我正在使用一个全新的厨师服务器(不是企业),并且运行chef-client大约每5次运行中就会抛出403禁止错误。有人知道为什么会这样吗?
chef-server 11.0.12来自getchef.com/chef/install chef-client 11.12.4来自rubygem ruby 2.1.2 Debian Wheezy 7.5 错误:
198.xx.xxx.xxx ================================================================================
198.xx.xxx.xxx Error executing action `create` on resource 'template[/var/www/mysite.com/shared/config/database.yml]'
198.xx.xxx.xxx ================================================================================
198.xx.xxx.xxx
198.xx.xxx.xxx Net::HTTPServerException
198.xx.xxx.xxx ------------------------
198.xx.xxx.xxx
198.xx.xxx.xxx 403 "Forbidden"
198.xx.xxx.xxx
198.xx.xxx.xxx
198.xx.xxx.xxx Resource Declaration:
198.xx.xxx.xxx
198.xx.xxx.xxx ---------------------
198.xx.xxx.xxx # In /var/chef/cache/cookbooks/rails/recipes/production.rb
198.xx.xxx.xxx
198.xx.xxx.xxx 40: template node[:rails][:app_root]+"/shared/config/database.yml" do
198.xx.xxx.xxx 41: owner "root"
198.xx.xxx.xxx 42: group "xx-dev"
198.xx.xxx.xxx 43: mode 0775
198.xx.xxx.xxx 44: end
198.xx.xxx.xxx 45:
198.xx.xxx.xxx
198.xx.xxx.xxx Compiled Resource:
198.xx.xxx.xxx
198.xx.xxx.xxx ------------------
198.xx.xxx.xxx
198.xx.xxx.xxx # Declared in /var/chef/cache/cookbooks/rails/recipes/production.rb:40:in `from_file'
198.xx.xxx.xxx
198.xx.xxx.xxx template("/var/www/mysite.com/shared/config/database.yml") do
198.xx.xxx.xxx provider Chef::Provider::Template
198.xx.xxx.xxx action "create"
198.xx.xxx.xxx retries 0
198.xx.xxx.xxx retry_delay 2
198.xx.xxx.xxx path "/var/www/mysite.com/shared/config/database.yml"
198.xx.xxx.xxx backup 5
198.xx.xxx.xxx source "database.yml.erb"
198.xx.xxx.xxx cookbook_name "rails"
198.xx.xxx.xxx recipe_name "production"
198.xx.xxx.xxx mode 509
198.xx.xxx.xxx owner "root"
198.xx.xxx.xxx group "xx-dev"
198.xx.xxx.xxx end
198.xx.xxx.xxx
198.xx.xxx.xxx [2014-05-29T20:16:34+00:00] ERROR: Running exception handlers
198.xx.xxx.xxx [2014-05-29T20:16:34+00:00] FATAL: Saving node information to /var/chef/cache/failed-run-data.json
198.xx.xxx.xxx [2014-05-29T20:16:34+00:00] ERROR: Exception handlers complete
198.xx.xxx.xxx [2014-05-29T20:16:34+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
198.xx.xxx.xxx [2014-05-29T20:16:34+00:00] FATAL: Net::HTTPServerException: template[/var/www/mysite.com/shared/config/database.yml] (rails::production line 40) had an error: Net::HTTPServerException: 403 "Forbidden"
答案 0 :(得分:5)
默认情况下,来自cookbook(template s,cookbook_file s)的对象会延迟加载。
如果它运行得很长,听起来就像是这样,那么运行时可能会超过服务器从原始身份验证中强制执行的最长时间窗口。
您可以通过添加
关闭客户端上的延迟加载 no_lazy_load true
到你的client.rb。见http://docs.opscode.com/config_rb_client.html
答案 1 :(得分:3)
除了朱利安的答案,当我们运行花费超过15分钟的食谱时,这对我有用。 15分钟是Chef服务器的默认TTL值:
根据您已安装的Chef版本编辑/var/opt/chef-server/erchef/etc或/opt/opscode/embedded/service/opscode-erchef/etc下的app.config文件。
将s3_url_ttl值设置为超过900秒。我们使用3600来解决问题,然后重新启动Chef服务器主机。