Unable to bootstrap Chef on windows

1
votes

I do admit it - I'm a Linux SysAd with zero Windows administration so I thought Chef was gonna make it easier for me. Boy, was I wrong :-)

Here's the thing. I'm trying to bootstrap Chef on Windows 2008r2 machine which has cygwin/ssh installed - so the bootstrap I'm trying is naturally via ssh.

Now, after fixing some knife-windows bugs locally by crazy troubleshooting I came to the point where somehow the powershell script to which the Chef download falls through fails with an unidentifiable error :-)

Here are the details:

knifep bootstrap windows ssh SERVER.AWS.COM -N wintest -x Administrator --environment "dev" --bootstrap-version 11.6.2
...
....
SERVER.AWS.COM C:\cygwin\home\Administrator>cscript /nologo C:\chef\wget.vbs /url:"https://www.opscode.com/chef/download?p=windows&pv=2008r2&m=x86_64&v=11.6.2" /path:"C:\cygwin\tmp\chef-client-latest.msi"
SERVER.AWS.COM C:\chef\wget.vbs(31, 1) (null): The specified module could not be found.
SERVER.AWS.COM
SERVER.AWS.COM Failed download: download completed, but downloaded file not found
SERVER.AWS.COM Warning: Failed to download "https://www.opscode.com/chef/download?p=windows&pv=2008r2&m=x86_64&v=11.6.2" to "C:\cygwin\tmp\chef-client-latest.msi"
SERVER.AWS.COM Warning: Retrying download with PowerShell if available...
SERVER.AWS.COM !powershell_download!
SERVER.AWS.COM Downloaded: "https://www.opscode.com/chef/download?p=windows&pv=2008r2&m=x86_64&v=11.6.2&DownloadContext=PowerShell" "C:\cygwin\tmp\chef-client-latest.msi"
SERVER.AWS.COM Download via PowerShell succeeded.
SERVER.AWS.COM Installing downloaded client package...
SERVER.AWS.COM
SERVER.AWS.COM C:\cygwin\home\Administrator>msiexec /qn /log "C:\cygwin\tmp\chef-client-msi4840.log" /i "C:\cygwin\tmp\chef-client-latest.msi"
SERVER.AWS.COM This installation package could not be opened.  Verify that the package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer package.
Chef-client package failed to install with status code !ERRORLEVEL!.
SERVER.AWS.COM See installation log for additional detail: C:\cygwin\tmp\chef-client-msi4840.log.

Now, I'm like ..cool, let's have a look at the log file to see what went wrong! Here it is :-)

milosgajdos@magnolia ~ $ ssh [email protected]
Last login: Thu May 22 17:02:50 2014 from 82.211.87.195

Administrator@ip-0A3AA70D ~
$ ls -ltr /tmp/
total 32
-rw-r--r--  1 Admin         None  393 May 22 16:49 root.key
-rw-r--r--  1 Admin         None 2606 May 22 16:50 keys.tmp
-rw-r--r--  1 Admin         None  387 May 22 16:50 updatekeys.log
-rwxr-xr-x  1 Administrator None 9813 May 22 16:58 bootstrap-13677-1400777903.bat
-rwxr-xr-x  1 Administrator None    2 May 22 16:59 chef-client-msi4020.log
-rwxr-xr-x  1 Administrator None 9810 May 22 17:02 bootstrap-13718-1400778159.bat
-rwxr-xr-x  1 Administrator None    2 May 22 17:02 chef-client-msi4840.log
drwxrwxrwx+ 1 Admin         None    0 May 22 17:07 sudo

Administrator@ip-0A3AA70D ~
$ cat /tmp/chef-client-msi4840.log
��
Administrator@ip-0A3AA70D ~
$

Errrrr, w000000t ?!

Right, after hours of frustration I decide to do this manually via remote desktop. I install the chef omnibus package and test if chef-client is installed and get RBconfig error:

Administrator@ip-0A3AA70D /cygdrive/c
$ sudo chef-client -v
C:/opscode/chef/embedded/lib/ruby/gems/1.9.1/gems/windows-api-0.4.0/lib/windows/api.rb:4: Use RbConfig instead of obsolete and deprecated Config.
Chef: 11.6.2

After this I give up and try to get the node registered by ignoring the above warning. It does succeed.

Anyone knows why the download bootstrap script says it did succeed when it did NOT and caused the bootstrap to fail completely ? Thanks!

2
windowschef-infra

2 Answers

1
votes

It took me awhile to get over the fear of using WinRM, that configuration looks scary. Seeing this post brings back that fear and I will certainly take a look at transitioning to SSH now that I'm better seasoned with Chef. But I'm going to throw my current bootstrap process on here to discuss. Basically the idea was to automate every step of the way with a single batch file (or GUI) that is used to enter the required information.

Prerequisites: Machine running knife-windows command is on the same private network as the target machine. i.e. Personal workstation for local private network, Cloud server used as a workstation for AWS to communicate over the private network

  1. PsExec to configure WinRM

    psexec.exe \\%IP% -u %USERNAME% -p %PASSWORD% -h -c "winrm_config.bat"

    • "winrm_config.bat"

      winrm quickconfig -q
winrm set winrm/config @{MaxTimeoutms="1800000"}
winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"}
winrm set winrm/config/service @{AllowUnencrypted="true"}
winrm set winrm/config/service/auth @{Basic="true"}

  2. Bootstrap

    knife bootstrap windows winrm %IP% -r 'role[%ROLE%]' -x %USERNAME% -P %PASSWORD% -N %NAME%

  3. Reset WinRM (recipe ran immediately after bootstrap)

    winrm invoke Restore winrm/Config

These are the steps I took and am currently using to maximize security of using WinRM for bootstrapping.

0
votes

I tried using windows remote management instead of using winssh try using winrm .

Configure the window remote management

1.winrm quickconfig -q
2.winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"}
3.winrm set winrm/config @{MaxTimeoutms="1800000"}
4.winrm set winrm/config/service @{AllowUnencrypted="true"}   
5.winrm set winrm/config/service/auth @{Basic="true"}

and then bootstrap:

knife bootstrap windows winrm ec2-xx-xxx-xx.compute-1.amazonaws.com -r 'recipe[cookbook]' -x Administrator -P xxxxxxxx

It might help u .