AMZ linux and chef 13 ohai hints issue

[Stromweld]

Cookbook version

5.0.3

Chef-client version

13.0.118

Platform Details

chef_version=13.0.118  platform=amazon  platform_version=2016.09  ruby=ruby 2.4.

Scenario:

aws ec2 hints in ohai convergence

Steps to Reproduce:

using deployment script from AWS OPSworks for Chef Automate on Elastic Beanstalk instance with wrapper cookbook in run list to install aws cookbook and run ec2 hints.

Expected Result:

converged instance

Actual Result:

Application update failed at 2017-04-19T15:29:23Z with exit status 1 and error: container_command ebInit in .ebextensions/justChef.config failed.

+ CHEF_DIR=/etc/chef
+ CHEF_CA_PATH=/etc/chef/trusted_certs/opsworks-cm-ca-2016-root.pem
+ CHEF_COMMAND=chef-client
+ ASSOCIATION_PATH=/etc/chef/already_associated_when_this_file_present
+ echo 'Requesting association'
Requesting association
++ associate_node
++ '[' '!' -f /etc/chef/already_associated_when_this_file_present ']'
++ client_key=/etc/chef/client.pem
++ mkdir /etc/chef
++ umask 077
++ openssl genrsa -out /etc/chef/client.pem 2048
Generating RSA private key, 2048 bit long modulus
.......................................................................................................+++
..................+++
unable to write 'random state'
e is 65537 (0x10001)
+++ openssl rsa -in /etc/chef/client.pem -pubout
writing RSA key
++ aws_cli associate-node --node-name i-037a2ab789ac41b8c --engine-attributes Name=CHEF_ORGANIZATION,Value=default 'Name=CHEF_NODE_PUBLIC_KEY,Value='\''-----BEGIN PUBLIC KEY-----
****Scrubbed****
-----END PUBLIC KEY-----'\'''
++ aws opsworks-cm --region us-west-2 --output text associate-node --node-name i-037a2ab789ac41b8c --engine-attributes Name=CHEF_ORGANIZATION,Value=default 'Name=CHEF_NODE_PUBLIC_KEY,Value='\''-----BEGIN PUBLIC KEY-----
****Scrubbed*****
-----END PUBLIC KEY-----'\''' --server-name chef-automate
+ node_association_status_token=Aaan3zdrag3m+OoxSXYhT4kPYcNtlBMN3eNV8BrF3E3aE+no0R131SgfQzungv417L107B7NrmmWBzP7lbktUxo=
+ install_chef_client
+ command -v chef-client
+ '[' '!' 1 -eq 0 ']'
+ echo 'Installing Chef client...'
Installing Chef client...
+ bash -s -- -v ''
+ curl --silent --show-error --retry 3 --location https://omnitruck.chef.io/install.sh
el 6 x86_64
Getting information for chef stable for el...
downloading https://omnitruck.chef.io/stable/chef/metadata?v=&p=el&pv=6&m=x86_64
to file /tmp/install.sh.4499/metadata.txt
trying wget...
sha1    b92640edfce4b23788cfc6e201e862f985ed6873
sha256  aa47e3da21416091e5cb80fd5a8e9172bc7971a228b522871d7276c915116d2f
url https://packages.chef.io/files/stable/chef/13.0.118/el/6/chef-13.0.118-1.el6.x86_64.rpm
version 13.0.118
downloaded metadata file looks valid...
downloading https://packages.chef.io/files/stable/chef/13.0.118/el/6/chef-13.0.118-1.el6.x86_64.rpm
to file /tmp/install.sh.4499/chef-13.0.118-1.el6.x86_64.rpm
trying wget...
Comparing checksum with sha256sum...

WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING

You are installing an omnibus package without a version pin. If you are installing
on production servers via an automated process this is DANGEROUS and you will
be upgraded without warning on new releases, even to new major releases.
Letting the version float is only appropriate in desktop, test, development or
CI/CD environments.

WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING

Installing chef
installing with rpm...
warning: /tmp/install.sh.4499/chef-13.0.118-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Preparing... ########################################
Updating / installing...
chef-13.0.118-1.el6 ########################################
Thank you for installing Chef!
+ echo Installed
Installed
+ write_chef_config
+ config_path=/etc/chef/client.rb
+ '[' '!' -f /etc/chef/client.rb ']'
+ echo 'Writing Chef config...'
Writing Chef config...
+ echo 'chef_server_url '\''https://chef-automate-example.us-west-2.opsworks-cm.io/organizations/default'\'''
+ echo 'node_name '\''i-037a2ab789ac41b8c'\'''
+ key_path=/etc/chef/encrypted_data_bag_secret
+ '[' '!' -f /etc/chef/encrypted_data_bag_secret ']'
+ echo 
****Scrubbed*****
+ install_trusted_certs
+ '[' '!' -f /etc/chef/trusted_certs/opsworks-cm-ca-2016-root.pem ']'
++ dirname /etc/chef/trusted_certs/opsworks-cm-ca-2016-root.pem
+ mkdir -p /etc/chef/trusted_certs
+ echo 'Downloading trusted certs'
Downloading trusted certs
+ curl --silent --show-error --retry 3 --location --output /etc/chef/trusted_certs/opsworks-cm-ca-2016-root.pem https://opsworks-cm-us-west-2-prod-default-assets.s3.amazonaws.com/misc/opsworks-cm-ca-2016-root.pem
+ wait_node_associated Aaan3zdrag3m+OoxSXYhT4kPYcNtlBMN3eNV8BrF3E3aE+no0R131SgfQzungv417L107B7NrmmWBzP7lbktUxo=
+ '[' '!' -f /etc/chef/already_associated_when_this_file_present ']'
+ echo 'Awaiting association...'
Awaiting association...
+ aws_cli wait node-associated --node-association-status-token Aaan3zdrag3m+OoxSXYhT4kPYcNtlBMN3eNV8BrF3E3aE+no0R131SgfQzungv417L107B7NrmmWBzP7lbktUxo=
+ aws opsworks-cm --region us-west-2 --output text wait node-associated --node-association-status-token Aaan3zdrag3m+OoxSXYhT4kPYcNtlBMN3eNV8BrF3E3aE+no0R131SgfQzungv417L107B7NrmmWBzP7lbktUxo= --server-name chef-automate
+ echo Associatied
Associatied
+ touch /etc/chef/already_associated_when_this_file_present
+ chef-client -r 'role[base-amz-linux]' -E base-amz-linux-dev
Starting Chef Client, version 13.0.118
[2017-04-19T15:29:18+00:00] WARN: Plugin Network: unable to detect ipaddress
resolving cookbooks for run list: ["role-base-amz-linux-nativex"]
Synchronizing Cookbooks:
- line (0.6.3)
- motd (0.6.4)
- chef-sugar (3.4.0)
- nano (1.0.3)
- compat_resource (12.16.3)
- dstat (0.1.1)
- sshd (1.3.0)
- vim (2.0.2)
- hostsfile (2.4.5)
- logrotate (2.1.0)
- sudo (3.3.1)
- yum-epel (2.1.1)
- bash-completion (0.1.0)
- snmp (4.0.0)
- nfs (2.3.1)
- ssh_authorized_keys (0.3.0)
- mingw (2.0.0)
- now (1.0.0)
- seven_zip (2.0.2)
- sysctl (0.8.1)
- collectd-ng (2.2.0)
- aws (5.0.0)
- aws-tagging-nativex (1.1.4)
- chef_handler (2.1.1)
- lvm (4.0.6)
- chef_client_updater (1.0.2)
- ohai (5.0.3)
- windows (3.0.5)
- ephemeral_lvm-nativex (1.0.6)
- autofs-nativex (1.1.4)
- iptables (4.1.0)
- mlocate-nativex (1.0.3)
- ntp-nativex (1.1.3)
- ohai-nativex (1.0.5)
- postfix-nativex (1.0.3)
- ssh-authorized-keys-nativex (1.0.3)
- ephemeral_lvm (3.0.1)
- cron (4.1.1)
- solarwinds-nativex (1.5.3)
- graphite-nativex (1.1.6)
- timezone-ii (0.2.0)
- ad-nativex (3.3.6)
- autopatch-nativex (1.3.6)
- build-essential (8.0.1)
- chef-client (8.0.1)
- timezone-nativex (1.0.5)
- auto-patch (0.1.10)
- role-base-amz-linux-nativex (1.2.4)
- hostname-nativex (1.0.8)
Installing Cookbook Gems:
Compiling Cookbooks...
/var/chef/cache/cookbooks/hostsfile/resources/entry.rb:35: warning: constant ::Fixnum is deprecated
Recipe: aws::ec2_hints
* ohai_hint[ec2] action create
* directory[/etc/chef/ohai/hints] action create
- create new directory /etc/chef/ohai/hints
================================================================================
Error executing action `create` on resource 'directory[/etc/chef/ohai/hints]'
================================================================================

