[chef] RE: Re: role NOT being applied?


Chronological Thread 
  • From: "Fouts, Chris" < >
  • To: " " < >
  • Subject: [chef] RE: Re: role NOT being applied?
  • Date: Tue, 4 Nov 2014 15:42:25 +0000
  • Accept-language: en-US

Yes, but chef-client run should “put” it there – that’s what I’m trying to accomplish.

 

From: Tyler [mailto:
Sent: Tuesday, November 04, 2014 9:35 AM
To:
Subject: [chef] Re: role NOT being applied?

 

That `ssl_verify_mode :verify_peer` line should be in your client.rb chef config file.  The recipe that Tensibai mentions will create & manage that file for you.  What does your client.rb file look like on one of the nodes?

 

What log file are you missing?

 

-T

 

On Nov 3, 2014, at 11:21 AM, Tensibai Zhaoying < "> > wrote:

 

Do you have chef_client::config I'm the node runlist ? (You did not specify that)



---- Fouts, Chris a écrit ----

I have the following in one of my *.json roles, and I have uploaded the role to my chef-server, and have assigned that role to my node (I’m very sure of this!).

 

“default_attributes”: {

  “chef_client” : {

    “ssl_verify_mode” : “:verify_peer”,

    “log_level” : “:debug”,

    “logfile” : “/var/log/chef-client/chef.log”

  }

}

 

But yet, I still see this during my chef-client runs

 

SSL validation of HTTPS requests is disabled. HTTPS connections are still

encrypted, but chef is not able to detect forged replies or man in the middle

attacks.

 

To fix this issue add an entry like this to your configuration file:

 

```

  # Verify all HTTPS connections (recommended)

  ssl_verify_mode :verify_peer

 

  # OR, Verify only connections to chef-server

  verify_api_cert true

 

 

Of course I don’t see the log file either.

 

Any clues?

 

Chris

 




Archive powered by MHonArc 2.6.16.

§