Error - certificate verify failed
<![CDATA[
[root@ip-172-31-39-159 chef-repo]# knife node list
ERROR: SSL Validation failure connecting to host: 54.229.227.142 - SSL_connect returned=1 errno=0 state=error: certificate verify failed
ERROR: Could not establish a secure connection to the server.
Use `knife ssl check` to troubleshoot your SSL configuration.
If your Chef Server uses a self-signed certificate, you can use
`knife ssl fetch` to make knife trust the server's certificates.
Original Exception: OpenSSL::SSL::SSLError: SSL Error connecting to https://54.229.227.142/organizations/scmgalaxy/nodes - SSL_connect returned=1 errno=0 state=error: certificate verify failed
[root@ip-172-31-39-159 chef-repo]#
]]>
Solution
knife ssl fetch
Error - The SSL certificate of 54.229.227.142 could not be verified
<![CDATA[
[root@ip-172-31-39-159 chef-repo]# knife ssl check
Connecting to host 54.229.227.142:443
ERROR: The SSL certificate of 54.229.227.142 could not be verified
Certificate issuer data: /C=US/O=YouCorp/OU=Operations/CN=54.229.227.142
Configuration Info:
OpenSSL Configuration:
* Version: OpenSSL 1.0.1t 3 May 2016
* Certificate file: /opt/chefdk/embedded/ssl/cert.pem
* Certificate directory: /opt/chefdk/embedded/ssl/certs
Chef SSL Configuration:
* ssl_ca_path: nil
* ssl_ca_file: nil
* trusted_certs_dir: "/root/chef-repo/.chef/trusted_certs"
TO FIX THIS ERROR:
If the server you are connecting to uses a self-signed certificate, you must
configure chef to trust that server's certificate.
By default, the certificate is stored in the following location on the host
where your chef-server runs:
/var/opt/opscode/nginx/ca/SERVER_HOSTNAME.crt
Copy that file to your trusted_certs_dir (currently: /root/chef-repo/.chef/trust ed_certs)
using SSH/SCP or some other secure method, then re-run this command to confirm
that the server's certificate is now trusted.
]]>
Solution
knife ssl fetch
Error - Ran git commit -m "Add generated cookbook content" returned 128
<![CDATA[
PS C:\Users\Administrator\chef-repo> chef generate cookbook cookbooks\learn_chef_iis
Generating cookbook learn_chef_iis
- Ensuring correct cookbook file content
- Committing cookbook files to git
================================================================================
Error executing action `run` on resource 'execute[git-commit-new-files]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
Resource Declaration:
---------------------
# In C:\opscode\chefdk\embedded\lib\ruby\gems\2.3.0\gems\chef-dk-1.1.16\lib\chef-dk\skeletons\code_generator\recipes\coo
kbook.rb
124: execute("git-commit-new-files") do
125: command("git commit -m \"Add generated cookbook content\"")
126: cwd cookbook_dir
127: end
128: end
Compiled Resource:
------------------
# Declared in C:\opscode\chefdk\embedded\lib\ruby\gems\2.3.0\gems\chef-dk-1.1.16\lib\chef-dk\skeletons\code_generator\re
cipes\cookbook.rb:124:in `from_file'
execute("git-commit-new-files") do
action [:run]
retries 0
retry_delay 2
default_guard_interpreter :execute
command "git commit -m \"Add generated cookbook content\""
backup 5
cwd "C:/Users/Administrator/chef-repo/cookbooks/learn_chef_iis"
returns 0
declared_type :execute
cookbook_name :code_generator
recipe_name "cookbook"
end
Platform:
---------
i386-mingw32
ERROR: Chef failed to converge: execute[git-commit-new-files] (code_generator::cookbook line 124) had an error: Mixlib::
ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
Caused by: (Mixlib::ShellOut::ShellCommandFailed) execute[git-commit-new-files] (code_generator::cookbook line 124) had
