← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #91955

[Bug 1568940] Re: validation_key in client.rb should be filepath not actual validation key content

  Thread PreviousDate PreviousThread Next 
Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/2645

** Bug watch added: github.com/canonical/cloud-init/issues #2645
   https://github.com/canonical/cloud-init/issues/2645

** Changed in: cloud-init
       Status: Triaged => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1568940

Title:
  validation_key in client.rb should be filepath not actual validation
  key content

Status in cloud-init:
  Expired

Bug description:
  The chef example shows that you need to pass validation key content in
  user data
  (http://cloudinit.readthedocs.org/en/latest/topics/examples.html#install-
  and-run-chef-recipes) which will populate /etc/chef/validation.pem.
  This populates /etc/chef/validation.pem correctly on your vm but
  unfortunately puts this content as the value of validation_key in
  /etc/chef/client.rb. This value should be a file path as per
  documentation: https://docs.chef.io/config_rb_client.html.

  validation_key
  The location of the file that contains the key used when a chef-client is registered with a Chef server. A validation key is signed using the validation_client_name for authentication. Default value: /etc/chef/validation.pem.

  When you try to run chef-client on this node you will get the
  following error:

  Creating a new client identity for poliva-bescloud-
  admin.poliva.dev.altus.bblabs using the validator key.

  ================================================================================
  Chef encountered an error attempting to create the client "poliva-bescloud-admin.poliva.dev.altus.bblabs"
  ================================================================================

  Private Key Not Found:
  ----------------------
  Your private key could not be loaded. If the key file exists, ensure that it is
  readable by chef-client.

  Relevant Config Settings:
  -------------------------
  validation_key "-----BEGIN RSA PRIVATE KEY-----
  <key content>
  -----END RSA PRIVATE KEY-----"

  I have noticed that when running chef-client as daemon though you do
  not hit this problem (not sure why). But in my case I didn't want to
  run in daemon mode.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1568940/+subscriptions

References

  Thread PreviousDate PreviousThread Next