AWS上的Terraform + Chef:405 Not Allowed错误

时间:2018-03-07 05:40:51

标签: amazon-web-services amazon-ec2 chef terraform

我们使用AWS管理的Chef服务器在AWS上使用Terraform Chef配置器。 Terraform能够:

  1. 创建实例
  2. 通过SSH连接到实例并安装chef-client
  3. Chef-client达到生成私钥的程度,然后出现此错误:

    aws_instance.machine (chef): ERROR: Not Allowed
    aws_instance.machine (chef): Response: <html>
    aws_instance.machine (chef): <head><title>405 Not Allowed</title></head>
    aws_instance.machine (chef): <body bgcolor="white">
    aws_instance.machine (chef): <center><h1>405 Not Allowed</h1></center>
    aws_instance.machine (chef): <hr><center>nginx</center>
    aws_instance.machine (chef): </body>
    aws_instance.machine (chef): </html>
    

    以下是配置:

    provider "aws" { }
    
    resource "aws_instance" "test" {
      ami = "ami-xxxxxxxx"
      instance_type = "t2.micro"
      vpc_security_group_ids = ["sg-xxxxxxx"]
      subnet_id = "subnet-xxxxxx"
      key_name = "Test"
      tags {
        Name = "test"
      }
    
      provisioner "chef" {
        server_url      = "https://<chef server url>"
        user_name       = "user"
        user_key        = "${file("~/.chef/user.pem")}"
        node_name       = "test"
        run_list        = ["role[app]"]
        on_failure      = "continue"
        recreate_client = true
        version         = "12.16.42"
        fetch_chef_certificates = false
        ssl_verify_mode = ":verify_none"
        environment = "test"
        client_options = [
          "verbose_logging = true"
        ]
      }
    
      connection {
        type         = "ssh"
        user         = "ssh-user"
        private_key  = "${file("../keys/ssh-user.pem")}"
        bastion_host = "1.1.1.1"
      }
    }
    

    导致此错误的原因是什么?如何修复?

    提前致谢!

    修改 我启用了Terraform日志记录TF_LOG=1,发现主厨客户端正在尝试引用不在节点上的PEM文件:

    sudo knife client show test -c /etc/chef/client.rb -u user --key /etc/chef/user.pem > /dev/null 2>&1
    

    sudo knife client create test -d -f /etc/chef/client.pem -c /etc/chef/client.rb -u user --key /etc/chef/user.pem
    

1 个答案:

答案 0 :(得分:0)

我使用server_url参数犯了一个错误。正确的网址应采用以下格式:http://chef_server/ organizations / default