如何设置厨师工作站,而不是厨师客户本身

时间:2014-12-16 17:49:40

标签: chef bootstrapping

在厨师术语方面,我似乎很烦人。大多数教程假设用户已经熟悉术语。其中一个我得到了厨师 - 客户和chefdk。我想做的就是能够设置工作站并引导节点一。

这是我的设置:

  • 工作站:ubuntu 14.04笔记本电脑(无意成为客户)a
  • 托管的主厨帐户:我在
  • 上订阅了5个节点帐户3个虚拟机
  • 托管,我想控制并使用它来看厨师的行动

在这里和那里阅读我想我需要以下内容:

  • client.rb:到目前为止还不知道如何获取它以及它做什么
  • knife.rb:从启动kip复制到/ etc / chef /(它只在那里查找)
  • username.pem:我想在工作站和主厨托管之间进行身份验证:服务器左右
  • organization-validation.pem:我想是节点和服务器之间的身份验证。

所以我将knife.rb,username.pem和validation.pem(重命名为organization-validation.pem)放在/etc/chef下。我还在~/.bash_profile添加了以下内容:

PATH=$PATH:$HOME/.local/bin:$HOME/bin
PATH=$PATH:/opt/chefdk/bin
export PATH

所以在运行我的bootstrap命令时:

knife bootstrap server1.domain.com -x user -P pass -N server1 

##knife bootstrap output

WARNING: No knife configuration file found
Connecting to server1.domain.com
server1.domain.com Starting first Chef Client run...
server1.domain.com [2014-12-16T16:55:02+00:00] WARN: 
server1.domain.com SSL validation of HTTPS requests is disabled. HTTPS connections are still
server1.domain.com encrypted, but chef is not able to detect forged replies or man in the middle
server1.domain.com attacks.
server1.domain.com To fix this issue add an entry like this to your configuration file:
server1.domain.com   # Verify all HTTPS connections (recommended)
server1.domain.com   ssl_verify_mode :verify_peer
server1.domain.com   # OR, Verify only connections to chef-server
server1.domain.com   verify_api_cert true
server1.domain.com To check your SSL configuration, or troubleshoot errors, you can use the
server1.domain.com `knife ssl check` command like so:
server1.domain.com   knife ssl check -c /etc/chef/client.rb
server1.domain.com Starting Chef Client, version 11.16.4
server1.domain.com Creating a new client identity for logsmanager using the validator key.
server1.domain.com [2014-12-16T16:55:04+00:00] ERROR: Connection refused connecting to  https://localhost/clients, retry 1/5
server1.domain.com [2014-12-16T16:55:09+00:00] ERROR: Connection refused connecting to https://localhost/clients, retry 2/5
server1.domain.com [2014-12-16T16:55:14+00:00] ERROR: Connection refused connecting to https://localhost/clients, retry 3/5
server1.domain.com [2014-12-16T16:55:19+00:00] ERROR: Connection refused connecting to https://localhost/clients, retry 4/5
server1.domain.com [2014-12-16T16:55:24+00:00] ERROR: Connection refused connecting to https://localhost/clients, retry 5/5
server1.domain.com Network Error:
server1.domain.com There was a network error connecting to the Chef Server:
server1.domain.com Connection refused - Connection refused connecting to   https://localhost/clients, giving up
server1.domain.com Relevant Config Settings:
server1.domain.com chef_server_url  "https://localhost:443"
server1.domain.com If your chef_server_url is correct, your network could be down.
server1.domain.com [2014-12-16T16:55:29+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
server1.domain.com Chef Client failed. 0 resources updated in 27.268943154 seconds
server1.domain.com [2014-12-16T16:55:29+00:00] ERROR: Connection refused - Connection  refused connecting to https://localhost/clients, giving up
server1.domain.com [2014-12-16T16:55:29+00:00] FATAL:    Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

很明显我迷失了,任何人都可以把我放在正确的道路上。请 。谢谢

编辑1

下面的

是knife.rb文件

# See https://docs.chef.io/config_rb_knife.html for more information on knife     configuration options

current_dir = File.dirname(__FILE__)
log_level                :info
log_location             STDOUT
node_name                "username"
client_key               "#{current_dir}/username.pem"
validation_client_name   "organization-validator"
validation_key           "#{current_dir}/organizationname-validator.pem"
chef_server_url          "https://api.opscode.com/organizations/organizationname"
cache_type               'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
cookbook_path            ["#{current_dir}/../cookbooks"]

2 个答案:

答案 0 :(得分:1)

WARNING: No knife configuration file found

找不到你的knife.rb文件。因此,它使用默认配置在localhost上查找chef服务器:

server1.domain.com chef_server_url  "https://localhost:443"

一般来说,knife.rb在~/.chef/knife.rb中,但它也应该在/etc/chef/knife.rb中查找。也许你有权限问题?无论如何,我将其移至标准~/.chef/knife.rb

答案 1 :(得分:-1)

将Chef服务器的条目添加到节点的/etc/hosts文件中。