- From: Daniel DeLeo <
>
- To:
- Subject: [chef] Re: Chef 11.8 API - 403 "Forbidden" (Net::HTTPServerException)
- Date: Thu, 5 Mar 2015 15:21:51 -0800
On Thursday, March 5, 2015 at 4:42 AM, Rafał Radecki wrote:
>
Hi All :)
>
>
I am currently trying to delete nodes through API once they will be
>
terminated (autoscaling instances in AWS).
>
>
Code:
>
>
require 'chef'
>
Chef::Config.from_file('/etc/chef/client.rb')
>
client_name = ENV['HOSTNAME']
>
rest = Chef::REST.new(Chef::Config[:chef_server_url],client_name)
>
node_name = 'x'
>
node_deleted = rest.get_rest("/nodes/" + node_name)
>
node_deleted.destroy
>
puts "deleted node: " + node_name
>
client_deleted = rest.get_rest("/clients/" + node_name)
>
client_deleted.destroy
>
puts "deleted client: " + node_name
>
>
>
During invocation I get:
>
>
/opt/chef-server/embedded/lib/ruby/1.9.1/net/http.rb:2633:in `error!': 403
>
"Forbidden" (Net::HTTPServerException)
>
>
I am using chef open source 11.8 and I understand that I can:
>
1) change in the web interface the client to admin=true?
>
2) add some permissions for the client so that he will be able to delete
>
nodes from /nodes endpoint?
>
>
1) is a manual action and I would like to automate this. For chef 11.8
>
actions such as chef-server-ctl user-edit
>
(https://docs.chef.io/ctl_chef_server.html) are not available. Is there an
>
automated way to change admin=false to admin=true for the node?
The main pages on docs track the latest version. For Chef Server, this is
12.x which has the authorization system that used to be only in the
proprietary enterprise chef server. You can see older versions here:
http://docs.chef.io/releases.html
>
2) I did not manage to find any usable docs about this.
>
>
Are there any other solutions? Can anyone help with 1) or 2)?
You can use knife client edit from a client with admin privileges to give
another client admin privileges.
>
>
Thanks!
>
>
BR,
>
Rafal.
--
Daniel DeLeo
Archive powered by MHonArc 2.6.16.