0

I'm trying to run 

kitchen converge <node>
kitchen login <node>

to diagnose problem with serverspec tests. When I login to the node I see that there's no client.pem key in /etc/chef, which leads to errors if I try to run chef-client:

Your validation client is not authorized to create the client for this node (HTTP 403).

though earlier it was executed successfully (no idea what changed). Here are the questions I currently have: 1 - Does kitchen create client.pem by default on converged nodes? 2 - Is this key mandatory to run chef-client or there's some config options to disable it? 3 - For hell's sake, how to make all the stuff work again? :)

skwisgaar
  • 880
  • 2
  • 13
  • 31

1 Answers1

0

This generally means you have Test Kitchen configured to use the chef_client provisioner and a real Chef Server. This is generally not recommended in favor of either the Chef Solo or Zero provisioners. Specifically this error usually means the client/node already exist on the server, probably from a previous test run.

coderanger
  • 52,400
  • 4
  • 52
  • 75
  • Thanks @coderanger for the idea but I use `chef_zero` provisioner (it's set in kitchen.yml) and also the same config had been working earlier. – skwisgaar Mar 08 '16 at 12:45
  • And `kitchen list` shows that all nodes are destroyed currently – skwisgaar Mar 08 '16 at 12:46
  • I'm not sure Chef Zero is even capable of generating that error message. Please add your complete kitchen config include local and global files to the question. – coderanger Mar 08 '16 at 17:48