Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Cloud-init 0.7.6 introduced optional support for the Jinja2 templating engine, but also included templates that required Jinja2, such as the ones used in the "chef" configuration module. Because Jinja2 was not included as a dependency of the cloud-init package, this caused some templates to fail to render correctly. This update includes Jinja2 as a dependency of cloud-init.
Description of problem:
cloud-init does not process the client.rb template for chef.
Version-Release number of selected component (if applicable):
0.7.6-2
How reproducible:
Always
Steps to Reproduce:
Use the current RedHat 7.1 AMI. Pass yml userdata that contains chef configuration data:
-----------------------------
chef:
server_url: "https://chef.us-west-2.company/organizations/myorg"
validation_name: "myorg-validator"
validation_key: |
-----BEGIN RSA PRIVATE KEY-----
KEY STUFF
-----END RSA PRIVATE KEY-----
initial_attributes:
tags:
- "usw2-pipeline-test-b"
------------------------------
With the previous version (0.7.5-6), the proper client.rb file is written out.
With the current version (0.7.6-2), the contents of the raw template is written out. I think this has something to do with the template engine. The current version cannot find the Jinja template library and falls back to the generic template system. From the log file:
2015-04-28 02:37:18,326 - templater.py[WARNING]: Jinja not available as the selected renderer for desired template, reverting to the basic renderer.
Actual results:
{#
This file is only utilized if the module 'cc_chef' is enabled in
cloud-config. Specifically, in order to enable it
you need to add the following to config:
chef:
validation_key: XYZ
validation_cert: XYZ
validation_name: XYZ
server_url: XYZ
-#}
log_level :info
log_location "/var/log/chef/client.log"
ssl_verify_mode :verify_none
validation_client_name "{{validation_name}}"
validation_key "/etc/chef/validation.pem"
client_key "/etc/chef/client.pem"
chef_server_url "{{server_url}}"
environment "{{environment}}"
node_name "{{node_name}}"
json_attribs "/etc/chef/firstboot.json"
file_cache_path "/var/cache/chef"
file_backup_path "/var/backups/chef"
pid_file "/var/run/chef/client.pid"
Chef::Log::Formatter.show_time = true
Expected results:
log_level :info
log_location "/var/log/chef/client.log"
ssl_verify_mode :verify_none
validation_client_name "myorg-validator"
validation_key "/etc/chef/validation.pem"
client_key "/etc/chef/client.pem"
chef_server_url "https://chef.us-west-2.company/organizations/myorg"
environment "_default"
node_name "i-a825bd5e"
json_attribs "/etc/chef/firstboot.json"
file_cache_path "/var/cache/chef"
file_backup_path "/var/backups/chef"
pid_file "/var/run/chef/client.pid"
Chef::Log::Formatter.show_time = true
Additional info:
This is causing new deployments using the standard RHEL7.1 AMI to fail to attach to our chef server. We are using a custom AMI for now which we would rather not do.
Comment 2Lars Kellogg-Stedman
2015-04-29 17:58:21 UTC
I was hoping we could resolve this by simply installing `python-jinja2` via the cloud-config document, but unfortunately the `import jinja2` happens too early so the installed packaged isn't visible until a subsequent run of `cloud-init`.
It looks like `python-jinja2` has fairly minimal dependencies, so I guess we will cut a new version of the cloud-init package with a dependency on `python-jinja2`.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2017:0871
Description of problem: cloud-init does not process the client.rb template for chef. Version-Release number of selected component (if applicable): 0.7.6-2 How reproducible: Always Steps to Reproduce: Use the current RedHat 7.1 AMI. Pass yml userdata that contains chef configuration data: ----------------------------- chef: server_url: "https://chef.us-west-2.company/organizations/myorg" validation_name: "myorg-validator" validation_key: | -----BEGIN RSA PRIVATE KEY----- KEY STUFF -----END RSA PRIVATE KEY----- initial_attributes: tags: - "usw2-pipeline-test-b" ------------------------------ With the previous version (0.7.5-6), the proper client.rb file is written out. With the current version (0.7.6-2), the contents of the raw template is written out. I think this has something to do with the template engine. The current version cannot find the Jinja template library and falls back to the generic template system. From the log file: 2015-04-28 02:37:18,326 - templater.py[WARNING]: Jinja not available as the selected renderer for desired template, reverting to the basic renderer. Actual results: {# This file is only utilized if the module 'cc_chef' is enabled in cloud-config. Specifically, in order to enable it you need to add the following to config: chef: validation_key: XYZ validation_cert: XYZ validation_name: XYZ server_url: XYZ -#} log_level :info log_location "/var/log/chef/client.log" ssl_verify_mode :verify_none validation_client_name "{{validation_name}}" validation_key "/etc/chef/validation.pem" client_key "/etc/chef/client.pem" chef_server_url "{{server_url}}" environment "{{environment}}" node_name "{{node_name}}" json_attribs "/etc/chef/firstboot.json" file_cache_path "/var/cache/chef" file_backup_path "/var/backups/chef" pid_file "/var/run/chef/client.pid" Chef::Log::Formatter.show_time = true Expected results: log_level :info log_location "/var/log/chef/client.log" ssl_verify_mode :verify_none validation_client_name "myorg-validator" validation_key "/etc/chef/validation.pem" client_key "/etc/chef/client.pem" chef_server_url "https://chef.us-west-2.company/organizations/myorg" environment "_default" node_name "i-a825bd5e" json_attribs "/etc/chef/firstboot.json" file_cache_path "/var/cache/chef" file_backup_path "/var/backups/chef" pid_file "/var/run/chef/client.pid" Chef::Log::Formatter.show_time = true Additional info: This is causing new deployments using the standard RHEL7.1 AMI to fail to attach to our chef server. We are using a custom AMI for now which we would rather not do.