- From: Hedge Hog <
>
- To:
- Cc: Daniel DeLeo <
>
- Subject: [chef] Re: Re: How to authenticate knife with a fresh Chef 0.9.12 server
- Date: Wed, 6 Apr 2011 12:24:37 +1000
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=X4hwsAY4FgXfhuW/Ss0bgrmews6elb03XWZnIv+BsdAvCIs5nAaFO6061RlsCFDU1v EQy0ihnvjqZ1EvKGS1ZGN09FuVFx9u4VuCwWqEjWWKVCqHN/OJ8qZkFJHzDM1ERacMpM hfRrgsjfN9KRIIalAG4PrGTRw5c1CmIlJRYIk=
On Wed, Apr 6, 2011 at 12:03 PM, Hedge Hog
<
>
wrote:
>
On Wed, Apr 6, 2011 at 11:45 AM, Daniel DeLeo
>
<
>
>
wrote:
>
> On Tuesday, April 5, 2011 at 6:37 PM, Hedge Hog wrote:
>
>
>
> Hi,
>
> Starting with a fresh chef server (0.9.12) is it possible to
>
> use/authenticate knife to query the server?
>
> That is I only have the clients chef-validator and chef-webui, and the
>
> keys on the server (via a mount)
>
> With this knife file:
>
> current__dir = File.dirname(__FILE__)
>
> log_level :debug
>
> log_location $stdout
>
> node_name "chef-validator"
>
> client_key "#{File.dirname(current_dir)}/etc/client.pem"
>
> validation_key "#{File.dirname(current_dir)}/etc/validation.pem"
>
> chef_server_url "http://localhost:4000";
>
> cache_type 'Memory'
>
> cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
>
> cookbook_path
>
> ["#{current_dir}/../cookbooks","#{current_dir}/../site-cookbooks"]
>
>
>
> I'm getting this error:
>
>
>
> $ knife client list -c /tmp/chef/.chef/knife.rb
>
> DEBUG: Using configuration from /tmp/chef/.chef/knife.rb
>
> DEBUG: Signing the request as chef-validator
>
> DEBUG: Sending HTTP Request via GET to localhost:4000/clients
>
> WARN: HTTP Request Returned 401 Unauthorized: Failed to authenticate.
>
> Ensure that your client key is valid.
>
> /home/hedge/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/net/http.rb:2295:in
>
> `error!': 401 "Unauthorized" (Net::HTTPServerException)
>
>
>
>
>
> Appreciate any hints or tips.
>
>
>
>
>
> The chef-webui user is the only admin that is created when the server first
>
> starts, so you want to authenticate as that user. For example, knife
>
> COMMAND
>
> -u chef-webui -k /etc/chef/webui.pem should work correctly. This is what
>
> the
>
> `knife configure --initial` does internally to create a new administrator
>
> for you.
>
>
>
>
Hmm, this works:
>
knife client list -c /tmp/chef/.chef/knife.rb
>
>
but this
>
>
knife client create monkey -f /tmp/chef/monkey.pem -c
>
/tmp/chef/.chef/knife.rb
>
>
complains.
Sorry, forgot the error message:
`edit_data': Please set EDITOR environment variable (RuntimeError)
from
/home/hedge/.rvm/gems/
/gems/chef-0.9.12/lib/chef/knife/client_create.rb:53:in
`run'
>
I'm executing this using Aruba, as most are likely to if
>
the write feature files, so setting the Environment isn't possible.
>
This is a bug right?
>
>
I've only been able to find this[0], which doesn't seem related.
>
>
The work around seems to be:
>
1) Run this, using Aruba's interactive run:
>
bash -c 'EDITOR=vim knife client create monkey -f /tmp/chef/monkey.pem
>
-c /tmp/chef/.chef/knife.rb'
>
>
2) Using Aruba, type :q
>
>
Now you have created the client and saved the key.....
>
>
Any other suggestions I've missed?
>
>
[0]: http://tickets.opscode.com/browse/CHEF-1340
>
>
> --
>
> Dan DeLeo
>
>
>
>
>
>
>
> --
>
> πόλλ' οἶδ ἀλώπηξ, ἀλλ' ἐχῖνος ἓν μέγα
>
> [The fox knows many things, but the hedgehog knows one big thing.]
>
> Archilochus, Greek poet (c. 680 BC – c. 645 BC)
>
> http://wiki.hedgehogshiatus.com
>
>
>
>
>
>
>
>
--
>
πόλλ' οἶδ ἀλώπηξ, ἀλλ' ἐχῖνος ἓν μέγα
>
[The fox knows many things, but the hedgehog knows one big thing.]
>
Archilochus, Greek poet (c. 680 BC – c. 645 BC)
>
http://wiki.hedgehogshiatus.com
>
--
πόλλ' οἶδ ἀλώπηξ, ἀλλ' ἐχῖνος ἓν μέγα
[The fox knows many things, but the hedgehog knows one big thing.]
Archilochus, Greek poet (c. 680 BC – c. 645 BC)
http://wiki.hedgehogshiatus.com
Archive powered by MHonArc 2.6.16.