401 error on node \ client precreation
sherenator opened this issue · comments
I am receiving a 401 error when trying to precreate chef objects as part of a chef-provisioning run.
I have followed instructions for using knife-acl to define a provisioners group as described in the chef-provisioning readme, however the issue persists.
I am able to create nodes successfully with knife using the same node_name and client_key.
A minimal example leveraging only the relevant portions of cheffish runs without any issue:
https://gist.github.com/gregsher88/0a794ee6f4f5ea678c765f67e69689af
A gist of the code being used to provision is here: (https://gist.github.com/gregsher88/3a3bcb819db812eb48aabb415d109adb)
Recipe: (chef-apply cookbook)::(chef-apply recipe)
* machine[2elastic-dev] action converge
================================================================================
Error executing action `converge` on resource 'machine[2elastic-dev]'
================================================================================
Net::HTTPServerException
------------------------
401 "Unauthorized"
Resource Declaration:
---------------------
# In c:\code\chef-provisioning-hyperv\examples\elastic-cluster-dev.rb
6: machine "2elastic-dev" do
7:
8: chef_server :chef_server_url => "https://command-chef-live.cloudapp.net/organizations/command",
9: :client_name => "#{Chef::Config[:node_name]}".downcase,
10: :signing_key_filename => Chef::Config[:client_key]
11:
12: machine_options hyperv_options: {
13: path: '\\\\storage01-hv01\\TLIQA\\VM_STORAGE\\VMQAHV2K\\',
14: vhd_path: "\\\\storage01-hv01\\TLIQA\\VM_STORAGE\\VMQAHV2K\\2elastic-dev.vhdx",
15: switch_name: 'DEV',
16: generation: '2',
17: cpus: '2',
18: vlan: '2510',
19: vm_guest: 'linux',
22: network: {
23: ip: "172.25.11.121",
24: subnet: '255.255.254.0',
25: gateway: '172.25.10.1',
26: dns: %w(172.25.10.254 172.25.10.7)
27: }
28: },
29: convergence_options: {
30: chef_config: 'ssl_verify_mode :verify_none' # String containing additional text to inject
into client.rb
31: }
32: end
Compiled Resource:
------------------
# Declared in c:\code\chef-provisioning-hyperv\examples\elastic-cluster-dev.rb:6:in `run_chef_recipe'
machine("2elastic-dev") do
action [:converge]
default_guard_interpreter :default
chef_server {:chef_server_url=>"https://command-chef-live.cloudapp.net/organizations/command", :client_name=>"vmqahv2n.hq.commandgl.net", :signing_key_filename=>"C:\\chef\\client.pem", :options=>{:api_version=>"0"}}
chef_environment nil
driver "hyperv:vmqahv2k.hq.commandgl.net"
machine_options {
:hyperv_options=>{:path=>"\\\\storage01-hv01\\TLIQA\\VM_STORAGE\\VMQAHV2K\\", :vhd_path=>"\\\\storage01-hv01\\TLIQA\\VM_STORAGE\\VMQAHV2K\\2elastic-dev.vhdx", :switch_name=>"DEV", :generation=>"2", :cpus=>"2", :vlan=>"2510", :vm_guest=>"linux",, :network=>{:ip=>"172.25.11.121", :subnet=>"255.255.254.0", :gateway=>"172.25.10.1", :dns=>["172.25.10.254", "172.25.10.7"]}},
:convergence_options=>{:chef_config=>"ssl_verify_mode :verify_none"}
}
declared_type :machine
cookbook_name "(chef-apply cookbook)"
recipe_name "(chef-apply recipe)"
node_properties_name "2elastic-dev"
end
System Info:
------------
chef_version=13.2.20
platform=windows
platform_version=6.3.9600
ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [i386-mingw32]
program_name=C:/opscode/chefdk/bin/chef-apply
executable=C:/opscode/chefdk/bin/chef-apply
[2017-07-24T13:39:59-05:00] FATAL: Stacktrace dumped to C:/chef/cache/chef-stacktrace.out
[2017-07-24T13:39:59-05:00] FATAL: Stacktrace dumped to C:/chef/cache/chef-stacktrace.out
[2017-07-24T13:39:59-05:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2017-07-24T13:39:59-05:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2017-07-24T13:39:59-05:00] FATAL: Net::HTTPServerException: machine[2elastic-dev] ((chef-apply cookbook)::(chef-apply recipe) line 6) had an error: Net::HTTPServerException: 401 "Unauthorized"
[2017-07-24T13:39:59-05:00] FATAL: Net::HTTPServerException: machine[2elastic-dev] ((chef-apply cookbook)::(chef-apply recipe) line 6) had an error: Net::HTTPServerException: 401 "Unauthorized"
client.rb
log_level :info
log_location STDOUT
chef_server_url "https://command-chef-live.cloudapp.net/organizations/command"
validation_client_name "command-validator"
file_cache_path "c:/chef/cache"
file_backup_path "c:/chef/backup"
cache_options ({:path => "c:/chef/cache/checksums", :skip_expires => true})
node_name "vmqahv2n.hq.commandgl.net"
