General discussion about Chef

[chef] Re: Re: HELP! I think that I really messed up Chef configuration :(!!


Chronological Thread 
  • From: Galen Emery < >
  • To:
  • Cc: Steven Murawski < >,
  • Subject: [chef] Re: Re: HELP! I think that I really messed up Chef configuration :(!!
  • Date: Mon, 13 Jul 2015 14:04:28 -0700
Jim,

To create a new Chef Workstation there's a couple different options rather than using the starter kit.

At the end of the day, the workstation needs these things inside a .chef folder:

1) knife.rb file with the correct user and server to talk to.
2) user.pem for that user.
3*) organization-validator.pem (for old-style bootstraps)


You can generate the knife.rb file from the Manage UI, or just copy it from your current workstation.

You can either copy your pem file around, or create a new user for your separate workstation.  To create a new user: 
1. Go to the signup page (http://chefserver/signup) and create a new user.
2. Sign in as your other user and invite the new one to the organization and assign whatever rights you wish.
3. Log in as new user and accept the invite.
4. Generate key-pair for new user and stick in the .chef directory.

To create a new validator key (If you don't use the validator-style bootstraps, then you don't need to do this), go into the Manage UI > Policy > Clients > Create New (Select Validation Client).  This will give you a new validator client to work with.

Hope that helps!



On Mon, Jul 13, 2015 at 1:51 PM, o haya < " target="_blank"> > wrote:
Hi,

Also, from some reading, it seems like, with regards to the keys, I should not have clicked that starter kit button and gotten a new ZIP file?

So what SHOULD I have done when I wanted to create the "new" Chef workstation?

Thanks again,
Jim



--------------------------------------------
On Mon, 7/13/15, o haya < "> > wrote:

 Subject: Re: [chef] HELP!  I think that I really messed up Chef configuration :(!!
 To: "> , "Steven Murawski" < "> >
 Cc: ">
 Date: Monday, July 13, 2015, 4:41 PM

 Hi Steven,

 Wow!  Thanks - I think this
 was very helpful (but still not sure):

 Re. the knife:

 The original one, that is kind of working
 still, but broken now:

 PS
 C:\Users\Administrator\chef-repo> get-command knife |
 format-list *


 HelpUri            :
 FileVersionInfo    : File:         
    C:\opscode\chefdk\bin\knife.bat
                  
    InternalName:
          
            OriginalFilename:
                  
    FileVersion:
            
          FileDescription:
  
                    Product:
                  
    ProductVersion:
          
            Debug:            False
                  
    Patched:          False
                  
    PreRelease:       False
                  
    PrivateBuild:     False
                  
    SpecialBuild:     False
                  
    Language:

 Path               :
 C:\opscode\chefdk\bin\knife.bat
 Extension 
         : .bat
 Definition     
    : C:\opscode\chefdk\bin\knife.bat
 Visibility         : Public
 OutputType         :
 {System.String}
 Name           
    : knife.bat
 CommandType   
     : Application
 ModuleName     
    :
 Module         
    :
 RemotingCapability :
 PowerShell
 Parameters     
    :
 ParameterSets      :



 The new one, which doesn't work at all:

 C:\Users\Administrator\chef-repo>exit
 PS C:\Users\Administrator\chef-repo>
 get-command knife | format-list *


 HelpUri            :
 FileVersionInfo    : File:         
    c:\opscode\chef\bin\knife.bat
                  
    InternalName:
          
            OriginalFilename:
                  
    FileVersion:
            
          FileDescription:
  
                    Product:
                  
    ProductVersion:
          
            Debug:            False
                  
    Patched:          False
                  
    PreRelease:       False
                  
    PrivateBuild:     False
                  
    SpecialBuild:     False
                  
    Language:

 Path               :
 c:\opscode\chef\bin\knife.bat
 Extension   
       : .bat
 Definition     
    : c:\opscode\chef\bin\knife.bat
 Visibility         : Public
 OutputType         :
 {System.String}
 Name           
    : knife.bat
 CommandType   
     : Application
 ModuleName     
    :
 Module         
    :
 RemotingCapability :
 PowerShell
 Parameters     
    :
 ParameterSets      :



 So it does look like on the "new"
 one, I'm picking up the knife from a Chef client, and
 not from the Chef DK?

 Is
 that correct?


 How can I fix that?  Should I just uninstall
 the Chef client from that machine (this is the AD machine,
 which did have a Chef client on it originally)?




 Re. the PEMS, can you clarify
 what you meant when you said:

 "so you'll need to replace those
 with
  the ones from the most recent starter
 kit"


 Which are "those" and where do I get
 "the ones from the most recent starter kit"
 (specifically)?



 Thanks again!

 Jim


 --------------------------------------------
 On Mon, 7/13/15, Steven Murawski < "> >
 wrote:

  Subject: Re: [chef]
 HELP!  I think that I really messed up Chef configuration
 :(!!
  To: ">
  Cc: "o haya" < "> >
  Date: Monday, July 13, 2015, 4:05 PM


        
                              
    So, when you requested the

 starter kit, your previous user pem and  validation.pem
  were invalidated, so you'll need to
 replace those with
  the ones from the most
 recent starter kit.
  The second part could
 be a couple of
  things.  Do you have
 another install of Chef on the system?
   If
 you have a Chef Client install as well, you may be
  resolving knife from that install rather than
 ChefDK.  (and
  each will have their own
 copy of the various gems).  You
  can test
 that from PowerShell by using Get-Command knife |
  format-list * and checking out the path it is
 coming
  from.
  Steve
  Steven MurawskiCommunity Software Development
 Engineer @
  ChefMicrosoft MVP -
 PowerShell
  http://stevenmurawski.com
                                
         On 7/13/2015 2:52:27
  PM, o haya
 < "> >
 wrote:Hi,



  I originally had the
 following
  configuration:




  Chef
 Server (CENTOS 6.6)

  Chef
 Workstation (Windows 2008 w/ChefDK

 installed)

  Test AD
 (Windows 2008)

  Test Nodes
 (Windows 2008)

  ..

  ..



  I
 (probably stupidly) decided that I want
  to
 put the Chef Workstation on the Test AD machine.
  I'll try to describe what I've done,
 but things are
  so messed up at this point,
 I'm not sure exactly
  what's going
 on or what I did.



  So, I ran the ChefDK
 installer on the AD
  machine.  Then, I
 think I got the quickstart ZIP from the

 Chef server, and I unzipped in in the chef-repo directory
 on
  the AD machine.



  After
 that, basically nothing worked.



  The first
 thing I ran into was that the
  Chef-client
 (the nodes) could not register anymore, getting
  401 errors when i try to run chef-client on
 them.




  So then, I thought I should try to
  re-bootstrap the nodes but I can't seem to
 get the
  knife-windows to work on the new
 Chef workstation.



  I run "chef gem
 install
  knife-windows" in the
 chef-repo directory, but then
  when I try to
 run "knife bootstrap windows winrm "
  it says that the host I'm trying to
 bootstrap is
  "windows".



  I think that I have some OVAs that I backed
  up from earlier, so I'm going to try to
 see if I can
  restore them, but can anyone
 tell me or point me to what
  went wrong? 
 Is there just no way to "move" the
  Chef Workstation or make a 2nd instance once
 it's
  installed?  It seems like all the
 pieces (the nodes, the
  Chef server and the
 workstation) are permanently linked

 together?



  Thanks,

  Jim






                    
                    

                                
        





Archive powered by MHonArc 2.6.16.

§