search

3ofcoins / chef-cookbook-hostname

Chef cookbook to set node's hostname and FQDN.
MIT License
41 stars 90 forks source link

chef-client is throwing authentication error after successful knife bootstrapping #41

Closed dsavinkov closed 9 years ago

dsavinkov commented 9 years ago

Hi All, I might be doing something wrong, but here is the situation. Chef 12.3.0. CentOS 6.3 running on AWS. During execution of knife bootstrap I am applying hostname:default recipe and everything is looks fine. Chef server shows newly boostrapped instance with updated FQDN, but Node Name column is still showing something like ip-x-x-x-x.aws-region-name.compute.internal.

Then I try to ssh this host and run chef-client I am getting following error:

[ec2-user@newHostName ~]$ sudo chef-client
Starting Chef Client, version 12.3.0
================================================================================
Chef encountered an error attempting to load the node data for "newHostName"
================================================================================

Authentication Error:
---------------------
Failed to authenticate to the chef server (http 401).

Server Response:
----------------
Failed to authenticate as 'newHostName'. Ensure that your node_name and client key are correct.

Relevant Config Settings:
-------------------------
chef_server_url   "https://chefServerDomain/organizations/organizationName"
node_name         "newHostName"
client_key        "/etc/chef/client.pem"

If these settings are correct, your client_key may be invalid, or
you may have a chef user with the same client name as this node.

[2015-05-04T12:36:03-07:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
Chef Client failed. 0 resources updated in 0.962848623 seconds
[2015-05-04T12:36:03-07:00] ERROR: 401 "Unauthorized"
[2015-05-04T12:36:03-07:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

I have checked already closed issue #8, according to which I assume every time I need manually change client.rb and include node_name parameter. At the same time Chef client.rb documentation indicates that:

node_name is used to determine which configuration should be applied and to set the client_name    (which is the name used when authenticating to a Chef server). The default value is set automatically to    be the FQDN of the chef-client, as detected by Ohai. In general, leaving this setting blank and letting    Ohai assign the FQDN of the node as the node_name during each chef-client run is the recommended    approach.

After cleaning up /etc/chef/* folder, removing this instance from chef server and re-bootstrapping again I was able to make it work. Node Name also appeared correctly in Chef server under Node Name column as newServerName

@yandod, @mpasternacki could you please comment on this? Appreciate

dsavinkov commented 9 years ago

The answer is to include -N nodeName parameter during initial knife bootstrap operation.