How to fix WARNING: No knife configuration file found

WARNING: No knife configuration file found
ERROR: Your private key could not be loaded from /etc/chef/client.pem
Check your configuration file and ensure that your private key is readable

If you're seeing that error and you've been moving your .chef directory around, this is probably why.

In order to interact with the Chef server, knife needs to have access to configuration file, either knife.rb or config.rb, and a key file to make authenticated requests. These files are kept in a .chef directory (inside the chef-repo by default), but knife will let you move the directory around.

knife will look for the .chef directory in:

  1. Inside the current directory
  2. In your home directory
  3. In any parent directory from where you executed the command

While this sounds flexible its actually unfortunate since placing it anywhere other than inside chef-repo can be harmful.

Lets setup an example here. Lets say you have a directory structure like ~/code/otherStuff/chef-repo and you're running the command knife node list in that directory.

First knife is going to look for the .chef directory inside your current directory, that is it'll look for ~/code/otherStuff/chef-repo/.chef.

If that exists, it'll check to see if it has the two files it needs, the configuration and the key. If it does, no problem, your command succeeds and you get a list of nodes, just as we'd expect.

If that directory doesn't exist, the next place it will look is inside your home directory, so ~/.chef. If that exists and has your configuration and key you're off to the races.

If it doesn't, then knife will continue to walk directories up from ~/code/otherStuff/chef-repo looking for a .chef directory that satisfies these requirements. So it'll look in ~/code/otherStuff, then ~/code/. If it still fails to find a directory that it needs, your command fails.

So far so good.

But what if you have a .chef directory in your current directory where you're running the command say, the chef-repo, but maybe you've only kept bootstrap templates or a few other things there, but not your knife.rb or your config.rb and not your key.

What happens then?

I'd expect Chef to keep searching parent directories, but as you may have guessed that's not really what happens.

If you have a .chef directory in your current repo, but your key and config is in a parent directory that's not your home directory, then Chef will simply fail.

In addition to the failure modes remember the point of Chef is to have a reproducible, versionable infrastructure. If you move your .chef directory around, you're much less likely to be able to achieve this. The chef-repo directory is intended to be in source control, if you move directories outside of it, its going to be much harder to make sure you're versioning everything.

Liked what you saw? Get more automation insights delivered straight to your inbox.

indicates required