 NoMethodError
-------------
undefined method `split' for nil:NilClass

 Cookbook Trace:
---------------
/var/chef/cache/cookbooks/ohai/resources/hint.rb:53:in `block in after_created'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `each'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `after_created'
 /var/chef/cache/cookbooks/aws/recipes/ec2_hints.rb:20:in `from_file'
 /var/chef/cache/cookbooks/role-base-amz-linux-nativex/recipes/default.rb:152:in `from_file'

 Resource Declaration:
---------------------
# In /var/chef/cache/cookbooks/ohai/resources/hint.rb

 6: directory ::Ohai::Config.ohai.hints_path.first do
 7: action :create
 8: recursive true
 9: end
 10:

 Compiled Resource:
------------------
# Declared in /var/chef/cache/cookbooks/ohai/resources/hint.rb:6:in `block in class_from_file'

 directory("/etc/chef/ohai/hints") do
 action [:create]
 default_guard_interpreter :default
 path "/etc/chef/ohai/hints"
 recursive true
 declared_type :directory
 cookbook_name "aws"
 owner nil
 group nil
 mode nil
 end

 System Info:
------------
chef_version=13.0.118
 platform=amazon
 platform_version=2016.09
 ruby=ruby 2.4.

Command output has been truncated. Please see logs for more details.
Incorrect application version "justChef_0.0.1.1" (deployment 2). Expected version "0.0.31" (deployment 1).
Feedback
English
Terms of UsePrivacy Policy© 2008 - 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved.

[tas50]

I'm a bit confused on where exactly this failure is coming from, but it looks like you're using the aws:ec2_hints recipe. The good news is you don't need that anymore. You can just remove that from your runlist entirely. Chef will autodetect AWS without issue now.

[Stromweld]

So I removed the aws::ec2_hints recipe from our base cookbook, but when our ohai-nativex cookbook tries to create an awsplugin for ohai and sets ['aws']['region'] attribute we get the same error:

