原文在此
https://docs.chef.io/nodes.html
节点分好几种
又加了一台机器
[[email protected] ~]# cat /etc/hosts先确保hosts里面都有解析
[[email protected] chef]# scp chefdk-2.4.17-1.el7.x86_64.rpm [email protected]:/root/chef
先安装DK
rpm –ivh chefdk-2.4.17-1.el7.x86_64.rpm?
安装之后验证下
echo ‘eval "$(chef shell-init bash)"‘ >> ~/.bash_profile
. ~/.bash_profile
which ruby
修正时区
cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ntpdate time.windows.com
添加节点搞了很久
knife bootstrap 192.168.209.134 --ssh-user root--ssh-password --node-name chefnode
knife bootstrap [email protected] -n chefnode
knife bootstrap [email protected] --node-name chefnode
scp -pr [email protected]:/usr/chef/pcdog.pem ~/chef-repo/.chef/
knife bootstrap 192.168.209.134 --ssh-user root --ssh-password redhat --node-name node1
knife bootstrap 192.168.209.134 --ssh-user root --node-name chefnode
knife bootstrap <server_address> -x <server_username> -N <name_for_the_client> -i <ssh_certificate> --sudo
knife bootstrap 192.168.209.134 -x root -N chefnode --sudo
还是有错
看下错误日志
cat /var/chef/cache/chef-stacktrace.out
看不出个所以然
一直都是knife配置问题,只能尝试重新初始化knife
knife configure initial
Unexpected Error:
-----------------
OpenSSL::SSL::SSLError: SSL Error connecting to https://chefserver/organizations/it/nodes/chefnode - SSL_connect returned=1 errno=0 state=error: certificate verify failed
node一直无法注册上server,想想可能安全问题比较大,把chefnode的selinux关闭下尝试下
vi /etc/selinux/config
然后重启
还是老错误
Response: Invalid signature for user or client ‘pcdog‘
去了google的group,发现一个有用的命令,居然可以debug输出
chef-client -l debug
最后还是SSL证书错误
尝试重新生成validation key并且上传
校验证书应该没问题,应该是pem文件问题,
[[email protected] /]# knife node list
ERROR: Failed to authenticate to https://chefserver/organizations/it as chefnode with key /root/.chef/pcdog.pem
Response: Failed to authenticate as ‘chefnode‘. Ensure that your node_name and client key are correct.
可能我用错了企业证书
容我再次回到学习中心进行回炉
再次更新小刀
[[email protected] .chef]# vi knife.rb
node_name ‘chefnode‘
client_key ‘/root/.chef/it-validator.pem‘
validation_client_name ‘it-validator‘
validation_key ‘/etc/chef-server/it-validator.pem‘
chef_server_url ‘https://chefserver/organizations/it‘
syntax_check_cache_path ‘/root/.chef/syntax_check_cache‘
cookbook_path [ ‘/root/chef-repo/cookbooks‘ ]
唯一的可能就是节点名字和key不一致,我没有key,我不是商业用户,拿不到正式license
[[email protected] /]# knife node list
ERROR: Failed to authenticate to https://chefserver/organizations/it as chefnode with key /root/.chef/it-validator.pem
Response: Failed to authenticate as ‘chefnode‘. Ensure that your node_name and client key are correct.
[[email protected] /]#
原文地址:http://blog.51cto.com/433266/2084542