search

hashicorp / vagrant

Vagrant is a tool for building and distributing development environments.
https://www.vagrantup.com
Other
26.19k stars 4.43k forks source link

Chef client.pem path issue on Windows boxes #4358

Closed odlevakp closed 9 years ago

odlevakp commented 10 years ago

I came across an issue with chef provisioning of Windows boxes using Vagrant 1.6.3. I've created a box using veewee windows-2012R2-serverdatacenter-amd64 template. Normal vagrant up works, however when it comes to provisioning from chef server I get an error:

==> default: [2014-08-18T06:05:19+00:00] INFO: *** Chef 11.14.2 ***
==> default: 
==> default: [2014-08-18T06:05:19+00:00] INFO: Chef-client pid: 2848
==> default: [2014-08-18T06:05:55+00:00] INFO: Client key /etc/chef/client.pem is not present - registering
==> default: 
==> default: 
==> default: ================================================================================
==> default: Chef encountered an error attempting to create the client "vagrant-2012"
==> default: ================================================================================
==> default: 
==> default: [2014-08-18T06:05:55+00:00] FATAL: Stacktrace dumped to C:/var/chef/cache/chef-stacktrace.out
==> default: [2014-08-18T06:05:55+00:00] FATAL: Chef::Exceptions::CannotWritePrivateKey: I cannot write your private key to /etc/chef/client.pem - check permissions?

The content of chef-stacktrace.out:

Generated at 2014-08-18 06:05:55 +0000
Chef::Exceptions::CannotWritePrivateKey: I cannot write your private key to /etc/chef/client.pem - check permissions?
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/api_client/registration.rb:70:in `assert_destination_writable!'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/api_client/registration.rb:53:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/client.rb:323:in `register'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/client.rb:416:in `do_run'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/client.rb:227:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/application.rb:237:in `run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/application/client.rb:338:in `block in run_application'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/application/client.rb:327:in `loop'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/application/client.rb:327:in `run_application'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/lib/chef/application.rb:55:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/chef-11.14.2-x86-mingw32/bin/chef-client:26:in `<top (required)>'
C:/opscode/chef/bin/chef-client:23:in `load'
C:/opscode/chef/bin/chef-client:23:in `<main>'

For some reason it tries to write the private key to /etc/chef/client.pem? Thought it could be a permission issue, or that FHS path is just a fallback, but the chef directory is writable and bootstrapping using knife works:

knife bootstrap windows winrm '127.0.0.1' --winrm-port 55985 --winrm-user vagrant --winrm-password 'vagrant' --environment  'development'
[...]
127.0.0.1 Writing validation key...
127.0.0.1 Validation key written.
[...]
127.0.0.1 [2014-08-18T06:16:55+00:00] INFO: *** Chef 11.14.2 ***
127.0.0.1 [2014-08-18T06:16:55+00:00] INFO: Chef-client pid: 2516
127.0.0.1 [2014-08-18T06:17:05+00:00] INFO: Client key c:/chef/client.pem is not present - registering
127.0.0.1 [2014-08-18T06:17:06+00:00] INFO: HTTP Request Returned 404 Object Not Found: error
127.0.0.1 [2014-08-18T06:17:07+00:00] INFO: Setting the run_list to [] from CLI options
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: Run List is []
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: Run List expands to []
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: Starting Chef Run for vagrant-2012
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: Running start handlers
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: Start handlers complete.
127.0.0.1 [2014-08-18T06:17:08+00:00] INFO: HTTP Request Returned 404 Object Not Found: 
127.0.0.1 [2014-08-18T06:17:09+00:00] INFO: Loading cookbooks []
127.0.0.1 [2014-08-18T06:17:09+00:00] WARN: Node vagrant-2012 has an empty run list.
127.0.0.1 [2014-08-18T06:17:16+00:00] INFO: Chef Run complete in 8.797117 seconds
127.0.0.1 [2014-08-18T06:17:16+00:00] INFO: Running report handlers
127.0.0.1 [2014-08-18T06:17:16+00:00] INFO: Report handlers complete

Out of desperation I've installed vagrant-windows plugin, which is deprecated and now chef client works correctly :-)

sneal commented 10 years ago

That's very odd that the vagrant-windows plugin would fix this, can you post your Vagrantfile in a gist?

Also, can you try setting the client.pem file path to an alternate Windows friendly location in your Vagrantfile: chef.client_key_path = 'c:/client.pem'

odlevakp commented 10 years ago

I removed vagrant-windows, tried again, it failed.

Then added chef.client_key_path = "c:/client.pem" to my Vagrantfile, now it worked. Noticed that when using vagrant-windows the key file is placed in C:\etc\chef, so maybe Vagrant does not create the directory structure if it does not exists.

sethvargo commented 9 years ago

@sneal is this still an issue? I feel like we fixed a lot of the Vagrant + Windows bugs. Unfortunately I do not have a Windows machine to reproduce.

sneal commented 9 years ago

@sethvargo No repro on master. I ensured the c:/etc directory didn't exist before provisioning.

==> default: [2014-12-16T08:04:46-08:00] INFO: *** Chef 11.12.4 ***
 INFO interface: info: 
[2014-12-16T08:04:46-08:00] INFO: Chef-client pid: 2008
 INFO interface: info: ==> default: 
==> default: [2014-12-16T08:04:46-08:00] INFO: Chef-client pid: 2008
==> default: 
==> default: [2014-12-16T08:04:46-08:00] INFO: Chef-client pid: 2008
 INFO interface: info: [2014-12-16T08:05:16-08:00] INFO: Client key /etc/chef/client.pem is not present - registering
 INFO interface: info: ==> default: [2014-12-16T08:05:16-08:00] INFO: Client key /etc/chef/client.pem is not present - registering
==> default: [2014-12-16T08:05:16-08:00] INFO: Client key /etc/chef/client.pem is not present - registering
 INFO interface: info: [2014-12-16T08:05:18-08:00] INFO: HTTP Request Returned 404 Object Not Found: error
 INFO interface: info: ==> default: [2014-12-16T08:05:18-08:00] INFO: HTTP Request Returned 404 Object Not Found: error
==> default: [2014-12-16T08:05:18-08:00] INFO: HTTP Request Returned 404 Object Not Found: error
 INFO interface: info: [2014-12-16T08:05:27-08:00] INFO: Setting the run_list to ["recipe[dotnetframework]"] from CLI options
sethvargo commented 9 years ago

:heart: