Chef管理在Amazon Linux上运行但无法访问。安全组端口已打开

时间:2017-04-26 23:08:00

标签: linux amazon-web-services chef

我正在尝试使用我的厨师服务器安装修复一些错误。我按照厨师网站上的文档和厨师服务器安装了,但是我无法访问服务器的UI(用户界面)。我在安全组设置中打开了所有端口到我的AWS实例,但这仍然不允许我访问UI。我已经附加了用于安装的shell脚本,以及我用来尝试和诊断问题的命令的控制台输出。我不确定我接下来应该采取什么步骤,并希望得到一些帮助。谢谢。

#!/bin/bash
echo "Do your provisioning here"
sudo wget https://packages.chef.io/files/stable/chef-server/12.14.0/el/7/chef-server-core-12.14.0-1.el7.x86_64.rpm
sudo rpm -Uvh ./chef-server-core-12.14.0-1.el7.x86_64.rpm
sudo chef-server-ctl reconfigure
sudo chef-server-ctl user-create joeygrimm Joey Grimm jgrimm@example.com 'password' --filename ~/chef.admin.pem
sudo chef-server-ctl org-create example 'example' --association_user joeygrimm --filename ~/chef.org.pem
sudo chef-server-ctl install chef-manage
sudo chef-server-ctl reconfigure
sudo chef-manage-ctl reconfigure --accept-license
sudo chef-server-ctl install opscode-push-jobs-server
sudo chef-server-ctl reconfigure
sudo opscode-push-jobs-server-ctl reconfigure
sudo chef-server-ctl install opscode-reporting
sudo chef-server-ctl reconfigure
sudo opscode-reporting-ctl reconfigure
sudo mkdir /etc/opscode && sudo touch /etc/opscode/chef-server.rb
openssl genrsa -des3 -out chef_server.key 2048
openssl rsa -in chef_server.key -out chef_server.key.insecure
mv chef_server.key chef_server.key.secure
mv chef_server.key.insecure chef_server.key
openssl req -new -key chef_server.key -out chef_server.csr
openssl x509 -req -days 365 -in chef_server.csr -signkey chef_server.key -out chef_server.crt
rm chef_server.key
mv chef_server.key.secure /var/opt/chef-server/nginx/ca/chef_server.key
mv chef_server.csr /var/opt/chef-server/nginx/ca/chef_server.csr
mv chef_server.crt /var/opt/chef-server/nginx/ca/chef_server.crt
export CHEF_HOST_NAME=`hostname -f`
echo "api_fqdn = \"${CHEF_HOST_NAME}\"" > /etc/opscode/chef-server.rb
echo "nginx['ssl_certificate'] = \"/var/opt/chef-server/nginx/ca/chef-server.crt\"" >> /etc/opscode/chef-server.rb
echo "nginx['ssl_certificate_key'] = \"/var/opt/chef-server/nginx/ca/chef-server.key\"" >> /etc/opscode/chef-server.rb
echo "nginx['server_name'] = \"${CHEF_HOST_NAME}\"" >> /etc/opscode/chef-server.rb
sudo chef-server-ctl reconfigure

控制台输出1:ps aux | grep厨师 完成此命令是为了确定厨师和厨师管理正在运行。

    [ec2-user@ip-172-31-17-252 opscode]$ ps aux | grep chef
root      8812  0.0  0.0   4192  1128 ?        Ss   21:31   0:00 runsv opscode-erchef
root      9215  0.0  0.0   4192   720 ?        Ss   21:31   0:00 runsv opscode-chef-mover
opscode  10418  0.0  0.0   4336  1160 ?        S    21:36   0:00 svlogd -tt /var/log/opscode/opscode-erchef
opscode  10653  0.0  0.0   4336   644 ?        S    21:36   0:00 svlogd -tt /var/log/opscode/opscode-chef-mover
root     17285  0.0  0.0   4340  1088 ?        Ss   21:38   0:00 runsvdir -P /opt/chef-manage/service log: ...........................................................................................................................................................................................................................................................................................................................................................................................................
root     17796  0.0  0.0   4332   684 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/redis
opscode  17798  0.3  4.0 1331300 162524 ?      Ssl  21:38   0:05 sidekiq 2.5.2 chef-manage [0 of 25 busy]                                
opscode  17810  0.2  3.4 556484 140016 ?       Ssl  21:38   0:04 unicorn master -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
root     17815  0.0  0.0   4332  1204 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/web
root     17824  0.0  0.0   4332  1200 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/worker
opscode  17888  0.0  3.3 556484 134684 ?       Sl   21:38   0:00 unicorn worker[0] -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
opscode  17891  0.0  3.3 556484 134796 ?       Sl   21:38   0:00 unicorn worker[1] -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
opscode  21449  0.4  1.7 326820 71056 ?        Ssl  21:39   0:07 /opt/opscode/embedded/service/opscode-erchef/erts-7.3/bin/beam.smp -Bd -K true -A 5 -- -root /opt/opscode/embedded/service/opscode-erchef -progname opt/opscode/embedded/service/opscode-erchef/bin/oc_erchef -- -home /var/opt/opscode/opscode-erchef -- -noshell -noshell -noinput -boot /opt/opscode/embedded/service/opscode-erchef/releases/12.14.0+20170330124015/oc_erchef -mode embedded -boot_var ERTS_LIB_DIR /opt/opscode/embedded/service/opscode-erchef/lib -config /opt/opscode/embedded/service/opscode-erchef/sys.config -name erchef@127.0.0.1 -setcookie erchef -smp enable -pa lib/patches -pa -- foreground
497      21940  0.0  0.2 1097176 9460 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(43608) idle               
497      21941  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(36951) idle               
497      21942  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46012) idle               
497      21943  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(36683) idle               
497      21957  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(60976) idle               
497      21965  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(35814) idle               
497      21967  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(38066) idle               
497      21968  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(56560) idle               
497      21974  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46388) idle               
497      21978  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(54068) idle               
497      21979  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(33891) idle               
497      21980  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(57451) idle               
497      21981  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(51465) idle               
497      21982  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46897) idle               
497      21983  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(33646) idle               
497      21984  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(51748) idle               
497      21985  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(52418) idle               
497      21986  0.0  0.2 1097176 9096 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(39103) idle               
497      21987  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(47556) idle               
497      21988  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(52778) idle               
opscode  21989  0.0  0.5 116684 24144 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  21996  0.0  0.5 116704 24236 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  21998  0.0  0.5 116692 24104 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  22000  0.0  0.5 116696 24248 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  22011  0.0  0.5 116680 24196 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
ec2-user 31318  0.0  0.0 110460  2200 pts/0    S+   22:06   0:00 grep --color=auto chef

控制台输出2:netstat -anp | grep“LISTEN”和“LISTENING” grep用于查看端口正在侦听的内容以及端口80是否已打开。

[ec2-user@ip-172-31-17-252 opscode]$ sudo netstat -anp | grep "LISTENING"
unix  2      [ ACC ]     STREAM     LISTENING     21536  9759/postgres       /tmp/.s.PGSQL.5432
unix  2      [ ACC ]     STREAM     LISTENING     8009   1/init              @/com/ubuntu/upstart
unix  2      [ ACC ]     SEQPACKET  LISTENING     8060   1555/udevd          @/org/kernel/udev/udevd
unix  2      [ ACC ]     STREAM     LISTENING     9194   2285/rpcbind        /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     9758   2337/dbus-daemon    /var/run/dbus/system_bus_socket
[ec2-user@ip-172-31-17-252 opscode]$ sudo netstat -anp | grep "LISTEN"
tcp        0      0 127.0.0.1:9463              0.0.0.0:*                   LISTEN      21330/beam.smp
tcp        0      0 127.0.0.1:34520             0.0.0.0:*                   LISTEN      21330/beam.smp
tcp        0      0 127.0.0.1:15672             0.0.0.0:*                   LISTEN      9639/beam.smp
tcp        0      0 127.0.0.1:5432              0.0.0.0:*                   LISTEN      9759/postgres
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2563/sendmail
tcp        0      0 127.0.0.1:11002             0.0.0.0:*                   LISTEN      17764/redis-server
tcp        0      0 127.0.0.1:16379             0.0.0.0:*                   LISTEN      27989/redis-server
tcp        0      0 127.0.0.1:37788             0.0.0.0:*                   LISTEN      21449/beam.smp
tcp        0      0 127.0.0.1:46014             0.0.0.0:*                   LISTEN      21405/beam.smp
tcp        0      0 127.0.0.1:8000              0.0.0.0:*                   LISTEN      21449/beam.smp
tcp        0      0 127.0.0.1:4321              0.0.0.0:*                   LISTEN      21405/beam.smp
tcp        0      0 127.0.0.1:9090              0.0.0.0:*                   LISTEN      21392/rails master
tcp        0      0 127.0.0.1:5672              0.0.0.0:*                   LISTEN      9639/beam.smp
tcp        0      0 127.0.0.1:25672             0.0.0.0:*                   LISTEN      9639/beam.smp
tcp        0      0 0.0.0.0:46637               0.0.0.0:*                   LISTEN      2306/rpc.statd
tcp        0      0 127.0.0.1:38862             0.0.0.0:*                   LISTEN      22173/beam.smp
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      2285/rpcbind
tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      22173/beam.smp
tcp        0      0 127.0.0.1:4369              0.0.0.0:*                   LISTEN      2996/epmd
tcp        0      0 0.0.0.0:10002               0.0.0.0:*                   LISTEN      22173/beam.smp
tcp        0      0 0.0.0.0:10003               0.0.0.0:*                   LISTEN      22173/beam.smp
tcp        0      0 127.0.0.1:9462              0.0.0.0:*                   LISTEN      17810/unicorn maste
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      2533/sshd
tcp        0      0 ::ffff:127.0.0.1:8983       :::*                        LISTEN      10029/java
tcp        0      0 :::58455                    :::*                        LISTEN      2306/rpc.statd
tcp        0      0 :::111                      :::*                        LISTEN      2285/rpcbind
tcp        0      0 ::1:4369                    :::*                        LISTEN      2996/epmd
tcp        0      0 :::22                       :::*                        LISTEN      2533/sshd
unix  2      [ ACC ]     STREAM     LISTENING     21536  9759/postgres       /tmp/.s.PGSQL.5432
unix  2      [ ACC ]     STREAM     LISTENING     8009   1/init              @/com/ubuntu/upstart
unix  2      [ ACC ]     SEQPACKET  LISTENING     8060   1555/udevd          @/org/kernel/udev/udevd
unix  2      [ ACC ]     STREAM     LISTENING     9194   2285/rpcbind        /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     9758   2337/dbus-daemon    /var/run/dbus/system_bus_socket

控制台输出3 

[ec2-user@ip-172-31-17-252 opscode]$ ps aux | grep chef
root      8812  0.0  0.0   4192  1128 ?        Ss   21:31   0:00 runsv opscode-erchef
root      9215  0.0  0.0   4192   720 ?        Ss   21:31   0:00 runsv opscode-chef-mover
opscode  10418  0.0  0.0   4336  1160 ?        S    21:36   0:00 svlogd -tt /var/log/opscode/opscode-erchef
opscode  10653  0.0  0.0   4336   644 ?        S    21:36   0:00 svlogd -tt /var/log/opscode/opscode-chef-mover
root     17285  0.0  0.0   4340  1088 ?        Ss   21:38   0:00 runsvdir -P /opt/chef-manage/service log: ...........................................................................................................................................................................................................................................................................................................................................................................................................
root     17796  0.0  0.0   4332   684 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/redis
opscode  17798  0.2  4.0 1332068 164108 ?      Ssl  21:38   0:05 sidekiq 2.5.2 chef-manage [0 of 25 busy]                                
opscode  17810  0.2  3.4 556484 140016 ?       Ssl  21:38   0:04 unicorn master -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
root     17815  0.0  0.0   4332  1204 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/web
root     17824  0.0  0.0   4332  1200 ?        S    21:38   0:00 /opt/chef-manage/embedded/bin/svlogd -tt /var/log/chef-manage/worker
opscode  17888  0.0  3.3 556484 134684 ?       Sl   21:38   0:00 unicorn worker[0] -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
opscode  17891  0.0  3.3 556484 134796 ?       Sl   21:38   0:00 unicorn worker[1] -E production -c /var/opt/chef-manage/etc/unicorn.rb /opt/chef-manage/embedded/service/chef-manage/config.ru
opscode  21449  0.4  1.7 329388 71068 ?        Ssl  21:39   0:07 /opt/opscode/embedded/service/opscode-erchef/erts-7.3/bin/beam.smp -Bd -K true -A 5 -- -root /opt/opscode/embedded/service/opscode-erchef -progname opt/opscode/embedded/service/opscode-erchef/bin/oc_erchef -- -home /var/opt/opscode/opscode-erchef -- -noshell -noshell -noinput -boot /opt/opscode/embedded/service/opscode-erchef/releases/12.14.0+20170330124015/oc_erchef -mode embedded -boot_var ERTS_LIB_DIR /opt/opscode/embedded/service/opscode-erchef/lib -config /opt/opscode/embedded/service/opscode-erchef/sys.config -name erchef@127.0.0.1 -setcookie erchef -smp enable -pa lib/patches -pa -- foreground
497      21940  0.0  0.2 1097176 9460 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(43608) idle               
497      21941  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(36951) idle               
497      21942  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46012) idle               
497      21943  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(36683) idle               
497      21957  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(60976) idle               
497      21965  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(35814) idle               
497      21967  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(38066) idle               
497      21968  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(56560) idle               
497      21974  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46388) idle               
497      21978  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(54068) idle               
497      21979  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(33891) idle               
497      21980  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(57451) idle               
497      21981  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(51465) idle               
497      21982  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(46897) idle               
497      21983  0.0  0.2 1097176 9084 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(33646) idle               
497      21984  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(51748) idle               
497      21985  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(52418) idle               
497      21986  0.0  0.2 1097176 9096 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(39103) idle               
497      21987  0.0  0.2 1097176 9092 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(47556) idle               
497      21988  0.0  0.2 1097176 9088 ?        Ss   21:39   0:00 postgres: opscode_chef opscode_chef 127.0.0.1(52778) idle               
opscode  21989  0.0  0.5 116684 24144 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  21996  0.0  0.5 116704 24236 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  21998  0.0  0.5 116692 24104 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  22000  0.0  0.5 116696 24248 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
opscode  22011  0.0  0.5 116680 24196 ?        Ssl  21:39   0:00 ruby /opt/opscode/embedded/service/opscode-erchef/lib/chef_objects-12.14.0+20170330124015/priv/depselector_rb/depselector.rb
ec2-user 31523  0.0  0.0 110460  2136 pts/0    S+   22:07   0:00 grep --color=auto chef

控制台输出4:sudo cat /etc/opscode/chef-server.rb 这是为了显示chef-server.rb文件的内容

[ec2-user@ip-172-31-17-252 opscode]$ sudo cat /etc/opscode/chef-server.rb
api_fqdn = "ip-172-31-17-252.us-west-2.compute.internal"
nginx['ssl_certificate'] = "/var/opt/chef-server/nginx/ca/chef-server.crt"
nginx['ssl_certificate_key'] = "/var/opt/chef-server/nginx/ca/chef-server.key"
nginx['server_name'] = "ip-172-31-17-252.us-west-2.compute.internal"

控制台输出5:这是我的chef-server-running.json信息我的

https://gist.github.com/joeygrimm/b9515eecc1e470fcb75d13fe6facfa3c

1 个答案:

答案 0 :(得分:1)

所以你得到了大部分权利 - 但你是否把它置于弹性IP或其他类型的公共IP之后? 您打算如何通过公共互联网访问它?

在一天结束时你需要知道那是什么...... 

server_name = "MY_PUBLIC_IP_HERE"
api_fqdn server_name
nginx['url'] = "https://#{server_name}"
nginx['server_name'] = server_name
lb['fqdn'] = server_name
bookshelf['vip'] = server_name

您可能需要在/ etc / chef-server /中查看这些值,因为您需要将其配置为不在ec2中的主机,而是它将响应的IP(公共弹性IP地址)

希望有所帮助

相关问题
最新问题