an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
PS C:\Users\Administrator\chef-repo> chef generate cookbook learn_chef_iis
Generating cookbook learn_chef_iis
- Ensuring correct cookbook file content
- Committing cookbook files to git
================================================================================
Error executing action `run` on resource 'execute[git-commit-new-files]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
Resource Declaration:
---------------------
# In C:\opscode\chefdk\embedded\lib\ruby\gems\2.3.0\gems\chef-dk-1.1.16\lib\chef-dk\skeletons\code_generator\recipes\coo
kbook.rb
124: execute("git-commit-new-files") do
125: command("git commit -m \"Add generated cookbook content\"")
126: cwd cookbook_dir
127: end
128: end
Compiled Resource:
------------------
# Declared in C:\opscode\chefdk\embedded\lib\ruby\gems\2.3.0\gems\chef-dk-1.1.16\lib\chef-dk\skeletons\code_generator\re
cipes\cookbook.rb:124:in `from_file'
execute("git-commit-new-files") do
action [:run]
retries 0
retry_delay 2
default_guard_interpreter :execute
command "git commit -m \"Add generated cookbook content\""
backup 5
cwd "C:/Users/Administrator/chef-repo/learn_chef_iis"
returns 0
declared_type :execute
cookbook_name :code_generator
recipe_name "cookbook"
end
Platform:
---------
i386-mingw32
ERROR: Chef failed to converge: execute[git-commit-new-files] (code_generator::cookbook line 124) had an error: Mixlib::
ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
Caused by: (Mixlib::ShellOut::ShellCommandFailed) execute[git-commit-new-files] (code_generator::cookbook line 124) had
an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git commit -m "Add generated cookbook content" ----
STDOUT:
STDERR: *** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: empty ident name (for <(null)>) not allowed
---- End output of git commit -m "Add generated cookbook content" ----
Ran git commit -m "Add generated cookbook content" returned 128
]]>
Solution
TBD
Error - Chef 12: Fix Untrusted Self Sign Certsd
Solution
http://jtimberman.housepub.org/blog/2014/12/11/chef-12-fix-untrusted-self-sign-certs/
Error - Chef::Exceptions::ValidationFailed: common_name is required
[2015-09-23T16:46:46+00:00] ERROR: Exception handlers complete
Chef Client failed. 1 resources updated in 10.379691033 seconds
[2015-09-23T16:46:46+00:00] FATAL: Stacktrace dumped to /opt/opscode/embedded/cookbooks/cache/chef-stacktrace.out
[2015-09-23T16:46:47+00:00] FATAL: Chef::Exceptions::ValidationFailed: common_name is required
Solution
Make sure you have the hostname in the /etc/hosts, hostname should resolve to an IP address does not matter if it is loopback as well.
Change the hostname, sudo hostname chefserver, here chefserver is the new hostname.
Also change the hostname in the file /etc/sysconfig/network so that the name persists after a restart. Change HOSTNAME=chefserver in the file.
Added the host name sudo echo "127.0.0.1 localhost chefserver" >> /etc/hosts.
Error - pivotal.pem is missing
BOOT007: The secrets file (/etc/opscode/private-chef-secrets.json) is present
but the file /etc/opscode/pivotal.pem is missing.
Ensure that private-chef-secrets.json is copied into /etc/opscode from the
first Chef Server node that you brought online, then run
'chef-server-ctl reconfigure' again.
Solution
Rename /etc/opscode/private-chef-secrets.json to /etc/opscode/private-chef-secrets.json.org and try if the problem still persists then try the next option.
---OR---(if the above solution does not work)---
For /etc/opscode/pivotal.pem is missing error.
Use below command.
cp /opt/opscode/embedded/service/omnibus-ctl/spec/fixtures/pivotal.pem /etc/opscode/
Error - A client error (SignatureDoesNotMatch
A client error (SignatureDoesNotMatch) occurred when calling the DescribeInstances operation: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
Solution
Solution - chmod 600 /etc/chef/client.pem
Error - ensure that your private key is readable
ERROR: Your private key could not be loaded from /etc/chef/client.pem
Check your configuration file and ensure that your private key is readable
Solution
Solution - chmod 600 /etc/chef/client.pem
Error - ensure that your private key is readable
download: s3://hacker-rank-devops-dev/chef-server.crt to ../../etc/chef/trusted_certs/chef-server.crt
ERROR: Your private key could not be loaded from /etc/chef/client.pem
Check your configuration file and ensure that your private key is readable
Starting Chef Client, version 12.9.41
Solution
Solution - Registered Node Environment need to be set using
1. In Chef Server or
2. /etc/chef/client.rb or
3. chef-client --environment ENVIRONMENT_NAME
Check your configuration file and ensure that your private key is readable
Error - Option chef_environment's value does not match regular expression
[2018-05-02T10:01:07+00:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 00 seconds
[2018-05-02T10:01:07+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2018-05-02T10:01:07+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2018-05-02T10:01:07+00:00] ERROR: Option chef_environment's value does not match regular expression /^[\-[:alnum:]_]+$/
[2018-05-02T10:01:07+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
Solution
Solution - Missing AWS Instance Tag
Error - 401 "Unauthorized"
[2018-05-02T10:04:28+00:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 00 seconds
[2018-05-02T10:04:28+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2018-05-02T10:04:28+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2018-05-02T10:04:28+00:00] ERROR: 401 "Unauthorized"
[2018-05-02T10:04:28+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
Solution
Error - Deprecated features used
Deprecated features used!
An attempt was made to change logs from [] to nil by calling logs(nil). In Chef 12, this does a get rather than a set. In Chef 13, this will change to set the value to nil. at 1 location:
- /var/chef/cache/cookbooks/datadog/recipes/process.rb:29:in `block in from_file'
Solution
TBD
Error - Invalid application key
[2018-05-02T13:50:40+00:00] WARN: Could not submit ["env:production", "role:webserver"] tags for ip-10-0-0-180.ec2.internal to Datadog: ["403", {"errors"=>["Invalid application key"]}]
- Chef::Handler::Datadog
Running handlers complete
Solution
TBD
Error - Deprecated features used
Deprecated features used!
An attempt was made to change logs from [] to nil by calling logs(nil). In Chef 12, this does a get rather than a set. In Chef 13, this will change to set the value to nil. at 1 location:
- /var/chef/cache/cookbooks/datadog/recipes/process.rb:29:in `block in from_file'
Solution
TBD
Error - being uploaded and cannot be found on the server
[root@ip-10-0-0-80 server-factory]# knife cookbook upload nodejs 2.4.2
ERROR: Could not find cookbook 2.4.2 in your cookbook path, skipping it
Uploading nodejs [2.4.2]
ERROR: Cookbook nodejs depends on cookbooks which are not currently
ERROR: being uploaded and cannot be found on the server.
ERROR: The missing cookbook(s) are: 'ark' version '>= 0.0.0'
Solution
ANSWER-
knife cookbook upload nodejs --include-dependencies
Solution
TBD
Error - pivotal.pem is missing
BOOT007: The secrets file (/etc/opscode/private-chef-secrets.json) is present
but the file /etc/opscode/pivotal.pem is missing.
Ensure that private-chef-secrets.json is copied into /etc/opscode from the
first Chef Server node that you brought online, then run
'chef-server-ctl reconfigure' again.
Solution
FIX1:
To fix it, I deleted /etc/opscode/private-chef-secrets.json and run again chef-server-ctl reconfigure
FIX2:
cp /opt/opscode/embedded/service/omnibus-ctl/spec/fixtures/pivotal.pem /etc/opscode/
Error - Error executing action `run` on resource 'execute[/opt/opscode/embedded/bin/chpst
Error executing action `run` on resource 'execute[/opt/opscode/embedded/bin/chpst -u opscode -U opscode /opt/opscode/embedded/bin/rabbitmqctl wait /var/opt/opscode/rabbitmq/db/rabbit@localhost.pid]'
Solution
Fix 1
So obviously RabbitMq is running, on port 5672, which can be verified through
> netstat -ltnp
tcp 0 0 127.0.0.1:5672 0.0.0.0:* LISTEN 1111/beam.smp
Fix 2
> /etc/init.d/rabbitmq-server stop
Fix 3:
Check your /etc/hosts file. That is not defined well.
Reference
https://discourse.chef.io/t/chef-server-missing-pivotal-rb-and-pivotal-pem/7756
http://serverfault.com/questions/663310/chef-server-12-reconfigure-fails-with-rabbitmq
https://discourse.chef.io/t/chef-12-server-dead-in-the-water-due-to-rabbitmq-problems-reconfigure-bombs/7435/7
Error - Sample
TBD
Solution
TBD