search

chef / knife-azure

Chef knife plug-in for Microsoft Azure
https://github.com/chef/knife-azure
Apache License 2.0
72 stars 89 forks source link

can't execute run list after create azure virtual machines #161

Closed thdotnet closed 9 years ago

thdotnet commented 10 years ago

I'm running the following command:

knife azure server create --azure-dns-name 'knifeth4' --azure-source-image "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201408.01-en.us-127GB.vhd" --azure-service-location "West US" -P "Pizza1234" -z Small -x "thiago" --tcp-endpoints '3389:3389,5985:5985' -r "role[learn_chef_iis],role[nopcommerce]" -VV

It configure endpoints and also create vm. But when it tries to execute run list, it exits and stop the execution:

WinRM Port: 5985 Environment: _default Runlist: ["role[iis]"] INFO: calling get hostedservices/az-933158e2aac5/deploymentslots/Production sync hronously . DNS Name: az-933158e2aac5.cloudapp.net VM Name: az-933158e2aac5 Size: Small Azure Source Image: a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datace nter-201408.01-en.us-127GB.vhd Azure Service Location: West US Public Ip Address: 104.40.0.138 Private Ip Address: 100.74.192.93 WinRM Port: 5985 Environment: _default Runlist: ["role[iis]"] Waiting for winrm on 104.40.0.138:5985 Waiting for remote response before bootstrap.DEBUG: Adding 104.40.0.138 DEBUG: :session => :init DEBUG: :relay_to_servers => echo . & echo Response received. DEBUG: :relayed => 104.40.0.138 DEBUG: 104.40.0.138 => :run_command ERROR: No response received from remote node after 0.01 minutes, giving up. ERROR: RuntimeError: Command execution failed.

I'm stuck with this error. Am I missing something?

muktaa commented 10 years ago

hi @thdotnet the VM gets created, but your knife plugin exits before winrm is enabled on the VM. winrm is needed by your knife plugin to communicate with the VM. the possible causes for this are - 1) knife plugin by default waits for 20 mins for winrm to be enabled. looking at your log above, it waited only for 0.01 mins. can you check if you have set the timeout option in your knife.rb? (note - there seems to be an issue with the timeout option, we will fix the issue. but in any case it should wait for atleast 10mins) 2) is there more to the log after the above error? I think there should be somethign more. The plugin keeps trying to winrm into that machine until it is ready, and it can take upto 20mins by default. Did you wait that long? 3) can you mention the version of knife azure gem that you have used?

thdotnet commented 10 years ago

Hi Mukta Aphale,

First thank you for your answer. I took a look at my knife.rb file and there's no timeout parameter. Should I put this parameter?

I've posted the full log info. At least I've put what was printed after using the parameter -VV.

I'm using knife-azure-1.3.0.gem. Do you need any other information?

Cheers,

2014-10-01 3:11 GMT-03:00 Mukta Aphale notifications@github.com:

hi @thdotnet https://github.com/thdotnet the VM gets created, but your knife plugin exits before winrm is enabled on the VM. winrm is needed by your knife plugin to communicate with the VM. the possible causes for this are - 1) knife plugin by default waits for 20 mins for winrm to be enabled. looking at your log above, it waited only for 0.01 mins. can you check if you have set the timeout option in your knife.rb? (note - there seems to be an issue with the timeout option, we will fix the issue. but in any case it should wait for atleast 10mins) 2) is there more to the log after the above error? 3) can you mention the version of knife azure gem that you have used?

