chef - [chef] Re: Re: Re: Re: Re: bootstraping a new client authorization error

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Re: Re: Re: bootstraping a new client authorization error

From: Jesse Campbell < >
To:
Subject: [chef] Re: Re: Re: Re: Re: bootstraping a new client authorization error
Date: Mon, 16 Jan 2012 10:49:55 -0500

It should be generating a new client key on its own.
Take a look at the management console in the clients list (this is
distinct from the nodes list), make sure it does not list your client,
and also make sure it *does* list chef-validator.
Next, delete the client.pem file from the node you're testing with,
then restart the chef-client daemon, and watch the client log.
If you still get the unauthorized right away, verify that the
validation.pem that you're sending with the bootstrap is the same as
the one in /etc/chef on the chef server, or regenerate the
validation.pem.

-Jesse

On Mon, Jan 16, 2012 at 10:03, Kelly Goedert
< >
wrote:
> Well, I am pretty sure I dont have another client with this same name,
> and I even tried to give a different node name on the bootstrap
> command, and the result was the same. You mention have chef generate a
> new client key. How do I do that?
>
> On Mon, Jan 16, 2012 at 11:17 AM, andi abes
> < >
>  wrote:
>> Any chance you already registered kelly15 on another machine? Or
>> registered this client with another name?
>>
>> Try to delete client.pem, and have chef generate a new client key.
>> Double check there's no kelly15 client on the server. If there is,
>> either delete it or use a different name
>>
>> On Jan 16, 2012, at 4:57, Kelly Goedert
>> < >
>>  wrote:
>>
>>> Hi,
>>>
>>> sorry for taking so long to answer, I was out of the office and didnt
>>> have access to the machines. I installed my own chef server, the open
>>> source version.
>>>
>>> Inside the /etc/chef in the client machine I have
>>>
>>> client.pem
>>> client.rb
>>> first-boot.json
>>> validation.pem
>>>
>>> In /var/chef/cache/chef-stacktrace.out I have this:
>>>
>>> Generated at Mon Jan 16 07:49:22 -0200 2012
>>> Net::HTTPServerException: 401 "Unauthorized"
>>> /usr/lib/ruby/1.8/net/http.rb:2105:in `error!'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:245:in
>>> `api_request'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:296:in
>>> `retriable_rest_request'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:226:in
>>> `api_request'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/rest.rb:114:in
>>> `get_rest'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/node.rb:603:in
>>> `load'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/node.rb:587:in
>>> `find_or_create'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:234:in
>>> `build_node'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/client.rb:151:in
>>> `run'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/client.rb:239:in
>>> `run_application'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/client.rb:229:in
>>> `loop'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/client.rb:229:in
>>> `run_application'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/client.rb:229:in
>>> `loop'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application/client.rb:229:in
>>> `run_application'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/../lib/chef/application.rb:67:in
>>> `run'
>>> /usr/lib/ruby/gems/1.8/gems/chef-0.10.8/bin/chef-client:26
>>>
>>> Any other suggestions?
>>>
>>> On Fri, Jan 13, 2012 at 11:32 AM, Jesse Campbell
>>> < >
>>>  wrote:
>>>> You shouldn't need to create the client first, it should use the
>>>> validator.pem key to create the client.
>>>> Are you connecting to hosted chef or open source chef?
>>>> Can you look on the client machine in /etc/chef and see what is in there?
>>>> -Jesse
>>>>
>>>>
>>>> On Fri, Jan 13, 2012 at 07:50, Kelly Goedert
>>>> < >
>>>> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I'm trying to bootstrap a new chef client on a newly installed
>>>>> machine. I'm using the following command:
>>>>>
>>>>>     knife bootstrap -x kelly -P changeme -d ubuntu10.04-gems -N
>>>>> kelly15 --sudo -r 'role[developer]' 10.1.1.15
>>>>>
>>>>> The installation seem to go ok, but this message appears
>>>>>
>>>>> [Fri, 13 Jan 2012 10:42:53 -0200] INFO: *** Chef 0.10.8 ***
>>>>> 10.1.1.15
>>>>> 10.1.1.15 [Fri, 13 Jan 2012 10:42:54 -0200] INFO: HTTP Request
>>>>> Returned 401 Unauthorized: Failed to authenticate. Ensure that your
>>>>> client key is valid.
>>>>> 10.1.1.15
>>>>> 10.1.1.15 [Fri, 13 Jan 2012 10:42:54 -0200] FATAL: Stacktrace dumped
>>>>> to /var/chef/cache/chef-stacktrace.out
>>>>> 10.1.1.15
>>>>> 10.1.1.15 [Fri, 13 Jan 2012 10:42:54 -0200] FATAL:
>>>>> Net::HTTPServerException: 401 "Unauthorized"
>>>>>
>>>>> Do I have to create the client on chef server first?
>>>>>
>>>>> Thanks
>>>>>
>>>>> Kelly
>>>>
>>>>

[chef] bootstraping a new client authorization error, Kelly Goedert, 01/13/2012
- [chef] Re: bootstraping a new client authorization error, Jesse Campbell, 01/13/2012
  - [chef] Re: Re: bootstraping a new client authorization error, Kelly Goedert, 01/16/2012
    - [chef] Re: Re: Re: bootstraping a new client authorization error, andi abes, 01/16/2012
      - [chef] Re: Re: Re: Re: bootstraping a new client authorization error, Kelly Goedert, 01/16/2012
        
        [chef] Re: Re: Re: Re: Re: bootstraping a new client authorization error, Jesse Campbell, 01/16/2012
        
        [chef] Re: Re: Re: Re: Re: Re: bootstraping a new client authorization error, Kelly Goedert, 01/16/2012
        
        [chef] Re: bootstraping a new client authorization error, Jesse Campbell, 01/17/2012