Sam Andre
2009-Feb-12 23:41 UTC
[Puppet Users] "Could not find server puppet" - installation/configuration error
Started the discussion in puppet users mailing list based on
recommendation from luke. This discussion is to a follow up regarding
bug#1955 "Could not find server puppet" - installation/configuration
error".
jamtur01''s last recommendation:
Rather than renaming things try the certname option (see
http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference).
But let''s start from scratch - it''s too hard to work out what
you''ve
changed.
1. Create a new puppet.conf on the client - Don''t change any of the
settings.
2. Delete any old client certificates on the client and master.
3. Restart puppetmasterd
4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize --
server hostname.domain --certname hostname.domain
Post the results back.
Are you on IM or IRC?
++++++++++++++++
Below is the results after running
(meteor) root:/opt/csw/bin # ./puppetd --verbose --debug --trace --no-
daemonize --server core4.adcom.uci.edu --certname core4.adcom.uci.edu
debug: Creating default schedules
debug: Failed to load library ''ldap'' for feature
''ldap''
debug: Failed to load library ''shadow'' for feature
''libshadow''
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/state]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/etc/opt/csw/puppet/ssl]: Autorequiring File[/etc/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/certs]: Autorequiring File[/etc/opt/csw/puppet/
ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/lib]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/private]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[puppetd]/
File[/etc/opt/csw/puppet/puppet.conf]: Autorequiring File[/etc/opt/csw/
puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/log]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/public_keys]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/run]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/private_keys]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: Finishing transaction 3282048 with 0 changes
info: Creating a new certificate request for core4.adcom.uci.edu
info: Creating a new SSL key at /etc//opt/csw/puppet/ssl/private_keys/
core4.adcom.uci.edu.pem
debug: Calling puppetca.getcert
warning: peer certificate won''t be verified in this SSL session
notice: Did not receive certificate
debug: Calling puppetca.getcert
warning: Other end went away; restarting connection and retrying
warning: peer certificate won''t be verified in this SSL session
notice: Did not receive certificate
++++++++++++++++
The following are the steps that I took in core4 (puppetmaster
server). (Because I am new to puppet and because I may have left off
some important installation steps, I''ve included the steps below.) To
install puppet in the client server, I performed the same steps below
except for initiating the puppetmasterd and creating site.pp.
(core4) root:/adm/users/andresl # ps -ef|grep puppet
root 17266 17264 0 12:37:53 pts/1 0:00 grep puppet
(core4) root:/adm/users/andresl # svcs -a|grep puppet
disabled Feb_10 svc:/network/puppetd:default
(core4) root:/adm/users/andresl # /usr/bin/rm -r /etc/opt/csw/puppet
(core4) root:/adm/users/andresl # /usr/bin/rm -r /var/opt/csw/puppet
removed puppet entries in /etc/passwd, /etc/group, and /etc/shadow
(core4) root:/adm/users/andresl # yes | /opt/csw/bin/pkgutil CSWpuppet
-r
(core4) root:/adm/users/andresl # pkginfo -l|grep CSW|grep PKGINST
PKGINST: CSWpkgutil
(core4) root:/var/opt/csw # yes | /opt/csw/bin/pkgutil -i CSWpuppet
(core4) root:/var/opt/csw # pkginfo -l|grep CSW|grep PKGINST
PKGINST: CSWaspell
PKGINST: CSWbdb3
PKGINST: CSWbzip2
PKGINST: CSWcommon
PKGINST: CSWexpat
PKGINST: CSWfacter
PKGINST: CSWgcc4corert
PKGINST: CSWgcc4g++rt
PKGINST: CSWgdbm
PKGINST: CSWgfile
PKGINST: CSWggettext
PKGINST: CSWiconv
PKGINST: CSWisaexec
PKGINST: CSWncurses
PKGINST: CSWosslrt
PKGINST: CSWpkgutil
PKGINST: CSWpuppet
PKGINST: CSWreadline
PKGINST: CSWruby
PKGINST: CSWsunmath
PKGINST: CSWzlib
(core4) root:/etc/puppet # mkdir manifests
(core4) root:/etc/puppet # vi manifests/site.pp
file { "/etc/sudoers":
owner => root, group => root, mode => 440
}
(core4) root:/opt/csw/bin # ./puppetmasterd --mkusers -v
(meteor) root:/opt/csw/bin # ./puppetd --verbose --debug --trace --no-
daemonize --server core4.adcom.uci.edu --certname core4.adcom.uci.edu
debug: Creating default schedules
debug: Failed to load library ''ldap'' for feature
''ldap''
debug: Failed to load library ''shadow'' for feature
''libshadow''
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/state]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/etc/opt/csw/puppet/ssl]: Autorequiring File[/etc/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/certs]: Autorequiring File[/etc/opt/csw/puppet/
ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/lib]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/private]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[puppetd]/
File[/etc/opt/csw/puppet/puppet.conf]: Autorequiring File[/etc/opt/csw/
puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/log]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/public_keys]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File
[/var/opt/csw/puppet/run]: Autorequiring File[/var/opt/csw/puppet]
debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/