— Reply to this email directly or view it on GitHub https://github.com/opscode/knife-azure/issues/161#issuecomment-57423080.

thdotnet commented 10 years ago

I did another test. It's still not working:

PS C:> knife azure server create --azure-dns-name 'knifeth8' --azure-source-image "a699494373c04fc0bc8f2bb1389d6106__Wi ndows-Server-2012-Datacenter-201408.01-en.us-127GB.vhd" --azure-service-location "West US" -P "Pizza1234" -z Small -x "t hiago" --tcp-endpoints '3389:3389,5985:5985' -r "role[learn_chef_iis],role[nopcommerce]" -VV INFO: Starting chef-zero on host localhost, port 8889 with repository at repository at C:/chef/chef-repo One version per cookbook

INFO: validating... INFO: creating... INFO: calling get hostedservices/knifeth8 synchronously .DEBUG: <?xml version="1.0"?> ResourceNotFound

The hosted service does not exist.

WARN: ResourceNotFound : The hosted service does not exist. WARN: Unable to find hosted(cloud) service:ResourceNotFound : The hosted service does not exist. INFO: calling get storageservices synchronously .INFO: calling get images synchronously .DEBUG: Redirect to https://ussouth.management.core.windows.net/f8aa68df-046e-44b8-bc60-3768d6b35fa5/services/images ? INFO: calling post hostedservices synchronously DEBUG: <?xml version="1.0"?>

knifeth8 Explicitly created hosted service West US

.INFO: Waiting while status returns InProgress DEBUG: not InProgress : <?xml version="1.0"?>

7e184ff0-196d-11b9-a366-54e952f4c04c Succeeded 200

INFO: calling get hostedservices/knifeth8 synchronously .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Redirect to https://ussouth.management.core.windows.net/f8aa68df-046e-44b8-bc60-3768d6b35fa5/services/hostedserv ices/knifeth8/deploymentslots/Production? DEBUG: <?xml version="1.0"?> ResourceNotFound

No deployments were found.

WARN: ResourceNotFound : No deployments were found. Skipping tcp-endpoints: 5985:5985 because this ports are already in use by ssh/winrm endpoint in current VM. INFO: calling post hostedservices/knifeth8/deployments synchronously DEBUG: <?xml version="1.0"?>

knifeth8 Production knifeth8 PersistentVMRole WindowsProvisioningConfiguration knifeth8 Pizza1234 false false thiago Http NetworkConfiguration 5985 WinRM 5985 TCP 3389 tcpport_3389_knifeth8 3389 TCP disk_2bb82eaf-97ca-4367-ab71-5dd20a6073f4 http://az3642f7cbd4cdqtykqjavdy.blob.core.windows.net/vhds/disk_2bb82eaf-97ca-4367-ab71-5dd20a6073f4.vhd a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201408.01-en.us-127GB.vhd Small

.INFO: Waiting while status returns InProgress .DEBUG: not InProgress : <?xml version="1.0"?>

79b4773e-e54c-18e8-9604-1ded59b24ec0 Succeeded 200

INFO: calling get hostedservices/knifeth8 synchronously .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously . Waiting for virtual machine to reach status 'provisioning'INFO: calling get hostedservices/knifeth8/deploymentslots/Prod uction synchronously ..INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is RoleStateUnknown .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is RoleStateUnknown .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is RoleStateUnknown .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .vm state 'provisioning' reached after 2.16 minutes. Waiting for virtual machine to reach status 'ready'INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is Provisioning .INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously .DEBUG: Role status is ReadyRole .vm state 'ready' reached after 4.29 minutes. INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously . DNS Name: knifeth8.cloudapp.net VM Name: knifeth8 Size: Small Azure Source Image: a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201408.01-en.us-127GB.vhd Azure Service Location: West US Public Ip Address: 104.40.68.197 Private Ip Address: 100.75.178.92 WinRM Port: 5985 TCP Ports: [{"Name"=>"tcpport_3389_knifeth8", "Vip"=>"104.40.68.197", "PublicPort"=>"3389", "LocalPort"=>"3389"}] Environment: _default Runlist: ["role[learn_chef_iis]", "role[nopcommerce]"]

