Do there exist step-by-step instructions for generating, signing and installing certs? I assume I generate a key for the client and install the public key on the puppetmasterd server. The install guide doesn''t provide much insight. Also, since I''ve switched from the tarball''d puppet to the puppet gem, I''ve noticed my help has disappeared. For example: 002 $ puppetca --help This file was generated by RubyGems. The application ''puppet'' is installed as part of a gem, and this file is here to facilitate running it. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On 5/7/2008 12:40 PM, Jeff wrote:> Do there exist step-by-step instructions for generating, signing and > installing certs?Step 4 of http://reductivelabs.com/trac/puppet/wiki/SimplestPuppetInstallRecipe indicates that ''puppetd --verbose'' on a client should cause it to send a key request to the puppet server. In my experience, if you puppetmaster''s hostname isn''t ''puppet'', you may have to edit puppet.conf and add its hostname, or else ''puppetd --verbose --server fqdn.of.puppet.master'' would work, too. If that all goes properly, then ''puppetca --list'' on the puppetmaster should show a waiting key from your client, and ''puppetca --sign fqdn.of.puppet.client'' would sign it, allowing future puppet runs to do their thing. -- Mike Renfro / R&D Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On May 7, 2:05 pm, Mike Renfro <ren...@tntech.edu> wrote:> On 5/7/2008 12:40 PM, Jeff wrote: > > > Do there exist step-by-step instructions for generating, signing and > > installing certs? > > Step 4 ofhttp://reductivelabs.com/trac/puppet/wiki/SimplestPuppetInstallRecipe > indicates that ''puppetd --verbose'' on a client should cause it to send a > key request to the puppet server. In my experience, if you > puppetmaster''s hostname isn''t ''puppet'', you may have to edit puppet.conf > and add its hostname, or else ''puppetd --verbose --server > fqdn.of.puppet.master'' would work, too. > > If that all goes properly, then ''puppetca --list'' on the puppetmaster > should show a waiting key from your client, and ''puppetca --sign > fqdn.of.puppet.client'' would sign it, allowing future puppet runs to do > their thing. >Thanks, Mike. I followed that and got the following error: 002 # puppetd --verbose err: /Settings[top]/Settings[main]/File[/var/puppet/run]: Failed to retrieve current state of resource: Could not find user puppet /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/settings.rb: 677:in `use'': Could not configure for running; got 1 failure(s) (RuntimeError) from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/node/ catalog.rb:130:in `apply'' from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/ settings.rb:675:in `use'' from /usr/lib/ruby/1.8/sync.rb:229:in `synchronize'' from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/ settings.rb:655:in `use'' from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/ network/client/master.rb:206:in `initialize'' from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/bin/puppetd: 322:in `new'' from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/bin/puppetd:322 from /usr/bin/puppetd:19:in `load'' from /usr/bin/puppetd:19 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On May 7, 2008, at 3:01 PM, Jeff wrote:> Thanks, Mike. I followed that and got the following error: > > 002 # puppetd --verbose > err: /Settings[top]/Settings[main]/File[/var/puppet/run]: Failed to > retrieve current state of resource: Could not find user puppet > /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/settings.rb: > 677:in `use'': Could not configure for running; got 1 failure(s) > (RuntimeError) > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/node/ > catalog.rb:130:in `apply'' > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/ > settings.rb:675:in `use'' > from /usr/lib/ruby/1.8/sync.rb:229:in `synchronize'' > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/util/ > settings.rb:655:in `use'' > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/lib/puppet/ > network/client/master.rb:206:in `initialize'' > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/bin/puppetd: > 322:in `new'' > from /usr/lib/ruby/gems/1.8/gems/puppet-0.24.4/bin/puppetd:322 > from /usr/bin/puppetd:19:in `load'' > from /usr/bin/puppetd:19This is a bug in 0.24.4, and is only a problem for those who don''t use packages (because the packages tend to also install the user/group). Create a Puppet user and group (try starting with --mkusers), and it should be fixed. -- The people who are regarded as moral luminaries are those who forego ordinary pleasures themselves and find compensation in interfering with the pleasures of others. -- Bertrand Russell --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---