[2017-04-19T16:33:59+00:00] WARN: Plugin Network: unable to detect ipaddress
resolving cookbooks for run list: ["role-base-amz-linux-nativex"]
Synchronizing Cookbooks:
- chef-sugar (3.4.0)
- nano (1.0.3)
- line (0.6.3)
- motd (0.6.4)
- hostsfile (2.4.5)
- dstat (0.1.1)
- sshd (1.3.0)
- bash-completion (0.1.0)
- compat_resource (12.16.3)
- vim (2.0.2)
- yum-epel (2.1.1)
- logrotate (2.1.0)
- sudo (3.3.1)
- now (1.0.0)
- ssh_authorized_keys (0.3.0)
- snmp (4.0.0)
- nfs (2.3.1)
- seven_zip (2.0.2)
- chef_handler (2.1.1)
- mingw (2.0.0)
- sysctl (0.8.1)
- collectd-ng (2.2.0)
- aws-tagging-nativex (1.1.4)
- ephemeral_lvm-nativex (1.0.6)
- aws (5.0.0)
- ohai (5.0.3)
- lvm (4.0.6)
- chef_client_updater (1.0.2)
- ssh-authorized-keys-nativex (1.0.3)
- ntp-nativex (1.1.3)
- mlocate-nativex (1.0.3)
- windows (3.0.5)
- autofs-nativex (1.1.4)
- iptables (4.1.0)
- ohai-nativex (1.0.5)
- cron (4.1.1)
- ephemeral_lvm (3.0.1)
- graphite-nativex (1.1.6)
- postfix-nativex (1.0.3)
- solarwinds-nativex (1.5.3)
- timezone-ii (0.2.0)
- ad-nativex (3.3.6)
- autopatch-nativex (1.3.6)
- chef-client (8.0.1)
- auto-patch (0.1.10)
- build-essential (8.0.1)
- timezone-nativex (1.0.5)
- hostname-nativex (1.0.8)
- role-base-amz-linux-nativex (1.2.4)
Installing Cookbook Gems:
Compiling Cookbooks...
/var/chef/cache/cookbooks/hostsfile/resources/entry.rb:35: warning: constant ::Fixnum is deprecated
Recipe: ohai-nativex::awsplugin
* ohai_hint[aws] action create
* directory[/etc/chef/ohai/hints] action create (up to date)
* file[/etc/chef/ohai/hints/aws.json] action create
- create new file /etc/chef/ohai/hints/aws.json
================================================================================
Error executing action `create` on resource 'file[/etc/chef/ohai/hints/aws.json]'
================================================================================

 NoMethodError
-------------
undefined method `split' for nil:NilClass

 Cookbook Trace:
---------------
/var/chef/cache/cookbooks/ohai/resources/hint.rb:53:in `block in after_created'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `each'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `after_created'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/awsplugin.rb:10:in `from_file'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/default.rb:10:in `from_file'
 /var/chef/cache/cookbooks/role-base-amz-linux-nativex/recipes/default.rb:151:in `from_file'

 Resource Declaration:
---------------------
# In /var/chef/cache/cookbooks/ohai/resources/hint.rb

 11: file ohai_hint_path do
 12: action :create
 13: content build_content
 14: end
 15: end

 Compiled Resource:
------------------
# Declared in /var/chef/cache/cookbooks/ohai/resources/hint.rb:11:in `block in class_from_file'

 file("/etc/chef/ohai/hints/aws.json") do
 action [:create]
 default_guard_interpreter :default
 declared_type :file
 cookbook_name "ohai-nativex"
 path "/etc/chef/ohai/hints/aws.json"
 owner nil
 group nil
 mode nil
 verifications []
 end

 System Info:
------------
chef_version=13.0.118
 platform=amazon
 platform_version=2016.09
 ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-linux]
 program_name=chef-client worker: ppid=32501;start=16:33:58;
 executable=/opt/chef/bin/chef-client

 
================================================================================
Error executing action `create` on resource 'ohai_hint[aws]'
================================================================================

 NoMethodError
-------------
file[/etc/chef/ohai/hints/aws.json] (/var/chef/cache/cookbooks/ohai/resources/hint.rb line 11) had an error: NoMethodError: undefined method `split' for nil:NilClass

 Cookbook Trace:
---------------
/var/chef/cache/cookbooks/ohai/resources/hint.rb:53:in `block in after_created'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `each'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `after_created'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/awsplugin.rb:10:in `from_file'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/default.rb:10:in `from_file'
 /var/chef/cache/cookbooks/role-base-amz-linux-nativex/recipes/default.rb:151:in `from_file'

 Resource Declaration:
---------------------
# In /var/chef/cache/cookbooks/ohai-nativex/recipes/awsplugin.rb

 10: ohai_hint 'aws'
 11:

 Compiled Resource:
------------------
# Declared in /var/chef/cache/cookbooks/ohai-nativex/recipes/awsplugin.rb:10:in `from_file'

 ohai_hint("aws") do
 action [:create]
 default_guard_interpreter :default
 declared_type :ohai_hint
 cookbook_name "ohai-nativex"
 recipe_name "awsplugin"
 hint_name "aws"
 end

 System Info:
------------
chef_version=13.0.118
 platform=amazon
 platform_version=2016.09
 ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-linux]
 program_name=chef-client worker: ppid=32501;start=16:33:58;
 executable=/opt/chef/bin/chef-client

