How to generate the pre populated information in metadata.rb in chef?

rajeshkumar created the topic: How to generate the pre populated information in metadata.rb in chef?

How to generate the pre populated information in metadata.rb in chef

You can configure the values in my knife.rb:

cookbookcopyright “Rajesh Kumar”
cookbooklicense “apachev2”
cookbook_email “rajesh@scmgalaxy.com”

Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

Tagged :

Fatal: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully

rajeshkumar created the topic: FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully

FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully

> knife bootstrap uvo1t75faaktzc532w6.vm.cld.sr -x root -P Br356YS0iy --sudo

Doing old-style registration with the validation key at /Users/rajesh.kumar/chef-repo/.chef/scmgalaxy-validator.pem...
Delete your validation key in order to use your user credentials instead

Connecting to uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr
> Existing Chef installation detected
uvo1t75faaktzc532w6.vm.cld.sr Starting first Chef Client run...
uvo1t75faaktzc532w6.vm.cld.sr [2015-08-20T12:01:37-04:00] WARN:
uvo1t75faaktzc532w6.vm.cld.sr * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
uvo1t75faaktzc532w6.vm.cld.sr SSL validation of HTTPS requests is disabled. HTTPS connections are still
uvo1t75faaktzc532w6.vm.cld.sr encrypted, but chef is not able to detect forged replies or man in the middle
uvo1t75faaktzc532w6.vm.cld.sr attacks.
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr To fix this issue add an entry like this to your configuration file:
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr ```
uvo1t75faaktzc532w6.vm.cld.sr # Verify all HTTPS connections (recommended)
uvo1t75faaktzc532w6.vm.cld.sr ssl_verify_mode :verify_peer
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr # OR, Verify only connections to chef-server
uvo1t75faaktzc532w6.vm.cld.sr verify_api_cert true
uvo1t75faaktzc532w6.vm.cld.sr ```
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr To check your SSL configuration, or troubleshoot errors, you can use the
uvo1t75faaktzc532w6.vm.cld.sr `knife ssl check` command like so:
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr ```
uvo1t75faaktzc532w6.vm.cld.sr knife ssl check -c /etc/chef/client.rb
uvo1t75faaktzc532w6.vm.cld.sr ```
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Starting Chef Client, version 11.16.2
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr ================================================================================
uvo1t75faaktzc532w6.vm.cld.sr Chef encountered an error attempting to load the node data for "C2445575914.domain"
uvo1t75faaktzc532w6.vm.cld.sr ================================================================================
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Authentication Error:
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Failed to authenticate to the chef server (http 401).
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Server Response:
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Failed to authenticate as 'C2445575914.domain'. Ensure that your node_name and client key are correct.
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr Relevant Config Settings:
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr chef_server_url " api.opscode.com/organizations/scmgalaxy "
uvo1t75faaktzc532w6.vm.cld.sr node_name "C2445575914.domain"
uvo1t75faaktzc532w6.vm.cld.sr client_key "/etc/chef/client.pem"
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr If these settings are correct, your client_key may be invalid, or
uvo1t75faaktzc532w6.vm.cld.sr you may have a chef user with the same client name as this node.
uvo1t75faaktzc532w6.vm.cld.sr
uvo1t75faaktzc532w6.vm.cld.sr [2015-08-20T12:01:41-04:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
uvo1t75faaktzc532w6.vm.cld.sr Chef Client failed. 0 resources updated in 3.598799916 seconds
uvo1t75faaktzc532w6.vm.cld.sr [2015-08-20T12:01:41-04:00] ERROR: 401 "Unauthorized"
uvo1t75faaktzc532w6.vm.cld.sr [2015-08-20T12:01:41-04:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

rajeshkumar replied the topic: FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited u

I just login to the nodes and deleted all files under /etc/chef/ and rerun the commands and worked like charm.

Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

Tagged :

Configuration management chef tools projects to test your skills?

rajeshkumar created the topic: Configuration management chef tools projects to test your skills?

Project 1 – Write a cookbook which can add your bash script in crontab on your nodes.

Project 2 – Perforce the following workflow of chef configuration management tools?

— create a new cookbook and add a recipe to it
— upload your cookbook to the Chef server
— configure your node’s run list
— run chef-client to trigger the configuration process on your target node

Project 3 – Write a cookbook with external cookbook_files in Chef?

Project 4 – Write a cookbook which can Set Chef Cookbook Dependencies in metadata file and use it?

Project 5 – Write a cookbook add jenkins slave nodes in jenkins master server using Chef cookbook?

