自动化运维工具安装部署 chef (四） - node的安装

Posted 2020-10-26

原文在此

https://docs.chef.io/nodes.html

节点分好几种

又加了一台机器

[[email protected] ~]# cat /etc/hosts先确保hosts里面都有解析

[[email protected] chef]# scp chefdk-2.4.17-1.el7.x86_64.rpm [email protected]:/root/chef

先安装DK

rpm –ivh chefdk-2.4.17-1.el7.x86_64.rpm?

安装之后验证下

echo ‘eval "$(chef shell-init bash)"‘ >> ~/.bash_profile

. ~/.bash_profile

which ruby

修正时区

cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

ntpdate time.windows.com

添加节点搞了很久

knife bootstrap 192.168.209.134 --ssh-user root--ssh-password --node-name chefnode

knife bootstrap [email protected] -n chefnode

knife bootstrap [email protected] --node-name chefnode

scp -pr [email protected]:/usr/chef/pcdog.pem ~/chef-repo/.chef/

knife bootstrap 192.168.209.134 --ssh-user root --ssh-password redhat --node-name node1

knife bootstrap 192.168.209.134 --ssh-user root --node-name chefnode

knife bootstrap <server_address> -x <server_username> -N <name_for_the_client> -i <ssh_certificate> --sudo

knife bootstrap 192.168.209.134 -x root -N chefnode --sudo

还是有错

看下错误日志

cat /var/chef/cache/chef-stacktrace.out

看不出个所以然

一直都是knife配置问题，只能尝试重新初始化knife

knife configure initial

Unexpected Error:

-----------------

OpenSSL::SSL::SSLError: SSL Error connecting to https://chefserver/organizations/it/nodes/chefnode - SSL_connect returned=1 errno=0 state=error: certificate verify failed

node一直无法注册上server，想想可能安全问题比较大，把chefnode的selinux关闭下尝试下

vi /etc/selinux/config

然后重启

还是老错误

Response: Invalid signature for user or client ‘pcdog‘

去了google的group，发现一个有用的命令，居然可以debug输出

chef-client -l debug

最后还是SSL证书错误

尝试重新生成validation key并且上传

校验证书应该没问题，应该是pem文件问题，

[[email protected] /]# knife node list

ERROR: Failed to authenticate to https://chefserver/organizations/it as chefnode with key /root/.chef/pcdog.pem

Response: Failed to authenticate as ‘chefnode‘. Ensure that your node_name and client key are correct.

可能我用错了企业证书

容我再次回到学习中心进行回炉

https://learn.chef.io/modules/manage-a-node-chef-server/rhel/bring-your-own-system/get-a-node-to-bootstrap#/

再次更新小刀

[[email protected] .chef]# vi knife.rb

node_name ‘chefnode‘

client_key ‘/root/.chef/it-validator.pem‘

validation_client_name ‘it-validator‘

validation_key ‘/etc/chef-server/it-validator.pem‘

chef_server_url ‘https://chefserver/organizations/it‘

syntax_check_cache_path ‘/root/.chef/syntax_check_cache‘

cookbook_path [ ‘/root/chef-repo/cookbooks‘ ]

唯一的可能就是节点名字和key不一致，我没有key，我不是商业用户，拿不到正式license

[[email protected] /]# knife node list

ERROR: Failed to authenticate to https://chefserver/organizations/it as chefnode with key /root/.chef/it-validator.pem

Response: Failed to authenticate as ‘chefnode‘. Ensure that your node_name and client key are correct.

[[email protected] /]#