INFO: calling get hostedservices/knifeth8/deploymentslots/Production synchronously . DNS Name: knifeth8.cloudapp.net VM Name: knifeth8 Size: Small Azure Source Image: a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201408.01-en.us-127GB.vhd Azure Service Location: West US Public Ip Address: 104.40.68.197 Private Ip Address: 100.75.178.92 WinRM Port: 5985 TCP Ports: [{"Name"=>"tcpport_3389_knifeth8", "Vip"=>"104.40.68.197", "PublicPort"=>"3389", "LocalPort"=>"3389"}] Environment: _default Runlist: ["role[learn_chef_iis]", "role[nopcommerce]"]

Waiting for winrm on 104.40.68.197:5985

Waiting for remote response before bootstrap.DEBUG: Adding 104.40.68.197 DEBUG: :session => :init DEBUG: :relay_to_servers => echo . & echo Response received. DEBUG: :relayed => 104.40.68.197 DEBUG: 104.40.68.197 => :run_command ERROR: No response received from remote node after 0.01 minutes, giving up. ERROR: RuntimeError: Command execution failed. PS C:>

2014-10-01 3:11 GMT-03:00 Mukta Aphale notifications@github.com:

hi @thdotnet https://github.com/thdotnet the VM gets created, but your knife plugin exits before winrm is enabled on the VM. winrm is needed by your knife plugin to communicate with the VM. the possible causes for this are - 1) knife plugin by default waits for 20 mins for winrm to be enabled. looking at your log above, it waited only for 0.01 mins. can you check if you have set the timeout option in your knife.rb? (note - there seems to be an issue with the timeout option, we will fix the issue. but in any case it should wait for atleast 10mins) 2) is there more to the log after the above error? 3) can you mention the version of knife azure gem that you have used?

— Reply to this email directly or view it on GitHub https://github.com/opscode/knife-azure/issues/161#issuecomment-57423080.

muktaa commented 9 years ago

Thanks for the details, @thdotnet . You do not need to specify the timeout parameter. The problem is - Your VM was not ready with winrm. If you RDP and check your VM, you will know that chef-client would not be installed on your VM.

Taking a look, let me check what can be the issue.

muktaa commented 9 years ago

which OS is your workstation? is it 2008 r2?

thdotnet commented 9 years ago

the vm is 2012 r2

prabhu-das commented 9 years ago

@thdotnet

The issue is with azure windows image where winrm is not properly configured! We are looking into this! For now you can setup winrm on your node and try bootstrap 0>Open CMD and try 1>winrm quickconfig -q 2>winrm set winrm/config/service @{AllowUnencrypted="true"} 3>winrm set winrm/config/service/auth @{Basic="true"}

prabhu-das commented 9 years ago

@thdotnet

Have you tried above winrm configuration? We think the issue is related to winrm configuration. Can you try proper image where AllowUnencrypted="true" is set .

Thank you!

adamedx commented 9 years ago

@thdotnet, your best bet here is to use knife-azure 1.4.0 (released in February) with the --bootstrap-protocol option -- this doesn't use WinRM (or any network transport) at all and works well with stock images in Azure: https://github.com/chef/knife-azure/blob/1.4.0/DOC_CHANGES.md#cloud-api-value-for-bootstrap_protocol_option-in-server-create.

Otherwise, I think the analysis from Prabhu was correct. You can use the ssl transport if you're bootstrapping from a non-Windows system to avoid the need for a specially configured image (you can just use the stock images). If you are running knife-azure on a Windows system, you can specify the username as '.\user' (or actually specify a domain instead of '.') and knife-windows will use negotiate auth even when you don't use ssl (the default case with knife-azure). Worst case, you can do the custom image configuration as mentioned above, but that's not suitable for anything but testing.

See this table on auth capabilities with WinRM -- this is from the master branch of knife-windows which is not yet released and has different behavior than the current version, but gives an overview of what auth protocols to use over different transports and knife workstation combinations: https://github.com/chef/knife-windows#platform-winrm-authentication-support.

thdotnet commented 9 years ago

I'll try that. Thanks @adamedx and of you guys.