Project 6 – Write a cookbook to configure nginx with chef solo on vagrant?

Project 7 – Write a cookbook to Setting up a MySQL database with a user with Vagrant and chef-solo?

Project 8 – Write a cookbook to track changes made to systems via knife in chef?

Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

Tagged :

FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited u

rajeshkumar created the topic: FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited u
FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Error

gitlab-ctl reconfigure
Starting Chef Client, version 11.12.2
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create (up to date)

================================================================================
Recipe Compile Error in /opt/gitlab/embedded/cookbooks/gitlab/recipes/default.rb
================================================================================

RuntimeError
------------
External URL must include a FQDN

Cookbook Trace:
---------------
/opt/gitlab/embedded/cookbooks/gitlab/libraries/gitlab.rb:95:in `parse_external_url'
/opt/gitlab/embedded/cookbooks/gitlab/libraries/gitlab.rb:191:in `generate_config'
/opt/gitlab/embedded/cookbooks/gitlab/recipes/default.rb:34:in `from_file'

Relevant File Content:
----------------------
/opt/gitlab/embedded/cookbooks/gitlab/libraries/gitlab.rb:

88:
89: def parse_external_url
90: return unless external_url
91:
92: uri = URI(external_url.to_s)
93:
94: unless uri.host
95>> raise "External URL must include a FQDN"
96: end
97: Gitlab['user']['git_user_email'] ||= "gitlab@#{uri.host}"
98: Gitlab['gitlab_rails']['gitlab_host'] = uri.host
99: Gitlab['gitlab_rails']['gitlab_email_from'] ||= "gitlab@#{uri.host}"
100:
101: case uri.scheme
102: when "http"
103: Gitlab['gitlab_rails']['gitlab_https'] = false
104: when "https"

Running handlers:
[2014-11-03T12:38:40+05:30] ERROR: Running exception handlers
Running handlers complete

[2014-11-03T12:38:40+05:30] ERROR: Exception handlers complete
[2014-11-03T12:38:40+05:30] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/chef-stacktrace.out
Chef Client failed. 0 resources updated in 3.925307977 seconds
[2014-11-03T12:38:40+05:30] ERROR: External URL must include a FQDN
[2014-11-03T12:38:41+05:30] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

more /etc/gitlab/gitlab.rb
# Check and change the external_url to the address your users will type in their browser
external_url ‘hostname:9999’
unicorn = 9090

Log file

Dumped to
/opt/gitlab/embedded/cookbooks/cache/chef-stacktrace.out

OS
RHEL 6.5
Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

rajeshkumar replied the topic: FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited u
Solved after
hostname.dev.corp.local:9999
Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

rajeshkumar replied the topic: FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited u
I am still not able to access the gitlab url from browsers…with following info….
gitlab-ctl show-config
Starting Chef Client, version 11.12.2
Compiling Cookbooks…
{
“gitlab”: {
“bootstrap”: {

},
“user”: {

},
“redis”: {

},
“gitlab-rails”: {
“secret_token”: “f276844818b47932ab27c670536111f68d4ad8d84e3d02a42a0f8be23e00c78a0094f62efbd08655f3430a9524258f39b82281e10d52c391c2e751f5747d45dc”
},
“gitlab-shell”: {

},
“unicorn”: {
“port”: 9090
},
“sidekiq”: {

},
“nginx”: {

},
“logging”: {

},
“remote-syslog”: {

},
“logrotate”: {

},
“high-availability”: {

},
“postgresql”: {

},
“web-server”: {

}
}
}
Converging 0 resources

Running handlers:
Running handlers complete

Chef Client finished, 0/0 resources updated in 10.57749914 seconds

gitlab-ctl status
run: logrotate: (pid 19510) 136s; run: log: (pid 10239) 4278s
run: nginx: (pid 20043) 2s; run: log: (pid 9765) 4365s
run: postgresql: (pid 19516) 135s; run: log: (pid 9569) 4393s
run: redis: (pid 19524) 135s; run: log: (pid 9432) 4475s
run: sidekiq: (pid 19529) 134s; run: log: (pid 9712) 4371s
run: unicorn: (pid 19534) 134s; run: log: (pid 9664) 4377s

more /etc/gitlab/gitlab.rb
external_url = ‘xysudyd.dev.corp.local:9999’
unicorn = 9090
Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

Tagged :

Logging in Chef Explained

logging-in-chef-explained

Chef Server
All logs generated by the Chef server can be found in /var/log/opscode. Each service enabled on the system also has a sub-directory in which service-specific logs are located, typically found in /var/log/opscode/service_name.

