问题
I am trying to add a push job to the Windows whitelist for the pushy-client. When I do a search with knife it shows the custom job in the whitelist for the Windows node. When I try to run it, the job immediately fails and on the Windows side it says the command is NOT in the whitelist.
I found this issue in GitHub: Windows push service can't load whitelist
I was wondering if anyone has a workaround, suggestion on how to fix it, or knows where in the code this lives that I could monkey-patch.
回答1:
Just confirming I get the same issue after fully testing your scenario, I added a test command to the white list of the push-jobs cookbook itself in the attributes/default.rb file:
default['push_jobs']['whitelist'] = { 'chef-client' => 'chef-client', 'new-command' => 'chef-client' }
and verified that the white list contains those commands when it was written to C:\chef\push-jobs.client.rb on the node I am attempting to run the command on after bootstrapping it with the push-jobs cookbook:
However, when I attempt to execute that command:
knife job start --timeout 600 'new-command' server.fqdn
I get immediate failure as well:
Started. Job ID: db3a99728dbded7abd35ed40d4ec3d5f
Quorum_failed.
command: new-command
created_at: Thu, 19 Nov 2015 23:31:57 GMT
id: db3a99728dbded7abd35ed40d4ec3d5f
nodes:
nacked: server.fqdn
run_timeout: 600
status: quorum_failed
updated_at: Thu, 19 Nov 2015 23:31:57 GMT
I even restarted the Pushy Client Service windows service just to verify it didn't reload that config on service restart.
The only way I have been able to get the windows server to run the jobs I want it to run has been to modify the runlist before each run of the standard chef-client "command":
knife node run_list set server.fqdn 'recipe[cookbook::recipe1]'
knife job start --timeout 600 'chef-client' node.fqdn
knife node run_list set server.fqdn 'recipe[cookbook::recipe2]'
knife job start --timeout 600 'chef-client' node.fqdn
The bug seems to be in the Pushy Client Service windows service itself and there doesn't seem to be any movement on the bug you submitted.
来源:https://stackoverflow.com/questions/33528588/add-custom-chef-push-job-to-windows-whitelist