 
================================================================================
Recipe Compile Error in /var/chef/cache/cookbooks/role-base-amz-linux-nativex/recipes/default.rb
================================================================================

 NoMethodError
-------------
ohai_hint[aws] (ohai-nativex::awsplugin line 10) had an error: NoMethodError: file[/etc/chef/ohai/hints/aws.json] (/var/chef/cache/cookbooks/ohai/resources/hint.rb line 11) had an error: NoMethodError: undefined method `split' for nil:NilClass

 Cookbook Trace:
---------------
/var/chef/cache/cookbooks/ohai/resources/hint.rb:53:in `block in after_created'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `each'
 /var/chef/cache/cookbooks/ohai/resources/hint.rb:52:in `after_created'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/awsplugin.rb:10:in `from_file'
 /var/chef/cache/cookbooks/ohai-nativex/recipes/default.rb:10:in `from_file'
 /var/chef/cache/cookbooks/role-base-amz-linux-nativex/recipes/default.rb:151:in `from_file'

 Relevant File Content:
----------------------
/var/chef/cache/cookbooks/ohai/resources/hint.rb:

 46: end
 47: end
 48:
 49: # this resource forces itself to run at compile_time
 50: def after_created
 51: return unless compile_time
 52: Array(action).each do |action|
 53>> run_action(action)
 54: end
 55: end
 56: 

 System Info:
------------
chef_version=13.0.118
 platform=amazon
 platform_version=2016.09
 ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-linux]
 program_name=chef-client worker: ppid=32501;start=16:33:58;
 executable=/opt/chef/bin/chef-client

 
Running handlers:
[2017-04-19T16:34:01+00:00] ERROR: Running exception handlers
Running handlers complete
[2017-04-19T16:34:01+00:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 03 seconds
[2017-04-19T16:34:01+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2017-04-19T16:34:01+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2017-04-19T16:34:01+00:00] ERROR: ohai_hint[aws] (ohai-nativex::awsplugin line 10) had an error: NoMethodError: file[/etc/chef/ohai/hints/aws.json] (/var/chef/cache/cookbooks/ohai/resources/hint.rb line 11) had an error: NoMethodError: undefined method `split' for nil:NilClass
[2017-04-19T16:34:01+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1).```

[Stromweld]

Here's our awsplugin recipe:

ohai_hint 'aws'

ohai 'reload_aws' do
  plugin 'aws'
  action :nothing
end

ohai_plugin 'aws' do
  notifies :reload, 'ohai[reload_aws]', :immediately
end

and here is the plugin file:

Ohai.plugin(:AwsRegion) do
  provides "aws"
  depends "ec2"

  def collect_region
    aws Mash.new
    aws[:region] = ec2[:placement_availability_zone].gsub(/[a-z]$/,'') 
  end

  collect_data do
    aws collect_region[:region]
  end
end

[Stromweld]

Another note, this all worked with chef-client 12.19.36 but after the chef-client 13 was released new amz linux nodes started failing with issues around ohai and it not collecting attributes on first chef-client run when deployed with autoscale script. When knifing a server with same ami image it all works just fine.

[Stromweld]

also for reference here is the autoscale script used to install chef and register node with AWS OpsWorks for chef-automate:

#!/bin/bash

# required settings
NODE_NAME="$(curl --silent --show-error --retry 3 http://169.254.169.254/latest/meta-data/instance-id)" # this uses the EC2 instance ID as the node name
NODE_AZ="$(curl --silent --show-error --retry 3 http://169.254.169.254/latest/meta-data/placement/availability-zone)"
NODE_REGION=${NODE_AZ::-1} # E.g., remove trailing 'b' from us-west-2b
CHEF_SERVER_REGION="us-west-2" # use one of us-east-1, us-west-1, eu-west-1
CHEF_SERVER_NAME="chef-automate" # The name of your Chef Server
CHEF_SERVER_ENDPOINT="chef-automate-example.us-west-2.opsworks-cm.io" # The FQDN of your Chef Server

