0
我想在CentOs機器上安裝nginx使用yum食譜作爲依賴。廚師::例外::執行:/斌/ systemctl啓動nginx返回1,預計0
這就是我的nginx /食譜/ default.rb樣子,
#
# Cookbook Name:: nginxl
# Recipe:: default
#
# Copyright 2014, YOUR_COMPANY_NAME
#
# All rights reserved - Do Not Redistribute
#
include_recipe "yum"
case node["platform"] #Create Yum Repository for Nginx
when "redhat"
yum_repository "nginx" do
name 'nginx_repo'
baseurl 'http://nginx.org/packages/rhel/7/$basearch/';
enabled true
gpgcheck false
action :create
end
when "centos"
yum_repository "nginx" do
name 'nginx_repo'
baseurl 'http://nginx.org/packages/centos/7/$basearch/';
enabled true
gpgcheck false
action :create
end
end
package "nginx" do #Install Nginx package
version "1.6.2-1.el7.ngx"
action :install
end
template "nginx.conf" do #Create Nginx Configuration in the specified path
source "nginx.conf.erb"
path "#{node['nginx']['dir']}/nginx.conf"
action :create
mode 0644
end
template "default.conf" do #Create SSL,Proxy,Logs configuration in the specified path
source "default.conf.erb"
path "#{node['nginx']['dir']}/conf.d/default.conf"
action :create
mode 0644
end
directory "#{node['nginx']['ssl_directory']}" do
action :create
end
cookbook_file "nginx.crt" do #Drops the SSL Certificate from Files to the specified path.
path "#{node['nginx']['ssl_directory']}/nginx.crt"
action :create
end
cookbook_file "nginx.key" do #Drops the SSL Key from Files to the specified path.
path "#{node['nginx']['ssl_directory']}/nginx.key"
action :create
end
service "nginx" do
supports :restart => :true
action [:enable, :start]
end
在試圖客戶端服務器上運行 'sudo的廚師客戶端',我得到以下錯誤:
[[email protected] ~]$ sudo chef-client
[2015-01-02T05:49:19+00:00] WARN:
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
SSL validation of HTTPS requests is disabled. HTTPS connections are still
encrypted, but chef is not able to detect forged replies or man in the middle
attacks.
To fix this issue add an entry like this to your configuration file:
```
# Verify all HTTPS connections (recommended)
ssl_verify_mode :verify_peer
# OR, Verify only connections to chef-server
verify_api_cert true
```
To check your SSL configuration, or troubleshoot errors, you can use the
`knife ssl check` command like so:
```
knife ssl check -c /etc/chef/client.rb
```
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Starting Chef Client, version 11.16.4
resolving cookbooks for run list: ["yum", "nginx"]
Synchronizing Cookbooks:
- yum
- nginx
Compiling Cookbooks...
Converging 9 resources
Recipe: yum::default
* yum_globalconfig[/etc/yum.conf] action create
* template[/etc/yum.conf] action create (up to date)
(up to date)
Recipe: nginx::default
* yum_repository[nginx_repo] action create
* template[/etc/yum.repos.d/nginx_repo.repo] action create (up to date)
* execute[yum-makecache-nginx_repo] action nothing (skipped due to action :nothing)
* ruby_block[yum-cache-reload-nginx_repo] action nothing (skipped due to action :nothing)
(up to date)
* package[nginx] action install (up to date)
* template[nginx.conf] action create (up to date)
* template[default.conf] action create (up to date)
* directory[/etc/nginx/ssl] action create (up to date)
* cookbook_file[nginx.crt] action create (up to date)
* cookbook_file[nginx.key] action create (up to date)
* service[nginx] action enable (up to date)
* service[nginx] action start
================================================================================
Error executing action `start` on resource 'service[nginx]'
================================================================================
Chef::Exceptions::Exec
----------------------
/bin/systemctl start nginx returned 1, expected 0
Resource Declaration:
---------------------
# In /var/chef/cache/cookbooks/nginx/recipes/default.rb
67: service 'nginx' do
68: supports :restart => :true
69: action [:enable, :start]
70: end
Compiled Resource:
------------------
# Declared in /var/chef/cache/cookbooks/nginx/recipes/default.rb:67:in `from_file'
service("nginx") do
provider Chef::Provider::Service::Systemd
action [:enable, :start]
supports {:restart=>:true}
retries 0
retry_delay 2
guard_interpreter :default
service_name "nginx"
enabled true
pattern "nginx"
cookbook_name "nginx"
recipe_name "default"
end
Running handlers:
[2015-01-02T05:49:21+00:00] ERROR: Running exception handlers
Running handlers complete
[2015-01-02T05:49:21+00:00] ERROR: Exception handlers complete
[2015-01-02T05:49:21+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
Chef Client failed. 0 resources updated in 2.227299679 seconds
[2015-01-02T05:49:21+00:00] ERROR: service[nginx] (nginx::default line 67) had an error:
Chef::Exceptions::Exec: /bin/systemctl start nginx returned 1, expected 0
[2015-01-02T05:49:21+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
編輯:這只是發生在我在我的nginx.conf下面添加一段代碼目錄lisitng
server {
listen 443;
server_name <%= node['nginx']['server_name'] %>;
location/{
source <%= node['nginx']['source'] %>;
autoindex on;
}
}
nginx日誌說什麼?似乎該服務無法啓動,可能是配置中的錯誤指令,因爲缺少屬性或證書的某些內容(您不是爲證書文件設置所有者和模式,我不確定nginx是否允許這樣做)。 – Tensibai
它運行良好,但是當我將下面的一段代碼添加到nginx.conf文件時,會出現以下問題: 'server { listen 443; server_name <%= node ['nginx'] ['server_name']%>; location/{ source <%= node ['nginx'] ['source']%>; autoindex on; } }' –
編輯你的問題,評論是壞的代碼格式和它的混亂閱讀。是否正確定義了屬性,並且是否將node ['nginx'] ['server_name']'正確解析爲此服務器上的IP?在主廚之後運行得到的配置是否能夠運行您期望的結果,以及nginx錯誤日誌中沒有啓動時的配置?我很確定它會告訴你什麼是錯的。 – Tensibai