[chef] Re: Re: Re: Re: Bootstrap failure to ec2 instances

Thanks, I know this has beyond the scope of chef. Appreciate for the further 
help and your experienced sharing. Thanks. 

Based on ssh tunnel/openvpn suggestions, I set up a successful reverse tunnel 
from ec2 server to my local chef-server, but wondering how to execute further 
steps to achieve successful http post to chef-server IP:4000     I am 
learning networking and appreciate for any hint from your help.

Based on IP forward suggestion, I get the external IP of my local chef-server 
but can not ping through it from the ec2 server... I wonder if I can build a 
shortcut by changing my local ubuntu where chef-server runs:
a. change the url-config of my knife from http://externalip:4000 to ;
http://externalip:80...hope this accessible from outside
b. revise the iptables to forward requests to port 80 to port 4000... then I 
think this request will be process by listener on 4000. 

does this make any sense?

Although I can use the hosted mode and set up a ec2 chef-server, but I really 
hope this can be workable with my local environment for the convenience of 
plugin dev and freedom of manipulation...

Thanks.

Regards,

Xinhui Li

----- Original Message -----
From: "Vladimir Girnet" 
<
 >
To: 

 
Sent: Wednesday, January 25, 2012 11:59:39 PM
Subject: [chef] Re: Re: Re: Bootstrap failure to ec2 instances

Your issue is not Chef - related, but I will try to answer in more details.

Chef Server is serving clients via HTTP, it's a web server. There are a
lot of articles on Internet how to make your local (home) web server
accessible via Internet (or to some IP addresses).

Here are some details:
 - you have an *external* IP address A.B.C.D - what exactly is your
external IP you can probably find on your home router, or using site
like http://whatismyip.com
 - you need to configure your router to forward all request to IP
address A.B.C.D on port 4000 to your local IP 172.16.234.143 port 4000
    additionally, you can restrict from which IP addresses these
requests are allowed. You need to find out EC2 instances external IP
addresses, and add them to the list.
 - you need to configure knife to use external IP address as Chef server
for AWS EC2 instances: http://A.B.C.D:4000
 - in case you do have some local hosts to bootstrap via knife, you will
have to generate an additional configuration that will use
http://172.16.234.143:4000 as Chef server.

I would recommend setting up an additional EC2 instance, and
install/configure Chef Server on it. You will only need to open port
4000 for this instance from security groups.

I would recommend reading more articles regarding networking and IP
protocol, firewalls, NAT, forwarding and routing.

-Vova

On 1/26/12 3:35 AM, 

 
 wrote:
> If so, is there light way for me to expose an IP of local laptop to be 
> accessible from AWS? Thanks a lot.
>
> Regards,
>
> Xinhui Li
>
> ----- Original Message -----
> From: "Vladimir Girnet" 
> <
 >
> To: 
> 
 
> Sent: Wednesday, January 25, 2012 7:40:14 PM
> Subject: [chef] Re: Bootstrap failure to ec2 instances
>
> I think you are using a non-routable address for your Chef Server:
> 172.16.234.143
>
> You need to forward somehow external connections to Chef Server on your
> home laptop, and provide external IP of the Chef Server to chef-clients.
>
>
>
> On 1/25/12 12:35 PM, 
> 
 
>  wrote:
>> [Wed, 25 Jan 2012 10:16:29 +0000] DEBUG: Sending HTTP Request via POST to
>> 172.16.234.143:4000/clients

-- 
Vladimir Girnet
Infrastructure Engineer
Tacit Knowledge
http://www.tacitknowledge.com