# optional
CHEF_ORGANIZATION="default"    # AWS OpsWorks for Chef Server always creates the organization "default"
NODE_ENVIRONMENT="base-amz-linux-${APP_ENV}"            # E.g. development, staging, onebox ...
CHEF_CLIENT_VERSION="" # latest if empty

# recommended: upload the chef-client cookbook from the chef supermarket  https://supermarket.chef.io/cookbooks/chef-client
# Use this to apply sensible default settings for your chef-client config like logrotate and running as a service
# you can add more cookbooks in the run list, based on your needs
RUN_LIST="role[base-amz-linux]" # e.g. "recipe[chef-client],recipe[apache2]"

# ---------------------------
set -e -x

CHEF_CA_PATH="/etc/chef/opsworks-cm-ca-2016-root.pem"
CHEF_DIR="/etc/chef"
CHEF_COMMAND="chef-client"
ASSOCIATION_PATH="${CHEF_DIR}/already_associated_when_this_file_present"

aws_cli() {
  aws opsworks-cm --region "${CHEF_SERVER_REGION}" --output text "$@" --server-name "${CHEF_SERVER_NAME}"
}

associate_node() {
    if [ ! -f ${ASSOCIATION_PATH} ]; then
        client_key="${CHEF_DIR}/client.pem"
        mkdir ${CHEF_DIR}
        ( umask 077; openssl genrsa -out "${client_key}" 2048 )

        aws_cli associate-node \
            --node-name "${NODE_NAME}" \
            --engine-attributes \
            "Name=CHEF_ORGANIZATION,Value=${CHEF_ORGANIZATION}" \
            "Name=CHEF_NODE_PUBLIC_KEY,Value='$(openssl rsa -in "${client_key}" -pubout)'"
    fi
}

write_chef_config() {
    config_path="${CHEF_DIR}/client.rb"
    if [ ! -f ${config_path} ]; then
        echo "Writing Chef config..."
        (
            echo "chef_server_url   'https://${CHEF_SERVER_ENDPOINT}/organizations/${CHEF_ORGANIZATION}'"
            echo "node_name         '${NODE_NAME}'"
            echo "ssl_ca_file       '${CHEF_CA_PATH}'"
        ) >> ${config_path}
    fi

    key_path="${CHEF_DIR}/encrypted_data_bag_secret"
    if [ ! -f ${key_path} ]; then
        echo "****Scrubbed****" \
            > ${key_path}
    fi
}

install_chef_client() {
    command -v ${CHEF_COMMAND} >/dev/null 2>&1 || {
    if [ ! $? -eq 0 ]; then
        echo "Installing Chef client..."
        # see: https://docs.chef.io/install_omnibus.html
        curl --silent --show-error --retry 3 --location https://omnitruck.chef.io/install.sh | bash -s -- -v "${CHEF_CLIENT_VERSION}"
        echo "Installed"
    fi
    }
}

install_trusted_certs() {
    if [ ! -f ${CHEF_CA_PATH} ]; then
        echo "Downloading trusted certs"
        curl --silent --show-error --retry 3 --location --output "${CHEF_CA_PATH}" \
            "https://opsworks-cm-${NODE_REGION}-prod-default-assets.s3.amazonaws.com/misc/opsworks-cm-ca-2016-root.pem"
    fi
}

wait_node_associated() {
    if [ ! -f ${ASSOCIATION_PATH} ]; then
        echo "Awaiting association..."
        aws_cli wait node-associated --node-association-status-token "$1"
        echo "Associatied"
        touch ${ASSOCIATION_PATH}
    fi
}

echo "Requesting association" # Can't be in function because it ends up in the output/${node_association_status_token}
node_association_status_token="$(associate_node)"
install_chef_client
write_chef_config
install_trusted_certs
wait_node_associated "${node_association_status_token}"

${CHEF_COMMAND} -r "${RUN_LIST}" -E "${NODE_ENVIRONMENT}"

[tas50]

I'll dig into this further, but you actually don't need this plugin anymore either. Region is an attribute under ec2 now in Chef 13.