Project

General

Profile

Actions

Bug #15514

closed

Chef client delete on host rebuild

Added by a d^2 over 8 years ago. Updated over 8 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Not sure if this is a bug or feature request.

What is stated in the Foreman > Settings > ForemanChef tab. auto_deletion -- Enable the auto deletion of mapped objects in chef-server through foreman-proxy (currently node and client upon host deletion)

The host's client.pem used to authenticate with the Chef server is lost when the host is rebuilt. If the node exists in Chef and the associated client.pem no longer exists on the host an error occurs. The manual fix is to run "knife client delete host.host.com" on the Chef server or from a Chef workstation. Deleting the client from the Chef server will create a new client cert on the rebuilt host during the chef-client run.

It would be nice to have Foreman delete the client (not the node) on rebuild. This is a more common scenario IMO. Otherwise, when the chef-client runs on the rebuilt host an error occurs.

_
Authorization Error:
--------------------
Your validation client is not authorized to create the client for this node (HTTP 403).

Possible Causes:
----------------
  • There may already be a client named "host.host.com"
  • Your validation client (chef-validator) may have misconfigured authorization permissions.

[2016-06-23T20:19:42+00:00] FATAL: Stacktrace dumped to /var/cache/chef/chef-stacktrace.out
Chef Client failed. 0 resources updated in 3.000204373 seconds_

_


Related issues 1 (0 open1 closed)

Related to Chef - Feature #8966: Rebuild a node should trigger a client deletion on chef-serverClosedMarek Hulán01/15/2015Actions
Actions

Also available in: Atom PDF