Bug #15514
closed
Chef client delete on host rebuild
Description
Not sure if this is a bug or feature request.
What is stated in the Foreman > Settings > ForemanChef tab. auto_deletion -- Enable the auto deletion of mapped objects in chef-server through foreman-proxy (currently node and client upon host deletion)
The host's client.pem used to authenticate with the Chef server is lost when the host is rebuilt. If the node exists in Chef and the associated client.pem no longer exists on the host an error occurs. The manual fix is to run "knife client delete host.host.com" on the Chef server or from a Chef workstation. Deleting the client from the Chef server will create a new client cert on the rebuilt host during the chef-client run.
It would be nice to have Foreman delete the client (not the node) on rebuild. This is a more common scenario IMO. Otherwise, when the chef-client runs on the rebuilt host an error occurs.
_
Authorization Error:
--------------------
Your validation client is not authorized to create the client for this node (HTTP 403).
----------------
- There may already be a client named "host.host.com"
- Your validation client (chef-validator) may have misconfigured authorization permissions.
[2016-06-23T20:19:42+00:00] FATAL: Stacktrace dumped to /var/cache/chef/chef-stacktrace.out
Chef Client failed. 0 resources updated in 3.000204373 seconds_
_
Updated by