Monday, March 4, 2013

Chef 11 Deployment - Lessons Learned

I had rolled out a few proof-of-concept deployments of Chef server on CentOS and Ubuntu, each complete with their own workstation. I thought I had it down.

I was wrong.

This post will serve as a reference for my future self. Hopefully you, dear reader, have landed here after Googling an error. I hope I can save you some misery. This rollout was Chef Server 11.0.6 on Ubuntu.

Changing The Hostname

I was rolling out my deployment on Amazon AWS and didn't particularly care for the default machine names of an IPv6 address. I changed the hostname of my Chef server before doing anything, figuring it would affect nothing. I was wrong.

As it turns out, your machine's hostname must resolve successfully in order for chef-server-ctl reconfigure to complete successfully. My fix was exactly as described in that Opscode ticket - drop a line in /etc/hosts:

<floating IP> ubuntu-chef-11-server

Onward...

Your Workstation and Creating Your Own knife.rb

The latest docs on setting up your workstation mention knife.rb seven times but the page assumes that you're using Hosted Chef or Private Chef. Not your own Chef server. As such, I consulted some older (but still very useful) docs to create my own knife.rb. The doc says that the API listener sits on port 4000 and the Web Interface on 4040. This is not the case.Both listen on port 80. I lost two hours looking at this error:

[root@chef-11-workstation chef-repo]# knife user list
ERROR: Connection refused connecting to ubuntu-chef-11-server:4000 for /users, retry 1/5
ERROR: Connection refused connecting to ubuntu-chef-11-server:4000 for /users, retry 2/5
ERROR: Connection refused connecting to ubuntu-chef-11-server:4000 for /users, retry 3/5
ERROR: Connection refused connecting to ubuntu-chef-11-server:4000 for /users, retry 4/5
ERROR: Connection refused connecting to ubuntu-chef-11-server:4000 for /users, retry 5/5

This is exacerbated by the default value provided when running knife configure:
Please enter the chef server URL: [http://localhost:4000] 

Makes you think port 4000, right? Wrong. It's port 80.

In Summary

  1. If you must change the hostname, confirm that the new name can be resolved (via /etc/hosts, for example). 
  2. The API listener and the WebUI both listen on port 80.

Posted by at 2 comments:
Subscribe to: Posts (Atom)