The Chef server has built-in support for easily tailing the logs that are generated. To view all the logs being generated on the Chef server, enter the following command:
> chef-server-ctl tail

To view logs for a specific service:
> chef-server-ctl tail SERVICENAME
where SERVICENAME should be replaced with name of the service for which log files will be viewed. SERVICENAME represents the name of any service that is listed after running the “> chef-server-ctl service-list” subcommand.

Another way to view log files is to use the system utility tail:
> tail -50f /var/log/chef-server/opscode-chef/current
> tail -50f /var/log/opscode/opscode-chef/current

Supervisor Logs
Supervisor logs are created and managed directly by the service supervisor, and are automatically rotated when a the current log file reaches 1,000,000 bytes. 10 log files are kept. The latest supervisor log is always located in /var/log/chef-server/service_name/current and rotated logs have a filename starting with @ followed by a precise tai64n timestamp based on when the file was rotated.

Supervisor logs are available for the following services:

  1. bifrost
  2. bookshelf
  3. nginx
  4. opscode-erchef
  5. opscode-expander
  6. opscode-expander-reindexer
  7. opscode-solr4
  8. postgresql
  9. rabbitmq
  10. redis

nginx

The nginx service creates both supervisor and administrator logs. The administrator logs contain both access and error logs for each virtual host utilized by the Chef server. Each of the following logs require external log rotation.

Logs Description
/var/log/opscode/nginx/access.log The Web UI and API HTTP access logs.
/var/log/opscode/nginx/error.log The Web UI and API HTTP error logs.
/var/log/opscode/nginx/internal-account.access.log The opscode-account internal load-balancer access logs.
/var/log/opscode/nginx/internal-account.error.log The opscode-account internal load-balancer error logs.
/var/log/opscode/nginx/internal-authz.access.log The opscode-authz internal load-balancer access logs.
/var/log/opscode/nginx/internal-authz.error.log The opscode-authz internal load-balancer error logs.
/var/log/opscode/nginx/internal-chef.access.log The opscode-chef and opscode-erchef internal load-balancer access logs.
/var/log/opscode/nginx/internal-chef.error.log The opscode-chef and opscode-erchef internal load-balancer error logs.
/var/log/opscode/nginx/nagios.access.log The nagios access logs.
/var/log/opscode/nginx/nagios.error.log The nagios error logs.
/var/log/opscode/nginx/rewrite-port-80.log The rewrite logs for traffic that uses HTTP instead of HTTPS.

To follow the logs for the service:

 $ chef-server-ctl tail nginx

Chef Client

Client.rb3 file might help you. Default value of log_location is STDOUT. You can give /path/to/log_location in place of this. You can locate this client.rb file in C:\chef\client.rb or /etc/chef/client.rb directories.

Use the verbose logging that is built into the chef-client:
-l LEVEL, –log_level LEVEL
The level of logging to be stored in a log file.
-L LOGLOCATION, –logfile c
The location of the log file. This is recommended when starting any executable as a daemon. Default value: STDOUT.

Knife
Use the verbose logging that is built into knife:
-V, –verbose
Set for more verbose outputs. Use -VV for maximum verbosity.

chef-solo
-l LEVEL, –log_level LEVEL
The level of logging to be stored in a log file.

The Chef file and folder locations are different on Linux and Windows machines. This article explains the purpose of each file and the location.

Summary

Linux Windows
Cookbook location /var/chef/cache/cookbooks  C:\chef\cache\cookbooks
Chef Client run log /var/log/chef.log First run only
C:\chef\chef-client.log
Subsequent Chef client runs
C:\chef\log\client.log
Error log /var/chef/cache/chef-stacktrace.out C:\chef\cache\chef-stacktrace.out
Ohai output /var/chef/cache/failed-run-data.json C:\chef\cache\failed-run-data.json
Recommended location for custom log files /tmp/cheflog.log C:\Logs\Chef\cheflog.log
Chef Client configuration /etc/chef/client.rb C:\chef\client.rb

 

When you test your cookbook in Test Kitchen

The .kitchen.yml file contains the username to execute the Chef cookbook. It is specified under platforms:, transport:, username:

Use that value in place of USER-NAME-FROM-KITCHEN-YML below.

