问题
I am trying to setup a chef client node using knife bootstrap:
knife bootstrap nodename -x user -P passwd --sudo
Getting the following error messages::
Chef encountered an error attempting to create the client "nodename .url.com" Authentication Error - Failed to authenticate to the chef server (http 401). Server Response: Invalid signature for user or client 'chef-validator'*
My config settings looks good, I have tried restarting all the chef-server services and tried configuring the chef-client from the node as
- Installed chef correctly in a new VM
- Removed files in
/etc/chef - Copied over my Chef servers
/etc/chef/chef-validator.pemto my/etc/chef/validator.pem - Ran the
chef-client -l debug -S https://mychefserver.url.com -K /etc/chef/validation.pemStill I am getting[2014-07-03T14:03:25-04:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)*
回答1:
I also had this problem...
If using a Windows workstation, check that the files contained in the unzipped starter kit are "Unblocked" in Windows Explorer.
Also go to our chef node and delete any
client.pemfiles which are contained there.
This can happen if you have already boot strapped a node then you download your starter kit again. The previous client.pem is not removed from the node. You need to manually remove this so that authentication can occur.
回答2:
There is a chance for the client and server time to be out of sync. The drift is always there when you are running either or both of them on AWS. It is always a good practice to have NTP running.
回答3:
It was an issue with the chef-server I had installed or the environment. Created a new chef-server and the was able to bootstrap successfully.
来源:https://stackoverflow.com/questions/24561129/chef-node-configuration-issue-with-knife-bootstrap-cant-authenticate-with-serv