When running puppetd and it tries to download plugins I get: err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': hostname not match with the server certificate However, the catalog gets downloaded and applied (as best it can, but w/o my plugins some things break). Some background: I''ve run puppet successfully in the past in my lab environment. This is only happening now that I''m trying to push it live. There are some weirdnesses with what I''m doing: 1) I have a CA-only server with multiple puppet masters. 2) The CA server has the hostname "puppet-ca.ny1.example.net", which doesn''t actually exist in DNS, which only has "puppet- ca.ny1.admin.example.net" that is bound to it''s ethernet interface 3) puppet.conf points to the "admin" ca_server and I can successfully negotiate keys using puppetca 4) The puppet master, likewise, has the hostname "puppet0.ny1.example.net", which doesn''t exist, but has an ethernet interface of "puppet0.ny1.admin.example.net" 5) I used puppetca with ''-g --certdnsnames puppet:puppet0:puppet0.ny1.admin.example.net'' and the keys have been transferred to puppet0 6) As mentioned previously, everything except downloading my plugins and custom facts works, but the plugins and custom facts fail with the above message 7) pluginsync is on, and my auth.conf allows "*.example.net" 8) Turning pluginsync off makes everything fail with: ''err: Could not retrieve catalog from remote server: hostname not match with the server certificate'' I''ve tried everything I can think of that doesn''t involve changing the hostname of my clients to be something that maps in DNS and I cannot get this to work. The fact that the hostnames don''t have DNS entries in forward lookups is the only thing that''s different from my lab setup. I''m at my wits end, can anyone help? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Cosimo Streppone
2011-Feb-24 23:17 UTC
Re: [Puppet Users] Unable to sync plugins/custom facts
On Thu, 24 Feb 2011 13:19:31 +1100, Brian Cully <bcully@gmail.com> wrote:> When running puppetd and it tries to download plugins I get: > > err: /File[/var/lib/puppet/lib]: Failed to generate additional > resources using ''eval_generate'': hostname not match with the server > certificateHi there, I had a very similar problem. I''m not sure exactly, as I didn''t write it down at the time, but you could try looking into the following: * Have you upgraded server but not the clients? I had a similar problem when I upgraded my puppetmaster from 0.24.5 to 2.6.2, but the clients were still 0.24.5. * Do you have modules with a ''lib/'' folder which is a symlink? I thought it would be Smart(tm) to have modules with *both* ''plugins/'' and ''lib/facter/'' folders, where ''plugins'' would be a symlink to ''lib/facter/'' (or something along the lines), so the same module could work for puppet 0.24.x and more recent versions too. Puppet didn''t like ''lib'' to be a symlink, at all. This also seems a lot like your problem, although no solution is mentioned: http://www.mail-archive.com/puppet-users@googlegroups.com/msg15939.html -- Cosimo -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.