Linux Windows
Cookbook location /tmp/kitchen/cookbooks
/tmp/kitchen/cache/cookbooks
 C:\Users\USER-NAME-FROM-KITCHEN-YML\AppData\Local\Temp\kitchen\cookbooks
Error log /tmp/kitchen/cache/chef-stacktrace.out C:\Users\USER-NAME-FROM-KITCHEN-YML\AppData\Local\Temp\kitchen\cache\chef-stacktrace.out
Ohai output /tmp/kitchen/cache/failed-run-data.json C:\Users\USER-NAME-FROM-KITCHEN-YML\AppData\Local\Temp\kitchen\cache\failed-run-data.json
Data bags /tmp/kitchen/data_bags C:\Users\USER-NAME-FROM-KITCHEN-YML\AppData\Local\Temp\kitchen\data_bags

 
Cookbook location

When the Chef recipes are executed, all cookbooks are stored on the node. You can examine the code to make sure your latest changes are reflected on the machine.

The log of the Chef client run

The output of the Chef cookbook execution is in the chef.log or chef-client.log file

On Windows

The log of the first Chef Client run and subsequent runs are stored in different log files. After the initial Chef Client run, the rest of the log entries are collected in the second file.

Stacktrace

Chef saves information on the hard drive when scripts are executed. If there is a failure, the stack trace of the last error is saved in the chef-stacktrace.out file.

Ohai output

All the information that Ohai collects on the instance, is saved in the failed-run-data.jsonfile, even if there is no error. It is a great resource to get the server specific values.

Reference

https://docs.chef.io/server_logs.html
https://docs.chef.io/debug.html

Tagged : / / / / /

Chef notifies and subscribes explained with examples

chef-notifies-and-subscribes-explained-with-examples

 

Chef notifies and subscribes explained with examples

A notification is a property on a resource that listens to other resources in the resource collection and then takes actions based on the notification type (notifies or subscribes).

 

Timers

A timer specifies the point during the chef-client run at which a notification is run. The following timers are available:
:before
Specifies that the action on a notified resource should be run before processing the resource block in which the notification is located.
:delayed
Default. Specifies that a notification should be queued up, and then executed at the very end of the chef-client run.
:immediate, :immediately
Specifies that a notification should be run immediately, per resource notified.

 

Notifies

A resource may notify another resource to take action when its state changes. Specify a ‘resource[name]’, the :action that resource should take, and then the :timer for that action. A resource may notify more than one resource; use a notifies statement for each resource to be notified.
The syntax for notifies is:
notifies :action, ‘resource[name]’, :timer

 

Example
The following examples show how to use the notifies notification in a recipe.

 

Delay notifications
template ‘/etc/nagios3/configures-nagios.conf’ do
  # other parameters
  notifies :run, ‘execute[test-nagios-config]’, :delayed
end

 

Notify immediately
By default, notifications are :delayed, that is they are queued up as they are triggered, and then executed at the very end of a chef-client run. To run an action immediately, use :immediately:
template ‘/etc/nagios3/configures-nagios.conf’ do
  # other parameters
  notifies :run, ‘execute[test-nagios-config]’, :immediately
end
and then the chef-client would immediately run the following:
execute ‘test-nagios-config’ do
  command ‘nagios3 –verify-config’
  action :nothing
end

 

Subscribes

A resource may listen to another resource, and then take action if the state of the resource being listened to changes. Specify a ‘resource[name]’, the :action to be taken, and then the :timer for that action.
Note that subscribes does not apply the specified action to the resource that it listens to – for example:
file ‘/etc/nginx/ssl/example.crt’ do
   mode ‘0600’
   owner ‘root’
end
service ‘nginx’ do
   subscribes :reload, ‘file[/etc/nginx/ssl/example.crt]’, :immediately
end
In this case the subscribes property reloads the nginx service whenever its certificate file, located under /etc/nginx/ssl/example.crt, is updated. subscribes does not make any changes to the certificate file itself, it merely listens for a change to the file, and executes the :reload action for its resource (in this example nginx) when a change is detected.
The syntax for subscribes is:
subscribes :action, ‘resource[name]’, :timer

 

Examples
The following examples show how to use the subscribes notification in a recipe.
Prevent restart and reconfigure if configuration is broken
Use the :nothing action (common to all resources) to prevent the test from starting automatically, and then use the subscribes notification to run a configuration test when a change to the template is detected:
execute ‘test-nagios-config’ do
  command ‘nagios3 –verify-config’
  action :nothing
  subscribes :run, ‘template[/etc/nagios3/configures-nagios.conf]’, :immediately
end

 

Reference
Example
Tagged : / / / / / / / /