jblaine
2012-Dec-18 17:52 UTC
[Puppet Users] Failing EC2 agent''s ENC lookup, by hand works fine
Is there some trick to EC2/AWS and the Puppet Dashboard ENC?
/etc/puppet/puppet.conf on master:
[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
autosign = true
node_terminus = exec
external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000
/usr/share/puppet-dashboard/bin/external_node
So we bootstrap a new instance:
master$ sudo RUBYLIB=/etc/puppet/modules/cloud_provisioner/lib puppet
node_aws bootstrap --group=hadoop-nodes --keyname=jblaine
--image=ami-3d4ff254 --type=t1.micro --puppet-version=2.7.20-1puppetlabs1
--login=ubuntu --keyfile=/home/jblaine/.ssh/jblaine-bld.pem
--server=REDACTED --node-group=namenodes --verbose --debug
...
notice: Server i-d23d47ac is now launched
notice: Server i-d23d47ac public dns name:
ec2-REDACTED.compute-1.amazonaws.com
...
notice: Puppet is now installed on: ec2-REDACTED.compute-1.amazonaws.com
...
notice: Contacting http://REDACTED:3000/ to classify
ec2-REDACTED.compute-1.amazonaws.com-7afcb264-5355-70d2-a294-041c25fa7e36
info: List nodes ... Done
info: Register Node ... Done
info: List Groups ... Done
info: List group members ... Done
info: Classify node ... Done
Now on the new node:
ubuntu$ ps -ef | grep puppet | grep -v grep
root 4485 1 12 17:23 ? 00:00:28 /usr/bin/ruby1.8
/usr/bin/puppet agent
ubuntu$ dpkg --list | grep puppet
ii facter 1.6.16-1puppetlabs1 Ruby module
for collecting simple facts about a host operating system
ii puppet 2.7.20-1puppetlabs1 Centralized
configuration management - agent startup and compatibility scripts
ii puppet-common 2.7.20-1puppetlabs1 Centralized
configuration management
ubuntu$ sudo puppet agent --test
info: Retrieving plugin
info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
info: Caching catalog for
ec2-REDACTED.compute-1.amazonaws.com-7afcb264-5355-70d2-a294-041c25fa7e36
info: Applying configuration version ''1355851810''
notice: Finished catalog run in 0.03 seconds
ubuntu$
ubuntu$ grep -E ''(server|certname)'' /etc/puppet/puppet.conf
server = REDACTED
certname =
ec2-REDACTED.compute-1.amazonaws.com-7afcb264-5355-70d2-a294-041c25fa7e36
ubuntu$
Back on the master, we query the ENC by hand fine:
master$ /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000
/usr/share/puppet-dashboard/bin/external_node
ec2-REDACTED.compute-1.amazonaws.com-7afcb264-5355-70d2-a294-041c25fa7e36
---
parameters: {}
classes:
- cdh4-namenode
- java
- cdh4
name:
ec2-REDACTED.compute-1.amazonaws.com-7afcb264-5355-70d2-a294-041c25fa7e36
master$
I then modified the ENC to syslog the requested node''s name and tested
it
to ensure that an ENC hit would cause it to syslog properly:
master$ /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000
/usr/share/puppet-dashboard/bin/external_node foo
---
classes: []
master$ grep foo /var/log/syslog
Dec 18 17:48:10 ip-10-191-115-140
/usr/share/puppet-dashboard/bin/external_node[7359]: Request for foo
master$
Back on the agent node, ''sudo puppet agent --test'' causes
nothing to be
logged on the master from the ENC.
I can see port 8140 and 3000 on the master, from the agent node, just fine.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/Qy4NZxORWmEJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.