How to fix WARNING: No knife configuration file found
WARNING: No knife configuration file found ERROR: Your private key could not be loaded from /etc/chef/client.pem Check your configuration file and ensure that your private key is readable
If you're seeing that error and you've been moving your
.chef directory around, this is probably why.
In order to interact with the Chef server,
knife needs to have access to configuration file, either
config.rb, and a key file to make authenticated requests. These files are kept in a
.chef directory (inside the
chef-repo by default), but knife will let you move the directory around.
knife will look for the
.chef directory in:
- Inside the current directory
- In your home directory
- In any parent directory from where you executed the command
While this sounds flexible its actually unfortunate since placing it anywhere other than inside
chef-repo can be harmful.
Lets setup an example here. Lets say you have a directory structure like
~/code/otherStuff/chef-repo and you're running the command
knife node list in that directory.
First knife is going to look for the
.chef directory inside your current directory, that is it'll look for
If that exists, it'll check to see if it has the two files it needs, the configuration and the key. If it does, no problem, your command succeeds and you get a list of nodes, just as we'd expect.
If that directory doesn't exist, the next place it will look is inside your home directory, so
~/.chef. If that exists and has your configuration and key you're off to the races.
If it doesn't, then
knife will continue to walk directories up from
~/code/otherStuff/chef-repo looking for a
.chef directory that satisfies these requirements. So it'll look in
~/code/. If it still fails to find a directory that it needs, your command fails.
So far so good.
But what if you have a
.chef directory in your current directory where you're running the command say, the
chef-repo, but maybe you've only kept bootstrap templates or a few other things there, but not your
knife.rb or your
config.rb and not your key.
What happens then?
I'd expect Chef to keep searching parent directories, but as you may have guessed that's not really what happens.
If you have a
.chef directory in your current repo, but your key and config is in a parent directory that's not your home directory, then Chef will simply fail.
In addition to the failure modes remember the point of Chef is to have a reproducible, versionable infrastructure. If you move your
.chef directory around, you're much less likely to be able to achieve this. The
chef-repo directory is intended to be in source control, if you move directories outside of it, its going to be much harder to make sure you're versioning everything.