Following the getting started tutorial here:
https://learnchef.opscode.com/starter-use-cases/multi-node-ec2/
Chef fails trying to sync cookbooks when I try to use an ubuntu 13 AMI.
The knife command is as follows:
knife ec2 server create --availability-zone us-east-1d --node-name redis.learnchef.demo --flavor t1.micro --image ami-ad184ac4 --identity-file ~/.ssh/my.pem --run-list 'role[redis]' --ssh-user ubuntu --security-group salt-dev
Error Syncing Cookbooks:
Error connecting to https://s3-external-1.amazonaws.com/opscode-platform-production-data/organization-... - Connection timed out - connect(2)
Your chef_server_url may be misconfigured, or the network could be down.
Relevant Config Settings:
chef_server_url "https://api.opscode.com/organizations/xx-chef"
I'm new to Chef and having a hell of a time getting anywhere useful with it. Can someone point me in the right direction?
That error is coming back from AWS's S3, not Chef. I believe AWS might have had an outage during that time. Is this still an issue for you?
If this is still an issue, can you please post your full knife.rb and the entire stack trace you see when running the command?
Related
I am trying to learn Chef and started installing its components. I have three micro EC2 RHEL7.X instances running on AWS. In those, one EC2 configured as chef-server, second Ec2 as workstation perfectly. But, when i try to bootstrap third EC2 from work station, i always get the following ERROR.
I used the bellow commands to install the client from workstation.
knife bootstrap -.-.-.- -x root -P password --node-name client ==> i do not have any password set for the client EC2 instance
Also tried
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo -i ./some.pem --run-list webserver
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo --identity-file ./some.pem --run-list webserver
Got Error
ERROR: Net::SSH::AuthenticationFailed: Authentication failed for user ec2-user#-.-.-.-#-.-.-.-
But never get this working. I know there are some AWS existing utilities around Chef but i want to use only with normal EC2 instances.
Any help on how can i do this in this scenario.
I created the SSL key for workstation and then added that key in client's “/home/ec2-user/.ssh/authorized_keys" and then ran the below command from workstation which got worked
knife bootstrap -.-.-.- --ssh-user ec2-user --sudo --identity-file /home/ec2-user/keyworkstation --node-name client
I'm attempting get started with kubernetes and do a vagrant/virtualbox install as per http://kubernetes.io/docs/getting-started-guides/binary_release/#download-kubernetes-and-automatically-set-up-a-default-cluster
My commands are:
export KUBERNETES_PROVIDER=vagrant
curl -sS https://get.k8s.io | bash
I get the following errors at the terminal:
master: Vagrant insecure key detected. Vagrant will automatically replace
master: this with a newly generated keypair for better security.
master:
master: Inserting generated public key within guest...
master: Removing insecure key from the guest if it's present...
master: Key inserted! Disconnecting and reconnecting using new SSH key...
master: Warning: Authentication failure. Retrying...
<snip>
master: Warning: Authentication failure. Retrying...
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.
The script then exits without completing kubernetes "master" set up and without setting up any nodes.
I am able to vagrant ssh master, but need to manually enter the default "vagrant" password.
I am running OSX 10.11.6 (15G31). I am running recent versions of virtualbox (5.0.26 r108824) and vagrant (1.8.5).
These kubernetes "getting started" instructions appear to be downloading the latest kubernetes version (1.3.4).
Because I had older virtualbox and vagrant versions installed, I made sure to completely uninstall and reinstall both, as per:
https://www.virtualbox.org/manual/ch02.html#idm871
https://www.vagrantup.com/docs/installation/uninstallation.html
I assume there is something going wrong with ssh somewhere, though given that these are the published "getting started" instructions and I am using fresh installs of all components, I am surprised that this is not working right out of the box.
Take a look at https://github.com/kubernetes/minikube. It's an official Kubernetes project intended to simplify this exact use case. I've been using it for a few weeks and it works great.
The easiest way to run kubernetes on OSX, I think, is by using Kube-Solo or Kube-Cluster.
Please check this repo:
https://github.com/TheNewNormal/kube-cluster-osx
Note: for me is only working well with the CoreOS stable release.
I'm learning Chef (12.10.24) and am trying to build a cookbook with recipes for provisioning machines that I'll do Ruby development on.
I'm trying to use knife bootstrap to set up my laptop as a node but am getting a connection error that I'm not sure how to get around. Here is the output:
➜ chef-repo$ knife bootstrap localhost -yN my-macbook-pro -p 2200 -x david -P [password]
Creating new client for my-macbook-pro
Creating new node for my-macbook-pro
Connecting to localhost
ERROR: Network Error: Connection refused - connect(2) for 127.0.0.1:2200
Check your knife configuration and network settings
Connecting to chef-server is fine but I can't connecting to localhost. Any suggestions about what I might be doing wrong?
I neglected to mention that I am using OSX El Capitan. It turns out that the ssh daemon isn't on by default in OSX.
Turning it on in System Preferences > Sharing (check Remote Login) fixed the problem.
I'm having some kind of authentication issue when trying to launch server instances in EC2 with the knife command.
I'm using a command like:
knife ec2 server create --availability-zone us-east-1d --node-name ES-test --flavor t1.micro --image ami-fd20ad94 --identity-file something-dev.pem --ssh-user ubuntu -r 'recipe[something-elasticsearch::default]'
And there are 2 points of failure. The first comes relatively early on.
Waiting for instance...........................
Subnet ID: subnet-61dfa849
Private IP Address: 10.0.0.43
done
Bootstrapping Chef on 10.0.0.43
Failed to authenticate ubuntu - trying password auth
Enter your password:
I should be able to authenticate as Ubuntu with no password here. In fact, if I allow the provisioning to continue and try to ssh to the generated instance with something like:
ssh -i something-dev.pem ubuntu#10.0.0.43
...it will work. So why is the knife command itself failing to authenticate?
I had the same problem as above and tried the ssh-add as suggested by Rico above. Although I still got the prompt for a password, hitting enter on a blank password then allowed the process to continue.
Failing that, the -V verbose output option may give you more insight.
I found this to work well for me.
bundle exec knife ec2 server create -r "role[websphere]" -I ami-cb94868e --flavor m1.small -G default --ssh-user ubuntu -N server01 -S whatever --identity-file .chef/whatever.pem
Also consider that when you download the .pem from AWS, you need to chmod 400 whatever.pem
The issue is an inability to resolve the DB host but it's not persistent.
Environment:
AWS EC2 Ubuntu 16.04
connecting to:
MYSQL 5.7 RDS
This started just after an upgrade from Ubuntu 14.04 to 16.04.
It works probably 99/100 tries, but then fails and throws this exception: An exception occurred in driver: SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Name or service not known.
It appears amazon supplies a local DNS server for your EC2 instance. I believe it has a request limit which causes failure if you go over it. My fix was to add this file: "/etc/resolvconf/resolv.conf.d/tail;" with the contents "nameserver 1.1.1.1" basically setting 1.1.1.1 as my fallback DNS server. It's a bit slower since it's outside the network, but it's better than a complete failure.
Source: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-limits