chef
Issue setting up client: asn1: structure error: tags don't match
When trying to run chef-load i am getting the following error:
/usr/local/bin/chef-load -config chef-load.toml -nodes 6 --interval 1
Issue setting up client: asn1: structure error: tags don't match (2 vs {class:0 tag:16 length:13 isCompound:true}) {optional:false explicit:false application:false defaultValue:
goroutine 1 [running]: main.getAPIClient(0xc420064e01, 0xa, 0xc4200c44c1, 0x15, 0xc4200826e0, 0x4d, 0x0, 0x0, 0x0, 0x0, ...) /Users/snappj/work/go-work/src/github.com/jeremiahsnapp/chef-load/util.go:54 +0x202 main.main() /Users/snappj/work/go-work/src/github.com/jeremiahsnapp/chef-load/main.go:101 +0x825
here is the config:chef-load.toml
For example: chef_server_url = "https://chef.example.com/organizations/demo/"
chef_server_url = "https://ip-10-xxx-xxx-xx.x,x,x,x/organizations/spacewalkprod"
The client defined by client_name needs to be an admin user of the Chef Server org.
client_name = "spediadmin" client_key = "/root/swprodadmin.pem"
For example: data_collector_url = "https://automate.example.org/data-collector/v0/"
data_collector_url = "https://ip-10-xxx-xxx-xx.xx.xx.xx.xx/data-collector/v0/"
The Authorization token for the Automate server.
The following default value is sufficient unless you set your own token in your Automate server.
data_collector_token = "2222"
ohai_json_file = "/path/to/example-ohai.json"
converge_status_json_file = "/path/to/example-converge-status.json"
compliance_status_json_file = "/path/to/example-compliance-status.json"
num_nodes = 30
interval = 30
node_name_prefix = "chef-load"
chef_environment = "_default"
run_list = [ ]
sleep_duration = 0
download_cookbooks = "never"
api_get_requests = [ ]
chef_version = "13.2.20"
chef_server_creates_client_key = false
enable_reporting = false
Is /root/swprodadmin.pem an encrypted key requiring a passphrase? I don't believe chef-load supports keys requiring a passphrase. Can you remove the passphrase from the key file and see if it works?
swprodadmin.pem does not have passphase, and is working with knife and chef-client in the same environment
i was able to build it on my personal Mac Pro. Now as for the EC2 instance ( on which i provided the error ) It must go through a proxy, SO how can build/run chef-load behind a corporate proxy , a proxy which does not allow bintray to be accessible.
when i try with hab: hab pkg install chef/chef-load » Installing chef/chef-load ☁ Determining latest version of chef/chef-load in the 'stable' channel ✗✗✗ ✗✗✗ [403 Forbidden] ✗✗✗
We don't make an rpm for chef-load but you are free to create your own. The chef-load binary is available on the releases page.
I'm pretty sure the chef-load binary isn't currently designed to communicate through a proxy so that functionality would need to be added. This is an open source project so we welcome PRs.
I think the habitat cli is able to communicate through a proxy simply by using the http_proxy and https_proxy environment variables as described in the following link.
https://www.habitat.sh/docs/reference/#environment-variables
If you have other questions related to habitat please direct them to the forums or slack channel that are listed here.
https://www.habitat.sh/community/
I compiled chef-load on a centos host which has no proxy restrictions. copied the chef-load binary to internal chef cluster
chef-load.toml chef_server_url = "https://ip-10-179-137-65.x.x.x.x/organizations/spacewalkprod" client_name = "swprodadmin" client_key = "/root/swprodadmin.pem" data_collector_url = "https://ip-10-179-137-51.x.x.x.x/data-collector/v0/" data_collector_token = "2222" num_nodes = 3 interval = 30 num_actions = 3 chef_environment = "_default"
run:
$chef-load start --config chef-load.toml
INFO[0000] Starting chef-load actions=3 log=/var/log/chef-load/chef-load.log minutes=30 nodes=3
ERRO[0000] Could not create API client error="asn1: structure error: tags don't match (2 vs {class:0 tag:16 length:13 isCompound:true}) {optional:false explicit:false application:false defaultValue:
goroutine 8 [running]: github.com/chef/chef-load/lib.getAPIClient(0xc420016cc0, 0xb, 0xc420018760, 0x15, 0xc4200b2780, 0x4d, 0x0, 0x0, 0x0, 0x0, ...) /home/vagrant/go-work/src/github.com/chef/chef-load/lib/util.go:97 +0x191 github.com/chef/chef-load/lib.ChefClientRun(0xc4200bc6e0, 0xc420017640, 0xb, 0x8b8f01, 0xc42001c180) /home/vagrant/go-work/src/github.com/chef/chef-load/lib/chef_client_run.go:55 +0x291c created by github.com/chef/chef-load/lib.Start /home/vagrant/go-work/src/github.com/chef/chef-load/lib/service.go:150 +0x7e9
if i remove: num_nodes = 3 interval = 30 num_actions = 3 then run it: chef-load start --config chef-load.toml INFO[0000] Starting chef-load actions=0 log=/var/log/chef-load/chef-load.log minutes=30 nodes=0
tail -f /var/log/chef-load/chef-load.log {"headers":{"Content-Type":["application/json"],"X-Data-Collector-Auth":["version=1.0"],"X-Data-Collector-Token":["93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"]},"level":"info","method":"POST","msg":"API Request","name":"item::create","request_time_seconds":0,"status_code":999,"time":"2018-07-02T12:07:59Z","url":""}
The crash report shows ERRO[0000] Could not create API client.
https://github.com/chef/chef-load/blob/master/lib/util.go#L88-L96
The root error message shown is error="asn1: structure error: tags don't match (2 vs {class:0 tag:16 length:13 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} @5".
When I search the web for asn1: structure error: tags don't match I mostly see that the issue is something to do with the format of the private key contents. I understand that you said the private key contents work fine with knife but maybe there's something about how the go-chef/chef library that chef-load uses that doesn't like the format of your private key contents.