General discussion about Chef

[chef] Re: Re: Why don't work search and how to search in run_list (for example with knife search)?


Chronological Thread 
  • From: Vladimir Skubriev < >
  • To:
  • Subject: [chef] Re: Re: Why don't work search and how to search in run_list (for example with knife search)?
  • Date: Mon, 19 Aug 2013 18:25:52 +0400
On 19.08.2013 17:24, Graham Christensen wrote:
Hello,

This is by design - if search were to return nodes which haven't run
the recipe yet, you could very easily imagine a situation where other
services start failing,
What services you mean (chef-server services or may be other bacula for example)?

because it can't access a database server, or
What database it can't access chef-server ?
a load balancer is pointing at nodes which don't even have the service
running yet.
I don't know about load balancers. Because I install chef server by trivial instruction on the opscode site.

And in the course of its operation I changed on it the DNS settings. Because they changed in our new environment.
Probably because of it search ceased to work normally?
Or I don't understand you ((

There may be a way to force the issue and search for nodes who don't
have the recipe run yet,
How? How I can do this search please hep me with a command.
Only I don't understand why it can do it is required to me (run search command)
however usually when I hear of people wanting
to do this, they are looking for immediate configuration to be
performed,
At the beginning I thought exactly so. But now i understand that i am not right.
instead of assuming eventual infrastructure consistency.
Where i can read about this in docs of chef ?
This means running the server's chef-client, running it on the client,
and then re-running it on the server.
I can not understand what the client and server has in mind.

I have backup server which is do search for client's which is has recipe cbacula::client (he's name is backup)

I have a server which is client of backup server named zeus

I have a chef-server. But on the chef-server i can't run chef-client because of errors:

:~$
 sudo chef-client
[sudo] password for srvadm:
[Mon, 19 Aug 2013 17:55:38 +0400] INFO: *** Chef 10.18.2 ***
[Mon, 19 Aug 2013 17:55:38 +0400] INFO: [inet6] no default interface, picking the first ipaddress
[Mon, 19 Aug 2013 17:55:39 +0400] INFO: HTTP Request Returned 401 Unauthorized: Failed to authenticate. Ensure that your client key is valid.

================================================================================
Chef encountered an error attempting to load the node data for "chef-server.example.lab"
================================================================================

Authentication Error:
---------------------
Failed to authenticate to the chef server (http 401).

Server Response:
----------------
Failed to authenticate. Ensure that your client key is valid.

Relevant Config Settings:
-------------------------
chef_server_url   "http://chef-server.example.lab:4000";
node_name         "chef-server.example.lab"
client_key        "/etc/chef/client.pem"

If these settings are correct, your client_key may be invalid.

[Mon, 19 Aug 2013 17:55:39 +0400] FATAL: Stacktrace dumped to /var/cache/chef/chef-stacktrace.out
[Mon, 19 Aug 2013 17:55:39 +0400] FATAL: Net::HTTPServerException: 401 "Unauthorized"

I don't know about how can run chef-client on the chef-server by default install. My be it shouldn't work by default. Or This is my problem because of misspelled configuration.

I rerun chef-client on all of this servers and this don't help me with a knife search.

At the backup server i check this via shef -z command:

# shef -z
loading configuration: /etc/chef/client.rb
Session type: client
Loading.[2013-08-19T18:01:21+04:00] INFO: [inet6] no default interface, picking the first ipaddress
..[2013-08-19T18:01:22+04:00] INFO: Run List is [role[backup_server], recipe[cbacula::client]]
[2013-08-19T18:01:22+04:00] INFO: Run List expands to [cbacula::database, cbacula::director, cbacula::storage, cbacula::webacula, cbacula::client]
[2013-08-19T18:01:22+04:00] INFO: HTTP Request Returned 404 Not Found: No routes match the request: /reports/nodes/backup.example.lab/runs
.[2013-08-19T18:01:22+04:00] INFO: Loading cookbooks [apt, aws, build-essential, cbacula, database, mysql, openssl, postgresql, xfs]
[2013-08-19T18:01:22+04:00] INFO: Storing updated cookbooks/cbacula/recipes/director.rb in the cache.
[2013-08-19T18:01:22+04:00] INFO: Storing updated cookbooks/cbacula/recipes/webacula.rb in the cache.
[2013-08-19T18:01:23+04:00] INFO: Storing updated cookbooks/cbacula/recipes/database.rb in the cache.
.[2013-08-19T18:01:23+04:00] INFO: Storing updated cookbooks/cbacula/metadata.rb in the cache.
done.

This is shef, the Chef shell.
 Chef Version: 10.18.2
 http://www.opscode.com/chef
 http://wiki.opscode.com/display/chef/Home

run `help' for help, `exit' or ^D to quit.

Ohai2u 

chef > var = search(:node, 'recipes:cbacula\:\:client')
 => [node[backup.example.lab]]
chef >

If you can see i it also return only one client.

Often this is accomplished by
having chef-client be scheduled every 5 minutes or every hour.

Chef-server receives data from chef-clients after they will be started at the end of running process.
This is not work in my variant. Search was not work.
You meant that I must start it on clients every hour?
I think this is optional.

Consider it  pessimistic view:

Either it:
1. assumes the chef-client will prepare the node for service very
soon, and potentially causes failures in your infrastructure
If I understand you - i am too think that this no good idea - to run chef-client by cron (for example)
2. it makes no assumption about the state of the node, and simply
recognizes that it simply isn't ready for service yet


Does this make sense?

Partly yes - but the question remains for me open

Thank you for participate.

--
Best regards,

CVisionLab System Administrator
Vladmir Skubriev


Archive powered by MHonArc 2.6.16.

§