Host "winrm should already be good to go"
}
EOH