Knife EC2 Server Create Error: Authentication failed

Sometimes with all of the rush and trying to keep track of a 1000 moving parts you might get stumped by a fairly simple issue. Here are a few things to check if you get hung up with an “Authentication failed for user” error when running a “Knife ec2 server create” command.

Waiting for sshd access to become availabledone
Connecting to 52.5.159.42
Failed to authenticate ec2-user - trying password auth
Enter your password:
ERROR: Net::SSH::AuthenticationFailed: Authentication failed for user ec2-user@52.5.159.42@52.5.159.42

Do you have your .pem file downloaded and installed with the correct permissions on your workstation you are running the command from?

It should be in the EC2-USER’s .ssh dir -> /home/ec2-user/.ssh

Make sure its chmodded 400

Make sure you have the knife.rb file set correctly to reference the .pem file for you…otherwise you will have a lot of typing for your command.

knife[:identity_file] = "/home/ec2-user/.ssh/aws-seth.pem"

Make sure you are using the correct user. Unless you have specifically changed something in your configurations by default you will be connecting as the “ec2-user”. So make sure thats what is trying to connect in your error output.

Hopefully these tips will help you narrow down the issue. You have to think about whats really happening and from where with Chef some sometimes these simple issues can really drive you nuts.

Advertisements

RUNIT and the ruby syntax error

Ive been working on writing my own cookbook to standup a fully ready to run ELK (Elasticsearch,Logstash,Kibana) server on CentOS. In doing this I have run into a few minor issues of compatibility here and there but nothing major. Once thing that I did find that was particularly troublesome was an error when I was trying to knife up a cookbook for “runit”. Its one of the dependancies for the chef-kibana cookbook and it relys on the “yum-epel” cookbook. I was able to knife up the yum-epel cookbook just fine but when I tried the runit cookbook I hot an error that said:

[seth@localhost cookbooks]$ knife cookbook upload runit yum-epel
Uploading runit [1.5.10]
FATAL: Cookbook file test/spec/libraries/provider_runit_service_spec.rb has a ruby syntax error:
FATAL: /home/seth/chef/chef-repo/.chef/../cookbooks/runit/test/spec/libraries/provider_runit_service_spec.rb:62: syntax error, unexpected '}', expecting tASSOC
FATAL: { provider.load_current_resource }.should raise_error
FATAL:                                                                          ^

My first mistake was installing and using RVM for Ruby management from way before I installed Chef. RVM is too big and robust and handles too many things to try and make it play nice and only worry about managing ruby for me. I uninstalled that and went with RBENV. This is the recommended manager of Ruby from Chef anyways. Once I got rbenv setup and installed I installed ruby 1.9.3p545. I tried again with the knife upload and I still got the same thing. I decided that maybe my version of Chef needed to be updated. I was on 11.2. I reinstalled Chef and tried the knife again. No luck. Same error…thanks for playing, try again.

Now I take to Google to see if this is something unique to me or have I found some bug somewhere. I came across this page and even though it was a year old it did help me out some. https://github.com/rcbops/chef-cookbooks/issues/352 The fix came to me when I re-downloaded the runit cookbook from https://github.com/hw-cookbooks/runit instead of using the cookbook I downloaded directly from Chef Community. For some reason the version was off by one iteration.

[seth@localhost cookbooks]$ knife cookbook upload runit
Uploading runit [1.5.11]
Uploaded 1 cookbook.

Success. Theres not really a better explanation as to what really was wrong here but I do feel it had more to do with the ruby installation than anything else. If you come across this and figure something out please feel free to leave a comment below.

ORA-12162

Originally posted from older blog on: Sep 27, 2012

ORA-12162 "TNS:net service name is incorrectly specified" results from improperly setting your ORACLE_SID value.

In Linux, these commands sets ORACLE_HOME and $ORACLE_SID as follows:

ORACLE_HOME=/u01/oracle; export ORACLE_HOME

ORACLE_SID=asdb; export ORACLE_SID

To set these values permanently do this:

As Oracle user…
vi ~/.bash_profile
Add the following at the bottom of the file or append what you have. Paths might need to be altered to match your systm…


PATH=$PATH:$HOME/bin:$ORACLE_HOME:$ORACLE_BIN

export PATH

umask 022
export ORACLE_BASE=/opt/Oracle/app
export ORACLE_BIN=/opt/Oracle/app/product/11.2.0/dbhome_1/bin
export ORACLE_HOME=/opt/Oracle/app/product/11.2.0/dbhome_1/
export ORACLE_UNQNAME=orcl
export ORACLE_SID=orcl

Chef Error while bootstrapping

Ive run into this error a few times while getting my VMs setup and Chef installed on them:

192.168.1.153 Starting Chef Client, version 11.6.0
192.168.1.153 Creating a new client identity for target3 using the validator key.
192.168.1.153 ================================================================================
192.168.1.153 Chef encountered an error attempting to create the client "target3"
192.168.1.153 ================================================================================
192.168.1.153 Authorization Error:
192.168.1.153 Your validation client is not authorized to create the client for this node (HTTP 403).
192.168.1.153 Possible Causes:
192.168.1.153 * There may already be a client named "target3"
192.168.1.153 * Your validation client (sethlearningchef-validator) may have misconfigured authorization permissions.
192.168.1.153 [2013-11-18T14:07:52-05:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
192.168.1.153 Chef Client failed. 0 resources updated
192.168.1.153 [2013-11-18T14:07:52-05:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Im not sure what causes it but here is the fix that works for me:

On management station:

knife client delete NODENAME
knife node delete NODENAME

On affected node:

sudo rm /etc/chef/client.pem
sudo chef-client

Then on your managment server so your bootstrap command again:

sudo knife bootstrap 192.168.1.153 --sudo -p USERNAME -N "NODENAME"

Error with chef-solo installs: block in from_file

I have found that when you run into an error like this, it helps if you use “sudo”. 🙂 the error is slightly misleading. I kept looking at the code on line 22 and could not figure out what was so wrong. After i took a break and came back to this I noticed further down in package.rb this bit of code:

template "#{node['php']['conf_dir']}/php.ini" do
 source "php.ini.erb"
 owner "root"
 group "root"
 mode "0644"
 variables(:directives => node['php']['directives'])
end

That’s when I realized I should be running this as sudo…worked like a charm. Live and learn.

Here’s the original error:

[seth@lab001 chef-repo]$ chef-solo -c solo.rb -j php.json
Starting Chef Client, version 11.6.0
Compiling Cookbooks...
Converging 7 resources
Recipe: php::package
 * package[php] action install
================================================================================
Error executing action `install` on resource 'package[php]'
================================================================================

Chef::Exceptions::Exec
----------------------
 returned 1, expected 0

Resource Declaration:
---------------------
# In /home/seth/chef-repo/cookbooks/php/recipes/package.rb
22: package pkg do
 23: action :install
 24: end
 25: end

Compiled Resource:
------------------
# Declared in /home/seth/chef-repo/cookbooks/php/recipes/package.rb:22:in `block in from_file'
package("php") do
 action [:install]
 retries 0
 retry_delay 2
 package_name "php"
 version "5.3.3-23.el6_4"
 cookbook_name :php
 recipe_name "package"
end

[2013-09-23T13:36:49-04:00] ERROR: Running exception handlers
[2013-09-23T13:36:49-04:00] ERROR: Exception handlers complete
[2013-09-23T13:36:49-04:00] FATAL: Stacktrace dumped to /home/seth/chef-repo/chef-solo/chef-stacktrace.out
Chef Client failed. 0 resources updated
[2013-09-23T13:36:49-04:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Apache2 install with Chef

Ive been working on getting an install of Apache2 up and running using Chef. Everything has worked so far until I run: chef-solo -c solo.rb -j web.json

The error im running into is:

Starting Chef Client, version 11.6.0

Compiling Cookbooks…
[2013-09-17T14:31:57-04:00] WARN: Cloning resource attributes for service[apache2] from prior resource (CHEF-3694)
[2013-09-17T14:31:57-04:00] WARN: Previous service[apache2]: /home/seth/chef-repo/cookbooks/apache2/recipes/default.rb:24:in `from_file’
[2013-09-17T14:31:57-04:00] WARN: Current service[apache2]: /home/seth/chef-repo/cookbooks/apache2/recipes/default.rb:221:in `from_file’
Converging 74 resources
Recipe: apache2::default
* package[apache2] action install
================================================================================
Error executing action `install` on resource ‘package[apache2]’
================================================================================

Chef::Exceptions::Exec
———————-
returned 1, expected 0

Resource Declaration:
———————
# In /home/seth/chef-repo/cookbooks/apache2/recipes/default.rb

20: package “apache2” do
21: package_name node[‘apache’][‘package’]
22: end
23:

 

Compiled Resource:
——————
# Declared in /home/seth/chef-repo/cookbooks/apache2/recipes/default.rb:20:in `from_file’

package(“apache2”) do
action :install
retries 0
retry_delay 2
package_name “httpd”
version “2.2.15-29.el6.centos”
cookbook_name :apache2
recipe_name “default”
end

 

[2013-09-17T14:32:07-04:00] ERROR: Running exception handlers
[2013-09-17T14:32:07-04:00] ERROR: Exception handlers complete
[2013-09-17T14:32:07-04:00] FATAL: Stacktrace dumped to /home/seth/chef-repo/chef-solo/chef-stacktrace.out
Chef Client failed. 0 resources updated
[2013-09-17T14:32:07-04:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

Im not exactly sure whats going on here but im suspecting based on similar issues that there is a problem with me being on Centos and not using Apt. Still digging into this though since I know this should work even if its on Centos.