So I am beginning the long process of learning puppet... and it seems that I am missing some vital things. My systems are RHEL-4, and i have installed the puppet/facter/puppetmasterd from dlutter@redhat.com''s archive. [root@canopus puppet]# rpm -qa | egrep ''puppet|facter'' | sort facter-1.3.6-1.el4 puppet-0.22.2-1.el4 puppet-server-0.22.2-1.el4 on the client I installed facter/puppet I then tried to follow the "World''s simplest puppet tutorial". On server I created the files: /etc/puppet/manifests/site.pp /etc/puppet/manifests/classes/sudo.pp I started the puppet-master and from the logs looked good On the client, I then did the following: puppetd --server canopus.unm.edu --waitforcert 60 --test info: Creating a new certificate request for uriel.unm.edu info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/uriel.unm.edu.pem warning: peer certificate won''t be verified in this SSL session. notice: No certificates; exiting # On the server, I see a certificate waiting for me.. so I sign it. I try the client again.. and get the following: # puppetd --server canopus.unm.edu --waitforcert 60 --test warning: peer certificate won''t be verified in this SSL session. /usr/sbin/puppetd:349: undefined method `readcert'' for #<Puppet::Network::Client::Master:0xb7c0614c> (NoMethodError) A third time gives a different message: puppetd --server canopus.unm.edu --waitforcert 60 --test notice: Ignoring --listen on onetime run notice: Ignoring cache info: Caching configuration at /var/lib/puppet/localconfig.yaml notice: Starting configuration run notice: Finished configuration run in 0.02 seconds I removed the various files on both server and client that mentioned uriel.unm.edu and tried again.. and saw the same behaviour. Is this expected.. or am I missed the obvious like normal. Thanks -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"
On Mar 22, 2007, at 5:54 PM, Stephen John Smoogen wrote:> I try the client again.. and get the following: > > # puppetd --server canopus.unm.edu --waitforcert 60 --test > warning: peer certificate won''t be verified in this SSL session. > /usr/sbin/puppetd:349: undefined method `readcert'' for > #<Puppet::Network::Client::Master:0xb7c0614c> (NoMethodError)This is a bug that was just pointed out to me by lassizci on #puppet. The issue only crops up when the certificate is retrieved, so you''ll only ever get it during initialization, but it essentially precludes automatic installation of Puppet, so that''s a problem. This and the problems people are having using 0.22.2 to server 0.22.1 clients mean I''m likely to put out a simple update release in the next couple of days. -- Seize opportunity by the beard, for it is bald behind. -- Bulgarian Proverb --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
--On Thursday, March 22, 2007 4:54 PM -0600 Stephen John Smoogen <smooge@gmail.com> wrote:> A third time gives a different message: > > puppetd --server canopus.unm.edu --waitforcert 60 --test > notice: Ignoring --listen on onetime run > notice: Ignoring cache > info: Caching configuration at /var/lib/puppet/localconfig.yaml > notice: Starting configuration run > notice: Finished configuration run in 0.02 secondsThis doesn''t seem like a problem. The listen notice is since this isn''t running in daemon mode. Then you see that it caches the configuration in /var/lib/puppet/localconfig.yaml. It runs and then finishes. Looks good so far! In the node, try putting an: exec { "echo Testing": freshonly => false }
On 3/22/07, Digant C Kasundra <digant@stanford.edu> wrote:> > > --On Thursday, March 22, 2007 4:54 PM -0600 Stephen John Smoogen > <smooge@gmail.com> wrote: > > > A third time gives a different message: > > > > puppetd --server canopus.unm.edu --waitforcert 60 --test > > notice: Ignoring --listen on onetime run > > notice: Ignoring cache > > info: Caching configuration at /var/lib/puppet/localconfig.yaml > > notice: Starting configuration run > > notice: Finished configuration run in 0.02 seconds > > This doesn''t seem like a problem. The listen notice is since this isn''t > running in daemon mode. Then you see that it caches the configuration in > /var/lib/puppet/localconfig.yaml. It runs and then finishes. Looks good > so far! >I have always found that message confusing. I put in a bug, #559, with patch to only print the message if the --onetime and --listen options are used together. - Ian
On Mar 23, 2007, at 12:45 PM, Ian Burrell wrote:> > I have always found that message confusing. I put in a bug, #559, > with patch to only print the message if the --onetime and --listen > options are used together.I can try to fix that, but for the record, I''m pretty sure listen = true is in your configuration if you''re getting that message. -- It is well to remember that the entire universe, with one trifling exception, is composed of others. --John Andrew Holmes --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
--On Friday, March 23, 2007 4:16 PM -0500 Luke Kanies <luke@madstop.com> wrote:> On Mar 23, 2007, at 12:45 PM, Ian Burrell wrote: >> >> I have always found that message confusing. I put in a bug, #559, >> with patch to only print the message if the --onetime and --listen >> options are used together. > > I can try to fix that, but for the record, I''m pretty sure listen > true is in your configuration if you''re getting that message.I''m pretty sure we don''t have listen specified in the puppetd.conf: tada:/afs/ir/users/d/i/digant# cat /etc/puppet/puppetd.conf # $Id: puppetd.conf.erb 1134 2007-03-17 00:46:18Z digant $ [puppetd] # Make sure all log messages are sent to the right directory # This directory must be writable by the puppet user logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl #Enable graphing graph=true # Enable reporting report=true # Enable plugins # pluginsync=true -- disabled until we use plugins # Have to set this last until its fixed # NOTE: This will change in 0.22.2 to use octal mode = 493 rundir=/var/run # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is ''$confdir/classes.txt''. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is ''$confdir/localconfig''. localconfig = $vardir/localconfig tada:/afs/ir/users/d/i/digant# /usr/sbin/pup puppet-backend puppetd tada:/afs/ir/users/d/i/digant# /usr/sbin/puppetd -v -o notice: Ignoring --listen on onetime run [....] Does one of the above options imply the listen directive?
On Mar 23, 2007, at 4:53 PM, Digant C Kasundra wrote:> > > --On Friday, March 23, 2007 4:16 PM -0500 Luke Kanies > <luke@madstop.com> >> >> I can try to fix that, but for the record, I''m pretty sure listen >> true is in your configuration if you''re getting that message. > > I''m pretty sure we don''t have listen specified in the puppetd.conf:Yeah, you''re right; I just applied Ian''s patch to fix this problem. -- I love deadlines. I like the whooshing sound they make as they fly by. --Douglas Adams --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com