trusted_certs_dir "c:/chef/trusted_certs"
corresponding nginx log entry for 401 error
/var/log/opscode/nginx/access.log:158.218.180.110 - - [24/Jul/2017:16:09:58 +0000] "GET /organizations/command/nodes/2elastic-dev-0 HTTP/1.1" 401 "0.014" 5 "-" "Chef Knife/13.2.20 (ruby-2.4.1-p111; ohai-13.2.0; i386-mingw32; +https://chef.io)" "127.0.0.1:9462" "401" "0.014" "13.2.20" "-" "-" "-" "-" 403
C:/chef/cache/chef-stacktrace.out
Generated at 2017-07-24 13:39:59 -0500
Net::HTTPServerException: machine[2elastic-dev] ((chef-apply cookbook)::(chef-apply recipe) line 6) had an error: Net::HTTPServerException: 401 "Unauthorized"
C:/opscode/chefdk/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in `error!'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/http.rb:152:in `request'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/http.rb:115:in `get'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/cheffish-13.0.0/lib/chef/resource/chef_node.rb:42:in `load_current_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-provisioning-2.4.0/lib/chef/provider/machine.rb:185:in `load_current_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/provider.rb:154:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource.rb:591:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:70:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `block (2 levels) in converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `each'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `block in converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/resource_list.rb:94:in `block in execute_each_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:114:in `call_iterator_block'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:103:in `iterate'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/resource_list.rb:92:in `execute_each_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:97:in `converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:195:in `run_chef_recipe'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:204:in `run_application'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:216:in `run'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/bin/chef-apply:25:in `<top (required)>'
C:/opscode/chefdk/bin/chef-apply:275:in `load'
C:/opscode/chefdk/bin/chef-apply:275:in `<main>'
>>>> Caused by Net::HTTPServerException: 401 "Unauthorized"
C:/opscode/chefdk/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in `error!'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/http.rb:152:in `request'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/http.rb:115:in `get'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/cheffish-13.0.0/lib/chef/resource/chef_node.rb:42:in `load_current_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-provisioning-2.4.0/lib/chef/provider/machine.rb:185:in `load_current_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/provider.rb:154:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource.rb:591:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:70:in `run_action'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `block (2 levels) in converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `each'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:98:in `block in converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/resource_list.rb:94:in `block in execute_each_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:114:in `call_iterator_block'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:103:in `iterate'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/resource_collection/resource_list.rb:92:in `execute_each_resource'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/runner.rb:97:in `converge'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:195:in `run_chef_recipe'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:204:in `run_application'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/lib/chef/application/apply.rb:216:in `run'
C:/opscode/chefdk/embedded/lib/ruby/gems/2.4.0/gems/chef-13.2.20-universal-mingw32/bin/chef-apply:25:in `<top (required)>'
C:/opscode/chefdk/bin/chef-apply:275:in `load'
C:/opscode/chefdk/bin/chef-apply:275:in `<main>'
It looks like Cheffish.default_chef_server is supposed put config[:node_name] and config[:client_key] underneath the key "options", but for whatever reason, the "options" key gets dropped.
Relevant gist:
https://gist.github.com/gregsher88/f979b4d7c2c88c48023c6052d6e5b496