Troubleshooting An Initial Run Chef Client

Problem scenario
When you are configuring a server to be a Chef client, you run this command:

/usr/bin/chef-client

But you get this error:

"Chef encountered an error attempting to create the client <hostnameOfChefClientServer>"

Solution

Verify you have a client.pem file in this directory on the server you are running the command on: /etc/chef/

The Chef documentation says this:
"Every request made by the chef-client to the Chef server must be an authenticated request using the Chef server API and a private key. When the chef-client makes a request to the Chef server, the chef-client authenticates each request using a private key located in /etc/chef/client.pem.

"However, during the first chef-client run, this private key does not exist. Instead, the chef-client will attempt to use the private key assigned to the chef-validator, located in /etc/chef/validation.pem. (If, for any reason, the chef-validator is unable to make an authenticated request to the Chef server, the initial chef-client run will fail.)

"During the initial chef-client run, the chef-client will register with the Chef server using the private key assigned to the chef-validator, after which the chef-client will obtain a client.pem private key for all future authentication requests to the Chef server."

Leave a comment

Your email address will not be published. Required fields are marked *