chef - [chef] Forbidden 403 after adding nodes on Chef 12

First login ?
Lost password ?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Forbidden 403 after adding nodes on Chef 12

From: Doug Garstang < >
To:
Subject: [chef] Forbidden 403 after adding nodes on Chef 12
Date: Tue, 25 Aug 2015 11:20:06 -0700

Running chef client in debug mode shows this:

Initiating PUT to https://chef-008.dev.foobar.com/organizations/foobar/nodes/dt-ac8c940d.dev.foobar.com

...

HTTP 1.1 403 Forbidden

How do I go about fixing this?

I'm simply adding my node with:

knife node from file dt-ac8c940d.dev.foobar.com.json

and then running the chef-client.

This thread seems to be related:

https://github.com/chef/chef-server/issues/63

However, attempting to use the suggested:

knife acl add nodes dt-ac8c940d.dev.foobar.com update client dt-ac8c940d.dev.foobar.com

results in:

FATAL: ERROR: To enforce best practice, knife-acl can only add a group to an ACL.

FATAL: See the knife-acl README for more information.

I've reproduced this multiple times after deleting both the node and the client and running the knife node from file ... command again.

I've also tried running knife bootstrap, and the problem disappears. It would seem that bootstrap is doing something magical that 'knife node from file' is not. However, I'd prefer not to use bootstrap as this needs to work with autoscaling groups.

Thanks,

[chef] Forbidden 403 after adding nodes on Chef 12, Doug Garstang, 08/25/2015
- [chef] Re: Forbidden 403 after adding nodes on Chef 12, Steven Danna, 08/26/2015