etc/opt/csw/puppet/ssl/private_keys]: Autorequiring File[/etc/opt/csw/
puppet/ssl]
debug: Finishing transaction 3282048 with 0 changes
info: Creating a new certificate request for core4.adcom.uci.edu
info: Creating a new SSL key at /etc//opt/csw/puppet/ssl/private_keys/
core4.adcom.uci.edu.pem
debug: Calling puppetca.getcert
warning: peer certificate won''t be verified in this SSL session
notice: Did not receive certificate
(core4) root:/opt/csw/bin # facter
domain => YP.adcom.uci.edu
facterversion => 1.5.2
fqdn => core4.YP.adcom.uci.edu
hardwareisa => sparc
hardwaremodel => sun4v
hostname => core4
interfaces => lo0,e1000g0
ipaddress => 128.200.235.71
ipaddress_e1000g0 => 128.200.235.71
kernel => SunOS
kernelrelease => 5.10
kernelversion => 5.10
macaddress => 0:14:4f:2:5c:7e
macaddress_e1000g0 => 0:14:4f:2:5c:7e
netmask_e1000g0 => 255.255.255.224
operatingsystem => Solaris
operatingsystemrelease => 10_u5
ps => ps -ef
puppetversion => 0.24.7
rubysitedir => /opt/csw/lib/ruby/site_ruby/1.8
rubyversion => 1.8.7
sshdsakey => AAAAB3NzaC1kc3MAAACBANmXV6SFPirKW1AbldTqwTJKlCpuV/
MiQA7uIBh7dchIU2v5cEMNSaixc7iGucCzlJvRElFZNlu
+j8VcZc62tfLy5cWGiZIM1IVJRZTx
+cl7yvCC3MYcDd9EMQV60akonSMbFgCacBMRIntYl2VonuuHMzjIoKIMYfYHB8vbaSKjAAAAFQC24hy7Sx5Ze7SVT3p4CBVKVtS0ZQAAAIEAyik4x5B4Kzd5xV5rNhBBm98MlQZu
+Lj6xllNj9rbAMpm7iSUzQTLyCRF4bmWwRrvmOemNiAx8cvNLoa9gx2ZvMTN3L42ly1tuoeU6CeZR/
Y0J+OrydW6bt+TpSSjVkX7S8Vl7xY4a5Ueb860ng75P6cJ7ae3G5+c0EsfOV1RN/
gAAACBAJcwMB/Wk7W3O49LIbT7dawJFTYxzHcwtzf20Yz/cu
+8Nvgu8K1ypGX0E9+OKBSO2Ma0mKO0psydnX9esQ4leYlfStoFugMo9BAiRihdCW
+da5jnTalwUec3ZZmxFuysM2E6zSeYsL8szwneKkP+qTgotYb6AdbcBoNo+y1ytyEb
sshrsakey => AAAAB3NzaC1yc2EAAAABIwAAAIEA6hDmXmctZ5ObFr7ciHKZ+jlC4wWG
+YhOl5fZVbu0XAZang7pcxPH+5zT0fIVXPWPw3DeHW5O
+Z8CpcI8zNpbXSVygE3xpW9uHgn/
Nj03nL7TvQfms945fl4Va8Lk8x76YTfBIwW1HscQ6cbXMiIcmX
+uMh9aaXSOW32Wr5aP3rEuniqueid => 84025c7e
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
James Turnbull
2009-Feb-12 23:51 UTC
[Puppet Users] Re: "Could not find server puppet" - installation/configuration error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sam Andre wrote:> Started the discussion in puppet users mailing list based on > recommendation from luke. This discussion is to a follow up regarding > bug#1955 "Could not find server puppet" - installation/configuration > error". > > jamtur01''s last recommendation: > Rather than renaming things try the certname option (see > http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). > > But let''s start from scratch - it''s too hard to work out what you''ve > changed. > > 1. Create a new puppet.conf on the client - Don''t change any of the > settings. > 2. Delete any old client certificates on the client and master. > 3. Restart puppetmasterd > 4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize -- > server hostname.domain --certname hostname.domain >As I said in the ticket - can you see the certificate signing request? # puppetca --list Thanks James Turnbull - -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/1590594444/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmUthgACgkQ9hTGvAxC30DeWQCgl9fuICeieC0t/cKxqZZ+voDH eZQAoMzo9nVFUoaUO7HLlRygBDB2h6Ov =uGV1 -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
James Turnbull
2009-Feb-13 00:00 UTC
[Puppet Users] Re: "Could not find server puppet" - installation/configuration error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Turnbull wrote:> Sam Andre wrote: > > Started the discussion in puppet users mailing list based on > > recommendation from luke. This discussion is to a follow up regarding > > bug#1955 "Could not find server puppet" - installation/configuration > > error". > > > jamtur01''s last recommendation: > > Rather than renaming things try the certname option (see > > http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). > > > But let''s start from scratch - it''s too hard to work out what you''ve > > changed. > > > 1. Create a new puppet.conf on the client - Don''t change any of the > > settings. > > 2. Delete any old client certificates on the client and master. > > 3. Restart puppetmasterd > > 4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize -- > > server hostname.domain --certname hostname.domain > > > As I said in the ticket - can you see the certificate signing request? > > # puppetca --listFor the benefit of the list the CSR is there ... now we can: # puppetca --sign core4.adcom.uci.edu Then try to connect and I think you''ll find your problem resolved. I recommend re-reading the documentation the steps for new client are: 1. Start puppetd client 2. Certificate request generated and sent to master 3. Sign certificate on master with puppetca 4. Either restart puppetd or use --waitforcert to wait to get signed cert 5. Client is now authorised. Cheers James Turnbull - -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/1590594444/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmUuCgACgkQ9hTGvAxC30AXFwCfcY0D1A7JxEL0qFBIfPWO2WR0 qYQAnj6NEnGM60kCr6eL3OaQTc6TPvjl =ZRS3 -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Possibly Parallel Threads
- Packages build for Solaris ? As CSW packages ?
- problems with puppetd on some of my solaris machines
- puppetrun fails: "Certificates were not trusted"
- error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
- Setting up puppetmaster-passenger on Debian