I am trying to provision a new server in VMware's vCloud Air service using the new vCAir plug in from Opscode. My Chef server and workstation are both running within the vCloud Air service. After the server is provisioned and boots, it attempts to bootstrap the Chef client from www.opscode.com which it can't resolve because the server doesn't have any name servers defined in its resolv.conf. My knife.rb file has the chef_server_url property set to the IP address of my Chef server, e.g. https://1.2.3.4 and yet the new server continues to try to download the Chef client from opscode.com. I've tried putting a client.rb file in the /etc/chef/ directory with the Chef server URL which seems to fix part of the problem in that the server connects to the Chef server, but then it says that the validation.pem file is missing. I thought I could simply copy the chef-validator.pem file from the /.chef directory to the /etc/chef/ directory and rename it to validation.pem, but that seems to cause it to revert to the earlier behavior where the server tries to bootstrap the Chef client from opscode.com. When bootstrapping a new server, what configuration file does knife use and where should it be?
1 Answers
The knife bootstrap command pulls a template from opscode.com which is then used to configure your node for its very first Chef run. Even if you already have a Chef Client installed, you still need that bootstrap template. By default, it is pulled off of Opscode's website, but you can also provide it as an argument to the bootstrap command using the --template-file flag.
When I've had similar situations in the past, I would manually download the correct template from opscode, and then make it available internally to my network. If my memory serves me correctly, you'll need to pull two templates, the first determines your OS (and is mostly un-needed in your case), and the second is the actual OS specific script used to configure you.
* it is this scrip which provides the validation.pem file you need.
